aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xroles/space_server/bootstrap.sh2
-rw-r--r--roles/space_server/defaults/main.yml71
-rw-r--r--roles/space_server/files/dhcpd/dhcpd.conf160
-rw-r--r--roles/space_server/tasks/avahi.yml7
-rw-r--r--roles/space_server/tasks/dhcpd.yml4
-rw-r--r--roles/space_server/tasks/unbound.yml4
-rw-r--r--roles/space_server/templates/avahi/hosts.j214
-rw-r--r--roles/space_server/templates/dhcpd/dhcpd.conf.j2203
-rw-r--r--roles/space_server/templates/unbound/unbound.conf.j2 (renamed from roles/space_server/files/unbound/unbound.conf)44
9 files changed, 314 insertions, 195 deletions
diff --git a/roles/space_server/bootstrap.sh b/roles/space_server/bootstrap.sh
index c358db5..8fbc399 100755
--- a/roles/space_server/bootstrap.sh
+++ b/roles/space_server/bootstrap.sh
@@ -55,7 +55,7 @@ dnf \
--disablerepo='*' \
--enablerepo=fedora \
--enablerepo=updates \
- install dnf python2-dnf ansible
+ install dnf python2-dnf python-netaddr ansible
systemd-nspawn -D "$dest" -M space -E ANSIBLE_FORCE_COLOR=1 \
--bind /boot --bind /home -- \
diff --git a/roles/space_server/defaults/main.yml b/roles/space_server/defaults/main.yml
index eb582df..6d6f12d 100644
--- a/roles/space_server/defaults/main.yml
+++ b/roles/space_server/defaults/main.yml
@@ -14,6 +14,7 @@ packages:
- python2-dnf
- 'dnf-command(leaves)'
- ansible
+ - python-netaddr
- vim-enhanced
- git
- diffutils
@@ -28,5 +29,75 @@ boot:
root:
device: 'LABEL=BTRFS'
options: 'noatime,ssd,compress=lzo'
+local_hosts:
+ - name: ap
+ mac: 00:0f:23:94:43:0b
+ mdns: false
+ ips:
+ - 10.42.0.2
+ - name: doorputer
+ mac: 00:b3:f6:00:36:be
+ mdns: false
+ ips:
+ - 10.42.0.3
+ - name: foodputer
+ mac: 00:d0:59:37:5e:37
+ mdns: false
+ ips:
+ - 10.42.0.4
+ - name: ap1
+ mdns: false
+ ips:
+ - 10.42.0.5
+ - name: ap2
+ mdns: false
+ ips:
+ - 10.42.0.6
+ - 10.42.0.7
+ - name: switch
+ mac: 00:1b:11:6f:42:f8
+ mdns: false
+ ips:
+ - 10.42.0.9
+ - name: lathe
+ mdns: false
+ ips:
+ - 10.42.0.12
+ - name: anna
+ mac: 00:e0:c5:6e:d6:8d
+ ips:
+ - 10.42.1.9
+ - name: printbrother
+ mac: 00:80:77:06:9f:26
+ ips:
+ - 10.42.1.32
+ - name: infotron
+ description: Infoscreen Raspberry Pi
+ mac: b8:27:eb:2c:5d:3a
+ ips:
+ - 10.42.1.34
+ - name: spacemon
+ mac: b8:27:eb:24:f8:50
+ ips:
+ - 10.42.1.35
+ - name: jumbotron
+ description: Jumbotron Raspberry Pi
+ mac: b8:27:eb:d3:c1:62
+ mdns: false
+ ips:
+ - 10.42.1.36
+ - name: hplaserjet
+ mac: 94:57:a5:ce:e2:6c
+ mdns: false
+ ips:
+ - 10.42.1.37
+ - 2a01:4260:1ab:b:9657:a5ff:fece:e26c
+ - name: labisound
+ mac: 00:16:e6:f7:43:b0
+ ips:
+ - 10.42.1.40
+ - name: sound
+ ips:
+ - 10.42.1.80
# vim: set ts=2 sw=2 et:
diff --git a/roles/space_server/files/dhcpd/dhcpd.conf b/roles/space_server/files/dhcpd/dhcpd.conf
deleted file mode 100644
index f55aeae..0000000
--- a/roles/space_server/files/dhcpd/dhcpd.conf
+++ /dev/null
@@ -1,160 +0,0 @@
-#
-# DHCP Server Configuration file.
