diff --git a/net/freeradius/Makefile b/net/freeradius/Makefile
index be91e120f..64f8c20aa 100644
--- a/net/freeradius/Makefile
+++ b/net/freeradius/Makefile
@@ -1,5 +1,5 @@
PLUGIN_NAME= freeradius
-PLUGIN_VERSION= 1.7.0
+PLUGIN_VERSION= 1.8.0
PLUGIN_COMMENT= RADIUS Authentication, Authorization and Accounting Server
PLUGIN_DEPENDS= freeradius3
PLUGIN_MAINTAINER= m.muenz@gmail.com
diff --git a/net/freeradius/src/opnsense/mvc/app/controllers/OPNsense/Freeradius/forms/general.xml b/net/freeradius/src/opnsense/mvc/app/controllers/OPNsense/Freeradius/forms/general.xml
index 8e8997baa..79a4f7635 100644
--- a/net/freeradius/src/opnsense/mvc/app/controllers/OPNsense/Freeradius/forms/general.xml
+++ b/net/freeradius/src/opnsense/mvc/app/controllers/OPNsense/Freeradius/forms/general.xml
@@ -35,6 +35,12 @@
checkbox
This enables the Mikrotik attributes assignment via users tab.
+
+ general.sqlite
+
+ checkbox
+ This enables SQLite module and accounting.
+
general.sessionlimit
diff --git a/net/freeradius/src/opnsense/mvc/app/models/OPNsense/Freeradius/General.xml b/net/freeradius/src/opnsense/mvc/app/models/OPNsense/Freeradius/General.xml
index c245906d0..ab66ebaab 100644
--- a/net/freeradius/src/opnsense/mvc/app/models/OPNsense/Freeradius/General.xml
+++ b/net/freeradius/src/opnsense/mvc/app/models/OPNsense/Freeradius/General.xml
@@ -27,6 +27,10 @@
0
N
+
+ 0
+ N
+
0
N
diff --git a/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/+TARGETS b/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/+TARGETS
index 98bf63b72..7bd885082 100644
--- a/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/+TARGETS
+++ b/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/+TARGETS
@@ -3,6 +3,7 @@ dictionary:/usr/local/etc/raddb/dictionary
mods-enabled-counter:/usr/local/etc/raddb/mods-enabled/counter
mods-enabled-eap:/usr/local/etc/raddb/mods-enabled/eap
mods-enabled-ldap:/usr/local/etc/raddb/mods-enabled/ldap
+mods-enabled-sql:/usr/local/etc/raddb/mods-enabled/sql
radiusd:/etc/rc.conf.d/radiusd
radiusd.conf:/usr/local/etc/raddb/radiusd.conf
sites-enabled-default:/usr/local/etc/raddb/sites-enabled/default
diff --git a/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/mods-enabled-sql b/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/mods-enabled-sql
new file mode 100644
index 000000000..08d7a9452
--- /dev/null
+++ b/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/mods-enabled-sql
@@ -0,0 +1,46 @@
+{% if helpers.exists('OPNsense.freeradius.general.enabled') and OPNsense.freeradius.general.enabled == '1' %}
+{% if helpers.exists('OPNsense.freeradius.general.sqlite') and OPNsense.freeradius.general.sqlite == '1' %}
+
+sql {
+ driver = "rlm_sql_sqlite"
+ sqlite {
+ # Path to the sqlite database
+ filename = "/usr/local/etc/raddb/freeradius.db"
+
+ # How long to wait for write locks on the database to be
+ # released (in ms) before giving up.
+ busy_timeout = 200
+
+ # If the file above does not exist and bootstrap is set
+ # a new database file will be created, and the SQL statements
+ # contained within the bootstrap file will be executed.
+ bootstrap = "${modconfdir}/${..:name}/main/sqlite/schema.sql"
+ }
+ dialect = "sqlite"
+ radius_db = "radius"
+ acct_table1 = "radacct"
+ acct_table2 = "radacct"
+ postauth_table = "radpostauth"
+ authcheck_table = "radcheck"
+ groupcheck_table = "radgroupcheck"
+ authreply_table = "radreply"
+ groupreply_table = "radgroupreply"
+ usergroup_table = "radusergroup"
+ delete_stale_sessions = yes
+ pool {
+ start = ${thread[pool].start_servers}
+ min = ${thread[pool].min_spare_servers}
+ max = ${thread[pool].max_servers}
+ spare = ${thread[pool].max_spare_servers}
+ uses = 0
+ retry_delay = 30
+ lifetime = 0
+ idle_timeout = 60
+ }
+ client_table = "nas"
+ group_attribute = "SQL-Group"
+ $INCLUDE ${modconfdir}/${.:name}/main/${dialect}/queries.conf
+}
+
+{% endif %}
+{% endif %}
diff --git a/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/sites-enabled-default b/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/sites-enabled-default
index 5dd630e5e..d12922a7e 100644
--- a/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/sites-enabled-default
+++ b/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/sites-enabled-default
@@ -55,7 +55,11 @@ authorize {
ok = return
}
files
+{% if helpers.exists('OPNsense.freeradius.general.sqlite') and OPNsense.freeradius.general.sqlite == '1' %}
+ sql
+{% else %}
-sql
+{% endif %}
{% if helpers.exists('OPNsense.freeradius.general.ldap_enabled') and OPNsense.freeradius.general.ldap_enabled == '1' %}
ldap
if ((ok || updated) && User-Password) {
@@ -110,12 +114,19 @@ accounting {
sradutmp
{% endif %}
unix
+{% if helpers.exists('OPNsense.freeradius.general.sqlite') and OPNsense.freeradius.general.sqlite == '1' %}
+ sql
+{% else %}
-sql
+{% endif %}
exec
attr_filter.accounting_response
}
session {
+{% if helpers.exists('OPNsense.freeradius.general.sqlite') and OPNsense.freeradius.general.sqlite == '1' %}
+ sql
+{% endif %}
}
post-auth {