Unverified Commit 53cda02c authored by Andrew Teixeira's avatar Andrew Teixeira
Browse files

Spacing cleanups of the config file templates

parent 7f4ebd0a
......@@ -32,7 +32,7 @@ eap {
# configurable length of time, entries in the list
# expire, and are deleted.
#
timer_expire = <%= @timer_expire %>
timer_expire = <%= @timer_expire %>
# There are many EAP types, but the server has support
# for only a limited subset. If the server receives
......@@ -79,7 +79,7 @@ eap {
#
# EAP-pwd -- secure password-based authentication
#
pwd {
pwd {
<%- if @pwd_group -%>
group = <%= @pwd_group %>
<%- end -%>
......@@ -103,7 +103,7 @@ eap {
# no User-Password, CHAP-Password, EAP-Message, etc.
virtual_server = <%= @pwd_virtual_server %>
<%- end -%>
}
}
<%- end -%>
<%- if @eap_leap -%>
......@@ -219,10 +219,10 @@ eap {
ca_file = <%= @tls_ca_file %>
<%- if @tls_auto_chain -%>
# OpenSSL will automatically create certificate chains,
# unless we tell it to not do that. The problem is that
# it sometimes gets the chains right from a certificate
# signature view, but wrong from the clients view.
# OpenSSL will automatically create certificate chains,
# unless we tell it to not do that. The problem is that
# it sometimes gets the chains right from a certificate
# signature view, but wrong from the clients view.
#
# When setting "auto_chain = no", the server certificate
# file MUST include the full certificate chain.
......@@ -871,7 +871,7 @@ eap {
#
require_client_cert = <%= @peap_require_client_cert %>
<%- end -%>
}
}
<%- end -%>
#
......
......@@ -13,7 +13,6 @@ home_server <%= @name %> {
proto = <%= @proto %>
secret = <%= @secret %>
<%- if @status_check -%>
status_check = <%= @status_check %>
status_check = <%= @status_check %>
<%- end -%>
}
......@@ -88,31 +88,31 @@ listen {
# This section is ignored for other kinds of sockets.
#
limit {
#
# Limit the number of simultaneous TCP connections to the socket
#
# The default is 16.
# Setting this to 0 means "no limit"
max_connections = <%= @max_connections %>
#
# Limit the number of simultaneous TCP connections to the socket
#
# The default is 16.
# Setting this to 0 means "no limit"
max_connections = <%= @max_connections %>
# The per-socket "max_requests" option does not exist.
# The per-socket "max_requests" option does not exist.
#
# The lifetime, in seconds, of a TCP connection. After
# this lifetime, the connection will be closed.
#
# Setting this to 0 means "forever".
lifetime = <%= @lifetime %>
#
# The lifetime, in seconds, of a TCP connection. After
# this lifetime, the connection will be closed.
#
# Setting this to 0 means "forever".
lifetime = <%= @lifetime %>
#
# The idle timeout, in seconds, of a TCP connection.
# If no packets have been received over the connection for
# this time, the connection will be closed.
#
# Setting this to 0 means "no timeout".
#
# We STRONGLY RECOMMEND that you set an idle timeout.
#
idle_timeout = <%= @idle_timeout %>
#
# The idle timeout, in seconds, of a TCP connection.
# If no packets have been received over the connection for
# this time, the connection will be closed.
#
# Setting this to 0 means "no timeout".
#
# We STRONGLY RECOMMEND that you set an idle timeout.
#
idle_timeout = <%= @idle_timeout %>
}
}
......@@ -264,7 +264,7 @@ log {
# The command-line option "-X" over-rides this option, and forces
# logging to go to stdout.
#
destination = <%= @log_destination %>
destination = <%= @log_destination %>
#
# Highlight important messages sent to stderr and stdout.
......@@ -495,16 +495,14 @@ security {
#
status_server = yes
# allow_vulnerable_openssl: Allow the server to start with
# versions of OpenSSL known to have critical vulnerabilities.
#
# This check is based on the version number reported by libssl
# and may not reflect patches applied to libssl by
# distribution maintainers.
#
allow_vulnerable_openssl = yes
# allow_vulnerable_openssl: Allow the server to start with
# versions of OpenSSL known to have critical vulnerabilities.
#
# This check is based on the version number reported by libssl
# and may not reflect patches applied to libssl by
# distribution maintainers.
#
allow_vulnerable_openssl = yes
}
# PROXY CONFIGURATION
......
