dhcp: add role for isc-dhcp server
This commit is contained in:
parent
99c963e0ed
commit
ee8e3928f0
|
|
@ -0,0 +1,35 @@
|
|||
---
|
||||
|
||||
dhcp_server_package_name: "dhcp-server"
|
||||
dhcp_server_configfile_path: "/etc/dhcp/dhcpd.test.conf"
|
||||
dhcp_server_systemd_unit: "dhcpd.service"
|
||||
|
||||
# Default lease time in seconds: 1 day = 60*60*24
|
||||
dhcp_default_lease_time: 86400
|
||||
# Max lease time in seconds: 1 week = 60*60*24*7
|
||||
dhcp_max_lease_time: 604800
|
||||
# domain-name and name-servers common across all networks the dhcp-server controls
|
||||
dhcp_common_domain_name: "example.org"
|
||||
dhcp_common_name_servers:
|
||||
- "ns1.example.org"
|
||||
- "ns2.example.org"
|
||||
dhcp_is_authorative: True
|
||||
|
||||
dhcp_subnets:
|
||||
- net: 192.168.167.0
|
||||
netmask: 255.255.255.0
|
||||
routers: 192.168.167.2
|
||||
broadcast: 192.168.167.255
|
||||
domain_name: "int.example.org"
|
||||
domain_name_servers:
|
||||
- "ns1.int.example.org"
|
||||
domain_search:
|
||||
- "int.example.org"
|
||||
range_start: 192.168.167.10
|
||||
range_end: 192.168.167.20
|
||||
allow_unknown: True
|
||||
hosts:
|
||||
- name: server
|
||||
mac: "00:00:00:00:00:00"
|
||||
ip: 192.168.167.45
|
||||
|
||||
|
|
@ -0,0 +1,24 @@
|
|||
---
|
||||
|
||||
- name: Ensure ISC-DHCP installed
|
||||
package:
|
||||
name: "{{ dhcp_server_package_name }}"
|
||||
state: present
|
||||
|
||||
- name: Template DHCP-server configuration
|
||||
template:
|
||||
src: dhcpd.conf.j2
|
||||
dest: "{{ dhcp_server_configfile_path }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
setype: dhcp_etc_t
|
||||
|
||||
- name: Restart & enable DHCP-server
|
||||
systemd:
|
||||
name: "{{ dhcp_server_systemd_unit }}"
|
||||
enabled: yes
|
||||
state: restarted
|
||||
daemon_reload: yes
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,54 @@
|
|||
# dhcpd.conf
|
||||
|
||||
{% if dhcp_is_authorative is defined and dhcp_is_authorative is sameas true %}
|
||||
authoritative;
|
||||
{% endif %}
|
||||
|
||||
# Global settings for DHCP lease times
|
||||
default-lease-time {{ dhcp_default_lease_time }};
|
||||
max-lease-time {{ dhcp_max_lease_time }};
|
||||
|
||||
# Global domain names and servers for all supported networks
|
||||
{% if dhcp_common_domain_name is not none %}
|
||||
option domain-name "{{ dhcp_common_domain_name }}";
|
||||
{% endif %}
|
||||
{% if dhcp_common_name_servers is not none %}
|
||||
option domain-name-servers {{ dhcp_common_name_servers|join(', ') }};
|
||||
{% endif %}
|
||||
|
||||
# Use this to send dhcp log messages to a different log file (you also
|
||||
# have to hack syslog.conf to complete the redirection).
|
||||
log-facility local7;
|
||||
|
||||
# Subnet definitions
|
||||
{% for subnet in dhcp_subnets %}
|
||||
subnet {{ subnet.net }} netmask {{ subnet.netmask }} {
|
||||
option routers {{ subnet.routers }};
|
||||
option broadcast-address {{ subnet.broadcast }};
|
||||
option domain-name "{{ subnet.domain_name }}";
|
||||
option domain-name-servers {{ subnet.domain_name_servers|join(', ') }};
|
||||
{% if subnet.domain_search is defined and subnet.domain_search|length > 0 %}
|
||||
option domain-search {{ subnet.domain_search | map('regex_replace', '(.*)', '\"\\1\"') | join(', ') }};
|
||||
{% endif %}
|
||||
|
||||
{% if subnet.range_start is defined and subnet.range_end is defined %}
|
||||
range {{ subnet.range_start }} {{ subnet.range_end }};
|
||||
{% endif %}
|
||||
|
||||
{% if subnet.allow_unknown is defined and subnet.allow_unknown is sameas false %}
|
||||
deny unknown-clients;
|
||||
{% else %}
|
||||
allow unknown-clients;
|
||||
{% endif %}
|
||||
|
||||
{% for host in subnet.hosts %}
|
||||
host {{ host.name }} {
|
||||
hardware ethernet {{ host.mac }};
|
||||
{% if host.ip is defined %}
|
||||
fixed-address {{ host.ip }};
|
||||
{% endif %}
|
||||
}
|
||||
{% endfor %}
|
||||
}
|
||||
{% endfor %}
|
||||
|
||||
Loading…
Reference in New Issue