2023-11-13 08:30:11 +01:00
|
|
|
# Class to install and configure ISC Kea DHCP service.
|
|
|
|
|
# Check https://kb.isc.org/docs/kea-configuration-sections-explained for details
|
|
|
|
|
# for each parameter.
|
2023-11-12 15:49:08 +01:00
|
|
|
#
|
|
|
|
|
# [*ensure*]
|
|
|
|
|
# present or absent. Default: present
|
|
|
|
|
#
|
2023-11-13 08:30:11 +01:00
|
|
|
# [*dhcp4_conf*]
|
2023-11-13 08:44:35 +01:00
|
|
|
# Hash with the DHCP 4 service configuration. Sample content:
|
|
|
|
|
# Dhcp4:
|
|
|
|
|
# interfaces-config:
|
|
|
|
|
# interfaces:
|
|
|
|
|
# - eth0
|
|
|
|
|
# control-socket:
|
|
|
|
|
# socket-type: "unix"
|
|
|
|
|
# socket-name: "/run/kea/kea4-ctrl-socket"
|
|
|
|
|
# lease-database:
|
|
|
|
|
# type: memfile
|
|
|
|
|
# lfc-interval: 3600
|
|
|
|
|
# expired-leases-processing:
|
|
|
|
|
# reclaim-timer-wait-time: 10
|
|
|
|
|
# flush-reclaimed-timer-wait-time: 25
|
|
|
|
|
# hold-reclaimed-time: 3600
|
|
|
|
|
# max-reclaim-leases: 100
|
|
|
|
|
# max-reclaim-time: 250
|
|
|
|
|
# unwarned-reclaim-cycles: 5
|
|
|
|
|
# renew-timer: 900
|
|
|
|
|
# rebind-timer: 1800
|
|
|
|
|
# valid-lifetime: 3600
|
|
|
|
|
# option-data:
|
|
|
|
|
# - name: domain-name-servers
|
|
|
|
|
# data: "192.168.1.1, 192.168.1.2"
|
|
|
|
|
# - name: "domain-search"
|
|
|
|
|
# data: "example.com, example.org
|
|
|
|
|
# client-classes: []
|
|
|
|
|
# subnet4:
|
2023-11-13 14:17:33 +01:00
|
|
|
# - subnet: "192.168.1.0/24"
|
2023-11-13 08:44:35 +01:00
|
|
|
# pools:
|
|
|
|
|
# - pool: "192.168.1.100 - 192.168.1.200"
|
|
|
|
|
# option-data:
|
|
|
|
|
# - name: "routers"
|
|
|
|
|
# data: "192.168.1.1, 192.168.1.2"
|
|
|
|
|
# reservations:
|
|
|
|
|
# - hw-address: "1a:1b:1c:1d:1e:1f"
|
|
|
|
|
# ip-address: "192.168.1.201"
|
|
|
|
|
# hostname: "special-snowflake"
|
|
|
|
|
# loggers:
|
|
|
|
|
# - name: kea-dhcp4
|
|
|
|
|
# output_options:
|
|
|
|
|
# - output: "stdout"
|
2023-11-13 15:03:53 +01:00
|
|
|
# pattern: "%-5p %m\n"
|
2023-11-13 08:44:35 +01:00
|
|
|
# severity: "INFO"
|
|
|
|
|
# debuglevel: 0
|
|
|
|
|
# hooks-libraries:
|
|
|
|
|
# - library: /usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so
|
|
|
|
|
# parameters: {}
|
|
|
|
|
# - library: /usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_ha.so
|
|
|
|
|
# parameters:
|
|
|
|
|
# high-availability:
|
2023-11-13 15:05:23 +01:00
|
|
|
# - this-server-name: server1
|
|
|
|
|
# trust-anchor: /etc/letsencrypt/live/server1/chain.pem
|
|
|
|
|
# cert-file: /etc/letsencrypt/live/server1/cert.pem
|
|
|
|
|
# key-file: /etc/letsencrypt/live/server1/privkey.pem
|
|
|
|
|
# mode: hot-standby
|
|
|
|
|
# heartbeat-delay: 10000
|
|
|
|
|
# max-response-delay: 60000
|
|
|
|
|
# max-ack-delay: 5000
|
|
|
|
|
# max-unacked-clients: 5
|
|
|
|
|
# peers:
|
|
|
|
|
# - name: "server1"
|
|
|
|
|
# url: "http://192.168.1.1:8000/"
|
|
|
|
|
# role: "primary"
|
|
|
|
|
# auto-failover: true
|
|
|
|
|
# - name: "server2"
|
|
|
|
|
# url: "http://192.168.1.2:8000/"
|
|
|
|
|
# role: "standby"
|
|
|
|
|
# auto-failover: true
|
2023-11-13 08:30:11 +01:00
|
|
|
#
|
|
|
|
|
# [*dhcp6_conf*]
|
2023-11-13 08:44:35 +01:00
|
|
|
# Hash with the DHCP 4 service configuration. Sample content:
|
|
|
|
|
# Dhcp6:
|
|
|
|
|
# interfaces-config:
|
|
|
|
|
# interfaces:
|
|
|
|
|
# - eth0
|
|
|
|
|
# control-socket:
|
|
|
|
|
# socket-type: "unix"
|
|
|
|
|
# socket-name: "/run/kea/kea4-ctrl-socket"
|
|
|
|
|
# lease-database:
|
|
|
|
|
# type: memfile
|
|
|
|
|
# lfc-interval: 3600
|
|
|
|
|
# expired-leases-processing:
|
|
|
|
|
# reclaim-timer-wait-time: 10
|
|
|
|
|
# flush-reclaimed-timer-wait-time: 25
|
|
|
|
|
# hold-reclaimed-time: 3600
|
|
|
|
|
# max-reclaim-leases: 100
|
|
|
|
|
# max-reclaim-time: 250
|
|
|
|
|
# unwarned-reclaim-cycles: 5
|
|
|
|
|
# renew-timer: 900
|
|
|
|
|
# rebind-timer: 1800
|
|
|
|
|
# valid-lifetime: 3600
|
|
|
|
|
# option-data:
|
|
|
|
|
# - name: domain-name-servers
|
|
|
|
|
# data: "fd12:3456:789a:1::1, fd12:3456:789a:1::2"
|
|
|
|
|
# - name: "domain-search"
|
|
|
|
|
# data: "example.com, example.org"
|
|
|
|
|
# client-classes: []
|
|
|
|
|
# subnet6:
|
2023-11-13 14:17:33 +01:00
|
|
|
# - subnet: "fd12:3456:789a:1::0/64"
|
2023-11-13 08:44:35 +01:00
|
|
|
# pools:
|
|
|
|
|
# - pool: "fd12:3456:789a:1::0/64"
|
|
|
|
|
# option-data: []
|
|
|
|
|
# reservations:
|
|
|
|
|
# - hw-address: "1a:1b:1c:1d:1e:1f"
|
|
|
|
|
# ip-address: "192.168.1.201"
|
|
|
|
|
# hostname: "special-snowflake"
|
|
|
|
|
# loggers:
|
|
|
|
|
# - name: kea-dhcp4
|
|
|
|
|
# output_options:
|
|
|
|
|
# - output: "stdout"
|
2023-11-13 15:03:53 +01:00
|
|
|
# pattern: "%-5p %m\n"
|
2023-11-13 08:44:35 +01:00
|
|
|
# severity: "INFO"
|
|
|
|
|
# debuglevel: 0
|
2023-11-13 08:30:11 +01:00
|
|
|
#
|
|
|
|
|
# [*ddns_conf*]
|
2023-11-13 08:44:35 +01:00
|
|
|
