Stop hard-coding various parameters and use site-wide default params

manifests/attr.pp

 # Install FreeRADIUS config snippets
 define freeradius::attr ($source) {
-  file { "/etc/raddb/attr.d/${name}":
+  $fr_package = $::freeradius::params::fr_package
+  $fr_service = $::freeradius::params::fr_service
+  $fr_basepath = $::freeradius::params::fr_basepath
+  $fr_user = $::freeradius::params::fr_user
+
+  file { "${fr_basepath}/attr.d/${name}":
     mode    => '0640',
     owner   => 'root',
     group   => 'radiusd',
     source  => $source,
-    require => File['/etc/raddb/attr.d'],
-    notify  => Service['radiusd'],
+    require => File["${fr_basepath}/attr.d"],
+    notify  => Service[$fr_service],
   }
 }

manifests/client.pp

@@ -13,12 +13,17 @@ define freeradius::client (
   $port=undef,
   $srcip=undef,
 ) {
-  file { "/etc/raddb/clients.d/${shortname}.conf":
+  $fr_package = $::freeradius::params::fr_package
+  $fr_service = $::freeradius::params::fr_service
+  $fr_basepath = $::freeradius::params::fr_basepath
+  $fr_user = $::freeradius::params::fr_user
+
+  file { "${fr_basepath}/clients.d/${shortname}.conf":
     mode    => '0640',
     owner   => 'root',
     group   => 'radiusd',
     content => template('freeradius/client.conf.erb'),
-    require => File['/etc/raddb/clients.d'],
-    notify  => Service['radiusd'],
+    require => File["${fr_basepath}/clients.d"],
+    notify  => Service[$fr_service],
   }
 }

manifests/config.pp

 # Install FreeRADIUS config snippets
 define freeradius::config ($source) {
-  file { "/etc/raddb/conf.d/${name}":
+  $fr_package = $::freeradius::params::fr_package
+  $fr_service = $::freeradius::params::fr_service
+  $fr_basepath = $::freeradius::params::fr_basepath
+  $fr_user = $::freeradius::params::fr_user
+
+  file { "${fr_basepath}/conf.d/${name}":
     mode    => '0640',
     owner   => 'root',
     group   => 'radiusd',
     source  => $source,
-    require => File['/etc/raddb/conf.d'],
-    notify  => Service['radiusd'],
+    require => File["${fr_basepath}/conf.d"],
+    notify  => Service[$fr_service],
   }
 }

manifests/init.pp

 # Base class to install FreeRADIUS
 class freeradius (
   $control_socket = false,
-) {
+  $fr_service = $fr_service,
+) inherits freeradius::params {
+
   include samba
   include nagios::plugins::radius
 
   file { 'radiusd.conf':
-    name    => '/etc/raddb/radiusd.conf',
+    name    => "$fr_basepath/radiusd.conf",
     mode    => '0640',
     owner   => 'root',
     group   => 'radiusd',
     source  => 'puppet:///modules/freeradius/radiusd.conf',
-    require => Package['freeradius'],
-    notify  => Service['radiusd'],
+    require => Package[$fr_package],
+    notify  => Service[$fr_service],
   }
 
   # Create various directories
   file { [
-    '/etc/raddb/clients.d',
-    '/etc/raddb/statusclients.d',
-    '/etc/raddb',
-    '/etc/raddb/instantiate',
-    '/etc/raddb/conf.d',
-    '/etc/raddb/attr.d',
-    '/etc/raddb/users.d',
-    '/etc/raddb/policy.d',
-    '/etc/raddb/scripts',
-    '/etc/raddb/certs',
+    "$fr_basepath/clients.d",
+    "$fr_basepath/statusclients.d",
+    "$fr_basepath",
+    "$fr_basepath/instantiate",
+    "$fr_basepath/conf.d",
+    "$fr_basepath/attr.d",
+    "$fr_basepath/users.d",
+    "$fr_basepath/policy.d",
+    "$fr_basepath/scripts",
+    "$fr_basepath/certs",
   ]:
     ensure  => directory,
     mode    => '0750',
     owner   => 'root',
     group   => 'radiusd',
-    require => Package['freeradius'],
-    notify  => Service['radiusd'],
+    require => Package[$fr_package],
+    notify  => Service[$fr_service],
   }
 
   # Set up concat policy file, as there is only one global policy
   # We also add standard header and footer
-  concat { '/etc/raddb/policy.conf':
+  concat { "$fr_basepath/policy.conf":
     owner => 'root',
     group => 'radiusd',
     mode  => '0640',
   }
   concat::fragment { 'policy_header':
-    target  => '/etc/raddb/policy.conf',
+    target  => "$fr_basepath/policy.conf",
     content => "policy {\n",
     order   => 10,
   }
   concat::fragment { 'policy_footer':
-    target  => '/etc/raddb/policy.conf',
+    target  => "$fr_basepath/policy.conf",
     content => "}\n",
     order   => '99',
   }
 
   # Install FreeRADIUS packages from ResNet repo, which is newer than stock CentOS 
+  package { 'freeradius':
+    name   => $fr_package,
+    ensure => installed,
+  }
+
   package { [ 
-    'freeradius',
     'freeradius-mysql',
     'freeradius-perl',
     'freeradius-utils',
@@ -73,16 +79,12 @@ class freeradius (
   # won't get restarted, and the puppet run will fail.
   service { 'radiusd':
     ensure     => running,
-    name       => $::operatingsystem ? {
-      /CentOS|Scientific|Fedora/ => 'radiusd',
-      /Ubuntu|Debian/            => 'freeradius',
-      default                    => 'radiusd',
-    },
+    name       => $fr_service,
     require    => [
       Exec['radiusd-config-test'],
       File['radiusd.conf'],
       User['radiusd'],
-      Package['freeradius'],
+      Package[$fr_package],
       Service['winbind']
     ],
     enable     => true,
@@ -96,7 +98,7 @@ class freeradius (
     uid     => '95',
     gid     => 'radiusd',
     groups  => 'wbpriv',
-    require => Package['freeradius', 'samba-winbind'],
+    require => Package[$fr_package, 'samba-winbind'],
   }
 
   # Install a few modules required on all FR installations
@@ -137,7 +139,7 @@ class freeradius (
     '/var/log/radius/radacct',
   ]:
     mode    => '0750',
-    require => Package['freeradius'],
+    require => Package[$fr_package],
   }
 
   file { '/var/log/radius/radius.log':
@@ -152,20 +154,20 @@ class freeradius (
     owner   => 'root',
     group   => 'radiusd',
     source  => 'puppet:///modules/freeradius/radiusd.logrotate',
-    require => Package['freeradius'],
+    require => Package[$fr_package],
   }
 
   # Generate global SSL parameters
   exec { 'dh':
-    command => 'openssl dhparam -out /etc/raddb/certs/dh 1024',
-    creates => '/etc/raddb/certs/dh',
+    command => "openssl dhparam -out $fr_basepath/certs/dh 1024",
+    creates => "$fr_basepath/certs/dh",
     path    => '/usr/bin',
   }
 
   # Generate global SSL parameters
   exec { 'random':
-    command => 'dd if=/dev/urandom of=/etc/raddb/certs/random count=10 >/dev/null 2>&1',
-    creates => '/etc/raddb/certs/random',
+    command => "dd if=/dev/urandom of=$fr_basepath/certs/random count=10 >/dev/null 2>&1",
+    creates => "$fr_basepath/certs/random",
     path    => '/bin',
   }
 
