This guide runs FreeRADIUS 3.2.x in a container. FreeRADIUS 3.2.x is the currently recommended stable release for production environments.
Pull and run the latest FreeRADIUS container:
docker run --rm -it freeradius/freeradius-server:3.2 latest --help
Create a docker-compose.yml file for production use:
version: '3.8'
services:
freeradius:
image: freeradius/freeradius-server:3.2.8
container_name: freeradius
ports:
- "1812:1812/udp" # Authentication
- "1813:1813/udp" # Accounting
# Uncomment if using additional ports
# - "1812:1812/tcp" # CoA (Change of Authorization)
volumes:
- ./config:/etc/freeradius/3.0:ro # Configuration files
- ./logs:/var/log/freeradius # Log files
environment:
- TZ=UTC
restart: unless-stopped
networks:
- radius-network
networks:
radius-network:
driver: bridge
For custom configurations, mount your configuration files:
# Create directory structure
mkdir -p freeradius/config freeradius/logs
# Copy default configuration from a temporary container
docker run --rm -it freeradius/freeradius-server:3.2.8 cat /etc/freeradius/3.0/radiusd.conf > freeradius/config/radiusd.conf
docker run --rm -it freeradius/freeradius-server:3.2.8 cat /etc/freeradius/3.0/clients.conf > freeradius/config/clients.conf
# Then run with custom config
docker run -d \
--name freeradius \
-p 1812:1812/udp \
-p 1813:1813/udp \
-v $(pwd)/freeradius/config:/etc/freeradius/3.0:ro \
-v $(pwd)/freeradius/logs:/var/log/freeradius \
-e TZ=UTC \
--restart unless-stopped \
freeradius/freeradius-server:3.2.8
The container supports the following environment variables:
TZ: Timezone (default: UTC)DEBUG_LEVEL: Debug level (0-4, default: 0)Client Configuration: Define your RADIUS clients in clients.conf:
client docker_client {
ipaddr = 172.17.0.0/16 # Adjust to your Docker subnet
secret = your_secure_secret
}
Authentication Backends: Configure authentication modules in the mounted configuration directory.
Persistent Storage: Always mount volumes for configuration and logs to persist data.
Test the container with the radtest utility:
# Enter the container
docker exec -it freeradius bash
# Run a test
radtest username password localhost 0 testing123
Or run radtest from another container:
docker run --rm --network container:freeradius freeradius/freeradius-server:3.2.8 radtest username password localhost 0 testing123
:ro) when possiblelatestMonitor the container logs:
docker logs -f freeradius
Logs are also available in the mounted logs directory for persistent storage and external monitoring tools.
freeradius/freeradius-server:3.2.83.2, latestRunning containers in production? We help with:
Need help? office@linux-server-admin.com or Contact Us