Converted isc-dhcp

env

@@ -23,12 +23,15 @@ DNS_TSIG_KEY_RNDC_SECRET=change_it
 
 
 GCF.dhcp.tftp={"server": "10.15.100.3"}
-GCF.dhcp.routers={"ips": ["10.15.100.2"]}
+GCF.dhcp.routers={"ips": ["10.15.100.1", "10.15.100.2"]}
 GCF.dhcp.unifiController={"ip": "10.15.100.10"}
 
-GCF.dhcp.dns={"master": "10.15.100.3", "servers": ["10.15.100.3"]}
-GCF.dhcp.dns={"domain": "example.com", "siteDomain": "site1.example.com"}
-GCF.dhcp.dns={"dynIpsDomain": "dhcp.site1.example.com", "revDomain": "100.15.10.in-addr.arpa."}
+GCF.dhcp.dns.master="10.15.100.3"
+GCF.dhcp.dns.servers=["10.15.100.3", "10.15.100.4"]
+GCF.dhcp.dns.domain="example.com"
+GCF.dhcp.dns.siteDomain="site1.example.com"
+GCF.dhcp.dns.dynIpsDomain="dhcp.site1.example.com"
+GCF.dhcp.dns.revDomain="100.15.10.in-addr.arpa."
 
 GCF.dhcp.subnet="10.15.100.0"
 GCF.dhcp.netmask="255.255.255.0"

isc-dhcp/Dockerfile

@@ -1,27 +1,13 @@
-FROM robinthoni/debian-multiarch:jessie
+FROM debian:stretch
 
-MAINTAINER Robin Thoni <robin@rthoni.com>
+ADD https://raw.githubusercontent.com/robin-thoni/docker-utils/v1.3.0/setup.sh /tmp/docker-utils-setup.sh
+RUN sh /tmp/docker-utils-setup.sh
+ENTRYPOINT ["gcf-entrypoint"]
 
-ARG CONFIG_DIR=/etc/default/config-files/
+RUN pkgs-install isc-dhcp-server
 
-RUN apt-get update && apt-get -y install\
-        isc-dhcp-server &&\
-        apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
-
-RUN rm -rf /var/log/*
-
-COPY ./vars-vars /etc/vars-vars
-
-COPY ./vars-files /etc/vars-files
-
-COPY ./common.sh /common.sh
-
-COPY ./run.sh /run.sh
-
-RUN mkdir "${CONFIG_DIR}"
-
-COPY ./config "${CONFIG_DIR}"
+COPY ./config /etc/salt/base/
 
 EXPOSE 80
 
-CMD ["/run.sh"]
+CMD ["dhcpd", "-4", "-f", "--no-pid", "-d", "-cf", "/etc/dhcp/dhcpd.conf", "-lf", "/data/dhcpd.leases"]

isc-dhcp/common.sh

@@ -1,41 +0,0 @@
-export CONFIG_DIR="/etc/default/config-files/"
-
-resolv_host()
-{
-  hostname="${1}"
-  ip=$(getent hosts "${hostname}" | cut -d' ' -f1)
-  echo "${ip}"
-}
-
-replace_var()
-{
-  file="${1}"
-  var="${2}"
-  sed -e "s?${var}?${!var}?g" -i "${file}"
-}
-
-replace_vars()
-{
-  file="${1}"
-  for var in $(cat /etc/vars-vars)
-  do
-    replace_var "${file}" "${var}"
-  done
-}
-
-replace_files()
-{
-  cat /etc/vars-files | while read line
-  do
-    filesrc="${CONFIG_DIR}$(echo "${line}" | awk '{print $1}')"
-    filedst=$(echo "${line}" | awk '{print $2}')
-    if [ -f "${filesrc}" ]
-    then
-      echo "Expanding file ${filesrc} to ${filedst}"
-      cp "${filesrc}" "${filedst}"
-      replace_vars "${filedst}"
-    else
-      echo "File ${filesrc} does not exist. Skipping."
-    fi
-  done
-}

isc-dhcp/config/dhcpd.conf → isc-dhcp/config/states/isc-dhcp/dhcpd.conf

@@ -1,21 +1,21 @@
 #Dynamic DNS security settings
 key "key-internal" {
         algorithm HMAC-MD5;
-        secret "DNS_TSIG_KEY_INTERNAL_SECRET";
+        secret "{{ salt['pillar.get']("model:dns:tsig:keys:internal") }}";
 };
 
-zone DHCP_DYN_IPS_DOMAIN {
-    primary DHCP_DNS_MASTER;
+zone {{ salt['pillar.get']("model:dhcp:dns:dynIpsDomain") }} {
+    primary {{ salt['pillar.get']("model:dhcp:dns:master") }};
     key "key-internal";
 }
 
-zone DHCP_SITE_DOMAIN {
-    primary DHCP_DNS_MASTER;
+zone {{ salt['pillar.get']("model:dhcp:dns:siteDomain") }} {
+    primary {{ salt['pillar.get']("model:dhcp:dns:master") }};
     key "key-internal";
 }
 
