freeradius: add support for sites
This commit is contained in:
parent
4bd54fe371
commit
a816fb1f01
GPG key ID:
800882B66C0C3326
2 changed files with 46 additions and 12 deletions
|
|
@ -25,4 +25,8 @@ radiusd__tls_cipher_list: DEFAULT
|
||||||
radiusd__tls_certificate_file: /etc/ssl/certs/ssl-cert-snakeoil.pem
|
radiusd__tls_certificate_file: /etc/ssl/certs/ssl-cert-snakeoil.pem
|
||||||
radiusd__tls_private_key_file: /etc/ssl/private/ssl-cert-snakeoil.key
|
radiusd__tls_private_key_file: /etc/ssl/private/ssl-cert-snakeoil.key
|
||||||
radiusd__tls_ca_file: /etc/ssl/certs/ca-certificates.crt
|
radiusd__tls_ca_file: /etc/ssl/certs/ca-certificates.crt
|
||||||
|
radiusd__enabled_sites_minimal:
|
||||||
|
- default
|
||||||
|
- inner-tunnel
|
||||||
|
radiusd__enabled_sites: []
|
||||||
...
|
...
|
||||||
|
|
|
||||||
|
|
@ -36,6 +36,24 @@
|
||||||
- hints
|
- hints
|
||||||
- huntgroups
|
- huntgroups
|
||||||
|
|
||||||
|
- name: Configure freeradius
|
||||||
|
template:
|
||||||
|
src: "{{ item }}.j2"
|
||||||
|
dest: "/etc/freeradius/3.0/{{ item }}"
|
||||||
|
owner: root
|
||||||
|
group: freerad
|
||||||
|
mode: u=rw,g=r,o=
|
||||||
|
loop:
|
||||||
|
- radiusd.conf
|
||||||
|
#- proxy.conf
|
||||||
|
- clients.conf
|
||||||
|
- dictionary
|
||||||
|
- mods-available/utf8
|
||||||
|
- mods-available/always
|
||||||
|
- mods-available/eap
|
||||||
|
notify:
|
||||||
|
- Restart freeradius
|
||||||
|
|
||||||
- name: Enumerate available modules
|
- name: Enumerate available modules
|
||||||
find:
|
find:
|
||||||
paths: /etc/freeradius/3.0/mods-available
|
paths: /etc/freeradius/3.0/mods-available
|
||||||
|
|
@ -66,21 +84,33 @@
|
||||||
notify:
|
notify:
|
||||||
- Restart freeradius
|
- Restart freeradius
|
||||||
|
|
||||||
- name: Configure freeradius
|
- name: Enumerate available sites
|
||||||
template:
|
find:
|
||||||
src: "{{ item }}.j2"
|
paths: /etc/freeradius/3.0/sites-available
|
||||||
dest: "/etc/freeradius/3.0/{{ item }}"
|
register: available_sites
|
||||||
|
|
||||||
|
- name: Disable sites
|
||||||
|
file:
|
||||||
|
path: "/etc/freeradius/3.0/sites-enabled/{{ item }}"
|
||||||
|
state: absent
|
||||||
|
loop: "{{ available_sites.files
|
||||||
|
| map(attribute='path')
|
||||||
|
| map('basename')
|
||||||
|
| difference(radiusd__enabled_sites_minimal
|
||||||
|
| union(radiusd__enabled_sites)) }}"
|
||||||
|
notify:
|
||||||
|
- Restart freeradius
|
||||||
|
|
||||||
|
- name: Enable sites
|
||||||
|
file:
|
||||||
|
src: "/etc/freeradius/3.0/sites-available/{{ item }}"
|
||||||
|
dest: "/etc/freeradius/3.0/sites-enabled/{{ item }}"
|
||||||
|
state: link
|
||||||
owner: root
|
owner: root
|
||||||
group: freerad
|
group: freerad
|
||||||
mode: u=rw,g=r,o=
|
mode: u=rw,g=r,o=
|
||||||
loop:
|
loop: "{{ radiusd__enabled_sites_minimal
|
||||||
- radiusd.conf
|
| union(radiusd__enabled_sites) }}"
|
||||||
#- proxy.conf
|
|
||||||
- clients.conf
|
|
||||||
- dictionary
|
|
||||||
- mods-available/utf8
|
|
||||||
- mods-available/always
|
|
||||||
- mods-available/eap
|
|
||||||
notify:
|
notify:
|
||||||
- Restart freeradius
|
- Restart freeradius
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue