how to run freeradius using docker-compose

Question

Could you advise how to make run freeradius using dockercompose?

Compose file here which is stop automatically in a sec.

    version: '3'

    services:

        freeradius:
          image: freeradius/freeradius-server
          restart: always
          volumes:
            - ./freeradius:/etc/freeradius
          ports:
            - "1812-1813:1812-1813/udp"

    volumes:
      freeradius:

But when I run it with docker directly, then it runs

docker run --name my-radius -i -t freeradius/freeradius-server /bin/bash

In here, it display configuration file,

root@945f7bcb3520:/# ls /etc/freeradius

README.rst  clients.conf  experimental.conf  huntgroups      mods-config   panic.gdb  
proxy.conf    sites-available  templates.conf  users
certs       dictionary    hints              mods-available  mods-enabled  policy.d   
radiusd.conf  sites-enabled    trigger.conf

but then volume folder, ./freeradius don't include any conf file.

So, how can make it work properly in general?

Answer 1

You don't display your Dockerfile here. But I can guess that you are running a command in the Dockerfile that doesn't persist. It works from the command line, because /bin/bash will persist until you exit.

I have had this problem a couple times recently.

Answer 2

I have gotten a similar setup up and running with my config being loaded. All my configuration has been done according to the docker hub documentation. Here is my docker-compose.yml and Dockerfile for reference.

(I am aware that I could probably avoid the Dockerfile completely, but the advantage of this is that the Dockerfile is basically 1:1 to the official documentation..)

run docker-compose up -d to run it. Both files should be in the parent directory of raddb

Dockerfile

FROM freeradius/freeradius-server:latest
COPY raddb/ /etc/raddb/

EXPOSE 1812 1813

docker-compose.yml

version: '2.2'
services:
  freeradius:
    build:
      context: .
    container_name: freeradius
    ports:
      - "1812-1813:1812-1813/udp"
    restart: always

Answer 3

Your command to run the container directly

docker run --name my-radius -i -t freeradius/freeradius-server /bin/bash

is not equivalent to your dockercompose setup.

You are not mounting the config directory (also you are not publishing the container ports to the host - this will prevent you from accessing freeradius from outside a container).

I assume if you run your docker container mounting the volume

docker run --name my-radius -v ./freeradius:/etc/freeradius -i -t freeradius/freeradius-server /bin/bash

it will not work either.

For me, it didn't work when I tried to replace the whole config directory with a volume mount. I had to mount components of the configuration individually. E.g.

-v ./freeradius/clients.conf:/etc/freeradius/clients.conf

Apparently, when you replace the whole directory something fails when starting freeradius. Excerpt from radius.log when mounting the whole config directory:

Fri Jan 13 10:49:22 2023 : Info: Debug state unknown (cap_sys_ptrace capability not set)
Fri Jan 13 10:49:22 2023 : Info: systemd watchdog is disabled
Fri Jan 13 10:49:22 2023 : Error: rlm_preprocess: Error reading /etc/freeradius/mods-config/preprocess/huntgroups
Fri Jan 13 10:49:22 2023 : Error: /etc/freeradius/mods-enabled/preprocess[13]: Instantiation failed for module "preprocess"