Unverified Commit 6bae592b authored by Jonathan's avatar Jonathan Committed by GitHub
Browse files

Merge pull request #102 from broadinstitute/cleanup

Spacing cleanups of the config file templates
parents 7f4ebd0a 53cda02c
...@@ -32,7 +32,7 @@ eap { ...@@ -32,7 +32,7 @@ eap {
# configurable length of time, entries in the list # configurable length of time, entries in the list
# expire, and are deleted. # expire, and are deleted.
# #
timer_expire = <%= @timer_expire %> timer_expire = <%= @timer_expire %>
# There are many EAP types, but the server has support # There are many EAP types, but the server has support
# for only a limited subset. If the server receives # for only a limited subset. If the server receives
...@@ -79,7 +79,7 @@ eap { ...@@ -79,7 +79,7 @@ eap {
# #
# EAP-pwd -- secure password-based authentication # EAP-pwd -- secure password-based authentication
# #
pwd { pwd {
<%- if @pwd_group -%> <%- if @pwd_group -%>
group = <%= @pwd_group %> group = <%= @pwd_group %>
<%- end -%> <%- end -%>
...@@ -103,7 +103,7 @@ eap { ...@@ -103,7 +103,7 @@ eap {
# no User-Password, CHAP-Password, EAP-Message, etc. # no User-Password, CHAP-Password, EAP-Message, etc.
virtual_server = <%= @pwd_virtual_server %> virtual_server = <%= @pwd_virtual_server %>
<%- end -%> <%- end -%>
} }
<%- end -%> <%- end -%>
<%- if @eap_leap -%> <%- if @eap_leap -%>
...@@ -219,10 +219,10 @@ eap { ...@@ -219,10 +219,10 @@ eap {
ca_file = <%= @tls_ca_file %> ca_file = <%= @tls_ca_file %>
<%- if @tls_auto_chain -%> <%- if @tls_auto_chain -%>
# OpenSSL will automatically create certificate chains, # OpenSSL will automatically create certificate chains,
# unless we tell it to not do that. The problem is that # unless we tell it to not do that. The problem is that
# it sometimes gets the chains right from a certificate # it sometimes gets the chains right from a certificate
# signature view, but wrong from the clients view. # signature view, but wrong from the clients view.
# #
# When setting "auto_chain = no", the server certificate # When setting "auto_chain = no", the server certificate
# file MUST include the full certificate chain. # file MUST include the full certificate chain.
...@@ -871,7 +871,7 @@ eap { ...@@ -871,7 +871,7 @@ eap {
# #
require_client_cert = <%= @peap_require_client_cert %> require_client_cert = <%= @peap_require_client_cert %>
<%- end -%> <%- end -%>
} }
<%- end -%> <%- end -%>
# #
......
...@@ -13,7 +13,6 @@ home_server <%= @name %> { ...@@ -13,7 +13,6 @@ home_server <%= @name %> {
proto = <%= @proto %> proto = <%= @proto %>
secret = <%= @secret %> secret = <%= @secret %>
<%- if @status_check -%> <%- if @status_check -%>
status_check = <%= @status_check %> status_check = <%= @status_check %>
<%- end -%> <%- end -%>
} }
...@@ -88,31 +88,31 @@ listen { ...@@ -88,31 +88,31 @@ listen {
# This section is ignored for other kinds of sockets. # This section is ignored for other kinds of sockets.
# #
limit { limit {
# #
# Limit the number of simultaneous TCP connections to the socket # Limit the number of simultaneous TCP connections to the socket
# #
# The default is 16. # The default is 16.
# Setting this to 0 means "no limit" # Setting this to 0 means "no limit"
max_connections = <%= @max_connections %> max_connections = <%= @max_connections %>