@@ -181,27 +183,27 @@ class freeradius (
   # Blank a couple of default files that will break our config. This is more effective than deleting them
   # as they won't get overwritten when FR is upgraded from RPM, whereas missing files are replaced.
   file { [
-    '/etc/raddb/sites-available/default',
-    '/etc/raddb/sites-available/inner-tunnel',
-    '/etc/raddb/proxy.conf',
-    '/etc/raddb/clients.conf',
+    "$fr_basepath/sites-available/default",
+    "$fr_basepath/sites-available/inner-tunnel",
+    "$fr_basepath/proxy.conf",
+    "$fr_basepath/clients.conf",
   ]:
     content => "# FILE INTENTIONALLY BLANK\n",
     mode    => '0644',
     owner   => 'root',
     group   => 'radiusd',
-    require => Package['freeradius'],
-    notify  => Service['radiusd'],
+    require => Package[$fr_package],
+    notify  => Service[$fr_service],
   }
 
   # Delete *.rpmnew and *.rpmsave files from the radius config dir because
   # radiusd stupidly reads these files in, and they break the config
   exec { 'delete-radius-rpmnew':
-    command => '/bin/find /etc/raddb -name *.rpmnew -delete',
-    onlyif  => '/bin/find /etc/raddb -name *.rpmnew | /bin/grep rpmnew',
+    command => "/bin/find $fr_basepath -name *.rpmnew -delete",
+    onlyif  => "/bin/find $fr_basepath -name *.rpmnew | /bin/grep rpmnew",
   }
   exec { 'delete-radius-rpmsave':
-    command => '/bin/find /etc/raddb -name *.rpmsave -delete',
-    onlyif  => '/bin/find /etc/raddb -name *.rpmsave | /bin/grep rpmsave',
+    command => "/bin/find $fr_basepath -name *.rpmsave -delete",
+    onlyif  => "/bin/find $fr_basepath -name *.rpmsave | /bin/grep rpmsave",
   }
 }

manifests/instantiate.pp

 # Instantiate a module in global config
 define freeradius::instantiate {
-  file { "/etc/raddb/instantiate/${name}":
+  $fr_package = $::freeradius::params::fr_package
+  $fr_service = $::freeradius::params::fr_service
+  $fr_basepath = $::freeradius::params::fr_basepath
+  $fr_user = $::freeradius::params::fr_user
+
+  file { "${fr_basepath}/instantiate/${name}":
     mode    => '0640',
     owner   => 'root',
     group   => 'radiusd',
     content => $name,
-    require => Package['freeradius'],
-    notify  => Service['radiusd'],
+    require => Package[$fr_package],
+    notify  => Service[$fr_service],
   }
 }

manifests/module.pp

 # Install FreeRADIUS modules
 define freeradius::module ($source) {
-  file { "/etc/raddb/modules/${name}":
+  $fr_package = $::freeradius::params::fr_package
+  $fr_service = $::freeradius::params::fr_service
+  $fr_basepath = $::freeradius::params::fr_basepath
+  $fr_user = $::freeradius::params::fr_user
+
+  file { "${fr_basepath}/modules/${name}":
     mode    => '0640',
     owner   => 'root',
     group   => 'radiusd',
     source  => $source,
-    require => Package['freeradius'],
-    notify  => Service['radiusd'],
+    require => Package[$fr_package],
+    notify  => Service[$fr_service],
   }
 }

manifests/params.pp

+# Default parameters for freeradius
+class freeradius::params {
+
+  # Name of FreeRADIUS package
+  $fr_package = $::osfamily ? {
+    'RedHat' => 'freeradius',
+    'Debian' => 'freeradius',
+    default  => 'freeradius',
+  }
+
+  # Name of FreeRADIUS service
+  $fr_service = $::osfamily ? {
+    'RedHat' => 'radiusd',
+    'Debian' => 'freeradius',
+    default  => 'radiusd',
+  }
+
+  # Default base path for FreeRADIUS configs
+  $fr_basepath = $::osfamily ? {
+    'RedHat' => '/etc/raddb',
+    'Debian' => '/etc/freeradius',
+    default  => '/etc/raddb',
+  }
+
+  # FreeRADIUS user
+  $fr_user = $::osfamily ? {
+    'RedHat' => 'radiusd',
+    default  => 'radiusd'
+  }
+
+}

