Working prototype

handlers/main.yml

@@ -1,5 +1,10 @@
 ---
 # handlers file for geekoops-next
 
+- name: restart dnsmasq
+  systemd:
+    name: "{{dnsmasq_service}}"
+    state: restarted
+
 - name: reload firewalld
   shell: firewall-cmd --reload

tasks/firewall.yml

@@ -17,7 +17,7 @@
     state: enabled
   notify: reload firewalld
   when: dns_port != 0
-  tags: ['firewall', 'tftp', 'dnsmasq']
+  tags: ['firewall', 'dns', 'dnsmasq']
 - name: Ensure dhcp is open in firewall
   firewalld:
     zone: "{{firewall_zone}}"
@@ -26,4 +26,13 @@
     state: enabled
   notify: reload firewalld
   when: dhcp_range != ""
-  tags: ['firewall', 'tftp', 'dnsmasq']
+  tags: ['firewall', 'dhcp', 'dnsmasq']
+- name: Ensure proxy-dhcp is open in firewall
+  firewalld:
+    zone: "{{firewall_zone}}"
+    service: proxy-dhcp
+    permanent: true
+    state: enabled
+  notify: reload firewalld
+  when: "'proxy' in dhcp_range"
+  tags: ['firewall', 'dhcp', 'dnsmasq']

tasks/main.yml

@@ -18,6 +18,8 @@
     owner: root
     group: root
     mode: 0755
+  notify: restart dnsmasq
+  tags: ['dnsmasq','tftp']
 - name: Ensure pxelinux.cfg is present
   file:
     path: "{{tftp_root}}/pxelinux.cfg"
@@ -44,6 +46,12 @@
     mode: 0755
   tags: ['dnsmasq','tftp']
 
+- name: Ensure dnsmasq is started and enabled
+  systemd:
+    name: "{{ dnsmasq_service }}"
+    state: started
+    enabled: true
+  tags: ['dnsmasq','tftp']
 
 - include: firewall.yml
   when: config_firewall == true

templates/dnsmasq.j2

@@ -4,11 +4,16 @@
 ##   Don't manually edit it, as your changes will be overwritten!             ##
 ################################################################################
 
-PORT={{dns_port}}
+# DNS port (use 0 to disable DNS)
+port={{dns_port}}
+
 {% if dhcp_no_override == true %}
 # Disable reuse of the DHCP servername to avoid confusion of old (and broken) clients
 dhcp-no-override
 {% endif %}
+{% if dhcp_range != "" %}
+dhcp-range={{dhcp_range}}
+{% endif %}
 
 # PXE boot menu
 dhcp-boot={{dhcp_boot}}
@@ -22,9 +27,6 @@ pxe-service=x86PC,     "Legacy Network Boot", pxelinux
 pxe-service=x86-64_EFI,"EFI Network Boot",    pxelinux
 {% endif %}
 
-{% if dhcp_range != "" %}
-dhcp-range={{dhcp_range}}
-{% endif %}
 
 # tftp server
 enable-tftp

templates/pxelinux_default.j2

@@ -1,4 +1,4 @@
-#DEFAULT vesamenu.c32
+DEFAULT vesamenu.c32
 PROMPT 0
 TIMEOUT 100
 ONTIMEOUT local

tests/inventory

@@ -1,2 +0,0 @@
-localhost
-

tests/test.yml

@@ -1,5 +0,0 @@
----
-- hosts: localhost
-  remote_user: root
-  roles:
-    - geekoops-next

vars/openSUSE Leap_15.2.yml

@@ -5,4 +5,7 @@
 
 packages: ['dnsmasq']
 
+dnsmasq_service: "dnsmasq"
+
 tftp_root: "/srv/tftpboot"
+