# The per-socket "max_requests" option does not exist. # The per-socket "max_requests" option does not exist.
# #
# The lifetime, in seconds, of a TCP connection. After # The lifetime, in seconds, of a TCP connection. After
# this lifetime, the connection will be closed. # this lifetime, the connection will be closed.
# #
# Setting this to 0 means "forever". # Setting this to 0 means "forever".
lifetime = <%= @lifetime %> lifetime = <%= @lifetime %>
# #
# The idle timeout, in seconds, of a TCP connection. # The idle timeout, in seconds, of a TCP connection.
# If no packets have been received over the connection for # If no packets have been received over the connection for
# this time, the connection will be closed. # this time, the connection will be closed.
# #
# Setting this to 0 means "no timeout". # Setting this to 0 means "no timeout".
# #
# We STRONGLY RECOMMEND that you set an idle timeout. # We STRONGLY RECOMMEND that you set an idle timeout.
# #
idle_timeout = <%= @idle_timeout %> idle_timeout = <%= @idle_timeout %>
} }
} }
...@@ -264,7 +264,7 @@ log { ...@@ -264,7 +264,7 @@ log {
# The command-line option "-X" over-rides this option, and forces # The command-line option "-X" over-rides this option, and forces
# logging to go to stdout. # logging to go to stdout.
# #
destination = <%= @log_destination %> destination = <%= @log_destination %>
# #
# Highlight important messages sent to stderr and stdout. # Highlight important messages sent to stderr and stdout.
...@@ -495,16 +495,14 @@ security { ...@@ -495,16 +495,14 @@ security {
# #
status_server = yes status_server = yes
# allow_vulnerable_openssl: Allow the server to start with # allow_vulnerable_openssl: Allow the server to start with
# versions of OpenSSL known to have critical vulnerabilities. # versions of OpenSSL known to have critical vulnerabilities.
# #
# This check is based on the version number reported by libssl # This check is based on the version number reported by libssl
# and may not reflect patches applied to libssl by # and may not reflect patches applied to libssl by
# distribution maintainers. # distribution maintainers.
# #
allow_vulnerable_openssl = yes allow_vulnerable_openssl = yes
} }
# PROXY CONFIGURATION # PROXY CONFIGURATION
......
...@@ -38,41 +38,41 @@ sql <%= @name %> { ...@@ -38,41 +38,41 @@ sql <%= @name %> {
# * rlm_sql_sqlite # * rlm_sql_sqlite
# * rlm_sql_unixodbc # * rlm_sql_unixodbc
# #
driver = "rlm_sql_${dialect}" driver = "rlm_sql_${dialect}"
# Uncomment to include driver specific configuration file # Uncomment to include driver specific configuration file
# (if one exists) # (if one exists)
# These config files contain driver specific options. # These config files contain driver specific options.
# $INCLUDE ${modenableddir}/${.:name}_${dialect} # $INCLUDE ${modenableddir}/${.:name}_${dialect}
# Connection info: # Connection info:
# #
server = "<%= @server %>" server = "<%= @server %>"
port = "<%= @port %>" port = "<%= @port %>"
login = "<%= @login %>" login = "<%= @login %>"
password = "<%= @password %>" password = "<%= @password %>"
# Database table configuration for everything except Oracle # Database table configuration for everything except Oracle
radius_db = "<%= @radius_db %>" radius_db = "<%= @radius_db %>"
# If you're using postgresql this can also be used instead of the connection info parameters # If you're using postgresql this can also be used instead of the connection info parameters
# radius_db = "dbname=radius host=localhost user=radius password=raddpass" # radius_db = "dbname=radius host=localhost user=radius password=raddpass"
# If you're using postgresql this can also be used instead of the connection info parameters # If you're using postgresql this can also be used instead of the connection info parameters
# radius_db = "dbname=radius host=localhost user=radius password=raddpass" # radius_db = "dbname=radius host=localhost user=radius password=raddpass"
# Postgreql doesn't take tls{} options in its module config like mysql does - if you want to # Postgreql doesn't take tls{} options in its module config like mysql does - if you want to
# use SSL connections then use this form of connection info parameter # use SSL connections then use this form of connection info parameter
# radius_db = "host=localhost port=5432 dbname=radius user=radius password=raddpass sslmode=verify-full sslcert=/etc/ssl/client.crt sslkey=/etc/ssl/client.key sslrootcert=/etc/ssl/ca.crt" # radius_db = "host=localhost port=5432 dbname=radius user=radius password=raddpass sslmode=verify-full sslcert=/etc/ssl/client.crt sslkey=/etc/ssl/client.key sslrootcert=/etc/ssl/ca.crt"
# If you want both stop and start records logged to the # If you want both stop and start records logged to the
# same SQL table, leave this as is. If you want them in # same SQL table, leave this as is. If you want them in
# different tables, put the start table in acct_table1 # different tables, put the start table in acct_table1
# and stop table in acct_table2 # and stop table in acct_table2
acct_table1 = "<%= @acct_table1 %>" acct_table1 = "<%= @acct_table1 %>"
acct_table2 = "<%= @acct_table2 %>" acct_table2 = "<%= @acct_table2 %>"
# Allow for storing data after authentication # Allow for storing data after authentication
postauth_table = "<%= @postauth_table %>" postauth_table = "<%= @postauth_table %>"
# Tables containing 'check' items # Tables containing 'check' items
authcheck_table = "<%= @authcheck_table %>" authcheck_table = "<%= @authcheck_table %>"
...@@ -91,7 +91,7 @@ sql <%= @name %> { ...@@ -91,7 +91,7 @@ sql <%= @name %> {
# If set to 'yes' (default) we read profiles unless Fall-Through = no in the groupreply table. # If set to 'yes' (default) we read profiles unless Fall-Through = no in the groupreply table.
