Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add EAP support #1

Open
AndreaCuneo opened this issue Dec 14, 2020 · 2 comments
Open

Add EAP support #1

AndreaCuneo opened this issue Dec 14, 2020 · 2 comments

Comments

@AndreaCuneo
Copy link
Contributor

Extend the base image to support EAP-TTLS/PAP using external volumes for certificates.
@STommydx
Copy link

Here's what I do to extend the docker image to support EAP-TTLS/PAP for my company. I use this Dockerfile to install the freeradius eap module and generate certificates (you may mount certificates with volumes alternatively).

FROM ghcr.io/arklab/freeradius-azuread:latest
RUN apk add openssl make freeradius-eap
RUN cd /etc/raddb/certs && make

Then I re-enable the eap module in authorize section of inner-tunnel.

-eap {

Remove - in line 131.

@AndreaCuneo
Copy link
Contributor Author

Thanks for sharing, that's indeed how you can build a custom image to support this scenario.

I'd like to extend this image to optionally enforce the EAP-TTLS using an ENV variable.
When ENFORCE_EAPTTLS=1 mangle the configuration to enforce taking certs from an external volume.

Would you find an use in that?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@STommydx @AndreaCuneo