1 files changed, 204 insertions, 0 deletions
diff --git a/raddb/mods-available/couchbase b/raddb/mods-available/couchbase
new file mode 100644
index 0000000..da1a39d
--- /dev/null
+++ b/raddb/mods-available/couchbase
@@ -0,0 +1,204 @@
+couchbase {
+	#
+	# List of Couchbase hosts (hosts may be space, tab, comma or semi-colon separated).
+	# Ports are optional if servers are listening on the standard port.
+	# Complete pool urls are preferred.
+	#
+	server = "http://cb01.blargs.com:8091/pools/ http://cb04.blargs.com:8091/pools/"
+
+	# Couchbase bucket name
+	bucket = "radius"
+
+	# Couchbase bucket password (optional)
+	#password = "password"
+
+	# Couchbase accounting document key (unlang supported)
+	acct_key = "radacct_%{%{Acct-Unique-Session-Id}:-%{Acct-Session-Id}}"
+
+	# Value for the 'docType' element in the json body for accounting documents
+	doctype = "radacct"
+
+	## Accounting document expire time in seconds (0 = never)
+	expire = 2592000
+
+	#
+	# Map attribute names to json element names for accounting.
+	#
+	# Configuration items are in the format:
+	#  <radius attribute> = '<element name>'
+	#
+	# Element names should be single quoted.
+	#
+	# Note: Attributes not in this map will not be recorded.
+	#
+	update {
+		Acct-Session-Id		= 'sessionId'
+		Acct-Unique-Session-Id	= 'uniqueId'
+		Acct-Status-Type	= 'lastStatus'
+		Acct-Authentic		= 'authentic'
+		User-Name		= 'userName'
+		Stripped-User-Name	= 'strippedUserName'
+		Stripped-User-Domain	= 'strippedUserDomain'
+		Realm			= 'realm'
+		NAS-IP-Address		= 'nasIpAddress'
+		NAS-Identifier		= 'nasIdentifier'
+		NAS-Port		= 'nasPort'
+		Called-Station-Id	= 'calledStationId'
+		Called-Station-SSID	= 'calledStationSSID'
+		Calling-Station-Id	= 'callingStationId'
+		Framed-Protocol		= 'framedProtocol'
+		Framed-IP-Address	= 'framedIpAddress'
+		NAS-Port-Type		= 'nasPortType'
+		Connect-Info		= 'connectInfo'
+		Acct-Session-Time	= 'sessionTime'
+		Acct-Input-Packets	= 'inputPackets'
+		Acct-Output-Packets	= 'outputPackets'
+		Acct-Input-Octets	= 'inputOctets'
+		Acct-Output-Octets	= 'outputOctets'
+		Acct-Input-Gigawords	= 'inputGigawords'
+		Acct-Output-Gigawords	= 'outputGigawords'
+		Event-Timestamp		= 'lastUpdated'
+	}
+
+	# Couchbase document key for user documents (unlang supported)
+	user_key = "raduser_%{md5:%{tolower:%{%{Stripped-User-Name}:-%{User-Name}}}}"
+
+	# Set to 'yes' to read radius clients from the Couchbase view specified below.
+	# NOTE: Clients will ONLY be read on server startup.
+	#read_clients = no
+
+	#
+	#  Map attribute names to json element names when loading clients.
+	#
+	#  Configuration follows the same rules as the accounting map above.
+	#
+	client {
+		# Couchbase view that should return all available client documents.
+		view = "_design/client/_view/by_id"
+
+		#
+		#  Sets default values (not obtained from couchbase) for new client entries
+		#
+		template {
+#			login				= 'test'
+#			password			= 'test'
+#			proto	 			= tcp
+#			require_message_authenticator	= yes
+
+			# Uncomment to add a home_server with the same
+			# attributes as the client.
