puppet-kea/manifests/init.pp

# Class to install and configure ISC Kea DHCP service.
# Check https://kb.isc.org/docs/kea-configuration-sections-explained for details
# for each parameter.
#
# [*ensure*]
#   present or absent. Default: present
#
# [*dhcp4_conf*]
#   Hash with the DHCP 4 service configuration. Sample content:
# Dhcp4:
#   interfaces-config:
#     interfaces:
#       - eth0
#   control-socket:
#     socket-type: "unix"
#     socket-name: "/run/kea/kea4-ctrl-socket"
#   lease-database:
#     type: memfile
#     lfc-interval: 3600
#   expired-leases-processing:
#     reclaim-timer-wait-time: 10
#     flush-reclaimed-timer-wait-time: 25
#     hold-reclaimed-time: 3600
#     max-reclaim-leases: 100
#     max-reclaim-time: 250
#     unwarned-reclaim-cycles: 5
#   renew-timer: 900
#   rebind-timer: 1800
#   valid-lifetime: 3600
#   option-data:
#     - name: domain-name-servers
#       data: "192.168.1.1, 192.168.1.2"
#     - name: "domain-search"
#       data: "example.com, example.org
#   client-classes: []
#   subnet4:
#     - subnet: "192.168.1.0/24"
#       pools:
#         - pool: "192.168.1.100 - 192.168.1.200"
#       option-data:
#         - name: "routers"
#           data: "192.168.1.1, 192.168.1.2"
#       reservations:
#         - hw-address: "1a:1b:1c:1d:1e:1f"
#           ip-address: "192.168.1.201"
#           hostname: "special-snowflake"
#   loggers:
#     - name: kea-dhcp4
#       output_options:
#         - output: "stdout"
#           pattern: "%-5p %m\n"
#       severity: "INFO"
#       debuglevel: 0
#   hooks-libraries:
#     - library: /usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so
#       parameters: {}
#     - library: /usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_ha.so
#       parameters:
#         high-availability:
#           - this-server-name: server1
#             trust-anchor: /etc/letsencrypt/live/server1/chain.pem
#             cert-file: /etc/letsencrypt/live/server1/cert.pem
#             key-file: /etc/letsencrypt/live/server1/privkey.pem
#             mode: hot-standby
#             heartbeat-delay: 10000
#             max-response-delay: 60000
#             max-ack-delay: 5000
#             max-unacked-clients: 5
#             peers:
#               - name: "server1"
#                 url: "http://192.168.1.1:8000/"
#                 role: "primary"
#                 auto-failover: true
#               - name: "server2"
#                 url: "http://192.168.1.2:8000/"
#                 role: "standby"
#                 auto-failover: true
#
# [*dhcp6_conf*]
#   Hash with the DHCP 4 service configuration. Sample content:
# Dhcp6:
#   interfaces-config:
#     interfaces:
#       - eth0
#   control-socket:
#     socket-type: "unix"
#     socket-name: "/run/kea/kea4-ctrl-socket"
#   lease-database:
#     type: memfile
#     lfc-interval: 3600
#   expired-leases-processing:
#     reclaim-timer-wait-time: 10
#     flush-reclaimed-timer-wait-time: 25
#     hold-reclaimed-time: 3600
#     max-reclaim-leases: 100
#     max-reclaim-time: 250
#     unwarned-reclaim-cycles: 5
#   renew-timer: 900
#   rebind-timer: 1800
#   valid-lifetime: 3600
#   option-data:
#     - name: domain-name-servers
#       data: "fd12:3456:789a:1::1, fd12:3456:789a:1::2"
#     - name: "domain-search"
#       data: "example.com, example.org"
#   client-classes: []
#   subnet6:
