deployment:network:freeradius:install-debian13-sql

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
deployment:network:freeradius:install-debian13-sql [2026/04/03 19:41] – [Install FreeRadius] ilyasadeployment:network:freeradius:install-debian13-sql [2026/04/05 17:21] (current) ilyasa
Line 29: Line 29:
 ==== Install MariaDB dan konfigurasi database untuk FreeRadius ==== ==== Install MariaDB dan konfigurasi database untuk FreeRadius ====
   * Install MariaDB Sever   * Install MariaDB Sever
-<code>+<code bash>
 sudo apt -y install mariadb-server sudo apt -y install mariadb-server
 </code> </code>
 +  * Secure MariaDB database dengan mariadb Wizards
 +<code bash>
 +mariadb-secure-installation
 +</code>
 +<hidden Jika Bingung sesuaikan dengna berikut>
 +<code bash>
 +root@radiusdev:~# mariadb-secure-installation
 +
 +NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
 +      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
 +
 +In order to log into MariaDB to secure it, we'll need the current
 +password for the root user. If you've just installed MariaDB, and
 +haven't set the root password yet, you should just press enter here.
 +
 +Enter current password for root (enter for none):  [ENTER]
 +OK, successfully used password, moving on...
 +
 +Setting the root password or using the unix_socket ensures that nobody
 +can log into the MariaDB root user without the proper authorisation.
 +
 +You already have your root account protected, so you can safely answer 'n'.
 +
 +Switch to unix_socket authentication [Y/n] [n]
 + ... skipping.
 +
 +You already have your root account protected, so you can safely answer 'n'.
 +
 +Change the root password? [Y/n] [Y]
 +New password: 
 +Re-enter new password: 
 +Password updated successfully!
 +Reloading privilege tables..
 + ... Success!
 +
 +
 +By default, a MariaDB installation has an anonymous user, allowing anyone
 +to log into MariaDB without having to have a user account created for
 +them.  This is intended only for testing, and to make the installation
 +go a bit smoother.  You should remove them before moving into a
 +production environment.
 +
 +Remove anonymous users? [Y/n] [Y]
 + ... Success!
 +
 +Normally, root should only be allowed to connect from 'localhost' This
 +ensures that someone cannot guess at the root password from the network.
 +
 +Disallow root login remotely? [Y/n] [Y]
 + ... Success!
 +
 +By default, MariaDB comes with a database named 'test' that anyone can
 +access.  This is also intended only for testing, and should be removed
 +before moving into a production environment.
 +
 +Remove test database and access to it? [Y/n] [Y]
 + - Dropping test database...
 + ... Success!
 + - Removing privileges on test database...
 + ... Success!
 +
 +Reloading the privilege tables will ensure that all changes made so far
 +will take effect immediately.
 +
 +Reload privilege tables now? [Y/n] [Y]
 + ... Success!
 +
 +Cleaning up...
 +
 +All done!  If you've completed all of the above steps, your MariaDB
 +installation should now be secure.
 +
 +Thanks for using MariaDB!
 +</code>
 +</hidden>
 +
 +  * Buat Database Dan User Untuk FreeRadius
 +<code bash>
 +sudo mysql -u root
 +</code>
 +<code sql>
 +CREATE DATABASE radius;
 +CREATE USER 'radius'@'localhost' IDENTIFIED by 'PasswordYangKuat123';
 +GRANT ALL PRIVILEGES ON radius.* TO 'radius'@'localhost';
 +FLUSH PRIVILEGES;
 +quit;
 +</code>
 +  * import SQL schema file ke Database yang kita buat sebelumnya.
 +<code bash>
 +sudo mysql -u root -p radius < /etc/freeradius/3.0/mods-config/sql/main/mysql/schema.sql
 +</code>
 +  *  Enable SQL module pada FreeRADIUS.
 +<code bash>
 +sudo ln -s /etc/freeradius/3.0/mods-available/sql /etc/freeradius/3.0/mods-enabled/
 +</code>
 +  * Edit Module SQL Untuk Dapat terhubung dengan Database yang telah kita buat
 +<code bash>
 +sudo nano /etc/freeradius/3.0/mods-enabled/sql
 +</code>
 +  * Ubah opsi database dari sqlite (default) ke mysql(mariadb) 
 +<code bash>
 +# Rubah 
 +        dialect = "sqlite"
 +# Ke
 +        dialect = "mysql"
 +</code>
 +  * coment ''driver = "rlm_sql_null"''
 +<code bash>
 +        driver = "rlm_sql_null"
 +#       driver = "rlm_sql_${dialect}"
 +</code>
 +  * uncoment ''driver = "rlm_sql_${dialect}"''
 +<code bash>
 +        driver = "rlm_sql_null"
 +#       driver = "rlm_sql_${dialect}"
 +</code>
 +  * Sebab koneksi database bersifat local configurasi tls dapat di comment
 +{{ :deployment:network:freeradius:mysql-no-tls-freeradius.png?nolink |}}
 +  * Uncomment connection info dan ganti sesuai dbname dan passwrod yang telah dibuat
 +{{ :deployment:network:freeradius:connection_info-sql-freeradius.png?nolink&1000 |}}
 +
 +==== Running Test ====
 +=== Menambahkan RADIUS User ke Database ===
 +<code bash>
 +mysql -u root -p
 +</code>
 +<code sql>
 +USE radius;
 +
 +-- Add user with plain-text password (Cleartext-Password)
 +INSERT INTO radcheck (username, attribute, op, value)
 +VALUES ('ilyasa', 'Cleartext-Password', ':=', 'pass123');
 +
 +-- Optional: add user to a group
 +INSERT INTO radusergroup (username, groupname, priority)
 +VALUES ('testuser', 'users', 1);
 +</code>
 +
 +==== Run FreeRadius dengan Debug Mode ====
 +<code>
 +# Stop and start clean
 +sudo systemctl restart freeradius
 +
 +# Or run in debug mode (recommended for first test)
 +sudo systemctl stop freeradius
 +sudo radiusd -X
 +</code>
 +
  • deployment/network/freeradius/install-debian13-sql.1775220080.txt.gz
  • Last modified: 2026/04/03 19:41
  • by ilyasa