From f7d3f848c5698a352c206fb0316ed05b94b9e67c Mon Sep 17 00:00:00 2001
From: Leonard Penzer <leonard@penzer.de>
Date: Thu, 29 May 2025 17:03:16 +0200
Subject: [PATCH 1/2] Update kea to 2.6 for Debian 12

---
 roles/dhcpserver/defaults/main.yml            |   2 +-
 .../files/apt-cloudsmith-kea-2-4.gpg.key      | Bin 923 -> 0 bytes
 .../files/apt-cloudsmith-kea-2-6.gpg.key      | Bin 0 -> 923 bytes
 .../files/apt-debian-bookworm-2-4.list        |   9 ---------
 .../files/apt-debian-bookworm-2-6.list        |   9 +++++++++
 roles/dhcpserver/tasks/main.yml               |   4 ++--
 ...-2-4.yml => setup-cloudsmith-repo-2-6.yml} |  18 ++++++++++++++----
 7 files changed, 26 insertions(+), 16 deletions(-)
 delete mode 100644 roles/dhcpserver/files/apt-cloudsmith-kea-2-4.gpg.key
 create mode 100644 roles/dhcpserver/files/apt-cloudsmith-kea-2-6.gpg.key
 delete mode 100644 roles/dhcpserver/files/apt-debian-bookworm-2-4.list
 create mode 100644 roles/dhcpserver/files/apt-debian-bookworm-2-6.list
 rename roles/dhcpserver/tasks/{setup-cloudsmith-repo-2-4.yml => setup-cloudsmith-repo-2-6.yml} (60%)

diff --git a/roles/dhcpserver/defaults/main.yml b/roles/dhcpserver/defaults/main.yml
index 83f2c08..4032a4e 100644
--- a/roles/dhcpserver/defaults/main.yml
+++ b/roles/dhcpserver/defaults/main.yml
@@ -1,6 +1,6 @@
 ---
 dhcp_server_interface: eth255
 dhcp_config_gen_dir: /var/lib/ffs/config-generator
-dhcp_kea_socket: /run/kea/kea4-ctrl-socket
+dhcp_kea_socket: /var/run/kea/kea4-ctrl-socket
 # which segments to serve pools on. empty means all segments.
 dhcp_segments: []
diff --git a/roles/dhcpserver/files/apt-cloudsmith-kea-2-4.gpg.key b/roles/dhcpserver/files/apt-cloudsmith-kea-2-4.gpg.key
deleted file mode 100644
index 178b890efa6d98fddce95e82dcbbdcac87f62d32..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 923
zcmbQq*vpbKIk=XQhhYno?IowToDXg8Sn>R+K3;n{apm=S$t%RW&0n0Ky{z!I+Vdk{
zLss9P@O`)3&4fz(J{6m9DoXEOG3743xG<b+Y0v5fp5_OSU$lCdI$<7n?tiVPpM$gZ
z#WWvhd%9X<^;6BL<s#{;CBEx@3)fkz+Q>Ic^L*)wU{BZ1`|4tRtunsrYR@Q{G6vLa
z+^k+5%Ks%X>z!xI-@g)Zorep*2sx<jKgqOuXH&QIo_!ok1P?2@SM5AoJ7>{jUt5mZ
zN;5l7bY-i{Cz;*}GBRpq@I1ZYNVDB8{smK2Zh3xQI8pxb-tVkRWuZAm3y)1QYKv20
zTPI$#P4DbnY4sP^-E(9ozCC^Z@4?J7ff;|3f|LI~xZHT$am)Nitxpf$Hs+K3ce~>l
zd(DfoT8)a6YeKqfYBY<bPGt+fkk8w<H{g_mr~9)#-P1XZnkJM>eVWH3aAr~WY2EL6
zfjS%Z&E9Au^WCA3^Plt4MK;=eIrjghp4k<-HKy*!YjAn_ulRKs`==fe)9C)#mOr!J
zJdI}%WMp96V&R;VUz$>!n^}^f5RjOhotU1gppjXete>5lsB5HaqN!k0Tv||&UsU3d
z3|Fa_nQzz0c#cJwk%PfPOp(RwB6rS=2h*LN8ocr6ojXg!@{#RMRwht9GfC^Sa&vO9
zGqZ|vadL38iZL-WGBC+8GKn`ZaB&L26feu?{wp2#pmA5V;V~PnPv_n8{=AT0?;r48
z<yv#<j9poL&i6V_US#EWp0RJ|!=!cEHvBAsw>w)WUb@s};#cOnRaAG%od2IXT#goL
z_Qh3s@ZBwaeE!@wzkG%N|E3mAoF2Vv$%|DCCf{eR{x@ZXl;)hpR>{kzPk2+e-tOSa
z8F&7a?{eJ#qx{C^WU0<aAJ{E!RCyo&@<Nuix<0b_0w?db;%|@Qg2Fm`-Bwwd=dE^b
z@|^L-uVtzYi)Z)6eDBy3?;hRz60WSX@-XAqb&{7na^6p2TXx23zSol@)7mAoXNkGC
zmb7k(-)8nb;dtZ{%ilGL+UgQB+5ER3+vl>)e^TMr?wyAYy9c_u)t$@#>oD(C+0$0x
zHM_F3r_M^x-*e#hY}@4NY+2Jy^L|Hflhu{aT5Y=h(uYIZjV-nz-A`7@_%IkX@>;z5
zx+AzHI92dY>C1=v41&w@&howp?z%E{y6o4;eyPOS_1eDtN;e%6xbhe#^VrnAH7^d*
X65YAn=(hjcp5=>qBSjxJ-rNlUWxcJ-

