#
#  Minimal radiusd.conf for testing
#
raddb        = $ENV{RADDB}
modconfdir   = ${raddb}/mods-config
testdir      = $ENV{TEST_PATH}
pidfile      = ${testdir}/radiusd.pid
panic_action = "gdb -batch -x ${raddb}/panic.gdb %e %p > ${testdir}/gdb-radiusd.log 2>&1; cat ${testdir}/gdb-radiusd.log"
certdir      = ${raddb}/certs
cadir        = ${raddb}/certs
libdir       = $ENV{LIB_PATH}

max_requests = 1048576

thread pool {
	start_servers = 5
	max_servers = 32
	min_spare_servers = 3
	max_spare_servers = 10
	max_requests_per_server = 0
	cleanup_delay = 5
	max_queue_size = 65536
	auto_limit_acct = no
}

#
#  Referenced by some modules for default thread pool configuration
#
modules {
	
$INCLUDE ${raddb}/mods-available/always
}

clients radsec {
	client home {
		ipaddr = 127.0.0.1
		proto = tls
	}
}

listen {
	type = auth

	ipaddr = 127.0.0.1
	port = $ENV{FR_LOCAL_PREFIX}2083
	proto = tcp

	clients = radsec

	virtual_server = default

	tls {
		private_key_password = whatever
		private_key_file = ${certdir}/server.pem
		certificate_file = ${certdir}/server.pem
		ca_file = ${cadir}/ca.pem
		fragment_size = 8192
		ca_path = ${cadir}
		cipher_list = "DEFAULT"
		tls_min_version = "1.2"
		tls_max_version = "1.2"
	}
}

listen {
	type = acct

	ipaddr = 127.0.0.1
	port = $ENV{FR_LOCAL_PREFIX}2084
	proto = tcp

	clients = radsec

	virtual_server = default

	tls {
		private_key_password = whatever
		private_key_file = ${certdir}/server.pem
		certificate_file = ${certdir}/server.pem
		ca_file = ${cadir}/ca.pem
		fragment_size = 8192
		ca_path = ${cadir}
		cipher_list = "DEFAULT"
		tls_min_version = "1.3"
		tls_max_version = "1.3"
	}
}

server default {
	authorize {
		update control {
			Auth-Type := accept
		}
	}

	preacct {
		update control {
			Response-Packet-Type := Accounting-Response
		}
	}

	acct {
		ok
	}
}