Init DHCP

network.yml

@@ -13,6 +13,14 @@
     - wireguard
     - motd-role
 
+# Deploy DHCP server
+- hosts: dhcp.adm.crans.org
+  vars:
+    dhcp:
+      authoritative: true
+  roles:
+    - isc-dhcp-server
+
 # Deploy recursive DNS cache server
 - hosts: odlyd.adm.crans.org
   roles:

roles/isc-dhcp-server/tasks/main.yml

+---
+- name: Install isc-dhcp-server
+  apt:
+    update_cache: true
+    name: isc-dhcp-server
+    state: present
+  register: apt_result
+  retries: 3
+  until: apt_result is succeeded
+
+- name: Configure isc-dhcp-server
+  template:
+    src: dhcp/dhcpd.conf.j2
+    dest: /etc/dhcp/dhcpd.conf
+    mode: 0600
+
+- name: Ensure that isc-dhcp-server is started
+  systemd:
+    name: isc-dhcp-server
+    state: started
+    enabled: true

roles/isc-dhcp-server/templates/dhcp/dhcpd.conf.j2

+# dhcpd.conf
+# {{ ansible_managed }}
+
+# option definitions common to all supported networks...
+#option domain-name "example.org";
+#option domain-name-servers ns1.example.org, ns2.example.org;
+
+# We have tagged network so use last 4 bytes for tag (1500 max)
+option interface-mtu 1496;
+
+default-lease-time 600;
+max-lease-time 7200;
+
+# The ddns-updates-style parameter controls whether or not the server will
+# attempt to do a DNS update when a lease is confirmed. We default to the
+# behavior of the version 2 packages ('none', since DHCP v2 didn't
+# have support for DDNS.)
+ddns-update-style none;
+
+# If this DHCP server is the official DHCP server for the local
+# network, the authoritative directive should be uncommented.
+{% if dhcp.authoritative %}
+authoritative;
+{% else %}
+#authoritative;
+{% endif %}
+
+# Use this to send dhcp log messages to a different log file (you also
+# have to hack syslog.conf to complete the redirection).
+#log-facility local7;
+
+# TODO