-# see /usr/share/doc/dhcp/dhcpd.conf.example
-# see dhcpd.conf(5) man page
-#
-
-# The ddns-updates-style parameter controls whether or not the server will
-# attempt to do a DNS update when a lease is confirmed. We default to the
-# behavior of the version 2 packages ('none', since DHCP v2 didn't
-# have support for DDNS.)
-ddns-update-style none;
-
-# option definitions common to all supported networks...
-#option domain-name "labitat.dk";
-default-lease-time 3600;
-max-lease-time 7200;
-min-lease-time 600;
-
-# If this DHCP server is the official DHCP server for the local
-# network, the authoritative directive should be uncommented.
-authoritative;
-
-# Use this to send dhcp log messages to a different log file (you also
-# have to hack syslog.conf to complete the redirection).
-log-facility daemon;
-
-
-# Admin net
-subnet 10.42.0.0 netmask 255.255.255.0 {
- range 10.42.0.50 10.42.0.69;
- range 10.42.0.71 10.42.0.250;
- option routers 10.42.0.1;
- option domain-name-servers 185.38.175.0;
- #option ntp-servers 90.185.0.18;
-
- host ap {
- hardware ethernet 00:0f:23:94:43:0b;
- fixed-address 10.42.0.2;
- }
-
- host doorputer {
- hardware ethernet 00:b3:f6:00:36:be;
- fixed-address 10.42.0.3;
- }
-
- host foodputer {
- hardware ethernet 00:d0:59:37:5e:37;
- fixed-address 10.42.0.4;
- }
-
- # 10.42.0.5: new ap1
- # 10.42.0.6: new ap2
-
- host switch {
- hardware ethernet 00:1b:11:6f:42:f8;
- fixed-address 10.42.0.9;
- }
-
- host spacewand {
- hardware ethernet 00:1f:7b:b4:0e:00;
- fixed-address 10.42.0.70;
- }
-}
-
-
-# Wired net
-subnet 10.42.1.0 netmask 255.255.255.0 {
- range dynamic-bootp 10.42.1.50 10.42.1.250;
- option routers 10.42.1.1;
- option domain-name-servers 185.38.175.0;
- #option ntp-servers 90.185.0.18;
- next-server 10.42.1.1;
- filename "pxelinux.0";
-
- host anna {
- hardware ethernet 00:e0:c5:6e:d6:8d;
- fixed-address 10.42.1.9;
- }
-
- # Arduino Ethernet Bootloader test
- host flummer {
- hardware ethernet 90:A2:DA:00:61:EE;
- fixed-address 10.42.1.31;
- filename "esmil/test.bin";
- }
-
- host arduino {
- hardware ethernet 00:08:DC:00:00:4F;
- fixed-address 10.42.1.31;
- filename "esmil/setmac.bin";
- }
-
- host printbrother {
- hardware ethernet 00:80:77:06:9f:26;
- fixed-address 10.42.1.32;
- }
-
- # Infoscreen Raspberry Pi
- host infotron {
- hardware ethernet b8:27:eb:2c:5d:3a;
- fixed-address 10.42.1.34;
- }
- host spacemon {
- hardware ethernet b8:27:eb:24:f8:50;
- fixed-address 10.42.1.35;
- }
- host jumbotron {
- hardware ethernet b8:27:eb:d3:c1:62;
- fixed-address 10.42.1.36;
- }
- host hplaserjet {
- hardware ethernet 94:57:a5:ce:e2:6c;
- fixed-address 10.42.1.37;
- }
-
- # fake IP til "hemmeligt projekt"
- host tlet {
- hardware ethernet 00:00:00:00:00:00;
- fixed-address 10.42.1.42;
- }
-
- host labisound {
- hardware ethernet 00:16:e6:f7:43:b0;
- fixed-address 10.42.1.40;
- }
-
- #test riiiis april2014
- host riiiisarduinoserverrebootertest {
- fixed-address 10.42.1.49;
- }
-
-}
-
-
-# Private wifi
-subnet 10.42.2.0 netmask 255.255.255.0 {
- range 10.42.2.50 10.42.2.250;
- option routers 10.42.2.1;
- option domain-name-servers 185.38.175.0;
- #option ntp-servers 90.185.0.18;
- next-server 10.42.2.1;
- filename "pxelinux.0";
-}
-
-# Free wifi
-subnet 10.42.3.0 netmask 255.255.255.0 {
- range 10.42.3.50 10.42.3.250;
- option routers 10.42.3.1;
- option domain-name-servers 185.38.175.0;
- #option ntp-servers 90.185.0.18;
-
-}
-
-# Password protected wifi
-subnet 10.42.4.0 netmask 255.255.255.0 {
- range 10.42.4.50 10.42.4.250;
- option routers 10.42.4.1;
- option domain-name-servers 185.38.175.0;
- #option ntp-servers 90.185.0.18;
-}
diff --git a/roles/space_server/tasks/avahi.yml b/roles/space_server/tasks/avahi.yml
index ebf21ef..db8a5ee 100644
--- a/roles/space_server/tasks/avahi.yml
+++ b/roles/space_server/tasks/avahi.yml
@@ -80,6 +80,13 @@
notify:
- restart avahi-daemon
+- name: Configure hosts
+ template:
+ src: avahi/hosts.j2
+ dest: '/etc/avahi/hosts'
+ notify:
+ - restart avahi-daemon
+
- name: Enable avahi-daemon service
systemd:
name: avahi-daemon.service
diff --git a/roles/space_server/tasks/dhcpd.yml b/roles/space_server/tasks/dhcpd.yml
index c72fa75..a15ce49 100644
--- a/roles/space_server/tasks/dhcpd.yml
+++ b/roles/space_server/tasks/dhcpd.yml
@@ -9,8 +9,8 @@
- packages
- name: Configure dhcpd
- copy:
- src: dhcpd/dhcpd.conf
+ template:
+ src: dhcpd/dhcpd.conf.j2
dest: '/etc/dhcp/dhcpd.conf'
notify:
- restart dhcpd
diff --git a/roles/space_server/tasks/unbound.yml b/roles/space_server/tasks/unbound.yml
index 42db916..a9c4610 100644
--- a/roles/space_server/tasks/unbound.yml
+++ b/roles/space_server/tasks/unbound.yml
@@ -9,8 +9,8 @@
- packages
- name: Configure unbound
- copy:
- src: unbound/unbound.conf
+ template:
+ src: unbound/unbound.conf.j2
dest: '/etc/unbound/unbound.conf'
notify:
- restart unbound
diff --git a/roles/space_server/templates/avahi/hosts.j2 b/roles/space_server/templates/avahi/hosts.j2
new file mode 100644
index 0000000..f87ad4b
--- /dev/null
+++ b/roles/space_server/templates/avahi/hosts.j2
@@ -0,0 +1,14 @@
+{% for host in local_hosts %}
+{% if 'mdns' not in host or host.mdns %}
+{% for ip in host.ips | ipv4 %}
+{% if loop.index <= 1 %}
+{{ ip }} {{ host.name }}.local
+{% endif %}
+{% endfor %}
+{% for ip in host.ips | ipv6 %}
+{% if loop.index <= 1 %}
+{{ ip }} {{ host.name }}.local
+{% endif %}
+{% endfor %}
+{% endif %}
+{% endfor %}
diff --git a/roles/space_server/templates/dhcpd/dhcpd.conf.j2 b/roles/space_server/templates/dhcpd/dhcpd.conf.j2
new file mode 100644
index 0000000..1b832e1
--- /dev/null
+++ b/roles/space_server/templates/dhcpd/dhcpd.conf.j2
@@ -0,0 +1,203 @@
+#
+# DHCP Server Configuration file.
+# see /usr/share/doc/dhcp/dhcpd.conf.example
+# see dhcpd.conf(5) man page
+#
+
+# The ddns-updates-style parameter controls whether or not the server will
+# attempt to do a DNS update when a lease is confirmed. We default to the
+# behavior of the version 2 packages ('none', since DHCP v2 didn't
+# have support for DDNS.)
+ddns-update-style none;
+
+# option definitions common to all supported networks...
+#option domain-name "labitat.dk";
+default-lease-time 3600;
+max-lease-time 7200;
+min-lease-time 600;
+
+# If this DHCP server is the official DHCP server for the local
+# network, the authoritative directive should be uncommented.
+authoritative;
+
+# Use this to send dhcp log messages to a different log file (you also
+# have to hack syslog.conf to complete the redirection).
+log-facility daemon;
+
+
+# Admin net
+subnet 10.42.0.0 netmask 255.255.255.0 {
+ range 10.42.0.50 10.42.0.69;
+ range 10.42.0.71 10.42.0.250;
+ option routers 10.42.0.1;
+ option domain-name-servers 185.38.175.0;
+ #option ntp-servers 90.185.0.18;
+{% for host in local_hosts %}
+{% if host.ips | ipaddr('10.42.0.0/24') %}
+{% if 'mac' in host %}
+
+{% if 'description' in host %}
+ # {{ host.description }}
+{% endif %}
+ host {{ host.name }} {
+ hardware ethernet {{ host.mac }};
+ fixed-address {{ host.ips | ipaddr('10.42.0.0/24') | first }};
+{% if 'filename' in host %}
+ filename "{{ host.filename }}";
+{% endif %}
+ }
+{% else %}
+
+{% if 'description' in host %}
+ # {{ host.description }}
+{% endif %}
+ #host {{ host.name }} {
+ # fixed-address {{ host.ips | ipaddr('10.42.0.0/24') | first }};
+ #}
+{% endif %}
+{% endif %}
+{% endfor %}
+
+ host spacewand {
+ hardware ethernet 00:1f:7b:b4:0e:00;
+ fixed-address 10.42.0.70;
+ }
+}
+
+
+# Wired net
+subnet 10.42.1.0 netmask 255.255.255.0 {
+ range dynamic-bootp 10.42.1.50 10.42.1.250;
+ option routers 10.42.1.1;
+ option domain-name-servers 185.38.175.0;
+ #option ntp-servers 90.185.0.18;
+ next-server 10.42.1.1;
+ filename "pxelinux.0";
+{% for host in local_hosts %}
+{% if host.ips | ipaddr('10.42.1.0/24') %}
+{% if 'mac' in host %}
+
+{% if 'description' in host %}
+ # {{ host.description }}
+{% endif %}
+ host {{ host.name }} {
+ hardware ethernet {{ host.mac }};
+ fixed-address {{ host.ips | ipaddr('10.42.1.0/24') | first }};
+{% if 'filename' in host %}
+ filename "{{ host.filename }}";
+{% endif %}
+ }
+{% else %}
+
+{% if 'description' in host %}
+ # {{ host.description }}
+{% endif %}
+ #host {{ host.name }} {
+ # fixed-address {{ host.ips | ipaddr('10.42.1.0/24') | first }};
+ #}
+{% endif %}
+{% endif %}
+{% endfor %}
+}
+
+
+# Private wifi
+subnet 10.42.2.0 netmask 255.255.255.0 {
+ range 10.42.2.50 10.42.2.250;
+ option routers 10.42.2.1;
+ option domain-name-servers 185.38.175.0;
+ #option ntp-servers 90.185.0.18;
+ next-server 10.42.2.1;
+ filename "pxelinux.0";
+{% for host in local_hosts %}
+{% if host.ips | ipaddr('10.42.2.0/24') %}
+{% if 'mac' in host %}
+
+{% if 'description' in host %}
+ # {{ host.description }}
+{% endif %}
+ host {{ host.name }} {
+ hardware ethernet {{ host.mac }};
+ fixed-address {{ host.ips | ipaddr('10.42.2.0/24') | first }};
+{% if 'filename' in host %}
+ filename "{{ host.filename }}";
+{% endif %}
+ }
+{% else %}
+
+{% if 'description' in host %}
+ # {{ host.description }}
+{% endif %}
+ #host {{ host.name }} {
+ # fixed-address {{ host.ips | ipaddr('10.42.2.0/24') | first }};
+ #}
+{% endif %}
+{% endif %}
+{% endfor %}
+}
+
+# Free wifi
+subnet 10.42.3.0 netmask 255.255.255.0 {
+ range 10.42.3.50 10.42.3.250;
+ option routers 10.42.3.1;
+ option domain-name-servers 185.38.175.0;
+ #option ntp-servers 90.185.0.18;
+{% for host in local_hosts %}
+{% if host.ips | ipaddr('10.42.3.0/24') %}
+{% if 'mac' in host %}
+
+{% if 'description' in host %}
+ # {{ host.description }}
+{% endif %}
+ host {{ host.name }} {
+ hardware ethernet {{ host.mac }};
+ fixed-address {{ host.ips | ipaddr('10.42.3.0/24') | first }};
+{% if 'filename' in host %}
+ filename "{{ host.filename }}";
