Commit f6f60f6c authored by Robin Sonnabend's avatar Robin Sonnabend Committed by Lars Beckers
Browse files

Add role dhcp-server for dhcp and pxe

parent aac43d55
---
# file: roles/dhcp-server/defaults/main.yml
dnsmasq_user: dnsmasq
dnsmasq_group: dnsmasq
dhcp_ranges: []
dhcp_fixed_hosts: []
dhcp_options: []
dhcp_default_lease_time: "12h"
dhcp_max_leases: 150
dhcp_authoritative: yes
tftp_active: yes
tftp_root: /srv/tftp
---
# file: roles/dhcp-server/handlers/main.yml
- name: reload systemd service files
command: systemctl daemon-reload
- name: restart dnsmasq
service: name=dnsmasq state=restarted
---
# file: roles/dhcp-server/tasks/main.yml
- name: ensure we have the necessary packages
apt: name="{{item}}" state=present
with_items:
- dnsmasq
- dnsmasq-utils
tags:
- packages
- dhcp-server
- name: ensure we have our config
template: src=dnsmasq.conf dest=/etc/dnsmasq.conf
notify:
- restart dnsmasq
tags:
- config
- dhcp-server
- name: ensure we have a tftp root dir
file: name="{{tftp_root}}" state=directory owner="{{dnsmasq_user}}" group="{{dnsmasq_group}}" mode=0644
when: tftp_active
tags:
- config
- dhcp-server
- name: ensure the service is enabled
service: name=dnsmasq state=started enabled=yes
tags:
- config
- dhcp-server
# No DNS function, just dhcp & pxe
port=0
user={{dnsmasq_user}}
group={{dnsmasq_group}}
interface={{ansible_default_ipv4["interface"]}}
{% for dhcp_range in dhcp_ranges %}
dhcp-range={% if dhcp_range.tag is defined %}set:{{dhcp_range.tag}},{% endif %}{{dhcp_range.min_addr}},{% if dhcp_range.static is defined and dhcp_range.static %}static{% else %}{{dhcp_range.max_addr}}{% endif %},{% if dhcp_range.netmask is defined %}{{dhcp_range.netmask}},{% if dhcp_range.broadcast is defined %}{{dhcp_range.broadcast}},{% endif %}{% endif %}{{dhcp_range.lease_time|default(dhcp_default_lease_time)}}
{% endfor %}
{% for dhcp_host in dhcp_fixed_hosts %}
dhcp-host={{dhcp_host.mac}},{{lookup('dig', dhcp_host.name)}}
{% endfor %}
{% for dhcp_option in dhcp_options %}
dhcp-option{% if dhcp_option.force is defined and dhcp_option.force %}-force{% endif %}={% if dhcp_option.tag is defined %}tag:{{dhcp_option.tag}},{% endif %}option:{{dhcp_option.option}},{{dhcp_option.value}}
{% endfor %}
# Send options to PXELinux. Note that we need to send the options even
# though they don't appear in the parameter request list, so we need
# to use dhcp-option-force here.
# See http://syslinux.zytor.com/pxe.php#special for details.
# Magic number - needed before anything else is recognised
#dhcp-option-force=208,f1:00:74:7e
# Configuration file name
#dhcp-option-force=209,configs/common
# Path prefix
#dhcp-option-force=210,/tftpboot/pxelinux/files/
# Reboot time. (Note 'i' to send 32-bit value)
#dhcp-option-force=211,30i
# Set the boot filename for netboot/PXE. You will only need
# this is you want to boot machines over the network and you will need
# a TFTP server; either dnsmasq's built in TFTP server or an
# external one. (See below for how to enable the TFTP server.)
#dhcp-boot=pxelinux.0
# The same as above, but use custom tftp-server instead machine running dnsmasq
#dhcp-boot=pxelinux,server.name,192.168.1.100
# Boot for Etherboot gPXE. The idea is to send two different
# filenames, the first loads gPXE, and the second tells gPXE what to
# load. The dhcp-match sets the gpxe tag for requests from gPXE.
#dhcp-match=set:gpxe,175 # gPXE sends a 175 option.
