summaryrefslogtreecommitdiff
path: root/data/templates/login/pam_radius_auth.conf.tmpl
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-01-07 21:28:04 +0100
committerChristian Poessinger <christian@poessinger.com>2021-01-07 23:23:53 +0100
commite8a1c291b1d4b90709a68038e16522b4cee82904 (patch)
tree46c948c322af6107393609be64f53fa8ff3dbeb2 /data/templates/login/pam_radius_auth.conf.tmpl
parentdcdc4f3ea27f1a26f8baa6b72b51c7911f21e6ba (diff)
downloadvyos-1x-e8a1c291b1d4b90709a68038e16522b4cee82904.tar.gz
vyos-1x-e8a1c291b1d4b90709a68038e16522b4cee82904.zip
login: radius: T3192: migrate to get_config_dict()
Diffstat (limited to 'data/templates/login/pam_radius_auth.conf.tmpl')
-rw-r--r--data/templates/login/pam_radius_auth.conf.tmpl29
1 files changed, 16 insertions, 13 deletions
diff --git a/data/templates/login/pam_radius_auth.conf.tmpl b/data/templates/login/pam_radius_auth.conf.tmpl
index 56a5e10ee..fad8e7dcb 100644
--- a/data/templates/login/pam_radius_auth.conf.tmpl
+++ b/data/templates/login/pam_radius_auth.conf.tmpl
@@ -1,10 +1,11 @@
# Automatically generated by system-login.py
# RADIUS configuration file
+{% if radius is defined and radius is not none %}
{# RADIUS IPv6 source address must be specified in [] notation #}
{% set source_address = namespace() %}
-{% if radius_source_address is defined and radius_source_address is not none %}
-{% for address in radius_source_address %}
+{% if radius.source_address is defined and radius.source_address is not none %}
+{% for address in radius.source_address %}
{% if address | is_ipv4 %}
{% set source_address.ipv4 = address %}
{% elif address | is_ipv6 %}
@@ -12,22 +13,24 @@
{% endif %}
{% endfor %}
{% endif %}
-{% if radius_server is defined and radius_server is not none %}
+{% if radius.server is defined and radius.server is not none %}
# server[:port] shared_secret timeout source_ip
-{% for server in radius_server | sort(attribute='priority') if not server.disabled %}
+{# .items() returns a tuple of two elements: key and value. 1 relates to the 2nd element i.e. the value and .priority relates to the key from the internal dict #}
+{% for server, options in radius.server.items() | sort(attribute='1.priority') if not options.disabled %}
{# RADIUS IPv6 servers must be specified in [] notation #}
-{% if server.address | is_ipv4 %}
-{{ server.address }}:{{ server.port }} {{ "%-25s" | format(server.key) }} {{ "%-10s" | format(server.timeout) }} {{ source_address.ipv4 if source_address.ipv4 is defined }}
-{% else %}
-[{{ server.address }}]:{{ server.port }} {{ "%-25s" | format(server.key) }} {{ "%-10s" | format(server.timeout) }} {{ source_address.ipv6 if source_address.ipv6 is defined }}
-{% endif %}
-{% endfor %}
+{% if server | is_ipv4 %}
+{{ server }}:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv4 if source_address.ipv4 is defined }}
+{% else %}
+[{{ server }}]:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv6 if source_address.ipv6 is defined }}
+{% endif %}
+{% endfor %}
+{% endif %}
priv-lvl 15
mapped_priv_user radius_priv_user
-{% if radius_vrf %}
-vrf-name {{ radius_vrf }}
-{% endif %}
+{% if radius.vrf is defined and radius.vrf is not none %}
+vrf-name {{ radius.vrf }}
+{% endif %}
{% endif %}