diff --git a/data/templates/accel-ppp/ipoe.config.j2 b/data/templates/accel-ppp/ipoe.config.j2
index 81f63c53b0..a10dcf2c16 100644
--- a/data/templates/accel-ppp/ipoe.config.j2
+++ b/data/templates/accel-ppp/ipoe.config.j2
@@ -38,6 +38,9 @@ level={{ log.level }}
[ipoe]
verbose=1
+{% if lua_file is vyos_defined %}
+lua-file={{ lua_file }}
+{% endif %}
{% if interface is vyos_defined %}
{% for iface, iface_config in interface.items() %}
{% set tmp = 'interface=' %}
@@ -55,7 +58,8 @@ verbose=1
{% set range = 'range=' ~ iface_config.client_subnet ~ ',' if iface_config.client_subnet is vyos_defined else '' %}
{% set relay = ',' ~ 'relay=' ~ iface_config.external_dhcp.dhcp_relay if iface_config.external_dhcp.dhcp_relay is vyos_defined else '' %}
{% set giaddr = ',' ~ 'giaddr=' ~ iface_config.external_dhcp.giaddr if iface_config.external_dhcp.giaddr is vyos_defined else '' %}
-{{ tmp }},{{ shared }}mode={{ iface_config.mode | upper }},ifcfg=1,{{ range }}start=dhcpv4,ipv6=1{{ relay }}{{ giaddr }}
+{% set username = ',' ~ 'username=lua:' ~ iface_config.lua_username if iface_config.lua_username is vyos_defined else '' %}
+{{ tmp }},{{ shared }}mode={{ iface_config.mode | upper }},ifcfg=1,{{ range }}start=dhcpv4,ipv6=1{{ relay }}{{ giaddr }}{{ username }}
{% if iface_config.vlan_mon is vyos_defined %}
vlan-mon={{ iface }},{{ iface_config.vlan | join(',') }}
{% endif %}
diff --git a/interface-definitions/service_ipoe-server.xml.in b/interface-definitions/service_ipoe-server.xml.in
index 25bc43cc65..27a654f926 100644
--- a/interface-definitions/service_ipoe-server.xml.in
+++ b/interface-definitions/service_ipoe-server.xml.in
@@ -174,10 +174,34 @@
+
+
+ Username function
+
+ txt
+ Name of the function in the Lua file to construct usernames with
+
+
+ #include
+
+
+
#include
#include
+
+
+ Lua script file for constructing user names
+
+ filename
+ File with Lua script in /config/scripts directory
+
+
+
+
+
+
#include
#include
#include
diff --git a/src/conf_mode/service_ipoe-server.py b/src/conf_mode/service_ipoe-server.py
index c7e3ef0336..a14d4b5b63 100755
--- a/src/conf_mode/service_ipoe-server.py
+++ b/src/conf_mode/service_ipoe-server.py
@@ -31,6 +31,7 @@
from vyos.accel_ppp_util import verify_accel_ppp_authentication
from vyos import ConfigError
from vyos import airbag
+
airbag.enable()
@@ -52,7 +53,9 @@ def get_config(config=None):
if dict_search('client_ip_pool', ipoe):
# Multiple named pools require ordered values T5099
- ipoe['ordered_named_pools'] = get_pools_in_order(dict_search('client_ip_pool', ipoe))
+ ipoe['ordered_named_pools'] = get_pools_in_order(
+ dict_search('client_ip_pool', ipoe)
+ )
ipoe['server_type'] = 'ipoe'
return ipoe
@@ -68,11 +71,23 @@ def verify(ipoe):
for interface, iface_config in ipoe['interface'].items():
verify_interface_exists(ipoe, interface, warning_only=True)
if 'client_subnet' in iface_config and 'vlan' in iface_config:
- raise ConfigError('Option "client-subnet" and "vlan" are mutually exclusive, '
- 'use "client-ip-pool" instead!')
- if 'vlan_mon' in iface_config and not 'vlan' in iface_config:
+ raise ConfigError(
+ 'Options "client-subnet" and "vlan" are mutually exclusive, '
+ 'use "client-ip-pool" instead!'
+ )
+ if 'vlan_mon' in iface_config and 'vlan' not in iface_config:
raise ConfigError('Option "vlan-mon" requires "vlan" to be set!')
+ if 'lua_username' in iface_config:
+ if 'lua_file' not in ipoe:
+ raise ConfigError(
+ 'Option "lua-username" requires "lua-file" to be set!'
+ )
+ if dict_search('authentication.mode', ipoe) != 'radius':
+ raise ConfigError(
+ 'Can configure username with Lua script only for RADIUS authentication'
+ )
+
verify_accel_ppp_authentication(ipoe, local_users=False)
verify_accel_ppp_ip_pool(ipoe)
verify_accel_ppp_name_servers(ipoe)
@@ -88,14 +103,15 @@ def generate(ipoe):
render(ipoe_conf, 'accel-ppp/ipoe.config.j2', ipoe)
if dict_search('authentication.mode', ipoe) == 'local':
- render(ipoe_chap_secrets, 'accel-ppp/chap-secrets.ipoe.j2',
- ipoe, permission=0o640)
+ render(
+ ipoe_chap_secrets, 'accel-ppp/chap-secrets.ipoe.j2', ipoe, permission=0o640
+ )
return None
def apply(ipoe):
systemd_service = 'accel-ppp@ipoe.service'
- if ipoe == None:
+ if ipoe is None:
call(f'systemctl stop {systemd_service}')
for file in [ipoe_conf, ipoe_chap_secrets]:
if os.path.exists(file):
@@ -103,7 +119,10 @@ def apply(ipoe):
return None
- call(f'systemctl reload-or-restart {systemd_service}')
+ # Accel-pppd does not do soft-reload correctly.
+ # Most of the changes require restarting the service
+ call(f'systemctl restart {systemd_service}')
+
if __name__ == '__main__':
try: