Welcome back! Today we try to finalize our changes and test them.
Our code the configuration should now look like this:
{% if helpers.exists(‚OPNsense.freeradius.ldap.server‘) and OPNsense.freeradius.ldap.server != “ %}
server = ‚{{ OPNsense.freeradius.ldap.protocol }}://{{ OPNsense.freeradius.ldap.server }}‘
{% endif %}
{% if helpers.exists(‚OPNsense.freeradius.ldap.identity‘) and OPNsense.freeradius.ldap.identity != “ %}
identity = ‚{{ OPNsense.freeradius.ldap.identity }}‘
{% endif %}
{% if helpers.exists(‚OPNsense.freeradius.ldap.password‘) and OPNsense.freeradius.ldap.password != “ %}
password = {{ OPNsense.freeradius.ldap.password }}
{% endif %}
{% if helpers.exists(‚OPNsense.freeradius.ldap.base_dn‘) and OPNsense.freeradius.ldap.base_dn != “ %}
base_dn = ‚{{ OPNsense.freeradius.ldap.base_dn }}‘
{% endif %}
As you can see only some values were changed, nothing special. Only remeber if you use a text field use != and if it’s a checkbox then == ‚1‘
Now we have to add the checkbox in the General menu. Go to plugins\net\freeradius\src\opnsense\mvc\app\controllers\OPNsense\Freeradius\forms and open general.xml.
Put this as the third field:
<field>
<id>general.ldap_enabled</id>
<label>Enable LDAP</label>
<type>checkbox</type>
<help>This allows you to bind to an external LDAP server, use configuration in submenu LDAP.</help>
</field>
Then it’s time for the model, go to plugins\net\freeradius\src\opnsense\mvc\app\models\OPNsense\Freeradius and open General.xml.
Also here on the third place:
<ldap_enabled type=“BooleanField“>
<default>0</default>
<Required>N</Required>
</ldap_enabled>
That’s all, we now added just a new checkbox. Nothing more to be done on view or whatever. 🙂
Now push your changes to github (if working locally), go to your CLI and install git via:
pkg install git
Clone your repo and install your new package:
git clone https://github.com/mimugmail/plugins
cd plugins
git checkout frldap
cd net/freeradius
make package
pkg install work/pkg/os-*.txz
You only need checkout if you create a new branch in your repo.
If you have freeradius stable package installed you’ll receive an error so please remove it.
When you copied the whole file you’ll get an error while making the package:
OPNsense configd.py: [21e739fa-cd51-4734-ae9e-870fe186b366] Inline action failed with OPNsense/Freeradius OPNsense/Freeradius/mods-enabled-ldap tag name expected at Traceback (most recent call last): File „/usr/local/opnsense/service/modules/processhandler.py“, line 507, in execute return ph_inline_actions.execute(self, inline_act_parameters) File „/usr/local/opnsense/service/modules/ph_inline_actions.py“, line 50, in execute filenames = tmpl.generate(parameters) File „/usr/local/opnsense/service/modules/template.py“, line 321, in generate raise render_exception Exception: OPNsense/Freeradius OPNsense/Freeradius/mods-enabled-ldap tag name expected
Sadly this message doesn’t say anything, it only tells us where it is, in file mods-enabled-ldap.
When we look at the file our content seems ok, so we should check all the other defaut stuff we’ve copied.
Probably our problem is here:
| user { | |
| base_dn = „${..base_dn}“ | |
| filter = „(uid=%{%{Stripped-User-Name}:-%{User-Name}})“ |
You see the ending }}? This would be interpreted and will result in an error since there’s no opening {{. But in our case this is just part of the configuration. Here you can read how to escape this stuff: http://jinja.pocoo.org/docs/2.10/templates/#escaping
Since all this should stay and there could be more we put all the rest in {% raw %}{% endraw%} excluding our last two endif’s and then the packaging works.
We’ve successfully enhanced our plugin and can now create a new pull request in github to let the devs check the code.
Wasn’t that hard, was it? 🙂