diff options
| author | Emil Renner Berthing <esmil@labitat.dk> | 2017-11-18 19:34:34 +0100 |
|---|---|---|
| committer | Emil Renner Berthing <esmil@labitat.dk> | 2017-11-18 19:36:08 +0100 |
| commit | 505f69ee1540581eef2465dc420525213d278473 (patch) | |
| tree | 018b20a4586ec1cdf12fff5157f19970767e6436 /roles/space_server/templates/radius | |
| parent | 5517f9fcf84ad5043ae7e45da2b592c56a3e8e94 (diff) | |
| download | labitat-ansible-505f69ee1540581eef2465dc420525213d278473.tar.gz labitat-ansible-505f69ee1540581eef2465dc420525213d278473.tar.xz labitat-ansible-505f69ee1540581eef2465dc420525213d278473.zip | |
space_server: radius: clean up configuration
Disable all the unused auth methods
Diffstat (limited to 'roles/space_server/templates/radius')
| -rwxr-xr-x[-rw-r--r--] | roles/space_server/templates/radius/getusers.sh.j2 | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/roles/space_server/templates/radius/getusers.sh.j2 b/roles/space_server/templates/radius/getusers.sh.j2 index e77758b..e6413d1 100644..100755 --- a/roles/space_server/templates/radius/getusers.sh.j2 +++ b/roles/space_server/templates/radius/getusers.sh.j2 @@ -1,10 +1,16 @@ #!/bin/sh -if curl -s -4 -k '{{ radius_passwords.download_url }}' -o /etc/raddb/users.new; then - if ! diff -q /etc/raddb/users /etc/raddb/users.new >/dev/null; then - mv -f /etc/raddb/users.new /etc/raddb/mods-config/files/authorize - systemctl restart radiusd.service - fi -else - rm -f /etc/raddb/users.new +set -e + +outfile='/etc/raddb/mods-config/files/authorize' +tmpfile="$(mktemp /tmp/getusers.XXXXXXXX)" +cleanup() { + rm -f "$tmpfile" +} +trap cleanup EXIT SIGINT SIGTERM + +curl -s -o "$tmpfile" '{{ radius_passwords.download_url }}' +if ! diff -q "$tmpfile" "$outfile" >/dev/null; then + install -m0640 "$tmpfile" "$outfile" + systemctl restart radiusd.service fi |