# {{ ansible_managed }} # # DHCP Server Configuration file. # see /usr/share/doc/dhcp*/dhcpd.conf.example # see dhcpd.conf(5) man page # authoritative; default-lease-time 43200; # 12 hours max-lease-time 86400; # 24 hours # needed for static routes for Windows clients #option rfc3442-classless-static-routes code 121 = array of integer 8; #option ms-classless-static-routes code 249 = array of integer 8; #option rfc3442-classless-static-routes 24, 192, 168, 1, 10, 0, 0, 8, 0, 10, 0, 0, 1; #option ms-classless-static-routes 24, 192, 168, 1, 10, 0, 0, 8, 0, 10, 0, 0, 1; subnet {{ dhcp_cidr|ipaddr('network') }} netmask {{ dhcp_cidr|ipaddr('netmask') }} { option routers {{ dhcp_gw_default }}; option domain-name-servers {{ dhcp_gw_secured }}, {{ dns_primary }}, {{ dns_secondary }}; option domain-name "home.arpa"; ## WINS info for Windows capability #option netbios-name-servers 10.0.0.4; #option netbios-node-type 8; # Dynamic IPs range {{ dhcp_range_start }} {{ dhcp_range_end }}; class "secured" { option routers {{ dhcp_gw_secured }}; # 192.168.1.0/24 thru 10.0.0.8, 10.0.0.2 as default route #option rfc3442-classless-static-routes 24, 192, 168, 1, 10, 0, 0, 8, 0, 10, 0, 0, 2; #option rfc3442-classless-static-routes 24, 192, 168, 1, 10, 0, 0, 8, 0, 10, 0, 0, 2; #option ms-classless-static-routes 24, 192, 168, 1, 10, 0, 0, 8, 0, 10, 0, 0, 2; match hardware; } class "cloudflare" { option domain-name-servers 1.1.1.3, 1.0.0.3; # cloudflare block malware + porn match hardware; } class "alphasite" { option domain-name-servers 1.1.1.3, 1.0.0.3; # cloudflare block malware + porn option routers {{ dhcp_gw_alphasite }}; match hardware; } class "devnull" { option domain-name-servers 127.0.0.1; match hardware; } # nothing in here (yet) class "default" { match hardware; } {% for node in reservations %} subclass "{{ node.type }}" 1:{{ node.mac }}; # {{ node.name }} {% endfor %} {% for node in reservations %} host {{ node.name }} { hardware ethernet {{ node.mac }}; fixed-address {{ node.ip }}; } {% endfor %} }