diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..1364d60
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,34 @@
+FROM alpine:3.18 AS BUILDER
+
+RUN apk add openssl-dev libnl3-dev linux-headers git alpine-sdk
+
+COPY --chmod=755 build.sh /build.sh
+
+WORKDIR /hostapd-mana
+RUN git clone https://github.com/sensepost/hostapd-mana . &&\
+    git checkout 1302a7204d9118efa0668df1924c938dbe8d1b11
+
+WORKDIR /hostapd-mana/hostapd
+RUN /build.sh
+
+
+FROM alpine:3.18
+
+RUN apk add libnl3 libssl3
+
+COPY --from=BUILDER /hostapd-mana/hostapd/hostapd_cli /usr/bin/hostapd-mana_cli
+COPY --from=BUILDER /hostapd-mana/hostapd/hostapd /usr/sbin/hostapd-mana
+COPY --from=BUILDER /hostapd-mana/hostapd/nt_password_hash /usr/bin/nt_password_hash
+
+WORKDIR /hostapd_configs
+
+COPY --chmod=755 /hostapd_configs/hostapd.conf.template /hostapd_configs/hostapd.conf.template
+COPY --chmod=755 /hostapd_configs/hostapd.radius_client.template /hostapd_configs/hostapd.radius_client.template
+COPY /hostapd_configs/hostapd.eap_user /hostapd_configs/hostapd.eap_user
+
+COPY certs /certs
+COPY output /output
+
+COPY --chmod=755 entrypoint.sh /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]
\ No newline at end of file
diff --git a/README.md b/README.md
index 4f040ab..7ae25e0 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,48 @@
-# hostapd-docker
+# hostapd-mana RADIUS Docker
+
 Quick Alpine Hostapd Docker
+
+
+## Get certificate to use:
+
+https://go-acme.github.io/lego/usage/cli/obtain-a-certificate/
+
+https://go-acme.github.io/lego/dns/cloudflare/
+
+
+![](images/2023-06-28-16-32-21.png)
+
+
+
+example:
+```
+docker run --rm -it -v certs:/.lego/certificates \
+ -e "CF_API_EMAIL=tester@example.com" \
+ -e "CF_DNS_API_TOKEN=PLtbXXXXXXXXXXXXXXXVRqda" \
+ goacme/lego --email "tester@example.com" --dns cloudflare --domains "wifi.example.com" -a run
+```
+
+## Create RADIUS server
+
+
+
+## Use RADIUS server
+
+
+Point Access Point or hostapd to your RADIUS server 
+
+### hostapd
+
+```
+eap_server=0
+auth_server_addr=127.0.0.1
+auth_server_port=1812
+auth_server_shared_secret=P@ssw0rd
+```
+
+-p 1813:1813/udp -p 1812:1812/udp
+
+![Luci/OpenWRT options for setting RADIUS](images/2023-06-28-14-29-05.png)
+
+
+
diff --git a/build.sh b/build.sh
new file mode 100644
index 0000000..18ced75
--- /dev/null
+++ b/build.sh
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+# Stolen from https://git.alpinelinux.org/aports/tree/main/hostapd/APKBUILD
+{ sed \
+    		-e '/^#CONFIG_DRIVER_NL80211=y/s/^#//' \
+			-e '/^#CONFIG_RADIUS_SERVER=y/s/^#//' \
+			-e '/^#CONFIG_DRIVER_WIRED=y/s/^#//' \
+			-e '/^#CONFIG_DRIVER_NONE=y/s/^#//' \
+			-e '/^#CONFIG_IEEE80211N=y/s/^#//' \
