Bläddra i källkod

Converted isc-dhcp

tags/v3.0.0
Robin Thoni 5 år sedan
förälder
incheckning
044ea97ae6

+ 7
- 4
env Visa fil

@@ -23,12 +23,15 @@ DNS_TSIG_KEY_RNDC_SECRET=change_it
23 23
 
24 24
 
25 25
 GCF.dhcp.tftp={"server": "10.15.100.3"}
26
-GCF.dhcp.routers={"ips": ["10.15.100.2"]}
26
+GCF.dhcp.routers={"ips": ["10.15.100.1", "10.15.100.2"]}
27 27
 GCF.dhcp.unifiController={"ip": "10.15.100.10"}
28 28
 
29
-GCF.dhcp.dns={"master": "10.15.100.3", "servers": ["10.15.100.3"]}
30
-GCF.dhcp.dns={"domain": "example.com", "siteDomain": "site1.example.com"}
31
-GCF.dhcp.dns={"dynIpsDomain": "dhcp.site1.example.com", "revDomain": "100.15.10.in-addr.arpa."}
29
+GCF.dhcp.dns.master="10.15.100.3"
30
+GCF.dhcp.dns.servers=["10.15.100.3", "10.15.100.4"]
31
+GCF.dhcp.dns.domain="example.com"
32
+GCF.dhcp.dns.siteDomain="site1.example.com"
33
+GCF.dhcp.dns.dynIpsDomain="dhcp.site1.example.com"
34
+GCF.dhcp.dns.revDomain="100.15.10.in-addr.arpa."
32 35
 
33 36
 GCF.dhcp.subnet="10.15.100.0"
34 37
 GCF.dhcp.netmask="255.255.255.0"

+ 7
- 21
isc-dhcp/Dockerfile Visa fil

@@ -1,27 +1,13 @@
1
-FROM robinthoni/debian-multiarch:jessie
1
+FROM debian:stretch
2 2
 
3
-MAINTAINER Robin Thoni <robin@rthoni.com>
3
+ADD https://raw.githubusercontent.com/robin-thoni/docker-utils/v1.3.0/setup.sh /tmp/docker-utils-setup.sh
4
+RUN sh /tmp/docker-utils-setup.sh
5
+ENTRYPOINT ["gcf-entrypoint"]
4 6
 
5
-ARG CONFIG_DIR=/etc/default/config-files/
7
+RUN pkgs-install isc-dhcp-server
6 8
 
7
-RUN apt-get update && apt-get -y install\
8
-        isc-dhcp-server &&\
9
-        apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
10
-
11
-RUN rm -rf /var/log/*
12
-
13
-COPY ./vars-vars /etc/vars-vars
14
-
15
-COPY ./vars-files /etc/vars-files
16
-
17
-COPY ./common.sh /common.sh
18
-
19
-COPY ./run.sh /run.sh
20
-
21
-RUN mkdir "${CONFIG_DIR}"
22
-
23
-COPY ./config "${CONFIG_DIR}"
9
+COPY ./config /etc/salt/base/
24 10
 
25 11
 EXPOSE 80
26 12
 
27
-CMD ["/run.sh"]
13
+CMD ["dhcpd", "-4", "-f", "--no-pid", "-d", "-cf", "/etc/dhcp/dhcpd.conf", "-lf", "/data/dhcpd.leases"]

