aboutsummaryrefslogtreecommitdiff
path: root/roles/freeradius/templates
diff options
context:
space:
mode:
Diffstat (limited to 'roles/freeradius/templates')
-rw-r--r--roles/freeradius/templates/clients.conf.j29
-rw-r--r--roles/freeradius/templates/ldap.j220
2 files changed, 29 insertions, 0 deletions
diff --git a/roles/freeradius/templates/clients.conf.j2 b/roles/freeradius/templates/clients.conf.j2
new file mode 100644
index 0000000..edd03d3
--- /dev/null
+++ b/roles/freeradius/templates/clients.conf.j2
@@ -0,0 +1,9 @@
+# vi: ft=conf
+
+{% for item in radius.clients %}
+client {{ item.name }} {
+ ipaddr = {{ item.ip }}
+ secret = {{ item.secret }}
+}
+
+{% endfor %}
diff --git a/roles/freeradius/templates/ldap.j2 b/roles/freeradius/templates/ldap.j2
new file mode 100644
index 0000000..d7e10da
--- /dev/null
+++ b/roles/freeradius/templates/ldap.j2
@@ -0,0 +1,20 @@
+# vi: ft=conf
+# This file is managed by Ansible. Manual changes will be reverted.
+
+ldap {
+ server = "{{ radius.ldap.server }}"
+ identity = "{{ radius.ldap.bind_user }}"
+ password = "{{ radius.ldap.bind_pwd }}"
+ user {
+ base_dn = "{{ radius.ldap.user_base }}"
+ filter = "{{ radius.ldap.user_filter }}"
+ }
+ sasl {
+ # This block needs to exist, but can be empty.
+ # SASL mechanism
+ #mech = 'PLAIN'
+ }
+ update {
+ control:Password-With-Header += 'userPassword'
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-22 08:00:24 +0000