bundle/dhcpd: improvements #19

Merged
sophie merged 6 commits from kunsi-dhcpd-improvements into main 2020-11-15 12:34:41 +00:00
5 changed files with 45 additions and 19 deletions

View file

@ -7,7 +7,8 @@ ddns-update-style none;
authoritative; authoritative;
% for identfier, subnet in dhcp_config.get('subnets', {}).items(): % for identifier, subnet in dhcp_config.get('subnets', {}).items():
# subnet '${identifier}'
subnet ${subnet['subnet']} netmask ${subnet['netmask']} { subnet ${subnet['subnet']} netmask ${subnet['netmask']} {
% if subnet.get('range_lower', None) and subnet.get('range_higher', None): % if subnet.get('range_lower', None) and subnet.get('range_higher', None):
range ${subnet['range_lower']} ${subnet['range_higher']}; range ${subnet['range_lower']} ${subnet['range_higher']};
@ -16,11 +17,11 @@ subnet ${subnet['subnet']} netmask ${subnet['netmask']} {
default-lease-time ${subnet.get('default-lease-time', 600)}; default-lease-time ${subnet.get('default-lease-time', 600)};
max-lease-time ${subnet.get('max-lease-time', 3600)}; max-lease-time ${subnet.get('max-lease-time', 3600)};
% for option, value in sorted(subnet.get('options', {}).items()): % for option, value in sorted(subnet.get('options', {}).items()):
% if re.match('([^0-9\.,\ ])', value): % if re.match('([^0-9\.,\ ])', value):
option ${option} "${value}"; option ${option} "${value}";
% else: % else:
option ${option} ${value}; option ${option} ${value};
% endif % endif
% endfor % endfor
} }
% endfor % endfor

View file

@ -2,7 +2,7 @@ files = {
'/etc/dhcp/dhcpd.conf': { '/etc/dhcp/dhcpd.conf': {
'content_type': 'mako', 'content_type': 'mako',
'context': { 'context': {
'dhcp_config': node.metadata.get('dhcpd'), 'dhcp_config': node.metadata['dhcpd'],
}, },
'needs': { 'needs': {
'pkg_apt:isc-dhcp-server' 'pkg_apt:isc-dhcp-server'
@ -14,7 +14,8 @@ files = {
'/etc/default/isc-dhcp-server': { '/etc/default/isc-dhcp-server': {
'content_type': 'mako', 'content_type': 'mako',
'context': { 'context': {
'listen_interfaces': node.metadata.get('dhcpd', {}).get('listen_interfaces'), # Set by our own metadata reactor. Guaranteed to exist.
'listen_interfaces': node.metadata['dhcpd']['listen_interfaces'],
}, },
'needs': { 'needs': {
'pkg_apt:isc-dhcp-server' 'pkg_apt:isc-dhcp-server'

View file

@ -10,27 +10,48 @@ defaults = {
@metadata_reactor @metadata_reactor
def get_static_allocations(metadata): def get_static_allocations(metadata):
allocations = {} allocations = {}
for rnode in repo.nodes_in_group('home'): for rnode in repo.nodes:
if rnode.metadata.get('location', '') != metadata.get('location', ''):
continue
for identifier, interface in rnode.metadata.get('interfaces', {}).items(): for identifier, interface in rnode.metadata.get('interfaces', {}).items():
if interface.get('dhcp', False): if interface.get('dhcp', False):
allocations[rnode.name] = { allocations[rnode.name] = {
'ipv4': sorted(interface['ips'])[0], 'ipv4': sorted(interface['ips'])[0],
'mac': interface['mac'], 'mac': interface['mac'],
} }
return { return {
'dhcpd': { 'dhcpd': {
'fixed_allocations': allocations, 'fixed_allocations': allocations,
} }
} }
@metadata_reactor @metadata_reactor
def get_listen_interfaces(metadata): def get_listen_interfaces(metadata):
listen_interfaces = [] listen_interfaces = []
for identfier, subnet in node.metadata.get('dhcpd/subnets', {}).items(): for identfier, subnet in node.metadata.get('dhcpd/subnets', {}).items():
listen_interfaces.append(subnet.get('interface')) listen_interfaces.append(subnet['interface'])
return { return {
'dhcpd': { 'dhcpd': {
'listen_interfaces': ' '.join(sorted(listen_interfaces)), 'listen_interfaces': ' '.join(sorted(listen_interfaces)),
} }
} }
@metadata_reactor
def iptables(metadata):
iptables = set()
for identfier, subnet in node.metadata.get('dhcpd/subnets', {}).items():
iptables.add('iptables -A INPUT -i {} -p udp --dport 67:68 -j ACCEPT'.format(subnet['interface']))
return {
'iptables': {
'bundle_rules': {
# iptables bundle relies on this being a list.
'dhcpd': sorted(list(iptables)),
},
}
}

View file

@ -13,6 +13,7 @@ groups['gce'] = {
}, },
}, },
}, },
'location': 'gce',
'nameservers': { 'nameservers': {
'8.8.8.8', '8.8.8.8',
'8.8.4.4', '8.8.4.4',
@ -33,6 +34,9 @@ groups['htz'] = {
'subgroups': { 'subgroups': {
'htz-cloud', 'htz-cloud',
}, },
'metadata': {
'location': 'htz',
},
} }
groups['htz-cloud'] = { groups['htz-cloud'] = {
@ -70,6 +74,7 @@ groups['ovh'] = {
r"ovh\..*", r"ovh\..*",
}, },
'metadata': { 'metadata': {
'location': 'ovh',
'users': { 'users': {
'debian': { 'debian': {
'delete': True, 'delete': True,

View file

@ -94,8 +94,6 @@ nodes['home.router'] = {
'broadcast-address': '172.19.138.255', 'broadcast-address': '172.19.138.255',
'subnet-mask': '255.255.255.0', 'subnet-mask': '255.255.255.0',
}, },
'default-lease-time': 300,
'max-lease-time': 1800,
}, },
}, },
}, },