r/hass-dhcp: Clean up DHCP/DNS service

The production deployment of *dnsmasq* for Home Assistant has deviated from how the *hass-dhcp* role configures it. Bringing the role back in sync with how things really are.
2021-07-24 18:33:15 -05:00 · 2021-07-24 18:33:15 -05:00 · 5d7ebbaa05
parent ceeb61cdb0
commit 5d7ebbaa05
5 changed files with 62 additions and 5 deletions
--- a/roles/hass-dhcp/defaults/main.yml
+++ b/roles/hass-dhcp/defaults/main.yml
@ -1,5 +1,5 @@
 hass_dhcp_range:
  start: 192.168.1.100
  end: 192.168.1.250
-hass_dhcp_lease_time: 1h
+hass_dhcp_lease_time: 24h
 hass_dns_domain: homeassistant.io
--- a/roles/hass-dhcp/handlers/main.yml
+++ b/roles/hass-dhcp/handlers/main.yml
@ -2,3 +2,7 @@
  service:
    name: dnsmasq
    state: restarted
 - name: reload firewalld
  command: firewall-cmd --reload
 - name: save firewalld configuration
  command: firewall-cmd --runtime-to-permanent
--- a/roles/hass-dhcp/tasks/main.yml
+++ b/roles/hass-dhcp/tasks/main.yml
@ -12,3 +12,43 @@
    mode: '0644'
  notify:
  - restart dnsmasq
 - meta: flush_handlers
 - name: ensure homeassistant firewall zone exists
  firewalld:
    zone: homeassistant
    permanent: true
    state: present
  tags:
  - firewall
  notify:
  - reload firewalld
 - name: ensure homeassistant firewalld zone is configured
  firewalld:
    zone: homeassistant
    interface: '{{ hass_interface }}'
    permanent: true
    state: enabled
  notify:
  - reload firewalld
  tags:
  - firewall
 - meta: flush_handlers
 - name: ensure firewall is configured for home assistant services
  firewalld:
    zone: homeassistant
    service: '{{ item }}'
    immediate: yes
    permanent: no
    state: enabled
  loop:
  - dhcp
  - dns
  - http
  - https
  - mdns
  - mqtt-tls
  notify:
  - save firewalld configuration
  tags:
  - firewall
--- a/roles/hass-dhcp/templates/homeassistant.dnsmasq.conf.j2
+++ b/roles/hass-dhcp/templates/homeassistant.dnsmasq.conf.j2
@ -1,5 +1,9 @@
 no-resolv
 no-hosts
 interface={{ hass_interface }}
-dhcp-range={{ hass_dhcp_range.start }},{{ hass_dhcp_range.end }},{{ hass_dhcp_lease_time }}
+dhcp-range=set:homeassistant,{{ hass_dhcp_range.start }},{{ hass_dhcp_range.end }},{{ hass_dhcp_lease_time }}
-domain={{ hass_dns_domain }}
+domain={{ hass_dns_domain }},{{ hass_net_cidr }}
-
+interface-name={{ homeassistant_server_name }},{{ hass_interface }}
-log-queries=extra
+{% if hass_net_gateway|d %}
 dhcp-option=option:router,{{ hass_net_gateway }}
 {% endif %}
--- a/roles/hass-dhcp/vars/main.yml
+++ b/roles/hass-dhcp/vars/main.yml
@ -0,0 +1,9 @@
 hass_net_cidr: >-
  {{
    (
      ansible_facts[hass_interface].ipv4.network
      + '/'
      + ansible_facts[hass_interface].ipv4.netmask
    )
    | ipaddr('net')
  }}