#     - subnet: "fd12:3456:789a:1::0/64"
#       pools:
#         - pool: "fd12:3456:789a:1::0/64"
#       option-data: []
#       reservations:
#         - hw-address: "1a:1b:1c:1d:1e:1f"
#           ip-address: "192.168.1.201"
#           hostname: "special-snowflake"
#   loggers:
#     - name: kea-dhcp4
#       output_options:
#         - output: "stdout"
#           pattern: "%-5p %m\n"
#       severity: "INFO"
#       debuglevel: 0
#
# [*ddns_conf*]
#   Hash with the Dynamic DNS configuration. Sample content:
# DhcpDdns:
#     ip-address: "127.0.0.1"
#     port: 53001
#     control-socket:
#         socket-type: "unix"
#         socket-name: "/run/kea/kea-ddns-ctrl-socket"
#     tsig-keys: []
#     forward-ddns : {}
#     reverse-ddns : {}
#     loggers:
#       - name: "kea-dhcp-ddns"
#         output_options: 
#           - output: stdout
#             pattern: "%-5p %m\n"
#     severity: INFO
#     debuglevel: 0
#
# [*ctrl_agent_conf*]
#   Hash with the Control Agent configuration. Sample content:
# Control-agent:
#     http-host: "127.0.0.1"
#     http-port: 8000
#     authentication:
#       type: "basic"
#       realm: "Kea Control Agent"
#     control-sockets:
#       dhcp4:
#         socket-type: "unix"
#         socket-name: "/run/kea/kea4-ctrl-socket"
#       dhcp6:
#         socket-type: "unix"
#         socket-name: "/run/kea/kea6-ctrl-socket"
#       d2:
#         socket-type: "unix"
#         socket-name: "/run/kea/kea-ddns-ctrl-socket"
#
# [*api_password*]
#   (Sensitive) String API password. So in your hiera data add the
# variable kea::api_password as an encrypted value and:
# lookup_options:
#   kea::api_password:
#     convert_to: "Sensitive"
#
class kea (
  String $ensure = 'present',
  Hash $dhcp4_conf = {},
  Hash $dhcp6_conf = {},
  Hash $ddns_conf = {},
  Hash $ctrl_agent_conf = {},
  Sensitive[String[1]] $api_password = '',
) {
  case $ensure {
    default: {
      $package_ensure = 'latest'
      $directory_ensure = 'directory'
      $link_ensure = 'link'
      $service_ensure = 'running'
    }
    /^(absent|delete|uninstall|remove|unregister)$/: {
      $package_ensure = 'absent'
      $directory_ensure = 'absent'
      $link_ensure = 'absent'
      $service_ensure = 'stopped'
    }
  }
  $services = [
    'kea-ctrl-agent.service',
    'kea-dhcp-ddns-server.service',
    'kea-dhcp4-server.service',
    'kea-dhcp6-server.service',
  ]
  package { 'kea':
    ensure => $package_ensure,
  }
  file { '/etc/kea/kea-api-password':
    ensure  => $ensure,
    content => $api_password,
    mode    => '0640',
    require => Package['kea'],
    notify  => Service[$services],
  }
  file { '/etc/kea/kea-dhcp4.conf':
    ensure       => $ensure,
    content      => to_json_pretty($dhcp4_conf, true, { indent => '  ' }),
    mode         => '0644',
    require      => Package['kea'],
    notify       => Service[$services],
    validate_cmd => '/usr/sbin/kea-dhcp4 -t /etc/kea/kea-dhcp4.conf',
  }
  file { '/etc/kea/kea-dhcp6.conf':
    ensure       => $ensure,
    content      => to_json_pretty($dhcp6_conf, true, { indent => '  ' }),
    mode         => '0644',
    require      => Package['kea'],
    notify       => Service[$services],
    validate_cmd => '/usr/sbin/kea-dhcp6 -t /etc/kea/kea-dhcp6.conf',
  }
  file { '/etc/kea/kea-dhcp-ddns.conf':
    ensure       => $ensure,
    content      => to_json_pretty($ddns_conf, true, { indent => '  ' }),
    mode         => '0644',
    require      => Package['kea'],
    notify       => Service[$services],
    validate_cmd => '/usr/sbin/kea-dhcp-ddns -t /etc/kea/kea-dhcp-ddns.conf',
  }
  file { '/etc/kea/kea-ctrl-agent.conf':
    ensure       => $ensure,
    content      => to_json_pretty($ctrl_agent_conf, true, { indent => '  ' }),
    mode         => '0644',
    require      => Package['kea'],
    notify       => Service[$services],
    validate_cmd => '/usr/sbin/kea-ctrl-agent -t /etc/kea/kea-ctrl-agent.conf',
  }
  service { $services:
    ensure  => $service_ensure,
    require => Package['kea'],
  }
}
Add configuration of kea 2023-11-13 08:30:11 +01:00			`# Class to install and configure ISC Kea DHCP service.`
			`# Check https://kb.isc.org/docs/kea-configuration-sections-explained for details`
			`# for each parameter.`
Initial commit 2023-11-12 15:49:08 +01:00			`#`
			`# [ensure]`
			`# present or absent. Default: present`
			`#`
Add configuration of kea 2023-11-13 08:30:11 +01:00			`# [dhcp4_conf]`
Add params reference 2023-11-13 08:44:35 +01:00			`# Hash with the DHCP 4 service configuration. Sample content:`
			`# Dhcp4:`
			`# interfaces-config:`
			`# interfaces:`
			`# - eth0`
			`# control-socket:`
			`# socket-type: "unix"`
			`# socket-name: "/run/kea/kea4-ctrl-socket"`
			`# lease-database:`
			`# type: memfile`
			`# lfc-interval: 3600`
			`# expired-leases-processing:`
			`# reclaim-timer-wait-time: 10`
			`# flush-reclaimed-timer-wait-time: 25`
			`# hold-reclaimed-time: 3600`
			`# max-reclaim-leases: 100`
			`# max-reclaim-time: 250`
			`# unwarned-reclaim-cycles: 5`
			`# renew-timer: 900`
			`# rebind-timer: 1800`
			`# valid-lifetime: 3600`
			`# option-data:`
			`# - name: domain-name-servers`
			`# data: "192.168.1.1, 192.168.1.2"`
			`# - name: "domain-search"`
			`# data: "example.com, example.org`
			`# client-classes: []`
			`# subnet4:`
fix example config 2023-11-13 14:17:33 +01:00			`# - subnet: "192.168.1.0/24"`
Add params reference 2023-11-13 08:44:35 +01:00			`# pools:`
			`# - pool: "192.168.1.100 - 192.168.1.200"`
			`# option-data:`
			`# - name: "routers"`
			`# data: "192.168.1.1, 192.168.1.2"`
			`# reservations:`
			`# - hw-address: "1a:1b:1c:1d:1e:1f"`
			`# ip-address: "192.168.1.201"`
			`# hostname: "special-snowflake"`
			`# loggers:`
			`# - name: kea-dhcp4`
			`# output_options:`
			`# - output: "stdout"`
remove authentication from sample 2023-11-13 15:03:53 +01:00			`# pattern: "%-5p %m\n"`
Add params reference 2023-11-13 08:44:35 +01:00			`# severity: "INFO"`
			`# debuglevel: 0`
			`# hooks-libraries:`
			`# - library: /usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so`
			`# parameters: {}`
			`# - library: /usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_ha.so`
			`# parameters:`
			`# high-availability:`
fix sample configu 2023-11-13 15:05:23 +01:00			`# - this-server-name: server1`
			`# trust-anchor: /etc/letsencrypt/live/server1/chain.pem`
			`# cert-file: /etc/letsencrypt/live/server1/cert.pem`
			`# key-file: /etc/letsencrypt/live/server1/privkey.pem`
			`# mode: hot-standby`
			`# heartbeat-delay: 10000`
			`# max-response-delay: 60000`
			`# max-ack-delay: 5000`
			`# max-unacked-clients: 5`
			`# peers:`
			`# - name: "server1"`
			`# url: "http://192.168.1.1:8000/"`
			`# role: "primary"`
			`# auto-failover: true`
			`# - name: "server2"`
			`# url: "http://192.168.1.2:8000/"`
			`# role: "standby"`
			`# auto-failover: true`
Add configuration of kea 2023-11-13 08:30:11 +01:00			`#`
			`# [dhcp6_conf]`
Add params reference 2023-11-13 08:44:35 +01:00			`# Hash with the DHCP 4 service configuration. Sample content:`
			`# Dhcp6:`
			`# interfaces-config:`
			`# interfaces:`
			`# - eth0`
			`# control-socket:`
			`# socket-type: "unix"`
			`# socket-name: "/run/kea/kea4-ctrl-socket"`
			`# lease-database:`
			`# type: memfile`
			`# lfc-interval: 3600`
			`# expired-leases-processing:`
			`# reclaim-timer-wait-time: 10`
			`# flush-reclaimed-timer-wait-time: 25`
			`# hold-reclaimed-time: 3600`
			`# max-reclaim-leases: 100`
			`# max-reclaim-time: 250`
			`# unwarned-reclaim-cycles: 5`
			`# renew-timer: 900`
			`# rebind-timer: 1800`
			`# valid-lifetime: 3600`
			`# option-data:`
			`# - name: domain-name-servers`
			`# data: "fd12:3456:789a:1::1, fd12:3456:789a:1::2"`
			`# - name: "domain-search"`
			`# data: "example.com, example.org"`
			`# client-classes: []`
			`# subnet6:`
fix example config 2023-11-13 14:17:33 +01:00			`# - subnet: "fd12:3456:789a:1::0/64"`
Add params reference 2023-11-13 08:44:35 +01:00			`# pools:`
			`# - pool: "fd12:3456:789a:1::0/64"`
			`# option-data: []`
			`# reservations:`
			`# - hw-address: "1a:1b:1c:1d:1e:1f"`
			`# ip-address: "192.168.1.201"`
			`# hostname: "special-snowflake"`
			`# loggers:`
			`# - name: kea-dhcp4`
			`# output_options:`
			`# - output: "stdout"`
remove authentication from sample 2023-11-13 15:03:53 +01:00			`# pattern: "%-5p %m\n"`
Add params reference 2023-11-13 08:44:35 +01:00			`# severity: "INFO"`
			`# debuglevel: 0`
Add configuration of kea 2023-11-13 08:30:11 +01:00			`#`
			`# [ddns_conf]`
Add params reference 2023-11-13 08:44:35 +01:00			`# Hash with the Dynamic DNS configuration. Sample content:`
			`# DhcpDdns:`
			`# ip-address: "127.0.0.1"`
			`# port: 53001`
			`# control-socket:`
			`# socket-type: "unix"`
			`# socket-name: "/run/kea/kea-ddns-ctrl-socket"`
			`# tsig-keys: []`
			`# forward-ddns : {}`
			`# reverse-ddns : {}`
			`# loggers:`
			`# - name: "kea-dhcp-ddns"`
			`# output_options:`
			`# - output: stdout`
fix sample configu 2023-11-13 15:05:23 +01:00			`# pattern: "%-5p %m\n"`
Add params reference 2023-11-13 08:44:35 +01:00			`# severity: INFO`
			`# debuglevel: 0`
Add configuration of kea 2023-11-13 08:30:11 +01:00			`#`
			`# [ctrl_agent_conf]`
Add params reference 2023-11-13 08:44:35 +01:00			`# Hash with the Control Agent configuration. Sample content:`
			`# Control-agent:`
			`# http-host: "127.0.0.1"`
			`# http-port: 8000`
			`# authentication:`
			`# type: "basic"`
			`# realm: "Kea Control Agent"`
			`# control-sockets:`
			`# dhcp4:`
fix example config 2023-11-13 14:17:33 +01:00			`# socket-type: "unix"`
			`# socket-name: "/run/kea/kea4-ctrl-socket"`
Add params reference 2023-11-13 08:44:35 +01:00			`# dhcp6:`
			`# socket-type: "unix"`
			`# socket-name: "/run/kea/kea6-ctrl-socket"`
			`# d2:`
			`# socket-type: "unix"`
			`# socket-name: "/run/kea/kea-ddns-ctrl-socket"`
Add configuration of kea 2023-11-13 08:30:11 +01:00			`#`
Initial commit 2023-11-12 15:49:08 +01:00			`# [api_password]`
Add params reference 2023-11-13 08:44:35 +01:00			`# (Sensitive) String API password. So in your hiera data add the`
