From eb5d9bc3f94a9efe96d4cdac669bf99b0a4bae8d Mon Sep 17 00:00:00 2001
From: Simon Cloutier <simon@qic.ca>
Date: Tue, 1 Apr 2025 10:52:59 -0400
Subject: [PATCH] getting ready to public

---
 README.md                           |  77 +++++++++++++++++++++++++++-
 app/Dockerfile                      |  16 ++++--
 app/__pycache__/app.cpython-39.pyc  | Bin 0 -> 1125 bytes
 app/__pycache__/wsgi.cpython-39.pyc | Bin 0 -> 174 bytes
 app/app.py                          |  13 +++++
 app/requirements.txt                |   3 +-
 app/templates/base.html             |   6 +++
 app/wsgi.py                         |   4 ++
 docker-compose.yml                  |   2 +
 9 files changed, 116 insertions(+), 5 deletions(-)
 create mode 100644 app/__pycache__/app.cpython-39.pyc
 create mode 100644 app/__pycache__/wsgi.cpython-39.pyc
 create mode 100644 app/wsgi.py

diff --git a/README.md b/README.md
index f978cec..b44e7be 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,76 @@
-This is a project that allows me to simplify freeradius user management with mac address authentication as it's primary focus.
\ No newline at end of file
+
+```markdown
+# FreeRADIUS Manager (Phase 1)
+
+A lightweight web UI to manage MAC address-based FreeRADIUS configurations backed by a MariaDB/MySQL database.
+
+## Features
+- Add/edit/delete MAC-based users and VLAN assignments
+- View Access-Accept and Access-Reject logs
+- Lookup MAC vendors using maclookup.app API
+- Dynamically populate vendor cache to reduce API usage
+
+---
+
+## Requirements (Phase 1)
+- Existing FreeRADIUS installation
+- Existing MariaDB or MySQL server with access credentials
+
+### Required Tables
+Add the following tables to your RADIUS database:
+
+```sql
+CREATE TABLE IF NOT EXISTS rad_description (
+    username VARCHAR(64) PRIMARY KEY,
+    description TEXT
+);
+
+CREATE TABLE IF NOT EXISTS mac_vendor_cache (
+    mac_prefix VARCHAR(6) PRIMARY KEY,
+    vendor_name VARCHAR(255),
+    last_updated TIMESTAMP
+);
+```
+
+---
+
+## Getting Started
+
+### 1. Clone this repo
+```bash
+git clone https://github.com/yourname/freeradius-manager.git
+cd freeradius-manager
+```
+
+### 2. Configure environment
+Create a `.env` file or configure environment variables:
+
+```env
+FLASK_SECRET_KEY=super-secret-key
+MYSQL_HOST=192.168.1.100
+MYSQL_USER=radiususer
+MYSQL_PASSWORD=yourpassword
+MYSQL_DATABASE=radius
+OUI_API_KEY= (leave empty for free tier)
+OUI_API_LIMIT_PER_SEC=2
+OUI_API_DAILY_LIMIT=10000
+```
+
+### 3. Run using Docker Compose
+```bash
+docker-compose up --build
+```
+
+---
+
+## Notes
+- The MAC vendor database will auto-populate as addresses are discovered
+- Only MAC-based users are supported in this release
+
+---
+
+## Phase 2 Goals
+- Integrate FreeRADIUS server into Docker Compose
+- Optional MariaDB container
+- Provide self-contained stack for local or cloud deployment
+```
\ No newline at end of file
diff --git a/app/Dockerfile b/app/Dockerfile
index 0305a18..50b310a 100644
--- a/app/Dockerfile
+++ b/app/Dockerfile
@@ -1,13 +1,23 @@
 FROM python:3.9-slim
 
+# Set working directory
 WORKDIR /app
 
-COPY requirements.txt .
+# Create logs directory
+RUN mkdir -p /app/logs
 
+# Install dependencies
+COPY requirements.txt .
 RUN pip install --no-cache-dir -r requirements.txt
 
-RUN apt-get update && apt-get install -y iputils-ping telnet # Add these lines
+# Optional tools (useful for debugging)
+RUN apt-get update && apt-get install -y iputils-ping telnet && apt-get clean
 
+# Copy application code
 COPY . .
 
-CMD ["python", "app.py"]
\ No newline at end of file
+# Expose port (optional, for documentation)
+EXPOSE 8080
+
+# Default command to run app with Gunicorn
+CMD ["gunicorn", "--bind", "0.0.0.0:8080", "wsgi:app"]
diff --git a/app/__pycache__/app.cpython-39.pyc b/app/__pycache__/app.cpython-39.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..f0fc4a2f2bc64890aa767ad66e8b644445465a71
GIT binary patch
literal 1125
zcmb7DJ#X7E5Eb=hMV4jR`JTEJ@M3rCQWOOWbj;FDTnO2u9VMhBP*j?Db=Ls>3CWnh
z#I-HZqW>UMk5t?QXqJ-T`SJP4d%Qd4gF)=Tc>Uw|D)t=bo7p@a0c_sEYJP&D4n^D%
z2qWQQS9sVHKK7B}T^@)KhZcLhCn6kK?DHKF<JjVW_eFvei$gvTDNd2Y5F2g~&RBNV
zzZtRQ76F&CY-4`2n=uP5lbwxOM0+&4b`1}^nC@(MH@h^xMYK<oFAm(b2j_O_0GN~x
zEwgW#444reTjqcb>F&8Jzr$UJbdT=S1A2JvfwrTM&gA$Pyw;icI{3iz=3GaT(L%C?
z(!Ex4vaF;YN>)-PiDIJWxndKfg94aK0DjvrX^54q+8RKd*ELyG<+518E-K1G5unz=
ztn<XNxwe*USzNBenLW0S?Vp4fjanEvPY0CBc@L{ez$ix{iZ(Dox_h!t&81Ug?BP3C
z8h7b~xpSmBVa<Ji1{%zo)>k^?Y?Uvr$lqfl@M~N!jw@5J>t3g;`9Cp<eazI_M)u*N
zM+F@k0H;R};jN#Qy$|#@{t)mzn*9^m$g^pP04V6rZ3<#ris`8me1fED;%B3#){Shd
zdklWtkmmV1B1GgxNyw*l@72`K;_D0O3{MA?&D)jsPpd|0zpkV@nH=F@Y5GMPU5`n(
z@$u-QV4s_57tvxFf*Z~{-sZiddxm~+@AA>{=8-z=+DPsgr-<e%pXX3%^A#JpWiA*Y
z+Jma%{!&(gRP!@vTs)R+1)T&vG3PC-Wl<^|KzjmXsw+*3rG2y~+w$3LMQ=n!Th87h
a@NHg#IYP;Hx)Dm;$c<5oQoynIxc&ew%?D8c

literal 0
HcmV?d00001

diff --git a/app/__pycache__/wsgi.cpython-39.pyc b/app/__pycache__/wsgi.cpython-39.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..fa54b13e7f28cd6e6074215fd397a15d1afb9529
GIT binary patch
literal 174
zcmYe~<>g`k0_UHv)9rxtV-N=!FabFZKwPW<BvKes7;_kM8KM{%8B!Tjn6jCQWKtOx
zFf9b~Q<#GpG+AB(RWWEX-eOKHD7eKDAD^3;nHL}Lr^#FdG6*D+mzbLxAAgIvs5EaS
sLlGNL6ioc$(FbbLFE38d)GMgG#bJ}1pHiBWYR3pvP|N}(c$hdC0UJLhF#rGn

literal 0
HcmV?d00001

diff --git a/app/app.py b/app/app.py
index d5a0641..b1fe39e 100644
--- a/app/app.py
+++ b/app/app.py
@@ -4,6 +4,19 @@ from views.user_views import user
 from views.group_views import group
 from config import app_config
 from database import init_app
+import logging
+from logging.handlers import RotatingFileHandler
+import os
+
+log_to_file = os.getenv('LOG_TO_FILE', 'false').lower() == 'true'
+log_file_path = os.getenv('LOG_FILE_PATH', '/app/logs/app.log')
+
+if log_to_file:
+    handler = RotatingFileHandler(log_file_path, maxBytes=1000000, backupCount=3)
+    handler.setLevel(logging.INFO)
+    app.logger.addHandler(handler)
+
+app.logger.setLevel(logging.INFO)
 
 app = Flask(__name__)
 app.config.from_object(app_config)
diff --git a/app/requirements.txt b/app/requirements.txt
index 6465f07..1754311 100644
--- a/app/requirements.txt
+++ b/app/requirements.txt
@@ -2,4 +2,5 @@ Flask
 mysql-connector-python
 requests
 BeautifulSoup4
-lxml
\ No newline at end of file
+lxml
+gunicorn
\ No newline at end of file
diff --git a/app/templates/base.html b/app/templates/base.html
index eb8444a..2507dc5 100644
--- a/app/templates/base.html
+++ b/app/templates/base.html
@@ -1,6 +1,12 @@
 <!DOCTYPE html>
 <html lang="en">
 <head>
+  <link rel="icon" href="/static/favicon.ico" type="image/x-icon">
+  <meta name="description" content="FreeRADIUS Web Manager">
+  <meta name="author" content="Simon Cloutier">
+  <meta property="og:title" content="FreeRADIUS Manager">
+  <meta property="og:description" content="Manage FreeRADIUS MAC authentication visually">
+  <meta property="og:type" content="website">
   <meta charset="UTF-8" />
   <meta name="viewport" content="width=device-width, initial-scale=1.0" />
   <title>{% block title %}FreeRADIUS Manager{% endblock %}</title>
diff --git a/app/wsgi.py b/app/wsgi.py
new file mode 100644
index 0000000..6026b0f
--- /dev/null
+++ b/app/wsgi.py
@@ -0,0 +1,4 @@
+from app import app
+
+if __name__ == "__main__":
+    app.run()
diff --git a/docker-compose.yml b/docker-compose.yml
index d9760b8..a35ee74 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -19,6 +19,8 @@ services:
       - MACLOOKUP_RATE_LIMIT=2
       - MACLOOKUP_API_KEY=""  # if using a key later
       - MACLOOKUP_API_URL="https://api.maclookup.app/v2/macs/{}"
+      - LOG_TO_FILE=true
+      - LOG_FILE_PATH=/app/logs/app.log
     restart: no
 
   nginx: