Ansible roles
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

44 lines
1.2 KiB

---
rad_clients: []
# rad_clients:
# - name: ap-wifi
# ip: 192.168.7.0/24
# secret: p@ssw0rd
# nas_type: other
rad_auth_port: 1812
rad_acc_port: 1813
rad_ports: [ "{{ rad_auth_port }}", "{{ rad_acc_port }}" ]
rad_src_ip: []
# An optional password if the private key is protected
# rad_tls_key_pass:
# The CA (full chain) to verify client's certificates
# rad_tls_ca: |
# ---- BEGIN CERTIFICATE ----
# ---- END CERTIFICATE ----
# The certificate of the radius server
# rad_tls_cert: |
# ---- BEGIN CERTIFICATE ----
# ---- END CERTIFICATE ----
# The private key of the radius server
# rad_tls_key: |
# -----BEGIN RSA PRIVATE KEY-----
# -----END RSA PRIVATE KEY-----
# An optional CRL to check client's certificate against
# Can either be a raw CRL in PEM format, or an http or https URL
# where to fetch it
# If undefined, no check will be performed, and revoked certificates will be accepted
# rad_tls_crl:
# The issuer of the clients certificate
# This can be usefull if you have several intermediate CA
# all signed by the same root CA, but only want to trust clients from
# one of them
# rad_tls_issuer: /C=FR/ST=Aquitaine/L=Bordeaux/O=Firewall Services/OU=Security/CN=wifi