Add DHCP server role.

This commit is contained in:
Markus 2017-01-21 17:55:08 +01:00
parent f3e469bfb6
commit 6ae56bc002
6 changed files with 157 additions and 4 deletions

View File

@ -39,10 +39,6 @@ nslcd_base_group: ou=groups,dc=binary-kitchen,dc=de
nslcd_base_shadow: ou=people,dc=binary-kitchen,dc=de
nslcd_base_passwd: ou=people,dc=binary-kitchen,dc=de
ntp_servers:
- 172.23.1.61
- 172.23.2.2
owncloud_domain: oc.binary-kitchen.de
owncloud_dbname: owncloud
owncloud_dbuser: owncloud

View File

@ -1,5 +1,9 @@
---
dhcpd_failover: true
dhcpd_primary: 172.23.2.3
dhcpd_secondary: 172.23.2.4
name_servers:
- 172.23.2.1
- 172.23.2.3

View File

@ -0,0 +1,4 @@
---
- name: Restart isc-dhcp-server
service: name=isc-dhcp-server state=restarted

18
roles/dhcp/tasks/main.yml Normal file
View File

@ -0,0 +1,18 @@
---
- name: Install dhcp server
apt: name={{item}} state=latest
tags: dhcp
with_items:
- isc-dhcp-server
- name: Configure dhcp server
template: src={{item}}.j2 dest=/etc/{{item}}
tags: dhcp
notify: Restart isc-dhcp-server
with_items:
- dhcp/dhcpd.conf
- name: Start the dhcp server
service: name=isc-dhcp-server state=started enabled=yes
tags: dhcp

View File

@ -0,0 +1,130 @@
# dhcpd.conf
# option definitions common to all supported networks...
option domain-name "binary.kitchen";
option domain-name-servers {{ name_servers | join(', ') }};
option ntp-servers {{ ntp_servers | join(', ') }};
default-lease-time 3600;
max-lease-time 14400;
# Use this to enble / disable dynamic dns updates globally.
ddns-update-style none;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;
{% if dhcpd_failover == true %}
# Failover
failover peer "failover-partner" {
{% if ansible_default_ipv4.address == dhcpd_primary %}
primary;
address {{ dhcpd_primary }};
peer address {{ dhcpd_secondary }};
{% elif ansible_default_ipv4.address == dhcpd_secondary %}
secondary;
address {{ dhcpd_secondary }};
peer address {{ dhcpd_primary }};
{% endif %}
port 520;
peer port 520;
max-response-delay 60;
max-unacked-updates 10;
{% if ansible_default_ipv4.address == dhcpd_primary %}
mclt 600;
split 255;
{% endif %}
load balance max seconds 3;
}
{% endif %}
# Binary Kitchen subnets
# Management
subnet 172.23.1.0 netmask 255.255.255.0 {}
# Services
subnet 172.23.2.0 netmask 255.255.255.0 {
option routers 172.23.2.254;
}
# Members
subnet 172.23.3.0 netmask 255.255.255.0 {
option routers 172.23.3.254;
pool {
{% if dhcpd_failover == true %}
failover peer "failover-partner";
{% endif %}
range 172.23.3.1 172.23.3.240;
}
}
# Guests
subnet 172.23.4.0 netmask 255.255.255.0 {
option routers 172.23.4.254;
pool {
{% if dhcpd_failover == true %}
failover peer "failover-partner";
{% endif %}
range 172.23.4.1 172.23.4.240;
}
}
# Fixed IPs
host cashdesk {
hardware ethernet 00:0b:ca:94:13:f1;
fixed-address cashdesk.binary.kitchen;
}
host homer {
hardware ethernet b8:27:eb:24:b2:12;
fixed-address homer.binary.kitchen;
}
host lock {
hardware ethernet b8:27:eb:5d:e7:6e;
fixed-address lock.binary.kitchen;
}
host marge {
hardware ethernet b8:27:eb:54:99:1a;
fixed-address 172.23.2.15;
}
host matrix {
hardware ethernet b8:27:eb:ed:22:58;
fixed-address matrix.binary.kitchen;
}
host punsch {
hardware ethernet 00:21:85:1b:7f:3d;
fixed-address punsch.binary.kitchen;
}
host spiegelei {
hardware ethernet 00:23:7d:79:82:8e;
fixed-address spiegelei.binary.kitchen;
}
host zwiebel {
hardware ethernet b8:27:eb:0d:d1:55;
fixed-address zwiebel.binary.kitchen;
}
# OMAPI
omapi-port 7911;
omapi-key omapi_key;
key omapi_key {
algorithm hmac-md5;
secret KDTrwNNyUOnGtrYo8RBjTzsE35hAjuggm5pxZD3xMuE4PdPyOkjuN/bM1uLLaIL/iGHQb/OmNsqCGqzOMSwhdA==;
}

View File

@ -10,6 +10,7 @@
hosts: bacon.binary.kitchen
roles:
- dns
- dhcp
- name: Setup monitoring server
hosts: nabia.binary.kitchen