kunsi/bundlewrap
1
0
Fork 0
Code Issues 2 Pull requests 1 Releases Activity

bundles/dhcpd: rework metadata
All checks were successful
bundlewrap/pipeline/head This commit looks good
Details

Browse source
This commit is contained in:
Franzi 2021-04-20 18:17:52 +02:00
parent 3bd851aae5
commit 24362768fb
Signed by: kunsi
GPG key ID: 12E3D2136B818350
5 changed files with 17 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
bundles/dhcpd/files/dhcpd.conf
View file

@ -1,19 +1,21 @@
#dhcpd.conf
<%
import re
import re
from ipaddress import ip_network
%>
ddns-update-style none;
authoritative;
% for identifier, subnet in dhcp_config.get('subnets', {}).items():
# subnet '${identifier}'
subnet ${subnet['subnet']} netmask ${subnet['netmask']} {
% for interface, subnet in sorted(dhcp_config.get('subnets', {}).items()):
<%
network = ip_network(subnet['subnet'])
%>
# interface ${interface} provides ${subnet['subnet']}
subnet ${network.network_address} netmask ${network.netmask} {
% if subnet.get('range_lower', None) and subnet.get('range_higher', None):
range ${subnet['range_lower']} ${subnet['range_higher']};
% endif
interface "${subnet['interface']}";
interface "${interface}";
default-lease-time ${subnet.get('default-lease-time', 600)};
max-lease-time ${subnet.get('max-lease-time', 3600)};
% for option, value in sorted(subnet.get('options', {}).items()):

2
bundles/dhcpd/files/isc-dhcp-server
View file

@ -14,5 +14,5 @@
# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
# Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACESv4="${listen_interfaces}"
INTERFACESv4="${' '.join(sorted(node.metadata.get('dhcpd/subnets', {})))}"
INTERFACESv6=""

4
bundles/dhcpd/items.py
View file

@ -13,10 +13,6 @@ files = {
},
'/etc/default/isc-dhcp-server': {
'content_type': 'mako',
'context': {
# Set by our own metadata reactor. Guaranteed to exist.
'listen_interfaces': node.metadata['dhcpd']['listen_interfaces'],
},
'needs': {
'pkg_apt:isc-dhcp-server'
},

21
bundles/dhcpd/metadata.py
View file

@ -36,33 +36,18 @@ def get_static_allocations(metadata):
}
@metadata_reactor.provides(
'dhcpd/listen_interfaces',
)
def get_listen_interfaces(metadata):
listen_interfaces = []
for _, subnet in node.metadata.get('dhcpd/subnets', {}).items():
listen_interfaces.append(subnet['interface'])
return {
'dhcpd': {
'listen_interfaces': ' '.join(sorted(listen_interfaces)),
}
}
@metadata_reactor.provides(
'iptables/bundle_rules/dhcpd',
)
def iptables(metadata):
rules = set()
for subnet in node.metadata.get('dhcpd/subnets', {}).values():
rules.add('iptables -A INPUT -i {} -p udp --dport 67:68 -j ACCEPT'.format(subnet['interface']))
for subnet in node.metadata.get('dhcpd/subnets', {}):
rules.add('iptables -A INPUT -i {} -p udp --dport 67:68 -j ACCEPT'.format(subnet))
return {
'iptables': {
'bundle_rules': {
# can't use port_rules here. We're generating interface based rules here.
# can't use port_rules here, because we're generating interface based rules.
'dhcpd': sorted(list(rules)),
},
}

12
nodes/home/router.py
View file

@ -43,12 +43,10 @@ nodes['home.router'] = {
},
'dhcpd': {
'subnets': {
'dmz': {
'interface': 'enp1s0.23',
'netmask': '255.255.255.0',
'enp1s0.23': {
'range_lower': '172.19.139.200',
'range_higher': '172.19.139.250',
'subnet': '172.19.139.0',
'subnet': '172.19.139.0/24',
'options': {
'broadcast-address': '172.19.139.255',
'domain-name-servers': '172.19.139.1',
@ -56,12 +54,10 @@ nodes['home.router'] = {
'subnet-mask': '255.255.255.0',
},
},
'home': {
'interface': 'enp1s0.42',
'netmask': '255.255.255.0',
'enp1s0.42': {
'range_lower': '172.19.138.100',
'range_higher': '172.19.138.250',
'subnet': '172.19.138.0',
'subnet': '172.19.138.0/24',
'options': {
'broadcast-address': '172.19.138.255',
'domain-name': 'franzi-home.kunbox.net',