#dhcp-boot=tag:!gpxe,undionly.kpxe
#dhcp-boot=mybootimage
# Encapsulated options for Etherboot gPXE. All the options are
# encapsulated within option 175
#dhcp-option=encap:175, 1, 5b # priority code
#dhcp-option=encap:175, 176, 1b # no-proxydhcp
#dhcp-option=encap:175, 177, string # bus-id
#dhcp-option=encap:175, 189, 1b # BIOS drive code
#dhcp-option=encap:175, 190, user # iSCSI username
#dhcp-option=encap:175, 191, pass # iSCSI password
# Test for the architecture of a netboot client. PXE clients are
# supposed to send their architecture as option 93. (See RFC 4578)
#dhcp-match=peecees, option:client-arch, 0 #x86-32
#dhcp-match=itanics, option:client-arch, 2 #IA64
#dhcp-match=hammers, option:client-arch, 6 #x86-64
#dhcp-match=mactels, option:client-arch, 7 #EFI x86-64
# Do real PXE, rather than just booting a single file, this is an
# alternative to dhcp-boot.
#pxe-prompt="What system shall I netboot?"
# or with timeout before first available action is taken:
#pxe-prompt="Press F8 for menu.", 60
# Available boot services. for PXE.
#pxe-service=x86PC, "Boot from local disk"
# Loads <tftp-root>/pxelinux.0 from dnsmasq TFTP server.
#pxe-service=x86PC, "Install Linux", pxelinux
# Loads <tftp-root>/pxelinux.0 from TFTP server at 1.2.3.4.
# Beware this fails on old PXE ROMS.
#pxe-service=x86PC, "Install Linux", pxelinux, 1.2.3.4
# Use bootserver on network, found my multicast or broadcast.
#pxe-service=x86PC, "Install windows from RIS server", 1
# Use bootserver at a known IP address.
#pxe-service=x86PC, "Install windows from RIS server", 1, 1.2.3.4
# If you have multicast-FTP available,
# information for that can be passed in a similar way using options 1
# to 5. See page 19 of
# http://download.intel.com/design/archives/wfm/downloads/pxespec.pdf
{% if tftp_active %}
# Enable dnsmasq's built-in TFTP server
enable-tftp
# Set the root directory for files available via FTP.
tftp-root={{tftp_root}}
# Do not abort if the tftp-root is unavailable
#tftp-no-fail
# Make the TFTP server more secure: with this set, only files owned by
# the user dnsmasq is running as will be send over the net.
tftp-secure
# This option stops dnsmasq from negotiating a larger blocksize for TFTP
# transfers. It will slow things down, but may rescue some broken TFTP
# clients.
#tftp-no-blocksize
{% endif %}
{% for dhcp_file in dhcp_files %}
dhcp-boot={% if dhcp_file.tag is defined %}tag:{{dhcp_file.tag}},{% endif %}{{dhcp_file.filename}}{% if dhcp_file.server is defined %},{{dhcp_file.server}},{{dhcp_file.server_ip}}{% endif %}
{% endfor %}
# Set the boot file name only when the "red" tag is set.
#dhcp-boot=tag:red,pxelinux.red-net
# An example of dhcp-boot with an external TFTP server: the name and IP
# address of the server are given after the filename.
# Can fail with old PXE ROMS. Overridden by --pxe-service.
#dhcp-boot=/var/ftpd/pxelinux.0,boothost,192.168.0.3
# If there are multiple external tftp servers having a same name
# (using /etc/hosts) then that name can be specified as the
# tftp_servername (the third option to dhcp-boot) and in that
# case dnsmasq resolves this name and returns the resultant IP
# addresses in round robin fasion. This facility can be used to
# load balance the tftp load among a set of servers.
#dhcp-boot=/var/ftpd/pxelinux.0,boothost,tftp_server_name
# Set the limit on DHCP leases, the default is 150
dhcp-lease-max={{dhcp_max_leases}}
# The DHCP server needs somewhere on disk to keep its lease database.
# This defaults to a sane location, but if you want to change it, use
# the line below.
#dhcp-leasefile=/var/lib/misc/dnsmasq.leases
# Set the DHCP server to authoritative mode. In this mode it will barge in
# and take over the lease for any client which broadcasts on the network,
# whether it has a record of the lease or not. This avoids long timeouts
# when a machine wakes up on a new network. DO NOT enable this if there's
# the slightest chance that you might end up accidentally configuring a DHCP
# server for your campus/company accidentally. The ISC server uses
# the same option, and this URL provides more information:
# http://www.isc.org/files/auth.html
{% if dhcp_authoritative %}
dhcp-authoritative
{% endif %}
# Log lots of extra information about DHCP transactions.
#log-dhcp
This diff is collapsed.
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment