diff options
author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2022-09-15 17:28:11 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-09-15 17:28:11 +0300 |
commit | 7a2ad35ec8ecd84d162a3e5dc41b50f31d18dc10 (patch) | |
tree | 7bc3dcdb730ebba58fb35d170f1496cded6024c2 /data/templates/ocserv/ocserv_config.j2 | |
parent | d41909874a6a7e2264e0a89928885b491efd9851 (diff) | |
parent | e5785ff748f93b66879d8bd0393c208c6df574a9 (diff) | |
download | vyos-1x-7a2ad35ec8ecd84d162a3e5dc41b50f31d18dc10.tar.gz vyos-1x-7a2ad35ec8ecd84d162a3e5dc41b50f31d18dc10.zip |
Merge pull request #1477 from sempervictus/feature/ocserv_groups
T3896(adjacent): Fix ocserv local user requirement, add groupconfig
Diffstat (limited to 'data/templates/ocserv/ocserv_config.j2')
-rw-r--r-- | data/templates/ocserv/ocserv_config.j2 | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/data/templates/ocserv/ocserv_config.j2 b/data/templates/ocserv/ocserv_config.j2 index e0cad5181..1d105113d 100644 --- a/data/templates/ocserv/ocserv_config.j2 +++ b/data/templates/ocserv/ocserv_config.j2 @@ -7,7 +7,7 @@ run-as-user = nobody run-as-group = daemon {% if "radius" in authentication.mode %} -auth = "radius [config=/run/ocserv/radiusclient.conf]" +auth = "radius [config=/run/ocserv/radiusclient.conf{{ ',groupconfig=true' if authentication.radius.groupconfig is vyos_defined else '' }}]" {% elif "local" in authentication.mode %} {% if authentication.mode.local == "password-otp" %} auth = "plain[passwd=/run/ocserv/ocpasswd,otp=/run/ocserv/users.oath]" @@ -62,6 +62,13 @@ device = sslvpn dns = {{ dns }} {% endfor %} {% endif %} +{% if network_settings.tunnel_all_dns is vyos_defined %} +{% if "yes" in network_settings.tunnel_all_dns %} +tunnel-all-dns = true +{% else %} +tunnel-all-dns = false +{% endif %} +{% endif %} # IPv4 network pool {% if network_settings.client_ip_settings.subnet is vyos_defined %} @@ -85,3 +92,10 @@ route = {{ route }} split-dns = {{ tmp }} {% endfor %} {% endif %} + +{% if authentication.group is vyos_defined %} +# Group settings +{% for grp in authentication.group %} +select-group = {{ grp }} +{% endfor %} +{% endif %}
\ No newline at end of file |