summaryrefslogtreecommitdiffstats
path: root/scripts
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-08-26 10:41:52 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-08-26 10:41:52 +0000
commitde8bf9112695763664912e340b265fa898188460 (patch)
tree9bcd5f8d45fc3b81174d3de8abfd573b68e9d7f6 /scripts
parentAdding debian version 3.2.3+dfsg-2. (diff)
downloadfreeradius-de8bf9112695763664912e340b265fa898188460.tar.xz
freeradius-de8bf9112695763664912e340b265fa898188460.zip
Merging upstream version 3.2.5+dfsg.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rwxr-xr-xscripts/ci/eapol_test-build.sh3
-rw-r--r--scripts/ci/package-test.mk1
-rw-r--r--scripts/crossbuild/README.md64
-rw-r--r--scripts/crossbuild/crossbuild.mk28
-rw-r--r--scripts/crossbuild/docker/centos7/Dockerfile35
-rw-r--r--scripts/crossbuild/docker/debian10/Dockerfile44
-rw-r--r--scripts/crossbuild/docker/debian11/Dockerfile (renamed from scripts/crossbuild/docker/ubuntu16/Dockerfile)44
-rw-r--r--scripts/crossbuild/docker/debian12/Dockerfile74
-rw-r--r--scripts/crossbuild/docker/debian8/Dockerfile84
-rw-r--r--scripts/crossbuild/docker/debian9/README15
-rw-r--r--scripts/crossbuild/docker/rocky8/Dockerfile (renamed from scripts/crossbuild/docker/centos8/Dockerfile)35
-rw-r--r--scripts/crossbuild/docker/rocky9/Dockerfile91
-rw-r--r--scripts/crossbuild/docker/ubuntu18/Dockerfile27
-rw-r--r--scripts/crossbuild/docker/ubuntu20/Dockerfile27
-rw-r--r--scripts/crossbuild/docker/ubuntu22/Dockerfile74
-rw-r--r--scripts/crossbuild/docker/ubuntu24/Dockerfile74
-rw-r--r--scripts/crossbuild/m4/Dockerfile.deb.m4 (renamed from scripts/crossbuild/docker/debian9/Dockerfile)53
-rw-r--r--scripts/crossbuild/m4/Dockerfile.rpm.m4146
-rw-r--r--scripts/docker/centos7/Dockerfile96
-rw-r--r--scripts/docker/debian10/Dockerfile59
-rw-r--r--scripts/docker/debian11/Dockerfile64
-rw-r--r--scripts/docker/debian9/Dockerfile59
-rw-r--r--scripts/docker/debiansid/Dockerfile64
-rw-r--r--scripts/docker/dists/alpine/Dockerfile95
-rwxr-xr-xscripts/docker/dists/alpine/docker-entrypoint.sh (renamed from scripts/docker/alpine/docker-entrypoint.sh)0
-rw-r--r--scripts/docker/dists/centos7/Dockerfile134
-rwxr-xr-xscripts/docker/dists/centos7/docker-entrypoint.sh (renamed from scripts/docker/centos7/docker-entrypoint.sh)0
-rw-r--r--scripts/docker/dists/debian10/Dockerfile82
-rwxr-xr-xscripts/docker/dists/debian10/docker-entrypoint.sh (renamed from scripts/docker/debian10/docker-entrypoint.sh)0
-rw-r--r--scripts/docker/dists/debian11/Dockerfile87
-rwxr-xr-xscripts/docker/dists/debian11/docker-entrypoint.sh (renamed from scripts/docker/debian11/docker-entrypoint.sh)0
-rw-r--r--scripts/docker/dists/debian12/Dockerfile87
-rwxr-xr-xscripts/docker/dists/debian12/docker-entrypoint.sh (renamed from scripts/docker/debian9/docker-entrypoint.sh)0
-rw-r--r--scripts/docker/dists/debiansid/Dockerfile87
-rwxr-xr-xscripts/docker/dists/debiansid/docker-entrypoint.sh (renamed from scripts/docker/debiansid/docker-entrypoint.sh)0
-rw-r--r--scripts/docker/dists/rocky8/Dockerfile (renamed from scripts/docker/rocky8/Dockerfile)77
-rwxr-xr-xscripts/docker/dists/rocky8/docker-entrypoint.sh (renamed from scripts/docker/rocky8/docker-entrypoint.sh)0
-rw-r--r--scripts/docker/dists/rocky9/Dockerfile124
-rwxr-xr-xscripts/docker/dists/rocky9/docker-entrypoint.sh24
-rw-r--r--scripts/docker/dists/ubuntu18/Dockerfile82
-rwxr-xr-xscripts/docker/dists/ubuntu18/docker-entrypoint.sh (renamed from scripts/docker/ubuntu18/docker-entrypoint.sh)0
-rw-r--r--scripts/docker/dists/ubuntu20/Dockerfile82
-rwxr-xr-xscripts/docker/dists/ubuntu20/docker-entrypoint.sh (renamed from scripts/docker/ubuntu20/docker-entrypoint.sh)0
-rw-r--r--scripts/docker/dists/ubuntu22/Dockerfile87
-rwxr-xr-xscripts/docker/dists/ubuntu22/docker-entrypoint.sh (renamed from scripts/docker/ubuntu22/docker-entrypoint.sh)0
-rw-r--r--scripts/docker/dists/ubuntu24/Dockerfile87
-rw-r--r--scripts/docker/docker.mk159
-rwxr-xr-xscripts/docker/etc/docker-entrypoint.sh.alpine27
-rwxr-xr-xscripts/docker/etc/docker-entrypoint.sh.deb24
-rwxr-xr-xscripts/docker/etc/docker-entrypoint.sh.rpm24
-rw-r--r--scripts/docker/m4/Dockerfile.alpine.m4 (renamed from scripts/docker/alpine/Dockerfile)31
-rw-r--r--scripts/docker/m4/Dockerfile.deb.m488
-rw-r--r--scripts/docker/m4/Dockerfile.m445
-rw-r--r--scripts/docker/m4/Dockerfile.rpm.m4186
-rw-r--r--scripts/docker/ubuntu18/Dockerfile59
-rw-r--r--scripts/docker/ubuntu20/Dockerfile61
-rw-r--r--scripts/docker/ubuntu22/Dockerfile66
-rw-r--r--scripts/snmp-proxy/freeradius-snmp.pl4
58 files changed, 2356 insertions, 814 deletions
diff --git a/scripts/ci/eapol_test-build.sh b/scripts/ci/eapol_test-build.sh
index 42397e2..9e1dcd6 100755
--- a/scripts/ci/eapol_test-build.sh
+++ b/scripts/ci/eapol_test-build.sh
@@ -109,6 +109,9 @@ fi
cp "$BUILD_CONF_FILE" "$WPA_SUPPLICANT_DIR/.config"
+# Don't crash out on build warnings, some newer GCC versions are quite picky
+sed -i -e 's/-Werror//' "${WPA_SUPPLICANT_DIR}/Makefile"
+
if ! make -C "${WPA_SUPPLICANT_DIR}" -j8 eapol_test 1>&2 || [ ! -e "${WPA_SUPPLICANT_DIR}/eapol_test" ]; then
echo "Build error" 1>&2
if [ -z "${BUILD_DIR}" ]; then rm -rf "$TMP_BUILD_DIR"; fi
diff --git a/scripts/ci/package-test.mk b/scripts/ci/package-test.mk
index 417784b..b20e4d4 100644
--- a/scripts/ci/package-test.mk
+++ b/scripts/ci/package-test.mk
@@ -38,4 +38,5 @@ MAKE_ARGS := RADIUSD_BIN=$(RADIUSD_BIN) PORT=$(PORT) SECRET="$(SECRET)" DICT_PAT
.PHONY: package-test
package-test:
+ cp -r $(RADDB_PATH)/certs/* raddb/certs
$(MAKE) -C src/tests $(MAKE_ARGS) tests.eap
diff --git a/scripts/crossbuild/README.md b/scripts/crossbuild/README.md
index 0bcc2c4..a5dc205 100644
--- a/scripts/crossbuild/README.md
+++ b/scripts/crossbuild/README.md
@@ -8,6 +8,9 @@ different operating systems, using Docker.
The primary purpose is for developers to easily test FreeRADIUS on
different systems.
+**Do not use this for running FreeRADIUS in production - see
+`scripts/docker` instead.**
+
## Common Usage
@@ -24,7 +27,7 @@ least on the first run):
make crossbuild
-or for the most common systems (Debian, Ubuntu, CentOS):
+or for the most common systems (Debian, Ubuntu, CentOS, Rocky):
make crossbuild.common
@@ -41,7 +44,9 @@ The Docker containers are left running, and may be stopped with
make crossbuild.down
The system tries to be as efficient as possible, so will not
-rebuild from scratch every time.
+rebuild the Docker images from scratch every time, but use an
+existing image and copy just the latest git commits in for
+testing.
## Global make targets
@@ -49,47 +54,47 @@ rebuild from scratch every time.
The following targets will operate on the crossbuild system
globally, or on all images (unless otherwise stated):
+ - `make crossbuild`
-### `make crossbuild`
-
-Create all docker images (if required), start them, build and test
-FreeRADIUS.
+ Create all docker images (if required), start them, build and
+ test FreeRADIUS.
-### `make crossbuild.common`
+ - `make crossbuild.common`
-As `make crossbuild`, but only build and test the most common
-systems.
+ As `make crossbuild`, but only build and test the most common
+ systems.
-### `make crossbuild.info`
+ - `make crossbuild.info`
-List all systems, together with the expected state. See
-`crossbuild.reset`.
+ List all systems, together with the expected state. See
+ `crossbuild.reset`.
-### `make crossbuild.down`
+ - `make crossbuild.down`
-Stop all containers.
+ Stop all containers.
-### `make crossbuild.reset`
+ - `make crossbuild.reset`
-If containers are stopped or started outside Docker, crossbuild
-may get confused. This will clear the internal state which should
-try and start everything from be beginning again.
+ If containers are stopped or started outside Docker,
+ crossbuild may get confused. This will clear the internal
+ state which should try and start everything from be beginning
+ again.
-### `make crossbuild.clean`
+ - `make crossbuild.clean`
-Bring down all containers, clear state. This is a general "tidy
-up".
+ Bring down all containers, clear state. This is a general
+ "tidy up".
-### `make crossbuild.wipe`
+ - `make crossbuild.wipe`
-Don't just stop, but destroy all crossbuild docker images. This
-will mean they need to be recreated again upon next use.
+ Don't just stop, but destroy all crossbuild docker images.
+ This will mean they need to be recreated again upon next use.
## Per-image make targets
@@ -116,7 +121,16 @@ Docker images will be created with names in the form:
freeradius-build/debian10
-whil containers will have names like:
+while containers will have names like:
fr-crossbuild-debian10
+
+## Re-generating Dockerfiles
+
+The Dockerfiles used for crossbuild are generated from m4
+templates. To regenerate one use `make crossbuild.IMAGE.regen`, or
+`make crossbuild.regen` to generate them all. The m4 templates are
+stored in `scripts/crossbuild/m4/`. This will usually only need to
+be used to add a new operating system, not during standard build
+testing.
diff --git a/scripts/crossbuild/crossbuild.mk b/scripts/crossbuild/crossbuild.mk
index da96506..599a34c 100644
--- a/scripts/crossbuild/crossbuild.mk
+++ b/scripts/crossbuild/crossbuild.mk
@@ -11,13 +11,19 @@ else
#
# Short list of common builds
#
-CB_COMMON:=centos7 debian10 ubuntu18
+CB_COMMON:=centos7 rocky9 debian11 ubuntu20
+
+# Where to put stamp files (subdirectory of where this makefile is)
+CB_DIR:=$(dir $(realpath $(lastword $(MAKEFILE_LIST))))
# Where the docker directories are
-DT:=scripts/crossbuild/docker
+DT:=$(CB_DIR)/docker
# Where to put stamp files (subdirectory of where this makefile is)
-DD:=$(dir $(realpath $(lastword $(MAKEFILE_LIST))))/build
+DD:=$(CB_DIR)/build
+
+# Location of top-level m4 template
+DOCKER_TMPL:=$(CB_DIR)/../docker/m4/Dockerfile.m4
# List of all the docker images (sorted for "crossbuild.info")
CB_IMAGES:=$(sort $(patsubst $(DT)/%,%,$(wildcard $(DT)/*)))
@@ -99,6 +105,11 @@ crossbuild.clean: $(foreach IMG,${CB_IMAGES},crossbuild.${IMG}.clean)
crossbuild.wipe: $(foreach IMG,${CB_IMAGES},crossbuild.${IMG}.wipe)
#
+# Regenerate all Dockerfiles from m4 templates
+#
+crossbuild.regen: $(foreach IMG,${CB_IMAGES},crossbuild.${IMG}.regen)
+
+#
# Define rules for building a particular image
#
define CROSSBUILD_IMAGE_RULE
@@ -145,6 +156,7 @@ crossbuild.${1}.up: $(DD)/stamp-up.${1}
$(DD)/docker.refresh.${1}: $(DD)/stamp-up.${1}
${Q}echo "REFRESH ${1}"
${Q}docker container exec $(CB_CPREFIX)${1} sh -c 'rsync -a /srv/src/ /srv/local-src/'
+ ${Q}docker container exec $(CB_CPREFIX)${1} sh -c 'git config --global --add safe.directory /srv/local-src'
${Q}docker container exec $(CB_CPREFIX)${1} sh -c 'git config -f /srv/local-src/config core.bare true'
${Q}docker container exec $(CB_CPREFIX)${1} sh -c 'git config -f /srv/local-src/config --unset core.worktree || true'
${Q}docker container exec $(CB_CPREFIX)${1} sh -c '[ -d /srv/build ] || git clone /srv/local-src /srv/build'
@@ -218,6 +230,16 @@ crossbuild.${1}.wipe:
crossbuild.${1}.refresh: $(DD)/docker.refresh.${1}
#
+# Regenerate the image Dockerfile from the m4 templates
+#
+.PHONY: crossbuild.${1}.regen
+crossbuild.${1}.regen: $(DT)/${1}/Dockerfile
+
+$(DT)/${1}/Dockerfile: $(DOCKER_TMPL) $(CB_DIR)/m4/Dockerfile.deb.m4 $(CB_DIR)/m4/Dockerfile.rpm.m4
+ ${Q}echo REGEN ${1}
+ ${Q}m4 -I $(CB_DIR)/m4 -D D_NAME=${1} -D D_TYPE=crossbuild $$< > $$@
+
+#
# Run the build test
#
.PHONY: crossbuild.${1}
diff --git a/scripts/crossbuild/docker/centos7/Dockerfile b/scripts/crossbuild/docker/centos7/Dockerfile
index 2f9e4ac..91f25b3 100644
--- a/scripts/crossbuild/docker/centos7/Dockerfile
+++ b/scripts/crossbuild/docker/centos7/Dockerfile
@@ -1,16 +1,32 @@
-FROM centos:centos7
+# Auto generated for centos7
+# from scripts/crossbuild/m4/Dockerfile.rpm.m4
+#
+# Rebuild this file with `make crossbuild.centos7.regen`
+#
+ARG from=centos:7
+FROM ${from} as build
+
+#
+# CentOS 7 is now EOL, so we need to fix up the repo source
+#
+RUN sed -i "s/^mirrorlist/#mirrorlist/g" /etc/yum.repos.d/CentOS-*
+RUN sed -i "s|#\s*baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*
+
#
# Install devtools like make and git and the EPEL
# repository for freetds and hiredis
#
RUN yum update -y
-RUN yum install -y rpmdevtools openssl epel-release git yum-utils rsync
+RUN yum install -y rpmdevtools openssl epel-release git procps yum-utils \
+ rsync
#
# Install GCC that has the requisite support for C11 keywords and atomics
#
RUN yum install -y centos-release-scl
+RUN sed -i "s/^mirrorlist/#mirrorlist/g" /etc/yum.repos.d/CentOS-*
+RUN sed -i "s|#\s*baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*
RUN yum install -y devtoolset-8-gcc devtoolset-8-gcc-c++
ENV CC=/opt/rh/devtoolset-8/root/usr/bin/gcc
@@ -21,6 +37,8 @@ ENV CC=/opt/rh/devtoolset-8/root/usr/bin/gcc
RUN rm /etc/yum.repos.d/CentOS-SCLo-scl-rh.repo
RUN rm /etc/yum.repos.d/CentOS-SCLo-scl.repo
+
+
#
# Documentation build dependecies
#
@@ -28,12 +46,11 @@ RUN rm /etc/yum.repos.d/CentOS-SCLo-scl.repo
# - doxygen & JSON.pm
RUN yum install -y doxygen graphviz perl-JSON
# - antora (npm needed)
-RUN curl -sL https://rpm.nodesource.com/setup_10.x | bash -
+RUN curl -sL https://rpm.nodesource.com/setup_16.x | bash -
RUN yum install -y nodejs
-RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1
+RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7
# - pandoc
RUN curl -o - -L $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*tar.gz" | cut -d '"' -f 4) | tar xzvf - -C /tmp/
-# "
RUN mv /tmp/pandoc-*/bin/* /usr/local/bin
# - asciidoctor
RUN yum install -y rubygems-devel
@@ -67,6 +84,7 @@ RUN git clone --depth 1 --no-single-branch ${source}
#
# Install build dependencies for all branches from v3 onwards
# Nodesource has issues (no SRPMS in some repos) and is not needed here
+# CentOS/RHEL 7 do not support "-D" for yum-builddep so do that separately below if needed
#
WORKDIR freeradius-server
RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master)$");\
@@ -75,6 +93,11 @@ RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin
[ -e redhat/freeradius.spec ] && yum-builddep --disablerepo="nodesource*" -y redhat/freeradius.spec; \
done
+# Yubikey deps for CentOS/RHEL 7
+RUN yum install -y ykclient-devel ykclient
+
+RUN yum install -y libyubikey-devel
+
#
# Which is required by fixture setup utilities
#
@@ -85,8 +108,8 @@ RUN yum install -y which
#
RUN yum install -y libnl3-devel
+
#
# Create the RPM build tree
#
-ENV BUILDDIR=/root/rpmbuild
RUN rpmdev-setuptree