+			-e '/^#CONFIG_IEEE80211R=y/s/^#//' \
+			-e '/^#CONFIG_IEEE80211AC=y/s/^#//' \
+			-e '/^#CONFIG_IEEE80211AX=y/s/^#//' \
+			-e '/^#CONFIG_FULL_DYNAMIC_VLAN=y/s/^#//' \
+			-e '/^#CONFIG_LIBNL32=y/s/^#//' \
+			-e '/^#CONFIG_ACS=y/s/^#//' \
+			-e '/^#CONFIG_WEP=y/s/^#//' \
+			-e '/^#CONFIG_SAE=y/s/^#//' \
+			defconfig 
+		echo "CC ?= ${CC:-gcc}" 
+		echo "CFLAGS += -I/usr/include/libnl3" 
+		echo "LIBS += -L/usr/lib" 
+	} >> .config 
+    
+CFLAGS="$CFLAGS -flto=auto" make all nt_password_hash
\ No newline at end of file
diff --git a/certs/example.com.crt b/certs/example.com.crt
new file mode 100644
index 0000000..203b211
--- /dev/null
+++ b/certs/example.com.crt
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDmjCCAoICCQDPrwm5Ys8s+DANBgkqhkiG9w0BAQsFADCBjjELMAkGA1UEBhMC
+VUsxDzANBgNVBAgMBkxvbmRvbjEPMA0GA1UEBwwGTG9uZG9uMRIwEAYDVQQKDAlT
+ZW5zZVBvc3QxCzAJBgNVBAsMAklUMRkwFwYDVQQDDBB3aWZpLmV4YW1wbGUuY29t
+MSEwHwYJKoZIhvcNAQkBFhJ0ZXN0ZXJAZXhhbXBsZS5jb20wHhcNMjMwNjI4MTM1
+MTIyWhcNMjMwNzI4MTM1MTIyWjCBjjELMAkGA1UEBhMCVUsxDzANBgNVBAgMBkxv
+bmRvbjEPMA0GA1UEBwwGTG9uZG9uMRIwEAYDVQQKDAlTZW5zZVBvc3QxCzAJBgNV
+BAsMAklUMRkwFwYDVQQDDBB3aWZpLmV4YW1wbGUuY29tMSEwHwYJKoZIhvcNAQkB
+FhJ0ZXN0ZXJAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCdnyzcwaAkchow7+2Y07ozcqHACx33UKXqroQQtSfngnFd/1H6Q1ILYGiE
+Mh0ctt/6hD0EKmSVF9qhivmu4q7oMqpIPb49NSkgt4Diu+K9YXhG/rtItpw6hTs2
+jXYXqK3p76ngczKoW997VGAFDkxADFRC2lzERKu02KF0fOQIzTLueVMYDGFqkSx4
+Z9ovT+AXqz9XqQnvHDN00NCUA7XDZfkqqJYXtGrq6SPbkwQkqURw73lxr74LMwJC
+zbGwVV9Amp2lS4m2qfCF3Q4hy0ydPkcw5EvxkwNiaeUJTn86QI52VRybG6rQb9Jj
+1QnJgOlRy4voaKpAjRSbAwsqimNXAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAF53
+xqQeQNvYIpf/vIsQMWU/77eWS5PmRnDN1rc+OrPE3AnTFavX7cT32trAX3LjDXS8
+PrzKxfSntLcBKL6wbCQfdmfUU8tTcM109uKTH18Z46OF8sQ710ogt1u+0ZXPDN5G
+wpLhufdnACgrk3YavcVo7rAM2VbPZauEExaxAVBuZ6AgPRzOr51M5nIf/Re7i6ow
+XMm+Q2IqEehjVmj9BBwgEfKyoskWnbegEzwCfxkGt5OaeiPlJ9yyNl49fCwo97ZF
+Bdi+HW8tfKP5lzIlTXY73JuurG1SYS4lKuX/M4vwQWuUA4lfGizfl/3R8/kiiKxm
+4rYgLjp/Qw2OSd7XcGo=
+-----END CERTIFICATE-----
diff --git a/certs/example.com.issuer.crt b/certs/example.com.issuer.crt
new file mode 100644
index 0000000..203b211
--- /dev/null
+++ b/certs/example.com.issuer.crt
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDmjCCAoICCQDPrwm5Ys8s+DANBgkqhkiG9w0BAQsFADCBjjELMAkGA1UEBhMC
+VUsxDzANBgNVBAgMBkxvbmRvbjEPMA0GA1UEBwwGTG9uZG9uMRIwEAYDVQQKDAlT
+ZW5zZVBvc3QxCzAJBgNVBAsMAklUMRkwFwYDVQQDDBB3aWZpLmV4YW1wbGUuY29t
+MSEwHwYJKoZIhvcNAQkBFhJ0ZXN0ZXJAZXhhbXBsZS5jb20wHhcNMjMwNjI4MTM1
+MTIyWhcNMjMwNzI4MTM1MTIyWjCBjjELMAkGA1UEBhMCVUsxDzANBgNVBAgMBkxv
+bmRvbjEPMA0GA1UEBwwGTG9uZG9uMRIwEAYDVQQKDAlTZW5zZVBvc3QxCzAJBgNV
