dhcp: ask clients to use our DNS servers
This commit is contained in:
parent
f05e92dc5e
commit
7275ebda47
3 changed files with 22 additions and 8 deletions
|
@ -36,3 +36,17 @@ monitoring_mail: 'monitoring.aurore@lists.crans.org'
|
|||
matrix_webhooks_secret: "{{ vault_matrix_webhooks_secret }}"
|
||||
matrix_discord_client_id: "559305991494303747"
|
||||
matrix_discord_bot_token: "{{ vault_matrix_discord_bot_token }}"
|
||||
|
||||
###
|
||||
# DNS
|
||||
###
|
||||
|
||||
# Dernier octet (en décimal) de l'addresse des serveurs DNS récursifs de chaque
|
||||
# résidence.
|
||||
dns_host_suffix: 253
|
||||
|
||||
upstream_dns_servers:
|
||||
- "80.67.169.12" # French Data Network (FDN) (ns0.fdn.fr)
|
||||
- "1.1.1.1" # Cloudflare
|
||||
|
||||
|
||||
|
|
|
@ -17,8 +17,6 @@
|
|||
|
||||
# Deploy unbound DNS server (recursive).
|
||||
- hosts: recursive_dns
|
||||
vars:
|
||||
- dns_host_suffix: 253
|
||||
roles:
|
||||
- unbound
|
||||
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
# dhcpd.conf
|
||||
# {{ ansible_managed }}
|
||||
|
||||
default-lease-time 86400;
|
||||
|
@ -8,8 +7,6 @@ max-lease-time 86400;
|
|||
|
||||
# The MTU theoretically could go as high as 1496 (4-byte VLAN tag).
|
||||
option interface-mtu 1400;
|
||||
# XXX: hardcoded DNS for now
|
||||
option domain-name-servers 80.67.169.12, 1.1.1.1;
|
||||
option root-path "/";
|
||||
|
||||
# The ddns-updates-style parameter controls whether or not the server will
|
||||
|
@ -24,8 +21,6 @@ authoritative;
|
|||
|
||||
log-facility local7;
|
||||
|
||||
|
||||
# TODO: move this failover peer declaration to a separate file and include it.
|
||||
{% if dhcp_failover is defined %}
|
||||
include "/etc/dhcp/dhcp-failover.conf";
|
||||
{% endif %}
|
||||
|
@ -38,6 +33,8 @@ subnet 10.{{ subnet_ids.ap }}.0.0 netmask 255.255.0.0 {
|
|||
option routers 10.{{ subnet_ids.ap }}.0.250;
|
||||
option domain-name "borne.auro.re";
|
||||
option domain-search "borne.auro.re";
|
||||
|
||||
option domain-name-servers 10.{{ subnet_ids.ap }}.0.253, {{ upstream_dns_servers|join(', ') }};
|
||||
include "/var/local/re2o-services/dhcp/generated/dhcp.borne.auro.re.list";
|
||||
|
||||
deny unknown-clients;
|
||||
|
@ -51,6 +48,9 @@ subnet 10.{{ subnet_ids.users_wired }}.0.0 netmask 255.255.0.0 {
|
|||
option routers 10.{{ subnet_ids.users_wired }}.0.240;
|
||||
option domain-name "fil.{{ apartment_block }}.auro.re";
|
||||
option domain-search "auro.re";
|
||||
|
||||
option domain-name-servers 10.{{ subnet_ids.users_wired }}.0.253, {{ upstream_dns_servers|join(', ') }};
|
||||
|
||||
include "/var/local/re2o-services/dhcp/generated/dhcp.fil.{{ apartment_block }}.auro.re.list";
|
||||
|
||||
deny unknown-clients;
|
||||
|
@ -65,6 +65,9 @@ subnet 10.{{ subnet_ids.users_wifi }}.0.0 netmask 255.255.0.0 {
|
|||
option routers 10.{{ subnet_ids.users_wifi }}.0.240;
|
||||
option domain-name "wifi.{{ apartment_block }}.auro.re";
|
||||
option domain-search "auro.re";
|
||||
|
||||
option domain-name-servers 10.{{ subnet_ids.users_wifi }}.0.253, {{ upstream_dns_servers|join(', ') }};
|
||||
|
||||
include "/var/local/re2o-services/dhcp/generated/dhcp.wifi.{{ apartment_block }}.auro.re.list";
|
||||
|
||||
pool {
|
||||
|
@ -76,4 +79,3 @@ subnet 10.{{ subnet_ids.users_wifi }}.0.0 netmask 255.255.0.0 {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue