ansible-playbooks/roles/dhcpd/tasks/main.yml

---
- name: Validate required variables
  ansible.builtin.assert:
    that:
      - dhcpd_interface is defined
      - dhcpd_interface | length > 0
    fail_msg: |
      dhcpd_interface is required.
      See roles/dhcpd/defaults/main.yml for configuration instructions.      
    success_msg: "Variable validation passed"

- name: Load OS-specific variables
  ansible.builtin.include_vars: "{{ item }}"
  with_first_found:
    - "{{ ansible_facts['os_family'] | lower }}.yml"
    - "debian.yml"

- name: Install DHCP server
  ansible.builtin.package:
    name: "{{ dhcpd_package }}"
    state: present

- name: Deploy DHCP server configuration
  ansible.builtin.template:
    src: dhcpd.conf.j2
    dest: "{{ dhcpd_config_path }}"
    owner: root
    group: root
    mode: "0644"
  notify: Restart dhcpd

- name: Configure interface for DHCP server (Debian)
  ansible.builtin.template:
    src: isc-dhcp-server.j2
    dest: "{{ dhcpd_defaults_path }}"
    owner: root
    group: root
    mode: "0644"
  when: ansible_facts['os_family'] | lower == 'debian'
  notify: Restart dhcpd

- name: Deploy dhcpd4@ systemd template unit (Arch)
  ansible.builtin.template:
    src: dhcpd4@.service.j2
    dest: /usr/lib/systemd/system/dhcpd4@.service
    owner: root
    group: root
    mode: "0644"
  when: ansible_facts['os_family'] == 'Archlinux'
  notify:
    - Reload systemd
    - Restart dhcpd

- name: Disable generic dhcpd4.service (Arch)
  ansible.builtin.systemd:
    name: "{{ dhcpd_service_generic }}"
    enabled: false
    state: stopped
  when:
    - ansible_facts['os_family'] == 'Archlinux'
    - dhcpd_service_generic is defined
  failed_when: false

- name: Enable and start DHCP server
  ansible.builtin.systemd:
    name: "{{ dhcpd_service }}"
    enabled: true
    state: started

- name: Allow DHCP traffic on {{ dhcpd_interface }}
  community.general.ufw:
    rule: allow
    port: "67"
    proto: udp
    direction: in
    interface: "{{ dhcpd_interface }}"
    comment: "DHCP on {{ dhcpd_interface }}"
  retries: 5
  delay: 2
  register: ufw_dhcp_result
  until: ufw_dhcp_result is succeeded