Add DHCP server role.

group_vars/all

@@ -39,10 +39,6 @@ nslcd_base_group: ou=groups,dc=binary-kitchen,dc=de
 nslcd_base_shadow: ou=people,dc=binary-kitchen,dc=de
 nslcd_base_passwd: ou=people,dc=binary-kitchen,dc=de
 
-ntp_servers:
-- 172.23.1.61
-- 172.23.2.2
-
 owncloud_domain: oc.binary-kitchen.de
 owncloud_dbname: owncloud
 owncloud_dbuser: owncloud

group_vars/kitchen

@@ -1,5 +1,9 @@
 ---
 
+dhcpd_failover: true
+dhcpd_primary: 172.23.2.3
+dhcpd_secondary: 172.23.2.4
+
 name_servers:
 - 172.23.2.1
 - 172.23.2.3

roles/dhcp/handlers/main.yml

@@ -0,0 +1,4 @@
+---
+
+- name: Restart isc-dhcp-server
+  service: name=isc-dhcp-server state=restarted

roles/dhcp/tasks/main.yml

@@ -0,0 +1,18 @@
+---
+
+- name: Install dhcp server
+  apt: name={{item}} state=latest
+  tags: dhcp
+  with_items:
+   - isc-dhcp-server
+
+- name: Configure dhcp server
+  template: src={{item}}.j2 dest=/etc/{{item}}
+  tags: dhcp
+  notify: Restart isc-dhcp-server
+  with_items:
+   - dhcp/dhcpd.conf
+
+- name: Start the dhcp server
+  service: name=isc-dhcp-server state=started enabled=yes
+  tags: dhcp

roles/dhcp/templates/dhcp/dhcpd.conf.j2

@@ -0,0 +1,130 @@
+# dhcpd.conf
+
+# option definitions common to all supported networks...
+option domain-name "binary.kitchen";
+option domain-name-servers {{ name_servers | join(', ') }};
+option ntp-servers {{ ntp_servers | join(', ') }};
+
+default-lease-time 3600;
+max-lease-time 14400;
+
+# Use this to enble / disable dynamic dns updates globally.
+ddns-update-style none;
+
+# If this DHCP server is the official DHCP server for the local
+# network, the authoritative directive should be uncommented.
+authoritative;
+
+# Use this to send dhcp log messages to a different log file (you also
+# have to hack syslog.conf to complete the redirection).
+log-facility local7;
+
+{% if dhcpd_failover == true %}
+
+# Failover
+
+failover peer "failover-partner" {
+{% if ansible_default_ipv4.address == dhcpd_primary %}
+  primary;
+  address {{ dhcpd_primary }};
+  peer address {{ dhcpd_secondary }};
+{% elif ansible_default_ipv4.address == dhcpd_secondary %}
+  secondary;
+  address {{ dhcpd_secondary }};
+  peer address {{ dhcpd_primary }};
+{% endif %}
+  port 520;
+  peer port 520;
+  max-response-delay 60;
+  max-unacked-updates 10;
+{% if ansible_default_ipv4.address == dhcpd_primary %}
+  mclt 600;
+  split 255;
+{% endif %}
+  load balance max seconds 3;
+}
+{% endif %}
+
+# Binary Kitchen subnets
+
+# Management
+subnet 172.23.1.0 netmask 255.255.255.0 {}
+
+# Services
+subnet 172.23.2.0 netmask 255.255.255.0 {
+  option routers 172.23.2.254;
+}
+
+# Members
+subnet 172.23.3.0 netmask 255.255.255.0 {
+  option routers 172.23.3.254;
+  pool {
+{% if dhcpd_failover == true %}
+    failover peer "failover-partner";
+{% endif %}
+    range 172.23.3.1 172.23.3.240;
+  }
+}
+
+# Guests
+subnet 172.23.4.0 netmask 255.255.255.0 {
+  option routers 172.23.4.254;
+  pool {
+{% if dhcpd_failover == true %}
+    failover peer "failover-partner";
+{% endif %}
+    range 172.23.4.1 172.23.4.240;
+  }
+}
+
+
+# Fixed IPs
+host cashdesk {
+  hardware ethernet 00:0b:ca:94:13:f1;
+  fixed-address cashdesk.binary.kitchen;
+}
+
+host homer {
+  hardware ethernet b8:27:eb:24:b2:12;
+  fixed-address homer.binary.kitchen;
+}
+
+host lock {
+  hardware ethernet b8:27:eb:5d:e7:6e;
+  fixed-address lock.binary.kitchen;
+}
+
+host marge {
+  hardware ethernet b8:27:eb:54:99:1a;
+  fixed-address 172.23.2.15;
+}
+
+host matrix {
+  hardware ethernet b8:27:eb:ed:22:58;
+  fixed-address matrix.binary.kitchen;
+}
+
+host punsch {
+  hardware ethernet 00:21:85:1b:7f:3d;
+  fixed-address punsch.binary.kitchen;
+}
+
+host spiegelei {
+  hardware ethernet 00:23:7d:79:82:8e;
+  fixed-address spiegelei.binary.kitchen;
+}
+
+host zwiebel {
+  hardware ethernet b8:27:eb:0d:d1:55;
+  fixed-address zwiebel.binary.kitchen;
+}
+
+# OMAPI
+
+omapi-port 7911;
+omapi-key omapi_key;
+
+key omapi_key {
+  algorithm hmac-md5;
+  secret KDTrwNNyUOnGtrYo8RBjTzsE35hAjuggm5pxZD3xMuE4PdPyOkjuN/bM1uLLaIL/iGHQb/OmNsqCGqzOMSwhdA==;
+}

site.yml

@@ -10,6 +10,7 @@
   hosts: bacon.binary.kitchen
   roles:
   - dns
+  - dhcp
 
 - name: Setup monitoring server
   hosts: nabia.binary.kitchen