summaryrefslogtreecommitdiff
path: root/data/templates/ocserv
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates/ocserv')
-rw-r--r--data/templates/ocserv/ocserv_config.j2 (renamed from data/templates/ocserv/ocserv_config.tmpl)38
-rw-r--r--data/templates/ocserv/ocserv_otp_usr.j2 (renamed from data/templates/ocserv/ocserv_otp_usr.tmpl)8
-rw-r--r--data/templates/ocserv/ocserv_passwd.j2 (renamed from data/templates/ocserv/ocserv_passwd.tmpl)0
-rw-r--r--data/templates/ocserv/radius_conf.j2 (renamed from data/templates/ocserv/radius_conf.tmpl)12
-rw-r--r--data/templates/ocserv/radius_servers.j27
-rw-r--r--data/templates/ocserv/radius_servers.tmpl7
6 files changed, 36 insertions, 36 deletions
diff --git a/data/templates/ocserv/ocserv_config.tmpl b/data/templates/ocserv/ocserv_config.j2
index 05b85a610..8418a2185 100644
--- a/data/templates/ocserv/ocserv_config.tmpl
+++ b/data/templates/ocserv/ocserv_config.j2
@@ -9,13 +9,13 @@ run-as-group = daemon
{% if "radius" in authentication.mode %}
auth = "radius [config=/run/ocserv/radiusclient.conf]"
{% elif "local" in authentication.mode %}
-{% if authentication.mode.local == "password-otp" %}
+{% if authentication.mode.local == "password-otp" %}
auth = "plain[passwd=/run/ocserv/ocpasswd,otp=/run/ocserv/users.oath]"
-{% elif authentication.mode.local == "otp" %}
+{% elif authentication.mode.local == "otp" %}
auth = "plain[otp=/run/ocserv/users.oath]"
-{% else %}
+{% else %}
auth = "plain[/run/ocserv/ocpasswd]"
-{% endif %}
+{% endif %}
{% else %}
auth = "plain[/run/ocserv/ocpasswd]"
{% endif %}
@@ -23,9 +23,9 @@ auth = "plain[/run/ocserv/ocpasswd]"
{% if ssl.certificate is vyos_defined %}
server-cert = /run/ocserv/cert.pem
server-key = /run/ocserv/cert.key
-{% if ssl.passphrase is vyos_defined %}
+{% if ssl.passphrase is vyos_defined %}
key-pin = {{ ssl.passphrase }}
-{% endif %}
+{% endif %}
{% endif %}
{% if ssl.ca_certificate is vyos_defined %}
@@ -59,33 +59,33 @@ device = sslvpn
# An alternative way of specifying the network:
{% if network_settings %}
# DNS settings
-{% if network_settings.name_server is string %}
+{% if network_settings.name_server is string %}
dns = {{ network_settings.name_server }}
-{% else %}
-{% for dns in network_settings.name_server %}
+{% else %}
+{% for dns in network_settings.name_server %}
dns = {{ dns }}
-{% endfor %}
-{% endif %}
+{% endfor %}
+{% endif %}
# IPv4 network pool
-{% if network_settings.client_ip_settings %}
-{% if network_settings.client_ip_settings.subnet %}
+{% if network_settings.client_ip_settings %}
+{% if network_settings.client_ip_settings.subnet %}
ipv4-network = {{ network_settings.client_ip_settings.subnet }}
+{% endif %}
{% endif %}
-{% endif %}
# IPv6 network pool
-{% if network_settings.client_ipv6_pool %}
-{% if network_settings.client_ipv6_pool.prefix %}
+{% if network_settings.client_ipv6_pool %}
+{% if network_settings.client_ipv6_pool.prefix %}
ipv6-network = {{ network_settings.client_ipv6_pool.prefix }}
ipv6-subnet-prefix = {{ network_settings.client_ipv6_pool.mask }}
+{% endif %}
