Today we’ll see how to bring our values from the UI to the configuration.
For the beginning we can take the contents of the ldap file from mods-enabled and put it in plugins\net\freeradius\src\opnsense\service\templates\OPNsense\Freeradius
Then open +TARGETS file and add it.
mods-enabled-ldap:/usr/local/etc/raddb/mods-enabled/ldap
This means that the file mods-enabled-ldap (in github) is copied to the specified location.
So, you create a file mods-enabled-ldap and put in:
{% if helpers.exists(‚OPNsense.freeradius.general.enabled‘) and OPNsense.freeradius.general.enabled == ‚1‘ %}
{% endif %}
What does that mean? It checks if the value general.enabled (ID field in forms) exist, and it yes, it checks if the value is ==’1′ … so a ticked checkbox. In short, when the checkbox on Enable FreeRADIUS is ticked it puts the content between the if and endif.
But this would mean that also if you don’t use ldap the content get’s loaded. We could add a checkbox in the General menu of FreeRADIUS to enable/disable LDAP and include this too! This also means we have to add these values to the existing forms and model (we’ll do this later on).
Next try is:
{% if helpers.exists(‚OPNsense.freeradius.general.enabled‘) and OPNsense.freeradius.general.enabled == ‚1‘ %}
{% if helpers.exists(‚OPNsense.freeradius.general.ldap_enabled‘) and OPNsense.freeradius.general.ldap_enabled == ‚1‘ %}
{% endif %}
{% endif %}
IF FreerRADIUS is enabled, AND LDAP enabled, put the contents between if/endif.
Next is putting the file contents in there!
At line 17 there is:
server = ‚localhost‘
In our example it should be the value of protocol, followed by the IP/hostname, like:
server =’ldaps://10.10.10.10′
You have no idea? It’s just:
server = ‚{{ OPNsense.freeradius.ldap.protocol }}://{{ OPNsense.freeradius.ldap.server }}‘
Remember the the IDs of the form? I couldn’t be easier. But what happens when these values are not defined? For the dropdown list easy because there is a default and there’s no none.
We need a small check if the value of ldap.server is not empty. How do we do this? Easy:
{% if helpers.exists(‚OPNsense.freeradius.ldap.server‘) and OPNsense.freeradius.ldap.server != “ %}
server = ‚{{ OPNsense.freeradius.ldap.protocol }}://{{ OPNsense.freeradius.ldap.server }}‘
{% endif %}
Try if you can do the rest on your own, well look at the complete part in the next episode.