WIP: DHCP server #95
17 changed files with 183 additions and 335 deletions
2
hosts
2
hosts
|
@ -92,6 +92,8 @@ dns-fleming-backup.adm.auro.re
|
||||||
ntp-1.int.infra.auro.re
|
ntp-1.int.infra.auro.re
|
||||||
prometheus-fleming.adm.auro.re
|
prometheus-fleming.adm.auro.re
|
||||||
#prometheus-fleming-fo.adm.auro.re
|
#prometheus-fleming-fo.adm.auro.re
|
||||||
|
dhcp-1.isp.auro.re
|
||||||
|
dhcp-2.isp.auro.re
|
||||||
radius-fleming.adm.auro.re
|
radius-fleming.adm.auro.re
|
||||||
radius-fleming-backup.adm.auro.re
|
radius-fleming-backup.adm.auro.re
|
||||||
unifi-fleming.adm.auro.re
|
unifi-fleming.adm.auro.re
|
||||||
|
|
63
playbooks/dhcpd.yml
Executable file
63
playbooks/dhcpd.yml
Executable file
|
@ -0,0 +1,63 @@
|
||||||
|
#!/usr/bin/env ansible-playbook
|
||||||
|
---
|
||||||
|
- hosts:
|
||||||
|
- dhcp-1.isp.auro.re
|
||||||
|
- dhcp-2.isp.auro.re
|
||||||
|
vars:
|
||||||
|
dhcpd__omapi_key:
|
||||||
|
algorithm: hmac-sha512
|
||||||
|
secret: 99XuJO0ofX3VAnWWlyixWbQ5YTagPfgxyh14IbLNBb3/JzEklkWopvQdj/PXVYbfb/sRyFJBhLexPag4dLh7PA==
|
||||||
|
dhcpd__interfaces:
|
||||||
|
- client-0
|
||||||
|
- client-1
|
||||||
|
- client-2
|
||||||
|
- client-3
|
||||||
|
- client-4
|
||||||
|
dhcpd__dns_servers:
|
||||||
|
- 10.128.0.127
|
||||||
|
dhcpd__domain_search:
|
||||||
|
- isp.auro.re
|
||||||
|
- auro.re
|
||||||
|
dhcpd__subnets:
|
||||||
|
- network: 100.64.0.0/27
|
||||||
|
routers:
|
||||||
|
- 100.64.0.1
|
||||||
|
start: 100.64.0.4
|
||||||
|
end: 100.64.0.30
|
||||||
|
domain_name: client-0.isp.auro.re
|
||||||
|
failover: true
|
||||||
|
- network: 100.64.0.32/27
|
||||||
|
routers:
|
||||||
|
- 100.64.0.31
|
||||||
|
start: 100.64.0.33
|
||||||
|
end: 100.64.0.63
|
||||||
|
domain_name: client-1.isp.auro.re
|
||||||
|
failover: true
|
||||||
|
- network: 100.64.0.64/27
|
||||||
|
routers:
|
||||||
|
- 100.64.0.65
|
||||||
|
start: 100.64.0.67
|
||||||
|
end: 100.64.0.95
|
||||||
|
domain_name: client-2.isp.auro.re
|
||||||
|
failover: true
|
||||||
|
- network: 100.64.0.96/27
|
||||||
|
routers:
|
||||||
|
- 100.64.0.97
|
||||||
|
start: 100.64.0.99
|
||||||
|
end: 100.64.0.127
|
||||||
|
domain_name: client-3.isp.auro.re
|
||||||
|
failover: true
|
||||||
|
- network: 100.64.0.128/27
|
||||||
|
routers:
|
||||||
|
- 100.64.0.129
|
||||||
|
start: 100.64.0.131
|
||||||
|
end: 100.64.0.159
|
||||||
|
domain_name: client-4.isp.auro.re
|
||||||
|
failover: true
|
||||||
|
# FIXME: ugly
|
||||||
|
dhcpd__failover_primary: "{{ inventory_hostname_short == 'dhcp-1' }}"
|
||||||
|
dhcpd__failover_address: "{{ '10.128.0.204' if dhcpd__failover_primary else '10.128.0.91' }}"
|
||||||
|
dhcpd__failover_peer_address: "{{ '10.128.0.91' if dhcpd__failover_primary else '10.128.0.204' }}"
|
||||||
|
roles:
|
||||||
|
- dhcpd
|
||||||
|
...
