Add more parameters to freeradius::site

Add authorize, authenticate,... parameters to freeradius::site so they
could be used to configure the site.

README.md

@@ -633,6 +633,63 @@ freeradius::site { 'inner-tunnel':
 }
 ```
 
+##### `ensure`
+
+Whether the site should be present or not.
+
+##### `source`
+
+Provide source to a file with the configuration of the site. Default: `undef`.
+
+##### `content`
+
+Provide content for the configuartion of the site. Default: `undef`.
+
+##### `authorize`
+
+Array of options (as String) for the authorize section of the site. This parameter is
+ignored if `source` or `content`are used. Default: [].
+
+##### `authenticate`
+
+Array of options (as String) for the authenticate section of the site. This parameter is
+ignored if `source` or `content`are used. Default: [].
+
+##### `preacct`
+
+Array of options (as String) for the preacct section of the site. This parameter is
+ignored if `source` or `content`are used. Default: [].
+
+##### `accounting`
+
+Array of options (as String) for the accounting section of the site. This parameter is
+ignored if `source` or `content`are used. Default: [].
+
+##### `session`
+
+Array of options (as String) for the session section of the site. This parameter is
+ignored if `source` or `content`are used. Default: [].
+
+##### `post_auth`
+
+Array of options (as String) for the post-auth section of the site. This parameter is
+ignored if `source` or `content`are used. Default: [].
+
+##### `pre_proxy`
+
+Array of options (as String) for the pre-proxy section of the site. This parameter is
+ignored if `source` or `content`are used. Default: [].
+
+##### `post_proxy`
+
+Array of options (as String) for the post-proxy section of the site. This parameter is
+ignored if `source` or `content`are used. Default: [].
+
+##### `listen`
+
+Array of listen definitions for the site. This parameter is ignored if `source` or
+`content`are used. Default: [].
+
 #### `freeradius::sql`
 
 Configure SQL connections. You can define multiple database connections by

manifests/site.pp

 # Install FreeRADIUS virtual servers (sites)
 define freeradius::site (
-  $source = undef,
-  $content = undef,
-  $ensure = present,
+  $ensure                     = present,
+  $source                     = undef,
+  $content                    = undef,
+  Array[String] $authorize    = [],
+  Array[String] $authenticate = [],
+  Array[String] $preacct      = [],
+  Array[String] $accounting   = [],
+  Array[String] $session      = [],
+  Array[String] $post_auth    = [],
+  Array[String] $pre_proxy    = [],
+  Array[String] $post_proxy   = [],
+  Array[Hash] $listen         = [],
 ) {
   $fr_package  = $::freeradius::params::fr_package
   $fr_service  = $::freeradius::params::fr_service
   $fr_basepath = $::freeradius::params::fr_basepath
   $fr_group    = $::freeradius::params::fr_group
 
+  $manage_content = $source ? {
+    undef   => $content ? {
+      undef   => template('freeradius/site.erb'),
+      default => $content,
+    },
+    default => undef,
+  }
+
   file { "${fr_basepath}/sites-enabled/${name}":
     ensure  => $ensure,
     mode    => '0640',
     owner   => 'root',
     group   => $fr_group,
     source  => $source,
-    content => $content,
+    content => $manage_content,
     require => [Package[$fr_package], Group[$fr_group]],
     notify  => Service[$fr_service],
   }

templates/site.erb

+# This file is managed by Puppet. DO NOT EDIT.
+#
+######################################################################
+#
+#	As of 2.0.0, FreeRADIUS supports virtual hosts using the
+#	"server" section, and configuration directives.
+#
+#	Virtual hosts should be put into the "sites-available"
+#	directory.  Soft links should be created in the "sites-enabled"
+#	directory to these files.  This is done in a normal installation.
+#
+#	If you are using 802.1X (EAP) authentication, please see also
+#	the "inner-tunnel" virtual server.  You will likely have to edit
+#	that, too, for authentication to work.
+#
+#	$Id: cf7fe5ed3804e566c1569e96ae350804054ebcdd $
+#
+######################################################################
+#
+#	Read "man radiusd" before editing this file.  See the section
+#	titled DEBUGGING.  It outlines a method where you can quickly
+#	obtain the configuration you want, without running into
+#	trouble.  See also "man unlang", which documents the format
+#	of this file.
+#
+#	This configuration is designed to work in the widest possible
+#	set of circumstances, with the widest possible number of
+#	authentication methods.  This means that in general, you should
+#	need to make very few changes to this file.
+#
+#	The best way to configure the server for your local system
+#	is to CAREFULLY edit this file.  Most attempts to make large
+#	edits to this file will BREAK THE SERVER.  Any edits should
+#	be small, and tested by running the server with "radiusd -X".
+#	Once the edits have been verified to work, save a copy of these
+#	configuration files somewhere.  (e.g. as a "tar" file).  Then,
+#	make more edits, and test, as above.
+#
+#	There are many "commented out" references to modules such
+#	as ldap, sql, etc.  These references serve as place-holders.
+#	If you need the functionality of that module, then configure
+#	it in radiusd.conf, and un-comment the references to it in
+#	this file.  In most cases, those small changes will result
+#	in the server being able to connect to the DB, and to
+#	authenticate users.
+#
+######################################################################
+
+server <%= @name %> {
+
+<%- @listen.each do |l| -%>
+  listen {
+  <%- @l.each do |k, v| -%>
+    <%= k %> = <%= v %>
+  <%- end -%>
+  }
+<%- end -%>
+
+  authorize {
+    <%= @authorize.join("\n    ") %>
+  }
+
+  authenticate {
+    <%= @authenticate.join("\n    ") %>
+  }
+
+  preacct {
+    <%= @preacct.join("\n    ") %>
+  }
+
+  accounting {
+    <%= @accounting.join("\n    ") %>
+  }
+
+  session {
+    <%= @session.join("\n    ") %>
+  }
+
+  post-auth {
+    <%= @post_auth.join("\n    ") %>
+  }
+
+  pre-proxy {
+    <%= @pre_proxy.join("\n    ") %>
+  }
+
+  post-proxy {
+    <%= @post_proxy.join("\n    ") %>
+  }
+}