toughradius快速安装

ctoughradius快速安装

1.下载二进制安装toughradius

cd /usr/local/bin/
wget https://github.com/talkincode/toughradius/releases/download/v8.0.8/toughradius_amd64
mv toughradius_amd64 toughradius
chmod +x toughradius 
toughradius -install

2.systemd管理（自动生成的）

[root@computer02 bin]# cat /usr/lib/systemd/system/toughradius.service
[Unit]
Description=toughradius
After=network.target
StartLimitIntervalSec=0

[Service]
Restart=always
RestartSec=1
Environment=GODEBUG=x509ignoreCN=0
LimitNOFILE=65535
LimitNPROC=65535
User=root
ExecStart=/usr/local/bin/toughradius

[Install]
WantedBy=multi-user.target

3.数据库准备(ubuntu安装postgresql)

3.1安装并启动postgresql

sudo apt install postgresql postgresql-contrib
systemctl status postgresql

3.2切换到postgres用户进入管理台

sudo su - postgres
psql

3.3 创建新用户和数据库

CREATE USER toughradius WITH PASSWORD 'toughradius';
CREATE DATABASE toughradius WITH OWNER toughradius;
GRANT ALL PRIVILEGES ON DATABASE toughradius TO toughradius;
\q #退出

注意：postgres不是本地部署，还需要解决远程访问问题

在 Ubuntu 上开放 5432 端口（通常用于 PostgreSQL 数据库）涉及几个步骤，包括配置防火墙和确认 PostgreSQL 配置正确。以下是详细步骤：

#### 1. 确认 PostgreSQL 正在监听 5432 端口，编辑 PostgreSQL 配置文件 postgresql.conf：
sudo nano /etc/postgresql/{version}/main/postgresql.conf

在文件中找到 listen_addresses 配置项并确保它如下所示：
listen_addresses = '*'

#### 2. 配置 pg_hba.conf 文件，编辑 pg_hba.conf 文件，以允许外部连接：
sudo nano /etc/postgresql/{version}/main/pg_hba.conf

在文件末尾添加如下内容：
host    all             all             0.0.0.0/0               md5

#### 3. 保存并关闭文件，然后重启 PostgreSQL 服务以应用更改：
sudo systemctl restart postgresql

#### 4. 配置防火墙
sudo ufw enable
允许通过 5432 端口的流量：
sudo ufw allow 5432/tcp

#### 5. 验证防火墙状态确认 5432 端口已开放：
sudo ufw status

#### 6. 确认 PostgreSQL 正在监听
sudo netstat -plnt | grep 5432

4.配置文件（自动会生成，修改部分）

[root@computer02 bin]# cat /etc/toughradius.yml 
system:
    appid: ToughRADIUS
    location: Asia/Shanghai
    workdir: /var/toughradius
    debug: true
web:
    host: 0.0.0.0
    port: 1816
    tls_port: 1817
    secret: 9b6de5cc-0731-1203-xxtt-0f568ac9da37
database:
    type: postgres
    host: 172.17.10.13
    port: 5432
    name: toughradius
    user: toughradius
    passwd: toughradius
    max_conn: 100
    idle_conn: 10
    debug: false
freeradius:
    enabled: true
    host: 0.0.0.0
    port: 1818
    debug: true
radiusd:
    enabled: true
    host: 0.0.0.0
    auth_port: 1812
    acct_port: 1813
    radsec_port: 2083
    debug: true
tr069:
    host: 0.0.0.0
    port: 1819
    tls: true
    secret: 9b6de5cc-0731-1203-xxtt-0f568ac9da37
    debug: true
mqtt:
    server: ""
    username: ""
    password: ""
    debug: false
logger:
    mode: development
    console_enable: true
    loki_enable: false
    file_enable: true
    filename: /var/toughradius/toughradius.log
    queue_size: 4096
    loki_api: http://127.0.0.1:3100
    loki_user: toughradius
    loki_pwd: toughradius
    loki_job: toughradius
    metrics_storage: /var/toughradius/data/metrics
    metrics_history: 168

5.启动并查看状态，忽略TLS错误，这里可以是使用HTTPS登录才能用的上

[root@computer02 bin]# systemctl start toughradius
[root@computer02 bin]# systemctl status toughradius
● toughradius.service - toughradius
   Loaded: loaded (/usr/lib/systemd/system/toughradius.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2024-06-02 18:31:17 CST; 4s ago
 Main PID: 884950 (toughradius)
    Tasks: 10 (limit: 48862)
   Memory: 16.7M
   CGroup: /system.slice/toughradius.service
           └─884950 /usr/local/bin/toughradius

Jun 02 18:31:18 computer02 toughradius[884950]: [2024-06-02T18:31:18+08:00]        DEBUG        webserver/server.go:408        Add GET Router /admin/translate/export
Jun 02 18:31:18 computer02 toughradius[884950]: [2024-06-02T18:31:18+08:00]        DEBUG        webserver/server.go:408        Add GET Router /admin/translate/trans>
Jun 02 18:31:18 computer02 toughradius[884950]: [2024-06-02T18:31:18+08:00]        DEBUG        webserver/server.go:408        Add GET Router /admin/translate/trans>
Jun 02 18:31:18 computer02 toughradius[884950]: [2024-06-02T18:31:18+08:00]        DEBUG        webserver/server.go:408        Add GET Router /admin/translate/init
Jun 02 18:31:18 computer02 toughradius[884950]: [2024-06-02T18:31:18+08:00]        DEBUG        webserver/server.go:413        Add POST Router /admin/translate/dele>
Jun 02 18:31:18 computer02 toughradius[884950]: [2024-06-02T18:31:18+08:00]        DEBUG        webserver/server.go:413        Add POST Router /admin/translate/patch
Jun 02 18:31:18 computer02 toughradius[884950]: [2024-06-02T18:31:18+08:00]        INFO        webserver/server.go:157        Start the management server 0.0.0.0:18>
Jun 02 18:31:18 computer02 toughradius[884950]: ⇨ http server started on [::]:1816
Jun 02 18:31:18 computer02 toughradius[884950]: [2024-06-02T18:31:18+08:00]        INFO        webserver/server.go:150        Prepare to start the TLS management po>
Jun 02 18:31:18 computer02 toughradius[884950]: [2024-06-02T18:31:18+08:00]        ERROR        webserver/server.go:154        Error starting TLS management port op>

6.登录管理界面

Open the browser and enter the URL: http://your-ip:1816
The default username and password are admin/toughradius

官方快速安装链接：https://github.com/talkincode/toughradius/wiki/quickstart