couchbase {
	#
	# List of Couchbase hosts (hosts may be space, tab, comma or semi-colon separated).
	# Ports are optional if servers are listening on the standard port.
	# Complete pool urls are preferred.
	#
	server = "http://cb01.blargs.com:8091/pools/ http://cb04.blargs.com:8091/pools/"

	# Couchbase bucket name
	bucket = "radius"

	# Couchbase bucket password (optional)
	#password = "password"

	# Couchbase accounting document key (unlang supported)
	acct_key = "radacct_%{%{Acct-Unique-Session-Id}:-%{Acct-Session-Id}}"

	# Value for the 'docType' element in the json body for accounting documents
	doctype = "radacct"

	## Accounting document expire time in seconds (0 = never)
	expire = 2592000

	#
	# Map attribute names to json element names for accounting.
	#
	# Configuration items are in the format:
	#  <radius attribute> = '<element name>'
	#
	# Element names should be single quoted.
	#
	# Note: Attributes not in this map will not be recorded.
	#
	update {
		Acct-Session-Id		= 'sessionId'
		Acct-Unique-Session-Id	= 'uniqueId'
		Acct-Status-Type	= 'lastStatus'
		Acct-Authentic		= 'authentic'
		User-Name		= 'userName'
		Stripped-User-Name	= 'strippedUserName'
		Stripped-User-Domain	= 'strippedUserDomain'
		Realm			= 'realm'
		NAS-IP-Address		= 'nasIpAddress'
		NAS-Identifier		= 'nasIdentifier'
		NAS-Port		= 'nasPort'
		Called-Station-Id	= 'calledStationId'
		Called-Station-SSID	= 'calledStationSSID'
		Calling-Station-Id	= 'callingStationId'
		Framed-Protocol		= 'framedProtocol'
		Framed-IP-Address	= 'framedIpAddress'
		NAS-Port-Type		= 'nasPortType'
		Connect-Info		= 'connectInfo'
		Acct-Session-Time	= 'sessionTime'
		Acct-Input-Packets	= 'inputPackets'
		Acct-Output-Packets	= 'outputPackets'
		Acct-Input-Octets	= 'inputOctets'
		Acct-Output-Octets	= 'outputOctets'
		Acct-Input-Gigawords	= 'inputGigawords'
		Acct-Output-Gigawords	= 'outputGigawords'
		Event-Timestamp		= 'lastUpdated'
	}

	# Couchbase document key for user documents (unlang supported)
	user_key = "raduser_%{md5:%{tolower:%{%{Stripped-User-Name}:-%{User-Name}}}}"

	# Set to 'yes' to read radius clients from the Couchbase view specified below.
	# NOTE: Clients will ONLY be read on server startup.
	#read_clients = no

	#
	#  Map attribute names to json element names when loading clients.
	#
	#  Configuration follows the same rules as the accounting map above.
	#
	client {
		# Couchbase view that should return all available client documents.
		view = "_design/client/_view/by_id"

		#
		#  Sets default values (not obtained from couchbase) for new client entries
		#
		template {
#			login				= 'test'
#			password			= 'test'
#			proto	 			= tcp
#			require_message_authenticator	= yes

			# Uncomment to add a home_server with the same
			# attributes as the client.
#			coa_server {
#				response_window = 2.0
#			}
		}

		#
		# Client mappings are in the format:
		#  <client attribute> = '<element name>'
		#
		# Element names should be single quoted.
		#
		# The following attributes are required:
		#  * ipaddr | ipv4addr | ipv6addr - Client IP Address.
		#  * secret - RADIUS shared secret.
		#
		# All attributes usually supported in a client
		# definition are also supported here.
		#
		attribute {
			ipaddr                          = 'clientIdentifier'
			secret                          = 'clientSecret'
			shortname                       = 'clientShortname'
			nas_type                        = 'nasType'
			virtual_server                  = 'virtualServer'
			require_message_authenticator   = 'requireMessageAuthenticator'
			limit {
				max_connections             = 'maxConnections'
				lifetime                    = 'clientLifetime'
				idle_timeout                = 'idleTimeout'
			}
		}
	}

	# Set to 'yes' to enable simultaneous use checking (multiple logins).
	# NOTE: This will cause the execution of a view request on every check
	# and may be a performance penalty.
#	check_simul = no

	# Couchbase view that should return all account documents keyed by username.
#	simul_view = "_design/acct/_view/by_user"

	# The key to the above view.
	# NOTE: This will need to match EXACTLY what you emit from your view.
#	simul_vkey = "%{tolower:%{%{Stripped-User-Name}:-%{User-Name}}}"

	# Set to 'yes' to enable verification of the results returned from the above view.
	# NOTE: This may be an additional performance penalty to the actual check and
	# should be avoided unless absolutely neccessary.
#	verify_simul = no

	# Remove stale session if checkrad does not see a double login.
	# NOTE: This will only be executed if both check_simul and verify_simul
	# are set to 'yes' above.
#	delete_stale_sessions = yes

	#
	#  The connection pool is new for 3.0, and will be used in many
	#  modules, for all kinds of connection-related activity.
	#
	pool {
		#  Connections to create during module instantiation.
		#  If the server cannot create specified number of
		#  connections during instantiation it will exit.
		#  Set to 0 to allow the server to start without the
		#  couchbase being available.
		start = ${thread[pool].start_servers}

		#  Minimum number of connections to keep open
		min = ${thread[pool].min_spare_servers}

		#  Maximum number of connections
		#
		#  If these connections are all in use and a new one
		#  is requested, the request will NOT get a connection.
		#
		#  Setting 'max' to LESS than the number of threads means
		#  that some threads may starve, and you will see errors
		#  like 'No connections available and at max connection limit'
		#
		#  Setting 'max' to MORE than the number of threads means
		#  that there are more connections than necessary.
		max = ${thread[pool].max_servers}

		#  Spare connections to be left idle
		#
		#  NOTE: Idle connections WILL be closed if "idle_timeout"
		#  is set.  This should be less than or equal to "max" above.
		spare = ${thread[pool].max_spare_servers}

		#  Number of uses before the connection is closed
		#
		#  0 means "infinite"
		uses = 0

		#  The lifetime (in seconds) of the connection
		#
		#  NOTE: A setting of 0 means infinite (no limit).
		lifetime = 0

		#  The idle timeout (in seconds).  A connection which is
		#  unused for this length of time will be closed.
		#
		#  NOTE: A setting of 0 means infinite (no timeout).
		idle_timeout = 1200

		#  NOTE: All configuration settings are enforced.  If a
		#  connection is closed because of "idle_timeout",
		#  "uses", or "lifetime", then the total number of
		#  connections MAY fall below "min".  When that
		#  happens, it will open a new connection.  It will
		#  also log a WARNING message.
		#
		#  The solution is to either lower the "min" connections,
		#  or increase lifetime/idle_timeout.
	}
}