diff --git a/scripts/crossbuild/docker/debian10/Dockerfile b/scripts/crossbuild/docker/debian10/Dockerfile
index 3eb13a7..03a9ce5 100644
--- a/scripts/crossbuild/docker/debian10/Dockerfile
+++ b/scripts/crossbuild/docker/debian10/Dockerfile
@@ -1,8 +1,10 @@
-FROM debian:buster
-
-ARG gccver=8
-ARG clangver=8
-ARG osname=buster
+# Auto generated for debian10
+# from scripts/crossbuild/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make crossbuild.debian10.regen`
+#
+ARG from=debian:buster
+FROM ${from} as build
ARG DEBIAN_FRONTEND=noninteractive
@@ -15,14 +17,14 @@ RUN apt-get update && \
rm -r /var/lib/apt/lists/*
# For clang
-RUN add-apt-repository -y "deb http://apt.llvm.org/${osname}/ llvm-toolchain-${osname}-${clangver} main" && \
+RUN add-apt-repository -y "deb http://apt.llvm.org/buster/ llvm-toolchain-buster-8 main" && \
apt-key adv --fetch-keys http://apt.llvm.org/llvm-snapshot.gpg.key
RUN apt-get update && \
# Development utilities
apt-get install -y devscripts equivs git quilt rsync && \
# Compilers
- apt-get install -y g++-${gccver} llvm-${clangver} clang-${clangver} lldb-${clangver} && \
+ apt-get install -y g++ llvm-8 clang-8 lldb-8 && \
# eapol_test dependencies
apt-get install -y libnl-3-dev libnl-genl-3-dev
@@ -33,9 +35,9 @@ RUN apt-get update && \
# - doxygen & JSON.pm
RUN apt-get install -y doxygen graphviz libjson-perl
# - antora (npm needed)
-RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
+RUN curl -sL https://deb.nodesource.com/setup_20.x | bash -
RUN apt-get install -y nodejs
-RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1
+RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7
# - pandoc
WORKDIR /tmp
RUN curl -OL $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*deb" | cut -d '"' -f 4)
@@ -44,15 +46,13 @@ RUN apt-get install -y ./pandoc-*.deb
RUN apt-get install -y ruby-dev
RUN gem install asciidoctor
-# set default things
-RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-${gccver} 50 \
- --slave /usr/bin/g++ g++ /usr/bin/g++-${gccver} && \
- update-alternatives --config gcc
-
-RUN update-alternatives --install /usr/bin/clang clang /usr/bin/clang-${clangver} 60 && \
+#
+# Set defaults
+#
+RUN update-alternatives --install /usr/bin/clang clang /usr/bin/clang-8 60 && \
update-alternatives --config clang
-RUN update-alternatives --install /usr/bin/lldb lldb /usr/bin/lldb-${clangver} 60 && \
+RUN update-alternatives --install /usr/bin/lldb lldb /usr/bin/lldb-8 60 && \
update-alternatives --config lldb
@@ -70,20 +70,16 @@ WORKDIR /usr/local/src/repositories
ARG source=https://github.com/FreeRADIUS/freeradius-server.git
RUN git clone --depth 1 --no-single-branch ${source}
-
#
-# Install build dependencies for all v3 branches
+# Install build dependencies for all branches from v3 onwards
#
WORKDIR freeradius-server
-RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^v3\..*\.x");\
+RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master)$");\
do \
git checkout $i; \
if [ -e ./debian/control.in ] ; then \
debian/rules debian/control ; \
fi ; \
- echo Installing dependencies for $i ; \
- mk-build-deps debian/control ; \
- apt-get --no-install-recommends -y -V install ./freeradius-build-deps*.deb || true ; \
- apt-get -y -f remove freeradius-build-deps libiodbc2-dev || true ; \
- rm ./freeradius-build-deps*.deb ; \
+ echo 'y' | \
+ mk-build-deps -irt'apt-get -yV' debian/control ; \
done
diff --git a/scripts/crossbuild/docker/ubuntu16/Dockerfile b/scripts/crossbuild/docker/debian11/Dockerfile
index dbec6f9..0a77893 100644
--- a/scripts/crossbuild/docker/ubuntu16/Dockerfile
+++ b/scripts/crossbuild/docker/debian11/Dockerfile
@@ -1,8 +1,10 @@
-FROM ubuntu:16.04
-
-ARG gccver=4.9
-ARG clangver=5.0
-ARG osname=xenial
+# Auto generated for debian11
+# from scripts/crossbuild/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make crossbuild.debian11.regen`
+#
+ARG from=debian:bullseye
+FROM ${from} as build
ARG DEBIAN_FRONTEND=noninteractive
@@ -10,24 +12,16 @@ ARG DEBIAN_FRONTEND=noninteractive
# Install add-apt-repository
#
RUN apt-get update && \
- apt-get install -y software-properties-common python-software-properties apt-transport-https curl && \
+ apt-get install -y software-properties-common gnupg2 procps && \
apt-get clean && \
rm -r /var/lib/apt/lists/*
-# Requires GCC-4.9 as it has support for C11 keywords and atomics
-
-# For clang
-RUN add-apt-repository -y "deb http://apt.llvm.org/${osname}/ llvm-toolchain-${osname}-${clangver} main" && \
- curl -o /tmp/llvm-snapshot.gpg.key https://apt.llvm.org/llvm-snapshot.gpg.key && \
- apt-key add /tmp/llvm-snapshot.gpg.key && \
-# For GCC
- add-apt-repository -y ppa:ubuntu-toolchain-r/test
RUN apt-get update && \
# Development utilities
apt-get install -y devscripts equivs git quilt rsync && \
# Compilers
- apt-get install -y g++-${gccver} llvm-${clangver} clang-${clangver} lldb-${clangver} && \
+ apt-get install -y g++ llvm clang lldb && \
# eapol_test dependencies
apt-get install -y libnl-3-dev libnl-genl-3-dev
@@ -38,9 +32,9 @@ RUN apt-get update && \
# - doxygen & JSON.pm
RUN apt-get install -y doxygen graphviz libjson-perl
# - antora (npm needed)
-RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
+RUN curl -sL https://deb.nodesource.com/setup_20.x | bash -
RUN apt-get install -y nodejs
-RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1
+RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7
# - pandoc
WORKDIR /tmp
RUN curl -OL $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*deb" | cut -d '"' -f 4)
@@ -49,16 +43,6 @@ RUN apt-get install -y ./pandoc-*.deb
RUN apt-get install -y ruby-dev
RUN gem install asciidoctor
-# set default things
-RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-${gccver} 50 \
- --slave /usr/bin/g++ g++ /usr/bin/g++-${gccver} && \
- update-alternatives --config gcc
-
-RUN update-alternatives --install /usr/bin/clang clang /usr/bin/clang-${clangver} 60 && \
- update-alternatives --config clang
-
-RUN update-alternatives --install /usr/bin/lldb lldb /usr/bin/lldb-${clangver} 60 && \
- update-alternatives --config lldb
#
@@ -82,5 +66,9 @@ WORKDIR freeradius-server
RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master)$");\
do \
git checkout $i; \
- if [ -e ./debian/control.in ] ; then debian/rules debian/control ; fi ; echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control ; \
+ if [ -e ./debian/control.in ] ; then \
+ debian/rules debian/control ; \
+ fi ; \
+ echo 'y' | \
+ mk-build-deps -irt'apt-get -yV' debian/control ; \
done
diff --git a/scripts/crossbuild/docker/debian12/Dockerfile b/scripts/crossbuild/docker/debian12/Dockerfile
new file mode 100644
index 0000000..78eb501
--- /dev/null
+++ b/scripts/crossbuild/docker/debian12/Dockerfile
@@ -0,0 +1,74 @@
+# Auto generated for debian12
+# from scripts/crossbuild/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make crossbuild.debian12.regen`
+#
+ARG from=debian:bookworm
+FROM ${from} as build
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+#
+# Install add-apt-repository
+#
+RUN apt-get update && \
+ apt-get install -y software-properties-common gnupg2 procps && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+
+RUN apt-get update && \
+# Development utilities
+ apt-get install -y devscripts equivs git quilt rsync && \
+# Compilers
+ apt-get install -y g++ llvm clang lldb && \
+# eapol_test dependencies
+ apt-get install -y libnl-3-dev libnl-genl-3-dev
+
+#
+# Documentation build dependecies
+#
+
+# - doxygen & JSON.pm
+RUN apt-get install -y doxygen graphviz libjson-perl
+# - antora (npm needed)
+RUN curl -sL https://deb.nodesource.com/setup_20.x | bash -
+RUN apt-get install -y nodejs
+RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7
+# - pandoc
+WORKDIR /tmp
+RUN curl -OL $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*deb" | cut -d '"' -f 4)
+RUN apt-get install -y ./pandoc-*.deb
+# - asciidoctor
+RUN apt-get install -y ruby-dev
+RUN gem install asciidoctor
+
+
+
+#
+# Setup a src dir in /usr/local
+#
+RUN mkdir -p /usr/local/src/repositories
+WORKDIR /usr/local/src/repositories
+
+
+#
+# Shallow clone the FreeRADIUS source
+#
+WORKDIR /usr/local/src/repositories
+ARG source=https://github.com/FreeRADIUS/freeradius-server.git
+RUN git clone --depth 1 --no-single-branch ${source}
+
+#
+# Install build dependencies for all branches from v3 onwards
+#
+WORKDIR freeradius-server
+RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master)$");\
+ do \
+ git checkout $i; \
+ if [ -e ./debian/control.in ] ; then \
+ debian/rules debian/control ; \
+ fi ; \
+ echo 'y' | \
+ mk-build-deps -irt'apt-get -yV' debian/control ; \
+ done
diff --git a/scripts/crossbuild/docker/debian8/Dockerfile b/scripts/crossbuild/docker/debian8/Dockerfile
deleted file mode 100644
index 094faa3..0000000
--- a/scripts/crossbuild/docker/debian8/Dockerfile
+++ /dev/null
@@ -1,84 +0,0 @@
-FROM debian:jessie
-
-ARG gccver=4.9
-ARG clangver=5.0
-ARG osname=jessie
-
-ARG DEBIAN_FRONTEND=noninteractive
-
-#
-# Install add-apt-repository
-#
-RUN apt-get update && \
- apt-get install -y software-properties-common python-software-properties apt-transport-https curl && \
- apt-get clean && \
- rm -r /var/lib/apt/lists/*
-
-# Requires GCC-4.9 as it has support for C11 keywords and atomics
-
-# For clang
-RUN add-apt-repository -y "deb http://apt.llvm.org/${osname}/ llvm-toolchain-${osname}-${clangver} main" && \
- curl -o /tmp/llvm-snapshot.gpg.key https://apt.llvm.org/llvm-snapshot.gpg.key && \
- apt-key add /tmp/llvm-snapshot.gpg.key
-
-RUN apt-get update && \
-# Development utilities
- apt-get install -y devscripts equivs git quilt rsync && \
-# Compilers
- apt-get install -y g++-${gccver} llvm-${clangver} clang-${clangver} lldb-${clangver} && \
-# eapol_test dependencies
- apt-get install -y libnl-3-dev libnl-genl-3-dev
-
-#
-# Documentation build dependecies
-#
-
-# - doxygen & JSON.pm
-RUN apt-get install -y doxygen graphviz libjson-perl
-# - antora (npm needed)
-RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
-RUN apt-get install -y nodejs
-RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1
-# - pandoc
-WORKDIR /tmp
-RUN curl -OL $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*deb" | cut -d '"' -f 4)
-RUN dpkg -i ./pandoc-*.deb
-RUN apt-get install -fy
-# - asciidoctor
-RUN apt-get install -y ruby
-RUN gem install asciidoctor
-
-# set default things
-RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-${gccver} 50 \
- --slave /usr/bin/g++ g++ /usr/bin/g++-${gccver} && \
- update-alternatives --config gcc
-
-RUN update-alternatives --install /usr/bin/clang clang /usr/bin/clang-${clangver} 60 && \
- update-alternatives --config clang
-
-RUN update-alternatives --install /usr/bin/lldb lldb /usr/bin/lldb-${clangver} 60 && \
- update-alternatives --config lldb
-
-
-#
-# Setup a src dir in /usr/local
-#
-RUN mkdir -p /usr/local/src/repositories
-WORKDIR /usr/local/src/repositories
-
-
-#
-# Shallow clone the FreeRADIUS source
-#
-ARG source=https://github.com/FreeRADIUS/freeradius-server.git
-RUN git clone --depth 1 --no-single-branch ${source}
-
-#
-# Install build dependencies for all branches from v3 onwards
-#
-WORKDIR freeradius-server
-RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master)$");\
- do \
- git checkout $i; \
- if [ -e ./debian/control.in ] ; then debian/rules debian/control ; fi ; echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control ; \
- done
diff --git a/scripts/crossbuild/docker/debian9/README b/scripts/crossbuild/docker/debian9/README
deleted file mode 100644
index f7a6135..0000000
--- a/scripts/crossbuild/docker/debian9/README
+++ /dev/null
@@ -1,15 +0,0 @@
-
-Build source image
-
- docker build . -f Dockerfile.source -t freeradius:debian9-source
-
-Then either build and run jenkins image
-
- docker build . -f Dockerfile.jenkins -t freeradius:debian9-jenkins
- docker run -d -p 2222:22 freeradius:debian9-jenkins
-
-or build and run the server
-
- docker build . -t freeradius:debian9
- docker run -d -p 1812:1812/udp -p 1813:1813/udp freeradius:debian9
-
diff --git a/scripts/crossbuild/docker/centos8/Dockerfile b/scripts/crossbuild/docker/rocky8/Dockerfile
index bd856af..ba7fc56 100644
--- a/scripts/crossbuild/docker/centos8/Dockerfile
+++ b/scripts/crossbuild/docker/rocky8/Dockerfile
@@ -1,27 +1,38 @@
-FROM centos:centos8
+# Auto generated for rocky8
+# from scripts/crossbuild/m4/Dockerfile.rpm.m4
+#
+# Rebuild this file with `make crossbuild.rocky8.regen`
+#
+ARG from=rockylinux/rockylinux:8
+FROM ${from} as build
#
# Install devtools like make and git and the EPEL
# repository for freetds and hiredis
#
RUN yum update -y
-RUN yum install -y rpmdevtools openssl epel-release git yum-utils rsync dnf-plugins-core
-RUN dnf config-manager --set-enabled powertools
+RUN yum install -y rpmdevtools openssl epel-release git procps yum-utils \
+ rsync dnf-plugins-core
+
+
+RUN yum config-manager --set-enabled powertools
#
# Install GCC that has the requisite support for C11 keywords and atomics
#
RUN yum install -y gcc-toolset-9
+
#
# Documentation build dependecies
#
+
# - doxygen & JSON.pm
RUN yum install -y doxygen graphviz perl-JSON
# - antora (npm needed)
-RUN curl -sL https://rpm.nodesource.com/setup_10.x | bash -
+RUN curl -sL https://rpm.nodesource.com/setup_20.x | bash -
RUN yum install -y nodejs
-RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1
+RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7
# - pandoc
RUN curl -o - -L $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*tar.gz" | cut -d '"' -f 4) | tar xzvf - -C /tmp/
RUN mv /tmp/pandoc-*/bin/* /usr/local/bin
@@ -56,14 +67,19 @@ RUN git clone --depth 1 --no-single-branch ${source}
#
# Install build dependencies for all branches from v3 onwards
+# Nodesource has issues (no SRPMS in some repos) and is not needed here
+# CentOS/RHEL 7 do not support "-D" for yum-builddep so do that separately below if needed
#
WORKDIR freeradius-server
RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master)$");\
do \
git checkout $i; \
- [ -e redhat/freeradius.spec ] && yum-builddep -y redhat/freeradius.spec; \
+ [ -e redhat/freeradius.spec ] && yum-builddep -D "_with_rlm_yubikey 1" -y redhat/freeradius.spec; \
done
+
+RUN yum install -y libyubikey-devel
+
#
# Which is required by fixture setup utilities
#
@@ -75,7 +91,12 @@ RUN yum install -y which
RUN yum install -y libnl3-devel
#
+# We test with TLS1.1, but that is disabled by default on some
+# newer systems.
+#
+RUN update-crypto-policies --set LEGACY
+
+#
# Create the RPM build tree
#
-ENV BUILDDIR=/root/rpmbuild
RUN rpmdev-setuptree
diff --git a/scripts/crossbuild/docker/rocky9/Dockerfile b/scripts/crossbuild/docker/rocky9/Dockerfile
new file mode 100644
index 0000000..9936fe4
--- /dev/null
+++ b/scripts/crossbuild/docker/rocky9/Dockerfile
@@ -0,0 +1,91 @@
+# Auto generated for rocky9
+# from scripts/crossbuild/m4/Dockerfile.rpm.m4
+#
+# Rebuild this file with `make crossbuild.rocky9.regen`
+#
+ARG from=rockylinux/rockylinux:9
+FROM ${from} as build
+
+#
+# Install yum
+#
+RUN dnf install -y yum
+
+#
+# Install devtools like make and git and the EPEL
+# repository for freetds and hiredis
+#
+RUN yum update -y
+RUN yum install -y rpmdevtools openssl epel-release git procps yum-utils \
+ rsync dnf-plugins-core
+
+
+
+RUN yum config-manager --set-enabled crb
+
+#
+# Documentation build dependecies
+#
+
+# - doxygen & JSON.pm
+RUN yum install -y doxygen graphviz perl-JSON
+# - antora (npm needed)
+RUN curl -sL https://rpm.nodesource.com/setup_20.x | bash -
+RUN yum install -y nodejs
+RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7
+# - pandoc
+RUN curl -o - -L $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*tar.gz" | cut -d '"' -f 4) | tar xzvf - -C /tmp/
+RUN mv /tmp/pandoc-*/bin/* /usr/local/bin
+# - asciidoctor
+RUN yum install -y rubygems-devel
+RUN gem install asciidoctor
+
+#
+# Setup a src dir in /usr/local
+#
+RUN mkdir -p /usr/local/src/repositories
+WORKDIR /usr/local/src/repositories
+
+
+#
+# Shallow clone the FreeRADIUS source
+#
+WORKDIR /usr/local/src/repositories
+ARG source=https://github.com/FreeRADIUS/freeradius-server.git
+RUN git clone --depth 1 --no-single-branch ${source}
+
+#
+# Install build dependencies for all branches from v3 onwards
+# Nodesource has issues (no SRPMS in some repos) and is not needed here
+# CentOS/RHEL 7 do not support "-D" for yum-builddep so do that separately below if needed
+#
+WORKDIR freeradius-server
+RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master)$");\
+ do \
+ git checkout $i; \
+ [ -e redhat/freeradius.spec ] && yum-builddep -D "_with_rlm_yubikey 1" -y redhat/freeradius.spec; \
+ done
+
+
+RUN yum install -y libyubikey-devel
+
+#
+# Which is required by fixture setup utilities
+#
+RUN yum install -y which
+
+#
+# Explicitly install libnl3-devel which is required for the EAP tests
+#
+RUN yum install -y libnl3-devel
+
+#
+# We test with TLS1.1, but that is disabled by default on some
+# newer systems.
+#
+RUN update-crypto-policies --set LEGACY
+
+#
+# Create the RPM build tree
+#
+RUN rpmdev-setuptree
diff --git a/scripts/crossbuild/docker/ubuntu18/Dockerfile b/scripts/crossbuild/docker/ubuntu18/Dockerfile
index 874e3ec..1bea0bf 100644
--- a/scripts/crossbuild/docker/ubuntu18/Dockerfile
+++ b/scripts/crossbuild/docker/ubuntu18/Dockerfile
@@ -1,8 +1,10 @@
-FROM ubuntu:18.04
-
-ARG gccver=4.9
-ARG clangver=5.0
-ARG osname=bionic
+# Auto generated for ubuntu18
+# from scripts/crossbuild/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make crossbuild.ubuntu18.regen`
+#
+ARG from=ubuntu:18.04
+FROM ${from} as build
ARG DEBIAN_FRONTEND=noninteractive
@@ -10,10 +12,11 @@ ARG DEBIAN_FRONTEND=noninteractive
# Install add-apt-repository
#
RUN apt-get update && \
- apt-get install -y software-properties-common && \
+ apt-get install -y software-properties-common gnupg2 procps && \
apt-get clean && \
rm -r /var/lib/apt/lists/*
+
RUN apt-get update && \
# Development utilities
apt-get install -y devscripts equivs git quilt rsync && \
@@ -29,9 +32,9 @@ RUN apt-get update && \
# - doxygen & JSON.pm
RUN apt-get install -y doxygen graphviz libjson-perl
# - antora (npm needed)
-RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
+RUN curl -sL https://deb.nodesource.com/setup_16.x | bash -
RUN apt-get install -y nodejs
-RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1
+RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7
# - pandoc
WORKDIR /tmp
RUN curl -OL $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*deb" | cut -d '"' -f 4)
@@ -40,6 +43,8 @@ RUN apt-get install -y ./pandoc-*.deb
RUN apt-get install -y ruby-dev
RUN gem install asciidoctor
+
+
#
# Setup a src dir in /usr/local
#
@@ -61,5 +66,9 @@ WORKDIR freeradius-server
RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master)$");\
do \
git checkout $i; \
- if [ -e ./debian/control.in ] ; then debian/rules debian/control ; fi ; echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control ; \
+ if [ -e ./debian/control.in ] ; then \
+ debian/rules debian/control ; \
+ fi ; \
+ echo 'y' | \
+ mk-build-deps -irt'apt-get -yV' debian/control ; \
done
diff --git a/scripts/crossbuild/docker/ubuntu20/Dockerfile b/scripts/crossbuild/docker/ubuntu20/Dockerfile
index c813b2f..a58e634 100644
--- a/scripts/crossbuild/docker/ubuntu20/Dockerfile
+++ b/scripts/crossbuild/docker/ubuntu20/Dockerfile
@@ -1,8 +1,10 @@
-FROM ubuntu:20.04
-
-ARG gccver=4.9
-ARG clangver=5.0
-ARG osname=bionic
+# Auto generated for ubuntu20
+# from scripts/crossbuild/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make crossbuild.ubuntu20.regen`
+#
+ARG from=ubuntu:20.04
+FROM ${from} as build
ARG DEBIAN_FRONTEND=noninteractive
@@ -10,10 +12,11 @@ ARG DEBIAN_FRONTEND=noninteractive
# Install add-apt-repository
#
RUN apt-get update && \
- apt-get install -y software-properties-common && \
+ apt-get install -y software-properties-common gnupg2 procps && \
apt-get clean && \
rm -r /var/lib/apt/lists/*
+
RUN apt-get update && \
# Development utilities
apt-get install -y devscripts equivs git quilt rsync && \
@@ -29,9 +32,9 @@ RUN apt-get update && \
# - doxygen & JSON.pm
RUN apt-get install -y doxygen graphviz libjson-perl
# - antora (npm needed)
-RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
+RUN curl -sL https://deb.nodesource.com/setup_20.x | bash -
RUN apt-get install -y nodejs
-RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1
+RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7
# - pandoc
WORKDIR /tmp
RUN curl -OL $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*deb" | cut -d '"' -f 4)
@@ -40,6 +43,8 @@ RUN apt-get install -y ./pandoc-*.deb
RUN apt-get install -y ruby-dev
RUN gem install asciidoctor
+
+
#
# Setup a src dir in /usr/local
#
@@ -61,5 +66,9 @@ WORKDIR freeradius-server
RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master)$");\
do \
git checkout $i; \
- if [ -e ./debian/control.in ] ; then debian/rules debian/control ; fi ; echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control ; \
+ if [ -e ./debian/control.in ] ; then \
+ debian/rules debian/control ; \
+ fi ; \
+ echo 'y' | \
+ mk-build-deps -irt'apt-get -yV' debian/control ; \
done
diff --git a/scripts/crossbuild/docker/ubuntu22/Dockerfile b/scripts/crossbuild/docker/ubuntu22/Dockerfile
new file mode 100644
index 0000000..677c912
--- /dev/null
+++ b/scripts/crossbuild/docker/ubuntu22/Dockerfile
@@ -0,0 +1,74 @@
+# Auto generated for ubuntu22
+# from scripts/crossbuild/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make crossbuild.ubuntu22.regen`
+#
+ARG from=ubuntu:22.04
+FROM ${from} as build
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+#
+# Install add-apt-repository
+#
+RUN apt-get update && \
+ apt-get install -y software-properties-common gnupg2 procps && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+
+RUN apt-get update && \
+# Development utilities
+ apt-get install -y devscripts equivs git quilt rsync && \
+# Compilers
+ apt-get install -y g++ llvm clang lldb && \
+# eapol_test dependencies
+ apt-get install -y libnl-3-dev libnl-genl-3-dev
+
+#
+# Documentation build dependecies
+#
+
+# - doxygen & JSON.pm
+RUN apt-get install -y doxygen graphviz libjson-perl
+# - antora (npm needed)
+RUN curl -sL https://deb.nodesource.com/setup_20.x | bash -
+RUN apt-get install -y nodejs
+RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7
+# - pandoc
+WORKDIR /tmp
+RUN curl -OL $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*deb" | cut -d '"' -f 4)
+RUN apt-get install -y ./pandoc-*.deb
+# - asciidoctor
+RUN apt-get install -y ruby-dev
+RUN gem install asciidoctor
+
+
+
+#
+# Setup a src dir in /usr/local
+#
+RUN mkdir -p /usr/local/src/repositories
+WORKDIR /usr/local/src/repositories
+
+
+#
+# Shallow clone the FreeRADIUS source
+#
+WORKDIR /usr/local/src/repositories
+ARG source=https://github.com/FreeRADIUS/freeradius-server.git
+RUN git clone --depth 1 --no-single-branch ${source}
+
+#
+# Install build dependencies for all branches from v3 onwards
+#
+WORKDIR freeradius-server
+RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master)$");\
+ do \
+ git checkout $i; \
+ if [ -e ./debian/control.in ] ; then \
+ debian/rules debian/control ; \
+ fi ; \
+ echo 'y' | \
+ mk-build-deps -irt'apt-get -yV' debian/control ; \
+ done
diff --git a/scripts/crossbuild/docker/ubuntu24/Dockerfile b/scripts/crossbuild/docker/ubuntu24/Dockerfile
new file mode 100644
index 0000000..966faf0
--- /dev/null
+++ b/scripts/crossbuild/docker/ubuntu24/Dockerfile
@@ -0,0 +1,74 @@
+# Auto generated for ubuntu24
+# from scripts/crossbuild/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make crossbuild.ubuntu24.regen`
+#
+ARG from=ubuntu:24.04
+FROM ${from} as build
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+#
+# Install add-apt-repository
+#
+RUN apt-get update && \
+ apt-get install -y software-properties-common gnupg2 procps && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+
+RUN apt-get update && \
+# Development utilities
+ apt-get install -y devscripts equivs git quilt rsync fakeroot && \
+# Compilers
+ apt-get install -y g++ llvm clang lldb && \
+# eapol_test dependencies
+ apt-get install -y libnl-3-dev libnl-genl-3-dev
+
+#
+# Documentation build dependecies
+#
+
+# - doxygen & JSON.pm
+RUN apt-get install -y doxygen graphviz libjson-perl
+# - antora (npm needed)
+RUN curl -sL https://deb.nodesource.com/setup_20.x | bash -
+RUN apt-get install -y nodejs
+RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7
+# - pandoc
+WORKDIR /tmp
+RUN curl -OL $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*deb" | cut -d '"' -f 4)
+RUN apt-get install -y ./pandoc-*.deb
+# - asciidoctor
+RUN apt-get install -y ruby-dev
+RUN gem install asciidoctor
+
+
+
+#
+# Setup a src dir in /usr/local
+#
+RUN mkdir -p /usr/local/src/repositories
+WORKDIR /usr/local/src/repositories
+
+
+#
+# Shallow clone the FreeRADIUS source
+#
+WORKDIR /usr/local/src/repositories
+ARG source=https://github.com/FreeRADIUS/freeradius-server.git
+RUN git clone --depth 1 --no-single-branch ${source}
+
+#
+# Install build dependencies for all branches from v3 onwards
+#
+WORKDIR freeradius-server
+RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master)$");\
+ do \
+ git checkout $i; \
+ if [ -e ./debian/control.in ] ; then \
+ debian/rules debian/control ; \
+ fi ; \
+ echo 'y' | \
+ mk-build-deps -irt'apt-get -yV' debian/control ; \
+ done
diff --git a/scripts/crossbuild/docker/debian9/Dockerfile b/scripts/crossbuild/m4/Dockerfile.deb.m4
index 9b47832..a1bfca8 100644
--- a/scripts/crossbuild/docker/debian9/Dockerfile
+++ b/scripts/crossbuild/m4/Dockerfile.deb.m4
@@ -1,8 +1,5 @@
-FROM debian:stretch
-
-ARG gccver=6
-ARG clangver=5.0
-ARG osname=stretch
+ARG from=DOCKER_IMAGE
+FROM ${from} as build
ARG DEBIAN_FRONTEND=noninteractive
@@ -10,35 +7,38 @@ ARG DEBIAN_FRONTEND=noninteractive
# Install add-apt-repository
#
RUN apt-get update && \
- apt-get install -y software-properties-common gnupg2 apt-transport-https curl && \
+ apt-get install -y software-properties-common gnupg2 procps && \
apt-get clean && \
rm -r /var/lib/apt/lists/*
-# Stretch uses GCC-6.3 by default, so it doesn't need to be updated to get C11 functionality.
