- name: Install packages
  package:
    name:
    - dnsmasq
    - bind-tools # for DNS updates
    - krb5 # for DNS updates
    - py3-pexpect # for creating kerberos keytab
    - sqlite # for lease DB

- name: Configure kerberos
  template:
    dest: /etc/krb5.conf
    src: krb5.conf.j2

- name: Init kerberos keytab
  expect:
    command: ktutil
    responses:
      '.*:':
      - 'add_entry -password -p {{ password.ldap_user }} -k 1 -e aes256-cts-hmac-sha1-96'
      - '{{ password.ldap_pass }}'
      - 'write_kt /etc/krb5.keytab'
      - 'exit'
  args:
    creates: /etc/krb5.keytab

- name: Copy DHCP lease script
  template:
    dest: "/usr/local/bin/dnsmasq-script"
    src: "dnsmasq-script.j2"
    mode: 0755

- name: Configure dnsmasq
  template:
    dest: '/etc/dnsmasq.d/{{ item }}'
    src: '{{ item }}.j2'
  loop:
  - 00-options.conf
  - 10-ranges.conf
  notify: restart dnsmasq

# TODO netboot config