70 lines
2.0 KiB
Markdown
70 lines
2.0 KiB
Markdown
### Device Manager
|
|
|
|
Device Manager is a device registration and access management portal for laboratory, research, and institutional networks. It enables users to register and manage devices, supports RADIUS-based authentication workflows, and facilitates secure network access through WPA3-Enterprise authorization policies and credential management.
|
|
|
|
### FreeRADIUS module
|
|
|
|
Device Manager includes an `rlm_python` bridge at `device_manager.freeradius`. FreeRADIUS stays responsible for EAP/password authentication; this module evaluates registered device identity, records the RADIUS request, creates an auditable access decision, and returns VLAN or reply attributes for allow, quarantine, or reject outcomes.
|
|
|
|
Set these environment variables for the FreeRADIUS service:
|
|
|
|
```bash
|
|
DEVICE_MANAGER_BENCH_PATH=/home/frappe/frappe-bench
|
|
DEVICE_MANAGER_SITE=your-site-name
|
|
```
|
|
|
|
Example `mods-available/python3` module stanza:
|
|
|
|
```text
|
|
python3 device_manager {
|
|
module = device_manager.freeradius
|
|
instantiate = ${.module}
|
|
authorize = ${.module}
|
|
post_auth = ${.module}
|
|
}
|
|
```
|
|
|
|
Then call the module from the relevant virtual server:
|
|
|
|
```text
|
|
authorize {
|
|
device_manager
|
|
}
|
|
|
|
post-auth {
|
|
device_manager
|
|
}
|
|
```
|
|
|
|
The module reads common request attributes such as `Calling-Station-Id`, `User-Name`, `NAS-Identifier`, `NAS-IP-Address`, and SSID attributes, then writes `DM Radius Auth Event`, `DM Access Decision`, and `DM Device Audit Event` records.
|
|
|
|
### Installation
|
|
|
|
You can install this app using the [bench](https://github.com/frappe/bench) CLI:
|
|
|
|
```bash
|
|
cd $PATH_TO_YOUR_BENCH
|
|
bench get-app $URL_OF_THIS_REPO --branch version-16
|
|
bench install-app device_manager
|
|
```
|
|
|
|
### Contributing
|
|
|
|
This app uses `pre-commit` for code formatting and linting. Please [install pre-commit](https://pre-commit.com/#installation) and enable it for this repository:
|
|
|
|
```bash
|
|
cd apps/device_manager
|
|
pre-commit install
|
|
```
|
|
|
|
Pre-commit is configured to use the following tools for checking and formatting your code:
|
|
|
|
- ruff
|
|
- eslint
|
|
- prettier
|
|
- pyupgrade
|
|
|
|
### License
|
|
|
|
apache-2.0
|