From fac5b82f552234ce6181fc878dea15b820bb2e6a Mon Sep 17 00:00:00 2001
From: RedRampage <redrampage@gmail.com>
Date: Thu, 18 Dec 2014 16:10:12 +0300
Subject: [PATCH] Added support for key statements

---
 defaults/main.yml                |  4 ++++
 templates/etc/dhcp/dhcpd.conf.j2 | 14 ++++++++++++++
 2 files changed, 18 insertions(+)

diff --git a/defaults/main.yml b/defaults/main.yml
index 295dee3..dbea6ed 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -78,6 +78,10 @@ dhcpd_options: False
 #  - address: ''            IP address reserved for that host, optional
 #  - ethernet: ''           Ethernet MAC address of this host, optional
 
+dhcpd_keys: []
+  #- key: "secure-key"
+  #  algorithm: "hmac-md5"
+  #  secret: "JFw7jM2/KVU2hIB4xkDSQmHB6JJOLUu4xkzwLNNpR88="
 
 # List of classes
 dhcpd_classes: []
diff --git a/templates/etc/dhcp/dhcpd.conf.j2 b/templates/etc/dhcp/dhcpd.conf.j2
index 7fa18df..3049878 100644
--- a/templates/etc/dhcp/dhcpd.conf.j2
+++ b/templates/etc/dhcp/dhcpd.conf.j2
@@ -178,6 +178,15 @@ failover peer "{{ failover.failover }}" {
 {% endif %}
 }
 {% endmacro %}
+{% macro print_key(key) %}
+{% if key.comment is defined and key.comment %}
+# {{ key.comment }}
+{% endif %}
+key "{{ key.key }}" {
+        algorithm {{ key.algorithm|default('hmac-md5') }};
+        secret {{ key.secret }};
+}
+{% endmacro %}
 
 {% if dhcpd_authoritative is defined and dhcpd_authoritative %}
 authoritative;
@@ -195,6 +204,11 @@ not authoritative;
 # Configuration options
 {{ dhcpd_options }}
 
+{% endif %}
+{% if dhcpd_keys is defined and dhcpd_keys %}
+{% for key in dhcpd_keys %}
+{{ print_key(key) }}
+{% endfor %}
 {% endif %}
 {% if dhcpd_classes is defined and dhcpd_classes %}
 {% for class in dhcpd_classes %}