Hi Federico
Great !
Thanks
I will give a try and let you know.
--
Demian Pecile
> El 18 nov. 2020, a las 14:19, Federico Capoano <[email protected]>
> escribió:
>
> Here's a sample playbook to install openwisp-radius with ansible-openwisp2.
> I have taken it from a working playbook and removed the sensitive parts, but
> I have not tested it, so it may be incomplete and surely will need
> adaptation, but should hint all that needs to be done.
>
> - hosts: yourhost
> become: true
> become_user: youruser
> roles:
> - openwisp.openwisp2
> vars:
> openwisp2_utils_pip:
> https://github.com/openwisp/openwisp-utils/tarball/master
> <https://github.com/openwisp/openwisp-utils/tarball/master>
> openwisp2_users_pip:
> https://github.com/openwisp/openwisp-users/tarball/master
> <https://github.com/openwisp/openwisp-users/tarball/master>
> openwisp2_extra_python_packages:
> # monitoring
> - https://github.com/openwisp/openwisp-radius/tarball/master
> <https://github.com/openwisp/openwisp-radius/tarball/master>
> - django-cors-headers
> openwisp2_extra_django_settings_instructions:
> # monitoring settings
> - |
> # openwisp-radius, registration, CORS
> INSTALLED_APPS += [
> 'corsheaders',
> 'django_filters',
> 'rest_framework.authtoken',
> 'rest_auth',
> 'rest_auth.registration',
> 'openwisp_radius',
> ]
> OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS = ['ip/host here']
>
> # CORS
> MIDDLEWARE.insert(
> MIDDLEWARE.index('django.middleware.common.CommonMiddleware'),
> 'corsheaders.middleware.CorsMiddleware'
> )
> CORS_ORIGIN_WHITELIST = ('whitelisteddomain1', 'whitelisteddomain2')
> CORS_ALLOW_METHODS = ('POST',)
>
> # SMS
> REST_AUTH_SERIALIZERS = {
> 'PASSWORD_RESET_SERIALIZER':
> 'openwisp_radius.api.serializers.PasswordResetSerializer',
> }
> REST_AUTH_REGISTER_SERIALIZERS = {
> 'REGISTER_SERIALIZER':
> 'openwisp_radius.api.serializers.RegisterSerializer',
> }
> OPENWISP_RADIUS_SMS_TOKEN_MAX_IP_DAILY = 25
> SENDSMS_BACKEND = 'path to sms backend here'
>
> # REST API
> INSTALLED_APPS += [
> 'drf_yasg',
> ]
> OPENWISP_USERS_AUTH_API = True
> openwisp2_extra_urls:
> - "url(r'^', include('openwisp_radius.urls'))"
> - "url(r'^api/v1/', include('openwisp_utils.api.urls'))"
> - "url(r'^api/v1/', include('openwisp_users.api.urls'))"
> freeradius_dir: /etc/freeradius/3.0
> freeradius_mods_available_dir: "{{ freeradius_dir }}/mods-available"
> freeradius_mods_enabled_dir: "{{ freeradius_dir }}/mods-enabled"
> freeradius_sites_available_dir: "{{ freeradius_dir }}/sites-available"
> freeradius_sites_enabled_dir: "{{ freeradius_dir }}/sites-enabled"
> freeradius_certs_dir: "{{ freeradius_dir }}/certs"
> freeradius_sql:
> driver: rlm_sql_postgresql
> dialect: postgresql
> host: localhost
> port: 5432
> name: "****"
> user: "****"
> password: "****"
> freeradius_rest:
> url: https://yourdomain/api/v1/freeradius
> <https://yourdomain/api/v1/freeradius>
> pre_tasks:
> # openwisp-radius
> - name: Install cairo
> apt:
> name:
> - libcairo2
> - libpango-1.0-0
> - libpangocairo-1.0-0
> - libgdk-pixbuf2.0-0
> - shared-mime-info
> update_cache: yes
> tags: [openwisp2, radius]
>
> ### Follows an exmple installation and configuration of freeradius, but
> my configuration uses postgres and is customized,
> ### so you need to be adapt it
>
> - name: Freeradius system packages
> apt:
> name:
> - freeradius
> - freeradius-postgresql
> - freeradius-rest
> state: latest
> notify: restart freeradius
> - name: SQL Configuration
> template:
> src: freeradius/sql.j2
> dest: "{{ freeradius_mods_available_dir }}/sql"
> mode: 0640
> owner: freerad
> group: freerad
> notify: restart freeradius
> - name: Enable SQL module
> file:
> src: "{{ freeradius_mods_available_dir }}/sql"
> dest: "{{ freeradius_mods_enabled_dir }}/sql"
> state: link
> mode: 0640
> owner: freerad
> group: freerad
> - name: SQL Counter module
> template:
> src: freeradius/sqlcounter.j2
> dest: "{{ freeradius_mods_available_dir }}/sqlcounter"
> mode: 0640
> owner: freerad
> group: freerad
> notify: restart freeradius
> - name: Enable SQL Counter module
> file:
> src: "{{ freeradius_mods_available_dir }}/sqlcounter"
> dest: "{{ freeradius_mods_enabled_dir }}/sqlcounter"
> state: link
> mode: 0640
> owner: freerad
> group: freerad
> - name: Fix dailycounter.conf
> copy:
> src: freeradius/dailycounter.conf
> dest: "{{ freeradius_dir
> }}/mods-config/sql/counter/postgresql/dailycounter.conf"
> mode: 0640
> owner: freerad
> group: freerad
> notify: restart freeradius
> - name: REST Configuration
> template:
> src: freeradius/rest.j2
