# {{ ansible_managed }}
#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.example
#   see dhcpd.conf(5) man page
#

authoritative;

default-lease-time 43200; # 12 hours
max-lease-time 86400;     # 24 hours

option rfc3442-classless-static-routes code 121 = array of integer 8;
option ms-classless-static-routes code 249 = array of integer 8;
option rfc3442-classless-static-routes 24, 192, 168, 1, 10, 0, 0, 8, 0, 10, 0, 0, 1;
option ms-classless-static-routes 24, 192, 168, 1, 10, 0, 0, 8, 0, 10, 0, 0, 1;

subnet 10.0.0.0 netmask 255.255.255.0 {

  option routers 10.0.0.1;

  option domain-name-servers 10.0.0.2, {{ dns_primary }}, {{ dns_secondary }};

  # WINS info for Windows capability
  option netbios-name-servers 10.0.0.4;
  option netbios-node-type 8; 

  # Dynamic IPs
  range 10.0.0.100 10.0.0.200;

  class "secured" {
    option routers 10.0.0.2;

    # 192.168.1.0/24 thru 10.0.0.8, 10.0.0.2 as default route
    option rfc3442-classless-static-routes 24, 192, 168, 1, 10, 0, 0, 8, 0, 10, 0, 0, 2;
    option ms-classless-static-routes 24, 192, 168, 1, 10, 0, 0, 8, 0, 10, 0, 0, 2;

    match hardware;
  }

  class "cloudflare" {
    option domain-name-servers 1.1.1.3, 1.0.0.3; # cloudflare block malware + porn
    
    match hardware;
  }

  class "devnull" {
    option domain-name-servers 127.0.0.1;

    match hardware;
  }

  # nothing in here (yet)
  class "default" {
    match hardware;
  }

{% for node in nodes %}
  subclass "{{ node.type }}" 1:{{ node.mac }}; # {{ node.name }}
{% endfor %}

{% for node in nodes %}
  host {{ node.name }}
  {
    hardware ethernet {{ node.mac }};
    fixed-address {{ node.ip }};
  }

{% endfor %}
}