Site Map - skip to main content

Hacker Public Radio

Your ideas, projects, opinions - podcasted.

New episodes Monday through Friday.

hpr3187 :: Ansible for Dynamic Host Configuration Protocol

How I use ansible to configure my OpenBSD router

<< First, < Previous, Latest >>

Hosted by norrist on Tuesday 2020-10-20 is flagged as Clean and is released under a CC-BY-SA license.
Tags: ansible, dhcp, dns, openbsd.

Listen in ogg, spx, or mp3 format. | Comments (2)

Ansible DHCPD and DNS

Using Ansible to configure DHCPD and NDS on OpenBSD

  • Host data is stored in csv files
  • Ansible templates to create config files
  • Restart services


- hosts: localhost
  - name: read subnet 10
      path: 10.csv
      fieldnames: mac,ip,hostname
    register: subnet_10
  - name: read subnet 11
      path: 11.csv
      fieldnames: mac,ip,hostname
    register: subnet_11
  - name: read static
      path: static.csv
      fieldnames: hostname,ip
    register: static_ip

  - name: write dhcp file
      src: dhcpd.conf.j2
      dest: /etc/dhcpd.conf
      validate: dhcpd -nc %s
  - name: write local.lan zone file
      dest: /var/nsd/zones/master/local.lan
      owner: root
      group: _nsd
      validate: nsd-checkzone local.lan %s
  - name: nsd_conf
      src: nsd.conf
      dest: /var/nsd/etc/nsd.conf
      owner: root
      group: _nsd
      validate: nsd-checkconf %s
  - name: restart nsd
      name: nsd
      state: restarted
  - name: restart dhcpd
      name: dhcpd
      state: restarted
  - name: restart unbound
      name: unbound
      state: restarted






option  domain-name "local.lan";
option  domain-name-servers;

subnet netmask {
        option routers;
        {% for host in subnet_10.list %}
        host static-client { hardware ethernet {{ host.mac }};fixed-address {{ host.ip }};} #{{ host.hostname }}
        {% endfor %}

subnet netmask {
    option routers;
{% for host in subnet_11.list %}
host static-client { hardware ethernet {{ host.mac }};fixed-address {{ host.ip }};} #{{ host.hostname }}
{% endfor %}

Rendered DHCP entires

host static-client { hardware ethernet b8:27:eb:de:2f:38;fixed-address;} #pi3a
host static-client { hardware ethernet 28:10:7b:25:d5:60;fixed-address;} #ipcam3
host static-client { hardware ethernet 28:10:7b:0c:fa:7b;fixed-address;} #ipcam1

$TTL 3600
local.lan. IN     SOA root. (
                2016092901  ; Serial
                3H          ; refresh after 3 hours
                1H          ; retry after 1 hour
                1W          ; expire after 1 week
                1D)         ; minimum TTL of 1 day

IN  NS  gate.

IN  MX  50 gate.local.lan.

local.lan.      IN A

{% for host in static_ip.list%}
{{ host.hostname }} IN A {{ host.ip }}
{% endfor %}

{% for host in subnet_10.list%}
{{ host.hostname }} IN A {{ host.ip }}
{% endfor %}

{% for host in subnet_11.list%}
{{ host.hostname }} IN A {{ host.ip }}
{% endfor %}

Rendered A records

pi3b IN A
pi3a IN A
ipcam3 IN A
ipcam1 IN A

Run the playbook

ansible-playbook hostname-setup.yml

Show Transcript

Automatically generated using whisper

whisper --model tiny --language en hpr3187.wav

<< First, < Previous, Latest >>


Subscribe to the comments RSS feed.

Comment #1 posted on 2020-10-26T21:51:15Z by Cedric De Vroey

Also getting into Ansible

Hi Norrist,
I have just recently started using Ansible. I'm currently playing with my new toy, a Turing Pi board equiped with 7 Raspberry Pi Compute modules, basically it's like a single board cluster so to speak :-) Anyways, I found Ansible extremely helpfull in setting these up.
First I made sure all Pi's had a fresh install of Ubuntu server with Ssh enabled and an account that authorized my public key. Then I just created a simple inventory file with the IPs of each node and I was good to go. Then I could just do:
ansible -c cluster -a "sudo apt update && sudo apt install -y kubernetes"

Comment #2 posted on 2021-02-10T21:52:20Z by Windigo

Interesting approach

I'm currently battling with split-horizon DNS and DHCP on my local LAN, using a PiHole and the underlying dnsmasq server.

I'm very happy to have this episode as a "Plan B"; it's a very clever way to roll your own network services without having to worry about manual configs and fragile setups.

Thanks for the great episode!

<< First, < Previous, Latest >>

Leave Comment

Note to Verbose Commenters
If you can't fit everything you want to say in the comment below then you really should record a response show instead.

Note to Spammers
All comments are moderated. All links are checked by humans. We strip out all html. Feel free to record a show about yourself, or your industry, or any other topic we may find interesting. We also check shows for spam :).

Provide feedback
Your Name/Handle:
Anti Spam Question: What does the P in HPR stand for ?
Are you a spammer →
Who hosted this show →
What does HPR mean to you ?