freeRADIUS-alpine
FreeRADIUS 3 built on alpine with MySQL 8
In this example i called mysql.acme.com
the MySQL Container and certificates are signed with the CA.
Before deployment (IMPORTANT)
- As of now, the
.env
file contains the passwords and configuration for freeRADIUS and SQL, remember to generate new ones. - Generate/import your own CA certificate and client certificates.
Note, this is a template, do not use as-is but generate your own crypto material.
Security
- FreeRADIUS will connect to MySQL through encrypted TLS connections.
- MySQL is configured to accept only TLS 1.2 encrypted connections. A
radius
user is allowed to view the radius database - FreeRADIUS will allow EAP-TTLS for outside clients
Everything travel encrypted.
Work in progress
TODO
- add config option to setup MSCHAP towards AD
- add certificates generation script + tutorial