Files
device_manager/radius_client/install.sh
T

97 lines
2.7 KiB
Bash
Executable File

#!/bin/bash
# Deploy Device Manager RADIUS client to FreeRADIUS server
set -e
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
RADIUS_PYTHON_DIR="${RADIUS_PYTHON_DIR:-/etc/freeradius/3.0/mods-config/python3}"
SYSTEMD_OVERRIDE_DIR="/etc/systemd/system/freeradius.service.d"
echo "Device Manager RADIUS Client Installation"
echo "=========================================="
echo
# Check if running as root
if [ "$EUID" -ne 0 ]; then
echo "Error: This script must be run as root (use sudo)"
exit 1
fi
# Check if FreeRADIUS is installed
if ! command -v freeradius &> /dev/null; then
echo "Error: FreeRADIUS is not installed"
exit 1
fi
echo "1. Copying device_manager_radius.py to $RADIUS_PYTHON_DIR..."
mkdir -p "$RADIUS_PYTHON_DIR"
cp "$SCRIPT_DIR/device_manager_radius.py" "$RADIUS_PYTHON_DIR/"
chmod 644 "$RADIUS_PYTHON_DIR/device_manager_radius.py"
echo " ✓ Module copied"
echo
echo "2. Setting up environment configuration..."
if [ ! -d "$SYSTEMD_OVERRIDE_DIR" ]; then
mkdir -p "$SYSTEMD_OVERRIDE_DIR"
fi
# Prompt for configuration
read -p "Enter Frappe server URL (e.g., https://device-manager.example.edu): " FRAPPE_URL
read -p "Enter API Key: " API_KEY
read -sp "Enter API Secret: " API_SECRET
echo
# Create systemd override
cat > "$SYSTEMD_OVERRIDE_DIR/device-manager.conf" << EOF
[Service]
Environment="DEVICE_MANAGER_FRAPPE_URL=$FRAPPE_URL"
Environment="DEVICE_MANAGER_API_KEY=$API_KEY"
Environment="DEVICE_MANAGER_API_SECRET=$API_SECRET"
Environment="DEVICE_MANAGER_CACHE_PATH=/var/lib/freeradius/device_manager_verifier_cache.sqlite3"
Environment="DEVICE_MANAGER_HTTP_TIMEOUT=2.5"
EOF
chmod 600 "$SYSTEMD_OVERRIDE_DIR/device-manager.conf"
echo " ✓ Environment configured"
echo
echo "3. Creating cache directory..."
mkdir -p /var/lib/freeradius
chown freerad:freerad /var/lib/freeradius
chmod 750 /var/lib/freeradius
echo " ✓ Cache directory created"
echo
echo "4. Reloading systemd configuration..."
systemctl daemon-reload
echo " ✓ Systemd reloaded"
echo
echo "Installation complete!"
echo
echo "Next steps:"
echo "1. Configure FreeRADIUS module in /etc/freeradius/3.0/mods-available/python3:"
echo
cat << 'EOF'
python3 device_manager_radius {
module = device_manager_radius
instantiate = ${.module}
authorize = ${.module}
post_auth = ${.module}
}
EOF
echo
echo "2. Enable the module:"
echo " ln -s ../mods-available/python3 /etc/freeradius/3.0/mods-enabled/python3"
echo
echo "3. Add to your virtual server authorize section:"
echo " device_manager_radius"
echo
echo "4. Add to your virtual server post-auth section:"
echo " device_manager_radius"
echo
echo "5. Test configuration:"
echo " freeradius -X"
echo
echo "6. Restart FreeRADIUS:"
echo " systemctl restart freeradius"