Deploying GreenRADIUS on Ubuntu 20

Prerequisites

  • An Ubuntu 20 server versioned 20.04 or greater
  • Ensure the network interface is configured with a static IP, netmask, gateway, and DNS
  • The update package for GreenRADIUS 5.1.6.6 or later

Steps

  1. Log in as a user with sudo access.
  2. Run sudo apt-get update
  3. Run sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common
  4. Run curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
  5. Run sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
  6. Run sudo apt-get install docker-ce docker-ce-cli containerd.io
  7. Run sudo curl -L "https://github.com/docker/compose/releases/download/1.28.2/docker-compose-Linux-x86_64" -o /usr/local/bin/docker-compose
  8. Run sudo chmod +x /usr/local/bin/docker-compose
  9. Run sudo apt-get install unzip incron net-tools
  10. Run sudo adduser gradmin
  11. Run sudo adduser gradmin sudo
  12. Run sudo chmod -R 750 /home/gradmin
  13. Run sudo chown -R gradmin:gradmin /home/gradmin
  14. Reboot and log in as the gradmin user.
  15. Run sudo su
  16. Run mkdir ~/temp
  17. Run cd ~/temp
  18. Copy the GreenRADIUS update package to the /home/gradmin/temp directory of the Ubuntu instance.
  19. For the following commands, replace xxxx with the version number of the GreenRADIUS updte package:
  20. Run sudo unzip GreenRADIUS_xxxx_Update.zip
  21. Run sudo tar -xvzf GreenRADIUS_xxxx_Update/images.tgz -C .
  22. Run sudo tar -xvzf GreenRADIUS_xxxx_Update/others.tgz -C .
  23. Run sudo mkdir -p /opt/grs/scripts
  24. Run sudo cp others/vm_incron_scripts/* /opt/grs/scripts/
  25. Run cd /opt/grs/scripts && sudo chown root:root *.sh && sudo chmod 511 freeradius_restart.sh get_host_info.sh incron_script.sh openldap_cmd_template_3.sh openldap_restart.sh openldap_update_ca_certificates.sh rsyslog_restart.sh && cd -
  26. Run sudo bash -c "echo 'gradmin ALL=(root) NOPASSWD:/opt/grs/scripts/get_host_info.sh , /opt/grs/scripts/incron_script.sh , /opt/grs/scripts/rsyslog_restart.sh , /opt/grs/scripts/freeradius_restart.sh , /opt/grs/scripts/openldap_restart.sh , /opt/grs/scripts/openldap_update_ca_certificates.sh , /opt/grs/scripts/openldap_cmd_template_3.sh' > /etc/sudoers.d/grs"
  27. Run sudo mkdir -p /opt/grs/host-comm/request
  28. Run sudo mkdir -p /opt/grs/host-comm/response
  29. Run sudo chown -R gradmin:gradmin /opt/grs/host-comm
  30. Run sudo bash -c "echo 'gradmin' > /etc/incron.allow"
  31. Run sudo bash -c "echo '/opt/grs/host-comm/request IN_CLOSE_WRITE sudo /opt/grs/scripts/incron_script.sh \$#' > /var/spool/incron/gradmin"
  32. Run sudo service incron restart
  33. Run sudo docker load -i images/greenradius_xxxx_init_image
  34. Run sudo docker load -i images/greenradius_xxxx_main_image
  35. Run sudo docker load -i images/greenradius_xxxx_openldap_image
  36. Run sudo docker load -i images/greenradius_xxxx_postgres_image
  37. Run sudo docker load -i images/greenradius_xxxx_rsyslog_image
  38. Run sudo docker load -i images/greenradius_xxxx_freeradius_image
  39. Run sudo docker load -i images/greenradius_xxxx_grs_auth_app_image
  40. Run sudo mkdir -p /home/gradmin/grs-docker-compose
  41. Run sudo cp others/docker-compose.yml /home/gradmin/grs-docker-compose/
  42. Run cd /home/gradmin/grs-docker-compose
  43. Run sudo docker-compose up -d
  44. Once the previous step completes, the web administration console should be visible if you navigate to the server's IP address or hostname in your browser. Keep in mind that GreenRADIUS does not serve HTTP for security reasons; if you are getting Connection Refused errors, make sure the scheme is set to HTTPS.
  45. Run sudo touch /etc/systemd/system/grs-docker-compose-app.service
  46. Edit the file and insert the following:
[Unit]
Description=Docker Compose Application Service
Requires=docker.service
After=docker.service

[Service]
Type=oneshot
RemainAfterExit=yes
WorkingDirectory=/home/gradmin/grs-docker-compose
ExecStart=/usr/local/bin/docker-compose up -d
ExecStop=/usr/local/bin/docker-compose down
TimeoutStartSec=0

[Install]
WantedBy=multi-user.target
  1. Run sudo systemctl enable grs-docker-compose-app
  2. Run sudo systemctl start grs-docker-compose-app.service
  3. Run sudo rm -rf /home/gradmin/temp/*

The installation is now complete.

For installing subsequent GreenRADIUS updates:

In the following steps, replace xxxx with the version number of the new update.

  1. Copy the GreenRADIUS update package to the /home/gradmin/temp directory.
  2. Log in as gradmin.
  3. Run sudo apt-get update
  4. Run sudo apt-get upgrade
  5. Run cd ~/temp
  6. Run sudo unzip GreenRADIUS_xxxx_Update.zip
  7. Run sudo tar -xvzf GreenRADIUS_xxxx_Update/images.tgz -C .
  8. Run sudo tar -xvzf GreenRADIUS_xxxx_Update/others.tgz -C .
  9. Run sudo docker load -i images/greenradius_xxxx_init_image
  10. Run sudo docker load -i images/greenradius_xxxx_main_image
  11. Run sudo docker load -i images/greenradius_xxxx_openldap_image
  12. Run sudo docker load -i images/greenradius_xxxx_postgres_image
  13. Run sudo docker load -i images/greenradius_xxxx_rsyslog_image
  14. Run sudo docker load -i images/greenradius_xxxx_freeradius_image
  15. Run sudo docker load -i images/greenradius_xxxx_grs_auth_app_image
  16. Run cd /home/gradmin/grs-docker-compose
  17. Run sudo docker-compose down
  18. Run sudo cp /home/gradmin/temp/others/docker-compose.yml .
  19. Run sudo docker-compose up -d

To start or stop the containers:

Before starting or stopping the containers, make sure you are in the grs-docker-compose directory with cd /home/gradmin/grs-docker-compose.

Start the containers

sudo docker-compose up -d

Stop the containers

sudo docker-compose down

Updated 2024-03-29
© 2024 Green Rocket Security Inc. All rights reserved.