Skip to content
GitLab
Commit dd8814c6 authored by Jonathan Gazeley's avatar Jonathan Gazeley
Browse files

Use different SQL template for FR2 and FR3

parent 5a85623a
Hide whitespace changes
Inline Side-by-side
manifests/sql.pp
View file @ dd8814c6
......@@ -100,7 +100,7 @@ define freeradius::sql (
mode => '0640',
owner => 'root',
group => $fr_group,
content => template('freeradius/sql.conf.erb'),
content => template("freeradius/sql.conf.fr${::freeradius_maj_version}.erb"),
require => [Package[$fr_package], Group[$fr_group]],
notify => Service[$fr_service],
}
......
templates/sql.conf.fr3.erb 0 → 100644
View file @ dd8814c6
# -*- text -*-
#
# Configuration for the SQL module
#
# The database schemas and queries are located in subdirectories:
#
# sql/<driver>/main/schema.sql Schema
# sql/<driver>/main/queries.conf Authorisation and Accounting queries
#
# Driver specific configuration options are located in sql prefix config files
#
# mods-available/sql_<driver>
#
# Where "driver" is cassandra, db2, firebird, freetds, iodbc, null, mysql
# oracle, postgresql, sqlite, unixodbc.
#
# $Id$
#
sql <%= @name %> {
# The dialect of SQL you want to use
#
# If you're using rlm_sql_null, then it should be the type of
# database the logged queries are going to be executed against.
dialect = "<%= @database %>"
# The sub-module to use to execute queries. This should match
# the database you're attempting to connect to.
#
# * rlm_sql_cassandra
# * rlm_sql_db2
# * rlm_sql_firedbird
# * rlm_sql_freetds (mssql)
# * rlm_sql_iodbc
# * rlm_sql_null (log queries to disk)
# * rlm_sql_mysql
# * rlm_sql_oracle
# * rlm_sql_postgresql
# * rlm_sql_sqlite
# * rlm_sql_unixodbc
#
driver = "rlm_sql_${dialect}"
# Uncomment to include driver specific configuration file
# (if one exists)
# These config files contain driver specific options.
# $INCLUDE ${modenableddir}/${.:name}_${dialect}
# Connection info:
#
server = "<%= @server %>"
port = "<%= @port %>"
login = "<%= @login %>"
password = "<%= @password %>"
# Database table configuration for everything except Oracle
radius_db = "<%= @radius_db %>"
# If you're using postgresql this can also be used instead of the connection info parameters
# radius_db = "dbname=radius host=localhost user=radius password=raddpass"
# If you're using postgresql this can also be used instead of the connection info parameters
# radius_db = "dbname=radius host=localhost user=radius password=raddpass"
# Postgreql doesn't take tls{} options in its module config like mysql does - if you want to
# use SSL connections then use this form of connection info parameter
# radius_db = "host=localhost port=5432 dbname=radius user=radius password=raddpass sslmode=verify-full sslcert=/etc/ssl/client.crt sslkey=/etc/ssl/client.key sslrootcert=/etc/ssl/ca.crt"
# If you want both stop and start records logged to the
# same SQL table, leave this as is. If you want them in
# different tables, put the start table in acct_table1
# and stop table in acct_table2
acct_table1 = "<%= @acct_table1 %>"
acct_table2 = "<%= @acct_table2 %>"
# Allow for storing data after authentication
postauth_table = "<%= @postauth_table %>"
# Tables containing 'check' items
authcheck_table = "<%= @authcheck_table %>"
groupcheck_table = "<%= @groupcheck_table %>"
# Tables containing 'reply' items
authreply_table = "<%= @authreply_table %>"
groupreply_table = "<%= @groupreply_table %>"
# Table to keep group info
usergroup_table = "<%= @usergroup_table %>"
