From 4811a726a185561040055583691acaa3d4d28a5f Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Mon, 12 Mar 2018 20:27:28 -0500 Subject: [PATCH] dhcpd: Install and configure ISC DHCPD --- dhcpd.yml | 3 + roles/dhcpcd/tasks/main.yml | 2 + roles/dhcpd/defaults/main.yml | 9 +++ roles/dhcpd/handlers/main.yml | 6 ++ roles/dhcpd/tasks/main.yml | 30 +++++++++ roles/dhcpd/templates/dhcpd.conf.j2 | 93 ++++++++++++++++++++++++++++ roles/dhcpd/templates/dhcpd.confd.j2 | 29 +++++++++ roles/dhcpd/vars/main.yml | 10 +++ 8 files changed, 182 insertions(+) create mode 100644 dhcpd.yml create mode 100644 roles/dhcpd/defaults/main.yml create mode 100644 roles/dhcpd/handlers/main.yml create mode 100644 roles/dhcpd/tasks/main.yml create mode 100644 roles/dhcpd/templates/dhcpd.conf.j2 create mode 100644 roles/dhcpd/templates/dhcpd.confd.j2 create mode 100644 roles/dhcpd/vars/main.yml diff --git a/dhcpd.yml b/dhcpd.yml new file mode 100644 index 0000000..e135157 --- /dev/null +++ b/dhcpd.yml @@ -0,0 +1,3 @@ +- hosts: dhcpd + roles: + - dhcpd diff --git a/roles/dhcpcd/tasks/main.yml b/roles/dhcpcd/tasks/main.yml index be10c73..655eb4a 100644 --- a/roles/dhcpcd/tasks/main.yml +++ b/roles/dhcpcd/tasks/main.yml @@ -2,6 +2,8 @@ package: name=dhcpcd state=present + tags: + - install - name: ensure dhcpcd is configured template: diff --git a/roles/dhcpd/defaults/main.yml b/roles/dhcpd/defaults/main.yml new file mode 100644 index 0000000..b331c53 --- /dev/null +++ b/roles/dhcpd/defaults/main.yml @@ -0,0 +1,9 @@ +dhcp_interfaces: [] +dhcp_ddns: false +dhcp_subnets: [] +dhcp_reservations: [] +dhcp_default_lease: 43200 +dhcp_max_lease: 86400 +dhcp_need_interfaces: '{{ dhcp_interfaces }}' +default_dyn_hostname_prefix: host- +dhcp_ddns_zones: [] diff --git a/roles/dhcpd/handlers/main.yml b/roles/dhcpd/handlers/main.yml new file mode 100644 index 0000000..2d2fd85 --- /dev/null +++ b/roles/dhcpd/handlers/main.yml @@ -0,0 +1,6 @@ +- name: restart dhcpd + service: name=dhcpd + state=restarted +- name: restart dhcpd6 + service: name=dhcpd6 + state=restarted diff --git a/roles/dhcpd/tasks/main.yml b/roles/dhcpd/tasks/main.yml new file mode 100644 index 0000000..113c894 --- /dev/null +++ b/roles/dhcpd/tasks/main.yml @@ -0,0 +1,30 @@ +- name: ensure dhcpd is installed + package: + name=dhcp-server + state=present + tags: + - install + +- name: ensure dhcpd service is configured + template: + src=dhcpd.confd.j2 + dest=/etc/conf.d/dhcpd + mode=0644 + when: ansible_distribution == 'Gentoo' + notify: restart dhcpd +- name: ensure dhcpd is configured + template: + src=dhcpd.conf.j2 + dest=/etc/dhcp/dhcpd.conf + mode=0644 + notify: restart dhcpd + +- name: ensure dhcpd starts at boot + service: + name=dhcpd + enabled=yes +- meta: flush_handlers +- name: ensure dhcpd is running + service: + name=dhcpd + state=started diff --git a/roles/dhcpd/templates/dhcpd.conf.j2 b/roles/dhcpd/templates/dhcpd.conf.j2 new file mode 100644 index 0000000..1b57821 --- /dev/null +++ b/roles/dhcpd/templates/dhcpd.conf.j2 @@ -0,0 +1,93 @@ +# vim: set ft=dhcpd : +{# vim: set ft=jinja : #} + +{% if dhcp_domain_name is defined %} +option domain-name "{{ dhcp_domain_name }}"; +{% endif %} +{% if dhcp_dns_servers is defined %} +option domain-name-servers {{ dhcp_dns_servers|join(', ') }}; +{% endif %} +{% if dhcp_ntp_servers is defined %} +option ntp-servers {{ dhcp_ntp_servers|join(', ') }}; +{% endif %} + +authoritative; +{% if dhcp_ddns %} + +ddns-updates on; +ddns-update-style interim; +update-static-leases on; +allow client-updates; +{% endif %} +{% for subnet in dhcp_subnets %} + +subnet {{ subnet.address|ipv4('network') }} netmask {{ subnet.address|ipv4('netmask') }} { +{% if subnet.pools is defined %} +{% for range in subnet.pools %} + range {{ range.start }} {{ range.end }}; +{% endfor %} +{% endif %} + default-lease-time {{ subnet.default_lease|d(dhcp_default_lease) }}; + max-lease-time {{ subnet.max_lease|d(dhcp_max_lease) }}; +{% if subnet.routers is defined %} + option routers {{ subnet.routers|join(' ') }}; +{% endif %} +{% if subnet.domain_name is defined %} + option domain-name "{{ subnet.domain_name }}"; +{% endif %} +{% if subnet.domain_search is defined %} + option domain-search "{{ subnet.domain_search }}"; +{% endif %} +{% if subnet.dns_servers is defined %} + option domain-name-servers {{ subnet.dns_servers|join(', ') }}; +{% endif %} +{% if subnet.ntp_servers is defined %} + option ntp-servers {{ subnet.ntp_servers|join(', ') }}; +{% endif %} +{% if subnet.next_server is defined %} + next-server {{ subnet.next_server }}; +{% if subnet.boot_filename is defined %} + filename "{{ subnet.boot_filename }}"; +{% endif %} +{% endif %} +{% if subnet.dynamic_hostnames|d|bool %} + option host-name = {{ dyn_hostname_expr.format(prefix=subnet.dyn_hostname_prefix|d(default_dyn_hostname_prefix)) }}; + ddns-hostname = {{ dyn_hostname_expr.format(prefix=subnet.dyn_hostname_prefix|d(default_dyn_hostname_prefix)) }}; +{% endif %} +} +{% endfor %} +{% if dhcp_ddns %} +{% for key in dhcp_ddns_keys %} + +key {{ key.name }} { + algorithm {{ key.algorithm|d('hmac-md5') }}; + secret "{{ key.secret }}"; +} +{% endfor %} +{% for zone in dhcp_ddns_zones %} + +zone {{ zone.zone }}. { + primary {{ zone.primary }}; +{% if zone.key is defined %} + key {{ zone.key }}; +{% endif %} +} +{% endfor %} +{% endif %} +{% for res in dhcp_reservations %} + +host {{ res.host }} { +{% if res.mac_addr is defined %} + hardware ethernet {{ res.mac_addr }}; +{% elif res.duid is defined %} + host-identifier option dhcp-client-identifier {{ res.duid }}; +{% endif %} +{% if res.ip_addr is defined %} + fixed-address {{ res.ip_addr }}; +{% endif %} +{% if res.hostname is defined %} + option host-name "{{ res.hostname }}"; + ddns-hostname "{{ res.hostname }}"; +{% endif %} +} +{% endfor %} diff --git a/roles/dhcpd/templates/dhcpd.confd.j2 b/roles/dhcpd/templates/dhcpd.confd.j2 new file mode 100644 index 0000000..408e20d --- /dev/null +++ b/roles/dhcpd/templates/dhcpd.confd.j2 @@ -0,0 +1,29 @@ +# /etc/conf.d/dhcpd: config file for /etc/init.d/dhcpd + +# If you require more than one instance of dhcpd you can create symbolic +# links to dhcpd service like so +# cd /etc/init.d +# ln -s dhcpd dhcpd.foo +# cd ../conf.d +# cp dhcpd dhcpd.foo +# Now you can edit dhcpd.foo and specify a different configuration file. +# You'll also need to specify a pidfile in that dhcpd.conf file. +# See the pid-file-name option in the dhcpd.conf man page for details. + +# If you wish to run dhcpd in a chroot, uncomment the following line +# DHCPD_CHROOT="/var/lib/dhcp/chroot" + +# All file paths below are relative to the chroot. +# You can specify a different chroot directory but MAKE SURE it's empty. + +# Specify a configuration file - the default is /etc/dhcp/dhcpd.conf +# DHCPD_CONF="/etc/dhcp/dhcpd.conf" + +# Configure which interface or interfaces to for dhcpd to listen on. +# List all interfaces space separated. If this is not specified then +# we listen on all interfaces. +DHCPD_IFACE="{{ dhcp_interfaces|join(' ') }}" + +# Insert any other dhcpd options - see the man page for a full list. +# DHCPD_OPTS="" +rc_need="!net {% for i in dhcp_need_interfaces %}net.{{ i }}{% if not loop.last %} {% endif %}{% endfor %}" diff --git a/roles/dhcpd/vars/main.yml b/roles/dhcpd/vars/main.yml new file mode 100644 index 0000000..8a62e79 --- /dev/null +++ b/roles/dhcpd/vars/main.yml @@ -0,0 +1,10 @@ +dyn_hostname_expr: >- + pick(option fqdn.hostname, option host-name, + concat("{prefix}", concat( + suffix(concat("0", binary-to-ascii(16, 8, "", substring(hardware, 1, 1))), 2), + suffix(concat("0", binary-to-ascii(16, 8, "", substring(hardware, 2, 1))), 2), + suffix(concat("0", binary-to-ascii(16, 8, "", substring(hardware, 3, 1))), 2), + suffix(concat("0", binary-to-ascii(16, 8, "", substring(hardware, 4, 1))), 2), + suffix(concat("0", binary-to-ascii(16, 8, "", substring(hardware, 5, 1))), 2), + suffix(concat("0", binary-to-ascii(16, 8, "", substring(hardware, 6, 1))), 2) + )))