ada/hac
2
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity

Add DHCP
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details

Browse source
This commit is contained in:
Ada 2024-04-17 14:58:43 +02:00
parent f5c29bad3f
commit 1f444bacaf
Signed by: ada
GPG key ID: 6A7F898157C6DE6E
6 changed files with 170 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
ansible/deploy.yml
View file

@ -19,3 +19,9 @@
become: true become: true
roles: roles:
- knot_resolver - knot_resolver
- name: DHCP
hosts: kea-dhcp
become: true
roles:
- kea_dhcp

19
ansible/group_vars/kea-dhcp/all.yml Normal file
View file

@ -0,0 +1,19 @@
---
domain: r4.pm
domain_search:
- lab.r4.pm
- r4.pm
networks:
- subnet: 10.15.0.0/24
start: 10.15.0.200
end: 10.15.0.254
routers: 10.15.0.1
- subnet: 10.20.0.0/24
start: 10.20.0.200
end: 10.20.0.254
routers: 10.20.0.1
- subnet: 10.30.0.0/24
start: 10.30.0.200
end: 10.30.0.254
routers: 10.30.0.1

6
ansible/hosts.yml
View file

@ -1,8 +1,14 @@
---
all: all:
hosts: hosts:
resolver-1: resolver-1:
ansible_host: 10.20.0.42 ansible_host: 10.20.0.42
dhcp-1:
ansible_host: 10.20.0.43
children: children:
resolver: resolver:
hosts: hosts:
resolver-1: resolver-1:
kea-dhcp:
hosts:
dhcp-1:

11
ansible/roles/kea_dhcp/handlers/main.yml Normal file
View file

@ -0,0 +1,11 @@
---
- name: Restart isc-kea-dhcp4-server
become: true
ansible.builtin.service:
state: restarted
name: isc-kea-dhcp4-server
- name: Enable isc-kea-dhcp4-server
ansible.builtin.service:
enabled: true
name: isc-kea-dhcp4-server

40
ansible/roles/kea_dhcp/tasks/main.yml Normal file
View file

@ -0,0 +1,40 @@
---
- name: Add kea dhcp pgp key
ansible.builtin.get_url:
url: https://dl.cloudsmith.io/public/isc/kea-2-4/gpg.0D9D9A1439E23DB9.key
dest: /usr/share/keyrings/kea-archive-keyring.asc
mode: "0644"
validate_certs: true
checksum: sha512:f58db6baa7f7147c3280275b6f7cc11e34836fb904604d587c1883e6b4a8e89377046809203e2f1a1a87a7f28556728a9ecdb740d62e753592d2dbab0d2e87c8
changed_when: false
no_log: false
- name: Add kea dhcp repository
ansible.builtin.apt_repository:
repo: "deb [signed-by=/usr/share/keyrings/kea-archive-keyring.asc]
https://dl.cloudsmith.io/public/isc/kea-2-4/deb/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} main"
state: present
filename: isc-kea-dhcp
- name: Install isc-kea-dhcp
ansible.builtin.apt:
name: isc-kea-dhcp4-server
notify:
- Enable isc-kea-dhcp4-server
- name: Configure isc-kea-dhcp
ansible.builtin.template:
src: kea-dhcp4.conf.j2
dest: /etc/kea/kea-dhcp4.conf
owner: _kea
mode: '0640'
notify:
- Restart isc-kea-dhcp4-server
- name: Open required ports
community.general.ufw:
rule: allow
port: "{{ item }}"
proto: udp
with_items:
- '67'

88
ansible/roles/kea_dhcp/templates/kea-dhcp4.conf.j2 Normal file
View file

@ -0,0 +1,88 @@
{
"Dhcp4": {
// Add names of your network interfaces to listen on.
"interfaces-config": {
"interfaces": [ "eth0" ],
},
"control-socket": {
"socket-type": "unix",
"socket-name": "/tmp/kea4-ctrl-socket"
},
"lease-database": {
// Memfile is the simplest and easiest backend to use. It's an in-memory
// C++ database that stores its state in CSV file.
"type": "memfile",
"lfc-interval": 3600
},
"expired-leases-processing": {
"reclaim-timer-wait-time": 10,
"flush-reclaimed-timer-wait-time": 25,
"hold-reclaimed-time": 3600,
"max-reclaim-leases": 100,
"max-reclaim-time": 250,
"unwarned-reclaim-cycles": 5
},
"renew-timer": 900,
"rebind-timer": 1800,
"valid-lifetime": 3600,
"option-data": [
{
"name": "domain-name-servers",
"data": "{{ resolver_ip }}"
},
{
"code": 15,
"data": "{{ domain }}"
},
{
"name": "domain-search",
"data": "{{ domain_search|join(', ') }}"
},
],
// Below an example of a simple IPv4 subnet declaration. Uncomment to enable
// it. This is a list, denoted with [ ], of structures, each denoted with
// { }. Each structure describes a single subnet and may have several
// parameters. One of those parameters is "pools" that is also a list of
// structures.
"subnet4": [
{% for network in networks %}
{
"subnet": "{{ network.subnet }}",
"pools": [ { "pool": "{{ network.start }} - {{ network.end }}" } ],
"option-data": [
{
"name": "routers",
"data": "{{ network.routers }}"
}
],
}{% if not loop.last %},{% endif %}
{% endfor %}
],
"loggers": [
{
// This section affects kea-dhcp4, which is the base logger for DHCPv4
// component. It tells DHCPv4 server to write all log messages (on
// severity INFO or more) to a file.
"name": "kea-dhcp4",
"output_options": [
{
"output": "stdout",
}
],
"severity": "INFO",
"debuglevel": 0
}
]
}
}