summaryrefslogtreecommitdiff
path: root/data/templates/ocserv/ocserv_config.j2
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.io>2022-09-15 17:28:11 +0300
committerGitHub <noreply@github.com>2022-09-15 17:28:11 +0300
commit7a2ad35ec8ecd84d162a3e5dc41b50f31d18dc10 (patch)
tree7bc3dcdb730ebba58fb35d170f1496cded6024c2 /data/templates/ocserv/ocserv_config.j2
parentd41909874a6a7e2264e0a89928885b491efd9851 (diff)
parente5785ff748f93b66879d8bd0393c208c6df574a9 (diff)
downloadvyos-1x-7a2ad35ec8ecd84d162a3e5dc41b50f31d18dc10.tar.gz
vyos-1x-7a2ad35ec8ecd84d162a3e5dc41b50f31d18dc10.zip
Merge pull request #1477 from sempervictus/feature/ocserv_groups
T3896(adjacent): Fix ocserv local user requirement, add groupconfig
Diffstat (limited to 'data/templates/ocserv/ocserv_config.j2')
-rw-r--r--data/templates/ocserv/ocserv_config.j216
1 files changed, 15 insertions, 1 deletions
diff --git a/data/templates/ocserv/ocserv_config.j2 b/data/templates/ocserv/ocserv_config.j2
index e0cad5181..1d105113d 100644
--- a/data/templates/ocserv/ocserv_config.j2
+++ b/data/templates/ocserv/ocserv_config.j2
@@ -7,7 +7,7 @@ run-as-user = nobody
run-as-group = daemon
{% if "radius" in authentication.mode %}
-auth = "radius [config=/run/ocserv/radiusclient.conf]"
+auth = "radius [config=/run/ocserv/radiusclient.conf{{ ',groupconfig=true' if authentication.radius.groupconfig is vyos_defined else '' }}]"
{% elif "local" in authentication.mode %}
{% if authentication.mode.local == "password-otp" %}
auth = "plain[passwd=/run/ocserv/ocpasswd,otp=/run/ocserv/users.oath]"
@@ -62,6 +62,13 @@ device = sslvpn
dns = {{ dns }}
{% endfor %}
{% endif %}
+{% if network_settings.tunnel_all_dns is vyos_defined %}
+{% if "yes" in network_settings.tunnel_all_dns %}
+tunnel-all-dns = true
+{% else %}
+tunnel-all-dns = false
+{% endif %}
+{% endif %}
# IPv4 network pool
{% if network_settings.client_ip_settings.subnet is vyos_defined %}
@@ -85,3 +92,10 @@ route = {{ route }}
split-dns = {{ tmp }}
{% endfor %}
{% endif %}
+
+{% if authentication.group is vyos_defined %}
+# Group settings
+{% for grp in authentication.group %}
+select-group = {{ grp }}
+{% endfor %}
+{% endif %} \ No newline at end of file