> dest: "{{ freeradius_mods_available_dir }}/rest"
> mode: 0640
> owner: freerad
> group: freerad
> notify: restart freeradius
> - name: Enable REST module
> file:
> src: "{{ freeradius_mods_available_dir }}/rest"
> dest: "{{ freeradius_mods_enabled_dir }}/rest"
> state: link
> mode: 0640
> owner: freerad
> group: freerad
> - name: Remove default site
> file:
> dest: "{{ freeradius_sites_enabled_dir }}/default"
> state: absent
> - name: Ensure inner-tunnel site is present
> file:
> src: "{{ freeradius_sites_available_dir }}/inner-tunnel"
> dest: "{{ freeradius_sites_enabled_dir }}/inner-tunnel"
> state: link
> mode: 0640
> owner: freerad
> group: freerad
> - name: Captive portal configuration
> template:
> src: freeradius/captiveportal.j2
> dest: "{{ freeradius_sites_available_dir }}/captiveportal"
> mode: 0640
> owner: freerad
> group: freerad
> notify: restart freeradius
> tags: [radius]
> - file:
> src: "{{ freeradius_sites_available_dir }}/captiveportal"
> dest: "{{ freeradius_sites_enabled_dir }}/captiveportal"
> state: link
> mode: 0640
> owner: freerad
> group: freerad
> tags: [radius]
> # openwisp-radius cron jobs
> - name: delete_old_radacct
> cron:
> name: delete_old_radacct
> day: "*"
> hour: 05
> minute: 30
> job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py
> delete_old_radacct 730"
> tags: [openwisp2, radius]
> - name: delete_old_postauth
> cron:
> name: delete_old_postauth
> day: "*"
> hour: 05
> minute: 0
> job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py
> delete_old_postauth 365"
> tags: [openwisp2, radius]
> - name: cleanup_stale_radacct
> cron:
> name: cleanup_stale_radacct
> day: "*"
> hour: 04
> minute: 0
> job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py
> cleanup_stale_radacct 1"
> tags: [openwisp2, radius]
> - name: deactivate_expired_users
> cron:
> name: deactivate_expired_users
> day: "*"
> hour: "*"
> minute: "*/5"
> job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py
> deactivate_expired_users"
> tags: [openwisp2, radius]
> - name: delete_old_users
> cron:
> name: delete_old_users
> day: "*"
> hour: "03"
> minute: "30"
> job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py
> delete_old_users"
> tags: [openwisp2, radius]
>
>
> Best regards
> Federico
>
> On Wednesday, October 14, 2020 at 11:23:38 AM UTC-5 Federico Capoano wrote:
> Hi Demian,
>
> regarding openwisp-monitoring, I left some hints in this other thread:
> https://groups.google.com/d/msg/openwisp/0Qh-TRAeoLE/BnpMZkvlAgAJ
> <https://groups.google.com/d/msg/openwisp/0Qh-TRAeoLE/BnpMZkvlAgAJ>
> There's a playbook file shared in that thread as well
> <https://docs.google.com/viewer?a=v&pid=forums&srcid=MDY5OTA0NjI2NTkzOTQ2Nzk2ODkBMTM1NjE4NzI5MjUxODc3Nzg4MzIBQm5wTVprdmxBZ0FKATAuMgEBdjI&authuser=0>,
> I suggest following the thread until the end.
> The problem is that the new modules are evolving rapidly so new settings may
> be needed.
>
> We have open issues to add support for openwisp-monitoring
> <https://github.com/openwisp/ansible-openwisp2/issues/195>,
> openwisp-firmware-upgrader
> <https://github.com/openwisp/ansible-openwisp2/issues/199> and
> openwisp-radius <https://github.com/openwisp/ansible-openwisp2/issues/198> in
> ansible-openwisp2 but so far no one is working on these.
> I hope that more users and contributors will be willing to help out.
> The test project of each module provides a working settings.py file that can
> be used as reference.
>
> I hope this helps, I can't do more at the moment unfortunately.
>
> Best regards
> Federico
>
>
>
> On Wednesday, October 14, 2020 at 9:42:26 AM UTC-5, Demian Pecile wrote:
> Hi
> I need to install Openwisp with freeradius integration, monitorin, and
> firmware upgrade in a production environment.
> There is any how to ?
> I installed openwisp using ansible, but no problem to install directly if
> some install guide to follow is available.
>
> Thanks
>
> Demian
>
> --
> You received this message because you are subscribed to the Google Groups
> "OpenWISP" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected]
> <mailto:[email protected]>.
> To view this discussion on the web, visit
> https://groups.google.com/d/msgid/openwisp/75af9548-cee9-4d3d-aceb-7b30c41a14can%40googlegroups.com
>
> <https://groups.google.com/d/msgid/openwisp/75af9548-cee9-4d3d-aceb-7b30c41a14can%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google Groups
"OpenWISP" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web, visit
https://groups.google.com/d/msgid/openwisp/89ECC19A-E16F-4183-BAD2-462AC0107F4A%40gmail.com.
