space_server: radius: clean up configuration

Disable all the unused auth methods

1 files changed, 10 insertions, 3 deletions

diff --git a/roles/space_server/tasks/radius.yml b/roles/space_server/tasks/radius.yml
index 3226d2e..9d494b3 100644
--- a/roles/space_server/tasks/radius.yml
+++ b/roles/space_server/tasks/radius.yml
@@ -22,8 +22,11 @@
 
 - name: Disable default site
   file:
-    path: '/etc/raddb/sites-enabled/default'
+    path: '/etc/raddb/sites-enabled/{{ item }}'
     state: absent
+  with_items:
+    - default
+    - inner-tunnel
   notify:
     - restart radiusd
 - name: Configure radiusd
@@ -37,6 +40,7 @@
     - radiusd.conf
     - mods-available/eap
     - sites-available/labitat
+    - sites-available/labitat-inner
   notify:
     - restart radiusd
 - name: Configure radius clients
@@ -50,12 +54,15 @@
     - restart radiusd
 - name: Enable labitat site
   file:
-    path: '/etc/raddb/sites-enabled/labitat'
+    path: '/etc/raddb/sites-enabled/{{ item }}'
     state: link
-    src: '../sites-available/labitat'
+    src: '../sites-available/{{ item }}'
     owner: root
     group: radiusd
     force: yes
+  with_items:
+    - labitat
+    - labitat-inner
   notify:
     - restart radiusd