Welcome! You need to add a template in templates/freeradius/sql.j2 and use a configuration that suits you.
Adding support for openwisp-radius to ansible-openwisp2 is in the works: https://github.com/openwisp/ansible-openwisp2/pull/223. The example I shared on this ML is a base which can be used to build a configuration that works, but it's not a fully working configuration. The playbooks I have contain sensitive information of my customers and I can't share those, so I shared only the parts I was allowed to share. I hope this helps! Best regards Federico On Wed, Dec 2, 2020 at 10:13 AM Racamier Stéphane <[email protected]> wrote: > > Hi, > > From 2 week i work to set up a server with openwisp2 and freeradius3. I > saw several tutorials (ansible and python venv), I would like to install a > stable version using ansible and deport the DB to a mariaDB server. > > I found this in the mailing list: > > - hosts: ra******5.*******.org > roles: > - openwisp.openwisp2 > > vars: > openwisp2_default_from_email: "advertise@ra******5.********.org" > openwisp2_time_zone: Europe/Paris > openwisp2_allowed_hosts: > - ra*******5.********.org > > openwisp2_utils_pip: > https://github.com/openwisp/openwisp-utils/tarball/master > openwisp2_users_pip: > https://github.com/openwisp/openwisp-users/tarball/master > openwisp2_extra_python_packages: > # monitoring > - https://github.com/openwisp/openwisp-radius/tarball/master > - django-cors-headers > openwisp2_extra_django_settings_instructions: > # monitoring settings > - | > # openwisp-radius, registration, CORS > INSTALLED_APPS += [ > 'corsheaders', > 'django_filters', > 'rest_framework.authtoken', > 'rest_auth', > 'rest_auth.registration', > 'openwisp_radius', > ] > OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS = ['ra*****5.******.org'] > > # CORS > MIDDLEWARE.insert( > MIDDLEWARE.index('django.middleware.common.CommonMiddleware'), > 'corsheaders.middleware.CorsMiddleware' > ) > CORS_ORIGIN_WHITELIST = ('comlight.org') > CORS_ALLOW_METHODS = ('POST',) > > # REST API > INSTALLED_APPS += [ > 'drf_yasg', > ] > OPENWISP_USERS_AUTH_API = True > openwisp2_extra_urls: > - "url(r'^', include('openwisp_radius.urls'))" > - "url(r'^api/v1/', include('openwisp_utils.api.urls'))" > - "url(r'^api/v1/', include('openwisp_users.api.urls'))" > freeradius_dir: /etc/freeradius/3.0 > freeradius_mods_available_dir: "{{ freeradius_dir }}/mods-available" > freeradius_mods_enabled_dir: "{{ freeradius_dir }}/mods-enabled" > freeradius_sites_available_dir: "{{ freeradius_dir }}/sites-available" > freeradius_sites_enabled_dir: "{{ freeradius_dir }}/sites-enabled" > freeradius_certs_dir: "{{ freeradius_dir }}/certs" > freeradius_sql: > driver: rlm_sql_mysql > dialect: mysql > host: ***.***.***.*** > port: 3306 > name: "******" > user: "******" > password: "*******" > freeradius_rest: > url: https://radius05.comlight.org/api/v1/freeradius > pre_tasks: > # openwisp-radius > - name: Install cairo > apt: > name: > - libcairo2 > - libpango-1.0-0 > - libpangocairo-1.0-0 > - libgdk-pixbuf2.0-0 > - shared-mime-info > update_cache: yes > tags: [openwisp2, radius] > > - name: Freeradius system packages > apt: > name: > - freeradius > - freeradius-mysql > - freeradius-rest > state: latest > notify: restart freeradius > - name: SQL Configuration > template: > src: freeradius/sql.j2 > dest: "{{ freeradius_mods_available_dir }}/sql" > mode: 0640 > owner: freerad > group: freerad > notify: restart freeradius > - name: Enable SQL module > file: > src: "{{ freeradius_mods_available_dir }}/sql" > dest: "{{ freeradius_mods_enabled_dir }}/sql" > state: link > mode: 0640 > owner: freerad > group: freerad > - name: SQL Counter module > template: > src: freeradius/sqlcounter.j2 > dest: "{{ freeradius_mods_available_dir }}/sqlcounter" > mode: 0640 > owner: freerad > group: freerad > notify: restart freeradius > - name: Enable SQL Counter module > file: > src: "{{ freeradius_mods_available_dir }}/sqlcounter" > dest: "{{ freeradius_mods_enabled_dir }}/sqlcounter" > state: link > mode: 0640 > owner: freerad > group: freerad > - name: Fix dailycounter.conf > copy: > src: freeradius/dailycounter.conf > dest: "{{ freeradius_dir > }}/mods-config/sql/counter/postgresql/dailycounter.conf" > mode: 0640 > owner: freerad > group: freerad > notify: restart freeradius > - name: REST Configuration > template: > src: freeradius/rest.j2 > dest: "{{ freeradius_mods_available_dir }}/rest" > mode: 0640 > owner: freerad > group: freerad > notify: restart freeradius > - name: Enable REST module > file: > src: "{{ freeradius_mods_available_dir }}/rest" > dest: "{{ freeradius_mods_enabled_dir }}/rest" > state: link > mode: 0640 > owner: freerad > group: freerad > - name: Remove default site > file: > dest: "{{ freeradius_sites_enabled_dir }}/default" > state: absent > - name: Ensure inner-tunnel site is present > file: > src: "{{ freeradius_sites_available_dir }}/inner-tunnel" > dest: "{{ freeradius_sites_enabled_dir }}/inner-tunnel" > state: link > mode: 0640 > owner: freerad > group: freerad > - name: Captive portal configuration > template: > src: freeradius/captiveportal.j2 > dest: "{{ freeradius_sites_available_dir }}/captiveportal" > mode: 0640 > owner: freerad > group: freerad > notify: restart freeradius > tags: [radius] > - file: > src: "{{ freeradius_sites_available_dir }}/captiveportal" > dest: "{{ freeradius_sites_enabled_dir }}/captiveportal" > state: link > mode: 0640 > owner: freerad > group: freerad > tags: [radius] > # openwisp-radius cron jobs > - name: delete_old_radacct > cron: > name: delete_old_radacct > day: "*" > hour: 05 > minute: 30 > job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py > delete_old_radacct 730" > tags: [openwisp2, radius] > - name: delete_old_postauth > cron: > name: delete_old_postauth > day: "*" > hour: 05 > minute: 0 > job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py > delete_old_postauth 365" > tags: [openwisp2, radius] > - name: cleanup_stale_radacct > cron: > name: cleanup_stale_radacct > day: "*" > hour: 04 > minute: 0 > job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py > cleanup_stale_radacct 1" > tags: [openwisp2, radius] > - name: deactivate_expired_users > cron: > name: deactivate_expired_users > day: "*" > hour: "*" > minute: "*/5" > job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py > deactivate_expired_users" > tags: [openwisp2, radius] > - name: delete_old_users > cron: > name: delete_old_users > day: "*" > hour: "03" > minute: "30" > job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py > delete_old_users" > tags: [openwisp2, radius] > > And i have this error: > > > root@ra******5:~/openwisp2-ansible-playbook# ansible-playbook -i hosts > playbook.yml -k > SSH password: > > PLAY [ra*****5.******.org] > ************************************************************************************************* > > TASK [Gathering Facts] > ******************************************************************************************************* > ok: [ra******5.*****.org] > > TASK [Install cairo] > ********************************************************************************************************* > ok: [ra********5.*******.org] > > TASK [Freeradius system packages] > ******************************************************************************************** > ok: [ra******5.******.org] > > TASK [SQL Configuration] > ***************************************************************************************************** > fatal: [ra******5.********.org]: FAILED! => {"changed": false, "msg": > "Could not find or access 'freeradius/sql.j2'\nSearched > in:\n\t/root/openwisp2-ansible-playbook/templates/freeradius/sql.j2\n\t/root/openwisp2-ansible-playbook/freeradius/sql.j2\n\t/root/openwisp2-ansible-playbook/templates/freeradius/sql.j2\n\t/root/openwisp2-ansible-playbook/freeradius/sql.j2 > on the Ansible Controller.\nIf you are using a module and expect the file > to exist on the remote, see the remote_src option"} > > PLAY RECAP > ******************************************************************************************************************* > ra*****5.********.org : ok=3 changed=0 unreachable=0 > failed=1 skipped=0 rescued=0 ignored=0 > > > -- > You received this message because you are subscribed to the Google Groups > "OpenWISP" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web, visit > https://groups.google.com/d/msgid/openwisp/60bfa700-13e5-4000-a72c-c5b90adae853n%40googlegroups.com > <https://groups.google.com/d/msgid/openwisp/60bfa700-13e5-4000-a72c-c5b90adae853n%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "OpenWISP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web, visit https://groups.google.com/d/msgid/openwisp/CAERYH6Vo8T_QnFn%3DN359Zu_oKCznfQYwDk-H9iq3Ygds74m%2BFw%40mail.gmail.com.