-
+define(`CLANG_PKGS', `llvm clang lldb')dnl
+ifelse(D_NAME, `debian10', `dnl
+define(`CLANG_VER', `8')dnl
+define(`CLANG_PKGS', `llvm-CLANG_VER clang-CLANG_VER lldb-CLANG_VER')dnl
# For clang
-RUN add-apt-repository -y "deb http://apt.llvm.org/${osname}/ llvm-toolchain-${osname}-${clangver} main" && \
- curl -o /tmp/llvm-snapshot.gpg.key https://apt.llvm.org/llvm-snapshot.gpg.key && \
- apt-key add /tmp/llvm-snapshot.gpg.key
+RUN add-apt-repository -y "deb http://apt.llvm.org/OS_CODENAME/ llvm-toolchain-OS_CODENAME-CLANG_VER main" && \
+ apt-key adv --fetch-keys http://apt.llvm.org/llvm-snapshot.gpg.key
+')dnl
RUN apt-get update && \
# Development utilities
- apt-get install -y devscripts equivs git quilt rsync && \
+ apt-get install -y devscripts equivs git quilt rsync fakeroot && \
# Compilers
- apt-get install -y g++-${gccver} llvm-${clangver} clang-${clangver} lldb-${clangver} && \
+ apt-get install -y g++ CLANG_PKGS && \
# eapol_test dependencies
apt-get install -y libnl-3-dev libnl-genl-3-dev
#
# Documentation build dependecies
#
+define(`NODE_VER', ifelse(D_NAME, `ubuntu18', `16', `20'))dnl
# - doxygen & JSON.pm
RUN apt-get install -y doxygen graphviz libjson-perl
# - antora (npm needed)
-RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
-RUN apt-get install -y npm
-RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1
+RUN curl -sL https://deb.nodesource.com/setup_`'NODE_VER.x | bash -
+RUN apt-get install -y nodejs
+RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7
# - pandoc
WORKDIR /tmp
RUN curl -OL $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*deb" | cut -d '"' -f 4)
@@ -47,17 +47,16 @@ RUN apt-get install -y ./pandoc-*.deb
RUN apt-get install -y ruby-dev
RUN gem install asciidoctor
-# set default things
-RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-${gccver} 50 \
- --slave /usr/bin/g++ g++ /usr/bin/g++-${gccver} && \
- update-alternatives --config gcc
-
-RUN update-alternatives --install /usr/bin/clang clang /usr/bin/clang-${clangver} 60 && \
+ifelse(D_NAME, `debian10', `dnl
+#
+# Set defaults
+#
+RUN update-alternatives --install /usr/bin/clang clang /usr/bin/clang-CLANG_VER 60 && \
update-alternatives --config clang
-RUN update-alternatives --install /usr/bin/lldb lldb /usr/bin/lldb-${clangver} 60 && \
+RUN update-alternatives --install /usr/bin/lldb lldb /usr/bin/lldb-CLANG_VER 60 && \
update-alternatives --config lldb
-
+')
#
# Setup a src dir in /usr/local
@@ -80,5 +79,9 @@ WORKDIR freeradius-server
RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master)$");\
do \
git checkout $i; \
- if [ -e ./debian/control.in ] ; then debian/rules debian/control ; fi ; echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control ; \
+ if [ -e ./debian/control.in ] ; then \
+ debian/rules debian/control ; \
+ fi ; \
+ echo 'y' | \
+ mk-build-deps -irt'apt-get -yV' debian/control ; \
done
diff --git a/scripts/crossbuild/m4/Dockerfile.rpm.m4 b/scripts/crossbuild/m4/Dockerfile.rpm.m4
new file mode 100644
index 0000000..714ee6e
--- /dev/null
+++ b/scripts/crossbuild/m4/Dockerfile.rpm.m4
@@ -0,0 +1,146 @@
+ARG from=DOCKER_IMAGE
+FROM ${from} as build
+
+ifelse(OS_VER, 7, `dnl
+#
+# CentOS 7 is now EOL, so we need to fix up the repo source
+#
+RUN sed -i "s/^mirrorlist/#mirrorlist/g" /etc/yum.repos.d/CentOS-*
+RUN sed -i "s|#\s*baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*
+')dnl
+
+ifelse(OS_VER, `9', `dnl
+#
+# Install yum
+#
+RUN dnf install -y yum
+')dnl
+
+#
+# Install devtools like make and git and the EPEL
+# repository for freetds and hiredis
+#
+RUN yum update -y
+RUN yum install -y rpmdevtools openssl epel-release git procps yum-utils \
+ rsync ifelse(OS_VER, `7',, `dnf-plugins-core')
+
+ifelse(OS_VER, `7', `dnl
+#
+# Install GCC that has the requisite support for C11 keywords and atomics
+#
+RUN yum install -y centos-release-scl
+RUN sed -i "s/^mirrorlist/#mirrorlist/g" /etc/yum.repos.d/CentOS-*
+RUN sed -i "s|#\s*baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*
+RUN yum install -y devtoolset-8-gcc devtoolset-8-gcc-c++
+ENV CC=/opt/rh/devtoolset-8/root/usr/bin/gcc
+
+#
+# Remove the CentOS-SCLo repo which is apparently not valid?
+# See: https://bugs.centos.org/view.php?id=14773
+#
+RUN rm /etc/yum.repos.d/CentOS-SCLo-scl-rh.repo
+RUN rm /etc/yum.repos.d/CentOS-SCLo-scl.repo
+')dnl
+
+ifelse(OS_VER, `8', `dnl
+RUN yum config-manager --set-enabled powertools
+
+#
+# Install GCC that has the requisite support for C11 keywords and atomics
+#
+RUN yum install -y gcc-toolset-9
+')dnl
+
+ifelse(OS_VER, `9', `dnl
+RUN yum config-manager --set-enabled crb
+')dnl
+
+#
+# Documentation build dependecies
+#
+define(`NODE_VER', ifelse(OS_VER, 7, `16', `20'))dnl
+
+# - doxygen & JSON.pm
+RUN yum install -y doxygen graphviz perl-JSON
+# - antora (npm needed)
+RUN curl -sL https://rpm.nodesource.com/setup_`'NODE_VER.x | bash -
+RUN yum install -y nodejs
+RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7
+# - pandoc
+RUN curl -o - -L $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*tar.gz" | cut -d '"' -f 4) | tar xzvf - -C /tmp/
+RUN mv /tmp/pandoc-*/bin/* /usr/local/bin
+# - asciidoctor
+RUN yum install -y rubygems-devel
+RUN gem install asciidoctor
+
+#
+# Setup a src dir in /usr/local
+#
+RUN mkdir -p /usr/local/src/repositories
+WORKDIR /usr/local/src/repositories
+
+changequote([{,}])dnl Only add LTB on centos7/rocky8
+ifelse(ifelse(OS_VER, 7, yes, OS_VER, 8, yes, no), yes, [{dnl
+#
+# Use LTB's openldap packages intead of the distribution version to avoid linking against NSS
+#
+RUN echo $'[ltb-project]\n\
+name=LTB project packages\n\
+baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\
+enabled=1\n\
+gpgcheck=1\n\
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\
+> /etc/yum.repos.d/ltb-project.repo
+RUN rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project
+}])dnl
+changequote(`,')dnl
+
+#
+# Shallow clone the FreeRADIUS source
+#
+WORKDIR /usr/local/src/repositories
+ARG source=https://github.com/FreeRADIUS/freeradius-server.git
+RUN git clone --depth 1 --no-single-branch ${source}
+
+#
+# Install build dependencies for all branches from v3 onwards
+# Nodesource has issues (no SRPMS in some repos) and is not needed here
+# CentOS/RHEL 7 do not support "-D" for yum-builddep so do that separately below if needed
+#
+define(`BUILDDEP_EXTRA', ifelse(OS_VER, 7, `--disablerepo="nodesource*"', `-D "_with_rlm_yubikey 1"'))dnl
+WORKDIR freeradius-server
+RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master)$");\
+ do \
+ git checkout $i; \
+ [ -e redhat/freeradius.spec ] && yum-builddep BUILDDEP_EXTRA -y redhat/freeradius.spec; \
+ done
+
+ifelse(OS_VER, 7,`dnl
+# Yubikey deps for CentOS/RHEL 7
+RUN yum install -y ykclient-devel ykclient
+')dnl
+
+RUN yum install -y libyubikey-devel
+
+#
+# Which is required by fixture setup utilities
+#
+RUN yum install -y which
+
+#
+# Explicitly install libnl3-devel which is required for the EAP tests
+#
+RUN yum install -y libnl3-devel
+
+ifelse(OS_VER, 7,, `dnl
+#
+# We test with TLS1.1, but that is disabled by default on some
+# newer systems.
+#
+RUN update-crypto-policies --set LEGACY
+')dnl
+
+#
+# Create the RPM build tree
+#
+RUN rpmdev-setuptree
diff --git a/scripts/docker/centos7/Dockerfile b/scripts/docker/centos7/Dockerfile
deleted file mode 100644
index efa56eb..0000000
--- a/scripts/docker/centos7/Dockerfile
+++ /dev/null
@@ -1,96 +0,0 @@
-ARG from=centos:centos7
-FROM ${from} as build
-
-#
-# Install build tools
-#
-RUN yum groupinstall -y "Development Tools"
-RUN yum install -y rpmdevtools
-RUN yum install -y openssl
-
-#
-# Create build directory
-#
-RUN mkdir -p /usr/local/src/repositories
-WORKDIR /usr/local/src/repositories
-
-#
-# Shallow clone the FreeRADIUS source
-#
-ARG source=https://github.com/FreeRADIUS/freeradius-server.git
-ARG release=v3.2.x
-
-RUN git clone --depth 1 --single-branch --branch ${release} ${source}
-WORKDIR freeradius-server
-
-#
-# Other requirements
-#
-
-# Use LTB's openldap packages intead of the distribution version to avoid linking against NSS
-RUN echo $'[ltb-project]\n\
-name=LTB project packages\n\
-baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\
-enabled=1\n\
-gpgcheck=1\n\
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\
-> /etc/yum.repos.d/ltb-project.repo
-RUN rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project
-
-# EPEL repository for freetds and hiredis
-RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
-
-#
-# Install build dependencies
-#
-RUN [ -e redhat/freeradius.spec ] && yum-builddep -y redhat/freeradius.spec
-
-#
-# Create RPM build environment
-#
-ENV BUILDDIR=/root/rpmbuild
-RUN rpmdev-setuptree
-
-RUN ./configure
-RUN make freeradius-server-$(cat VERSION).tar.bz2
-RUN cp freeradius-server-$(cat VERSION).tar.bz2 $BUILDDIR/SOURCES/
-RUN cp -r redhat/* $BUILDDIR/SOURCES/
-RUN cp -r redhat/freeradius.spec $BUILDDIR/SPECS/
-WORKDIR $BUILDDIR
-
-#
-# Build the server
-#
-ENV QA_RPATHS=0x0003
-RUN rpmbuild -bb --define '_release $release' "$BUILDDIR/SPECS/freeradius.spec"
-
-RUN mkdir /root/rpms
-RUN mv $BUILDDIR/RPMS/*/*.rpm /root/rpms/
-
-#
-# Clean environment and run the server
-#
-FROM ${from}
-COPY --from=build /root/rpms /tmp/
-
-# Use LTB's openldap packages intead of the distribution version to avoid linking against NSS
-RUN echo $'[ltb-project]\n\
-name=LTB project packages\n\
-baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\
-enabled=1\n\
-gpgcheck=1\n\
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\
-> /etc/yum.repos.d/ltb-project.repo \
- && rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project \
- \
-# EPEL repository for freetds and hiredis
- && yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm \
- \
- && yum install -y /tmp/*.rpm
-
-COPY docker-entrypoint.sh /
-RUN chmod +x /docker-entrypoint.sh
-
-EXPOSE 1812/udp 1813/udp
-ENTRYPOINT ["/docker-entrypoint.sh"]
-CMD ["radiusd"]
diff --git a/scripts/docker/debian10/Dockerfile b/scripts/docker/debian10/Dockerfile
deleted file mode 100644
index 441bed7..0000000
--- a/scripts/docker/debian10/Dockerfile
+++ /dev/null
@@ -1,59 +0,0 @@
-ARG from=debian:buster
-FROM ${from} as build
-
-ARG DEBIAN_FRONTEND=noninteractive
-
-#
-# Install build tools
-#
-RUN apt-get update
-RUN apt-get install -y devscripts equivs git quilt gcc
-
-#
-# Create build directory
-#
-RUN mkdir -p /usr/local/src/repositories
-WORKDIR /usr/local/src/repositories
-
-#
-# Shallow clone the FreeRADIUS source
-#
-ARG source=https://github.com/FreeRADIUS/freeradius-server.git
-ARG release=v3.2.x
-
-RUN git clone --depth 1 --single-branch --branch ${release} ${source}
-WORKDIR freeradius-server
-
-#
-# Install build dependencies
-#
-RUN git checkout ${release}; \
- if [ -e ./debian/control.in ]; then \
- debian/rules debian/control; \
- fi; \
- echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
-
-#
-# Build the server
-#
-RUN make -j2 deb
-
-#
-# Clean environment and run the server
-#
-FROM ${from}
-COPY --from=build /usr/local/src/repositories/*.deb /tmp/
-
-RUN apt-get update \
- && apt-get install -y /tmp/*.deb \
- && apt-get clean \
- && rm -r /var/lib/apt/lists/* /tmp/*.deb \
- \
- && ln -s /etc/freeradius /etc/raddb
-
-COPY docker-entrypoint.sh /
-RUN chmod +x /docker-entrypoint.sh
-
-EXPOSE 1812/udp 1813/udp
-ENTRYPOINT ["/docker-entrypoint.sh"]
-CMD ["freeradius"]
diff --git a/scripts/docker/debian11/Dockerfile b/scripts/docker/debian11/Dockerfile
deleted file mode 100644
index 7a9931c..0000000
--- a/scripts/docker/debian11/Dockerfile
+++ /dev/null
@@ -1,64 +0,0 @@
-ARG from=debian:bullseye
-FROM ${from} as build
-
-ARG DEBIAN_FRONTEND=noninteractive
-
-#
-# Install build tools
-#
-RUN apt-get update
-RUN apt-get install -y devscripts equivs git quilt gcc
-
-#
-# Create build directory
-#
-RUN mkdir -p /usr/local/src/repositories
-WORKDIR /usr/local/src/repositories
-
-#
-# Shallow clone the FreeRADIUS source
-#
-ARG source=https://github.com/FreeRADIUS/freeradius-server.git
-ARG release=v3.2.x
-
-RUN git clone --depth 1 --single-branch --branch ${release} ${source}
-WORKDIR freeradius-server
-
-#
-# Install build dependencies
-#
-RUN git checkout ${release}; \
- if [ -e ./debian/control.in ]; then \
- debian/rules debian/control; \
- fi; \
- echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
-
-#
-# Build the server
-#
-RUN make -j2 deb
-
-#
-# Clean environment and run the server
-#
-FROM ${from}
-COPY --from=build /usr/local/src/repositories/*.deb /tmp/
-
-ARG freerad_uid=101
-ARG freerad_gid=101
-
-RUN groupadd -g ${freerad_gid} -r freerad \
- && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \
- && apt-get update \
- && apt-get install -y /tmp/*.deb \
- && apt-get clean \
- && rm -r /var/lib/apt/lists/* /tmp/*.deb \
- \
- && ln -s /etc/freeradius /etc/raddb
-
-COPY docker-entrypoint.sh /
-RUN chmod +x /docker-entrypoint.sh
-
-EXPOSE 1812/udp 1813/udp
-ENTRYPOINT ["/docker-entrypoint.sh"]
-CMD ["freeradius"]
diff --git a/scripts/docker/debian9/Dockerfile b/scripts/docker/debian9/Dockerfile
deleted file mode 100644
index 1a34f7f..0000000
--- a/scripts/docker/debian9/Dockerfile
+++ /dev/null
@@ -1,59 +0,0 @@
-ARG from=debian:stretch
-FROM ${from} as build
-
-ARG DEBIAN_FRONTEND=noninteractive
-
-#
-# Install build tools
-#
-RUN apt-get update
-RUN apt-get install -y devscripts equivs git quilt gcc
-
-#
-# Create build directory
-#
-RUN mkdir -p /usr/local/src/repositories
-WORKDIR /usr/local/src/repositories
-
-#
-# Shallow clone the FreeRADIUS source
-#
-ARG source=https://github.com/FreeRADIUS/freeradius-server.git
-ARG release=v3.2.x
-
-RUN git clone --depth 1 --single-branch --branch ${release} ${source}
-WORKDIR freeradius-server
-
-#
-# Install build dependencies
-#
-RUN git checkout ${release}; \
- if [ -e ./debian/control.in ]; then \
- debian/rules debian/control; \
- fi; \
- echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
-
-#
-# Build the server
-#
-RUN make -j2 deb
-
-#
-# Clean environment and run the server
-#
-FROM ${from}
-COPY --from=build /usr/local/src/repositories/*.deb /tmp/
-
-RUN apt-get update \
- && apt-get install -y /tmp/*.deb \
- && apt-get clean \
- && rm -r /var/lib/apt/lists/* /tmp/*.deb \
- \
- && ln -s /etc/freeradius /etc/raddb
-
-COPY docker-entrypoint.sh /
-RUN chmod +x /docker-entrypoint.sh
-
-EXPOSE 1812/udp 1813/udp
-ENTRYPOINT ["/docker-entrypoint.sh"]
-CMD ["freeradius"]
diff --git a/scripts/docker/debiansid/Dockerfile b/scripts/docker/debiansid/Dockerfile
deleted file mode 100644
index 191ec49..0000000
--- a/scripts/docker/debiansid/Dockerfile
+++ /dev/null
@@ -1,64 +0,0 @@
-ARG from=debian:sid
-FROM ${from} as build
-
-ARG DEBIAN_FRONTEND=noninteractive
-
-#
-# Install build tools
-#
-RUN apt-get update
-RUN apt-get install -y devscripts equivs git quilt gcc
-
-#
-# Create build directory
-#
-RUN mkdir -p /usr/local/src/repositories
-WORKDIR /usr/local/src/repositories
-
-#
-# Shallow clone the FreeRADIUS source
-#
-ARG source=https://github.com/FreeRADIUS/freeradius-server.git
-ARG release=v3.2.x
-
-RUN git clone --depth 1 --single-branch --branch ${release} ${source}
-WORKDIR freeradius-server
-
-#
-# Install build dependencies
-#
-RUN git checkout ${release}; \
- if [ -e ./debian/control.in ]; then \
- debian/rules debian/control; \
- fi; \
- echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
-
-#
-# Build the server
-#
-RUN make -j2 deb
-
-#
-# Clean environment and run the server
-#
-FROM ${from}
-COPY --from=build /usr/local/src/repositories/*.deb /tmp/
-
-ARG freerad_uid=101
-ARG freerad_gid=101
-
-RUN groupadd -g ${freerad_gid} -r freerad \
- && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \
- && apt-get update \
- && apt-get install -y /tmp/*.deb \
- && apt-get clean \
- && rm -r /var/lib/apt/lists/* /tmp/*.deb \
- \
- && ln -s /etc/freeradius /etc/raddb
-
-COPY docker-entrypoint.sh /
-RUN chmod +x /docker-entrypoint.sh
-
-EXPOSE 1812/udp 1813/udp
-ENTRYPOINT ["/docker-entrypoint.sh"]
-CMD ["freeradius"]
diff --git a/scripts/docker/dists/alpine/Dockerfile b/scripts/docker/dists/alpine/Dockerfile
new file mode 100644
index 0000000..04c0101
--- /dev/null
+++ b/scripts/docker/dists/alpine/Dockerfile
@@ -0,0 +1,95 @@
+# Auto generated for alpine
+# from scripts/docker/m4/Dockerfile.alpine.m4
+#
+# Rebuild this file with `make docker.alpine.regen`
+#
+ARG from=alpine:3.13
+FROM ${from} as build
+
+#
+# Install build tools
+#
+RUN apk update
+RUN apk add git gcc make
+
+#
+# Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+RUN [ -z "$release" ] || git checkout ${release}
+
+
+#
+# Install build dependencies
+#
+# essential
+RUN apk add libc-dev talloc-dev
+RUN apk add openssl openssl-dev
+RUN apk add linux-headers
+# general
+RUN apk add pcre-dev libidn-dev krb5-dev samba-dev curl-dev json-c-dev
+RUN apk add openldap-dev unbound-dev
+# languages
+RUN apk add ruby-dev perl-dev python2-dev python3-dev
+# databases
+RUN apk add hiredis-dev libmemcached-dev gdbm-dev libcouchbase-dev
+# sql
+RUN apk add postgresql-dev mariadb-dev unixodbc-dev sqlite-dev
+
+#
+# Build the server
+#
+RUN ./configure --prefix=/opt
+RUN make -j2
+RUN make install
+RUN rm /opt/lib/*.a
+
+#
+# Clean environment and run the server
+#
+FROM ${from}
+COPY --from=build /opt /opt
+
+#
+# These are needed for the server to start
+#
+RUN apk update \
+ && apk add talloc libressl pcre libwbclient tzdata \
+ \
+#
+# Libraries that are needed dependent on which modules are used
+# Some of these (especially the languages) are huge. A reasonable
+# selection has been enabled here. If you use modules needing
+# other dependencies then install any others required in your
+# local Dockerfile.
+#
+ && apk add libcurl json-c libldap hiredis sqlite-dev \
+#RUN apk add libidn krb5
+#RUN apk add unbound-libs
+#RUN apk add ruby-libs perl python2-dev python3-dev
+#RUN apk add libmemcached gdbm libcouchbase
+#RUN apk add postgresql-dev mariadb-dev unixodbc-dev
+ \
+ && ln -s /opt/etc/raddb /etc/raddb
+
+WORKDIR /
+COPY scripts/docker//etc/docker-entrypoint.sh.alpine docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["radiusd"]
diff --git a/scripts/docker/alpine/docker-entrypoint.sh b/scripts/docker/dists/alpine/docker-entrypoint.sh
index e0f9f6f..e0f9f6f 100755
--- a/scripts/docker/alpine/docker-entrypoint.sh
+++ b/scripts/docker/dists/alpine/docker-entrypoint.sh
diff --git a/scripts/docker/dists/centos7/Dockerfile b/scripts/docker/dists/centos7/Dockerfile
new file mode 100644
index 0000000..0e266b7
--- /dev/null
+++ b/scripts/docker/dists/centos7/Dockerfile
@@ -0,0 +1,134 @@
+# Auto generated for centos7
+# from scripts/docker/m4/Dockerfile.rpm.m4
+#
+# Rebuild this file with `make docker.centos7.regen`
+#
+ARG from=centos:7
+FROM ${from} as build
+
+#
+# CentOS 7 is now EOL, so we need to fix up the repo source
+#
+RUN sed -i "s/^mirrorlist/#mirrorlist/g" /etc/yum.repos.d/CentOS-*
+RUN sed -i "s|#\s*baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*
+
+
+
+#
+# Install build tools
+#
+RUN yum groupinstall -y "Development Tools"
+RUN yum install -y rpmdevtools
+RUN yum install -y openssl
+
+
+#
+# Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+ git status ; \
+ git log -1 --oneline
+
+#
+# Other requirements
+#
+
+# Use LTB's openldap packages intead of the distribution version to avoid linking against NSS
+RUN echo $'[ltb-project]\n\
+name=LTB project packages\n\
+baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\
+enabled=1\n\
+gpgcheck=1\n\
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\
+> /etc/yum.repos.d/ltb-project.repo
+RUN rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project
+
+# Enable EPEL repository for freetds and hiredis
+RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
+
+#
+# Install build dependencies
+#
+# Run twice, it doesn't always get everything with one invocation
+#
+RUN [ -e redhat/freeradius.spec ] && \
+ yum-builddep -y redhat/freeradius.spec && \
+ yum-builddep -y redhat/freeradius.spec
+
+#
+# Create RPM build environment
+#
+ENV BUILDDIR=/root/rpmbuild
+RUN rpmdev-setuptree
+
+RUN ./configure
+RUN cp VERSION /VERSION
+RUN make freeradius-server-$(cat /VERSION).tar.bz2
+RUN cp freeradius-server-$(cat /VERSION).tar.bz2 $BUILDDIR/SOURCES/
+RUN cp -r redhat/* $BUILDDIR/SOURCES/
+RUN sed -i "s/^Version:.*/Version: $(cat /VERSION)/" redhat/freeradius.spec
+RUN cp -r redhat/freeradius.spec $BUILDDIR/SPECS/
+WORKDIR $BUILDDIR
+
+#
+# Build the server
+#
+ENV QA_RPATHS=0x0003
+RUN rpmbuild -bb --define "_release $(cat /VERSION)" "$BUILDDIR/SPECS/freeradius.spec"
+
+RUN mkdir /root/rpms
+RUN mv $BUILDDIR/RPMS/*/*.rpm /root/rpms/
+
+#
+# Clean environment and run the server
+#
+FROM ${from}
+
+COPY --from=build /root/rpms /tmp/
+
+#
+# CentOS 7 is now EOL, so we need to fix up the repo source
+#
+RUN sed -i "s/^mirrorlist/#mirrorlist/g" /etc/yum.repos.d/CentOS-*
+RUN sed -i "s|#\s*baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*
+
+
+# Use LTB's openldap packages intead of the distribution version to avoid linking against NSS
+RUN echo $'[ltb-project]\n\
+name=LTB project packages\n\
+baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\
+enabled=1\n\
+gpgcheck=1\n\
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\
+> /etc/yum.repos.d/ltb-project.repo \
+ && rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project
+
+
+# EPEL repository for freetds and hiredis
+RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm \
+ \
+ && yum install -y /tmp/*.rpm
+
+WORKDIR /
+COPY scripts/docker//etc/docker-entrypoint.sh.rpm docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["radiusd"]
diff --git a/scripts/docker/centos7/docker-entrypoint.sh b/scripts/docker/dists/centos7/docker-entrypoint.sh
index 900ad6b..900ad6b 100755
--- a/scripts/docker/centos7/docker-entrypoint.sh
+++ b/scripts/docker/dists/centos7/docker-entrypoint.sh
diff --git a/scripts/docker/dists/debian10/Dockerfile b/scripts/docker/dists/debian10/Dockerfile
new file mode 100644
index 0000000..5e9e9a5
--- /dev/null
+++ b/scripts/docker/dists/debian10/Dockerfile
@@ -0,0 +1,82 @@
+# Auto generated for debian10
+# from scripts/docker/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make docker.debian10.regen`
+#
+ARG from=debian:buster
+FROM ${from} as build
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+#
+# Install build tools
+#
+RUN apt-get update
+RUN apt-get install -y devscripts equivs git quilt gcc
+
+#
+# Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+ git status ; \
+ git log -1 --oneline
+
+#
+# Install build dependencies
+#
+RUN if [ -e ./debian/control.in ]; then \
+ debian/rules debian/control; \
+ fi; \
+ echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
+
+#
+# Build the server
+#
+# Work around fakeroot problems in Docker when building for different
+# platforms - doesn't matter as we run as root in the container anyway.
+#
+#RUN make -j$(nproc) deb
+RUN debian/rules debian/control \
+ && dpkg-buildpackage --jobs=auto -b -uc
+
+#
+# Clean environment and run the server
+#
+FROM ${from}
+ARG DEBIAN_FRONTEND=noninteractive
+
+COPY --from=build /usr/local/src/repositories/*.deb /tmp/
+
+RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime
+
+RUN apt-get update \
+ && apt-get install -y tzdata \
+ && apt-get install -y /tmp/*.deb \
+ && apt-get clean \
+ && rm -r /var/lib/apt/lists/* /tmp/*.deb \
+ \
+ && ln -s /etc/freeradius /etc/raddb
+
+WORKDIR /
+COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["freeradius"]
diff --git a/scripts/docker/debian10/docker-entrypoint.sh b/scripts/docker/dists/debian10/docker-entrypoint.sh
index 93141b0..93141b0 100755
--- a/scripts/docker/debian10/docker-entrypoint.sh
+++ b/scripts/docker/dists/debian10/docker-entrypoint.sh
diff --git a/scripts/docker/dists/debian11/Dockerfile b/scripts/docker/dists/debian11/Dockerfile
new file mode 100644
index 0000000..f709d95
--- /dev/null
+++ b/scripts/docker/dists/debian11/Dockerfile
@@ -0,0 +1,87 @@
+# Auto generated for debian11
+# from scripts/docker/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make docker.debian11.regen`
+#
+ARG from=debian:bullseye
+FROM ${from} as build
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+#
+# Install build tools
+#
+RUN apt-get update
+RUN apt-get install -y devscripts equivs git quilt gcc
+
+#
+# Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+ git status ; \
+ git log -1 --oneline
+
+#
+# Install build dependencies
+#
+RUN if [ -e ./debian/control.in ]; then \
+ debian/rules debian/control; \
+ fi; \
+ echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
+
+#
+# Build the server
+#
+# Work around fakeroot problems in Docker when building for different
+# platforms - doesn't matter as we run as root in the container anyway.
+#
+#RUN make -j$(nproc) deb
+RUN debian/rules debian/control \
+ && dpkg-buildpackage --jobs=auto -b -uc
+
+#
+# Clean environment and run the server
+#
+FROM ${from}
+ARG DEBIAN_FRONTEND=noninteractive
+
+COPY --from=build /usr/local/src/repositories/*.deb /tmp/
+
+RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime
+
+ARG freerad_uid=101
+ARG freerad_gid=101
+
+RUN groupadd -g ${freerad_gid} -r freerad \
+ && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \
+ && apt-get update \
+ && apt-get install -y tzdata \
+ && apt-get install -y /tmp/*.deb \
+ && apt-get clean \
+ && rm -r /var/lib/apt/lists/* /tmp/*.deb \
+ \
+ && ln -s /etc/freeradius /etc/raddb
+
+WORKDIR /
+COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["freeradius"]
diff --git a/scripts/docker/debian11/docker-entrypoint.sh b/scripts/docker/dists/debian11/docker-entrypoint.sh
index 93141b0..93141b0 100755
--- a/scripts/docker/debian11/docker-entrypoint.sh
+++ b/scripts/docker/dists/debian11/docker-entrypoint.sh
diff --git a/scripts/docker/dists/debian12/Dockerfile b/scripts/docker/dists/debian12/Dockerfile
new file mode 100644
index 0000000..609e8ae
--- /dev/null
+++ b/scripts/docker/dists/debian12/Dockerfile
@@ -0,0 +1,87 @@
+# Auto generated for debian12
+# from scripts/docker/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make docker.debian12.regen`
+#
+ARG from=debian:bookworm
+FROM ${from} as build
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+#
+# Install build tools
+#
+RUN apt-get update
+RUN apt-get install -y devscripts equivs git quilt gcc
+
+#
+# Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+ git status ; \
+ git log -1 --oneline
+
+#
+# Install build dependencies
+#
+RUN if [ -e ./debian/control.in ]; then \
+ debian/rules debian/control; \
+ fi; \
+ echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
+
+#
+# Build the server
+#
+# Work around fakeroot problems in Docker when building for different
+# platforms - doesn't matter as we run as root in the container anyway.
+#
+#RUN make -j$(nproc) deb
+RUN debian/rules debian/control \
+ && dpkg-buildpackage --jobs=auto -b -uc
+
+#
+# Clean environment and run the server
+#
+FROM ${from}
+ARG DEBIAN_FRONTEND=noninteractive
+
+COPY --from=build /usr/local/src/repositories/*.deb /tmp/
+
+RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime
+
+ARG freerad_uid=101
+ARG freerad_gid=101
+
+RUN groupadd -g ${freerad_gid} -r freerad \
+ && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \
+ && apt-get update \
+ && apt-get install -y tzdata \
+ && apt-get install -y /tmp/*.deb \
+ && apt-get clean \
+ && rm -r /var/lib/apt/lists/* /tmp/*.deb \
+ \
+ && ln -s /etc/freeradius /etc/raddb
+
+WORKDIR /
+COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["freeradius"]
diff --git a/scripts/docker/debian9/docker-entrypoint.sh b/scripts/docker/dists/debian12/docker-entrypoint.sh
index 93141b0..93141b0 100755
--- a/scripts/docker/debian9/docker-entrypoint.sh
+++ b/scripts/docker/dists/debian12/docker-entrypoint.sh
diff --git a/scripts/docker/dists/debiansid/Dockerfile b/scripts/docker/dists/debiansid/Dockerfile
new file mode 100644
index 0000000..862a421
--- /dev/null
+++ b/scripts/docker/dists/debiansid/Dockerfile
@@ -0,0 +1,87 @@
+# Auto generated for debiansid
+# from scripts/docker/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make docker.debiansid.regen`
+#
+ARG from=debian:sid
+FROM ${from} as build
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+#
+# Install build tools
+#
+RUN apt-get update
+RUN apt-get install -y devscripts equivs git quilt gcc
+
+#
+# Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+ git status ; \
+ git log -1 --oneline
+
+#
+# Install build dependencies
+#
+RUN if [ -e ./debian/control.in ]; then \
+ debian/rules debian/control; \
+ fi; \
+ echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
+
+#
+# Build the server
+#
+# Work around fakeroot problems in Docker when building for different
+# platforms - doesn't matter as we run as root in the container anyway.
+#
+#RUN make -j$(nproc) deb
+RUN debian/rules debian/control \
+ && dpkg-buildpackage --jobs=auto -b -uc
+
+#
+# Clean environment and run the server
+#
+FROM ${from}
+ARG DEBIAN_FRONTEND=noninteractive
+
+COPY --from=build /usr/local/src/repositories/*.deb /tmp/
+
+RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime
+
+ARG freerad_uid=101
+ARG freerad_gid=101
+
+RUN groupadd -g ${freerad_gid} -r freerad \
+ && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \
+ && apt-get update \
+ && apt-get install -y tzdata \
+ && apt-get install -y /tmp/*.deb \
+ && apt-get clean \
+ && rm -r /var/lib/apt/lists/* /tmp/*.deb \
+ \
+ && ln -s /etc/freeradius /etc/raddb
+
+WORKDIR /
+COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["freeradius"]
diff --git a/scripts/docker/debiansid/docker-entrypoint.sh b/scripts/docker/dists/debiansid/docker-entrypoint.sh
index 93141b0..93141b0 100755
--- a/scripts/docker/debiansid/docker-entrypoint.sh
+++ b/scripts/docker/dists/debiansid/docker-entrypoint.sh
diff --git a/scripts/docker/rocky8/Dockerfile b/scripts/docker/dists/rocky8/Dockerfile
index ca821a3..4dcb92e 100644
--- a/scripts/docker/rocky8/Dockerfile
+++ b/scripts/docker/dists/rocky8/Dockerfile
@@ -1,34 +1,54 @@
+# Auto generated for rocky8
+# from scripts/docker/m4/Dockerfile.rpm.m4
+#
+# Rebuild this file with `make docker.rocky8.regen`
+#
ARG from=rockylinux/rockylinux:8
FROM ${from} as build
+#
+# Install yum
+#
+RUN dnf install -y yum
+
RUN rpmkeys --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
#
# Install build tools
#
RUN yum groupinstall -y "Development Tools"
+
RUN yum install -y rpmdevtools openssl dnf-utils
+
#
# Create build directory
#
-RUN mkdir -p /usr/local/src/repositories
-WORKDIR /usr/local/src/repositories
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
#
-# Shallow clone the FreeRADIUS source
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
#
-ARG source=https://github.com/FreeRADIUS/freeradius-server.git
-ARG release=v3.2.x
+RUN git clean -fdxx \
+ && git reset --hard HEAD
-RUN git clone --depth 1 --single-branch --branch ${release} ${source}
-WORKDIR freeradius-server
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+ git status ; \
+ git log -1 --oneline
#
# Other requirements
#
-# Use LTB's openldap packages intead of the distribution version to avoid linking against NSS
+# Use LTB's openldap packages intead of the distribution version to avoid linking against NSS
RUN echo $'[ltb-project]\n\
name=LTB project packages\n\
baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\
@@ -38,17 +58,23 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\
> /etc/yum.repos.d/ltb-project.repo
RUN rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project
-# EPEL repository for freetds and hiredis
+# Enable EPEL repository for freetds and hiredis
RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
+# Enable powertools repo
RUN yum config-manager --enable powertools
-# Currently needed for hiredis-devel
+
+# Enable epel-testing, currently needed for hiredis-devel
RUN yum config-manager --enable epel-testing
#
# Install build dependencies
#
-RUN [ -e redhat/freeradius.spec ] && yum-builddep -y redhat/freeradius.spec
+# Run twice, it doesn't always get everything with one invocation
+#
+RUN [ -e redhat/freeradius.spec ] && \
+ yum-builddep -y redhat/freeradius.spec && \
+ yum-builddep -y redhat/freeradius.spec
#
# Create RPM build environment
@@ -57,9 +83,11 @@ ENV BUILDDIR=/root/rpmbuild
RUN rpmdev-setuptree
RUN ./configure
-RUN make freeradius-server-$(cat VERSION).tar.bz2
-RUN cp freeradius-server-$(cat VERSION).tar.bz2 $BUILDDIR/SOURCES/
+RUN cp VERSION /VERSION
+RUN make freeradius-server-$(cat /VERSION).tar.bz2
+RUN cp freeradius-server-$(cat /VERSION).tar.bz2 $BUILDDIR/SOURCES/
RUN cp -r redhat/* $BUILDDIR/SOURCES/
+RUN sed -i "s/^Version:.*/Version: $(cat /VERSION)/" redhat/freeradius.spec
RUN cp -r redhat/freeradius.spec $BUILDDIR/SPECS/
WORKDIR $BUILDDIR
@@ -67,7 +95,7 @@ WORKDIR $BUILDDIR
# Build the server
#
ENV QA_RPATHS=0x0003
-RUN rpmbuild -bb --define '_release $release' "$BUILDDIR/SPECS/freeradius.spec"
+RUN rpmbuild -bb --define "_release $(cat /VERSION)" "$BUILDDIR/SPECS/freeradius.spec"
RUN mkdir /root/rpms
RUN mv $BUILDDIR/RPMS/*/*.rpm /root/rpms/
@@ -76,8 +104,14 @@ RUN mv $BUILDDIR/RPMS/*/*.rpm /root/rpms/
# Clean environment and run the server
#
FROM ${from}
+
COPY --from=build /root/rpms /tmp/
+#
+# Install yum
+#
+RUN dnf install -y yum
+
# Use LTB's openldap packages intead of the distribution version to avoid linking against NSS
RUN echo $'[ltb-project]\n\
name=LTB project packages\n\
@@ -86,11 +120,13 @@ enabled=1\n\
gpgcheck=1\n\
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\
> /etc/yum.repos.d/ltb-project.repo \
- && rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project \
- \
-# EPEL repository for freetds and hiredis
- && yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm \
+ && rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project
+
+
+# EPEL repository for freetds and hiredis
+RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm \
&& yum install -y dnf-utils \
+ && yum config-manager --enable powertools \
&& yum config-manager --enable epel-testing
ARG radiusd_uid=95
@@ -100,8 +136,9 @@ RUN groupadd -g ${radiusd_gid} -r radiusd \
&& useradd -u ${radiusd_uid} -g radiusd -r -M -d /home/radiusd -s /sbin/nologin radiusd \
&& yum install -y /tmp/*.rpm
-COPY docker-entrypoint.sh /
-RUN chmod +x /docker-entrypoint.sh
+WORKDIR /
+COPY scripts/docker//etc/docker-entrypoint.sh.rpm docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
EXPOSE 1812/udp 1813/udp
ENTRYPOINT ["/docker-entrypoint.sh"]
diff --git a/scripts/docker/rocky8/docker-entrypoint.sh b/scripts/docker/dists/rocky8/docker-entrypoint.sh
index 900ad6b..900ad6b 100755
--- a/scripts/docker/rocky8/docker-entrypoint.sh
+++ b/scripts/docker/dists/rocky8/docker-entrypoint.sh
diff --git a/scripts/docker/dists/rocky9/Dockerfile b/scripts/docker/dists/rocky9/Dockerfile
new file mode 100644
index 0000000..0f57010
--- /dev/null
+++ b/scripts/docker/dists/rocky9/Dockerfile
@@ -0,0 +1,124 @@
+# Auto generated for rocky9
+# from scripts/docker/m4/Dockerfile.rpm.m4
+#
+# Rebuild this file with `make docker.rocky9.regen`
+#
+ARG from=rockylinux/rockylinux:9
+FROM ${from} as build
+
+#
+# Install yum
+#
+RUN dnf install -y yum
+
+RUN rpmkeys --import /etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+
+#
+# Install build tools
+#
+RUN yum groupinstall -y "Development Tools"
+
+RUN yum install -y rpmdevtools openssl dnf-utils
+
+
+#
+# Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+ git status ; \
+ git log -1 --oneline
+
+#
+# Other requirements
+#
+
+# Enable EPEL repository for freetds and hiredis
+RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
+
+# Enable Code Ready Builder repo (CentOS powertools equivalent)
+RUN yum install -y yum-utils
+RUN yum config-manager --enable crb
+
+#
+# Install build dependencies
+#
+# Run twice, it doesn't always get everything with one invocation
+#
+RUN [ -e redhat/freeradius.spec ] && \
+ yum-builddep -y redhat/freeradius.spec && \
+ yum-builddep -y redhat/freeradius.spec
+
+#
+# Create RPM build environment
+#
+ENV BUILDDIR=/root/rpmbuild
+RUN rpmdev-setuptree
+
+RUN ./configure
+RUN cp VERSION /VERSION
+RUN make freeradius-server-$(cat /VERSION).tar.bz2
+RUN cp freeradius-server-$(cat /VERSION).tar.bz2 $BUILDDIR/SOURCES/
+RUN cp -r redhat/* $BUILDDIR/SOURCES/
+RUN sed -i "s/^Version:.*/Version: $(cat /VERSION)/" redhat/freeradius.spec
+RUN cp -r redhat/freeradius.spec $BUILDDIR/SPECS/
+WORKDIR $BUILDDIR
+
+#
+# Build the server
+#
+ENV QA_RPATHS=0x0003
+RUN rpmbuild -bb --define "_release $(cat /VERSION)" "$BUILDDIR/SPECS/freeradius.spec"
+
+RUN mkdir /root/rpms
+RUN mv $BUILDDIR/RPMS/*/*.rpm /root/rpms/
+
+#
+# Clean environment and run the server
+#
+FROM ${from}
+
+COPY --from=build /root/rpms /tmp/
+
+#
+# Install yum
+#
+RUN dnf install -y yum
+
+
+
+# EPEL repository for freetds and hiredis
+RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm \
+ && yum install -y dnf-utils \
+ && yum config-manager --enable crb \
+ && yum config-manager --enable epel-testing
+
+ARG radiusd_uid=95
+ARG radiusd_gid=95
+
+RUN groupadd -g ${radiusd_gid} -r radiusd \
+ && useradd -u ${radiusd_uid} -g radiusd -r -M -d /home/radiusd -s /sbin/nologin radiusd \
+ && yum install -y /tmp/*.rpm
+
+WORKDIR /
+COPY scripts/docker//etc/docker-entrypoint.sh.rpm docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["radiusd"]
diff --git a/scripts/docker/dists/rocky9/docker-entrypoint.sh b/scripts/docker/dists/rocky9/docker-entrypoint.sh
new file mode 100755
index 0000000..900ad6b
--- /dev/null
+++ b/scripts/docker/dists/rocky9/docker-entrypoint.sh
@@ -0,0 +1,24 @@
+#!/bin/sh
+set -e
+
+# this if will check if the first argument is a flag
+# but only works if all arguments require a hyphenated flag
+# -v; -SL; -f arg; etc will work, but not arg1 arg2
+if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then
+ set -- radiusd "$@"
+fi
+
+# check for the expected command
+if [ "$1" = 'radiusd' ]; then
+ shift
+ exec radiusd -f "$@"
+fi
+
+# debian people are likely to call "freeradius" as well, so allow that
+if [ "$1" = 'freeradius' ]; then
+ shift
+ exec radiusd -f "$@"
+fi
+
+# else default to run whatever the user wanted like "bash" or "sh"
+exec "$@"
diff --git a/scripts/docker/dists/ubuntu18/Dockerfile b/scripts/docker/dists/ubuntu18/Dockerfile
new file mode 100644
index 0000000..4e32632
--- /dev/null
+++ b/scripts/docker/dists/ubuntu18/Dockerfile
@@ -0,0 +1,82 @@
+# Auto generated for ubuntu18
+# from scripts/docker/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make docker.ubuntu18.regen`
+#
+ARG from=ubuntu:18.04
+FROM ${from} as build
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+#
+# Install build tools
+#
+RUN apt-get update
+RUN apt-get install -y devscripts equivs git quilt gcc
+
+#
+# Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+ git status ; \
+ git log -1 --oneline
+
+#
+# Install build dependencies
+#
+RUN if [ -e ./debian/control.in ]; then \
+ debian/rules debian/control; \
+ fi; \
+ echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
+
+#
+# Build the server
+#
+# Work around fakeroot problems in Docker when building for different
+# platforms - doesn't matter as we run as root in the container anyway.
+#
+#RUN make -j$(nproc) deb
+RUN debian/rules debian/control \
+ && dpkg-buildpackage --jobs=auto -b -uc
+
+#
+# Clean environment and run the server
+#
+FROM ${from}
+ARG DEBIAN_FRONTEND=noninteractive
+
+COPY --from=build /usr/local/src/repositories/*.deb /tmp/
+
+RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime
+
+RUN apt-get update \
+ && apt-get install -y tzdata \
+ && apt-get install -y /tmp/*.deb \
+ && apt-get clean \
+ && rm -r /var/lib/apt/lists/* /tmp/*.deb \
+ \
+ && ln -s /etc/freeradius /etc/raddb
+
+WORKDIR /
+COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["freeradius"]
diff --git a/scripts/docker/ubuntu18/docker-entrypoint.sh b/scripts/docker/dists/ubuntu18/docker-entrypoint.sh
index 93141b0..93141b0 100755
--- a/scripts/docker/ubuntu18/docker-entrypoint.sh
+++ b/scripts/docker/dists/ubuntu18/docker-entrypoint.sh
diff --git a/scripts/docker/dists/ubuntu20/Dockerfile b/scripts/docker/dists/ubuntu20/Dockerfile
new file mode 100644
index 0000000..4a3bbf4
--- /dev/null
+++ b/scripts/docker/dists/ubuntu20/Dockerfile
@@ -0,0 +1,82 @@
+# Auto generated for ubuntu20
+# from scripts/docker/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make docker.ubuntu20.regen`
+#
+ARG from=ubuntu:20.04
+FROM ${from} as build
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+#
+# Install build tools
+#
+RUN apt-get update
+RUN apt-get install -y devscripts equivs git quilt gcc
+
+#
+# Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+ git status ; \
+ git log -1 --oneline
+
+#
+# Install build dependencies
+#
+RUN if [ -e ./debian/control.in ]; then \
+ debian/rules debian/control; \
+ fi; \
+ echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
+
+#
+# Build the server
+#
+# Work around fakeroot problems in Docker when building for different
+# platforms - doesn't matter as we run as root in the container anyway.
+#
+#RUN make -j$(nproc) deb
+RUN debian/rules debian/control \
+ && dpkg-buildpackage --jobs=auto -b -uc
+
+#
+# Clean environment and run the server
+#
+FROM ${from}
+ARG DEBIAN_FRONTEND=noninteractive
+
+COPY --from=build /usr/local/src/repositories/*.deb /tmp/
+
+RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime
+
+RUN apt-get update \
+ && apt-get install -y tzdata \
+ && apt-get install -y /tmp/*.deb \
+ && apt-get clean \
+ && rm -r /var/lib/apt/lists/* /tmp/*.deb \
+ \
+ && ln -s /etc/freeradius /etc/raddb
+
+WORKDIR /
+COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["freeradius"]
diff --git a/scripts/docker/ubuntu20/docker-entrypoint.sh b/scripts/docker/dists/ubuntu20/docker-entrypoint.sh
index 93141b0..93141b0 100755
--- a/scripts/docker/ubuntu20/docker-entrypoint.sh
+++ b/scripts/docker/dists/ubuntu20/docker-entrypoint.sh
diff --git a/scripts/docker/dists/ubuntu22/Dockerfile b/scripts/docker/dists/ubuntu22/Dockerfile
new file mode 100644
index 0000000..778112a
--- /dev/null
+++ b/scripts/docker/dists/ubuntu22/Dockerfile
@@ -0,0 +1,87 @@
+# Auto generated for ubuntu22
+# from scripts/docker/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make docker.ubuntu22.regen`
+#
+ARG from=ubuntu:22.04
+FROM ${from} as build
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+#
+# Install build tools
+#
+RUN apt-get update
+RUN apt-get install -y devscripts equivs git quilt gcc
+
+#
+# Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+ git status ; \
+ git log -1 --oneline
+
+#
+# Install build dependencies
+#
+RUN if [ -e ./debian/control.in ]; then \
+ debian/rules debian/control; \
+ fi; \
+ echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
+
+#
+# Build the server
+#
+# Work around fakeroot problems in Docker when building for different
+# platforms - doesn't matter as we run as root in the container anyway.
+#
+#RUN make -j$(nproc) deb
+RUN debian/rules debian/control \
+ && dpkg-buildpackage --jobs=auto -b -uc
+
+#
+# Clean environment and run the server
+#
+FROM ${from}
+ARG DEBIAN_FRONTEND=noninteractive
+
+COPY --from=build /usr/local/src/repositories/*.deb /tmp/
+
+RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime
+
+ARG freerad_uid=101
+ARG freerad_gid=101
+
+RUN groupadd -g ${freerad_gid} -r freerad \
+ && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \
+ && apt-get update \
+ && apt-get install -y tzdata \
+ && apt-get install -y /tmp/*.deb \
+ && apt-get clean \
+ && rm -r /var/lib/apt/lists/* /tmp/*.deb \
+ \
+ && ln -s /etc/freeradius /etc/raddb
+
+WORKDIR /
+COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["freeradius"]
diff --git a/scripts/docker/ubuntu22/docker-entrypoint.sh b/scripts/docker/dists/ubuntu22/docker-entrypoint.sh
index 93141b0..93141b0 100755
--- a/scripts/docker/ubuntu22/docker-entrypoint.sh
+++ b/scripts/docker/dists/ubuntu22/docker-entrypoint.sh
diff --git a/scripts/docker/dists/ubuntu24/Dockerfile b/scripts/docker/dists/ubuntu24/Dockerfile
new file mode 100644
index 0000000..ad4520e
--- /dev/null
+++ b/scripts/docker/dists/ubuntu24/Dockerfile
@@ -0,0 +1,87 @@
+# Auto generated for ubuntu24
+# from scripts/docker/m4/Dockerfile.deb.m4
+#
+# Rebuild this file with `make docker.ubuntu24.regen`
+#
+ARG from=ubuntu:24.04
+FROM ${from} as build
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+#
+# Install build tools
+#
+RUN apt-get update
+RUN apt-get install -y devscripts equivs git quilt gcc
+
+#
+# Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+ git status ; \
+ git log -1 --oneline
+
+#
+# Install build dependencies
+#
+RUN if [ -e ./debian/control.in ]; then \
+ debian/rules debian/control; \
+ fi; \
+ echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
+
+#
+# Build the server
+#
+# Work around fakeroot problems in Docker when building for different
+# platforms - doesn't matter as we run as root in the container anyway.
+#
+#RUN make -j$(nproc) deb
+RUN debian/rules debian/control \
+ && dpkg-buildpackage --jobs=auto -b -uc
+
+#
+# Clean environment and run the server
+#
+FROM ${from}
+ARG DEBIAN_FRONTEND=noninteractive
+
+COPY --from=build /usr/local/src/repositories/*.deb /tmp/
+
+RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime
+
+ARG freerad_uid=101
+ARG freerad_gid=101
+
+RUN groupadd -g ${freerad_gid} -r freerad \
+ && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \
+ && apt-get update \
+ && apt-get install -y tzdata \
+ && apt-get install -y /tmp/*.deb \
+ && apt-get clean \
+ && rm -r /var/lib/apt/lists/* /tmp/*.deb \
+ \
+ && ln -s /etc/freeradius /etc/raddb
+
+WORKDIR /
+COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["freeradius"]
diff --git a/scripts/docker/docker.mk b/scripts/docker/docker.mk
index 9773625..bf556c6 100644
--- a/scripts/docker/docker.mk
+++ b/scripts/docker/docker.mk
@@ -25,8 +25,8 @@
# version, DOCKER_COMMIT _must_ also be set.
DOCKER_VERSION := $(RADIUSD_VERSION_STRING)
#
-# Commit hash/tag/branch to build, will be taken from VERSION above if not overridden, e.g. "release_3_2_0"
-DOCKER_COMMIT := release_$(shell echo $(DOCKER_VERSION) | tr .- __)
+# Commit hash/tag/branch to build, if not set then HEAD will be used.
+DOCKER_COMMIT :=
#
# Build args, most likely "--no-cache"
DOCKER_BUILD_ARGS :=
@@ -40,6 +40,22 @@ DOCKER_REPO := freeradius
# Registry to push to
DOCKER_REGISTRY :=
#
+# Location of Docker-related files
+DOCKER_DIR := $(dir $(abspath $(lastword $(MAKEFILE_LIST))))
+DIST_DIR := $(DOCKER_DIR)/dists
+#
+# List of images we can build
+DOCKER_IMAGES:=$(sort $(patsubst $(DIST_DIR)/%,%,$(wildcard $(DIST_DIR)/*)))
+
+DOCKER_DEFAULT_UBUNTU := ubuntu22
+DOCKER_DEFAULT_ALPINE := alpine
+
+ifeq "${VERBOSE}" ""
+ Q=@
+else
+ Q=
+endif
+
ifneq "$(DOCKER_REPO)" ""
override DOCKER_REPO := $(DOCKER_REPO)/
@@ -50,37 +66,146 @@ ifneq "$(DOCKER_REGISTRY)" ""
endif
+#
+# Print some useful help
+#
+.PHONY: docker.help.images
+docker.help.images:
+ @echo Available images: $(DOCKER_IMAGES)
+
+.PHONY: docker.help
+docker.help: docker.help.images
+ @echo ""
+ @echo "Make targets:"
+ @echo " docker-ubuntu - build main ubuntu image"
+ @echo " docker-alpine - build main alpine image"
+ @echo " docker.regen - regenerate all Dockerfiles from templates"
+ @echo ""
+ @echo "Make targets per image:"
+ @echo " docker.IMAGE.build - build image"
+ @echo " docker.IMAGE.regen - regenerate Dockerfile"
+ @echo ""
+ @echo "Arguments:"
+ @echo ' DOCKER_BUILD_ARGS="--no-cache" - extra build args'
+ @echo ' DOCKER_REGISTRY="docker.example.com" - registry to build for'
+ @echo ' DOCKER_REPO="freeradius" - docker repo name'
+ @echo ' DOCKER_TAG="freeradius-server" - docker tag name'
+ @echo ' DOCKER_COMMIT="HEAD" - commit/ref to build from'
+ @echo ' DOCKER_VERSION="$(DOCKER_VERSION)" - version for docker image name'
+
+
+#
+# Rules for each OS
+#
+
+define ADD_DOCKER_RULES
+ $$(DIST_DIR)/${1}/Dockerfile: $(DOCKER_DIR)/m4/Dockerfile.m4 $(DOCKER_DIR)/m4/Dockerfile.deb.m4 $(DOCKER_DIR)/m4/Dockerfile.rpm.m4 $(DOCKER_DIR)/m4/Dockerfile.alpine.m4 $(DOCKER_DIR)/docker.mk
+ $$(Q)echo REGEN ${1}/Dockerfile
+ $$(Q)m4 -I $(DOCKER_DIR)/m4 -D D_NAME=${1} -D D_TYPE=docker $$< > $$@
+
+ DOCKER_DOCKERFILES += $$(DIST_DIR)/${1}/Dockerfile
+
+ .PHONY: docker.${1}.regen
+ docker.${1}.regen: $$(DIST_DIR)/${1}/Dockerfile
+
+ .PHONY: docker.${1}.build
+ docker.${1}.build:
+ @echo BUILD ${1} $(DOCKER_COMMIT)
+ $(Q)docker buildx build \
+ $(DOCKER_BUILD_ARGS) \
+ --progress=plain \
+ --build-arg=release=$(DOCKER_COMMIT) \
+ -t $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)-${1} \
+ -f $(DIST_DIR)/${1}/Dockerfile \
+ .
+
+endef
+
+$(foreach IMAGE,$(DOCKER_IMAGES), \
+ $(eval $(call ADD_DOCKER_RULES,$(IMAGE))))
+
+.PHONY: docker.regen
+docker.regen: $(DOCKER_DOCKERFILES)
+
+
+#
+# Rules to rebuild Docker images
+#
.PHONY: docker-ubuntu
-docker-ubuntu:
- @echo Building ubuntu $(DOCKER_COMMIT)
- $(Q)docker build $(DOCKER_BUILD_ARGS) scripts/docker/ubuntu22 --build-arg=release=$(DOCKER_COMMIT) -t $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)
+docker-ubuntu: docker.$(DOCKER_DEFAULT_UBUNTU).build
+ $(Q)docker image tag \
+ $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)-$(DOCKER_DEFAULT_UBUNTU) \
+ $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)
.PHONY: docker-alpine
-docker-alpine:
- @echo Building alpine $(DOCKER_COMMIT)
- $(Q)docker build $(DOCKER_BUILD_ARGS) scripts/docker/alpine --build-arg=release=$(DOCKER_COMMIT) -t $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)-alpine
+docker-alpine: docker.$(DOCKER_DEFAULT_ALPINE).build
+ $(Q)docker image tag \
+ $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)-$(DOCKER_DEFAULT_ALPINE) \
+ $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)-alpine
.PHONY: docker
docker: docker-ubuntu docker-alpine
-.PHONY: docker-push
-docker-push: docker
+#
+# Push main ubuntu and alpine images (all below are separate for CI jobs)
+#
+.PHONY: docker-push-ubuntu
+docker-push-ubuntu:
$(Q)docker push $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)
+
+.PHONY: docker-push-alpine
+docker-push-alpine:
$(Q)docker push $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)-alpine
-.PHONY: docker-tag-latest
-docker-tag-latest: docker
+.PHONY: docker-push
+docker-push: docker-push-ubuntu docker-push-alpine
+
+#
+# Tag main "latest" images
+#
+.PHONY: docker-tag-latest-ubuntu
+docker-tag-latest-ubuntu:
$(Q)docker tag $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION) $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):latest
- $(Q)docker tag $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)-alpine $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):latest-alpine
$(Q)docker tag $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION) $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):latest-3.2
+
+.PHONY: docker-tag-latest-alpine
+docker-tag-latest-alpine:
+ $(Q)docker tag $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)-alpine $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):latest-alpine
$(Q)docker tag $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)-alpine $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):latest-3.2-alpine
-.PHONY: docker-push-latest
-docker-push-latest: docker-push docker-tag-latest
+.PHONY: docker-tag-latest
+docker-tag-latest: docker-tag-latest-ubuntu docker-tag-latest-alpine
+
+#
+# Push main "latest" images
+#
+.PHONY: docker-push-latest-ubuntu
+docker-push-latest-ubuntu: docker-push-ubuntu docker-tag-latest-ubuntu
$(Q)docker push $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):latest
- $(Q)docker push $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):latest-alpine
$(Q)docker push $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):latest-3.2
+
+.PHONY: docker-push-latest-alpine
+docker-push-latest-alpine: docker-push-alpine docker-tag-latest-alpine
+ $(Q)docker push $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):latest-alpine
$(Q)docker push $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):latest-3.2-alpine
+.PHONY: docker-push-latest
+docker-push-latest: docker-push-latest-ubuntu docker-push-latest-alpine
+
+#
+# Convenience target to do everything
+#
.PHONY: docker-publish
-docker-publish: docker-push-latest
+docker-publish: docker docker-push-latest
+
+#
+# Used for multi-arch CI job. "docker manifest" rather than "docker buildx
+# --platforms=...,..." so that we can parallelise the build in GH Actions.
+#
+.PHONY: docker-ci-manifest
+docker-ci-manifest:
+ $(Q)docker manifest create \
+ $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION) \
+ $(foreach ARCH,$(DOCKER_ARCHS),--amend $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(ARCH)-$(DOCKER_VERSION))
+ $(Q)docker manifest push \
+ $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)
diff --git a/scripts/docker/etc/docker-entrypoint.sh.alpine b/scripts/docker/etc/docker-entrypoint.sh.alpine
new file mode 100755
index 0000000..e0f9f6f
--- /dev/null
+++ b/scripts/docker/etc/docker-entrypoint.sh.alpine
@@ -0,0 +1,27 @@
+#!/bin/sh
+set -e
+
+PATH=/opt/sbin:/opt/bin:$PATH
+export PATH
+
+# this if will check if the first argument is a flag
+# but only works if all arguments require a hyphenated flag
+# -v; -SL; -f arg; etc will work, but not arg1 arg2
+if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then
+ set -- radiusd "$@"
+fi
+
+# check for the expected command
+if [ "$1" = 'radiusd' ]; then
+ shift
+ exec radiusd -f "$@"
+fi
+
+# debian people are likely to call "freeradius" as well, so allow that
+if [ "$1" = 'freeradius' ]; then
+ shift
+ exec radiusd -f "$@"
+fi
+
+# else default to run whatever the user wanted like "bash" or "sh"
+exec "$@"
diff --git a/scripts/docker/etc/docker-entrypoint.sh.deb b/scripts/docker/etc/docker-entrypoint.sh.deb
new file mode 100755
index 0000000..93141b0
--- /dev/null
+++ b/scripts/docker/etc/docker-entrypoint.sh.deb
@@ -0,0 +1,24 @@
+#!/bin/sh
+set -e
+
+# this if will check if the first argument is a flag
+# but only works if all arguments require a hyphenated flag
+# -v; -SL; -f arg; etc will work, but not arg1 arg2
+if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then
+ set -- freeradius "$@"
+fi
+
+# check for the expected command
+if [ "$1" = 'freeradius' ]; then
+ shift
+ exec freeradius -f "$@"
+fi
+
+# many people are likely to call "radiusd" as well, so allow that
+if [ "$1" = 'radiusd' ]; then
+ shift
+ exec freeradius -f "$@"
+fi
+
+# else default to run whatever the user wanted like "bash" or "sh"
+exec "$@"
diff --git a/scripts/docker/etc/docker-entrypoint.sh.rpm b/scripts/docker/etc/docker-entrypoint.sh.rpm
new file mode 100755
index 0000000..900ad6b
--- /dev/null
+++ b/scripts/docker/etc/docker-entrypoint.sh.rpm
@@ -0,0 +1,24 @@
+#!/bin/sh
+set -e
+
+# this if will check if the first argument is a flag
+# but only works if all arguments require a hyphenated flag
+# -v; -SL; -f arg; etc will work, but not arg1 arg2
+if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then
+ set -- radiusd "$@"
+fi
+
+# check for the expected command
+if [ "$1" = 'radiusd' ]; then
+ shift
+ exec radiusd -f "$@"
+fi
+
+# debian people are likely to call "freeradius" as well, so allow that
+if [ "$1" = 'freeradius' ]; then
+ shift
+ exec radiusd -f "$@"
+fi
+
+# else default to run whatever the user wanted like "bash" or "sh"
+exec "$@"
diff --git a/scripts/docker/alpine/Dockerfile b/scripts/docker/m4/Dockerfile.alpine.m4
index 2965525..64c6c8f 100644
--- a/scripts/docker/alpine/Dockerfile
+++ b/scripts/docker/m4/Dockerfile.alpine.m4
@@ -1,4 +1,4 @@
-ARG from=alpine:3.13
+ARG from=DOCKER_IMAGE
FROM ${from} as build
#
@@ -10,17 +10,23 @@ RUN apk add git gcc make
#
# Create build directory
#
-RUN mkdir -p /usr/local/src/repositories
-WORKDIR /usr/local/src/repositories
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
#
-# Shallow clone the FreeRADIUS source
+# Copy the FreeRADIUS directory in
#
-ARG source=https://github.com/FreeRADIUS/freeradius-server.git
-ARG release=v3.2.x
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+RUN [ -z "$release" ] || git checkout ${release}
-RUN git clone --depth 1 --single-branch --branch ${release} ${source}
-WORKDIR freeradius-server
#
# Install build dependencies
@@ -33,7 +39,7 @@ RUN apk add linux-headers
RUN apk add pcre-dev libidn-dev krb5-dev samba-dev curl-dev json-c-dev
RUN apk add openldap-dev unbound-dev
# languages
-RUN apk add ruby-dev perl-dev python2-dev
+RUN apk add ruby-dev perl-dev python2-dev python3-dev
# databases
RUN apk add hiredis-dev libmemcached-dev gdbm-dev libcouchbase-dev
# sql
@@ -69,14 +75,15 @@ RUN apk update \
&& apk add libcurl json-c libldap hiredis sqlite-dev \
#RUN apk add libidn krb5
#RUN apk add unbound-libs
-#RUN apk add ruby-libs perl python2-dev
+#RUN apk add ruby-libs perl python2-dev python3-dev
#RUN apk add libmemcached gdbm libcouchbase
#RUN apk add postgresql-dev mariadb-dev unixodbc-dev
\
&& ln -s /opt/etc/raddb /etc/raddb
-COPY docker-entrypoint.sh /
-RUN chmod +x /docker-entrypoint.sh
+WORKDIR /
+COPY DOCKER_TOPDIR/etc/docker-entrypoint.sh.PKG_TYPE docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
EXPOSE 1812/udp 1813/udp
ENTRYPOINT ["/docker-entrypoint.sh"]
diff --git a/scripts/docker/m4/Dockerfile.deb.m4 b/scripts/docker/m4/Dockerfile.deb.m4
new file mode 100644
index 0000000..0b4e5b5
--- /dev/null
+++ b/scripts/docker/m4/Dockerfile.deb.m4
@@ -0,0 +1,88 @@
+ARG from=DOCKER_IMAGE
+FROM ${from} as build
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+#
+# Install build tools
+#
+RUN apt-get update
+RUN apt-get install -y devscripts equivs git quilt gcc
+
+#
+# Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+ git status ; \
+ git log -1 --oneline
+
+#
+# Install build dependencies
+#
+RUN if [ -e ./debian/control.in ]; then \
+ debian/rules debian/control; \
+ fi; \
+ echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
+
+#
+# Build the server
+#
+# Work around fakeroot problems in Docker when building for different
+# platforms - doesn't matter as we run as root in the container anyway.
+#
+#RUN make -j$(nproc) deb
+RUN debian/rules debian/control \
+ && dpkg-buildpackage --jobs=auto -b -uc
+
+#
+# Clean environment and run the server
+#
+FROM ${from}
+ARG DEBIAN_FRONTEND=noninteractive
+
+COPY --from=build /usr/local/src/repositories/*.deb /tmp/
+
+RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime
+
+ifelse(ifelse(
+ D_NAME, `debian10', no,
+ D_NAME, `ubuntu18', no,
+ D_NAME, `ubuntu20', no,
+ yes), yes, `dnl
+ARG freerad_uid=101
+ARG freerad_gid=101
+
+RUN groupadd -g ${freerad_gid} -r freerad \
+ && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \
+ && apt-get update \',
+`RUN apt-get update \')
+ && apt-get install -y tzdata \
+ && apt-get install -y /tmp/*.deb \
+ && apt-get clean \
+ && rm -r /var/lib/apt/lists/* /tmp/*.deb \
+ \
+ && ln -s /etc/freeradius /etc/raddb
+
+WORKDIR /
+COPY scripts/docker/etc/docker-entrypoint.sh.PKG_TYPE docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["freeradius"]
diff --git a/scripts/docker/m4/Dockerfile.m4 b/scripts/docker/m4/Dockerfile.m4
new file mode 100644
index 0000000..f9890a1
--- /dev/null
+++ b/scripts/docker/m4/Dockerfile.m4
@@ -0,0 +1,45 @@
+dnl Look up the OS codename, docker base image etc before including
+dnl the main Dockerfile template.
+dnl
+dnl This top-level template is used by both the docker makefile
+dnl (scripts/docker/docker.mk) and the crossbuild makefile
+dnl (scripts/crossbuild/crossbuild.mk), but the Dockerfile templates
+dnl they use are different - see the m4 directories for each.
+dnl
+divert(`-1')
+changequote(`[', `]')
+define([DOCKER_TOPDIR], [scripts/docker/])
+define([p_SET], [
+ define([PKG_TYPE], [$1])
+ define([OS_NAME], [$2])
+ define([OS_VER], [$3])
+ define([OS_CODENAME], [$4])
+ define([DOCKER_IMAGE], [$5])
+])
+dnl D_NAME PKG_TYPE OS_NAME OS_VER OS_CODENAME DOCKER_IMAGE
+ifelse(
+ D_NAME, [alpine], [p_SET([alpine], [alpine], [3.13], [alpine], [alpine:3.13])],
+ D_NAME, [debian10], [p_SET([deb], [debian], [10], [buster], [debian:buster])],
+ D_NAME, [debian11], [p_SET([deb], [debian], [11], [bullseye], [debian:bullseye])],
+ D_NAME, [debian12], [p_SET([deb], [debian], [12], [bookworm], [debian:bookworm])],
+ D_NAME, [debiansid], [p_SET([deb], [debian], [99], [sid], [debian:sid])],
+ D_NAME, [ubuntu18], [p_SET([deb], [ubuntu], [18], [bionic], [ubuntu:18.04])],
+ D_NAME, [ubuntu20], [p_SET([deb], [ubuntu], [20], [focal], [ubuntu:20.04])],
+ D_NAME, [ubuntu22], [p_SET([deb], [ubuntu], [22], [jammy], [ubuntu:22.04])],
+ D_NAME, [ubuntu24], [p_SET([deb], [ubuntu], [24], [noble], [ubuntu:24.04])],
+ D_NAME, [centos7], [p_SET([rpm], [centos], [7], [7], [centos:7])],
+ D_NAME, [centos8], [p_SET([rpm], [centos], [8], [8], [centos:8])],
+ D_NAME, [rocky8], [p_SET([rpm], [rocky], [8], [8], [rockylinux/rockylinux:8])],
+ D_NAME, [rocky9], [p_SET([rpm], [rocky], [9], [9], [rockylinux/rockylinux:9])],
+ [errprint(error: OS 'D_NAME' not defined[,] see __file__
+)m4exit(1)]
+)
+undefine([p_SET])
+divert[]dnl
+[#] Auto generated for D_NAME
+[#] from scripts/D_TYPE/m4/Dockerfile.PKG_TYPE.m4
+[#]
+[#] Rebuild this file with `make D_TYPE.D_NAME.regen`
+[#]
+changequote([`], ['])dnl
+include(Dockerfile.PKG_TYPE.m4)dnl
diff --git a/scripts/docker/m4/Dockerfile.rpm.m4 b/scripts/docker/m4/Dockerfile.rpm.m4
new file mode 100644
index 0000000..03181e8
--- /dev/null
+++ b/scripts/docker/m4/Dockerfile.rpm.m4
@@ -0,0 +1,186 @@
+ARG from=DOCKER_IMAGE
+FROM ${from} as build
+
+ifelse(OS_VER, 7, `dnl
+#
+# CentOS 7 is now EOL, so we need to fix up the repo source
+#
+RUN sed -i "s/^mirrorlist/#mirrorlist/g" /etc/yum.repos.d/CentOS-*
+RUN sed -i "s|#\s*baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*
+')dnl
+
+ifelse(OS_VER, `7', `', `dnl
+#
+# Install yum
+#
+RUN dnf install -y yum
+')dnl
+
+ifelse(OS_VER, 8, `dnl
+RUN rpmkeys --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
+')dnl
+ifelse(OS_VER, 9, `dnl
+RUN rpmkeys --import /etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
+')
+#
+# Install build tools
+#
+RUN yum groupinstall -y "Development Tools"
+ifelse(OS_VER, 7,`dnl
+RUN yum install -y rpmdevtools
+RUN yum install -y openssl
+',`
+RUN yum install -y rpmdevtools openssl dnf-utils
+')
+
+#
+# Create build directory
+#
+RUN mkdir -p /usr/local/src/repositories/freeradius-server
+WORKDIR /usr/local/src/repositories/freeradius-server/
+
+#
+# Copy the FreeRADIUS directory in
+#
+COPY . .
+
+#
+# Clean up tree - we want to build from the latest commit, not from
+# any cruft left around on the local system
+#
+RUN git clean -fdxx \
+ && git reset --hard HEAD
+
+ARG release
+RUN [ -z "$release" ] || git checkout ${release} ; \
+ git status ; \
+ git log -1 --oneline
+
+#
+# Other requirements
+#
+changequote(`{', `}')dnl
+ifelse(ifelse(OS_VER, 7, yes, OS_VER, 8, yes, no), yes, {
+# Use LTB's openldap packages intead of the distribution version to avoid linking against NSS
+RUN echo $'[ltb-project]\n\
+name=LTB project packages\n\
+baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\
+enabled=1\n\
+gpgcheck=1\n\
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\
+> /etc/yum.repos.d/ltb-project.repo
+RUN rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project
+})dnl
+changequote({`}, {'})dnl
+
+# Enable EPEL repository for freetds and hiredis
+RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-OS_VER.noarch.rpm
+ifelse(OS_VER, 8, `
+# Enable powertools repo
+RUN yum config-manager --enable powertools
+
+# Enable epel-testing, currently needed for hiredis-devel
+RUN yum config-manager --enable epel-testing
+')dnl
+ifelse(OS_VER, 9, `
+# Enable Code Ready Builder repo (CentOS powertools equivalent)
+RUN yum install -y yum-utils
+RUN yum config-manager --enable crb
+')dnl
+
+#
+# Install build dependencies
+#
+# Run twice, it doesn't always get everything with one invocation
+#
+RUN [ -e redhat/freeradius.spec ] && \
+ yum-builddep -y redhat/freeradius.spec && \
+ yum-builddep -y redhat/freeradius.spec
+
+#
+# Create RPM build environment
+#
+ENV BUILDDIR=/root/rpmbuild
+RUN rpmdev-setuptree
+
+RUN ./configure
+RUN cp VERSION /VERSION
+RUN make freeradius-server-$(cat /VERSION).tar.bz2
+RUN cp freeradius-server-$(cat /VERSION).tar.bz2 $BUILDDIR/SOURCES/
+RUN cp -r redhat/* $BUILDDIR/SOURCES/
+RUN sed -i "s/^Version:.*/Version: $(cat /VERSION)/" redhat/freeradius.spec
+RUN cp -r redhat/freeradius.spec $BUILDDIR/SPECS/
+WORKDIR $BUILDDIR
+
+#
+# Build the server
+#
+ENV QA_RPATHS=0x0003
+RUN rpmbuild -bb --define "_release $(cat /VERSION)" "$BUILDDIR/SPECS/freeradius.spec"
+
+RUN mkdir /root/rpms
+RUN mv $BUILDDIR/RPMS/*/*.rpm /root/rpms/
+
+#
+# Clean environment and run the server
+#
+FROM ${from}
+
+COPY --from=build /root/rpms /tmp/
+
+ifelse(OS_VER, 7, `dnl
+#
+# CentOS 7 is now EOL, so we need to fix up the repo source
+#
+RUN sed -i "s/^mirrorlist/#mirrorlist/g" /etc/yum.repos.d/CentOS-*
+RUN sed -i "s|#\s*baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*
+')dnl
+
+ifelse(OS_VER, `7', `', `dnl
+#
+# Install yum
+#
+RUN dnf install -y yum
+')dnl
+
+changequote(`{', `}')dnl
+ifelse(ifelse(OS_VER, 7, yes, OS_VER, 8, yes, no), yes, {dnl
+# Use LTB's openldap packages intead of the distribution version to avoid linking against NSS
+RUN echo $'[ltb-project]\n\
+name=LTB project packages\n\
+baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\
+enabled=1\n\
+gpgcheck=1\n\
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\
+> /etc/yum.repos.d/ltb-project.repo \
+ && rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project
+})dnl
+changequote({`}, {'})dnl
+
+
+# EPEL repository for freetds and hiredis
+RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-OS_VER.noarch.rpm \
+ifelse(OS_VER, 7, ` \', `dnl
+ && yum install -y dnf-utils \
+ifelse(OS_VER, 8, `dnl
+ && yum config-manager --enable powertools \
+')dnl
+ifelse(OS_VER, 9, `dnl
+ && yum config-manager --enable crb \
+')dnl
+ && yum config-manager --enable epel-testing
+
+ARG radiusd_uid=95
+ARG radiusd_gid=95
+
+RUN groupadd -g ${radiusd_gid} -r radiusd \
+ && useradd -u ${radiusd_uid} -g radiusd -r -M -d /home/radiusd -s /sbin/nologin radiusd \')
+ && yum install -y /tmp/*.rpm
+
+WORKDIR /
+COPY DOCKER_TOPDIR/etc/docker-entrypoint.sh.PKG_TYPE docker-entrypoint.sh
+RUN chmod +x docker-entrypoint.sh
+
+EXPOSE 1812/udp 1813/udp
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["radiusd"]
diff --git a/scripts/docker/ubuntu18/Dockerfile b/scripts/docker/ubuntu18/Dockerfile
deleted file mode 100644
index 7322026..0000000
--- a/scripts/docker/ubuntu18/Dockerfile
+++ /dev/null
@@ -1,59 +0,0 @@
-ARG from=ubuntu:18.04
-FROM ${from} as build
-
-ARG DEBIAN_FRONTEND=noninteractive
-
-#
-# Install build tools
-#
-RUN apt-get update
-RUN apt-get install -y devscripts equivs git quilt gcc
-
-#
-# Create build directory
-#
-RUN mkdir -p /usr/local/src/repositories
-WORKDIR /usr/local/src/repositories
-
-#
-# Shallow clone the FreeRADIUS source
-#
-ARG source=https://github.com/FreeRADIUS/freeradius-server.git
-ARG release=v3.2.x
-
-RUN git clone --depth 1 --single-branch --branch ${release} ${source}
-WORKDIR freeradius-server
-
-#
-# Install build dependencies
-#
-RUN git checkout ${release}; \
- if [ -e ./debian/control.in ]; then \
- debian/rules debian/control; \
- fi; \
- echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
-
-#
-# Build the server
-#
-RUN make -j2 deb
-
-#
-# Clean environment and run the server
-#
-FROM ${from}
-COPY --from=build /usr/local/src/repositories/*.deb /tmp/
-
-RUN apt-get update \
- && apt-get install -y /tmp/*.deb \
- && apt-get clean \
- && rm -r /var/lib/apt/lists/* /tmp/*.deb \
- \
- && ln -s /etc/freeradius /etc/raddb
-
-COPY docker-entrypoint.sh /
-RUN chmod +x /docker-entrypoint.sh
-
-EXPOSE 1812/udp 1813/udp
-ENTRYPOINT ["/docker-entrypoint.sh"]
-CMD ["freeradius"]
diff --git a/scripts/docker/ubuntu20/Dockerfile b/scripts/docker/ubuntu20/Dockerfile
deleted file mode 100644
index 783ebc9..0000000
--- a/scripts/docker/ubuntu20/Dockerfile
+++ /dev/null
@@ -1,61 +0,0 @@
-ARG from=ubuntu:20.04
-FROM ${from} as build
-
-ARG DEBIAN_FRONTEND=noninteractive
-
-#
-# Install build tools
-#
-RUN apt-get update
-RUN apt-get install -y devscripts equivs git quilt gcc
-
-#
-# Create build directory
-#
-RUN mkdir -p /usr/local/src/repositories
-WORKDIR /usr/local/src/repositories
-
-#
-# Shallow clone the FreeRADIUS source
-#
-ARG source=https://github.com/FreeRADIUS/freeradius-server.git
-ARG release=v3.2.x
-
-RUN git clone --depth 1 --single-branch --branch ${release} ${source}
-WORKDIR freeradius-server
-
-#
-# Install build dependencies
-#
-RUN git checkout ${release}; \
- if [ -e ./debian/control.in ]; then \
- debian/rules debian/control; \
- fi; \
- echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
-
-#
-# Build the server
-#
-RUN make -j2 deb
-
-#
-# Clean environment and run the server
-#
-FROM ${from}
-COPY --from=build /usr/local/src/repositories/*.deb /tmp/
-
-ARG DEBIAN_FRONTEND=noninteractive
-
-RUN apt-get update \
- && apt-get install -y /tmp/*.deb \
- && apt-get clean \
- && rm -r /var/lib/apt/lists/* /tmp/*.deb \
- \
- && ln -s /etc/freeradius /etc/raddb
-
-COPY docker-entrypoint.sh /
-RUN chmod +x /docker-entrypoint.sh
-
-EXPOSE 1812/udp 1813/udp
-ENTRYPOINT ["/docker-entrypoint.sh"]
-CMD ["freeradius"]
diff --git a/scripts/docker/ubuntu22/Dockerfile b/scripts/docker/ubuntu22/Dockerfile
deleted file mode 100644
index 9e6aa57..0000000
--- a/scripts/docker/ubuntu22/Dockerfile
+++ /dev/null
@@ -1,66 +0,0 @@
-ARG from=ubuntu:22.04
-FROM ${from} as build
-
-ARG DEBIAN_FRONTEND=noninteractive
-
-#
-# Install build tools
-#
-RUN apt-get update
-RUN apt-get install -y devscripts equivs git quilt gcc
-
-#
-# Create build directory
-#
-RUN mkdir -p /usr/local/src/repositories
-WORKDIR /usr/local/src/repositories
-
-#
-# Shallow clone the FreeRADIUS source
-#
-ARG source=https://github.com/FreeRADIUS/freeradius-server.git
-ARG release=v3.2.x
-
-RUN git clone --depth 1 --single-branch --branch ${release} ${source}
-WORKDIR freeradius-server
-
-#
-# Install build dependencies
-#
-RUN git checkout ${release}; \
- if [ -e ./debian/control.in ]; then \
- debian/rules debian/control; \
- fi; \
- echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control
-
-#
-# Build the server
-#
-RUN make -j2 deb
-
-#
-# Clean environment and run the server
-#
-FROM ${from}
-COPY --from=build /usr/local/src/repositories/*.deb /tmp/
-
-ARG freerad_uid=101
-ARG freerad_gid=101
-
-ARG DEBIAN_FRONTEND=noninteractive
-
-RUN groupadd -g ${freerad_gid} -r freerad \
- && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \
- && apt-get update \
- && apt-get install -y /tmp/*.deb \
- && apt-get clean \
- && rm -r /var/lib/apt/lists/* /tmp/*.deb \
- \
- && ln -s /etc/freeradius /etc/raddb
-
-COPY docker-entrypoint.sh /
-RUN chmod +x /docker-entrypoint.sh
-
-EXPOSE 1812/udp 1813/udp
-ENTRYPOINT ["/docker-entrypoint.sh"]
-CMD ["freeradius"]
diff --git a/scripts/snmp-proxy/freeradius-snmp.pl b/scripts/snmp-proxy/freeradius-snmp.pl
index f30fc7d..9e70afc 100644
--- a/scripts/snmp-proxy/freeradius-snmp.pl
+++ b/scripts/snmp-proxy/freeradius-snmp.pl
@@ -40,7 +40,7 @@ my $cfg = {
radius => {
host => 'localhost',
- port => 18120,
+ port => 18121,
secret => 'adminsecret',
# dictionary => '../radiusd/share/dictionary',
dictionary => 'dictionary.hacked',
@@ -167,7 +167,7 @@ sub radius_stats_get {
# Wrappers for specific types of stats
#
sub radius_stats_get_global { return radius_stats_get(0x1f); }
-sub radius_stats_get_client { return radius_stats_get(0x3f, 'FreeRADIUS-Stats-Client-Number' => $_[0]); }
+sub radius_stats_get_client { return radius_stats_get(0x23, 'FreeRADIUS-Stats-Client-Number' => $_[0]); }
#
# Main loop of thread fetching status from freeradius server