Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
S
services
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Locked Files
Issues
0
Issues
0
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Security & Compliance
Security & Compliance
Dependency List
License Compliance
Packages
Packages
List
Container Registry
Analytics
Analytics
CI / CD
Code Review
Insights
Issues
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nanahira
services
Commits
63e760ec
Commit
63e760ec
authored
Sep 25, 2021
by
nanahira
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ocserv
parent
18b52faa
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
76 additions
and
3 deletions
+76
-3
ocserv/data/users
ocserv/data/users
+0
-1
ocserv/docker-compose.yml.j2
ocserv/docker-compose.yml.j2
+2
-1
ocserv/templates/ocserv.conf.j2
ocserv/templates/ocserv.conf.j2
+1
-1
ocserv/templates/radius-servers.j2
ocserv/templates/radius-servers.j2
+11
-0
ocserv/templates/radiusclient.conf.j2
ocserv/templates/radiusclient.conf.j2
+62
-0
No files found.
ocserv/data/users
deleted
120000 → 0
View file @
18b52faa
/home/nanahira/ansible/hlsj-fileserver/output/smb/
\ No newline at end of file
ocserv/docker-compose.yml.j2
View file @
63e760ec
...
...
@@ -8,5 +8,6 @@ services:
volumes:
- ./templates/ocserv.conf:/etc/ocserv/ocserv.conf:ro
- {{certs_path}}:/etc/ssl/railgun/certs:ro
- ./data/users/{{userdata_name}}/ocpasswd:/etc/ocserv/ocpasswd:ro
- ./data/dhparam.pem:/etc/ssl/railgun/dhparam.pem:ro
- ./templates/radius-servers:/etc/radcli/servers:ro
- ./templates/radiusclient.conf:/etc/radcli/radiusclient.conf:ro
ocserv/templates/ocserv.conf.j2
View file @
63e760ec
auth = "
plain[passwd=/etc/ocserv/ocpasswd
]"
auth = "
radius[config=/etc/radcli/radiusclient.conf,groupconfig=true
]"
tcp-port = {{port}}
udp-port = {{port}}
run-as-user = nobody
...
...
ocserv/templates/radius-servers.j2
0 → 100644
View file @
63e760ec
## Server Name or Client/Server pair Key
## ---------------- ---------------
#
#portmaster.elemental.net hardlyasecret
#portmaster2.elemental.net donttellanyone
#
## uncomment the following line for simple testing of radlogin
## with freeradius-server
#
#localhost/localhost testing123
{{radius_host}} {{radius_secret}}
ocserv/templates/radiusclient.conf.j2
0 → 100644
View file @
63e760ec
# RADIUS settings
# The name to be used to identify this NAS (server). If set it will
# be used in NAS-Identifier field and will override any such setting
# by the application.
#
#nas-identifier my-server-name
# Override the IP (or IPv6) address of the NAS.
#nas-ip 10.100.5.3
#nas-ip ::1
# RADIUS server to use for authentication requests.
# optionally you can specify a the port number on which is remote
# RADIUS listens separated by a colon from the hostname. if
# no port is specified /etc/services is consulted of the radius
# service. if this fails also a compiled in default is used.
# For IPv6 addresses use the '[IPv6]:port:secret' format, or
# simply '[IPv6]'. You may specify more than a single server
# in a comma-separated list.
#
authserver {{radius_host}}:{{radius_port}}
#authserver 127.1.1.1:9999,172.17.0.1
# RADIUS server to use for accouting requests. All that is
# written for authserver applies, in acctserver as well.
#
acctserver {{radius_host}}:{{radius_port}}
# File holding shared secrets used for the communication
# between the RADIUS client and server. When multiple
# server
servers /etc/radcli/servers
# Dictionary of allowed attributes and values. That depends
# heavily on the features of your server. A default dictionary
# is installed in /usr/share/radcli/dictionary
dictionary /etc/radcli/dictionary
# default authentication realm to append to all usernames if no
# realm was explicitly specified by the user
# the radiusd directly form Livingston doesnt use any realms, so leave
# it blank then
default_realm
# time to wait for a reply from the RADIUS server
radius_timeout 10
# resend request this many times before trying the next server
radius_retries 3
# local address from which radius packets have to be sent
bindaddr *
# Transport Protocol Support
# Available options - 'tcp', 'udp', 'tls' and 'dtls'.
# If commented out, udp will be used.
#serv-type udp
# To enable verbose debugging messages in syslog, enable the following
#clientdebug 1
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment