277 realms to maintain

2013-02-25 Thread Bertalan Voros 
Hello All,

In order to be able to use the home server pools and fail-over I had to
create a list of 277 realms.

There are now 277 entires similar to this:

realm domain.com {
auth_pool = my_auth_failover
nostrip
}

Could I use an $INCLUDE statement here to maintain the list of realms in a
separate file?
That way it would be easier to automate the creation of the realms list.

Is there a better way of doing this?

Thank you,
Bertalan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: 277 realms to maintain

2013-02-25 Thread Stefan Winter 
Hi,

 There are now 277 entires similar to this:
 
 realm domain.com http://domain.com {
 auth_pool = my_auth_failover
 nostrip
 }
 
 Could I use an $INCLUDE statement here to maintain the list of realms in
 a separate file?
 That way it would be easier to automate the creation of the realms list.

Sure. Just do exactly that.

Stefan

 
 Is there a better way of doing this?
 
 Thank you,
 Bertalan
 
 
 -
 List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
 


-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473



signature.asc
Description: OpenPGP digital signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: 277 realms to maintain

2013-02-25 Thread Phil Mayers 

On 02/25/2013 11:32 AM, Bertalan Voros wrote:

Hello All,

In order to be able to use the home server pools and fail-over I had to
create a list of 277 realms.

There are now 277 entires similar to this:

realm domain.com http://domain.com {
 auth_pool = my_auth_failover
 nostrip
}


Do all the realms point to the same or a few servers/pools?



Could I use an $INCLUDE statement here to maintain the list of realms in
a separate file?
That way it would be easier to automate the creation of the realms list.

Is there a better way of doing this?


If they all point to the same (or a small number of) server pool(s), 
then yes - don't use the suffix/realm module, and instead set Realm / 
Proxy-To-Realm manually, like so:


authorize {
  if (User-Name =~ /some regexp/) {
update request {
  Realm := BLAH.BLAH
}
update control {
  Proxy-To-Realm := UPSTREAM
}
  }
  ...
}

Only realms from Proxy-To-Realm need to be defined in proxy.conf - in 
this case, UPSTREAM.


If they all point to different home server/pool(s) then you just 
continue what you're doing, using $INCLUDE.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html