summaryrefslogtreecommitdiff
path: root/data/templates/login
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates/login')
-rw-r--r--data/templates/login/authorized_keys.tmpl9
-rw-r--r--data/templates/login/pam_radius_auth.conf.tmpl29
2 files changed, 25 insertions, 13 deletions
diff --git a/data/templates/login/authorized_keys.tmpl b/data/templates/login/authorized_keys.tmpl
new file mode 100644
index 000000000..639a80e1d
--- /dev/null
+++ b/data/templates/login/authorized_keys.tmpl
@@ -0,0 +1,9 @@
+### Automatically generated by system-login.py ###
+
+{% if authentication is defined and authentication.public_keys is defined and authentication.public_keys is not none %}
+{% for key, key_options in authentication.public_keys.items() %}
+{# The whitespace after options is wisely chosen #}
+{{ key_options.options + ' ' if key_options.options is defined }}{{ key_options.type }} {{ key_options.key }} {{ key }}
+{% endfor %}
+{% endif %}
+
diff --git a/data/templates/login/pam_radius_auth.conf.tmpl b/data/templates/login/pam_radius_auth.conf.tmpl
index 56a5e10ee..fad8e7dcb 100644
--- a/data/templates/login/pam_radius_auth.conf.tmpl
+++ b/data/templates/login/pam_radius_auth.conf.tmpl
@@ -1,10 +1,11 @@
# Automatically generated by system-login.py
# RADIUS configuration file
+{% if radius is defined and radius is not none %}
{# RADIUS IPv6 source address must be specified in [] notation #}
{% set source_address = namespace() %}
-{% if radius_source_address is defined and radius_source_address is not none %}
-{% for address in radius_source_address %}
+{% if radius.source_address is defined and radius.source_address is not none %}
+{% for address in radius.source_address %}
{% if address | is_ipv4 %}
{% set source_address.ipv4 = address %}
{% elif address | is_ipv6 %}
@@ -12,22 +13,24 @@
{% endif %}
{% endfor %}
{% endif %}
-{% if radius_server is defined and radius_server is not none %}
+{% if radius.server is defined and radius.server is not none %}
# server[:port] shared_secret timeout source_ip
-{% for server in radius_server | sort(attribute='priority') if not server.disabled %}
+{# .items() returns a tuple of two elements: key and value. 1 relates to the 2nd element i.e. the value and .priority relates to the key from the internal dict #}
+{% for server, options in radius.server.items() | sort(attribute='1.priority') if not options.disabled %}
{# RADIUS IPv6 servers must be specified in [] notation #}
-{% if server.address | is_ipv4 %}
-{{ server.address }}:{{ server.port }} {{ "%-25s" | format(server.key) }} {{ "%-10s" | format(server.timeout) }} {{ source_address.ipv4 if source_address.ipv4 is defined }}
-{% else %}
-[{{ server.address }}]:{{ server.port }} {{ "%-25s" | format(server.key) }} {{ "%-10s" | format(server.timeout) }} {{ source_address.ipv6 if source_address.ipv6 is defined }}
-{% endif %}
-{% endfor %}
+{% if server | is_ipv4 %}
+{{ server }}:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv4 if source_address.ipv4 is defined }}
+{% else %}
+[{{ server }}]:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv6 if source_address.ipv6 is defined }}
+{% endif %}
+{% endfor %}
+{% endif %}
priv-lvl 15
mapped_priv_user radius_priv_user
-{% if radius_vrf %}
-vrf-name {{ radius_vrf }}
-{% endif %}
+{% if radius.vrf is defined and radius.vrf is not none %}
+vrf-name {{ radius.vrf }}
+{% endif %}
{% endif %}