-zone DHCP_REV_DOMAIN {
-    primary DHCP_DNS_MASTER;
+zone {{ salt['pillar.get']("model:dhcp:dns:revDomain") }} {
+    primary {{ salt['pillar.get']("model:dhcp:dns:master") }};
     key "key-internal";
 }
 
@@ -49,35 +49,35 @@ use-host-decl-names on;
 authoritative;
 log-facility local7;
 
-subnet DHCP_SUBNET netmask DHCP_NETMASK {
+subnet {{ salt['pillar.get']("model:dhcp:subnet") }} netmask {{ salt['pillar.get']("model:dhcp:netmask") }} {
 
   # Dynamic DNS update
-  ddns-domainname "DHCP_DYN_IPS_DOMAIN";
+  ddns-domainname "{{ salt['pillar.get']("model:dhcp:dns:dynIpsDomain") }}";
   update-conflict-detection false;
 
   # IP settings
-  range DHCP_IP_FIRST DHCP_IP_LAST;
-  option subnet-mask DHCP_NETMASK;
-  option broadcast-address DHCP_BROADCAST;
-  option routers DHCP_ROUTERS;
+  range {{ salt['pillar.get']("model:dhcp:ipFirst") }} {{ salt['pillar.get']("model:dhcp:ipLast") }};
+  option subnet-mask {{ salt['pillar.get']("model:dhcp:netmask") }};
+  option broadcast-address {{ salt['pillar.get']("model:dhcp:broadcast") }};
+  option routers {{ salt['pillar.get']("model:dhcp:routers:ips") | join(", ") }};
 
   # UniFi settings
-  option ubnt.unifi-address DHCP_UNIFI_CONTROLLER_IP;
+  option ubnt.unifi-address {{ salt['pillar.get']("model:dhcp:unifiController:ip") }};
 
   # DNS settings
-  option domain-name "DHCP_SITE_DOMAIN";
-  option domain-search "DHCP_SITE_DOMAIN", "DHCP_DOMAIN", "DHCP_DYN_IPS_DOMAIN";
-  option domain-name-servers DHCP_DNS_SERVERS;
+  option domain-name "{{ salt['pillar.get']("model:dhcp:dns:siteDomain") }}";
+  option domain-search "{{ salt['pillar.get']("model:dhcp:dns:siteDomain") }}", "{{ salt['pillar.get']("model:dhcp:dns:domain") }}", "{{ salt['pillar.get']("model:dhcp:dns:dynIpsDomain") }}";
+  option domain-name-servers {{ salt['pillar.get']("model:dhcp:dns:servers") | join(", ") }};
 
   # Push custom routes to clients
   #option classless-routes 24, 10,15,42, 10.15.12,2;
   #option classless-routes-win 24, 10,15,42, 10.15.12,2;
 
   # Netboot settings
-  next-server DHCP_TFTP_SERVER;
+  next-server {{ salt['pillar.get']("model:dhcp:tftp:server") }};
   #option root-path "10.15.100.1:/pxeroot/ubuntu";
   if exists user-class and ( option user-class = "iPXE-rthoni" ) {
-    option domain-search "DHCP_SITE_DOMAIN";
+    option domain-search "{{ salt['pillar.get']("model:dhcp:dns:siteDomain") }}";
     filename "http://netboot/boot.ipxe";
   }
   else {
@@ -87,7 +87,7 @@ subnet DHCP_SUBNET netmask DHCP_NETMASK {
   # Static IP hosts
   group {
     include "/etc/dhcp/config/static_ips.conf";
-    ddns-domainname "DHCP_SITE_DOMAIN";
+    ddns-domainname "{{ salt['pillar.get']("model:dhcp:dns:siteDomain") }}";
     option host-name = host-decl-name;
     ddns-hostname = config-option host-name;
   }

isc-dhcp/config/states/isc-dhcp/init.sls

@@ -0,0 +1,9 @@
+dhcpd-config:
+  file.managed:
+    - name: /etc/dhcp/dhcpd.conf
+    - source: salt://isc-dhcp/dhcpd.conf
+    - template: jinja
+
+dhcpd-leases:
+  file.touch:
+    - name: /data/dhcpd.leases

isc-dhcp/vars-vars

@@ -1,22 +0,0 @@
-DHCP_DNS_MASTER
-DHCP_DNS_SERVERS
-DHCP_TFTP_SERVER
-DHCP_ROUTERS
-DHCP_UNIFI_CONTROLLER_IP
-
-DHCP_DOMAIN
-DHCP_SITE_DOMAIN
-DHCP_DYN_IPS_DOMAIN
-DHCP_REV_DOMAIN
-
-DHCP_SUBNET
-DHCP_NETMASK
-DHCP_IP_FIRST
-DHCP_IP_LAST
-DHCP_BROADCAST
-
-DNS_FORWARDER_IP_1
-DNS_FORWARDER_IP_2
-DNS_TSIG_KEY_INTERNAL_SECRET
-DNS_TSIG_KEY_EXTERNAL_SECRET
-DNS_TSIG_KEY_RNDC_SECRET