# Hash with the Dynamic DNS configuration. Sample content:
|
|
|
|
|
# DhcpDdns:
|
|
|
|
|
# ip-address: "127.0.0.1"
|
|
|
|
|
# port: 53001
|
|
|
|
|
# control-socket:
|
|
|
|
|
# socket-type: "unix"
|
|
|
|
|
# socket-name: "/run/kea/kea-ddns-ctrl-socket"
|
|
|
|
|
# tsig-keys: []
|
|
|
|
|
# forward-ddns : {}
|
|
|
|
|
# reverse-ddns : {}
|
|
|
|
|
# loggers:
|
|
|
|
|
# - name: "kea-dhcp-ddns"
|
|
|
|
|
# output_options:
|
|
|
|
|
# - output: stdout
|
2023-11-13 15:05:23 +01:00
|
|
|
# pattern: "%-5p %m\n"
|
2023-11-13 08:44:35 +01:00
|
|
|
# severity: INFO
|
|
|
|
|
# debuglevel: 0
|
2023-11-13 08:30:11 +01:00
|
|
|
#
|
|
|
|
|
# [*ctrl_agent_conf*]
|
2023-11-13 08:44:35 +01:00
|
|
|
# Hash with the Control Agent configuration. Sample content:
|
|
|
|
|
# Control-agent:
|
|
|
|
|
# http-host: "127.0.0.1"
|
|
|
|
|
# http-port: 8000
|
|
|
|
|
# authentication:
|
|
|
|
|
# type: "basic"
|
|
|
|
|
# realm: "Kea Control Agent"
|
|
|
|
|
# control-sockets:
|
|
|
|
|
# dhcp4:
|
2023-11-13 14:17:33 +01:00
|
|
|
# socket-type: "unix"
|
|
|
|
|
# socket-name: "/run/kea/kea4-ctrl-socket"
|
2023-11-13 08:44:35 +01:00
|
|
|
# dhcp6:
|
|
|
|
|
# socket-type: "unix"
|
|
|
|
|
# socket-name: "/run/kea/kea6-ctrl-socket"
|
|
|
|
|
# d2:
|
|
|
|
|
# socket-type: "unix"
|
|
|
|
|
# socket-name: "/run/kea/kea-ddns-ctrl-socket"
|
2023-11-13 08:30:11 +01:00
|
|
|
#
|
2023-11-12 15:49:08 +01:00
|
|
|
# [*api_password*]
|
2023-11-13 08:44:35 +01:00
|
|
|
# (Sensitive) String API password. So in your hiera data add the
|
|
|
|
|
# variable kea::api_password as an encrypted value and:
|
|
|
|
|
# lookup_options:
|
|
|
|
|
# kea::api_password:
|
|
|
|
|
# convert_to: "Sensitive"
|
2023-11-12 15:49:08 +01:00
|
|
|
#
|
|
|
|
|
class kea (
|
|
|
|
|
String $ensure = 'present',
|
2023-11-13 08:30:11 +01:00
|
|
|
Hash $dhcp4_conf = {},
|
|
|
|
|
Hash $dhcp6_conf = {},
|
|
|
|
|
Hash $ddns_conf = {},
|
|
|
|
|
Hash $ctrl_agent_conf = {},
|
|
|
|
|
Sensitive[String[1]] $api_password = '',
|
2023-11-12 15:49:08 +01:00
|
|
|
) {
|
|
|
|
|
case $ensure {
|
|
|
|
|
default: {
|
|
|
|
|
$package_ensure = 'latest'
|
|
|
|
|
$directory_ensure = 'directory'
|
|
|
|
|
$link_ensure = 'link'
|
|
|
|
|
$service_ensure = 'running'
|
|
|
|
|
}
|
|
|
|
|
/^(absent|delete|uninstall|remove|unregister)$/: {
|
|
|
|
|
$package_ensure = 'absent'
|
|
|
|
|
$directory_ensure = 'absent'
|
|
|
|
|
$link_ensure = 'absent'
