diff --git a/group_vars/nms.yml b/group_vars/nms.yml index b05d9f0..1f2f050 100644 --- a/group_vars/nms.yml +++ b/group_vars/nms.yml @@ -5,6 +5,9 @@ datadisks: unbound_zones: - 25.20.172.in-addr.arpa - oob.foo.sh +dhcpd_template: dhcpd.conf.oob.j2 +dhcpd_ldap_filter: >- + (&(objectClass=ieee802Device)(objectClass=ipHost)(cn=*.oob.foo.sh)) network_vip_interfaces: - device: eth0 diff --git a/playbooks/nms.yml b/playbooks/nms.yml index 856e221..969b6a5 100644 --- a/playbooks/nms.yml +++ b/playbooks/nms.yml @@ -58,6 +58,10 @@ ansible.builtin.import_role: name: unbound + - name: Import dhcpd role + ansible.builtin.import_role: + name: dhcpd + # convert this to role for restart support - name: Enable NTP server for oob network ansible.builtin.lineinfile: diff --git a/roles/dhcpd/templates/dhcpd.conf.oob.j2 b/roles/dhcpd/templates/dhcpd.conf.oob.j2 new file mode 100644 index 0000000..b1a9034 --- /dev/null +++ b/roles/dhcpd/templates/dhcpd.conf.oob.j2 @@ -0,0 +1,40 @@ + +authorative; +ddns-update-style none; + +# logging +on commit { + log(info, + concat("Client ", + binary-to-ascii(16, 8, ":", substring(hardware, 1, 6)), + " requests ", + binary-to-ascii(16, 8, ":", option dhcp-parameter-request-list), + " - ", + pick-first-value(option vendor-class-identifier, "no vendor-id"), + " - ", + pick-first-value(option user-class, "no user-class")) + ); +} + +shared-network OOBNET { + + subnet 172.20.25.0 netmask 255.255.255.0 { + default-lease-time 86400; + max-lease-time 604800; + option subnet-mask 255.255.255.0; + option broadcast-address 172.20.25.255; + + option domain-name "oob.foo.sh"; + option domain-name-servers 172.20.25.1, 172.20.25.2, 172.20.25.3; + use-host-decl-names on; + } + +{% for host in ldap_hosts.results %} + host {{ host['cn'] }} { + option host-name "{{ host['cn'] }}"; + hardware ethernet {{ host['macAddress'] }}; + fixed-address {{ host['ipHostNumber'] }}; + } +{% endfor %} + +}