freeradius

2 files changed, 29 insertions, 0 deletions

diff --git a/roles/freeradius/templates/clients.conf.j2 b/roles/freeradius/templates/clients.conf.j2
new file mode 100644
index 0000000..edd03d3
--- /dev/null
+++ b/roles/freeradius/templates/clients.conf.j2
@@ -0,0 +1,9 @@
+# vi: ft=conf
+
+{% for item in radius.clients %}
+client {{ item.name }} {
+	ipaddr = {{ item.ip }}
+	secret = {{ item.secret }}
+}
+
+{% endfor %}
diff --git a/roles/freeradius/templates/ldap.j2 b/roles/freeradius/templates/ldap.j2
new file mode 100644
index 0000000..d7e10da
--- /dev/null
+++ b/roles/freeradius/templates/ldap.j2
@@ -0,0 +1,20 @@
+# vi: ft=conf
+# This file is managed by Ansible. Manual changes will be reverted.
+
+ldap {
+        server   = "{{ radius.ldap.server }}"
+        identity = "{{ radius.ldap.bind_user }}"
+        password = "{{ radius.ldap.bind_pwd }}"
+        user {
+                base_dn  = "{{ radius.ldap.user_base }}"
+                filter   = "{{ radius.ldap.user_filter }}"
+        }
+        sasl {
+                # This block needs to exist, but can be empty.
+                # SASL mechanism
+                #mech = 'PLAIN'
+        }
+        update {
+                control:Password-With-Header    += 'userPassword'
+        }
+}