- Various bugfixes in parameter type validation (thanks @craigwatson and @amateo)
- Bugfix: Fix mismatch between
tls_verify_client
parameter in the eap module manifest andtls_client
in the eap template (thanks @guest715) - Bugfix: Fix users template permits the users array to contain either Hashes or Strings (thanks @guest715)
- Bugfix: Create ippool files in freerad::module::ippool (thanks @amateo)
- Convert module packaging to PDK
- Update OS & Puppet version compatibility data
- Lint fixes
- Add data type validation for all parameters
- Bugfix: Fix for client iptables rules being repeatedly added by subsequent Puppet runs (thanks @guest715)
- Bugfix: Module file notifies service, not only symlink (thanks @ihpu)
- Add support for Debian 10 / Freeradius 3.0.16 (thanks @OlivierLM)
- Bugfix: Enable
attr_filter
module before service restart (thanks @theosotr)
- Add proper support for perl modules (thanks @deligatedgeek)
- Add support for Ubuntu 18.04 LTS (thanks @rogermartensson)
- Improved support for Debian 9 (thanks @carlgarner)
- Improvements to huntgroups (thanks @amateo)
- General bug fixes (thanks @infracaninophile, @coreone and @olivierlm))
- Add support for Debian 9 (thanks @its-not-a-bug-its-a-feature)
- Add support for huntgroups (thanks @sts and @phaer)
- Fix missing notify that caused problems when adding a new virtual server in
sites_available
- Fix calling syntax for logrotate
- Add param
package_ensure
- Fix bug with modules that have ensure => absent
- Fix bug with module::files where content and source
- Fix bug with path of krb5 module
- Manage parameter
allow_expired_crl
- Clean up comments in templates to reduce the size
- Deploy modules to
mods_available
and symlink tomods_enabled
- Deploy modules to
sites_available
and symlink tosites_enabled
- Warn instead of failing if the FR version is not 3.x
- Update logrotate module dependency
- Add PostgreSQL support
- Fix bug with templating home servers in Puppet 4
- Fix bug with logrotate postrotate on non Red Hat distros
- Provide facility to enable/disable specific EAP types in
freeradius::module::eap
- More parameters available for
freeradius::client
- Allow management of
freeradius::dictionary
withsource
orcontent
- Enable status checks for
freeradius::home_server
- More configurable options for
freeradius
base class - More sensible permissions on various config files
- Refactor
freeradius::ldap
asfreeradius::module::ldap
and add more params - Create
freeradius::listen
to manage arbitrary listeners - Create
freeradius::module::detail
to configure detail loggers - Create
freeradius::module::eap
to manage instantiations of theeap
module - Create
freeradius::module::files
to manage instantiations of thefiles
module - Create
freeradius::module::huntgroup
to manage huntgroups - Create
freeradius::module::ippool
to manage ippool resources - Create
freeradius::module::linelog
to configure linelog loggers - Create
freeradius::module::preprocess
to manage instantiations of thepreprocess
module - Fix some compatibility problems with Debian/Ubuntu systems
- Allow
freeradius::site
resources (virtual servers) to have their content managed other than just with flat files - Add more options to
freeradius::sql
- Add various types of validation for Puppet 4
- Fix bug with log rotation throwing errors when radiusd is not running
- Add support to configure virtual modules for fail-over and load-balancing
- Add support to configure the krb5 module
- Fix compatibility with Puppet 4
- Fix compatibility with Puppet 4
- Write out ldap config with different syntax for FreeRADIUS 3.0.x and 3.1.x when using multiple servers
- Fix bug with the facts not reporting version numbers accurately
- Various changes to preserve stock modules in a FreeRADIUS installation and be able to toggle them
- Fix up LDAP template to allow better compatibility with FreeRADIUS 3.1.x
- Drop support for FreeRADIUS 2.x, enabling us to keep the codebase tidier
- Add support for defining config templates
- Fix a bug that now enables sqltrace (sqllog) to work on FR3
- Switch to use saz/rsyslog to manage syslog rules
- Start with just 1 SQL socket by default to avoid overloading the SQL server
- Make facts fail gracefully if radiusd is not installed
- Fix a bug that stops statusclients from working
- Fix a bug that prevent 1.2.0 from working on FreeRADIUS 2
- Deprecate
netmask
parameter fromfreeradius::client
- Add support to supply an array of multiple LDAP servers
- Make an educated guess about the version of FR when the fact is unavailable (e.g. on the first Puppet run)
- Iron out a couple of issues with LDAP compatibility with Active Directory
- Fixed a bug that prevented LDAP from working on any port except 389
- Fixed a bug that caused an error when no proxy config items were defined
- Support for FreeRADIUS 3
- Native support for managing the LDAP module
- Native support for configuring realms (via realms, home_server and home_server_pool)
- Improved handling of attribute filtering
- Improved handling of SQL support
This release retains support for FreeRADIUS 2 but some of the parameters have changed so you will probably need to make changes to the way you use this module. Upgrade on a dev system first!
- Tweak wildcard matching on logrotate config
- Fix bug displaying deprecation notice and update documentation to reflect this
- Manage log rotation with rodjek/logrotate instead of deploying flat files
- Provide new SQL option custom_query_file
- Cease management of custom logging modules
logtofile
andlogtosyslog
since it does not make sense to manage these globally - Purge instantiation of unused modules
- Move control_socket into its own class and add parameters
- Improve the way the status_server is added or removed
- Delete all unmanaged sites from sites-available
- Purge all non-managed sites
- Minor linting of code to improve score
- Minor linting of metadata to improve score
- Bugfixes and feature improvements in
freeradius::sql
- Add ability to customise SQL socket lifetimes
- Purge all non-managed clients
- Add defined type to blank out unneeded config files without deleting them
- Correctly pass template content to control-socket
- The default behaviour is now to purge anything in ${confdir}/certs that is not managed by Puppet
- Various improvements to support Debian family
- Optional content parameters in various resources
- Fix a bug which prevents the module from working properly on Debian/Ubuntu (thanks @diranged)
- Add
ensure
parameter to all defined types
- Add support for customising
sql.conf
natively by addingfreeradius::sql
- Fix ambiguity about net/netmask in freeradius::client
- Add support for managing firewall rules automatically
- Add support for installation certificates & keys
- Make syslog support an optional component
- Various bugfixes
- Improved modular installs with optional components
- Improved support for Debian
- Clarify dependencies on other modules
- Lots of bugfixes
- Initial release with support for installing FreeRADIUS and configuring servers, modules, clients and other objects using flat files.
- Probably works only with FreeRADIUS 2.x
- Only tested with CentOS 6