+{% endif %}
+ }
+{% else %}
+
+{% if 'description' in host %}
+ # {{ host.description }}
+{% endif %}
+ #host {{ host.name }} {
+ # fixed-address {{ host.ips | ipaddr('10.42.3.0/24') | first }};
+ #}
+{% endif %}
+{% endif %}
+{% endfor %}
+}
+
+# Password protected wifi
+subnet 10.42.4.0 netmask 255.255.255.0 {
+ range 10.42.4.50 10.42.4.250;
+ option routers 10.42.4.1;
+ option domain-name-servers 185.38.175.0;
+ #option ntp-servers 90.185.0.18;
+{% for host in local_hosts %}
+{% if host.ips | ipaddr('10.42.4.0/24') %}
+{% if 'mac' in host %}
+
+{% if 'description' in host %}
+ # {{ host.description }}
+{% endif %}
+ host {{ host.name }} {
+ hardware ethernet {{ host.mac }};
+ fixed-address {{ host.ips | ipaddr('10.42.4.0/24') | first }};
+{% if 'filename' in host %}
+ filename "{{ host.filename }}";
+{% endif %}
+ }
+{% else %}
+
+{% if 'description' in host %}
+ # {{ host.description }}
+{% endif %}
+ #host {{ host.name }} {
+ # fixed-address {{ host.ips | ipaddr('10.42.4.0/24') | first }};
+ #}
+{% endif %}
+{% endif %}
+{% endfor %}
+}
diff --git a/roles/space_server/files/unbound/unbound.conf b/roles/space_server/templates/unbound/unbound.conf.j2
index 1679aea..d2d3aed 100644
--- a/roles/space_server/files/unbound/unbound.conf
+++ b/roles/space_server/templates/unbound/unbound.conf.j2
@@ -105,36 +105,20 @@ server:
local-data: "labitrack.s. IN AAAA 2a01:4260:1ab::cafe"
local-data: "track.s. IN A 185.38.175.70"
local-data: "track.s. IN AAAA 2a01:4260:1ab::cafe"
- local-data: "ap.s. IN A 10.42.0.2"
- local-data-ptr: "10.42.0.2 ap.s."
- local-data: "doorputer.s. IN A 10.42.0.3"
- local-data-ptr: "10.42.0.3 doorputer.s."
- local-data: "foodputer.s. IN A 10.42.0.4"
- local-data-ptr: "10.42.0.4 foodputer.s."
- local-data: "ap1.s. IN A 10.42.0.5"
- local-data-ptr: "10.42.0.5 ap1.s."
- local-data: "ap2.s. IN A 10.42.0.6"
- local-data-ptr: "10.42.0.6 ap2.s."
- local-data: "switch.s. IN A 10.42.0.9"
- local-data-ptr: "10.42.0.9 switch.s."
- local-data: "lathe.s. IN A 10.42.0.12"
- local-data-ptr: "10.42.0.12 lathe.s."
- local-data: "anna.s. IN A 10.42.1.9"
- local-data-ptr: "10.42.1.9 anna.s."
- local-data: "printbrother.s. IN A 10.42.1.32"
- local-data-ptr: "10.42.1.32 printbrother.s."
- local-data: "infotron.s. IN A 10.42.1.34"
- local-data-ptr: "10.42.1.34 infotron.s."
- local-data: "spacemon.s. IN A 10.42.1.35"
- local-data-ptr: "10.42.1.35 spacemon.s."
- local-data: "jumbotron.s. IN A 10.42.1.36"
- local-data-ptr: "10.42.1.36 jumbotron.s."
- local-data: "hplaserjet.s. IN A 10.42.1.37"
- local-data-ptr: "10.42.1.37 hplaserjet.s."
- local-data: "labisound.s. IN A 10.42.1.40"
- local-data-ptr: "10.42.1.40 labisound.s."
- local-data: "sound.s. IN A 10.42.1.80"
- local-data-ptr: "10.42.1.80 sound.s."
+{% for host in local_hosts %}
+{% for ip in host.ips | ipv4 %}
+{% if loop.index <= 1 %}
+ local-data: "{{ host.name }}.s. IN A {{ ip }}"
+ local-data-ptr: "{{ ip }} {{ host.name }}.s."
+{% endif %}
+{% endfor %}
+{% for ip in host.ips | ipv6 %}
+{% if loop.index <= 1 %}
+ local-data: "{{ host.name }}.s. IN AAAA {{ ip }}"
+ local-data-ptr: "{{ ip }} {{ host.name }}.s."
+{% endif %}
+{% endfor %}
+{% endfor %}
remote-control:
control-enable: yes