Add support for loading custom dictionaries

49e588a2 · Jonathan Gazeley · 1cb343d4 · 49e588a2 · 49e588a2 · 49e588a2
Commit 49e588a2 authored 10 years ago by Jonathan Gazeley
--- a/README.md
+++ b/README.md
@@ -90,6 +90,16 @@ freeradius::config { 'realm-checks.conf':
 }
 ```

+#### `freeradius::dictionary`
+
+Install custom dictionaries without breaking the default FreeRADIUS dictionary. Custom dictionaries are installed in `/etc/raddb/dictionary.d` and automatically included in the global dictionary.
+
+```puppet
+freeradius::dictionary { 'mydict':
+  source => 'puppet:///modules/site_freeradius/dictionary.mydict',
+}
+```
+
 #### `freeradius::instantiate`

 Instantiate a module that is not automatically instantiated.

--- a/files/dictionary.footer
+++ b/files/dictionary.footer
+
+#
+#       If you want to add entries to the dictionary file,
+#       which are NOT going to be placed in a RADIUS packet,
+#       add them here.  The numbers you pick should be between
+#       3000 and 4000.
+#
+
+#ATTRIBUTE      My-Local-String         3000    string
+#ATTRIBUTE      My-Local-IPAddr         3001    ipaddr
+#ATTRIBUTE      My-Local-Integer        3002    integer
+
--- a/files/dictionary.header
+++ b/files/dictionary.header
+#
+#       This is the master dictionary file, which references the
+#       pre-defined dictionary files included with the server.
+#
+#       Any new/changed attributes MUST be placed in this file, as
+#       the pre-defined dictionaries SHOULD NOT be edited.
+#
+#       $Id$
+
+#       The filename given here should be an absolute path.
+
+$INCLUDE        /usr/share/freeradius/dictionary
+
+#       Place additional attributes or $INCLUDEs here.  They will
+#       over-ride the definitions in the pre-defined dictionaries.
+
+#       See the 'man' page for 'dictionary' for information on
+#       the format of the dictionary files.
+
--- a/manifests/dictionary.pp
+++ b/manifests/dictionary.pp
+# Install FreeRADIUS custom dictionaries
+define freeradius::dictionary ($source, $order=50) {
+  $fr_package = $::freeradius::params::fr_package
+  $fr_service = $::freeradius::params::fr_service
+  $fr_basepath = $::freeradius::params::fr_basepath
+
+  # Install dictionary in dictionary.d 
+  file { "${fr_basepath}/dictionary.d/dictionary.${name}":
+    mode    => '0644',
+    owner   => 'root',
+    group   => 'radiusd',
+    source  => $source,
+    require => Package[$fr_package],
+    notify  => Service[$fr_service],
+  }
+
+  # Reference policy.d in the global includes file
+  # If no order priority is given, assume 50
+  concat::fragment { "dictionary.${name}":
+    target  => "${fr_basepath}/dictionary",
+    content => "\$INCLUDE ${fr_basepath}/dictionary.d/dictionary.${name}\n",
+    order   => $order,
+    require => File["${fr_basepath}/dictionary.d/dictionary.${name}"],
+  }
+}
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -26,6 +26,7 @@ class freeradius (
    "$fr_basepath/attr.d",
    "$fr_basepath/users.d",
    "$fr_basepath/policy.d",
+    "$fr_basepath/dictionary.d",
    "$fr_basepath/scripts",
    "$fr_basepath/certs",
  ]:
@@ -55,6 +56,24 @@ class freeradius (
    order   => '99',
  }

+  # Install a slightly tweaked stock dictionary that includes
+  # our custom dictionaries
+  concat { "$fr_basepath/dictionary":
+    owner => 'root',
+    group => 'radiusd',
+    mode  => '0640',
+  }
+  concat::fragment { 'dictionary_header':
+    target  => "$fr_basepath/dictionary",
+    source  => 'puppet:///modules/freeradius/dictionary.header',
+    order   => 10,
+  }
+  concat::fragment { 'dictionary_footer':
+    target  => "$fr_basepath/dictionary",
+    source  => 'puppet:///modules/freeradius/dictionary.footer',
+    order   => 90,
+  }
+
  # Install FreeRADIUS packages from ResNet repo, which is newer than stock CentOS 
  package { 'freeradius':
    name   => $fr_package,

--- a/templates/dictionary.erb
+++ b/templates/dictionary.erb
+#
+#	This is the master dictionary file, which references the
+#	pre-defined dictionary files included with the server.
+#
+#	Any new/changed attributes MUST be placed in this file, as
+#	the pre-defined dictionaries SHOULD NOT be edited.
+#
+#	$Id$
+#
+
+#
+#	The filename given here should be an absolute path. 
+#
+$INCLUDE	/usr/share/freeradius/dictionary
+$INCLUDE	<%= @fr_basepath %>/dictionary.custom
+
+#
+#	Place additional attributes or $INCLUDEs here.  They will
+#	over-ride the definitions in the pre-defined dictionaries.
+#
+#	See the 'man' page for 'dictionary' for information on
+#	the format of the dictionary files.
+
+#
+#	If you want to add entries to the dictionary file,
+#	which are NOT going to be placed in a RADIUS packet,
+#	add them here.  The numbers you pick should be between
+#	3000 and 4000.
+#
+
+#ATTRIBUTE	My-Local-String		3000	string
+#ATTRIBUTE	My-Local-IPAddr		3001	ipaddr
+#ATTRIBUTE	My-Local-Integer	3002	integer