+ 0
- 41
isc-dhcp/common.sh Visa fil

@@ -1,41 +0,0 @@
1
-export CONFIG_DIR="/etc/default/config-files/"
2
-
3
-resolv_host()
4
-{
5
-  hostname="${1}"
6
-  ip=$(getent hosts "${hostname}" | cut -d' ' -f1)
7
-  echo "${ip}"
8
-}
9
-
10
-replace_var()
11
-{
12
-  file="${1}"
13
-  var="${2}"
14
-  sed -e "s?${var}?${!var}?g" -i "${file}"
15
-}
16
-
17
-replace_vars()
18
-{
19
-  file="${1}"
20
-  for var in $(cat /etc/vars-vars)
21
-  do
22
-    replace_var "${file}" "${var}"
23
-  done
24
-}
25
-
26
-replace_files()
27
-{
28
-  cat /etc/vars-files | while read line
29
-  do
30
-    filesrc="${CONFIG_DIR}$(echo "${line}" | awk '{print $1}')"
31
-    filedst=$(echo "${line}" | awk '{print $2}')
32
-    if [ -f "${filesrc}" ]
33
-    then
34
-      echo "Expanding file ${filesrc} to ${filedst}"
35
-      cp "${filesrc}" "${filedst}"
36
-      replace_vars "${filedst}"
37
-    else
38
-      echo "File ${filesrc} does not exist. Skipping."
39
-    fi
40
-  done
41
-}

isc-dhcp/config/dhcpd.conf → isc-dhcp/config/states/isc-dhcp/dhcpd.conf Visa fil

@@ -1,21 +1,21 @@
1 1
 #Dynamic DNS security settings
2 2
 key "key-internal" {
3 3
         algorithm HMAC-MD5;
4
-        secret "DNS_TSIG_KEY_INTERNAL_SECRET";
4
+        secret "{{ salt['pillar.get']("model:dns:tsig:keys:internal") }}";
5 5
 };
6 6
 
7
-zone DHCP_DYN_IPS_DOMAIN {
8
-    primary DHCP_DNS_MASTER;
7
+zone {{ salt['pillar.get']("model:dhcp:dns:dynIpsDomain") }} {
8
+    primary {{ salt['pillar.get']("model:dhcp:dns:master") }};
9 9
     key "key-internal";
10 10
 }
11 11
 
12
-zone DHCP_SITE_DOMAIN {
13
-    primary DHCP_DNS_MASTER;
12
+zone {{ salt['pillar.get']("model:dhcp:dns:siteDomain") }} {
13
+    primary {{ salt['pillar.get']("model:dhcp:dns:master") }};
14 14
     key "key-internal";
15 15
 }
16 16
 
17
-zone DHCP_REV_DOMAIN {
18
-    primary DHCP_DNS_MASTER;
17
+zone {{ salt['pillar.get']("model:dhcp:dns:revDomain") }} {
18
+    primary {{ salt['pillar.get']("model:dhcp:dns:master") }};
19 19
     key "key-internal";
20 20
 }
21 21
 
@@ -49,35 +49,35 @@ use-host-decl-names on;
49 49
 authoritative;
50 50
 log-facility local7;
51 51
 
52
-subnet DHCP_SUBNET netmask DHCP_NETMASK {
52
+subnet {{ salt['pillar.get']("model:dhcp:subnet") }} netmask {{ salt['pillar.get']("model:dhcp:netmask") }} {
53 53
 
54 54
   # Dynamic DNS update
55
-  ddns-domainname "DHCP_DYN_IPS_DOMAIN";
55
+  ddns-domainname "{{ salt['pillar.get']("model:dhcp:dns:dynIpsDomain") }}";
56 56
   update-conflict-detection false;
57 57
 
58 58
   # IP settings
59
-  range DHCP_IP_FIRST DHCP_IP_LAST;
60
-  option subnet-mask DHCP_NETMASK;
61
-  option broadcast-address DHCP_BROADCAST;
62
-  option routers DHCP_ROUTERS;
59
+  range {{ salt['pillar.get']("model:dhcp:ipFirst") }} {{ salt['pillar.get']("model:dhcp:ipLast") }};
60
+  option subnet-mask {{ salt['pillar.get']("model:dhcp:netmask") }};
61
+  option broadcast-address {{ salt['pillar.get']("model:dhcp:broadcast") }};
62
+  option routers {{ salt['pillar.get']("model:dhcp:routers:ips") | join(", ") }};
63 63
 
64 64
   # UniFi settings
65
-  option ubnt.unifi-address DHCP_UNIFI_CONTROLLER_IP;
65
+  option ubnt.unifi-address {{ salt['pillar.get']("model:dhcp:unifiController:ip") }};
66 66
 
67 67
   # DNS settings
68
-  option domain-name "DHCP_SITE_DOMAIN";
69
-  option domain-search "DHCP_SITE_DOMAIN", "DHCP_DOMAIN", "DHCP_DYN_IPS_DOMAIN";
70
-  option domain-name-servers DHCP_DNS_SERVERS;
68
+  option domain-name "{{ salt['pillar.get']("model:dhcp:dns:siteDomain") }}";
69
+  option domain-search "{{ salt['pillar.get']("model:dhcp:dns:siteDomain") }}", "{{ salt['pillar.get']("model:dhcp:dns:domain") }}", "{{ salt['pillar.get']("model:dhcp:dns:dynIpsDomain") }}";
70
+  option domain-name-servers {{ salt['pillar.get']("model:dhcp:dns:servers") | join(", ") }};
71 71
 
72 72
   # Push custom routes to clients
73 73
   #option classless-routes 24, 10,15,42, 10.15.12,2;
74 74
   #option classless-routes-win 24, 10,15,42, 10.15.12,2;
75 75
 
76 76
   # Netboot settings
77
-  next-server DHCP_TFTP_SERVER;
77
+  next-server {{ salt['pillar.get']("model:dhcp:tftp:server") }};
78 78
   #option root-path "10.15.100.1:/pxeroot/ubuntu";
79 79
   if exists user-class and ( option user-class = "iPXE-rthoni" ) {
80
-    option domain-search "DHCP_SITE_DOMAIN";
80
+    option domain-search "{{ salt['pillar.get']("model:dhcp:dns:siteDomain") }}";
81 81
     filename "http://netboot/boot.ipxe";
82 82
   }
83 83
   else {
@@ -87,7 +87,7 @@ subnet DHCP_SUBNET netmask DHCP_NETMASK {
87 87
   # Static IP hosts
88 88
   group {
89 89
     include "/etc/dhcp/config/static_ips.conf";
90
-    ddns-domainname "DHCP_SITE_DOMAIN";
90
+    ddns-domainname "{{ salt['pillar.get']("model:dhcp:dns:siteDomain") }}";
91 91
     option host-name = host-decl-name;
92 92
     ddns-hostname = config-option host-name;
93 93
   }

+ 9
- 0
isc-dhcp/config/states/isc-dhcp/init.sls Visa fil

@@ -0,0 +1,9 @@
1
+dhcpd-config:
2
+  file.managed:
3
+    - name: /etc/dhcp/dhcpd.conf
4
+    - source: salt://isc-dhcp/dhcpd.conf
5
+    - template: jinja
6
+
7
+dhcpd-leases:
8
+  file.touch:
9
+    - name: /data/dhcpd.leases

+ 0
- 22
isc-dhcp/vars-vars Visa fil

@@ -1,22 +0,0 @@
1
-DHCP_DNS_MASTER
2
-DHCP_DNS_SERVERS
3
-DHCP_TFTP_SERVER
4
-DHCP_ROUTERS
5
-DHCP_UNIFI_CONTROLLER_IP
6
-
7
-DHCP_DOMAIN
8
-DHCP_SITE_DOMAIN
9
-DHCP_DYN_IPS_DOMAIN
10
-DHCP_REV_DOMAIN
11
-
12
-DHCP_SUBNET
13
-DHCP_NETMASK
14
-DHCP_IP_FIRST
15
-DHCP_IP_LAST
16
-DHCP_BROADCAST
17
-
18
-DNS_FORWARDER_IP_1
19
-DNS_FORWARDER_IP_2
20
-DNS_TSIG_KEY_INTERNAL_SECRET
21
-DNS_TSIG_KEY_EXTERNAL_SECRET
22
-DNS_TSIG_KEY_RNDC_SECRET

Laddar…
Avbryt
Spara