			`# variable kea::api_password as an encrypted value and:`
			`# lookup_options:`
			`# kea::api_password:`
			`# convert_to: "Sensitive"`
Initial commit 2023-11-12 15:49:08 +01:00			`#`
			`class kea (`
			`String $ensure = 'present',`
Add configuration of kea 2023-11-13 08:30:11 +01:00			`Hash $dhcp4_conf = {},`
			`Hash $dhcp6_conf = {},`
			`Hash $ddns_conf = {},`
			`Hash $ctrl_agent_conf = {},`
			`Sensitive[String[1]] $api_password = '',`
Initial commit 2023-11-12 15:49:08 +01:00			`) {`
			`case $ensure {`
			`default: {`
			`$package_ensure = 'latest'`
			`$directory_ensure = 'directory'`
			`$link_ensure = 'link'`
			`$service_ensure = 'running'`
			`}`
			`/^(absent\|delete\|uninstall\|remove\|unregister)$/: {`
			`$package_ensure = 'absent'`
			`$directory_ensure = 'absent'`
			`$link_ensure = 'absent'`
			`$service_ensure = 'stopped'`
			`}`
			`}`
fix requirements 2023-11-13 08:47:00 +01:00			`$services = [`
			`'kea-ctrl-agent.service',`
			`'kea-dhcp-ddns-server.service',`
			`'kea-dhcp4-server.service',`
			`'kea-dhcp6-server.service',`
			`]`
Initial commit 2023-11-12 15:49:08 +01:00			`package { 'kea':`
			`ensure => $package_ensure,`
			`}`
Add configuration of kea 2023-11-13 08:30:11 +01:00			`file { '/etc/kea/kea-api-password':`
			`ensure => $ensure,`
			`content => $api_password,`
			`mode => '0640',`
			`require => Package['kea'],`
fix requirements 2023-11-13 08:47:00 +01:00			`notify => Service[$services],`
Add configuration of kea 2023-11-13 08:30:11 +01:00			`}`
			`file { '/etc/kea/kea-dhcp4.conf':`
add validation 2023-12-25 20:14:26 +01:00			`ensure => $ensure,`
			`content => to_json_pretty($dhcp4_conf, true, { indent => ' ' }),`
			`mode => '0644',`
			`require => Package['kea'],`
			`notify => Service[$services],`
			`validate_cmd => '/usr/sbin/kea-dhcp4 -t /etc/kea/kea-dhcp4.conf',`
Add configuration of kea 2023-11-13 08:30:11 +01:00			`}`
			`file { '/etc/kea/kea-dhcp6.conf':`
add validation 2023-12-25 20:14:26 +01:00			`ensure => $ensure,`
			`content => to_json_pretty($dhcp6_conf, true, { indent => ' ' }),`
			`mode => '0644',`
			`require => Package['kea'],`
			`notify => Service[$services],`
			`validate_cmd => '/usr/sbin/kea-dhcp6 -t /etc/kea/kea-dhcp6.conf',`
Add configuration of kea 2023-11-13 08:30:11 +01:00			`}`
			`file { '/etc/kea/kea-dhcp-ddns.conf':`
add validation 2023-12-25 20:14:26 +01:00			`ensure => $ensure,`
			`content => to_json_pretty($ddns_conf, true, { indent => ' ' }),`
			`mode => '0644',`
			`require => Package['kea'],`
			`notify => Service[$services],`
			`validate_cmd => '/usr/sbin/kea-dhcp-ddns -t /etc/kea/kea-dhcp-ddns.conf',`
Add configuration of kea 2023-11-13 08:30:11 +01:00			`}`
			`file { '/etc/kea/kea-ctrl-agent.conf':`
add validation 2023-12-25 20:14:26 +01:00			`ensure => $ensure,`
			`content => to_json_pretty($ctrl_agent_conf, true, { indent => ' ' }),`
			`mode => '0644',`
			`require => Package['kea'],`
			`notify => Service[$services],`
			`validate_cmd => '/usr/sbin/kea-ctrl-agent -t /etc/kea/kea-ctrl-agent.conf',`
Add configuration of kea 2023-11-13 08:30:11 +01:00			`}`
Add params reference 2023-11-13 08:44:35 +01:00			`service { $services:`
Add configuration of kea 2023-11-13 08:30:11 +01:00			`ensure => $service_ensure,`
Initial commit 2023-11-12 15:49:08 +01:00			`require => Package['kea'],`
			`}`
			`}`