diff options
| author | Emil Renner Berthing <esmil@labitat.dk> | 2017-11-19 03:15:26 +0100 | 
|---|---|---|
| committer | Emil Renner Berthing <esmil@labitat.dk> | 2017-11-19 12:46:35 +0100 | 
| commit | 3387c2fdcbe74be6767c5abce5beb9e7df2d3f5b (patch) | |
| tree | 6263912c4754a73d13670605d9168267fa19d007 /roles/space_server | |
| parent | 3b795796bd03488a385f3ad42b10b8c0d61282c1 (diff) | |
| download | labitat-ansible-3387c2fdcbe74be6767c5abce5beb9e7df2d3f5b.tar.gz labitat-ansible-3387c2fdcbe74be6767c5abce5beb9e7df2d3f5b.tar.xz labitat-ansible-3387c2fdcbe74be6767c5abce5beb9e7df2d3f5b.zip | |
space_server: generate DNS, mDNS and dhcp entries
..from the same variables
Diffstat (limited to 'roles/space_server')
| -rwxr-xr-x | roles/space_server/bootstrap.sh | 2 | ||||
| -rw-r--r-- | roles/space_server/defaults/main.yml | 71 | ||||
| -rw-r--r-- | roles/space_server/files/dhcpd/dhcpd.conf | 160 | ||||
| -rw-r--r-- | roles/space_server/tasks/avahi.yml | 7 | ||||
| -rw-r--r-- | roles/space_server/tasks/dhcpd.yml | 4 | ||||
| -rw-r--r-- | roles/space_server/tasks/unbound.yml | 4 | ||||
| -rw-r--r-- | roles/space_server/templates/avahi/hosts.j2 | 14 | ||||
| -rw-r--r-- | roles/space_server/templates/dhcpd/dhcpd.conf.j2 | 203 | ||||
| -rw-r--r-- | roles/space_server/templates/unbound/unbound.conf.j2 (renamed from roles/space_server/files/unbound/unbound.conf) | 44 | 
9 files changed, 314 insertions, 195 deletions
| diff --git a/roles/space_server/bootstrap.sh b/roles/space_server/bootstrap.sh index c358db5..8fbc399 100755 --- a/roles/space_server/bootstrap.sh +++ b/roles/space_server/bootstrap.sh @@ -55,7 +55,7 @@ dnf \    --disablerepo='*' \    --enablerepo=fedora \    --enablerepo=updates \ -  install dnf python2-dnf ansible +  install dnf python2-dnf python-netaddr ansible  systemd-nspawn -D "$dest" -M space -E ANSIBLE_FORCE_COLOR=1 \    --bind /boot --bind /home -- \ diff --git a/roles/space_server/defaults/main.yml b/roles/space_server/defaults/main.yml index eb582df..6d6f12d 100644 --- a/roles/space_server/defaults/main.yml +++ b/roles/space_server/defaults/main.yml @@ -14,6 +14,7 @@ packages:      - python2-dnf      - 'dnf-command(leaves)'      - ansible +    - python-netaddr      - vim-enhanced      - git      - diffutils @@ -28,5 +29,75 @@ boot:  root:    device: 'LABEL=BTRFS'    options: 'noatime,ssd,compress=lzo' +local_hosts: +  - name: ap +    mac: 00:0f:23:94:43:0b +    mdns: false +    ips: +      - 10.42.0.2 +  - name: doorputer +    mac: 00:b3:f6:00:36:be +    mdns: false +    ips: +      - 10.42.0.3 +  - name: foodputer +    mac: 00:d0:59:37:5e:37 +    mdns: false +    ips: +      - 10.42.0.4 +  - name: ap1 +    mdns: false +    ips: +      - 10.42.0.5 +  - name: ap2 +    mdns: false +    ips: +      - 10.42.0.6 +      - 10.42.0.7 +  - name: switch +    mac: 00:1b:11:6f:42:f8 +    mdns: false +    ips: +      - 10.42.0.9 +  - name: lathe +    mdns: false +    ips: +      - 10.42.0.12 +  - name: anna +    mac: 00:e0:c5:6e:d6:8d +    ips: +      - 10.42.1.9 +  - name: printbrother +    mac: 00:80:77:06:9f:26 +    ips: +      - 10.42.1.32 +  - name: infotron +    description: Infoscreen Raspberry Pi +    mac: b8:27:eb:2c:5d:3a +    ips: +      - 10.42.1.34 +  - name: spacemon +    mac: b8:27:eb:24:f8:50 +    ips: +      - 10.42.1.35 +  - name: jumbotron +    description: Jumbotron Raspberry Pi +    mac: b8:27:eb:d3:c1:62 +    mdns: false +    ips: +      - 10.42.1.36 +  - name: hplaserjet +    mac: 94:57:a5:ce:e2:6c +    mdns: false +    ips: +      - 10.42.1.37 +      - 2a01:4260:1ab:b:9657:a5ff:fece:e26c +  - name: labisound +    mac: 00:16:e6:f7:43:b0 +    ips: +      - 10.42.1.40 +  - name: sound +    ips: +      - 10.42.1.80  # vim: set ts=2 sw=2 et: diff --git a/roles/space_server/files/dhcpd/dhcpd.conf b/roles/space_server/files/dhcpd/dhcpd.conf deleted file mode 100644 index f55aeae..0000000 --- a/roles/space_server/files/dhcpd/dhcpd.conf +++ /dev/null @@ -1,160 +0,0 @@ -# -# DHCP Server Configuration file. -#   see /usr/share/doc/dhcp/dhcpd.conf.example -#   see dhcpd.conf(5) man page -# - -# The ddns-updates-style parameter controls whether or not the server will -# attempt to do a DNS update when a lease is confirmed. We default to the -# behavior of the version 2 packages ('none', since DHCP v2 didn't -# have support for DDNS.) -ddns-update-style none; -         -# option definitions common to all supported networks... -#option domain-name "labitat.dk"; -default-lease-time 3600; -max-lease-time 7200; -min-lease-time 600; -         -# If this DHCP server is the official DHCP server for the local -# network, the authoritative directive should be uncommented. -authoritative; -         -# Use this to send dhcp log messages to a different log file (you also -# have to hack syslog.conf to complete the redirection). -log-facility daemon; - - -# Admin net -subnet 10.42.0.0 netmask 255.255.255.0 { -	range 10.42.0.50 10.42.0.69; -	range 10.42.0.71 10.42.0.250; -	option routers 10.42.0.1; -	option domain-name-servers 185.38.175.0; -	#option ntp-servers 90.185.0.18; - -	host ap { -		hardware ethernet 00:0f:23:94:43:0b; -		fixed-address 10.42.0.2; -	}    - -	host doorputer { -		hardware ethernet 00:b3:f6:00:36:be; -		fixed-address 10.42.0.3; -	}    - -	host foodputer { -		hardware ethernet 00:d0:59:37:5e:37; -		fixed-address 10.42.0.4; -	}    - -	# 10.42.0.5: new ap1 -	# 10.42.0.6: new ap2 - -	host switch { -		hardware ethernet 00:1b:11:6f:42:f8; -		fixed-address 10.42.0.9; -	}    - -	host spacewand { -		hardware ethernet 00:1f:7b:b4:0e:00; -		fixed-address 10.42.0.70; -	} -} - - -# Wired net -subnet 10.42.1.0 netmask 255.255.255.0 { -	range dynamic-bootp 10.42.1.50 10.42.1.250; -	option routers 10.42.1.1; -	option domain-name-servers 185.38.175.0; -	#option ntp-servers 90.185.0.18; -	next-server 10.42.1.1; -	filename "pxelinux.0"; - -	host anna { -		hardware ethernet 00:e0:c5:6e:d6:8d; -		fixed-address 10.42.1.9; -	} - -	# Arduino Ethernet Bootloader test -	host flummer { -		hardware ethernet 90:A2:DA:00:61:EE; -		fixed-address 10.42.1.31; -		filename "esmil/test.bin"; -	} - -	host arduino { -		hardware ethernet 00:08:DC:00:00:4F; -		fixed-address 10.42.1.31; -		filename "esmil/setmac.bin"; -	} - -	host printbrother { -		hardware ethernet 00:80:77:06:9f:26; -		fixed-address 10.42.1.32; -	} - -	# Infoscreen Raspberry Pi -	host infotron { -		hardware ethernet b8:27:eb:2c:5d:3a; -		fixed-address 10.42.1.34; -	} -	host spacemon { -		hardware ethernet b8:27:eb:24:f8:50; -		fixed-address 10.42.1.35; -	} -	host jumbotron { -		hardware ethernet b8:27:eb:d3:c1:62; -		fixed-address 10.42.1.36; -	} -	host hplaserjet { -		hardware ethernet 94:57:a5:ce:e2:6c; -		fixed-address 10.42.1.37; -	} - -	# fake IP til "hemmeligt projekt" -	host tlet { -		hardware ethernet 00:00:00:00:00:00; -		fixed-address 10.42.1.42; -	} - -	host labisound { -		hardware ethernet 00:16:e6:f7:43:b0; -		fixed-address 10.42.1.40; -	} -		 -	#test riiiis april2014 -	host riiiisarduinoserverrebootertest { -		fixed-address 10.42.1.49; -	} - -} - - -# Private wifi -subnet 10.42.2.0 netmask 255.255.255.0 { -	range 10.42.2.50 10.42.2.250; -	option routers 10.42.2.1; -	