--- - name: Install freeradius apt: name: freeradius install_recommends: false - name: Remove unused files file: path: "/etc/freeradius/3.0/{{ item }}" state: absent loop: - templates.conf - trigger.conf - README.rst - panic.gdb - experimental.conf - certs/ca.cnf - certs/bootstrap - certs/client.cnf - certs/inner-server.cnf - certs/server.cnf - certs/README - certs/Makefile - certs/xpextensions - policy.d/accounting - policy.d/rfc7542 - policy.d/dhcp - policy.d/debug - policy.d/control - policy.d/abfab-tr - policy.d/moonshot-targeted-ids - policy.d/operator-name - mods-config/unbound/ - mods-config/perl/ - mods-config/python3/ - mods-config/sql/ - mods-config/files/ - mods-config/preprocess/ - mods-config/README.rst - users - hints - huntgroups - name: Configure freeradius template: src: "{{ item }}.j2" dest: "/etc/freeradius/3.0/{{ item }}" owner: root group: freerad mode: u=rw,g=r,o= loop: - radiusd.conf #- proxy.conf - clients.conf - dictionary - mods-available/utf8 - mods-available/always - mods-available/eap - mods-available/ldap - mods-available/linelog - mods-available/eap_inner - mods-config/attr_filter/access_challenge - mods-config/attr_filter/access_reject - sites-available/outer-aurore - sites-available/inner-aurore notify: - Restart freeradius - name: Enumerate available modules find: paths: /etc/freeradius/3.0/mods-available register: available_modules - name: Disable modules file: path: "/etc/freeradius/3.0/mods-enabled/{{ item }}" state: absent loop: "{{ available_modules.files | map(attribute='path') | map('basename') | difference(radiusd__enabled_modules_minimal | union(radiusd__enabled_modules)) }}" notify: - Restart freeradius - name: Enable modules file: src: "/etc/freeradius/3.0/mods-available/{{ item }}" dest: "/etc/freeradius/3.0/mods-enabled/{{ item }}" state: link owner: root group: freerad mode: u=rw,g=r,o= loop: "{{ radiusd__enabled_modules_minimal | union(radiusd__enabled_modules) }}" notify: - Restart freeradius - name: Enumerate available sites find: paths: /etc/freeradius/3.0/sites-available register: available_sites - name: Disable sites file: path: "/etc/freeradius/3.0/sites-enabled/{{ item }}" state: absent loop: "{{ available_sites.files | map(attribute='path') | map('basename') | difference(radiusd__enabled_sites_minimal | union(radiusd__enabled_sites)) }}" notify: - Restart freeradius - name: Enable sites file: src: "/etc/freeradius/3.0/sites-available/{{ item }}" dest: "/etc/freeradius/3.0/sites-enabled/{{ item }}" state: link owner: root group: freerad mode: u=rw,g=r,o= loop: "{{ radiusd__enabled_sites_minimal | union(radiusd__enabled_sites) }}" notify: - Restart freeradius - name: Enable and start freeradius systemd: name: freeradius.service state: started enabled: true ...