diff --git a/group_vars/aurore/main.yml b/group_vars/aurore/main.yml index 4111f79..e49d40d 100644 --- a/group_vars/aurore/main.yml +++ b/group_vars/aurore/main.yml @@ -2,4 +2,7 @@ apartment_block: aurore apartment_block_id: 0 router_ip_suffix: 254 + +# We have two -aurore DHCP servers, but no failover peer functionality is needed +# because they only give out IPs assigned by re2o. dhcp_failover_enabled: false diff --git a/roles/isc-dhcp-server/tasks/main.yml b/roles/isc-dhcp-server/tasks/main.yml index 877c3e5..2d54921 100644 --- a/roles/isc-dhcp-server/tasks/main.yml +++ b/roles/isc-dhcp-server/tasks/main.yml @@ -77,18 +77,25 @@ when: dhcp_failover_enabled notify: restart dhcpd -- name: Configure dhcpd.conf (regular service) +- name: Configure dhcpd.conf template: src: dhcp/dhcpd.conf.j2 dest: /etc/dhcp/dhcpd.conf mode: 0600 notify: restart dhcpd + +- name: Configure subnets.conf (regular service) + template: + src: dhcp/regular-subnets.conf.j2 + dest: /etc/dhcp/subnets.conf + mode: 0600 + notify: restart dhcpd when: not is_aurore_host -- name: Configure dhcpd.conf (aurore service) +- name: Configure subnets.conf (aurore service) template: - src: dhcp/dhcpd-aurore.conf.j2 - dest: /etc/dhcp/dhcpd.conf + src: dhcp/aurore-subnets.conf.j2 + dest: /etc/dhcp/subnets.conf mode: 0600 notify: restart dhcpd when: is_aurore_host diff --git a/roles/isc-dhcp-server/templates/dhcp/aurore-subnets.conf.j2 b/roles/isc-dhcp-server/templates/dhcp/aurore-subnets.conf.j2 new file mode 100644 index 0000000..1a0e09e --- /dev/null +++ b/roles/isc-dhcp-server/templates/dhcp/aurore-subnets.conf.j2 @@ -0,0 +1,12 @@ +subnet 45.66.110.0 netmask 255.255.255.0 { + interface "ens19"; + option subnet-mask 255.255.255.0; + option broadcast-address 45.66.110.255; + option routers 45.66.110.{{ router_ip_suffix }}; + option domain-name-servers 45.66.110.{{ dns_host_suffix_main }}, {{ backup_dns_servers|join(', ') }}; + option domain-name "adh.auro.re"; + option domain-search "adh.auro.re"; + include "/var/local/re2o-services/dhcp/generated/dhcp.adh.auro.re.list"; + + deny unknown-clients; +} diff --git a/roles/isc-dhcp-server/templates/dhcp/dhcpd-aurore.conf.j2 b/roles/isc-dhcp-server/templates/dhcp/dhcpd-aurore.conf.j2 deleted file mode 100644 index d2e6b54..0000000 --- a/roles/isc-dhcp-server/templates/dhcp/dhcpd-aurore.conf.j2 +++ /dev/null @@ -1,36 +0,0 @@ -# {{ ansible_managed }} - -default-lease-time 86400; -max-lease-time 86400; - -# The MTU theoretically could go as high as 1496 (4-byte VLAN tag). -option interface-mtu {{ mtu }}; -option root-path "/"; - -# The ddns-updates-style parameter controls whether or not the server will -# attempt to do a DNS update when a lease is confirmed. We default to the -# behavior of the version 2 packages ('none', since DHCP v2 didn't -# have support for DDNS.) -ddns-update-style none; - -# If this DHCP server is the official DHCP server for the local -# network, the authoritative directive should be uncommented. -authoritative; - -# Use this to send dhcp log messages to a different log file (you also -# have to hack syslog.conf to complete the redirection). -log-facility local7; - -# Aurore topology -subnet 45.66.110.0 netmask 255.255.255.0 { - interface "ens19"; - option subnet-mask 255.255.255.0; - option broadcast-address 45.66.110.255; - option routers 45.66.110.{{ router_ip_suffix }}; - option domain-name-servers 45.66.110.{{ dns_host_suffix_main }}, {{ backup_dns_servers|join(', ') }}; - option domain-name "adh.auro.re"; - option domain-search "adh.auro.re"; - include "/var/local/re2o-services/dhcp/generated/dhcp.adh.auro.re.list"; - - deny unknown-clients; -} diff --git a/roles/isc-dhcp-server/templates/dhcp/dhcpd.conf.j2 b/roles/isc-dhcp-server/templates/dhcp/dhcpd.conf.j2 index cde8d25..84c86fd 100644 --- a/roles/isc-dhcp-server/templates/dhcp/dhcpd.conf.j2 +++ b/roles/isc-dhcp-server/templates/dhcp/dhcpd.conf.j2 @@ -18,61 +18,8 @@ authoritative; log-facility local7; -{% if dhcp_failover is defined %} +{% if dhcp_failover_enabled %} include "/etc/dhcp/dhcp-failover.conf"; {% endif %} -# Bornes WiFi -subnet 10.{{ subnet_ids.ap }}.0.0 netmask 255.255.0.0 { - interface "ens19"; - option subnet-mask 255.255.0.0; - option broadcast-address 10.{{ subnet_ids.ap }}.255.255; - option routers 10.{{ subnet_ids.ap }}.0.250; - option domain-name "borne.auro.re"; - option domain-search "borne.auro.re"; - - option domain-name-servers 10.{{ subnet_ids.ap }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.ap }}.0.{{ dns_host_suffix_backup }}, {{ backup_dns_servers|join(', ') }}; - include "/var/local/re2o-services/dhcp/generated/dhcp.borne.auro.re.list"; - - deny unknown-clients; -} - -# Users filaire -subnet 10.{{ subnet_ids.users_wired }}.0.0 netmask 255.255.0.0 { - interface "ens20"; - option subnet-mask 255.255.0.0; - option broadcast-address 10.{{ subnet_ids.users_wired }}.255.255; - option routers 10.{{ subnet_ids.users_wired }}.0.{{ router_ip_suffix }}; - option domain-name "fil.{{ apartment_block_dhcp }}.auro.re"; - option domain-search "auro.re"; - - option domain-name-servers 10.{{ subnet_ids.users_wired }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.users_wired }}.0.{{ dns_host_suffix_backup }}, {{ backup_dns_servers|join(', ') }}; - - include "/var/local/re2o-services/dhcp/generated/dhcp.fil.{{ apartment_block_dhcp }}.auro.re.list"; - - deny unknown-clients; -} - - -# Users WiFi -subnet 10.{{ subnet_ids.users_wifi }}.0.0 netmask 255.255.0.0 { - interface "ens21"; - option subnet-mask 255.255.0.0; - option broadcast-address 10.{{ subnet_ids.users_wifi }}.255.255; - option routers 10.{{ subnet_ids.users_wifi }}.0.{{ router_ip_suffix }}; - option domain-name "wifi.{{ apartment_block_dhcp }}.auro.re"; - option domain-search "auro.re"; - - option domain-name-servers 10.{{ subnet_ids.users_wifi }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.users_wifi }}.0.{{ dns_host_suffix_backup }}, {{ backup_dns_servers|join(', ') }}; - - include "/var/local/re2o-services/dhcp/generated/dhcp.wifi.{{ apartment_block_dhcp }}.auro.re.list"; - - pool { - range 10.{{ subnet_ids.users_wifi }}.8.0 10.{{ subnet_ids.users_wifi }}.10.255; - -{% if dhcp_failover is defined %} - failover peer "dhcp-failover"; -{% endif %} - } -} - +include "/etc/dhcp/subnets.conf"; diff --git a/roles/isc-dhcp-server/templates/dhcp/regular-subnets.conf.j2 b/roles/isc-dhcp-server/templates/dhcp/regular-subnets.conf.j2 new file mode 100644 index 0000000..c18eed2 --- /dev/null +++ b/roles/isc-dhcp-server/templates/dhcp/regular-subnets.conf.j2 @@ -0,0 +1,53 @@ +# Bornes WiFi +subnet 10.{{ subnet_ids.ap }}.0.0 netmask 255.255.0.0 { + interface "ens19"; + option subnet-mask 255.255.0.0; + option broadcast-address 10.{{ subnet_ids.ap }}.255.255; + option routers 10.{{ subnet_ids.ap }}.0.250; + option domain-name "borne.auro.re"; + option domain-search "borne.auro.re"; + + option domain-name-servers 10.{{ subnet_ids.ap }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.ap }}.0.{{ dns_host_suffix_backup }}, {{ backup_dns_servers|join(', ') }}; + include "/var/local/re2o-services/dhcp/generated/dhcp.borne.auro.re.list"; + + deny unknown-clients; +} + +# Users filaire +subnet 10.{{ subnet_ids.users_wired }}.0.0 netmask 255.255.0.0 { + interface "ens20"; + option subnet-mask 255.255.0.0; + option broadcast-address 10.{{ subnet_ids.users_wired }}.255.255; + option routers 10.{{ subnet_ids.users_wired }}.0.{{ router_ip_suffix }}; + option domain-name "fil.{{ apartment_block_dhcp }}.auro.re"; + option domain-search "auro.re"; + + option domain-name-servers 10.{{ subnet_ids.users_wired }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.users_wired }}.0.{{ dns_host_suffix_backup }}, {{ backup_dns_servers|join(', ') }}; + + include "/var/local/re2o-services/dhcp/generated/dhcp.fil.{{ apartment_block_dhcp }}.auro.re.list"; + + deny unknown-clients; +} + + +# Users WiFi +subnet 10.{{ subnet_ids.users_wifi }}.0.0 netmask 255.255.0.0 { + interface "ens21"; + option subnet-mask 255.255.0.0; + option broadcast-address 10.{{ subnet_ids.users_wifi }}.255.255; + option routers 10.{{ subnet_ids.users_wifi }}.0.{{ router_ip_suffix }}; + option domain-name "wifi.{{ apartment_block_dhcp }}.auro.re"; + option domain-search "auro.re"; + + option domain-name-servers 10.{{ subnet_ids.users_wifi }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.users_wifi }}.0.{{ dns_host_suffix_backup }}, {{ backup_dns_servers|join(', ') }}; + + include "/var/local/re2o-services/dhcp/generated/dhcp.wifi.{{ apartment_block_dhcp }}.auro.re.list"; + + pool { + range 10.{{ subnet_ids.users_wifi }}.8.0 10.{{ subnet_ids.users_wifi }}.10.255; + +{% if dhcp_failover is defined %} + failover peer "dhcp-failover"; +{% endif %} + } +}