|
|
@ -1,9 +0,0 @@
|
||||||
#!/usr/bin/env ansible-playbook
|
|
||||||
---
|
|
||||||
- hosts: dhcp-*.adm.auro.re
|
|
||||||
vars:
|
|
||||||
update_motd:
|
|
||||||
unbound: isc-dhcp-server est déployé.
|
|
||||||
roles:
|
|
||||||
- isc_dhcp_server
|
|
||||||
- update_motd
|
|
15
roles/dhcpd/defaults/main.yml
Normal file
15
roles/dhcpd/defaults/main.yml
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
dhcpd_interfaces: []
|
||||||
|
dhcpd__default_lease_time: 600
|
||||||
|
dhcpd__max_lease_time: 7200
|
||||||
|
dhcpd__dns_servers: []
|
||||||
|
dhcpd__domain_search: []
|
||||||
|
dhcpd__subnets: []
|
||||||
|
dhcpd__failover_port: 519
|
||||||
|
dhcpd__failover_mclt: 3600
|
||||||
|
dhcpd__failover_split: 128
|
||||||
|
dhcpd__failover_max_response_delay: 60
|
||||||
|
dhcpd__failover_max_unacked_updates: 10
|
||||||
|
dhcpd__failover_lb_max_seconds: 3
|
||||||
|
dhcpd__omapi_port: 7911
|
||||||
|
...
|
6
roles/dhcpd/handlers/main.yml
Normal file
6
roles/dhcpd/handlers/main.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
- name: Restart isc-dhcp-server
|
||||||
|
systemd:
|
||||||
|
name: isc-dhcp-server.service
|
||||||
|
state: restarted
|
||||||
|
...
|
29
roles/dhcpd/tasks/main.yml
Normal file
29
roles/dhcpd/tasks/main.yml
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
---
|
||||||
|
- name: Install isc-dhcp-server
|
||||||
|
apt:
|
||||||
|
name: isc-dhcp-server
|
||||||
|
|
||||||
|
- name: Configure isc-dhcp-server
|
||||||
|
template:
|
||||||
|
src: "{{ item.src }}"
|
||||||
|
dest: "{{ item.dest }}"
|
||||||
|
mode: u=rw,g=r,o=
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
loop:
|
||||||
|
- src: dhcpd.conf.j2
|
||||||
|
dest: /etc/dhcp/dhcpd.conf
|
||||||
|
- src: default.j2
|
||||||
|
dest: /etc/default/isc-dhcp-server
|
||||||
|
notify:
|
||||||
|
- Restart isc-dhcp-server
|
||||||
|
|
||||||
|
#- src: dhcpd6.conf.j2
|
||||||
|
# dest: /etc/dhcp/dhcpd6.conf
|
||||||
|
|
||||||
|
- name: Enable and start isc-dhcp-server
|
||||||
|
systemd:
|
||||||
|
name: isc-dhcp-server.service
|
||||||
|
state: started
|
||||||
|
enabled: true
|
||||||
|
...