option domain-name-servers 185.38.175.0; -	#option ntp-servers 90.185.0.18; -	next-server 10.42.2.1; -	filename "pxelinux.0"; -} - -# Free wifi -subnet 10.42.3.0 netmask 255.255.255.0 { -	range 10.42.3.50 10.42.3.250; -	option routers 10.42.3.1; -	option domain-name-servers 185.38.175.0; -	#option ntp-servers 90.185.0.18; - -} - -# Password protected wifi -subnet 10.42.4.0 netmask 255.255.255.0 { -	range 10.42.4.50 10.42.4.250; -	option routers 10.42.4.1; -	option domain-name-servers 185.38.175.0; -	#option ntp-servers 90.185.0.18; -} diff --git a/roles/space_server/tasks/avahi.yml b/roles/space_server/tasks/avahi.yml index ebf21ef..db8a5ee 100644 --- a/roles/space_server/tasks/avahi.yml +++ b/roles/space_server/tasks/avahi.yml @@ -80,6 +80,13 @@    notify:      - restart avahi-daemon +- name: Configure hosts +  template: +    src: avahi/hosts.j2 +    dest: '/etc/avahi/hosts' +  notify: +    - restart avahi-daemon +  - name: Enable avahi-daemon service    systemd:      name: avahi-daemon.service diff --git a/roles/space_server/tasks/dhcpd.yml b/roles/space_server/tasks/dhcpd.yml index c72fa75..a15ce49 100644 --- a/roles/space_server/tasks/dhcpd.yml +++ b/roles/space_server/tasks/dhcpd.yml @@ -9,8 +9,8 @@      - packages  - name: Configure dhcpd -  copy: -    src: dhcpd/dhcpd.conf +  template: +    src: dhcpd/dhcpd.conf.j2      dest: '/etc/dhcp/dhcpd.conf'    notify:      - restart dhcpd diff --git a/roles/space_server/tasks/unbound.yml b/roles/space_server/tasks/unbound.yml index 42db916..a9c4610 100644 --- a/roles/space_server/tasks/unbound.yml +++ b/roles/space_server/tasks/unbound.yml @@ -9,8 +9,8 @@      - packages  - name: Configure unbound -  copy: -    src: unbound/unbound.conf +  template: +    src: unbound/unbound.conf.j2      dest: '/etc/unbound/unbound.conf'    notify:      - restart unbound diff --git a/roles/space_server/templates/avahi/hosts.j2 b/roles/space_server/templates/avahi/hosts.j2 new file mode 100644 index 0000000..f87ad4b --- /dev/null +++ b/roles/space_server/templates/avahi/hosts.j2 @@ -0,0 +1,14 @@ +{% for host in local_hosts %} +{%   if 'mdns' not in host or host.mdns %} +{%     for ip in host.ips | ipv4 %} +{%       if loop.index <= 1 %} +{{ ip }} {{ host.name }}.local +{%       endif %} +{%     endfor %} +{%     for ip in host.ips | ipv6 %} +{%       if loop.index <= 1 %} +{{ ip }} {{ host.name }}.local +{%       endif %} +{%     endfor %} +{%   endif %} +{% endfor %} diff --git a/roles/space_server/templates/dhcpd/dhcpd.conf.j2 b/roles/space_server/templates/dhcpd/dhcpd.conf.j2 new file mode 100644 index 0000000..1b832e1 --- /dev/null +++ b/roles/space_server/templates/dhcpd/dhcpd.conf.j2 @@ -0,0 +1,203 @@ +# +# DHCP Server Configuration file. +#   see /usr/share/doc/dhcp/dhcpd.conf.example +#   see dhcpd.conf(5) man page +# + +# The ddns-updates-style parameter controls whether or not the server will +# attempt to do a DNS update when a lease is confirmed. We default to the +# behavior of the version 2 packages ('none', since DHCP v2 didn't +# have support for DDNS.) +ddns-update-style none; + +# option definitions common to all supported networks... +#option domain-name "labitat.dk"; +default-lease-time 3600; +max-lease-time 7200; +min-lease-time 600; + +# If this DHCP server is the official DHCP server for the local +# network, the authoritative directive should be uncommented. +authoritative; + +# Use this to send dhcp log messages to a different log file (you also +# have to hack syslog.conf to complete the redirection). +log-facility daemon; + + +# Admin net +subnet 10.42.0.0 netmask 255.255.255.0 { +	range 10.42.0.50 10.42.0.69; +	range 10.42.0.71 10.42.0.250; +	option routers 10.42.0.1; +	option domain-name-servers 185.38.175.0; +	#option ntp-servers 90.185.0.18; +{% for host in local_hosts %} +{%   if host.ips | ipaddr('10.42.0.0/24') %} +{%     if 'mac' in host %} + +{%       if 'description' in host %} +	# {{ host.description }} +{%       endif %} +	host {{ host.name }} { +		hardware ethernet {{ host.mac }}; +		fixed-address {{ host.ips | ipaddr('10.42.0.0/24') | first }}; +{%       if 'filename' in host %} +		filename "{{ host.filename }}"; +{%       endif %} +	} +{%     else %} + +{%       if 'description' in host %} +	# {{ host.description }} +{%       endif %} +	#host {{ host.name }} { +	#	fixed-address {{ host.ips | ipaddr('10.42.0.0/24') | first }}; +	#} +{%     endif %} +{%   endif %} +{% endfor %} + +	host spacewand { +		hardware ethernet 00:1f:7b:b4:0e:00; +		fixed-address 10.42.0.70; +	} +} + + +# Wired net +subnet 10.42.1.0 netmask 255.255.255.0 { +	range dynamic-bootp 10.42.1.50 10.42.1.250; +	option routers 10.42.1.1; +	option domain-name-servers 185.38.175.0; +	#option ntp-servers 90.185.0.18; +	next-server 10.42.1.1; +	filename "pxelinux.0"; +{% for host in local_hosts %} +{%   if host.ips | ipaddr('10.42.1.0/24') %} +{%     if 'mac' in host %} + +{%       if 'description' in host %} +	# {{ host.description }} +{%       endif %} +	host {{ host.name }} { +		hardware ethernet {{ host.mac }}; +		fixed-address {{ host.ips | ipaddr('10.42.1.0/24') | first }}; +{%       if 'filename' in host %} +		filename "{{ host.filename }}"; +{%       endif %} +	} +{%     else %} + +{%       if 'description' in host %} +	# {{ host.description }} +{%       endif %} +	#host {{ host.name }} { +	#	fixed-address {{ host.ips | ipaddr('10.42.1.0/24') | first }}; +	#} +{%     endif %} +{%   endif %} +{% endfor %} +} + + +# Private wifi +subnet 10.42.2.0 netmask 255.255.255.0 { +	range 10.42.2.50 10.42.2.250; +	option routers 10.42.2.1; +	option domain-name-servers 185.38.175.0; +	#option ntp-servers 90.185.0.18; +	next-server 10.42.2.1; +	filename "pxelinux.0"; +{% for host in local_hosts %} +{%   if host.ips | ipaddr('10.42.2.0/24') %} +{%     if 'mac' in host %} + +{%       if 'description' in host %} +	# {{ host.description }} +{%       endif %} +	host {{ host.name }} { +		hardware ethernet {{ host.mac }}; +		fixed-address {{ host.ips | ipaddr('10.42.2.0/24') | first }}; +{%       if 'filename' in host %} +		filename "{{ host.filename }}"; +{%       endif %} +	} +{%     else %} + +{%       if 'description' in host %} +	# {{ host.description }} +{%       endif %} +	#host {{ host.name }} { +	#	fixed-address {{ host.ips | ipaddr('10.42.2.0/24') | first }}; +	#} +{%     endif %} +{%   endif %} +{% endfor %} +} + +# Free wifi +subnet 10.42.3.0 netmask 255.255.255.0 { +	range 10.42.3.50 10.42.3.250; +	option routers 10.42.3.1; +	option domain-name-servers 185.38.175.0; +	#option ntp-servers 90.185.0.18; +{% for host in local_hosts %} +{%   if host.ips | ipaddr('10.42.3.0/24') %} +{%     if 'mac' in host %} + +{%       if 'description' in host %} +	# {{ host.description }} +{%       endif %} +	host {{ host.name }} { +		hardware ethernet {{ host.mac }}; +		fixed-address {{ host.ips | ipaddr('10.42.3.0/24') | first }}; +{%       if 'filename' in host %} +		filename "{{ host.filename }}"; +{%       endif %} +	} +{%     else %} + +{%       if 'description' in host %} +	# {{ host.description }} +{%       endif %} +	#host {{ host.name }} { +	#	fixed-address {{ host.ips | ipaddr('10.42.3.0/24') | first }}; +	#} +{%     endif %} +{%   endif %} +{% endfor %} +} + +# Password protected wifi +subnet 10.42.4.0 netmask 255.255.255.0 { +	range 10.42.4.50 10.42.4.250; +	option routers 10.42.4.1; +	option domain-name-servers 185.38.175.0; +	#option ntp-servers 90.185.0.18; +{% for host in local_hosts %} +{%   if host.ips | ipaddr('10.42.4.0/24') %} +{%     if 'mac' in host %} + +{%       if 'description' in host %} +	# {{ host.description }} +{%       endif %} +	host {{ host.name }} { +		hardware ethernet {{ host.mac }}; +		fixed-address {{ host.ips | ipaddr('10.42.4.0/24') | first }}; +{%       if 'filename' in host %} +		filename "{{ host.filename }}"; +{%       endif %} +	} +{%     else %} + +{%       if 'description' in host %} +	# {{ host.description }} +{%       endif %} +	#host {{ host.name }} { +	#	fixed-address {{ host.ips | ipaddr('10.42.4.0/24') | first }}; +	#} +{%     endif %} +{%   endif %} +{% endfor %} +} diff --git a/roles/space_server/files/unbound/unbound.conf b/roles/space_server/templates/unbound/unbound.conf.j2 index 1679aea..d2d3aed 100644 --- a/roles/space_server/files/unbound/unbound.conf +++ b/roles/space_server/templates/unbound/unbound.conf.j2 @@ -105,36 +105,20 @@ server:  	local-data: "labitrack.s.    IN AAAA  2a01:4260:1ab::cafe"  	local-data: "track.s.        IN A     185.38.175.70"  	local-data: "track.s.        IN AAAA  2a01:4260:1ab::cafe" -	local-data: "ap.s.           IN A     10.42.0.2" -	local-data-ptr:                      "10.42.0.2 ap.s." -	local-data: "doorputer.s.    IN A     10.42.0.3" -	local-data-ptr:                      "10.42.0.3 doorputer.s." -	local-data: "foodputer.s.    IN A     10.42.0.4" -	local-data-ptr:                      "10.42.0.4 foodputer.s." -	local-data: "ap1.s.          IN A     10.42.0.5" -	local-data-ptr:                      "10.42.0.5 ap1.s." -	local-data: "ap2.s.          IN A     10.42.0.6" -	local-data-ptr:                      "10.42.0.6 ap2.s." -	local-data: "switch.s.       IN A     10.42.0.9" -	local-data-ptr:                      "10.42.0.9 switch.s." -	local-data: "lathe.s.        IN A     10.42.0.12" -	local-data-ptr:                      "10.42.0.12 lathe.s." -	local-data: "anna.s.         IN A     10.42.1.9" -	local-data-ptr:                      "10.42.1.9 anna.s." -	local-data: "printbrother.s. IN A     10.42.1.32" -	local-data-ptr:                      "10.42.1.32 printbrother.s." -	local-data: "infotron.s.     IN A     10.42.1.34" -	local-data-ptr:                      "10.42.1.34 infotron.s." -	local-data: "spacemon.s.     IN A     10.42.1.35" -	local-data-ptr:                      "10.42.1.35 spacemon.s." -	local-data: "jumbotron.s.    IN A     10.42.1.36" -	local-data-ptr:                      "10.42.1.36 jumbotron.s." -	local-data: "hplaserjet.s.   IN A     10.42.1.37" -	local-data-ptr:                      "10.42.1.37 hplaserjet.s." -	local-data: "labisound.s.    IN A     10.42.1.40" -	local-data-ptr:                      "10.42.1.40 labisound.s." -	local-data: "sound.s.        IN A     10.42.1.80" -	local-data-ptr:                      "10.42.1.80 sound.s." +{% for host in local_hosts %} +{%   for ip in host.ips | ipv4 %} +{%     if loop.index <= 1 %} +	local-data: "{{ host.name }}.s. IN A {{ ip }}" +	local-data-ptr: "{{ ip }} {{ host.name }}.s." +{%     endif %} +{%   endfor %} +{%   for ip in host.ips | ipv6 %} +{%     if loop.index <= 1 %} +	local-data: "{{ host.name }}.s. IN AAAA {{ ip }}" +	local-data-ptr: "{{ ip }} {{ host.name }}.s." +{%     endif %} +{%   endfor %} +{% endfor %}  remote-control:  	control-enable: yes | 
