Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Projets publics
puppet-freeradius
Commits
53cda02c
Unverified
Commit
53cda02c
authored
May 10, 2018
by
Andrew Teixeira
Browse files
Spacing cleanups of the config file templates
parent
7f4ebd0a
Changes
5
Hide whitespace changes
Inline
Side-by-side
templates/eap.erb
View file @
53cda02c
...
...
@@ -32,7 +32,7 @@ eap {
# configurable length of time, entries in the list
# expire, and are deleted.
#
timer_expire
=
<%=
@timer_expire
%>
timer_expire =
<%=
@timer_expire
%>
# There are many EAP types, but the server has support
# for only a limited subset. If the server receives
...
...
@@ -79,7 +79,7 @@ eap {
#
# EAP-pwd -- secure password-based authentication
#
pwd {
pwd {
<%-
if
@pwd_group
-%>
group =
<%=
@pwd_group
%>
<%-
end
-%>
...
...
@@ -103,7 +103,7 @@ eap {
# no User-Password, CHAP-Password, EAP-Message, etc.
virtual_server =
<%=
@pwd_virtual_server
%>
<%-
end
-%>
}
}
<%-
end
-%>
<%-
if
@eap_leap
-%>
...
...
@@ -219,10 +219,10 @@ eap {
ca_file =
<%=
@tls_ca_file
%>
<%-
if
@tls_auto_chain
-%>
# OpenSSL will automatically create certificate chains,
# unless we tell it to not do that. The problem is that
# it sometimes gets the chains right from a certificate
# signature view, but wrong from the clients view.
# OpenSSL will automatically create certificate chains,
# unless we tell it to not do that. The problem is that
# it sometimes gets the chains right from a certificate
# signature view, but wrong from the clients view.
#
# When setting "auto_chain = no", the server certificate
# file MUST include the full certificate chain.
...
...
@@ -871,7 +871,7 @@ eap {
#
require_client_cert =
<%=
@peap_require_client_cert
%>
<%-
end
-%>
}
}
<%-
end
-%>
#
...
...
templates/home_server.erb
View file @
53cda02c
...
...
@@ -13,7 +13,6 @@ home_server <%= @name %> {
proto =
<%=
@proto
%>
secret =
<%=
@secret
%>
<%-
if
@status_check
-%>
status_check =
<%=
@status_check
%>
status_check =
<%=
@status_check
%>
<%-
end
-%>
}
templates/listen.erb
View file @
53cda02c
...
...
@@ -88,31 +88,31 @@ listen {
# This section is ignored for other kinds of sockets.
#
limit {
#
# Limit the number of simultaneous TCP connections to the socket
#
# The default is 16.
# Setting this to 0 means "no limit"
max_connections =
<%=
@max_connections
%>
#
# Limit the number of simultaneous TCP connections to the socket
#
# The default is 16.
# Setting this to 0 means "no limit"
max_connections =
<%=
@max_connections
%>
# The per-socket "max_requests" option does not exist.
# The per-socket "max_requests" option does not exist.
#
# The lifetime, in seconds, of a TCP connection. After
# this lifetime, the connection will be closed.
#
# Setting this to 0 means "forever".
lifetime =
<%=
@lifetime
%>
#
# The lifetime, in seconds, of a TCP connection. After
# this lifetime, the connection will be closed.
#
# Setting this to 0 means "forever".
lifetime =
<%=
@lifetime
%>
#
# The idle timeout, in seconds, of a TCP connection.
# If no packets have been received over the connection for
# this time, the connection will be closed.
#
# Setting this to 0 means "no timeout".
#
# We STRONGLY RECOMMEND that you set an idle timeout.
#
idle_timeout =
<%=
@idle_timeout
%>
#
# The idle timeout, in seconds, of a TCP connection.
# If no packets have been received over the connection for
# this time, the connection will be closed.
#
# Setting this to 0 means "no timeout".
#
# We STRONGLY RECOMMEND that you set an idle timeout.
#
idle_timeout =
<%=
@idle_timeout
%>
}
}
templates/radiusd.conf.erb
View file @
53cda02c
...
...
@@ -264,7 +264,7 @@ log {
# The command-line option "-X" over-rides this option, and forces
# logging to go to stdout.
#
destination =
<%=
@log_destination
%>
destination =
<%=
@log_destination
%>
#
# Highlight important messages sent to stderr and stdout.
...
...
@@ -495,16 +495,14 @@ security {
#
status_server = yes
# allow_vulnerable_openssl: Allow the server to start with
# versions of OpenSSL known to have critical vulnerabilities.
#
# This check is based on the version number reported by libssl
# and may not reflect patches applied to libssl by
# distribution maintainers.
#
allow_vulnerable_openssl = yes
# allow_vulnerable_openssl: Allow the server to start with
# versions of OpenSSL known to have critical vulnerabilities.
#
# This check is based on the version number reported by libssl
# and may not reflect patches applied to libssl by
# distribution maintainers.
#
allow_vulnerable_openssl = yes
}
# PROXY CONFIGURATION
...
...
templates/sql.conf.erb
View file @
53cda02c
...
...
@@ -38,41 +38,41 @@ sql <%= @name %> {
# * rlm_sql_sqlite
# * rlm_sql_unixodbc
#
driver = "rlm_sql_${dialect}"
driver = "rlm_sql_${dialect}"
# Uncomment to include driver specific configuration file
# (if one exists)
# These config files contain driver specific options.
# $INCLUDE ${modenableddir}/${.:name}_${dialect}
#
$INCLUDE ${modenableddir}/${.:name}_${dialect}
# Connection info:
#
server = "
<%=
@server
%>
"
port = "
<%=
@port
%>
"
login = "
<%=
@login
%>
"
password = "
<%=
@password
%>
"
server = "
<%=
@server
%>
"
port = "
<%=
@port
%>
"
login = "
<%=
@login
%>
"
password = "
<%=
@password
%>
"
# Database table configuration for everything except Oracle
radius_db = "
<%=
@radius_db
%>
"
# If you're using postgresql this can also be used instead of the connection info parameters
# radius_db = "dbname=radius host=localhost user=radius password=raddpass"
#
radius_db = "dbname=radius host=localhost user=radius password=raddpass"
# If you're using postgresql this can also be used instead of the connection info parameters
# radius_db = "dbname=radius host=localhost user=radius password=raddpass"
# Postgreql doesn't take tls{} options in its module config like mysql does - if you want to
# use SSL connections then use this form of connection info parameter
# radius_db = "host=localhost port=5432 dbname=radius user=radius password=raddpass sslmode=verify-full sslcert=/etc/ssl/client.crt sslkey=/etc/ssl/client.key sslrootcert=/etc/ssl/ca.crt"
#
radius_db = "dbname=radius host=localhost user=radius password=raddpass"
# Postgreql doesn't take tls{} options in its module config like mysql does - if you want to
# use SSL connections then use this form of connection info parameter
#
radius_db = "host=localhost port=5432 dbname=radius user=radius password=raddpass sslmode=verify-full sslcert=/etc/ssl/client.crt sslkey=/etc/ssl/client.key sslrootcert=/etc/ssl/ca.crt"
# If you want both stop and start records logged to the
# same SQL table, leave this as is. If you want them in
# different tables, put the start table in acct_table1
# and stop table in acct_table2
acct_table1 = "
<%=
@acct_table1
%>
"
acct_table2 = "
<%=
@acct_table2
%>
"
acct_table1 = "
<%=
@acct_table1
%>
"
acct_table2 = "
<%=
@acct_table2
%>
"
# Allow for storing data after authentication
postauth_table = "
<%=
@postauth_table
%>
"
postauth_table = "
<%=
@postauth_table
%>
"
# Tables containing 'check' items
authcheck_table = "
<%=
@authcheck_table
%>
"
...
...
@@ -91,7 +91,7 @@ sql <%= @name %> {
# If set to 'yes' (default) we read profiles unless Fall-Through = no in the groupreply table.
# If set to 'no' we do not read profiles unless Fall-Through = yes in the groupreply table.
# read_profiles = yes
#
read_profiles = yes
# Remove stale session if checkrad does not see a double login
delete_stale_sessions =
<%=
@deletestalesessions
%>
...
...
@@ -106,9 +106,9 @@ sql <%= @name %> {
logfile =
<%=
@sqltracefile
%>
<%
end
-%>
# Set the maximum query duration for rlm_sql_mysql and
# Set the maximum query duration for rlm_sql_mysql and
# rlm_sql_cassandra.
# query_timeout = 5
#
query_timeout = 5
#
# The connection pool is new for 3.0, and will be used in many
...
...
@@ -140,10 +140,10 @@ sql <%= @name %> {
# connections during instantiation it will exit.
# Set to 0 to allow the server to start without the
# database being available.
start =
<%=
@pool_start
%>
start =
<%=
@pool_start
%>
# Minimum number of connections to keep open
min =
<%=
@pool_min
%>
min =
<%=
@pool_min
%>
# Maximum number of connections
#
...
...
@@ -162,12 +162,12 @@ sql <%= @name %> {
#
# NOTE: Idle connections WILL be closed if "idle_timeout"
# is set. This should be less than or equal to "max" above.
spare =
<%=
@pool_spare
%>
spare =
<%=
@pool_spare
%>
# Number of uses before the connection is closed
#
# 0 means "infinite"
uses =
<%=
@max_queries
%>
uses =
<%=
@max_queries
%>
# The number of seconds to wait after the server tries
# to open a connection, and fails. During this time,
...
...
@@ -179,7 +179,7 @@ sql <%= @name %> {
# idle timeout (in seconds). A connection which is
# unused for this length of time will be closed.
idle_timeout =
<%=
@pool_idle_timeout
%>
idle_timeout =
<%=
@pool_idle_timeout
%>
# Connection timeout (in seconds). The maximum amount of
# time to wait for a new connection to be established.
...
...
@@ -188,7 +188,7 @@ sql <%= @name %> {
# rlm_sql_oracle - Not possible.
# rlm_sql_postgresql - Should be set via the radius_db string instead.
#
connect_timeout =
<%=
@pool_connect_timeout
%>
connect_timeout =
<%=
@pool_connect_timeout
%>
# NOTE: All configuration settings are enforced. If a
# connection is closed because of "idle_timeout",
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment