diff options
| author | Cullum Smith <cullum@sacredheartsc.com> | 2024-10-26 00:07:03 -0400 |
|---|---|---|
| committer | Cullum Smith <cullum@sacredheartsc.com> | 2024-10-26 00:07:03 -0400 |
| commit | 6e2a5993ce470341bed0e0c6ba8e44de3712d50e (patch) | |
| tree | 7a6bad35bac69e5f9264a5dde460335b1068ec9e /scripts/hostclass/radius_server | |
| parent | 7bb5176a0e1d3a7d8a119b92758404d514f59be9 (diff) | |
| download | infrastructure-6e2a5993ce470341bed0e0c6ba8e44de3712d50e.tar.gz | |
more icinga stuff
Diffstat (limited to 'scripts/hostclass/radius_server')
| -rw-r--r-- | scripts/hostclass/radius_server | 28 |
1 files changed, 12 insertions, 16 deletions
diff --git a/scripts/hostclass/radius_server b/scripts/hostclass/radius_server index bde1be2..842926a 100644 --- a/scripts/hostclass/radius_server +++ b/scripts/hostclass/radius_server @@ -22,27 +22,17 @@ freeradius_version=$(pkg info freeradius3 | awk '$1 == "Version" { print $3 }') install_directory -m 0755 "${freeradius_conf_dir}/certs" install_template -o "$freeradius_user" -g "$freeradius_user" -m 0640 \ "${freeradius_conf_dir}/radiusd.conf" \ - "${freeradius_conf_dir}/mods-available/eap" -rm -f "${freeradius_conf_dir}/sites-enabled/inner-tunnel" + "${freeradius_conf_dir}/mods-available/eap" \ + "${freeradius_conf_dir}/mods-available/ldap" \ + "${freeradius_conf_dir}/sites-available/inner-tunnel" \ + "${freeradius_conf_dir}/clients.conf" +ln -snfv '../mods-available/ldap' "${freeradius_conf_dir}/mods-enabled/ldap" +ln -snfv '../sites-available/inner-tunnel' "${freeradius_conf_dir}/sites-enabled/inner-tunnel" # Copy TLS certificate for freeradius. install_certificate -g "$freeradius_user" freeradius "$freeradius_tls_cert" install_certificate_key -g "$freeradius_user" freeradius "$freeradius_tls_key" -# Generate clients.conf. -install -Cv -o "$freeradius_user" -g "$freeradius_user" -m 0660 /dev/null "${freeradius_conf_dir}/clients.conf" -for client_name in $radius_clients; do - eval "client_address=\$radius_${client_name}_address" - eval "client_secret=\$radius_${client_name}_secret" - cat <<EOF >> "${freeradius_conf_dir}/clients.conf" -client ${client_name} { - ipaddr = ${client_address} - secret = ${client_secret} -} - -EOF -done - # Create cache directories. install_directory -o "$freeradius_user" -g "$freeradius_user" -m 700 \ "$freeradius_cache_dir" \ @@ -54,3 +44,9 @@ install_template -m 0644 /etc/cron.d/freeradius # Enable and start daemons. sysrc -v radiusd_enable=YES service radiusd restart + +# Create wifi access role. +ldap_add "cn=${wifi_access_role},${roles_basedn}" <<EOF +objectClass: groupOfMembers +cn: ${wifi_access_role} +EOF |