depot/ops/nixos/bvm-radius/raddb/mods-available/realm

# -*- text -*-
#
#  $Id: 8ff95a9e9a652c2df9f992b0eb528084b6a7a2dc $

# Realm module, for proxying.
#
#  You can have multiple instances of the realm module to
#  support multiple realm syntaxes at the same time.  The
#  search order is defined by the order that the modules are listed
#  in the authorize and preacct sections.
#
#  Four config options:
#	format	 -  must be "prefix" or "suffix"
#			  The special cases of "DEFAULT"
#			  and "NULL" are allowed, too.
#	delimiter      -  must be a single character

#  'realm/username'
#
#  Using this entry, IPASS users have their realm set to "IPASS".
realm IPASS {
	format = prefix
	delimiter = "/"
}

#  'username@realm'
#
realm suffix {
	format = suffix
	delimiter = "@"

	# The next configuration items are valid ONLY for a trust-router.
	# For all other realms, they are ignored.
#	trust_router = "localhost"
#	tr_port = 12309
#	rp_realm = "realm.example.com"
#	default_community = "apc.communities.example.com"
#	# if rekey_enabled is enabled, dynamic realms are automatically rekeyed
#	# before they expire to avoid having to recreate them from scrach on
#	# demand (implying lengthy authentications)
#	rekey_enabled = no
#	# if realm_lifetime is > 0, the rekey is scheduled to happen the
#	# specified number of seconds after its creation or rekeying. Otherwise,
#	# the key material expiration timestamp is used
#	realm_lifetime = 0
}

#  'realm!username'
#
realm bangpath {
	format = prefix
	delimiter = "!"

#	trust_router = "localhost"
#	tr_port = 12309
#	rp_realm = "realm.example.com"
#	default_community = "apc.communities.example.com"
#	rekey_enabled = no
#	realm_lifetime = 0
}

#  'username%realm'
#
realm realmpercent {
	format = suffix
	delimiter = "%"
}

#
#  'domain\user'
#
realm ntdomain {
	format = prefix
	delimiter = "\\"
}
bvm-radius: add freeradius configuration 2021-09-25 18:28:45 +00:00			`# -- text --`
			`#`
			`# $Id: 8ff95a9e9a652c2df9f992b0eb528084b6a7a2dc $`

			`# Realm module, for proxying.`
			`#`
			`# You can have multiple instances of the realm module to`
			`# support multiple realm syntaxes at the same time. The`
			`# search order is defined by the order that the modules are listed`
			`# in the authorize and preacct sections.`
			`#`
			`# Four config options:`
			`# format - must be "prefix" or "suffix"`
			`# The special cases of "DEFAULT"`
			`# and "NULL" are allowed, too.`
			`# delimiter - must be a single character`

			`# 'realm/username'`
			`#`
			`# Using this entry, IPASS users have their realm set to "IPASS".`
			`realm IPASS {`
			`format = prefix`
			`delimiter = "/"`
			`}`

			`# 'username@realm'`
			`#`
			`realm suffix {`
			`format = suffix`
			`delimiter = "@"`

			`# The next configuration items are valid ONLY for a trust-router.`
			`# For all other realms, they are ignored.`
			`# trust_router = "localhost"`
			`# tr_port = 12309`
			`# rp_realm = "realm.example.com"`
			`# default_community = "apc.communities.example.com"`
			`# # if rekey_enabled is enabled, dynamic realms are automatically rekeyed`
			`# # before they expire to avoid having to recreate them from scrach on`
			`# # demand (implying lengthy authentications)`
			`# rekey_enabled = no`
			`# # if realm_lifetime is > 0, the rekey is scheduled to happen the`
			`# # specified number of seconds after its creation or rekeying. Otherwise,`
			`# # the key material expiration timestamp is used`
			`# realm_lifetime = 0`
			`}`

			`# 'realm!username'`
			`#`
			`realm bangpath {`
			`format = prefix`
			`delimiter = "!"`

			`# trust_router = "localhost"`
			`# tr_port = 12309`
			`# rp_realm = "realm.example.com"`
			`# default_community = "apc.communities.example.com"`
			`# rekey_enabled = no`
			`# realm_lifetime = 0`
			`}`

			`# 'username%realm'`
			`#`
			`realm realmpercent {`
			`format = suffix`
			`delimiter = "%"`
			`}`

			`#`
			`# 'domain\user'`
			`#`
			`realm ntdomain {`
			`format = prefix`
			`delimiter = "\\"`
			`}`