Reputation: 615
loop, if else over hiera hash in erb template
I am almost done with my freeradius puppet module. I am facing now a problem how to loop over hash keys in an ERB template. I am using radius for 802.1x to authenticate users. If a user is a member of a specific LDAP group, radius will assign him the vlan associated with this group and so on. This is my current configuration:
/etc/freeradius/sites-available/inner-tunnel
....
....
....
ldap
if (LDAP-Group == vlan_101) {
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-ID = 101
}
}
elsif (LDAP-Group == vlan_102) {
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-ID = 102
}
}
elsif (LDAP-Group == vlan_103) {
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-ID = 103
}
}
else {
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-ID = 110
}
}
....
....
....
I would like to create this file via ERB template.
common.yaml
test_freeradius::tunnel:
'vlan_101':
vlan: '101'
'vlan_102':
vlan: '102'
'vlan_103':
vlan: '103'
'vlan_110':
vlan: '110'
and I am using the following define.
define test_freeradius::tunnel
define test_freeradius::tunnel (
$vlan,
){
include test_freeradius::service
file { '/etc/freeradius/sites-available/inner-tunnel' :
ensure => 'file',
owner => 'root',
group => 'freerad',
mode => '0644',
content => template("${module_name}/tunnel.erb"),
require => Class['test_freeradius::install'],
notify => Service['freeradius'],
}
}
and calling it now in init.pp
init.pp
....
....
$groups = hiera('test_freeradius::tunnel')
create_resources(test_freeradius::tunnel, $groups)
....
....
Is it possible to create the inner-tunnel file with ERB template, how could I do it? Or should I just use it as a simple file without hiera and make changes within the file?
Upvotes: 0
Views: 2289
Answers (1)
Reputation: 615
I could solve it, thus I don't know if its a clean ruby code. I had to rearrange my define because of duplicate declaration of the file resource.
define test_freeradius::tunnel
define test_freeradius::tunnel (
$vlan,
){
include test_freeradius::service
ensure_resource('file', '/etc/freeradius/sites-available/inner-tunnel', {
ensure => 'file',
owner => 'root',
group => 'freerad',
mode => '0644',
content => template("${module_name}/tunnel.erb"),
require => Class['test_freeradius::install'],
notify => Service['freeradius'],
}
)
ensure_resource('file', '/etc/freeradius/sites-enabled/inner-tunnel', {
ensure => 'link',
target => '/etc/freeradius/sites-available/inner-tunnel',
}
)
}
And here is the relevant section of the tunnel.erb:
tunnel.erb
.....
.....
.....
ldap
<% @groups.each do |key,value| -%>
<% if key == 'vlan_10' %>
if (LDAP-Group == vlan_10) {
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-ID = 10
}
}
<% else %>
elsif (LDAP-Group == <%= key %>) {
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-ID = <%= value['vlan'] %>
}
}
<% end -%>
<% end -%>
.....
.....
.....
I got rid of the last else statement, since I'll be using an LDAP group for guest LAN and WLAN.
I'll be glad for any suggestions to make the code a bit cleaner.
Thanks!
Upvotes: 1
Related Questions
- Nested iteration in Puppet template [Ruby]
- Puppet array loop in erb template
- ERB template not picking up variables from hieradata
- Puppet: Iterate over a hiera_hash in template
- Check Hiera values exist, if so, assign each to variable
- Cannot parse hash from hiera into erb template
- erb: iterate over array of hashes
- puppet: iterate over hash which has an array for particular values
- loop over hash in defined order in ruby template
- Puppet. Iterate over a nested hash in ERB