rt1(z9 host) unbound(role) kea_dhcp(role): create unbound and kea_dhcp role for rt1

- create unbound role
- create kea_dhcp role
- configure unbound and keadhcp on rt1(z9 host)

roles/kea_dhcp/tasks/install_archlinux.yml

@@ -0,0 +1,8 @@
+---
+- name: Install Kea on Archlinux
+  when: ansible_facts['distribution'] == "Archlinux"
+  become: true
+  community.general.pacman:
+    name: kea
+    state: present
+    update_cache: false

roles/kea_dhcp/tasks/install_debian.yml

@@ -0,0 +1,22 @@
+---
+- name: Register isc-kea apt repository
+  become: true
+  register: kea_dhcp_repo
+  when: ansible_facts['distribution'] == "Debian"
+  ansible.builtin.deb822_repository:
+    name: "isc-{{ kea_dhcp__version_repo }}"
+    uris: "https://dl.cloudsmith.io/public/isc/{{ kea_dhcp__version_repo }}/deb/debian"
+    suites: any-version
+    components: main
+    signed_by: "https://dl.cloudsmith.io/public/isc/{{ kea_dhcp__version_repo }}/gpg.key"
+
+- name: Install Kea packages
+  become: true
+  when: ansible_facts['distribution'] == "Debian"
+  ansible.builtin.apt:
+    name:
+      - isc-kea-dhcp4
+      - isc-kea-dhcp6
+      - isc-kea-ctrl-agent
+      - isc-kea-admin
+    update_cache: "{{ kea_dhcp_install_repo.changed }}"

roles/kea_dhcp/tasks/kea.yaml

@@ -0,0 +1,51 @@
+---
+- name: Include config vars
+  tags: [ kea, include_vars ]
+  when: kea_dhcp__include_vars is not None
+  ansible.builtin.include_vars:
+    file: "{{ kea_dhcp__include_vars }}"
+
+- name: Deploy kea-dhcp4 configuration file
+  tags: [ kea, dhcp4 ]
+  become: true
+  when: kea_dhcp__dhcp4.enable
+  ansible.builtin.template:
+    src: kea-dhcp4.conf.jinja
+    dest: /etc/kea/kea-dhcp4.conf
+    backup: true
+    owner: root
+    group: kea
+    mode: "u=rw,g=r,o="
+    validate: kea-dhcp4 -T %s
+  notify:
+    - Kea_dhcp4.reloaded
+
+- name: Deploy kea-dhcp6 configuration file
+  tags: [ kea, dhcp6 ]
+  become: true
+  when: kea_dhcp__dhcp6.enable
+  ansible.builtin.template:
+    src: kea-dhcp6.conf.jinja
+    dest: /etc/kea/kea-dhcp6.conf
+    backup: true
+    owner: root
+    group: kea
+    mode: "u=rw,g=r,o="
+    validate: kea-dhcp6 -T %s
+  notify:
+    - Kea_dhcp6.reloaded
+
+- name: Copy kea-ctrl-agent configuration file
+  tags: [ kea, ctrl-agent ]
+  become: true
+  when: kea_dhcp__stork_agent.enable
+  ansible.builtin.template:
+    src: kea-ctrl-agent.conf.j2
+    dest: /etc/kea/kea-ctrl-agent.conf
+    owner: root
+    group: kea
+    mode: "u=rw,g=r,o="
+    validate: kea-ctrl-agent -t %s
+  notify:
+    - Kea_ctrl.reloaded
+    - Stork_agent.restarted

roles/kea_dhcp/tasks/main.yml

@@ -0,0 +1,19 @@
+---
+- name: Setup Kea DHCP
+  tags: [kea, dhcp]
+  block:
+    - name: Install Kea on Archlinux
+      when: ansible_facts['distribution'] == "Archlinux"
+      ansible.builtin.import_tasks: install_archlinux.yml
+
+    - name: Install Kea on Debian
+      when: ansible_facts['distribution'] == "Debian"
+      ansible.builtin.import_tasks: install_debian.yml
+
+    - name: Configure Kea
+      ansible.builtin.include_tasks: kea.yaml
+
+- name: Run stork-agent tasks
+  tags: [stork-agent, monitoring]
+  when: kea_dhcp__stork_agent.enable
+  ansible.builtin.include_tasks: stork-agent.yaml

roles/kea_dhcp/tasks/stork-agent.yaml

@@ -0,0 +1,76 @@
+---
+- name: Install stork-agent
+  tags: [stork-agent]
+  block:
+    - name: Install stork-agent on Archlinux
+      when: ansible_facts['distribution'] == "Archlinux"
+      tags: [stork-agent, archlinux]
+      block:
+        - name: Create stork-agent user
+          ansible.builtin.user:
+            name: stork-agent
+            create_home: false
+            home: "/var/lib/stork-agent"
+            shell: "/usr/bin/nologin"
+            system: true
+            groups: ["kea"]
+            append: true
+
+        - name: Install stork-agent with aur_pkg_install
+          ansible.builtin.include_role:
+            name: aur_pkg_install
+          vars:
+            aur_pkg_install__pkg_name: "stork-agent"
+            aur_pkg_install__git_clone_url: "https://ansible:{{ secret__ansible_git_token }}@git.fux-eg.net/aur-mirror/stork-agent.git"
+            aur_pkg_install__git_ref: "bf96e34"
+
+    - name: Install stork-agent on Debian
+      when: ansible_facts['distribution'] == "Debian"
+      tags: [stork-agent, debian]
+      block:
+        - name: Register isc-stork apt repository
+          become: true
+          register: "kea_dhcp_install_repo"
+          ansible.builtin.deb822_repository:
+            name: isc-stork
+            uris: https://dl.cloudsmith.io/public/isc/stork/deb/debian
+            suites: any-version
+            components: main
+            signed_by: https://dl.cloudsmith.io/public/isc/stork/gpg.key
+
+        - name: Install isc-stork-agent
+          become: true
+          ansible.builtin.apt:
+            name: isc-stork-agent
+            update_cache: "{{ kea_dhcp_install_repo.changed }}"
+
+    - name: Add stork-agent user to _kea group on Debian
+      when: ansible_facts['distribution'] == "Debian"
+      become: true
+      ansible.builtin.user:
+        name: stork-agent
+        groups: ["_kea"]
+        append: true
+
+    - name: Config for stork-agent
+      ansible.builtin.template:
+        src: stork-agent.env.jinja
+        dest: /etc/stork/agent.env
+        owner: root
+        group: root
+        mode: "0660"
+      notify:
+        - Systemd_daemon_reload
+        - Stork_agent.restarted
+
+    - name: Flush handlers
+      ansible.builtin.meta: flush_handlers
+
+    - name: Ensure that stork kea exporter is working
+      ansible.builtin.uri:
+        url: "http://localhost:9547/metrics"
+        method: GET
+      register: kea_dhcp_stork_status_code
+      retries: 6
+      delay: 5
+      until: kea_dhcp_stork_status_code.status == 200