......@@ -38,41 +38,41 @@ sql <%= @name %> {
# * rlm_sql_sqlite
# * rlm_sql_unixodbc
#
driver = "rlm_sql_${dialect}"
driver = "rlm_sql_${dialect}"
# Uncomment to include driver specific configuration file
# (if one exists)
# These config files contain driver specific options.
# $INCLUDE ${modenableddir}/${.:name}_${dialect}
# $INCLUDE ${modenableddir}/${.:name}_${dialect}
# Connection info:
#
server = "<%= @server %>"
port = "<%= @port %>"
login = "<%= @login %>"
password = "<%= @password %>"
server = "<%= @server %>"
port = "<%= @port %>"
login = "<%= @login %>"
password = "<%= @password %>"
# Database table configuration for everything except Oracle
radius_db = "<%= @radius_db %>"
# If you're using postgresql this can also be used instead of the connection info parameters
# radius_db = "dbname=radius host=localhost user=radius password=raddpass"
# radius_db = "dbname=radius host=localhost user=radius password=raddpass"
# If you're using postgresql this can also be used instead of the connection info parameters
# radius_db = "dbname=radius host=localhost user=radius password=raddpass"
# Postgreql doesn't take tls{} options in its module config like mysql does - if you want to
# use SSL connections then use this form of connection info parameter
# radius_db = "host=localhost port=5432 dbname=radius user=radius password=raddpass sslmode=verify-full sslcert=/etc/ssl/client.crt sslkey=/etc/ssl/client.key sslrootcert=/etc/ssl/ca.crt"
# radius_db = "dbname=radius host=localhost user=radius password=raddpass"
# Postgreql doesn't take tls{} options in its module config like mysql does - if you want to
# use SSL connections then use this form of connection info parameter
# radius_db = "host=localhost port=5432 dbname=radius user=radius password=raddpass sslmode=verify-full sslcert=/etc/ssl/client.crt sslkey=/etc/ssl/client.key sslrootcert=/etc/ssl/ca.crt"
# If you want both stop and start records logged to the
# same SQL table, leave this as is. If you want them in
# different tables, put the start table in acct_table1
# and stop table in acct_table2
acct_table1 = "<%= @acct_table1 %>"
acct_table2 = "<%= @acct_table2 %>"
acct_table1 = "<%= @acct_table1 %>"
acct_table2 = "<%= @acct_table2 %>"
# Allow for storing data after authentication
postauth_table = "<%= @postauth_table %>"
postauth_table = "<%= @postauth_table %>"
# Tables containing 'check' items
authcheck_table = "<%= @authcheck_table %>"
......@@ -91,7 +91,7 @@ sql <%= @name %> {
# If set to 'yes' (default) we read profiles unless Fall-Through = no in the groupreply table.
# If set to 'no' we do not read profiles unless Fall-Through = yes in the groupreply table.
# read_profiles = yes
# read_profiles = yes
# Remove stale session if checkrad does not see a double login
delete_stale_sessions = <%= @deletestalesessions %>
......@@ -106,9 +106,9 @@ sql <%= @name %> {
logfile = <%= @sqltracefile %>
<% end -%>
# Set the maximum query duration for rlm_sql_mysql and
# Set the maximum query duration for rlm_sql_mysql and
# rlm_sql_cassandra.
# query_timeout = 5
# query_timeout = 5
#
# The connection pool is new for 3.0, and will be used in many
......@@ -140,10 +140,10 @@ sql <%= @name %> {
# connections during instantiation it will exit.
# Set to 0 to allow the server to start without the
# database being available.
start = <%= @pool_start %>
start = <%= @pool_start %>
# Minimum number of connections to keep open
min = <%= @pool_min %>
min = <%= @pool_min %>
# Maximum number of connections
#
......@@ -162,12 +162,12 @@ sql <%= @name %> {
#
# NOTE: Idle connections WILL be closed if "idle_timeout"
# is set. This should be less than or equal to "max" above.
spare = <%= @pool_spare %>
spare = <%= @pool_spare %>
# Number of uses before the connection is closed
#
# 0 means "infinite"
uses = <%= @max_queries %>
uses = <%= @max_queries %>
# The number of seconds to wait after the server tries
# to open a connection, and fails. During this time,
......@@ -179,7 +179,7 @@ sql <%= @name %> {
# idle timeout (in seconds). A connection which is
# unused for this length of time will be closed.
idle_timeout = <%= @pool_idle_timeout %>
idle_timeout = <%= @pool_idle_timeout %>
# Connection timeout (in seconds). The maximum amount of
# time to wait for a new connection to be established.
......@@ -188,7 +188,7 @@ sql <%= @name %> {
# rlm_sql_oracle - Not possible.
# rlm_sql_postgresql - Should be set via the radius_db string instead.
#
connect_timeout = <%= @pool_connect_timeout %>
connect_timeout = <%= @pool_connect_timeout %>
# NOTE: All configuration settings are enforced. If a
# connection is closed because of "idle_timeout",
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment