# Class to install and configure ISC Kea DHCP service. # Check https://kb.isc.org/docs/kea-configuration-sections-explained for details # for each parameter. # # [*ensure*] # present or absent. Default: present # # [*dhcp4_conf*] # Hash with the DHCP 4 service configuration. Sample content: # Dhcp4: # interfaces-config: # interfaces: # - eth0 # control-socket: # socket-type: "unix" # socket-name: "/run/kea/kea4-ctrl-socket" # lease-database: # type: memfile # lfc-interval: 3600 # expired-leases-processing: # reclaim-timer-wait-time: 10 # flush-reclaimed-timer-wait-time: 25 # hold-reclaimed-time: 3600 # max-reclaim-leases: 100 # max-reclaim-time: 250 # unwarned-reclaim-cycles: 5 # renew-timer: 900 # rebind-timer: 1800 # valid-lifetime: 3600 # option-data: # - name: domain-name-servers # data: "192.168.1.1, 192.168.1.2" # - name: "domain-search" # data: "example.com, example.org # client-classes: [] # subnet4: # - subnet: "192.168.1.0/24" # pools: # - pool: "192.168.1.100 - 192.168.1.200" # option-data: # - name: "routers" # data: "192.168.1.1, 192.168.1.2" # reservations: # - hw-address: "1a:1b:1c:1d:1e:1f" # ip-address: "192.168.1.201" # hostname: "special-snowflake" # loggers: # - name: kea-dhcp4 # output_options: # - output: "stdout" # pattern: "%-5p %m\n" # severity: "INFO" # debuglevel: 0 # hooks-libraries: # - library: /usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so # parameters: {} # - library: /usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_ha.so # parameters: # high-availability: # - this-server-name: server1 # trust-anchor: /etc/letsencrypt/live/server1/chain.pem # cert-file: /etc/letsencrypt/live/server1/cert.pem # key-file: /etc/letsencrypt/live/server1/privkey.pem # mode: hot-standby # heartbeat-delay: 10000 # max-response-delay: 60000 # max-ack-delay: 5000 # max-unacked-clients: 5 # peers: # - name: "server1" # url: "http://192.168.1.1:8000/" # role: "primary" # auto-failover: true # - name: "server2" # url: "http://192.168.1.2:8000/" # role: "standby" # auto-failover: true # # [*dhcp6_conf*] # Hash with the DHCP 4 service configuration. Sample content: # Dhcp6: # interfaces-config: # interfaces: # - eth0 # control-socket: # socket-type: "unix" # socket-name: "/run/kea/kea4-ctrl-socket" # lease-database: # type: memfile # lfc-interval: 3600 # expired-leases-processing: # reclaim-timer-wait-time: 10 # flush-reclaimed-timer-wait-time: 25 # hold-reclaimed-time: 3600 # max-reclaim-leases: 100 # max-reclaim-time: 250 # unwarned-reclaim-cycles: 5 # renew-timer: 900 # rebind-timer: 1800 # valid-lifetime: 3600 # option-data: # - name: domain-name-servers # data: "fd12:3456:789a:1::1, fd12:3456:789a:1::2" # - name: "domain-search" # data: "example.com, example.org" # client-classes: [] # subnet6: # - subnet: "fd12:3456:789a:1::0/64" # pools: # - pool: "fd12:3456:789a:1::0/64" # option-data: [] # reservations: # - hw-address: "1a:1b:1c:1d:1e:1f" # ip-address: "192.168.1.201" # hostname: "special-snowflake" # loggers: # - name: kea-dhcp4 # output_options: # - output: "stdout" # pattern: "%-5p %m\n" # severity: "INFO" # debuglevel: 0 # # [*ddns_conf*] # Hash with the Dynamic DNS configuration. Sample content: # DhcpDdns: # ip-address: "127.0.0.1" # port: 53001 # control-socket: # socket-type: "unix" # socket-name: "/run/kea/kea-ddns-ctrl-socket" # tsig-keys: [] # forward-ddns : {} # reverse-ddns : {} # loggers: # - name: "kea-dhcp-ddns" # output_options: # - output: stdout # pattern: "%-5p %m\n" # severity: INFO # debuglevel: 0 # # [*ctrl_agent_conf*] # Hash with the Control Agent configuration. Sample content: # Control-agent: # http-host: "127.0.0.1" # http-port: 8000 # authentication: # type: "basic" # realm: "Kea Control Agent" # control-sockets: # dhcp4: # socket-type: "unix" # socket-name: "/run/kea/kea4-ctrl-socket" # dhcp6: # socket-type: "unix" # socket-name: "/run/kea/kea6-ctrl-socket" # d2: # socket-type: "unix" # socket-name: "/run/kea/kea-ddns-ctrl-socket" # # [*api_password*] # (Sensitive) String API password. So in your hiera data add the # variable kea::api_password as an encrypted value and: # lookup_options: # kea::api_password: # convert_to: "Sensitive" # class kea ( String $ensure = 'present', Hash $dhcp4_conf = {}, Hash $dhcp6_conf = {}, Hash $ddns_conf = {}, Hash $ctrl_agent_conf = {}, Sensitive[String[1]] $api_password = '', ) { case $ensure { default: { $package_ensure = 'latest' $directory_ensure = 'directory' $link_ensure = 'link' $service_ensure = 'running' } /^(absent|delete|uninstall|remove|unregister)$/: { $package_ensure = 'absent' $directory_ensure = 'absent' $link_ensure = 'absent' $service_ensure = 'stopped' } } $services = [ 'kea-ctrl-agent.service', 'kea-dhcp-ddns-server.service', 'kea-dhcp4-server.service', 'kea-dhcp6-server.service', ] package { 'kea': ensure => $package_ensure, } file { '/etc/kea/kea-api-password': ensure => $ensure, content => $api_password, mode => '0640', require => Package['kea'], notify => Service[$services], } file { '/etc/kea/kea-dhcp4.conf': ensure => $ensure, content => to_json_pretty($dhcp4_conf, nil, { indent => ' ' }), mode => '0644', require => Package['kea'], notify => Service[$services], } file { '/etc/kea/kea-dhcp6.conf': ensure => $ensure, content => to_json_pretty($dhcp6_conf, nil, { indent => ' ' }), mode => '0644', require => Package['kea'], notify => Service[$services], } file { '/etc/kea/kea-dhcp-ddns.conf': ensure => $ensure, content => to_json_pretty($ddns_conf, nil, { indent => ' ' }), mode => '0644', require => Package['kea'], notify => Service[$services], } file { '/etc/kea/kea-ctrl-agent.conf': ensure => $ensure, content => to_json_pretty($ctrl_agent_conf, nil, { indent => ' ' }), mode => '0644', require => Package['kea'], notify => Service[$services], } service { $services: ensure => $service_ensure, require => Package['kea'], } }