From 505f69ee1540581eef2465dc420525213d278473 Mon Sep 17 00:00:00 2001
From: Emil Renner Berthing <esmil@labitat.dk>
Date: Sat, 18 Nov 2017 19:34:34 +0100
Subject: space_server: radius: clean up configuration

Disable all the unused auth methods
---
 roles/space_server/tasks/radius.yml | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

(limited to 'roles/space_server/tasks')

diff --git a/roles/space_server/tasks/radius.yml b/roles/space_server/tasks/radius.yml
index 3226d2e..9d494b3 100644
--- a/roles/space_server/tasks/radius.yml
+++ b/roles/space_server/tasks/radius.yml
@@ -22,8 +22,11 @@
 
 - name: Disable default site
   file:
-    path: '/etc/raddb/sites-enabled/default'
+    path: '/etc/raddb/sites-enabled/{{ item }}'
     state: absent
+  with_items:
+    - default
+    - inner-tunnel
   notify:
     - restart radiusd
 - name: Configure radiusd
@@ -37,6 +40,7 @@
     - radiusd.conf
     - mods-available/eap
     - sites-available/labitat
+    - sites-available/labitat-inner
   notify:
     - restart radiusd
 - name: Configure radius clients
@@ -50,12 +54,15 @@
     - restart radiusd
 - name: Enable labitat site
   file:
-    path: '/etc/raddb/sites-enabled/labitat'
+    path: '/etc/raddb/sites-enabled/{{ item }}'
     state: link
-    src: '../sites-available/labitat'
+    src: '../sites-available/{{ item }}'
     owner: root
     group: radiusd
     force: yes
+  with_items:
+    - labitat
+    - labitat-inner
   notify:
     - restart radiusd
 
-- 
cgit v1.2.1