+BAsMAklUMRkwFwYDVQQDDBB3aWZpLmV4YW1wbGUuY29tMSEwHwYJKoZIhvcNAQkB
+FhJ0ZXN0ZXJAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCdnyzcwaAkchow7+2Y07ozcqHACx33UKXqroQQtSfngnFd/1H6Q1ILYGiE
+Mh0ctt/6hD0EKmSVF9qhivmu4q7oMqpIPb49NSkgt4Diu+K9YXhG/rtItpw6hTs2
+jXYXqK3p76ngczKoW997VGAFDkxADFRC2lzERKu02KF0fOQIzTLueVMYDGFqkSx4
+Z9ovT+AXqz9XqQnvHDN00NCUA7XDZfkqqJYXtGrq6SPbkwQkqURw73lxr74LMwJC
+zbGwVV9Amp2lS4m2qfCF3Q4hy0ydPkcw5EvxkwNiaeUJTn86QI52VRybG6rQb9Jj
+1QnJgOlRy4voaKpAjRSbAwsqimNXAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAF53
+xqQeQNvYIpf/vIsQMWU/77eWS5PmRnDN1rc+OrPE3AnTFavX7cT32trAX3LjDXS8
+PrzKxfSntLcBKL6wbCQfdmfUU8tTcM109uKTH18Z46OF8sQ710ogt1u+0ZXPDN5G
+wpLhufdnACgrk3YavcVo7rAM2VbPZauEExaxAVBuZ6AgPRzOr51M5nIf/Re7i6ow
+XMm+Q2IqEehjVmj9BBwgEfKyoskWnbegEzwCfxkGt5OaeiPlJ9yyNl49fCwo97ZF
+Bdi+HW8tfKP5lzIlTXY73JuurG1SYS4lKuX/M4vwQWuUA4lfGizfl/3R8/kiiKxm
+4rYgLjp/Qw2OSd7XcGo=
+-----END CERTIFICATE-----
diff --git a/certs/example.com.key b/certs/example.com.key
new file mode 100644
index 0000000..19adb59
--- /dev/null
+++ b/certs/example.com.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCdnyzcwaAkchow
+7+2Y07ozcqHACx33UKXqroQQtSfngnFd/1H6Q1ILYGiEMh0ctt/6hD0EKmSVF9qh
+ivmu4q7oMqpIPb49NSkgt4Diu+K9YXhG/rtItpw6hTs2jXYXqK3p76ngczKoW997
+VGAFDkxADFRC2lzERKu02KF0fOQIzTLueVMYDGFqkSx4Z9ovT+AXqz9XqQnvHDN0
+0NCUA7XDZfkqqJYXtGrq6SPbkwQkqURw73lxr74LMwJCzbGwVV9Amp2lS4m2qfCF
+3Q4hy0ydPkcw5EvxkwNiaeUJTn86QI52VRybG6rQb9Jj1QnJgOlRy4voaKpAjRSb
+AwsqimNXAgMBAAECggEAUW3HHnDFS67KyxdYVsii/CsvVugnXfoDDR+FSKBd8iMY
+cCgT8MdQnmH6/LhrA8eSJHimkP1ZoxCEuUnzvZ6MH5b1E4caPcK18Zn7cqb/9zhg
+i8TTejgks7LaqU8hgA17c0yGJVc+B24XIT6wsEv3pmr4KOVoYVjcn/v+RRC0ObsA
+8lzOJ0bN7e/sQrhEgm6JJ+qFZHvmBAScGeWPmhxGYVkoizcyZ0fzj39OobQk4Yeu
+zdcPkFAYP1J9EwC+pWw6jWCijSYT7hEVz/fuezINUXKlhR7oVMxYFtOlgGlZ5aNl
+fVRsjOt6aT+rgAFhaNfLBjLJaaEMUyk9cXvaWzdHoQKBgQDQOC/OyKnN2bHWo8jh
+kD7b1gBJNrvxv9p5EWnxfwooA8bbfc1+gd2tS5Kx507mkBa2+lvBRBniGia0Nngr
+M653Sz+Wy4+6v82U4G0v8gR5ly/AWSeusiieUleDp7wDlLpXHoM187Doa6++5gN/
+jRBjIkrwSp1Angh9n9OVfqup8QKBgQDByqLi8CTzc5yTaWoCvZNcJQdEMrcqA7rM
+HZGr8qunhR3KLIV06tTtXjqkPmPtwCaqqw94hHOBGweox24cCAVt0zr7nb7qX2MK
+C5Nm98/k1Yd2BVHx3hMzIJKGfbs0kj2wJJ+ke7KoC3eFSFqk8rs2/z2WlcTGNIc7
+S8czBMzZxwKBgGtygyEnJZDnZMEJVdEoWXeiEBW32/addUUCenQ3hWsuv8BmQ9Oj
+elxB4lpRrcKG2mHkAdNSrDSkIBLhBNPuYHqI5zCOrQXGknTf9xhFwI9qOCb/Gt4o
+a5N/lE+JEBmc9yebxEPkFAdsAo31Lhr1FV7CxH8JUeqVYnZJMqszaaxRAoGBAJAq
+IPbWU4bQsOBxAS48vY1E9pzjZaNZ1vLV5HKYOt6KhtjKOhX6RKC5AsMArvJFif5Y
+909eqVaYNyB2DBHKXc+P3kck2MweXd0xM1zcacoAl59S4d0eqgXU62wlyMiZKk8J
+T8HbS9L7hNSgON6QvHlzc+u8SwBwP1H7U5s+rO4tAoGBAIS9TGLP0XQIQS3aeI5O
+brlvEwuGu3mTqQk2lisPsKQgG3K/27vR7FmWR6IOcjuT5DwQJxLdg5eMK858XKEe
+liczW2Wg1mroCJHGTmZH0ksJ4lKsANXNmtnP2AZWBeED90A2psihnkA2eOL4SQ8v