+#			coa_server {
+#				response_window = 2.0
+#			}
+		}
+
+		#
+		# Client mappings are in the format:
+		#  <client attribute> = '<element name>'
+		#
+		# Element names should be single quoted.
+		#
+		# The following attributes are required:
+		#  * ipaddr | ipv4addr | ipv6addr - Client IP Address.
+		#  * secret - RADIUS shared secret.
+		#
+		# All attributes usually supported in a client
+		# definition are also supported here.
+		#
+		attribute {
+			ipaddr                          = 'clientIdentifier'
+			secret                          = 'clientSecret'
+			shortname                       = 'clientShortname'
+			nas_type                        = 'nasType'
+			virtual_server                  = 'virtualServer'
+			require_message_authenticator   = 'requireMessageAuthenticator'
+			limit {
+				max_connections             = 'maxConnections'
+				lifetime                    = 'clientLifetime'
+				idle_timeout                = 'idleTimeout'
+			}
+		}
+	}
+
+	# Set to 'yes' to enable simultaneous use checking (multiple logins).
+	# NOTE: This will cause the execution of a view request on every check
+	# and may be a performance penalty.
+#	check_simul = no
+
+	# Couchbase view that should return all account documents keyed by username.
+#	simul_view = "_design/acct/_view/by_user"
+
+	# The key to the above view.
+	# NOTE: This will need to match EXACTLY what you emit from your view.
+#	simul_vkey = "%{tolower:%{%{Stripped-User-Name}:-%{User-Name}}}"
+
+	# Set to 'yes' to enable verification of the results returned from the above view.
+	# NOTE: This may be an additional performance penalty to the actual check and
+	# should be avoided unless absolutely neccessary.
+#	verify_simul = no
+
+	# Remove stale session if checkrad does not see a double login.
+	# NOTE: This will only be executed if both check_simul and verify_simul
+	# are set to 'yes' above.
+#	delete_stale_sessions = yes
+
+	#
+	#  The connection pool is used to pool outgoing connections.
+	#
+	pool {
+		#  Connections to create during module instantiation.
+		#  If the server cannot create specified number of
+		#  connections during instantiation it will exit.
+		#  Set to 0 to allow the server to start without the
+		#  couchbase being available.
+		start = ${thread[pool].start_servers}
+
+		#  Minimum number of connections to keep open
+		min = ${thread[pool].min_spare_servers}
+
+		#  Maximum number of connections
+		#
+		#  If these connections are all in use and a new one
+		#  is requested, the request will NOT get a connection.
+		#
+		#  Setting 'max' to LESS than the number of threads means
+		#  that some threads may starve, and you will see errors
+		#  like 'No connections available and at max connection limit'
+		#
+		#  Setting 'max' to MORE than the number of threads means
+		#  that there are more connections than necessary.
+		max = ${thread[pool].max_servers}
+
+		#  Spare connections to be left idle
+		#
+		#  NOTE: Idle connections WILL be closed if "idle_timeout"
+		#  is set.  This should be less than or equal to "max" above.
+		spare = ${thread[pool].max_spare_servers}
+
+		#  Number of uses before the connection is closed
+		#
+		#  0 means "infinite"
+		uses = 0
+
+		#  The lifetime (in seconds) of the connection
+		#
+		#  NOTE: A setting of 0 means infinite (no limit).
+		lifetime = 0
+
+		#  The idle timeout (in seconds).  A connection which is
+		#  unused for this length of time will be closed.
+		#
+		#  NOTE: A setting of 0 means infinite (no timeout).
+		idle_timeout = 1200
+
+		#  NOTE: All configuration settings are enforced.  If a
+		#  connection is closed because of "idle_timeout",
+		#  "uses", or "lifetime", then the total number of
+		#  connections MAY fall below "min".  When that
+		#  happens, it will open a new connection.  It will
+		#  also log a WARNING message.
+		#
+		#  The solution is to either lower the "min" connections,
+		#  or increase lifetime/idle_timeout.
+	}
+}