|
4
roles/dhcpd/templates/default.j2
Normal file
4
roles/dhcpd/templates/default.j2
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
INTERFACESv4="{{ dhcpd__interfaces | join(' ') }}"
|
||||||
|
INTERFACESv6=""
|
64
roles/dhcpd/templates/dhcpd.conf.j2
Normal file
64
roles/dhcpd/templates/dhcpd.conf.j2
Normal file
|
@ -0,0 +1,64 @@
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
default-lease-time {{ dhcpd__default_lease_time }};
|
||||||
|
max-lease-time {{ dhcpd__max_lease_time }};
|
||||||
|
|
||||||
|
ddns-update-style none;
|
||||||
|
|
||||||
|
authoritative;
|
||||||
|
|
||||||
|
{% if dhcpd__omapi_key | default({}) %}
|
||||||
|
omapi-port {{ dhcpd__omapi_port }};
|
||||||
|
omapi-key omapi_key;
|
||||||
|
|
||||||
|
key omapi_key {
|
||||||
|
algorithm {{ dhcpd__omapi_key.algorithm }};
|
||||||
|
secret {{ dhcpd__omapi_key.secret }};
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if dhcpd__subnets | selectattr("failover", "true") | list %}
|
||||||
|
failover peer "peer" {
|
||||||
|
{% if dhcpd__failover_primary | default(false) %}
|
||||||
|
primary;
|
||||||
|
mclt {{ dhcpd__failover_mclt }};
|
||||||
|
split {{ dhcpd__failover_split }};
|
||||||
|
{% else %}
|
||||||
|
secondary;
|
||||||
|
{% endif %}
|
||||||
|
address {{ dhcpd__failover_address }};
|
||||||
|
port {{ dhcpd__failover_port }};
|
||||||
|
peer address {{ dhcpd__failover_peer_address }};
|
||||||
|
peer port {{ dhcpd__failover_peer_port
|
||||||
|
| default(dhcpd__failover_port) }};
|
||||||
|
max-response-delay {{ dhcpd__failover_max_response_delay }};
|
||||||
|
max-unacked-updates {{ dhcpd__failover_max_unacked_updates }};
|
||||||
|
load balance max seconds {{ dhcpd__failover_lb_max_seconds }};
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if dhcpd__dns_servers | default([]) %}
|
||||||
|
option domain-name-servers {{ dhcpd__dns_servers | join(", ") }};
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if dhcpd__domain_search | default([]) %}
|
||||||
|
option domain-search {{ dhcpd__domain_search
|
||||||
|
| map("enquote") | join(", ") }};
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% for subnet in dhcpd__subnets %}
|
||||||
|
subnet {{ subnet.network
|
||||||
|
| ansible.utils.ipaddr("network") }}
|
||||||
|
netmask {{ subnet.network
|
||||||
|
| ansible.utils.ipaddr("netmask") }} {
|
||||||
|
pool {
|
||||||
|
range {{ subnet.start }} {{ subnet.end }};
|
||||||
|
{% if subnet.failover | default(false) %}
|
||||||
|
failover peer "peer";
|
||||||
|
{% endif %}
|
||||||
|
}
|
||||||
|
{% if subnet.routers | default([]) %}
|
||||||
|
option routers {{ subnet.routers | join(", ") }};
|
||||||
|
{% endif %}
|
||||||
|
}
|
||||||
|
{% endfor %}
|
|
@ -1,14 +0,0 @@
|
||||||
---
|
|
||||||
- name: force run dhcp re2o-service
|
|
||||||
command: /var/local/re2o-services/dhcp/main.py --force
|
|
||||||
become_user: re2o-services
|
|
||||||
|
|
||||||
- name: restart dhcpd
|
|
||||||
systemd:
|
|
||||||
state: restarted
|
|
||||||
name: isc-dhcp-server
|
|
||||||
|
|
||||||
- name: restart rsyslog
|
|
||||||
systemd:
|
|
||||||
name: rsyslog
|
|
||||||
state: restarted
|
|
|
@ -1,111 +0,0 @@
|
||||||
---
|
|
||||||
- name: Install dhcp (re2o-service)
|
|
||||||
import_role:
|
|
||||||
name: re2o_service
|
|
||||||
vars:
|
|
||||||
service_repo: https://gitlab.federez.net/re2o/dhcp.git
|
|
||||||
service_name: dhcp
|
|
||||||
service_version: master
|
|
||||||
service_config:
|
|
||||||
hostname: re2o.auro.re
|
|
||||||
username: service-user
|
|
||||||
password: "{{ vault_serviceuser_passwd }}"
|
|
||||||
|
|
||||||
- name: Ensure appropriate permissions on dhcp re2o service
|
|
||||||
file:
|
|
||||||
path: /var/local/re2o-services/dhcp/
|
|
||||||
state: directory
|
|
||||||
owner: re2o-services
|
|
||||||
group: nogroup
|
|
||||||
recurse: true
|
|
||||||
mode: 0755
|
|
||||||
|
|
||||||
- name: Install isc-dhcp-server
|
|
||||||
apt:
|
|
||||||
update_cache: true
|
|
||||||
name: isc-dhcp-server
|
|
||||||
state: present
|
|
||||||
register: apt_result
|
|
||||||
retries: 3
|
|
||||||
until: apt_result is succeeded
|
|
||||||
notify: restart dhcpd
|
|
||||||
|
|
||||||
- name: Ensure dhcp log directory exists
|
|
||||||
file:
|
|
||||||
path: /var/log/dhcp
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: u=rwx,g=rx,a=rx
|
|
||||||
state: directory
|
|
||||||
|
|
||||||
- name: Ensure rsyslog knows where to send dhcp logs
|
|
||||||
lineinfile:
|
|
||||||
path: /etc/rsyslog.conf
|
|
||||||
line: "local7.* /var/log/dhcp/dhcpd.log"
|
|
||||||
notify: restart rsyslog
|
|
||||||
|
|
||||||
- name: Configure dhcp log rotation
|
|
||||||
template:
|
|
||||||
src: logrotate.d/dhcp.j2
|
|
||||||
dest: /etc/logrotate.d/dhcp
|
|
||||||
mode: 0644
|
|
||||||
|
|
||||||
- name: set up cron to reload dhcp re2o service
|
|
||||||
cron:
|
|
||||||
# Do not change this name or idempotence *might* be lost.
|
|
||||||
name: dhcp-re2o-service
|
|
||||||
cron_file: re2o-services
|
|
||||||
minute: "*/2"
|
|
||||||
hour: "*"
|
|
||||||
day: "*"
|
|
||||||
weekday: "*"
|
|
||||||
month: "*"
|
|
||||||
user: root
|
|
||||||
job: "/usr/bin/python3 /var/local/re2o-services/dhcp/main.py"
|
|
||||||
|
|
||||||
- name: Configure /etc/default/isc-dhcp-server
|
|
||||||
template:
|
|
||||||
src: default/isc-dhcp-server.j2
|
|
||||||
dest: /etc/default/isc-dhcp-server
|
|
||||||
mode: 0644
|
|
||||||
notify: restart dhcpd
|
|
||||||
|
|
||||||
- name: Configure dhcp-failover.conf
|
|
||||||
template:
|
|
||||||
src: dhcp/dhcp-failover.conf.j2
|
|
||||||
dest: /etc/dhcp/dhcp-failover.conf
|
|
||||||
mode: 0600
|
|
||||||
when: dhcp_failover_enabled
|
|
||||||
notify: restart dhcpd
|
|
||||||
|
|
||||||
- name: Configure dhcpd.conf
|
|
||||||
template:
|
|
||||||
src: dhcp/dhcpd.conf.j2
|
|
||||||
dest: /etc/dhcp/dhcpd.conf
|
|
||||||
mode: 0600
|
|
||||||
notify: restart dhcpd
|
|
||||||
|
|
||||||
- name: Configure subnets.conf (regular service)
|
|
||||||
template:
|
|
||||||
src: dhcp/regular-subnets.conf.j2
|
|
||||||
dest: /etc/dhcp/subnets.conf
|
|
||||||
mode: 0600
|
|
||||||
notify: restart dhcpd
|
|
||||||
when: not is_aurore_host
|
|
||||||
|
|
||||||
- name: Configure subnets.conf (aurore service)
|
|
||||||
template:
|
|
||||||
src: dhcp/aurore-subnets.conf.j2
|
|
||||||
dest: /etc/dhcp/subnets.conf
|
|
||||||
mode: 0600
|
|
||||||
notify: restart dhcpd
|
|
||||||
when: is_aurore_host
|
|
||||||
|
|
||||||
- name: force run dhcp re2o-service
|
|
||||||
command: /var/local/re2o-services/dhcp/main.py --force
|
|
||||||
|
|
||||||
- name: Ensure dhcpd is running
|
|
||||||
service:
|
|
||||||
name: isc-dhcp-server
|
|
||||||
state: started
|
|
||||||
enabled: true
|
|
|
@ -1,24 +0,0 @@
|
||||||
# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)
|
|
||||||
|
|
||||||
# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
|
|
||||||
#DHCPDv4_CONF=/etc/dhcp/dhcpd.conf
|
|
||||||
#DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf
|
|
||||||
|
|
||||||
# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
|
|
||||||
#DHCPDv4_PID=/var/run/dhcpd.pid
|
|
||||||
#DHCPDv6_PID=/var/run/dhcpd6.pid
|
|
||||||
|
|
||||||
# Additional options to start dhcpd with.
|
|
||||||
# Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
|
|
||||||
#OPTIONS=""
|
|
||||||
|
|
||||||
# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
|
|
||||||
# Separate multiple interfaces with spaces, e.g. "eth0 eth1".
|
|
||||||
|
|
||||||
{% if is_aurore_host %}
|
|
||||||
INTERFACESv4="ens19"
|
|
||||||
INTERFACESv6=""
|
|
||||||
{% else %}
|
|
||||||
INTERFACESv4="ens19 ens20 ens21 ens22 ens23"
|
|
||||||
INTERFACESv6=""
|
|
||||||
{% endif %}
|
|
|
@ -1,12 +0,0 @@
|
||||||
subnet 45.66.110.0 netmask 255.255.255.0 {
|
|
||||||
interface "ens19";
|
|
||||||
option subnet-mask 255.255.255.0;
|
|
||||||
option broadcast-address 45.66.110.255;
|
|
||||||
option routers 45.66.110.{{ router_ip_suffix }};
|
|
||||||
option domain-name-servers 45.66.110.{{ dns_host_suffix_main }}, {{ backup_dns_servers|join(', ') }};
|
|
||||||
option domain-name "adh.auro.re";
|
|
||||||
option domain-search "adh.auro.re";
|
|
||||||
include "/var/local/re2o-services/dhcp/generated/dhcp.adh.auro.re.list";
|
|
||||||
|
|
||||||
deny unknown-clients;
|
|
||||||
}
|
|
|
@ -1,31 +0,0 @@
|
||||||
failover peer "dhcp-failover" {
|
|
||||||
{% if inventory_hostname == dhcp_failover.primary_host %}
|
|
||||||
primary;
|
|
||||||
|
|
||||||
# MCLT = Maximum Client Lead Time.
|
|
||||||
# Must be specified on the primary, forbidden on the secondary.
|
|
||||||
mclt 3600;
|
|
||||||
|
|
||||||
# Address or DNS name on which this node listens for connections
|
|
||||||
# from its failover peer.
|
|
||||||
address {{ dhcp_failover.primary_host }};
|
|
||||||
peer address {{ dhcp_failover.secondary_host }};
|
|
||||||
|
|
||||||
# Load balancing.
|
|
||||||
split 128;
|
|
||||||
{% endif %}
|
|
||||||
{% if inventory_hostname == dhcp_failover.secondary_host %}
|
|
||||||
secondary;
|
|
||||||
# Address and peer address are reversed on the secondary node.
|
|
||||||
address {{ dhcp_failover.secondary_host }};
|
|
||||||
peer address {{ dhcp_failover.primary_host }};