manifests/policy.pp

 # Install FreeRADIUS policies
 define freeradius::policy ($source, $order=50) {
+  $fr_package = $::freeradius::params::fr_package
+  $fr_service = $::freeradius::params::fr_service
+  $fr_basepath = $::freeradius::params::fr_basepath
+  $fr_user = $::freeradius::params::fr_user
+
   # Install policy in policy.d 
-  file { "/etc/raddb/policy.d/${name}":
+  file { "${fr_basepath}/policy.d/${name}":
     mode    => '0644',
     owner   => 'root',
     group   => 'radiusd',
     source  => $source,
-    require => Package['freeradius'],
-    notify  => Service['radiusd'],
+    require => Package[$fr_package],
+    notify  => Service[$fr_service],
   }
 
   # Reference policy.d in the global includes file
   # If no order priority is given, assume 50
   concat::fragment { "policy-${name}":
-    target  => '/etc/raddb/policy.conf',
-    content => "\t\$INCLUDE /etc/raddb/policy.d/${name}\n",
+    target  => "${fr_basepath}/policy.conf",
+    content => "\t\$INCLUDE ${fr_basepath}/policy.d/${name}\n",
     order   => $order,
-    require => File["/etc/raddb/policy.d/${name}"],
+    require => File["${fr_basepath}/policy.d/${name}"],
   }
 
 }

manifests/script.pp

 # Install FreeRADIUS helper scripts
 define freeradius::script ($source) {
-  file { "/etc/raddb/scripts/${name}":
+  $fr_package = $::freeradius::params::fr_package
+  $fr_service = $::freeradius::params::fr_service
+  $fr_basepath = $::freeradius::params::fr_basepath
+  $fr_user = $::freeradius::params::fr_user
+
+  file { "${fr_basepath}/scripts/${name}":
     mode    => '0750',
     owner   => 'root',
     group   => 'radiusd',
     source  => $source,
-    require => File['/etc/raddb/scripts'],
+    require => File["${fr_basepath}/scripts"],
   }
 }

manifests/site.pp

@@ -3,13 +3,18 @@ define freeradius::site (
   $source  = undef,
   $content = undef,
 ) {
-  file { "/etc/raddb/sites-enabled/${name}":
+  $fr_package = $::freeradius::params::fr_package
+  $fr_service = $::freeradius::params::fr_service
+  $fr_basepath = $::freeradius::params::fr_basepath
+  $fr_user = $::freeradius::params::fr_user
+
+  file { "${fr_basepath}/sites-enabled/${name}":
     mode    => '0640',
     owner   => 'root',
     group   => 'radiusd',
     source  => $source,
     content => $content,
-    require => Package['freeradius'],
-    notify  => Service['radiusd'],
+    require => Package[$fr_package],
+    notify  => Service[$fr_service],
   }
 }

manifests/statusclient.pp

@@ -7,12 +7,17 @@ define freeradius::statusclient (
   $shortname,
   $netmask = undef,
 ) {
-  file { "/etc/raddb/statusclients.d/${name}.conf":
+  $fr_package = $::freeradius::params::fr_package
+  $fr_service = $::freeradius::params::fr_service
+  $fr_basepath = $::freeradius::params::fr_basepath
+  $fr_user = $::freeradius::params::fr_user
+
+  file { "${fr_basepath}/statusclients.d/${name}.conf":
     mode    => '0640',
     owner   => 'root',
     group   => 'radiusd',
     content => template('freeradius/client.conf.erb'),
-    require => File['/etc/raddb/clients.d'],
-    notify  => Service['radiusd'],
+    require => File["${fr_basepath}/clients.d"],
+    notify  => Service[$fr_service],
   }
 }