|
|
|
|
|
$service_ensure = 'stopped'
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-11-13 08:47:00 +01:00
|
|
|
$services = [
|
|
|
|
|
'kea-ctrl-agent.service',
|
|
|
|
|
'kea-dhcp-ddns-server.service',
|
|
|
|
|
'kea-dhcp4-server.service',
|
|
|
|
|
'kea-dhcp6-server.service',
|
|
|
|
|
]
|
2023-11-12 15:49:08 +01:00
|
|
|
package { 'kea':
|
|
|
|
|
ensure => $package_ensure,
|
|
|
|
|
}
|
2023-11-13 08:30:11 +01:00
|
|
|
file { '/etc/kea/kea-api-password':
|
|
|
|
|
ensure => $ensure,
|
|
|
|
|
content => $api_password,
|
|
|
|
|
mode => '0640',
|
|
|
|
|
require => Package['kea'],
|
2023-11-13 08:47:00 +01:00
|
|
|
notify => Service[$services],
|
2023-11-13 08:30:11 +01:00
|
|
|
}
|
|
|
|
|
file { '/etc/kea/kea-dhcp4.conf':
|
|
|
|
|
ensure => $ensure,
|
2023-12-25 20:02:55 +01:00
|
|
|
content => to_json_pretty($dhcp4_conf, nil, { indent => ' ' }),
|
2023-11-13 08:30:11 +01:00
|
|
|
mode => '0644',
|
|
|
|
|
require => Package['kea'],
|
2023-11-13 08:47:00 +01:00
|
|
|
notify => Service[$services],
|
2023-11-13 08:30:11 +01:00
|
|
|
}
|
|
|
|
|
file { '/etc/kea/kea-dhcp6.conf':
|
2023-11-12 15:49:08 +01:00
|
|
|
ensure => $ensure,
|
2023-12-25 20:02:55 +01:00
|
|
|
content => to_json_pretty($dhcp6_conf, nil, { indent => ' ' }),
|
2023-11-13 08:30:11 +01:00
|
|
|
mode => '0644',
|
|
|
|
|
require => Package['kea'],
|
2023-11-13 08:47:00 +01:00
|
|
|
notify => Service[$services],
|
2023-11-13 08:30:11 +01:00
|
|
|
}
|
|
|
|
|
file { '/etc/kea/kea-dhcp-ddns.conf':
|
|
|
|
|
ensure => $ensure,
|
2023-12-25 20:02:55 +01:00
|
|
|
content => to_json_pretty($ddns_conf, nil, { indent => ' ' }),
|
2023-11-13 08:30:11 +01:00
|
|
|
mode => '0644',
|
|
|
|
|
require => Package['kea'],
|
2023-11-13 08:47:00 +01:00
|
|
|
notify => Service[$services],
|
2023-11-13 08:30:11 +01:00
|
|
|
}
|
|
|
|
|
file { '/etc/kea/kea-ctrl-agent.conf':
|
|
|
|
|
ensure => $ensure,
|
2023-12-25 20:02:55 +01:00
|
|
|
content => to_json_pretty($ctrl_agent_conf, nil, { indent => ' ' }),
|
2023-11-13 08:30:11 +01:00
|
|
|
mode => '0644',
|
|
|
|
|
require => Package['kea'],
|
2023-11-13 08:47:00 +01:00
|
|
|
notify => Service[$services],
|
2023-11-13 08:30:11 +01:00
|
|
|
}
|
2023-11-13 08:44:35 +01:00
|
|
|
service { $services:
|
2023-11-13 08:30:11 +01:00
|
|
|
ensure => $service_ensure,
|
2023-11-12 15:49:08 +01:00
|
|
|
require => Package['kea'],
|
|
|
|
|
}
|
|
|
|
|
}
|
