DHCP custom configuration - (when|will) it be available?
-
Please advise when it will be possible to add a custom configuration to DHCPD config file? I'm integrating pfSense DHCPD with The Foreman / Katello for hosts provisioning and figured out my "hackish" way to do that but I don't like. Any forecasts?
Thank you! -
@CapitanBlack said in DHCP custom configuration - (when|will) it be available?:
custom configuration to DHCPD config file?
You are using pfSense so you can use a GUI to setup the needed services.
pfSense will create, and recreate, the needed config file.
These config files are not read back in again to see if there are user edits. They are overwritten on the fly when the process needs to start.Can you explain what are your needs ?
Not this :
?
-
I am integrating The Foreman/Katello (www.theforeman.org) with pfSense for automated VM's provisioning. I need to enable OMAPI by adding below config lines to DHCPD config file. So far I did it via a script (see below). The cron script itself works fine - I'm currently testing if Foreman-pfSense provisioning works as it should...
P.S. I will also need OMAPI key for the official BIND daemon running on pfSense. Thanks!omapi-port 7911; key omapi_key { algorithm HMAC-MD5; secret "==OMAPI-SECRET=="; }; omapi-key omapi_key;DHCPD custom configuration watchdog
#!/bin/sh # === /root/bin/dhcpd_custom_config_watchdog === # # Adds custom config to the end of DHCP config file if it was not found. # Custom DHCP config saved in '/var/dhcpd/etc/dhcpd.conf.omapi' file. # if ! grep -q omapi /var/dhcpd/etc/dhcpd.conf ; then # Restart DHCPD to ensure it has the latest configuration pfSsh.php playback restartdhcpd echo "Save DHCPD command line..." echo `ps axww | grep '[/]usr/local/sbin/dhcpd' | tr -s '[:blank:]' | grep -o '\/usr\/local\/sbin\/dhcpd.*'` > /var/tmp/dhcpd_cmdline killall dhcpd echo "Backing up DHCPD configuration file to '/var/dhcpd/etc/dhcpd.conf.bak'..." cp -f /var/dhcpd/etc/dhcpd.conf /var/dhcpd/etc/dhcpd.conf.bak echo "Applying custom configuration..." cat /var/dhcpd/etc/dhcpd.conf.omapi >> /var/dhcpd/etc/dhcpd.conf # Restart DHCPD with the original comand line... eval $(cat /var/tmp/dhcpd_cmdline) fi # === /root/bin/dhcpd_custom_config_watchdog ===Then install 'cron' package and add below line
Below screenshot explains how The Foreman uses ISC DHCPD and BIND for VM's provisioning.
-
There is an option to enable OMAPI coming in 2.5.0: https://redmine.pfsense.org/issues/7304
You might be able to adapt the diff on the issue to apply to 2.4.4
-
@jimp - thanks a lot! I (and many other Foreman enthusiast) need it for sure!
Can you please provide instruction on how to make and apply the diff?
-
NVM, figured it out...
-
-
Tested three most recent patches starting from 2577004fa21a13c6f00427e96334b051de5ab1a2 - all gives various patching errors...
My pfSense is 2.4.4-RELEASE-p3 (amd64)
-
Try against the latest "2.4.5 pre release" that became available very recently.
-
I do not expect that to apply cleanly, which is why I said you'd need to adapt it. Look at what changed, and make similar changes to your system by hand.
That said, it does apply cleanly to the 2.4.5 tree so it may be worth trying there.
-
Yes, thanks guys - I've deployed a new virtual firewall to try the patch.
Will post here... -
@jimp @CapitanBlack thank you (and everyone else involved) for making this a reality for the rest of us in the digital ether.
Having said that, I'd also like to leverage my already existing pfSense appliance to provide OMAPI/isc_bind (in order to act as a smartproxy for Foreman).
I saw that OMAPI made it into pfSense 2.5 which is great news. As of today, the latest community version is 2.4.5_1 (with 2.5 being tagged as an available experimental development snapshot).
Does that mean that if I want to consume these efforts I need to enable the pre-release devel channel on my CE box, and upgrade? Do you all use the paid-for version and develop against it?
-
I updated to pfSense 2.5.0-DEVELOPMENT (amd64) and it was there and is working. Thank you everyone!
-
@thedudeabides - Hey bud! - could you share more details please? Did you manage Foreman to work with the pfSense DHCP service at the end? I'm working on this again and this time I'm determined to make it working.
Did you use SSHFS of added NFS server to pfSense for exporting the DHCP server config and lease files ?
-
@capitanblack good to hear from you, sorry it took so long for me to respond. I’ve been slammed with other stuff and keep pushing it to the back burner. In short, I dropped that effort six months (or more) ago, and just picked it up again a couple weeks ago. Sounds like we are on the same page. I’ll have to go back to see what I did to get it working (pretty sure it was OMAPI + sshfs for sharing the lease files) but essentially after tying it into the pfSense, I decided that I wanted a separate infra VM to control everything with DHCP on it (as well as named) for environments where people won’t have a pfSense box. I’m in the middle of finishing a playbook that builds out both servers (infra and foreman) and configures and installs foreman to use the infra VM. Happy to share when it’s done.