# If set to 'no' we do not read profiles unless Fall-Through = yes in the groupreply table. # If set to 'no' we do not read profiles unless Fall-Through = yes in the groupreply table.
# read_profiles = yes # read_profiles = yes
# Remove stale session if checkrad does not see a double login # Remove stale session if checkrad does not see a double login
delete_stale_sessions = <%= @deletestalesessions %> delete_stale_sessions = <%= @deletestalesessions %>
...@@ -106,9 +106,9 @@ sql <%= @name %> { ...@@ -106,9 +106,9 @@ sql <%= @name %> {
logfile = <%= @sqltracefile %> logfile = <%= @sqltracefile %>
<% end -%> <% end -%>
# Set the maximum query duration for rlm_sql_mysql and # Set the maximum query duration for rlm_sql_mysql and
# rlm_sql_cassandra. # rlm_sql_cassandra.
# query_timeout = 5 # query_timeout = 5
# #
# The connection pool is new for 3.0, and will be used in many # The connection pool is new for 3.0, and will be used in many
...@@ -140,10 +140,10 @@ sql <%= @name %> { ...@@ -140,10 +140,10 @@ sql <%= @name %> {
# connections during instantiation it will exit. # connections during instantiation it will exit.
# Set to 0 to allow the server to start without the # Set to 0 to allow the server to start without the
# database being available. # database being available.
start = <%= @pool_start %> start = <%= @pool_start %>
# Minimum number of connections to keep open # Minimum number of connections to keep open
min = <%= @pool_min %> min = <%= @pool_min %>
# Maximum number of connections # Maximum number of connections
# #
...@@ -162,12 +162,12 @@ sql <%= @name %> { ...@@ -162,12 +162,12 @@ sql <%= @name %> {
# #
# NOTE: Idle connections WILL be closed if "idle_timeout" # NOTE: Idle connections WILL be closed if "idle_timeout"
# is set. This should be less than or equal to "max" above. # is set. This should be less than or equal to "max" above.
spare = <%= @pool_spare %> spare = <%= @pool_spare %>
# Number of uses before the connection is closed # Number of uses before the connection is closed
# #
# 0 means "infinite" # 0 means "infinite"
uses = <%= @max_queries %> uses = <%= @max_queries %>
# The number of seconds to wait after the server tries # The number of seconds to wait after the server tries
# to open a connection, and fails. During this time, # to open a connection, and fails. During this time,
...@@ -179,7 +179,7 @@ sql <%= @name %> { ...@@ -179,7 +179,7 @@ sql <%= @name %> {
# idle timeout (in seconds). A connection which is # idle timeout (in seconds). A connection which is
# unused for this length of time will be closed. # unused for this length of time will be closed.
idle_timeout = <%= @pool_idle_timeout %> idle_timeout = <%= @pool_idle_timeout %>
# Connection timeout (in seconds). The maximum amount of # Connection timeout (in seconds). The maximum amount of
# time to wait for a new connection to be established. # time to wait for a new connection to be established.
...@@ -188,7 +188,7 @@ sql <%= @name %> { ...@@ -188,7 +188,7 @@ sql <%= @name %> {
# rlm_sql_oracle - Not possible. # rlm_sql_oracle - Not possible.
# rlm_sql_postgresql - Should be set via the radius_db string instead. # rlm_sql_postgresql - Should be set via the radius_db string instead.
# #
connect_timeout = <%= @pool_connect_timeout %> connect_timeout = <%= @pool_connect_timeout %>
# NOTE: All configuration settings are enforced. If a # NOTE: All configuration settings are enforced. If a
# connection is closed because of "idle_timeout", # connection is closed because of "idle_timeout",
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment