Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Projets publics
puppet-freeradius
Commits
5f436870
Commit
5f436870
authored
Mar 03, 2015
by
Jonathan Gazeley
Browse files
Parameterise every variable available in sql.conf
parent
6119e008
Changes
3
Hide whitespace changes
Inline
Side-by-side
README.md
View file @
5f436870
...
...
@@ -326,6 +326,10 @@ Default: `undef`. Required. Specify which FreeRADIUS database driver to use. Cho
Default:
`localhost`
. Specify hostname of IP address of the database server.
##### `port`
TCP port to connect to the database. Default:
`3306`
.
##### `login`
Default:
`radius`
. Username to connect to the databae.
...
...
@@ -367,6 +371,70 @@ If you need to use custom queries, it is recommended that you deploy your query
`freeradius::script`
to install the file into
`/etc/raddb/scripts/custom_dialup.conf`
and then
set
`query_file`
to
`scripts/custom_dialup.conf`
.
##### `acct_table1`
If you want both stop and start records logged to the same SQL table, leave this as is. If you want them in
different tables, put the start table in
`$acct_table1`
and stop table in
`$acct_table2`
. Default :
`radacct`
##### `acct_table2`
If you want both stop and start records logged to the same SQL table, leave this as is. If you want them in
different tables, put the start table in
`$acct_table1`
and stop table in
`$acct_table2`
. Default :
`radacct`
##### `postauth_table`
Table for storing data after authentication
##### `authcheck_table`
Default:
`radcheck`
##### `authreply_table`
Default:
`radreply`
##### `groupcheck_table`
Default:
`radgroupcheck`
##### `groupreply_table`
Default:
`radgroupreply`
##### `usergroup_table`
Table to keep group info. Default:
`radusergroup`
##### `read_groups`
If set to
`yes`
(default) we read the group tables. If set to
`no`
the user MUST have
`Fall-Through = Yes`
in the radreply table. Default:
`yes`
.
##### `deletestalesessions`
Remove stale session if checkrad does not see a double login. Default:
`yes`
.
##### `sqltrace`
Print all SQL statements when in debug mode (-x). Default:
`no`
.
##### `sqltracefile`
Location for SQL statements to be stored if
`$sqltrace = yes`
. Default:
`${logdir}/sqltrace.sql`
##### `connect_failure_retry_delay`
Number of seconds to dely retrying on a failed database connection (per socket). Default:
`60`
.
##### `nas_table`
Table to keep radius client info. Default:
`nas`
.
#### `readclients`
Set to
`yes`
to read radius clients from the database (
`$nas_table`
) Clients will ONLY be read on server startup. For performance
and security reasons, finding clients via SQL queries CANNOT be done "live" while the server is running. Default:
`no`
.
#### `freeradius::statusclient`
...
...
manifests/sql.pp
View file @
5f436870
...
...
@@ -10,6 +10,22 @@ define freeradius::sql (
$lifetime
=
'0'
,
$max_queries
=
'0'
,
$ensure
=
present
,
$acct_table1
=
'radacct'
,
$acct_table2
=
'radacct'
,
$postauth_table
=
'radpostauth'
,
$authcheck_table
=
'radcheck'
,
$authreply_table
=
'radreply'
,
$groupcheck_table
=
'radgroupcheck'
,
$groupreply_table
=
'radgroupreply'
,
$usergroup_table
=
'radusergroup'
,
$deletestalesessions
=
'yes'
,
$sqltrace
=
'no'
,
$sqltracefile
=
'${logdir}/sqltrace.sql'
,
$connect_failure_retry_delay
=
'60'
,
$nas_table
=
'nas'
,
$read_groups
=
'yes'
,
$port
=
'3306'
,
$readclients
=
'no'
,
)
{
$fr_package
=
$::freeradius::params::fr_package
$fr_service
=
$::freeradius::params::fr_service
...
...
templates/sql.conf.erb
View file @
5f436870
...
...
@@ -13,7 +13,7 @@ sql <%= @name %> {
# Connection info:
server = "
<%=
@server
%>
"
#
port =
3306
port =
"
<%=
@port
%>
"
login = "
<%=
@login
%>
"
password = "
<%=
@password
%>
"
...
...
@@ -24,31 +24,31 @@ sql <%= @name %> {
# same SQL table, leave this as is. If you want them in
# different tables, put the start table in acct_table1
# and stop table in acct_table2
acct_table1 = "
radacct
"
acct_table2 = "
radacct
"
acct_table1 = "
<%=
@acct_table1
%>
"
acct_table2 = "
<%=
@acct_table2
%>
"
# Allow for storing data after authentication
postauth_table = "
rad
postauth"
postauth_table = "
<%=
@
postauth
_table
%>
"
authcheck_table = "
radcheck
"
authreply_table = "
radreply
"
authcheck_table = "
<%=
@authcheck_table
%>
"
authreply_table = "
<%=
@authreply_table
%>
"
groupcheck_table = "
rad
groupcheck"
groupreply_table = "
rad
groupreply"
groupcheck_table = "
<%=
@
groupcheck
_table
%>
"
groupreply_table = "
<%=
@
groupreply
_table
%>
"
# Table to keep group info
usergroup_table = "
rad
usergroup"
usergroup_table = "
<%=
@
usergroup
_table
%>
"
# If set to 'yes' (default) we read the group tables
# If set to 'no' the user MUST have Fall-Through = Yes in the radreply table
#
read_groups =
yes
read_groups =
<%=
@read_groups
%>
# Remove stale session if checkrad does not see a double login
deletestalesessions =
yes
deletestalesessions =
<%=
@deletestalesessions
%>
# Print all SQL statements when in debug mode (-x)
sqltrace =
no
sqltracefile =
${logdir}/
sqltrace
.sql
sqltrace =
<%=
@sqltrace
%>
sqltracefile =
<%=
@
sqltrace
file
%>
# number of sql connections to make to server
#
...
...
@@ -62,7 +62,7 @@ sql <%= @name %> {
# number of seconds to dely retrying on a failed database
# connection (per_socket)
connect_failure_retry_delay =
60
connect_failure_retry_delay =
<%=
@connect_failure_retry_delay
%>
# lifetime of an SQL socket. If you are having network issues
# such as TCP sessions expiring, you may need to set the socket
...
...
@@ -80,10 +80,10 @@ sql <%= @name %> {
# Clients will ONLY be read on server startup. For performance
# and security reasons, finding clients via SQL queries CANNOT
# be done "live" while the server is running.
#
readclients =
yes
readclients =
<%=
@readclients
%>
# Table to keep radius client info
nas_table =
"nas"
nas_table =
<%=
@nas_table
%>
# Read driver-specific configuration
$INCLUDE
<%=
@query_file
%>
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment