1、系统说明
操作系统 | CentOS8 |
FreeRadius 版本 | 3.0.26 |
Daloradius 版本 | 1.3 |
PHP版本 | 7.4 |
MariaDB版本 | 10.5 |
服务器需要连网操作
2、CentOS系统组件安装、设置
2.1 防火墙设置
systemctl stop firewalld
systemctl disable firewalld
2.2 Selinux设置
vim /etc/selinux/config
2.3组件安装
# 安装ifconfig工具
yum install -y net-tools
# 安装命令补全工具
yum install bash-completion -y
# 安装文件管理工具
yum -y install lrzsz
yum install -y tar
3、安装Apache服务器
yum install httpd # 安装Httpd服务
systemctl start httpd # 开启服务
systemctl status httpd # 查看服务运行状态
4、安装PHP
yum install epel-release
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
dnf install -y https://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf module list php
dnf module enable php:remi-7.4 -y
yum install php php-opcache php-devel php-mbstring php-mcrypt php-mysqlnd php-xml php-redis php-curl php-pear php-gd php-imagick php-mysqli php-openssl php-fpm php-zip unzip
# 启动
systemctl start php-fpm
# 开机启动
systemctl enable php-fpm
systemctl status php-fpm
php -v
# 测试PHP,Apache网站跟目录下新建info.php网页
vim /var/www/html/info.php
<?php
phpinfo();
?>
5、安装配置数据库
5.1 安装MariaDB数据库
vim /etc/yum.repos.d/mariadb.repo
[mariadb]
name = mariadb
baseurl=http://mirrors.aliyun.com/mariadb/yum/10.5/centos8-amd64/
gpgkey=https://mirrors.aliyun.com/mariadb/yum/RPM-GPG-KEY-MariaDB
#enabled=1
gpgcheck=1
sudo dnf install mariadb-server
systemctl start mariadb.service #启动服务
systemctl enable mariadb.service #设置开机启动
systemctl status mariadb.service #查看数据库运行状态
mysql_secure_installation
首先是设置密码,会提示先输入密码
Enter current password for root (enter for none): #初次运行直接回车
设置密码
Set root password? [Y/n] # 是否设置root用户密码,输入y并回车或直接回车
New password: # 设置root用户的密码
Re-enter new password: # 再输入一次你设置的密码
# 其他配置
Remove anonymous users? [Y/n] # 是否删除匿名用户,回车
Disallow root login remotely? [Y/n] #是否禁止root远程登录,回车,
Remove test database and access to it? [Y/n] # 是否删除test数据库,回车
Reload privilege tables now? [Y/n] #是否重新加载权限表,回车
5.2 配置MariaDB数据库
mysql -uroot -p # 登录数据库
MariaDB [(none)]> create database radius; # 创建radius数据库
MariaDB [(none)]> grant all on radius.* to radius@localhost identified by 'radius';
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> exit
6、安装配置FreeRadius
6.1安装FreeRadius
yum install openssl openssl-devel libtalloc-devel libtalloc* -y
yum install openldap-devel python3-devel mysql-devel -y
# 拷贝freeradius-server-release_3_0_26.tar.gz 到/home目录下并解压
tar -zxvf freeradius-server-release_3_0_26.tar.gz
cd /home/freeradius-server-release_3_0_26
./configure --with-mysql-dir=/var/lib/mysql--with-mysql-lib-dir=/usr/lib/mysql
make && make certs && make install
# 创建服务
groupadd radiusd
useradd -g radiusd radiusd -s /sbin/nologin
vim /usr/lib/systemd/system/radiusd.service
[Unit]
Description=FreeRADIUS high performance RADIUS server.
After=syslog.target network.target ipa.service dirsrv.target krb5kdc.service
[Service]
Type=forking
PIDFile=/usr/local/var/run/radiusd/radiusd.pid
ExecStartPre=-/bin/chown -R radiusd.radiusd /usr/local/var/run/radiusd
ExecStartPre=/usr/local/sbin/radiusd -C
ExecStart=/usr/local/sbin/radiusd -d /usr/local/etc/raddb
ExecReload=/usr/local/sbin/radiusd -C
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
# 设置开机启动
systemctl enable radiusd
# 开启服务
systemctl start radiusd
# 查看服务运行状态
systemctl status radiusd
6.2 配置FreeRadius连接MariaDB数据库
mysql -uroot -p radius < /usr/local/etc/raddb/mods-config/sql/main/mysql/schema.sql
# 修改FreeRadius配置文件
vim /usr/local/etc/raddb/mods-available/sql
vim /usr/local/etc/raddb/clients.conf
# 增加如下部分
client all_client {
ipaddr = 0.0.0.0/0
secret = testing123
require_message_authenticator = no
}
cd /usr/local/etc/raddb/mods-enabled/
ln -s ../mods-available/sql
# 重启radiusd服务
systemctl restart radiusd
7、安装DaloRadius
7.1 下载DaloRadius源代码并解压后将文件夹移动到Apache Web服务器工作目录
# 拷贝daloradius-1.3.zip 到 home目录下
# 解压daloradius-1.3.zip
unzip daloradius-1.3.zip
mv daloradius-1.3 /var/www/html/daloradius
7.2 设置DaloRadius的目录权限
chown -R apache:apache /var/www/html/daloradius
cp /var/www/html/daloradius/library/daloradius.conf.php.sample /var/www/html/daloradius/library/daloradius.conf.php
chmod -R 664 /var/www/html/daloradius/library/daloradius.conf.php
7.3 在MariaDB数据库中创建DaloRadius对象
mysql -u root -p radius < /var/www/html/daloradius/contrib/db/fr2-mysql-daloradius-and-freeradius.sql
mysql -u root -p radius < /var/www/html/daloradius/contrib/db/mysql-daloradius.sql
7.4 配置DaloRadius
vim /var/www/html/daloradius/library/daloradius.conf.php
# 修改内容如下
# 此点很重要,没执行登录会提示500错误
pear install DB MDB2
# 重启apache服务
systemctl restart httpd
浏览器输入http://IP/daloradius/login.php
用户名administrator 密码 radius