Split out control_socket into its own class and allow the ability to set ro/rw

6aa25967 · Jonathan Gazeley · 6a44647b · 6aa25967 · 6aa25967 · 6aa25967
Commit 6aa25967 authored 10 years ago by Jonathan Gazeley
--- a/README.md
+++ b/README.md
@@ -8,6 +8,7 @@
    * [Classes](#classes)
       * [`freeradius`](#freeradius)
       * [`freeradius::status_server`](#freeradiusstatus_server)
+       * [`freeradius::control_socket`](#freeradiuscontrol_socket)
    * [Resources](#resources)
       * [`freeradius::attr`](#freeradiusattr)
       * [`freeradius::blank`](#freeradiusblank)
@@ -126,6 +127,14 @@ Whether to enable the status server. Default: `true`
  }
 ```

+#### `freeradius::control_socket`
+
+The `freeradius::control_socket` class enables the control socket which can be used with [RADMIN](http://freeradius.org/radiusd/man/radmin.html).
+To remove the control socket, do not include this class and the socket will be removed.
+
+##### `mode`
+Whether the control socket should be read-only or read-write. Choose from `ro`, `rw`. Default: `ro`.
+
 ### Resources

 #### `freeradius::attr`

--- a/manifests/control_socket.pp
+++ b/manifests/control_socket.pp
+# Configure the FreeRADIUS control_socket
+class freeradius::control_socket (
+  $mode = 'ro',
+) {
+  $fr_user  = $::freeradius::params::fr_user
+  $fr_group = $::freeradius::params::fr_group
+
+  unless $mode in ['ro', 'rw'] {
+    fail('$mode must be ro or rw')
+  }
+
+  freeradius::site { 'control-socket':
+    content => template('freeradius/sites-enabled/control-socket.erb'),
+  }
+}
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -12,6 +12,10 @@ class freeradius (
  $syslog          = false,
 ) inherits freeradius::params {

+  if $control_socket == true {
+    warn('Use of the control_socket parameter in the freeradius class is deprecated. Please use the freeradius::control_socket class instead.')
+  }
+
  file { 'radiusd.conf':
    name    => "${freeradius::fr_basepath}/radiusd.conf",
    mode    => '0640',
@@ -187,13 +191,6 @@ class freeradius (
    }
  }

-  # Install a couple of virtual servers needed on all FR installations
-  if $control_socket == true {
-    freeradius::site { 'control-socket':
-      content => template('freeradius/sites-enabled/control-socket.erb'),
-    }
-  }
-
  # Make the radius log dir traversable
  file { [
    $freeradius::fr_logpath,

--- a/templates/sites-enabled/control-socket.erb
+++ b/templates/sites-enabled/control-socket.erb
@@ -69,5 +69,5 @@ listen {
 	#	ro = read only access (default)
 	#	rw = read/write access.
 	#
-	mode = rw
+	mode = <%= @mode %>
 }