ansible.cfg

@@ -3,6 +3,7 @@ ask_vault_pass = True
 roles_path = ./roles
 retry_files_enabled = False
 inventory = ./hosts
+filter_plugins = ./filter_plugins
 ansible_managed = Ansible managed, modified on %Y-%m-%d %H:%M:%S
 nocows = 1
 forks = 15

roles/dhcpd/defaults/main.yml

@@ -0,0 +1,15 @@
+---
+dhcpd_interfaces: []
+dhcpd__default_lease_time: 600
+dhcpd__max_lease_time: 7200
+dhcpd__dns_servers: []
+dhcpd__domain_search: []
+dhcpd__subnets: []
+dhcpd__failover_port: 519
+dhcpd__failover_mclt: 3600
+dhcpd__failover_split: 128
+dhcpd__failover_max_response_delay: 60
+dhcpd__failover_max_unacked_updates: 10
+dhcpd__failover_lb_max_seconds: 3
+dhcpd__omapi_port: 7911
+...

roles/dhcpd/handlers/main.yml

@@ -0,0 +1,6 @@
+---
+- name: Restart isc-dhcp-server
+  systemd:
+    name: isc-dhcp-server.service
+    state: restarted
+...

roles/dhcpd/tasks/main.yml

@@ -0,0 +1,29 @@
+---
+- name: Install isc-dhcp-server
+  apt:
+    name: isc-dhcp-server
+
+- name: Configure isc-dhcp-server
+  template:
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    mode: u=rw,g=r,o=
+    owner: root
+    group: root
+  loop:
+    - src: dhcpd.conf.j2
+      dest: /etc/dhcp/dhcpd.conf
+    - src: default.j2
+      dest: /etc/default/isc-dhcp-server
+  notify:
+    - Restart isc-dhcp-server
+
+#- src: dhcpd6.conf.j2
+#  dest: /etc/dhcp/dhcpd6.conf
+
+- name: Enable and start isc-dhcp-server
+  systemd:
+    name: isc-dhcp-server.service
+    state: started
+    enabled: true
+...

roles/dhcpd/templates/default.j2

@@ -0,0 +1,4 @@
+{{ ansible_managed | comment }}
+
+INTERFACESv4="{{ dhcpd__interfaces | join(' ') }}"
+INTERFACESv6=""

roles/dhcpd/templates/dhcpd.conf.j2

@@ -0,0 +1,64 @@
+{{ ansible_managed | comment }}
+
+default-lease-time {{ dhcpd__default_lease_time }};
+max-lease-time {{ dhcpd__max_lease_time }};
+
+ddns-update-style none;
+
+authoritative;
+
+{% if dhcpd__omapi_key | default({}) %}
+omapi-port {{ dhcpd__omapi_port }};
+omapi-key omapi_key;
+
+key omapi_key {
+    algorithm {{ dhcpd__omapi_key.algorithm }};
+    secret {{ dhcpd__omapi_key.secret }};
+}
+{% endif %}
+
+{% if dhcpd__subnets | selectattr("failover", "true") | list %}
+failover peer "peer" {
+{% if dhcpd__failover_primary | default(false) %}
+    primary;
+    mclt {{ dhcpd__failover_mclt }};
+    split {{ dhcpd__failover_split }};
+{% else %}
+    secondary;
+{% endif %}
+    address {{ dhcpd__failover_address }};
+    port {{ dhcpd__failover_port }};
+    peer address {{ dhcpd__failover_peer_address }};
+    peer port {{ dhcpd__failover_peer_port
+                 | default(dhcpd__failover_port) }};
+    max-response-delay {{ dhcpd__failover_max_response_delay }};
+    max-unacked-updates {{ dhcpd__failover_max_unacked_updates }};
+    load balance max seconds {{ dhcpd__failover_lb_max_seconds }};
+}
+{% endif %}
+
+{% if dhcpd__dns_servers | default([]) %}
+option domain-name-servers {{ dhcpd__dns_servers | join(", ") }};
+{% endif %}
+
+{% if dhcpd__domain_search | default([]) %}
+option domain-search {{ dhcpd__domain_search
+                        | map("enquote") | join(", ") }};
+{% endif %}
+
+{% for subnet in dhcpd__subnets %}
+subnet {{ subnet.network
+          | ansible.utils.ipaddr("network") }}
+        netmask {{ subnet.network
+		   | ansible.utils.ipaddr("netmask") }} {
+    pool {
+       range {{ subnet.start }} {{ subnet.end }};
+{% if subnet.failover | default(false) %}
+       failover peer "peer";
+{% endif %}
+    }
+{% if subnet.routers | default([]) %}
+    option routers {{ subnet.routers | join(", ") }};
+{% endif %}
+}
+{% endfor %}