dhcpd: Initial version of role.

Currently works only for main DHCP server.
2021-04-22 20:37:28 +00:00 · 2021-04-22 20:37:28 +00:00 · d4a29bb758
commit d4a29bb758
parent 4634a9687b
5 changed files with 117 additions and 0 deletions
--- a/roles/dhcpd/handlers/main.yml
+++ b/roles/dhcpd/handlers/main.yml
@ -0,0 +1,5 @@
+---
+- name: restart dhcpd
+  service:
+    name: "{{ dhcpd_service }}"
+    state: restarted
--- a/roles/dhcpd/tasks/main.yml
+++ b/roles/dhcpd/tasks/main.yml
@ -0,0 +1,24 @@
+---
+- name: include OS-specific variables
+  include_vars: "{{ ansible_os_family }}.yml"                                 
+
+- name: install packages
+  package:
+    name: "{{ dhcpd_package }}"
+    state: installed
+
+- name: create config
+  template:
+    dest: "{{ dhcpd_config }}"
+    src: dhcpd.conf.j2
+    owner: root
+    group: "{{ ansible_wheel }}"
+    #validate: "dhcpd -t -cf %s"
+  notify: restart dhcpd
+
+- name: enable service
+  service:
+    name: "{{ dhcpd_service }}"
+    state: started
+    enabled: true
+    arguments: "-user _isc-dhcp -group _isc-dhcp vio0"
--- a/roles/dhcpd/templates/dhcpd.conf.j2
+++ b/roles/dhcpd/templates/dhcpd.conf.j2
@ -0,0 +1,80 @@
+
+authoritative;
+ddns-update-style none;
+
+# custom options
+option arch code 93 = unsigned integer 16;
+
+# logging
+on commit {
+    log(info,
+        concat("Client ",
+        binary-to-ascii(16, 8, ":", substring(hardware, 1, 6)),
+        " requests ",
+        binary-to-ascii(16, 8, ":", option dhcp-parameter-request-list),
+        " - ",
+        pick-first-value(option vendor-class-identifier, "no vendor-id"),
+        " - ",
+        pick-first-value(option user-class, "no user-class"))
+    );
+}
+
+# pxe clients
+class "PXEClient" {
+    match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
+
+    next-server 172.20.20.10;
+    if exists user-class and option user-class = "iPXE" {
+        filename "https://boot.foo.sh/boot.ipxe";
+    } else {
+        if option arch = 00:07 {
+            filename "ipxe.efi";
+        } else {
+            filename "undionly.kpxe";
+        }
+    }
+}
+
+# kludge to try to detect openbsd installer
+class "OpenBSD" {
+    match if not exists vendor-class-identifier and not exists user-class;
+
+    next-server 172.20.20.10;
+    filename "auto_install";
+    option tftp-server-name "boot.foo.sh/openbsd";
+}
+
+shared-network FOOSH {
+
+    subnet 172.20.20.0 netmask 255.255.252.0 {
+        default-lease-time 86400;
+        max-lease-time 604800;
+        option subnet-mask 255.255.252.0;
+        option broadcast-address 172.20.23.255;
+        option routers 172.20.20.1;
+
+        option domain-name "home.foo.sh";
+        option domain-name-servers 172.20.20.10, 172.20.21.1, 172.20.21.2;
+        use-host-decl-names on;
+    }
+
+{% for hostname in hostvars %}
+{%   if hostvars[hostname]['network_interfaces'] is defined %}
+{%     for interface in hostvars[hostname]['network_interfaces'] %}
+{%       if interface['vlan'] == 20 and interface['mac'] is defined %}
+{%         if interface['ipaddr'] is defined %}
+{%           set ipaddr = interface['ipaddr'] %}
+{%         else %}
+{%           set ipaddr = '172.20.21.' + interface['mac'].split(':')[5] | int(base=16) | string %}
+{%         endif %}
+    host {{ hostname }} {
+        option host-name "{{ hostname }}";
+        hardware ethernet {{ interface['mac'] }};
+        fixed-address {{ ipaddr }};
+    }
+{%       endif %}
+{%     endfor %}
+{%   endif %}
+{% endfor %}
+
+}
--- a/roles/dhcpd/vars/OpenBSD.yml
+++ b/roles/dhcpd/vars/OpenBSD.yml
@ -0,0 +1,4 @@
+---
+dhcpd_config: /etc/dhcpd.conf
+dhcpd_package: isc-dhcp-server
+dhcpd_service: isc_dhcpd
--- a/roles/dhcpd/vars/RedHat.yml
+++ b/roles/dhcpd/vars/RedHat.yml
@ -0,0 +1,4 @@
+---
+dhcpd_config: /etc/dhcp/dhcpd.conf
+dhcpd_package: dhcp-server
+dhcpd_service: dhcpd