diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-01-07 21:28:04 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-01-07 23:23:53 +0100 |
commit | e8a1c291b1d4b90709a68038e16522b4cee82904 (patch) | |
tree | 46c948c322af6107393609be64f53fa8ff3dbeb2 /data/templates/login/pam_radius_auth.conf.tmpl | |
parent | dcdc4f3ea27f1a26f8baa6b72b51c7911f21e6ba (diff) | |
download | vyos-1x-e8a1c291b1d4b90709a68038e16522b4cee82904.tar.gz vyos-1x-e8a1c291b1d4b90709a68038e16522b4cee82904.zip |
login: radius: T3192: migrate to get_config_dict()
Diffstat (limited to 'data/templates/login/pam_radius_auth.conf.tmpl')
-rw-r--r-- | data/templates/login/pam_radius_auth.conf.tmpl | 29 |
1 files changed, 16 insertions, 13 deletions
diff --git a/data/templates/login/pam_radius_auth.conf.tmpl b/data/templates/login/pam_radius_auth.conf.tmpl index 56a5e10ee..fad8e7dcb 100644 --- a/data/templates/login/pam_radius_auth.conf.tmpl +++ b/data/templates/login/pam_radius_auth.conf.tmpl @@ -1,10 +1,11 @@ # Automatically generated by system-login.py # RADIUS configuration file +{% if radius is defined and radius is not none %} {# RADIUS IPv6 source address must be specified in [] notation #} {% set source_address = namespace() %} -{% if radius_source_address is defined and radius_source_address is not none %} -{% for address in radius_source_address %} +{% if radius.source_address is defined and radius.source_address is not none %} +{% for address in radius.source_address %} {% if address | is_ipv4 %} {% set source_address.ipv4 = address %} {% elif address | is_ipv6 %} @@ -12,22 +13,24 @@ {% endif %} {% endfor %} {% endif %} -{% if radius_server is defined and radius_server is not none %} +{% if radius.server is defined and radius.server is not none %} # server[:port] shared_secret timeout source_ip -{% for server in radius_server | sort(attribute='priority') if not server.disabled %} +{# .items() returns a tuple of two elements: key and value. 1 relates to the 2nd element i.e. the value and .priority relates to the key from the internal dict #} +{% for server, options in radius.server.items() | sort(attribute='1.priority') if not options.disabled %} {# RADIUS IPv6 servers must be specified in [] notation #} -{% if server.address | is_ipv4 %} -{{ server.address }}:{{ server.port }} {{ "%-25s" | format(server.key) }} {{ "%-10s" | format(server.timeout) }} {{ source_address.ipv4 if source_address.ipv4 is defined }} -{% else %} -[{{ server.address }}]:{{ server.port }} {{ "%-25s" | format(server.key) }} {{ "%-10s" | format(server.timeout) }} {{ source_address.ipv6 if source_address.ipv6 is defined }} -{% endif %} -{% endfor %} +{% if server | is_ipv4 %} +{{ server }}:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv4 if source_address.ipv4 is defined }} +{% else %} +[{{ server }}]:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv6 if source_address.ipv6 is defined }} +{% endif %} +{% endfor %} +{% endif %} priv-lvl 15 mapped_priv_user radius_priv_user -{% if radius_vrf %} -vrf-name {{ radius_vrf }} -{% endif %} +{% if radius.vrf is defined and radius.vrf is not none %} +vrf-name {{ radius.vrf }} +{% endif %} {% endif %} |