forked from tenet-ac-za/eduroam-imap-playbook
/
all
61 lines (50 loc) · 1.69 KB
/
all
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
---
# The upstream eduroam federation-level RADIUS servers
# These are for sample, not working; get yours from your NRO
eduroam_flr_servers:
- hostname: flr1-example.kreonet.net
ip: 150.183.96.51
port: 1812
secret: MySharedSecret
- hostname: flr2-example.kreonet.net
ip: 150.183.96.52
port: 1812
secret: MySharedSecret
# Your realm for eduroam (usually your primary DNS name)
radius_realm: kisti.re.kr
# Details of test account(s) to create within your realm
radius_local_users:
- username: eduroam
password: xeap2018
# Details of your IMAP server
imap_server: mail.kisti.re.kr
imap_port: 993
imap_ssl: yes
# If your IMAP server requires a realm/domain for login (default to same as RADIUS)
imap_realm: "{{radius_realm}}"
# How long (in seconds) to cache credentials for. Set to no to disable.
imap_cache: 600
# The name of the PAM service to use for both FreeRADIUS and pam-imap
pam_service_name: pam-imap-radius
# Common Certificate Infomation
cert_country: KR
cert_state: Daejeon
cert_local: Yuseong-gu
cert_org: Korea Institute of Science and Technology Information
cert_unit: Korea Research Environment Open NETwork
#cert_crl_uri: ""
# CA Infomation
#cert_ca_email: ca@kisti.re.kr
#cert_ca_email: ""
cert_ca_common_name: "KISTI Certificate Authority"
# Server Certificate Infomation
#cert_server_email: ca@kisti.re.kr
#cert_server_email: ""
cert_server_common_name: flr1-example.kreonet.net
# Inner Server Certificate Infomation
#cert_inner_server_email: ca@kisti.re.kr
#cert_inner_server_email: ""
cert_inner_server_common_name: inside.flr1-example.kreonet.net
# Client Certificate Infomation
cert_client_email: johndoe@kisti.re.kr
cert_client_common_name: "{{cert_client_email}}"