+vECbqT+v3y9zstztkB8Ts39/
+-----END PRIVATE KEY-----
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100644
index 0000000..5164526
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+# defaults
+password=P@ssw0rd
+range=0.0.0.0/0
+domain=example.com
+
+domain=wifi.example.com /hostapd_configs/hostapd.conf.template > /hostapd_configs/hostapd.conf
+
+password=P@ssw0rd range=0.0.0.0/0 /hostapd_configs/hostapd.radius_client.template > /hostapd_configs/hostapd.radius_client
+
+
+# Add flag for verbosity
+hostapd-mana /hostapd_configs/hostapd.conf
\ No newline at end of file
diff --git a/hostapd_configs/hostapd.conf.template b/hostapd_configs/hostapd.conf.template
new file mode 100644
index 0000000..0579acc
--- /dev/null
+++ b/hostapd_configs/hostapd.conf.template
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+cat <<END
+driver=none
+
+logger_syslog=-1
+logger_syslog_level=4
+logger_stdout=-1
+logger_stdout_level=4
+
+# we _do_ want to handle EAP please
+eap_server=1 
+eap_user_file=/hostapd_configs/hostapd.eap_user
+
+# and we want to be a radius server
+radius_server_clients=/hostapd_configs/hostapd.radius_client
+radius_server_auth_port=1812
+radius_server_acct_port=1813
+
+# we have some certs we'll generate
+ca_cert=/certs/$domain.issuer.crt
+server_cert=/certs/$domain.crt
+private_key=/certs/$domain.key
+
+mana_wpe=1
+mana_credout=/output/hostapd.credout
+END
\ No newline at end of file
diff --git a/hostapd_configs/hostapd.eap_user b/hostapd_configs/hostapd.eap_user
new file mode 100644
index 0000000..4f5ad2c
--- /dev/null
+++ b/hostapd_configs/hostapd.eap_user
@@ -0,0 +1,5 @@
+# Hostapd-manas default EAP User file to try accept as many creds as possible
+
+*		    PEAP,TTLS,TLS,MD5,GTC
+*       	TTLS-MSCHAPV2,MSCHAPV2,MD5,GTC,TTLS-PAP,TTLS-CHAP,TTLS-MSCHAP  "1234test"  [2]
+"t"     	TTLS-MSCHAPV2,MSCHAPV2,MD5,GTC,TTLS-PAP,TTLS-CHAP,TTLS-MSCHAP  "1234test"  [2]
\ No newline at end of file
diff --git a/hostapd_configs/hostapd.radius_client.template b/hostapd_configs/hostapd.radius_client.template
new file mode 100644
index 0000000..8cf9b84
--- /dev/null
+++ b/hostapd_configs/hostapd.radius_client.template
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+cat <<END
+# RADIUS client configuration for the RADIUS server
+$range      $password
+END
diff --git a/images/2023-06-28-14-29-05.png b/images/2023-06-28-14-29-05.png
new file mode 100644
index 0000000..add76e8
Binary files /dev/null and b/images/2023-06-28-14-29-05.png differ
diff --git a/images/2023-06-28-16-32-21.png b/images/2023-06-28-16-32-21.png
new file mode 100644
index 0000000..bfa1f4e
Binary files /dev/null and b/images/2023-06-28-16-32-21.png differ