-
Clone the repository from Github
git clone https://github.com/ubuntunet/eduroam_idp.git
-
Change into the newly created directory
cd eduroam_idp
-
Copy the inventory template
cp inventories/template inventories/<tld_institution>
-
Open your new inventory and replace
- with the actual URL/IP of your server
- <tld_institution> with your actual inventory file name
-
Copy the group_vars template
cp group_vars/template group_vars/<tld_institution>
-
Adopt the variables in group_vars/<tld_institution> to your liking
-
Create the secret.yml file that contains your sensitive information. Add your credentials.
cp group_vars/secrets.yml.example group_vars/secrets.yml
-
Run the playbook. Whenever you change something in the playbook, just replay this command.
ansible-playbook -i inventories/<tld_institution> eduroam_idp.yml
No, you can run just the task that is copying the clients.conf file by adding the appropriate tag
ansible-playbook -i inventories/<tld_institution> --tags "clients" eduroam_idp.yml
radtest [user] [password] localhost:[port (default is 1812)][nas-port-number(default 0)][shared_secret]
and check for an "Access-Accept" in the response.
-
Run radtest remotely if you have enabled the static test user
ansible radius -i inventories/<tld_institution> -a "radtest test mySecret localhost:1812 0 testing123"
-
Run the Freeradius service manually to see what is happening at the server side
-
Log into your machine
-
Stop the freeradius daemon
sudo service freeradius stop
-
Start it manually in debug mode
sudo freeradius -X
-
http://deployingradius.com/scripts/eapol_test/
You need to enable the eapol_test role in your group_vars file and rerun the playbook first.
WIP
-
Open group_vars/clients
-
Copy/Paste the client entry TestAP in your group_vars file
-
Change the name and the variable values
-
Add the shared_secret to secrets.yml
-
Re-run the playbook with the clients tag
ansible-playbook -i inventories/<tld_institution> --tags "clients" eduroam_idp.yml