kanidm/rlm_python/Dockerfile

FROM freeradius/freeradius-server:latest
EXPOSE 1812 1813
ARG RADIUS_USER=freerad
ARG TZ=Etc/UTC
ENV TZ=$TZ
# These all need to be on one line else the cache ends up in the layers.
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

RUN apt-get update && apt-get install -y \
    freeradius-utils \
    hostname \
    python3 \
    python3-pip \
    python-is-python3 \
    tzdata \
    iproute2 \
    iputils-ping iputils-tracepath \
    openssl \
    curl && apt-get clean

ADD  rlm_python/mods-available/ /etc/raddb/mods-available/
COPY rlm_python/sites-available/ /etc/raddb/sites-available/

# Set a working directory of /etc/raddb
WORKDIR /etc/raddb

# Enable the python and cache module.
RUN ln -s /etc/raddb/mods-available/python3 /etc/raddb/mods-enabled/python3 && \
    ln -s /etc/raddb/sites-available/check-eap-tls /etc/raddb/sites-enabled/check-eap-tls

# disable auth via methods we don't support!
# RUN rm /etc/raddb/mods-available/sql && \
    # rm /etc/raddb/mods-enabled/{passwd,totp}


# Allows the radiusd user to write to the directory
RUN chown -R $RADIUS_USER. /etc/raddb/ && \
    chmod 775 /etc/raddb/certs && \
    chmod 640 /etc/raddb/clients.conf

RUN mkdir -p /pkg/pykanidm/
COPY pykanidm/ /pkg/pykanidm/

# install the package and its dependencies
RUN python3 -m pip install --no-cache-dir --no-warn-script-location /pkg/pykanidm && \
    rm -rf /pkg/*

COPY rlm_python/radius_entrypoint.py /radius_entrypoint.py

ENV KANIDM_CONFIG_FILE="/data/kanidm"

RUN chmod a+r /etc/raddb/certs/ -R
USER $RADIUS_USER

CMD [ "/usr/bin/python3", "/radius_entrypoint.py" ]
RADIUS container fixes (#1424) 2023-03-07 02:50:45 +01:00			`FROM freeradius/freeradius-server:latest`
17 radius (#123) Majority of radius integration and tooling complete, including docker files. 2019-10-31 01:48:15 +01:00			`EXPOSE 1812 1813`
RADIUS container fixes (#1424) 2023-03-07 02:50:45 +01:00			`ARG RADIUS_USER=freerad`
			`ARG TZ=Etc/UTC`
			`ENV TZ=$TZ`
			`# These all need to be on one line else the cache ends up in the layers.`
			`RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone`

			`RUN apt-get update && apt-get install -y \`
			`freeradius-utils \`
Python module and rewritten RADIUS integration (#826) * added python kanidm module * rewrote RADIUS integration * updated the documentation * updating github actions to run more often * BLEEP BLOOP ASYNCIO IS GR8 * adding config to makefile to run pykanidm tests Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2022-06-20 12:16:55 +02:00			`hostname \`
RADIUS container fixes (#1424) 2023-03-07 02:50:45 +01:00			`python3 \`
			`python3-pip \`
			`python-is-python3 \`
			`tzdata \`
Python module and rewritten RADIUS integration (#826) * added python kanidm module * rewrote RADIUS integration * updated the documentation * updating github actions to run more often * BLEEP BLOOP ASYNCIO IS GR8 * adding config to makefile to run pykanidm tests Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2022-06-20 12:16:55 +02:00			`iproute2 \`
RADIUS container fixes (#1424) 2023-03-07 02:50:45 +01:00			`iputils-ping iputils-tracepath \`
Improve radius to support eap-tls with ca-dir (#957) * Improve radius to support eap-tls with ca-dir, and also mschap 2022-08-01 10:55:44 +02:00			`openssl \`
RADIUS container fixes (#1424) 2023-03-07 02:50:45 +01:00			`curl && apt-get clean`
Python module and rewritten RADIUS integration (#826) * added python kanidm module * rewrote RADIUS integration * updated the documentation * updating github actions to run more often * BLEEP BLOOP ASYNCIO IS GR8 * adding config to makefile to run pykanidm tests Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2022-06-20 12:16:55 +02:00
1399 cleanup cli docs (#1413) * Cleanup cli args * Update book * Update wasm * making the CI happy --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> 2023-03-02 03:47:23 +01:00			`ADD rlm_python/mods-available/ /etc/raddb/mods-available/`
			`COPY rlm_python/sites-available/ /etc/raddb/sites-available/`
Python module and rewritten RADIUS integration (#826) * added python kanidm module * rewrote RADIUS integration * updated the documentation * updating github actions to run more often * BLEEP BLOOP ASYNCIO IS GR8 * adding config to makefile to run pykanidm tests Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2022-06-20 12:16:55 +02:00
			`# Set a working directory of /etc/raddb`
			`WORKDIR /etc/raddb`
17 radius (#123) Majority of radius integration and tooling complete, including docker files. 2019-10-31 01:48:15 +01:00
Attempted to add caching but it failed, improve usage (#162) 2020-01-02 08:54:50 +01:00			`# Enable the python and cache module.`
1355 docker builds (#1384) 2023-02-17 08:02:01 +01:00			`RUN ln -s /etc/raddb/mods-available/python3 /etc/raddb/mods-enabled/python3 && \`
			`ln -s /etc/raddb/sites-available/check-eap-tls /etc/raddb/sites-enabled/check-eap-tls`
17 radius (#123) Majority of radius integration and tooling complete, including docker files. 2019-10-31 01:48:15 +01:00
Python module and rewritten RADIUS integration (#826) * added python kanidm module * rewrote RADIUS integration * updated the documentation * updating github actions to run more often * BLEEP BLOOP ASYNCIO IS GR8 * adding config to makefile to run pykanidm tests Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2022-06-20 12:16:55 +02:00			`# disable auth via methods we don't support!`
RADIUS container fixes (#1424) 2023-03-07 02:50:45 +01:00			`# RUN rm /etc/raddb/mods-available/sql && \`
			`# rm /etc/raddb/mods-enabled/{passwd,totp}`

17 radius (#123) Majority of radius integration and tooling complete, including docker files. 2019-10-31 01:48:15 +01:00
Python module and rewritten RADIUS integration (#826) * added python kanidm module * rewrote RADIUS integration * updated the documentation * updating github actions to run more often * BLEEP BLOOP ASYNCIO IS GR8 * adding config to makefile to run pykanidm tests Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2022-06-20 12:16:55 +02:00			`# Allows the radiusd user to write to the directory`
Fix RADIUS docker image file permissions (#1439) 2023-03-10 00:00:19 +01:00			`RUN chown -R $RADIUS_USER. /etc/raddb/ && \`
1355 docker builds (#1384) 2023-02-17 08:02:01 +01:00			`chmod 775 /etc/raddb/certs && \`
			`chmod 640 /etc/raddb/clients.conf`
17 radius (#123) Majority of radius integration and tooling complete, including docker files. 2019-10-31 01:48:15 +01:00
Python module and rewritten RADIUS integration (#826) * added python kanidm module * rewrote RADIUS integration * updated the documentation * updating github actions to run more often * BLEEP BLOOP ASYNCIO IS GR8 * adding config to makefile to run pykanidm tests Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2022-06-20 12:16:55 +02:00			`RUN mkdir -p /pkg/pykanidm/`
			`COPY pykanidm/ /pkg/pykanidm/`
17 radius (#123) Majority of radius integration and tooling complete, including docker files. 2019-10-31 01:48:15 +01:00
Python module and rewritten RADIUS integration (#826) * added python kanidm module * rewrote RADIUS integration * updated the documentation * updating github actions to run more often * BLEEP BLOOP ASYNCIO IS GR8 * adding config to makefile to run pykanidm tests Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2022-06-20 12:16:55 +02:00			`# install the package and its dependencies`
1355 docker builds (#1384) 2023-02-17 08:02:01 +01:00			`RUN python3 -m pip install --no-cache-dir --no-warn-script-location /pkg/pykanidm && \`
			`rm -rf /pkg/*`

1399 cleanup cli docs (#1413) * Cleanup cli args * Update book * Update wasm * making the CI happy --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> 2023-03-02 03:47:23 +01:00			`COPY rlm_python/radius_entrypoint.py /radius_entrypoint.py`
17 radius (#123) Majority of radius integration and tooling complete, including docker files. 2019-10-31 01:48:15 +01:00
Fix issues with radius (#1084) 2022-10-02 03:28:58 +02:00			`ENV KANIDM_CONFIG_FILE="/data/kanidm"`
Python module and rewritten RADIUS integration (#826) * added python kanidm module * rewrote RADIUS integration * updated the documentation * updating github actions to run more often * BLEEP BLOOP ASYNCIO IS GR8 * adding config to makefile to run pykanidm tests Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2022-06-20 12:16:55 +02:00
RADIUS container fixes (#1424) 2023-03-07 02:50:45 +01:00			`RUN chmod a+r /etc/raddb/certs/ -R`
			`USER $RADIUS_USER`
1355 docker builds (#1384) 2023-02-17 08:02:01 +01:00
Python updoots (#1081) 2022-09-29 02:08:15 +02:00			`CMD [ "/usr/bin/python3", "/radius_entrypoint.py" ]`