ocserv: T3896: improve XML definition and add warning about 3rd party configs

When enabling identity-based-config, users can add arbitrary config keys
that are processed by ocserv. The user "must know" what he is been doing, as
invalid config option will make the ocserv daemon go ... whoop!

Thus add a warning and inform the user about this setting.

1 files changed, 2 insertions, 4 deletions

diff --git a/data/templates/ocserv/ocserv_config.j2 b/data/templates/ocserv/ocserv_config.j2
index 8b9daed0f..1401b8b26 100644
--- a/data/templates/ocserv/ocserv_config.j2
+++ b/data/templates/ocserv/ocserv_config.j2
@@ -16,12 +16,10 @@ acct = "radius [config=/run/ocserv/radiusclient.conf]"
 
 {% if "radius" in authentication.mode %}
 auth = "radius [config=/run/ocserv/radiusclient.conf{{ ',groupconfig=true' if authentication.radius.groupconfig is vyos_defined else '' }}]"
-{%     if "identity_based_config" in authentication %}
-{%         if authentication.identity_based_config.disabled is not vyos_defined %}
-{%             if "group" in authentication.identity_based_config.mode %}
+{%     if authentication.identity_based_config.disabled is not vyos_defined %}
+{%         if "group" in authentication.identity_based_config.mode %}
 config-per-group = {{ authentication.identity_based_config.directory }}
 default-group-config = {{ authentication.identity_based_config.default_config }}
-{%             endif %}
 {%         endif %}
 {%     endif %}
 {% elif "local" in authentication.mode %}