diff --git a/roles/dhcpserver/files/apt-cloudsmith-kea-2-6.gpg.key b/roles/dhcpserver/files/apt-cloudsmith-kea-2-6.gpg.key
new file mode 100644
index 0000000000000000000000000000000000000000..298ab7ac37c9f76c32a8cc5a09120a35ffe17b63
GIT binary patch
literal 923
zcmbQq*vpdUt)$M#!?545Bk68@#f8tY%@fMI63f3`e<Eb`aa*DK%TA?|$Tz<oyc#SX
z7qI%QH@dN~WXJ5Li_4Dfdb;5-YuftehND92Hs91MR!g0_^*K$nz-*4XjpgG%*XGOD
zb6!9Bu=Y}NCwE?P?$0Rq$7(Y&gD3NMoXd1od-jxbfzJG=Z9-K$HfWn3E6&^d_{?Ts
z2ls9FV&p$aE|!-#v0}@MnZk{E`!^juaD8&HujI4N%k%fG4|vQivROJWWM9$aS4G8N
zne$w$W|%JfEiv`)vlF)(59{chnyK)(_pDeBN1~N>$5vN?*k9d^UAZmM$u}O>7xuLF
zvX;DP_}5@+rNhD;_xao3f1Dk=LbVpYW)bJl=X|cZ?C9?8-x6jkPnsRznzlb?zpGjB
z()!IiKQvqJU;Xvk>41c%NmcA;4Q3s(<dx`Pnfa*w=C|x^y$j8)z2-6Jt=PiNmR5Ic
zr|Q9D7o#^XDM(<Fvw8P_`QFF{35_>IO2iCz*J$$u+-^|!vh}^TZg$?U{%Kn>uO)nA
zFwbNVWMp96V&R;VUz$>!n^}^f5RjOhotU1gppjXete>5lsB5Harm0|4Tv||&UsU3d
z3|Fa_nQzz0c#cJwk%PfPOp&Fcs>MxKnd?`w3fIo$D;%A&-Mx&gOrUsXlGbPC=Hy^!
zW)<b)<ltr%V`64xV3K2G5^rGO;uL@>)|2P{@91y#`&CJYT480Jar5+$=CUG%8(c@e
zehMqGSCDw~-$rM@nf%RWi?C1PLdQPx_3U64ShQJ?^X8A-^3;9xL7@RJu0B{`%eGcp
zT`*wAvYwq+l#eiFUES4`zTnG+jGm+4d$?yjH~(PGce$bDy_2hW=H?HNS)$*$EDd>n
zME_#lygh%PmhAo<?X}te%catj`*;4V+<&IzQu<w8i+eilhpM%Dw=R6V?Nx`2)$*GQ
z`ukdaJin(c-M;Sm{YlnFH!3{&@AdU}9{lvM;K%2sa>YCMJS;ta>lnkoj?lCZt4lef
ztGDbfD5)~Px52dV`<tIU+igGgvA3OGxY~RAFQM8UKjtm(?7mvUJ=r6v*XY(Zd9^Kp
zSy7voZ;k(;!J2I>duaL*o}P4O!v&9&8pCfb_s)5Aat^Q0f{$PRrb;hiKBeLQX~wTx
zeixTq*!|U8UE&m<{MPhmJFczTt(0H$_g4D<DLo6Lj_%#^-}%Eq)g|mV6z0iZ>N$ST
Y!TRv7u4Vd%oeXNYX7af&=_oJ+083l9w*UYD