# If set to 'yes' (default) we read the group tables unless Fall-Through = no in the reply table.
# If set to 'no' we do not read the group tables unless Fall-Through = yes in the reply table.
read_groups = <%= @read_groups %>
# If set to 'yes' (default) we read profiles unless Fall-Through = no in the groupreply table.
# If set to 'no' we do not read profiles unless Fall-Through = yes in the groupreply table.
# read_profiles = yes
# Remove stale session if checkrad does not see a double login
delete_stale_sessions = <%= @deletestalesessions %>
# Write SQL queries to a logfile. This is potentially useful for tracing
# issues with authorization queries. See also "logfile" directives in
# mods-config/sql/main/*/queries.conf. You can enable per-section logging
# by enabling "logfile" there, or global logging by enabling "logfile" here.
#
# Per-section logging can be disabled by setting "logfile = ''"
# logfile = ${logdir}/sqllog.sql
# Set the maximum query duration for rlm_sql_mysql and
# rlm_sql_cassandra.
# query_timeout = 5
#
# The connection pool is new for 3.0, and will be used in many
# modules, for all kinds of connection-related activity.
#
# When the server is not threaded, the connection pool
# limits are ignored, and only one connection is used.
#
# If you want to have multiple SQL modules re-use the same
# connection pool, use "pool = name" instead of a "pool"
# section. e.g.
#
# sql1 {
# ...
# pool {
# ...
# }
# }
#
# # sql2 will use the connection pool from sql1
# sql2 {
# ...
# pool = sql1
# }
#
pool {
# Connections to create during module instantiation.
# If the server cannot create specified number of
# connections during instantiation it will exit.
# Set to 0 to allow the server to start without the
# database being available.
start = ${thread[pool].start_servers}
# Minimum number of connections to keep open
min = ${thread[pool].min_spare_servers}
# Maximum number of connections
#
# If these connections are all in use and a new one
# is requested, the request will NOT get a connection.
#
# Setting 'max' to LESS than the number of threads means
# that some threads may starve, and you will see errors
# like 'No connections available and at max connection limit'
#
# Setting 'max' to MORE than the number of threads means
# that there are more connections than necessary.
max = ${thread[pool].max_servers}
# Spare connections to be left idle
#
# NOTE: Idle connections WILL be closed if "idle_timeout"
# is set. This should be less than or equal to "max" above.
spare = ${thread[pool].max_spare_servers}
# Number of uses before the connection is closed
#
# 0 means "infinite"
uses = <%= @max_queries %>
# The number of seconds to wait after the server tries
# to open a connection, and fails. During this time,
# no new connections will be opened.
retry_delay = <%= @connect_failure_retry_delay %>
# The lifetime (in seconds) of the connection
lifetime = <%= @lifetime %>
# idle timeout (in seconds). A connection which is
# unused for this length of time will be closed.
idle_timeout = 60
# Connection timeout (in seconds). The maximum amount of
# time to wait for a new connection to be established.
# Not supported by:
# rlm_sql_firebird - Likely possible but no documentation.
# rlm_sql_oracle - Not possible.
# rlm_sql_postgresql - Should be set via the radius_db string instead.
#
connect_timeout = 3.0
# NOTE: All configuration settings are enforced. If a
# connection is closed because of "idle_timeout",
# "uses", or "lifetime", then the total number of
# connections MAY fall below "min". When that
# happens, it will open a new connection. It will
# also log a WARNING message.
#
# The solution is to either lower the "min" connections,
# or increase lifetime/idle_timeout.
}
# Set to 'yes' to read radius clients from the database ('nas' table)
# Clients will ONLY be read on server startup.
read_clients = <%= @readclients %>
# Table to keep radius client info
client_table = <%= @nas_table %>
# The group attribute specific to this instance of rlm_sql
group_attribute = "${.:instance}-${.:name}-Group"
# Read database-specific queries
#
# Not all drivers ship with query.conf or schema.sql files.
# For those which don't, please create them and contribute
# them back to the project.
$INCLUDE <% if @custom_query_file_path %><%= @custom_query_file_path %><% else %><%= @query_file %><% end %>
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment