Parameterise every variable available in sql.conf

5f436870 · Jonathan Gazeley · 6119e008 · 5f436870 · 5f436870 · 5f436870
Commit 5f436870 authored Mar 03, 2015 by Jonathan Gazeley
--- a/README.md
+++ b/README.md
@@ -326,6 +326,10 @@ Default: `undef`. Required. Specify which FreeRADIUS database driver to use. Cho

 Default: `localhost`. Specify hostname of IP address of the database server.

+##### `port`
+
+TCP port to connect to the database. Default: `3306`.
+
 ##### `login`

 Default: `radius`. Username to connect to the databae.
@@ -367,6 +371,70 @@ If you need to use custom queries, it is recommended that you deploy your query
 `freeradius::script` to install the file into `/etc/raddb/scripts/custom_dialup.conf` and then
 set `query_file` to `scripts/custom_dialup.conf`.

+##### `acct_table1`
+
+If you want both stop and start records logged to the same SQL table, leave this as is.  If you want them in
+different tables, put the start table in `$acct_table1` and stop table in `$acct_table2`. Default : `radacct`
+
+##### `acct_table2`
+
+If you want both stop and start records logged to the same SQL table, leave this as is.  If you want them in
+different tables, put the start table in `$acct_table1` and stop table in `$acct_table2`. Default : `radacct`
+
+##### `postauth_table`
+
+Table for storing data after authentication
+
+##### `authcheck_table`
+
+Default: `radcheck`
+
+##### `authreply_table`
+
+Default: `radreply`
+
+##### `groupcheck_table`
+
+Default: `radgroupcheck`
+
+##### `groupreply_table`
+
+Default: `radgroupreply`
+
+##### `usergroup_table`
+
+Table to keep group info. Default: `radusergroup`
+
+##### `read_groups`
+
+If set to `yes` (default) we read the group tables. If set to `no` the user MUST have `Fall-Through = Yes`
+in the radreply table. Default: `yes`.
+
+##### `deletestalesessions`
+
+Remove stale session if checkrad does not see a double login. Default: `yes`.
+
+##### `sqltrace`
+
+Print all SQL statements when in debug mode (-x). Default: `no`.
+
+##### `sqltracefile`
+
+Location for SQL statements to be stored if `$sqltrace = yes`. Default:
+`${logdir}/sqltrace.sql`
+
+##### `connect_failure_retry_delay`
+
+Number of seconds to dely retrying on a failed database connection (per socket). Default: `60`.
+
+##### `nas_table`
+
+Table to keep radius client info. Default: `nas`.
+
+#### `readclients`
+
+Set to `yes` to read radius clients from the database (`$nas_table`) Clients will ONLY be read on server startup. For performance
+and security reasons, finding clients via SQL queries CANNOT be done "live" while the server is running. Default: `no`.

 #### `freeradius::statusclient`


--- a/manifests/sql.pp
+++ b/manifests/sql.pp
@@ -10,6 +10,22 @@ define freeradius::sql (
  $lifetime = '0',
  $max_queries = '0',
  $ensure = present,
+  $acct_table1 = 'radacct',
+  $acct_table2 = 'radacct',
+  $postauth_table = 'radpostauth',
+  $authcheck_table = 'radcheck',
+  $authreply_table = 'radreply',
+  $groupcheck_table = 'radgroupcheck',
+  $groupreply_table = 'radgroupreply',
+  $usergroup_table = 'radusergroup',
+  $deletestalesessions = 'yes',
+  $sqltrace = 'no',
+  $sqltracefile = '${logdir}/sqltrace.sql',
+  $connect_failure_retry_delay = '60',
+  $nas_table = 'nas',
+  $read_groups = 'yes',
+  $port = '3306',
+  $readclients = 'no',
 ) {
  $fr_package  = $::freeradius::params::fr_package
  $fr_service  = $::freeradius::params::fr_service

--- a/templates/sql.conf.erb
+++ b/templates/sql.conf.erb
@@ -13,7 +13,7 @@ sql <%= @name %> {

 	# Connection info:
 	server = "<%= @server %>"
-	#port = 3306
+	port = "<%= @port %>"
 	login = "<%= @login %>"
 	password = "<%= @password %>"

@@ -24,31 +24,31 @@ sql <%= @name %> {
 	# same SQL table, leave this as is.  If you want them in
 	# different tables, put the start table in acct_table1
 	# and stop table in acct_table2
-	acct_table1 = "radacct"
-	acct_table2 = "radacct"
+	acct_table1 = "<%= @acct_table1 %>"
+	acct_table2 = "<%= @acct_table2 %>"

 	# Allow for storing data after authentication
-	postauth_table = "radpostauth"
+	postauth_table = "<%= @postauth_table %>"

-	authcheck_table = "radcheck"
-	authreply_table = "radreply"
+	authcheck_table = "<%= @authcheck_table %>"
+	authreply_table = "<%= @authreply_table %>"

-	groupcheck_table = "radgroupcheck"
-	groupreply_table = "radgroupreply"
+	groupcheck_table = "<%= @groupcheck_table %>"
+	groupreply_table = "<%= @groupreply_table %>"

 	# Table to keep group info
-	usergroup_table = "radusergroup"
+	usergroup_table = "<%= @usergroup_table %>"

 	# If set to 'yes' (default) we read the group tables
 	# If set to 'no' the user MUST have Fall-Through = Yes in the radreply table
-	# read_groups = yes
+	read_groups = <%= @read_groups %>

 	# Remove stale session if checkrad does not see a double login
-	deletestalesessions = yes
+	deletestalesessions = <%= @deletestalesessions %>

 	# Print all SQL statements when in debug mode (-x)
-	sqltrace = no
-	sqltracefile = ${logdir}/sqltrace.sql
+	sqltrace = <%= @sqltrace %>
+	sqltracefile = <%= @sqltracefile %>

 	# number of sql connections to make to server
 	#
@@ -62,7 +62,7 @@ sql <%= @name %> {

 	# number of seconds to dely retrying on a failed database
 	# connection (per_socket)
-	connect_failure_retry_delay = 60
+	connect_failure_retry_delay = <%= @connect_failure_retry_delay %>

 	# lifetime of an SQL socket.  If you are having network issues
 	# such as TCP sessions expiring, you may need to set the socket
@@ -80,10 +80,10 @@ sql <%= @name %> {
 	# Clients will ONLY be read on server startup.  For performance
 	# and security reasons, finding clients via SQL queries CANNOT
 	# be done "live" while the server is running.
-	#readclients = yes
+	readclients = <%= @readclients %>

 	# Table to keep radius client info
-	nas_table = "nas"
+	nas_table = <%= @nas_table %>

 	# Read driver-specific configuration
 	$INCLUDE <%= @query_file %>