OPNsense KEA DHCP Subnets
This role manages KEA DHCPv4 subnets with full CRUD operations (Create, Read, Update, Delete).
Ansible DHCP DNS Kea NTP OPNsense VLAN YAML
OPNsense KEA DHCP Subnets Role
Overview
This role manages KEA DHCPv4 subnets with full CRUD operations (Create, Read, Update, Delete).
Purpose
- Subnet Management: Define DHCP pools for each VLAN
- DHCP Options: Configure DNS, gateway, domain per subnet
- Full CRUD: Automatically creates, updates, and deletes subnets
- Idempotent: Safe to run multiple times
Requirements
- Ansible 2.9 or higher
- OPNsense firewall with API access enabled
- os-kea plugin installed
- API key with KEA permissions
Role Variables
Configuration Structure
opnsense_kea_dhcp_subnets_list:
- subnet: "192.168.x.x/24"
pools: "192.168.x.x - 192.168.x.x"
description: "VLAN10 Management"
option_data_autocollect: "0"
option_data:
domain_name_servers: "192.168.x.x"
routers: "192.168.x.x"
domain_name: "localdomain"
Available DHCP Options
| Option | Description |
|---|---|
domain_name_servers | DNS server(s) |
domain_search | Search domain(s) |
routers | Default gateway |
static_routes | Static routes |
domain_name | Domain name |
ntp_servers | NTP server(s) |
time_servers | Time server(s) |
tftp_server_name | TFTP server (PXE) |
boot_file_name | Boot file (PXE) |
Delete Behavior
Subnets not in the config will be deleted from OPNsense. The code is the source of truth.
Example Playbook
---
- name: Configure KEA DHCP Subnets
hosts: mint-vm
gather_facts: false
vars_files:
- ../../roles/opnsense_kea_dhcp_subnets/vars/subnets.yml
tasks:
- name: Configure KEA DHCP subnets
ansible.builtin.include_role:
name: opnsense_kea_dhcp_subnets
API Endpoints
GET /api/kea/dhcpv4/search_subnet- List subnetsPOST /api/kea/dhcpv4/add_subnet- Create subnetPOST /api/kea/dhcpv4/set_subnet/{uuid}- Update subnetPOST /api/kea/dhcpv4/del_subnet/{uuid}- Delete subnetPOST /api/kea/service/reconfigure- Apply changes
License
MIT