how to install freeipa on ubuntu with docker


What is Freeipa?

FreeIPA is an integrated security information management solution combining Linux (Fedora), 389 Directory Server, MIT Kerberos, NTP, DNS, Dogtag (Certificate System). It consists of a web interface and command-line administration tools.

FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers.

FreeIPA is built on top of well known Open Source components and standard protocols with a very strong focus on ease of management and automation of installation and configuration tasks.

Requirement :

  • Docker and Docker-compose 
  • Chrony
  • freeipa-client


Freeipa Server:

Domain : example.local

Server Hostname : freeipa.example.local

Client IP :

You can Install Freeipa Based on Docker and here is the Docker-compose  that i provide

you  just need to do

docker-compose up -d

version: '3.7'
    image: freeipa/freeipa-server:centos-8
    restart: unless-stopped
    hostname: freeipa.packops.local
      IPA_SERVER_HOSTNAME: freeipa.packops.local
      TZ: "Asia/Tehran"
    tty: true
    stdin_open: true
      - NET_ADMIN
      - /etc/localtime:/etc/localtime:ro
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
      - freeipavol:/data
      - net.ipv6.conf.all.disable_ipv6=0
      - net.ipv6.conf.lo.disable_ipv6=0
      - "seccomp:unconfined"
      - -U
      - --domain=packops.local
      - --realm=packops.local
      - --http-pin=YOURPASSWORD
      - --dirsrv-pin=YOURPASSWORDe
      - --ds-password=YOURPASSWORD
      - --admin-password=YOURPASSWORD
      - --no-host-dns
      - --unattended
      - "80:80"
      - "443:443"
      - "389:389"
      - "636:636"
      - "88:88"
      - "464:464"
      - "88:88/udp"
      - "464:464/udp"
      - "123:123/udp"
      - "7389:7389"
      - "9443:9443"
      - "9444:9444"
      - "9445:9445"



Access to Freeipa Server cording to these format


Install Freeipa and  join it toYour Freeipa Server

					 apt-get install freeipa-client chrony -y
hostnamectl set-hostname node-02.example.local

ipa-client-install --hostname=`hostname -f` \
--mkhomedir \
--server=freeipa.example.local \
--domain example.local \


Output should be something Like that :

					This program will set up FreeIPA client.
Version 4.8.6

WARNING: conflicting time&date synchronization service 'ntp' will be disa                                                                                                                                          bled in favor of chronyd

Autodiscovery of servers for failover cannot work with this configuration                                                                                                                                          .
If you proceed with the installation, services will be configured to alwa                                                                                                                                          ys access the discovered server for all operations and will not fail over                                                                                                                                           to other servers in case of failure.
Proceed with fixed values and no DNS discovery? [no]: "yes"
Do you want to configure chrony with NTP server or pool address? [no]: "no"
Client hostname: "node-02.example.local"
DNS Domain: "example.local"
IPA Server: "freeipa.example.local"
BaseDN: dc=mabnadp,dc=local

					Continue to configure the system with these values? [no]: yes
Synchronizing time
No SRV records of NTP servers found and no NTP server or pool address was                                                                                                                                           provided.
Using default chrony configuration.
Attempting to sync time with chronyc.
Time synchronization was successful.
User authorized to enroll computers: admin
Password for admin@EXAMPLE.LOCAL:
Successfully retrieved CA cert
    Subject:     CN=Certificate Authority,O=MABNADP.LOCAL
    Issuer:      CN=Certificate Authority,O=MABNADP.LOCAL
    Valid From:  2021-11-22 11:33:00
    Valid Until: 2041-11-22 11:33:00

Enrolled in IPA realm MABNADP.LOCAL
Created /etc/ipa/default.conf
Configured sudoers in /etc/nsswitch.conf
Configured /etc/sssd/sssd.conf
Configured /etc/krb5.conf for IPA realm MABNADP.LOCAL
Systemwide CA database updated.
Adding SSH public key from /etc/ssh/
Adding SSH public key from /etc/ssh/
Adding SSH public key from /etc/ssh/
Adding SSH public key from /etc/ssh/
Could not update DNS SSHFP records.
SSSD enabled
Configured /etc/openldap/ldap.conf
Configured /etc/ssh/ssh_config
Configured /etc/ssh/sshd_config
Configuring mabnadp.local as NIS domain.
Client configuration complete.



You Can Cache Packages , Speed UP Downloading Packages and Also Not Accessing Your Servers To the Internet By Simply Using APT Cacher-NG

					kinit admin 

Instaling Cow proxy on docker (ubuntu 20.4)

What is Cow Proxy ?

COW (Climb Over the Wall) proxy on Docker

Cow Proxy is a web proxy backed by tunnel technology. Like VPN, it hides your IP address and encrypt your traffic, but a lot easier to use.





Make a Dockerfile and Add these Variables

					FROM alpine
RUN apk update && apk add curl && apk add bash
#installing Cow Proxy
RUN curl -s -L | bash 

EXPOSE 7777/tcp


3- Make a docker-compose.yml and Paste following Parameter :

					version: "3"
    build: .
    image: cow-proxy:1
      - "8585:7777"
      - "./config-file:/root/.cow/rc"
    restart: always


3- Make a Config File that includes your Proxy User nad password

					listen =

logFile = /dev/stderr

userPasswd = user:pass


Client Side Config

Proxy setting for  your Linux

For setting up proxy settinf for yor Current User You need just to Set these Enviornment (You can do it in Terminal to but that way is not Permanent)

vim ~/.bash_profile

exprot no_proxy=localhost,, *.my.lan
You can Test your Proxy Functionality by Doing Curl with –proxy you need to receive 200 Response  code
					for ((i=1;i<=10;i++)); do curl -I --proxy  http://user:password@YOUR_PROXY_IP:8585 -vv; done
You can Clone whole Project from my Github Repository

how to install docker on ubuntu


In this Article we are going to  install docker-ce on Ubuntu 20 but before installation we should know about :

What is Docker ?

how to intall docker installing docker on ununtu how to docker compose on ubuntu

Docker is a set of platform as a service products that use OS-level virtualization to deliver software in packages called containers. Containers are isolated from one another and bundle their own software, libraries and configuration files; they can communicate with each other through well-defined

what is docker-compose ?

Compose is a tool for defining and running multi-container Docker applications. With Compose, you use a YAML file to configure your application’s services. … Run docker compose up and the Docker compose command starts and runs your entire app.



1- Setup Repository

					 sudo apt-get update

 sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg \

2- Add Docker’s official GPG key:

					 curl -fsSL | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

3- Add Docker’s official Repository :

					echo \
  "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

4- Installing  Docker

					 sudo apt-get update

 sudo apt-get install docker-ce docker-ce-cli

Installing Docker from Bash script

					wget -qO- | sh

Installing Docker-compose  from Bash script

					wget -qO- | sh