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
# The following options can be shared between primary and
|
|
||||||
# secondary failover peers.
|
|
||||||
port 647;
|
|
||||||
peer port 647;
|
|
||||||
max-response-delay 30;
|
|
||||||
max-unacked-updates 10;
|
|
||||||
load balance max seconds 3;
|
|
||||||
}
|
|
|
@ -1,25 +0,0 @@
|
||||||
default-lease-time 86400;
|
|
||||||
max-lease-time 86400;
|
|
||||||
|
|
||||||
# Option definitions common to all supported networks.
|
|
||||||
|
|
||||||
option interface-mtu {{ mtu }};
|
|
||||||
option root-path "/";
|
|
||||||
|
|
||||||
# The ddns-updates-style parameter controls whether or not the server will
|
|
||||||
# attempt to do a DNS update when a lease is confirmed. We default to the
|
|
||||||
# behavior of the version 2 packages ('none', since DHCP v2 didn't
|
|
||||||
# have support for DDNS.)
|
|
||||||
ddns-update-style none;
|
|
||||||
|
|
||||||
# If this DHCP server is the official DHCP server for the local
|
|
||||||
# network, the authoritative directive should be uncommented.
|
|
||||||
authoritative;
|
|
||||||
|
|
||||||
log-facility local7;
|
|
||||||
|
|
||||||
{% if dhcp_failover_enabled %}
|
|
||||||
include "/etc/dhcp/dhcp-failover.conf";
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
include "/etc/dhcp/subnets.conf";
|
|
|
@ -1,94 +0,0 @@
|
||||||
# Bornes WiFi
|
|
||||||
subnet 10.{{ subnet_ids.ap }}.0.0 netmask 255.255.0.0 {
|
|
||||||
interface "ens19";
|
|
||||||
option subnet-mask 255.255.0.0;
|
|
||||||
option broadcast-address 10.{{ subnet_ids.ap }}.255.255;
|
|
||||||
option routers 10.{{ subnet_ids.ap }}.0.250;
|
|
||||||
option domain-name "borne.auro.re";
|
|
||||||
option domain-search "borne.auro.re";
|
|
||||||
|
|
||||||
option domain-name-servers 10.{{ subnet_ids.ap }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.ap }}.0.{{ dns_host_suffix_backup }}, {{ backup_dns_servers|join(', ') }};
|
|
||||||
include "/var/local/re2o-services/dhcp/generated/dhcp.borne.auro.re.list";
|
|
||||||
|
|
||||||
deny unknown-clients;
|
|
||||||
}
|
|
||||||
|
|
||||||
# Users filaire
|
|
||||||
subnet 10.{{ subnet_ids.users_wired }}.0.0 netmask 255.255.0.0 {
|
|
||||||
interface "ens20";
|
|
||||||
option subnet-mask 255.255.0.0;
|
|
||||||
option broadcast-address 10.{{ subnet_ids.users_wired }}.255.255;
|
|
||||||
option routers 10.{{ subnet_ids.users_wired }}.0.{{ router_ip_suffix }};
|
|
||||||
option domain-name "fil.{{ apartment_block_dhcp }}.auro.re";
|
|
||||||
option domain-search "auro.re";
|
|
||||||
|
|
||||||
option domain-name-servers 10.{{ subnet_ids.users_wired }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.users_wired }}.0.{{ dns_host_suffix_backup }}, {{ backup_dns_servers|join(', ') }};
|
|
||||||
|
|
||||||
include "/var/local/re2o-services/dhcp/generated/dhcp.fil.{{ apartment_block_dhcp }}.auro.re.list";
|
|
||||||
|
|
||||||
deny unknown-clients;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
# Users WiFi
|
|
||||||
subnet 10.{{ subnet_ids.users_wifi }}.0.0 netmask 255.255.0.0 {
|
|
||||||
interface "ens21";
|
|
||||||
option subnet-mask 255.255.0.0;
|
|
||||||
option broadcast-address 10.{{ subnet_ids.users_wifi }}.255.255;
