Update README.md

README.md

@@ -1 +1,120 @@
-# eduroam-freeradius
+# eduroam-freeradius
+
+### Commands for installing FreeRadius on CentOS 8:
+
+## Install FreeRadius
+sudo dnf install -y @freeradius freeradius-utils freeradius-mysql
+
+## Enable and start radiusd service:
+sudo systemctl enable --now radiusd.service
+
+## Add firewall rule for Radius in Firewalld:
+sudo firewall-cmd --add-service=radius --permanent &&\
+    sudo firewall-cmd --reload
+
+
+
+## Install MariaDB:
+sudo dnf module install mariadb
+
+## Enable and start MariaDB:
+sudo systemctl enable --now mariadb.service
+
+## Securely configure MariaDB:
+sudo mysql_secure_installation
+
+
+
+## Create SQL database in MariaDB for Radius:
+mysql -u root -p 
+
+MariaDB [(none)]> CREATE DATABASE radius;
+Query OK, 1 row affected (0.000 sec)
+
+MariaDB [(none)]> GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "SuperStrongPassword";
+Query OK, 0 rows affected (0.000 sec)
+
+MariaDB [(none)]> FLUSH PRIVILEGES;
+Query OK, 0 rows affected (0.000 sec)
+
+MariaDB [(none)]> quit;
+Bye
+
+
+## Initialize database for Radius (as root):
+sudo su -
+mysql -u root -p radius < /etc/raddb/mods-config/sql/main/mysql/schema.sql
+
+## Exit root shell:
+exit
+
+## Enable MySQL mod for Radius:
+sudo ln -s /etc/raddb/mods-available/sql /etc/raddb/mods-enabled/
+
+## Edit the SQL config file to point to MySQL database:
+sudo vim /etc/raddb/mods-available/sql
+
+## Uncomment or add and configure the following parts of the SQL config file undert the 'sql {' section:
+       driver = "rlm_sql_mysql"
+       dialect = "mysql"
+        # Connection info:
+        #
+       server = "localhost"
+       port = 3306
+       login = "radius"
+       password = "SuperStrongPassword"
+
+## Change group ownership of SQL config file and restart Radius:
+sudo chgrp -h radiusd /etc/raddb/mods-enabled/sql &&\
+    sudo systemctl restart radiusd
+
+## Install Apache + PHP for Daloradius web interface:
+sudo dnf -y install @httpd @php
+sudo dnf -y install php-{cli,curl,mysqlnd,devel,gd,pear,mbstring,xml,pear}
+sudo pear install MDB2 DB
+
+## Start and enable Apache and php-fpm:
+sudo systemctl enable --now httpd.service php-fpm.service
+
+## Configure Firewalld for Apache:
+sudo firewall-cmd --add-service={http,https} --permanent
+sudo firewall-cmd --reload
+
+## Download Daloradius (as root):
+sudo su -
+curl -L -O 'https://github.com/lirantal/daloradius/archive/master.zip' &&\
+    unzip master.zip &&\
+	rm master.zip &&\
+	mv daloradius-master/ /opt/daloradius
+
+## Import Daloradius database tables (as root):
+mysql -u root -p radius < /opt/daloradius/contrib/db/fr2-mysql-daloradius-and-freeradius.sql 
+mysql -u root -p radius < /opt/daloradius/contrib/db/mysql-daloradius.sql
+
+## Exit root shell:
+exit
+
+## Remove default Apache web root and replace with Daloradius, fixing permissions as well:
+sudo rm -rf /var/www/html &&\
+    sudo cp -r /opt/daloradius /var/www/html &&\
+	sudo chown -R apache:apache /var/www/html/
+
+## Edit Daloradius' config file:
+sudo vim /var/www/html/library/daloradius.conf.php
+
+## Specifically, the following values should be edited:
+    $configValues['CONFIG_DB_USER'] = 'radius';
+    $configValues['CONFIG_DB_PASS'] = 'SuperStrongPassword';
+    $configValues['CONFIG_DB_NAME'] = 'radius';
+
+## Restart Apache and Radius:
+sudo systemctl restart radiusd.service httpd.service
+
+## Configure SELinux to allow Apache to access Daloradius web root:
+sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?"
+sudo restorecon -Rv /var/www/html/
+
+
+## Daloradius should now be accessible on port 80 (http) of the host. Default creds are:
+username: administrator
+password: radius