From a6878c0b7d22090f40f07052c3a5d64ac1885d58 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20D=C3=A9siles?=
 <1536672+cdesiles@users.noreply.github.com>
Date: Tue, 17 Mar 2026 23:09:29 +0100
Subject: [PATCH] fix: dhcpd ipv4 service

---
 roles/dhcpd/handlers/main.yml            |  4 +++
 roles/dhcpd/tasks/main.yml               | 35 ++++++++++++++++++++++++
 roles/dhcpd/templates/dhcpd4@.service.j2 | 15 ++++++++++
 roles/dhcpd/vars/archlinux.yml           |  3 +-
 4 files changed, 56 insertions(+), 1 deletion(-)
 create mode 100644 roles/dhcpd/templates/dhcpd4@.service.j2

diff --git a/roles/dhcpd/handlers/main.yml b/roles/dhcpd/handlers/main.yml
index e064390..3317435 100644
--- a/roles/dhcpd/handlers/main.yml
+++ b/roles/dhcpd/handlers/main.yml
@@ -1,4 +1,8 @@
 ---
+- name: Reload systemd
+  ansible.builtin.systemd:
+    daemon_reload: true
+
 - name: Restart dhcpd
   ansible.builtin.systemd:
     name: "{{ dhcpd_service }}"
diff --git a/roles/dhcpd/tasks/main.yml b/roles/dhcpd/tasks/main.yml
index 79d2cdd..eafb543 100644
--- a/roles/dhcpd/tasks/main.yml
+++ b/roles/dhcpd/tasks/main.yml
@@ -39,8 +39,43 @@
   when: ansible_facts['os_family'] | lower == 'debian'
   notify: Restart dhcpd
 
+- name: Deploy dhcpd4@ systemd template unit (Arch)
+  ansible.builtin.template:
+    src: dhcpd4@.service.j2
+    dest: /usr/lib/systemd/system/dhcpd4@.service
+    owner: root
+    group: root
+    mode: "0644"
+  when: ansible_facts['os_family'] == 'Archlinux'
+  notify:
+    - Reload systemd
+    - Restart dhcpd
+
+- name: Disable generic dhcpd4.service (Arch)
+  ansible.builtin.systemd:
+    name: "{{ dhcpd_service_generic }}"
+    enabled: false
+    state: stopped
+  when:
+    - ansible_facts['os_family'] == 'Archlinux'
+    - dhcpd_service_generic is defined
+  failed_when: false
+
 - name: Enable and start DHCP server
   ansible.builtin.systemd:
     name: "{{ dhcpd_service }}"
     enabled: true
     state: started
+
+- name: Allow DHCP traffic on {{ dhcpd_interface }}
+  community.general.ufw:
+    rule: allow
+    port: "67"
+    proto: udp
+    direction: in
+    interface: "{{ dhcpd_interface }}"
+    comment: "DHCP on {{ dhcpd_interface }}"
+  retries: 5
+  delay: 2
+  register: ufw_dhcp_result
+  until: ufw_dhcp_result is succeeded
diff --git a/roles/dhcpd/templates/dhcpd4@.service.j2 b/roles/dhcpd/templates/dhcpd4@.service.j2
new file mode 100644
index 0000000..ef20eb2
--- /dev/null
+++ b/roles/dhcpd/templates/dhcpd4@.service.j2
@@ -0,0 +1,15 @@
+# {{ ansible_managed }}
+
+[Unit]
+Description=IPv4 DHCP server on %I
+After=sys-subsystem-net-devices-%i.device
+BindsTo=sys-subsystem-net-devices-%i.device
+
+[Service]
+Type=forking
+ExecStart=/usr/bin/dhcpd -4 -q -cf /etc/dhcpd.conf -pf /run/dhcpd4/dhcpd-%i.pid %I
+RuntimeDirectory=dhcpd4
+PIDFile=/run/dhcpd4/dhcpd-%i.pid
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/dhcpd/vars/archlinux.yml b/roles/dhcpd/vars/archlinux.yml
index 7c3198e..97cd293 100644
--- a/roles/dhcpd/vars/archlinux.yml
+++ b/roles/dhcpd/vars/archlinux.yml
@@ -1,3 +1,4 @@
 dhcpd_package: dhcp
-dhcpd_service: dhcpd4
+dhcpd_service: "dhcpd4@{{ dhcpd_interface }}"
+dhcpd_service_generic: dhcpd4
 dhcpd_config_path: /etc/dhcpd.conf