|
|
||||||
option routers 10.{{ subnet_ids.users_wifi }}.0.{{ router_ip_suffix }};
|
|
||||||
option domain-name "wifi.{{ apartment_block_dhcp }}.auro.re";
|
|
||||||
option domain-search "auro.re";
|
|
||||||
|
|
||||||
option domain-name-servers 10.{{ subnet_ids.users_wifi }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.users_wifi }}.0.{{ dns_host_suffix_backup }}, {{ backup_dns_servers|join(', ') }};
|
|
||||||
|
|
||||||
include "/var/local/re2o-services/dhcp/generated/dhcp.wifi.{{ apartment_block_dhcp }}.auro.re.list";
|
|
||||||
|
|
||||||
pool {
|
|
||||||
range 10.{{ subnet_ids.users_wifi }}.8.0 10.{{ subnet_ids.users_wifi }}.10.255;
|
|
||||||
|
|
||||||
{% if dhcp_failover is defined %}
|
|
||||||
failover peer "dhcp-failover";
|
|
||||||
{% endif %}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# Banni
|
|
||||||
subnet 10.{{ subnet_ids.users_banni }}.0.0 netmask 255.255.0.0 {
|
|
||||||
interface "ens22";
|
|
||||||
option subnet-mask 255.255.0.0;
|
|
||||||
option broadcast-address 10.{{ subnet_ids.users_banni }}.255.255;
|
|
||||||
option routers 10.{{ subnet_ids.users_banni }}.0.{{ router_ip_suffix }};
|
|
||||||
option domain-name "banni.{{ apartment_block_dhcp }}.auro.re";
|
|
||||||
option domain-search "auro.re";
|
|
||||||
|
|
||||||
option domain-name-servers 10.{{ subnet_ids.users_banni }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.users_banni }}.0.{{ dns_host_suffix_backup }};
|
|
||||||
|
|
||||||
pool {
|
|
||||||
range 10.{{ subnet_ids.users_banni }}.1.0 10.{{ subnet_ids.users_banni }}.2.255;
|
|
||||||
|
|
||||||
{% if dhcp_failover is defined %}
|
|
||||||
failover peer "dhcp-failover";
|
|
||||||
{% endif %}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
# Accueil
|
|
||||||
subnet 10.{{ subnet_ids.users_accueil }}.0.0 netmask 255.255.0.0 {
|
|
||||||
interface "ens23";
|
|
||||||
option subnet-mask 255.255.0.0;
|
|
||||||
option broadcast-address 10.{{ subnet_ids.users_accueil }}.255.255;
|
|
||||||
option routers 10.{{ subnet_ids.users_accueil }}.0.{{ router_ip_suffix }};
|
|
||||||
option domain-name "accueil.{{ apartment_block_dhcp }}.auro.re";
|
|
||||||
option domain-search "auro.re";
|
|
||||||
|
|
||||||
option domain-name-servers 10.{{ subnet_ids.users_accueil }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.users_accueil }}.0.{{ dns_host_suffix_backup }};
|
|
||||||
|
|
||||||
pool {
|
|
||||||
range 10.{{ subnet_ids.users_accueil }}.1.0 10.{{ subnet_ids.users_accueil }}.2.255;
|
|
||||||
|
|
||||||
{% if dhcp_failover is defined %}
|
|
||||||
failover peer "dhcp-failover";
|
|
||||||
{% endif %}
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,11 +0,0 @@
|
||||||
/var/log/dhcp/dhcpd.log {
|
|
||||||
# common options
|
|
||||||
daily
|
|
||||||
rotate 365
|
|
||||||
missingok
|
|
||||||
compress
|
|
||||||
delaycompress
|
|
||||||
notifempty
|
|
||||||
|
|
||||||
copytruncate
|
|
||||||
}
|
|
|
@ -1,4 +0,0 @@
|
||||||
---
|
|
||||||
dhcp_failover:
|
|
||||||
primary_host: dhcp-{{ apartment_block }}.adm.auro.re
|
|
||||||
secondary_host: dhcp-{{ apartment_block }}-backup.adm.auro.re
|
|
Loading…
Reference in a new issue