literal 0
HcmV?d00001

diff --git a/roles/dhcpserver/files/apt-debian-bookworm-2-4.list b/roles/dhcpserver/files/apt-debian-bookworm-2-4.list
deleted file mode 100644
index 957c1ea..0000000
--- a/roles/dhcpserver/files/apt-debian-bookworm-2-4.list
+++ /dev/null
@@ -1,9 +0,0 @@
-# Source: ISC - Internet Systems Consortium
-# Site: https://gitlab.isc.org/isc-projects/kea
-# Repository: ISC - Internet Systems Consortium / kea-2-4
-# Description: Kea 2.4 is the current stable version, suitable for production deployment. The software in this repository is licensed under the MPL 2.0 open source license. Professional technical support is available from ISC.org.
-
-
-deb [signed-by=/usr/share/keyrings/isc-kea-2-4-archive-keyring.gpg] https://dl.cloudsmith.io/public/isc/kea-2-4/deb/debian bookworm main
-
-deb-src [signed-by=/usr/share/keyrings/isc-kea-2-4-archive-keyring.gpg] https://dl.cloudsmith.io/public/isc/kea-2-4/deb/debian bookworm main
diff --git a/roles/dhcpserver/files/apt-debian-bookworm-2-6.list b/roles/dhcpserver/files/apt-debian-bookworm-2-6.list
new file mode 100644
index 0000000..6646330
--- /dev/null
+++ b/roles/dhcpserver/files/apt-debian-bookworm-2-6.list
@@ -0,0 +1,9 @@
+# Source: ISC - Internet Systems Consortium
+# Site: https://gitlab.isc.org/isc-projects/kea
+# Repository: ISC - Internet Systems Consortium / kea-2-6
+# Description: Kea 2.6 is the soon-to-be-released stable version, suitable for production deployment. The software in this repository is licensed under the MPL 2.0 open source license. Professional technical support is available from ISC.org.
+
+
+deb [signed-by=/usr/share/keyrings/isc-kea-2-6-archive-keyring.gpg] https://dl.cloudsmith.io/public/isc/kea-2-6/deb/debian bookworm main
+
+deb-src [signed-by=/usr/share/keyrings/isc-kea-2-6-archive-keyring.gpg] https://dl.cloudsmith.io/public/isc/kea-2-6/deb/debian bookworm main
diff --git a/roles/dhcpserver/tasks/main.yml b/roles/dhcpserver/tasks/main.yml
index 46f74b4..b338f90 100644
--- a/roles/dhcpserver/tasks/main.yml
+++ b/roles/dhcpserver/tasks/main.yml
@@ -12,10 +12,10 @@
 # On Debian 11, we used to use the kea packages from ISC. Now, kea 2.2
 # is in Debian, but that does not support ignore-dhcp-server-identifier,
 # which we need to relaying to work.
-# So we use kea 2.4 from kea to be as close as possible to the packages that
+# So we use kea 2.6 from kea to be as close as possible to the packages that
 # will likely be in the next Debian release.
 - name: Install kea-dhcp from ISC repos
-  include_tasks: setup-cloudsmith-repo-2-4.yml
+  include_tasks: setup-cloudsmith-repo-2-6.yml
   when: ansible_facts['distribution_major_version'] == "12"
 
 # This is for future when we can finally use the packages from Debian.
diff --git a/roles/dhcpserver/tasks/setup-cloudsmith-repo-2-4.yml b/roles/dhcpserver/tasks/setup-cloudsmith-repo-2-6.yml
similarity index 60%
rename from roles/dhcpserver/tasks/setup-cloudsmith-repo-2-4.yml
rename to roles/dhcpserver/tasks/setup-cloudsmith-repo-2-6.yml
index 2467d81..18d6ae0 100644
--- a/roles/dhcpserver/tasks/setup-cloudsmith-repo-2-4.yml
+++ b/roles/dhcpserver/tasks/setup-cloudsmith-repo-2-6.yml
@@ -16,15 +16,25 @@
     path: /etc/apt/sources.list.d/isc-kea-2-3.list
     state: absent
 
+- name: Remove cloudsmith kea 2.4 APT key
+  ansible.builtin.file:
+    path: /usr/share/keyrings/isc-kea-2-4-archive-keyring.gpg
+    state: absent
+
+- name: Remove cloudsmith kea 2.4 repo
+  ansible.builtin.file:
+    path: /etc/apt/sources.list.d/isc-kea-2-3.list
+    state: absent
+
 - name: Install cloudsmith APT key
   ansible.builtin.copy:
-    src: apt-cloudsmith-kea-2-4.gpg.key
-    dest: /usr/share/keyrings/isc-kea-2-4-archive-keyring.gpg
+    src: apt-cloudsmith-kea-2-6.gpg.key
+    dest: /usr/share/keyrings/isc-kea-2-6-archive-keyring.gpg
 
 - name: Install cloudsmith repo
   ansible.builtin.copy:
-    src: apt-debian-bookworm-2-4.list
-    dest: /etc/apt/sources.list.d/isc-kea-2-4.list
+    src: apt-debian-bookworm-2-6.list
+    dest: /etc/apt/sources.list.d/isc-kea-2-6.list
 
 - name: Installing kea-dhcp4
   apt:
-- 
GitLab


From c17989a1de4ea0842b3645d4b3b9b13b0fcacd76 Mon Sep 17 00:00:00 2001
From: Leonard Penzer <leonard@penzer.de>
Date: Thu, 29 May 2025 17:41:42 +0200
Subject: [PATCH 2/2] fix name of dhcp4 service

---
 roles/dhcpserver/handlers/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/dhcpserver/handlers/main.yml b/roles/dhcpserver/handlers/main.yml
index dd37be3..3b63092 100644
--- a/roles/dhcpserver/handlers/main.yml
+++ b/roles/dhcpserver/handlers/main.yml
@@ -1,5 +1,5 @@
 ---
 - name: restart kea4
-  service: name=kea-dhcp4-server state=restarted
+  service: name=isc-kea-dhcp4-server state=restarted
 - name: restart kea-exporter
   service: name=kea-exporter state=restarted
-- 
GitLab