Conditional variable references
Alan DeKok
aland at deployingradius.com
Sun Jun 9 18:59:55 CEST 2019
On Jun 8, 2019, at 8:39 AM, Adam Bishop <Adam.Bishop at jisc.ac.uk> wrote:
>
> I store some settings like the redis password, and localhost shared secrets as variables, i.e.:
>
> ldap {
> ...
> identity = ${bind_dn}
> ...
> }
>
> as I'm running a single set of configuration shared across 3 different sets of servers, with a file called 'variables' generated by puppet that contains the instance specific settings.
>
> Is there any way to have a default value for these kinds of variables so I don't have to populate unused ones with dummy values? Or to have the server ignore missing variable references?
There's a "template" functionality, which is not widely used. See raddb/templates.conf
You can use templates to set default values, and then over-ride them with local variables. e.g.
ldap foo {
# set all of the defaults
$template ldap_server
# over-ride it here
bind_dn = "foo bar baz"
}
> I tried instantiating the variables as empty strings, then redefining them like:
>
> # cat /etc/raddb/radius.conf
> ...
> $INCLUDE defaults
> $INCLUDE variables
> ...
>
> # cat /etc/raddb/defaults
> ...
> bind_dn = ""
>
> # cat /etc/raddb/variables
> ...
> bind_dn = "dc=jisc,dc=ac,dc=uk"
>
> Which loaded without error, but returned an empty string.
Yes. Only the first variable is referenced. The second one is ignored.
Alan DeKok.
More information about the Freeradius-Users
mailing list