{% endif %}
-{% endif %}
{% endif %}
{% if network_settings.push_route is string %}
route = {{ network_settings.push_route }}
{% else %}
-{% for route in network_settings.push_route %}
+{% for route in network_settings.push_route %}
route = {{ route }}
-{% endfor %}
+{% endfor %}
{% endif %}
diff --git a/data/templates/ocserv/ocserv_otp_usr.tmpl b/data/templates/ocserv/ocserv_otp_usr.j2
index 18de5fec6..b2511ed94 100644
--- a/data/templates/ocserv/ocserv_otp_usr.tmpl
+++ b/data/templates/ocserv/ocserv_otp_usr.j2
@@ -1,8 +1,8 @@
#<token_type> <username> <pin> <secret_hex_key> <counter> <lastpass> <time>
{% if username is vyos_defined %}
-{% for user, user_config in username.items() %}
-{% if user_config.disable is not vyos_defined and user_config.otp is vyos_defined %}
+{% for user, user_config in username.items() %}
+{% if user_config.disable is not vyos_defined and user_config.otp is vyos_defined %}
{{ user_config.otp.token_tmpl }} {{ user }} {{ user_config.otp.pin | default("-", true) }} {{ user_config.otp.key }}
-{% endif %}
-{% endfor %}
+{% endif %}
+{% endfor %}
{% endif %}
diff --git a/data/templates/ocserv/ocserv_passwd.tmpl b/data/templates/ocserv/ocserv_passwd.j2
index 30c79d66a..30c79d66a 100644
--- a/data/templates/ocserv/ocserv_passwd.tmpl
+++ b/data/templates/ocserv/ocserv_passwd.j2
diff --git a/data/templates/ocserv/radius_conf.tmpl b/data/templates/ocserv/radius_conf.j2
index 1712d83ef..b6612fee5 100644
--- a/data/templates/ocserv/radius_conf.tmpl
+++ b/data/templates/ocserv/radius_conf.j2
@@ -1,13 +1,13 @@
### generated by vpn_openconnect.py ###
nas-identifier VyOS
{% for srv in server %}
-{% if not "disable" in server[srv] %}
-{% if "port" in server[srv] %}
-authserver {{ srv }}:{{server[srv]["port"]}}
-{% else %}
+{% if not "disable" in server[srv] %}
+{% if "port" in server[srv] %}
+authserver {{ srv }}:{{ server[srv]["port"] }}
+{% else %}
authserver {{ srv }}
+{% endif %}
{% endif %}
-{% endif %}
{% endfor %}
radius_timeout {{ timeout }}
{% if source_address %}
@@ -15,7 +15,7 @@ bindaddr {{ source_address }}
{% else %}
bindaddr *
{% endif %}
-servers /run/ocserv/radius_servers
+servers /run/ocserv/radius_servers
dictionary /etc/radcli/dictionary
default_realm
radius_retries 3
diff --git a/data/templates/ocserv/radius_servers.j2 b/data/templates/ocserv/radius_servers.j2
new file mode 100644
index 000000000..302e91600
--- /dev/null
+++ b/data/templates/ocserv/radius_servers.j2
@@ -0,0 +1,7 @@
+### generated by vpn_openconnect.py ###
+# server key
+{% for srv in server %}
+{% if not "disable" in server[srv] %}
+{{ srv }} {{ server[srv].key }}
+{% endif %}
+{% endfor %}
diff --git a/data/templates/ocserv/radius_servers.tmpl b/data/templates/ocserv/radius_servers.tmpl
deleted file mode 100644
index 7bacac992..000000000
--- a/data/templates/ocserv/radius_servers.tmpl
+++ /dev/null
@@ -1,7 +0,0 @@
-### generated by vpn_openconnect.py ###
-# server key
-{% for srv in server %}
-{% if not "disable" in server[srv] %}
-{{ srv }} {{ server[srv].key }}
-{% endif %}
-{% endfor %}