From 1a9b3ba2e60703a664669063ae76317dc0944d4d Mon Sep 17 00:00:00 2001 From: Jukka Nousiainen Date: Sun, 25 Jul 2021 00:29:25 +0300 Subject: [PATCH] Parameterize most of the LAN config So that it adapts to e.g. 192.168.50/24 instead of 192.168.0/24 --- installbox.yml | 2 ++ roles/dns-dhcp-tftp/tasks/main.yml | 4 ++-- roles/dns-dhcp-tftp/templates/db.lan.j2 | 11 +++++++++++ roles/dns-dhcp-tftp/templates/dhcpd.conf.j2 | 6 +++--- roles/dns-dhcp-tftp/templates/localzones.j2 | 6 +++--- 5 files changed, 21 insertions(+), 8 deletions(-) create mode 100644 roles/dns-dhcp-tftp/templates/db.lan.j2 diff --git a/installbox.yml b/installbox.yml index 6e1c4c6..37610d8 100644 --- a/installbox.yml +++ b/installbox.yml @@ -17,6 +17,8 @@ ## LAN IP address range: ipaddr_lan: 192.168.0.10/24 + ipaddr_lan_threeoct: {{ ipaddr_lan.split('.')[0:3] | join('.')}} + ipaddr_lan_ptr: {{ ipaddr_lan | ansible.netcommon.ipaddr('revdns').split('.')[1:-1] | join('.') }} dhcp_range: 192.168.0.50,192.168.0.99,2h di_dist: "{{ ansible_distribution_release }}" diff --git a/roles/dns-dhcp-tftp/tasks/main.yml b/roles/dns-dhcp-tftp/tasks/main.yml index 1d4d741..26f11ec 100644 --- a/roles/dns-dhcp-tftp/tasks/main.yml +++ b/roles/dns-dhcp-tftp/tasks/main.yml @@ -42,7 +42,7 @@ dest: "/etc/bind/{{ item }}" loop: - db.intern - - db.192.168.0 + - db.lan - localzones notify: restart bind @@ -53,7 +53,7 @@ state: link loop: - db.intern - - db.192.168.0 + - db.lan notify: restart bind - name: enable local bind config diff --git a/roles/dns-dhcp-tftp/templates/db.lan.j2 b/roles/dns-dhcp-tftp/templates/db.lan.j2 new file mode 100644 index 0000000..3f942c1 --- /dev/null +++ b/roles/dns-dhcp-tftp/templates/db.lan.j2 @@ -0,0 +1,11 @@ +$TTL 500 +@ IN SOA {{ ansible_fqdn }}. root.{{ ansible_domain }}. ( + 1 ; Serial + 3600 ; Refresh + 1800 ; Retry + 720000 ; Expire + 6400 ) ; Negative Cache TTL +; +@ NS {{ ansible_fqdn }}. + MX 10 {{ ansible_fqdn }}. +{{ ipaddr_lan | ipaddr("address") | regex_replace("^.*\.(.+$)", "\\1") }} PTR {{ ansible_fqdn }}. diff --git a/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2 b/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2 index b548beb..aa724b9 100644 --- a/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2 +++ b/roles/dns-dhcp-tftp/templates/dhcpd.conf.j2 @@ -26,7 +26,7 @@ zone intern. { key rndc-key; } -zone 0.168.192.in-addr.arpa. { +zone "{{ ipaddr_lan_ptr }}" { primary 127.0.0.1; key rndc-key; } @@ -41,7 +41,7 @@ authoritative; #log-facility local7; ## The tftpd server IP address, for all clients. -next-server 192.168.0.10; +next-server {{ ipaddr_lan | ipaddr("address") }}; option arch code 93 = unsigned integer 16; if option arch = 00:07 { @@ -50,7 +50,7 @@ if option arch = 00:07 { filename "d-i/n-a/pxelinux.0"; } -subnet 192.168.0.0 netmask 255.255.255.0 { +subnet {{ ipaddr_lan | ipaddr("address") }} netmask {{ ipaddr_lan | ipaddr("netmask") }} { option routers {{ ipaddr_lan | ipaddr("address") }}; range {{ dhcp_start }} {{ dhcp_stop }}; } diff --git a/roles/dns-dhcp-tftp/templates/localzones.j2 b/roles/dns-dhcp-tftp/templates/localzones.j2 index b0d958c..180dbc0 100644 --- a/roles/dns-dhcp-tftp/templates/localzones.j2 +++ b/roles/dns-dhcp-tftp/templates/localzones.j2 @@ -1,10 +1,10 @@ include "/etc/bind/rndc.key"; -zone "0.168.192.in-addr.arpa" { +zone "{{ ipaddr_lan_ptr }}" { type master; notify no; - file "/etc/bind/db.192.168.0"; - journal "/var/lib/bind/db.192.168.0.jnl"; + file "/etc/bind/db.{{ ipaddr_lan_threeoct }}"; + journal "/var/lib/bind/db.{{ ipaddr_lan_threeoct }}.jnl"; allow-update { key rndc-key; }; };