smart_proxy_dhcp_kea_api 1.1.0 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 42b1eec7524d54aa43e9f202c85cb88a92fbfcdf3dbf91a42df43e20d000ac1c
-  data.tar.gz: 66ae862538c0fc90345eb7a32e487ef63ef536c37cac572a07adfff9d39bb978
+  metadata.gz: 950a20554504d738a61674a78b9838c3730d4952e56fcd02d87e95242645e898
+  data.tar.gz: 7b1d8c8dfb590d4bcd898aa32204ca04b3a6c06ddbd118b3af0a0241105c36bd
 SHA512:
-  metadata.gz: 5cf2dfcf2d1b5b52efa98f274b9abd4d777b5b62182f048401040a01baf3f7c32e70cf38921d7e596090a993b684ac19748257e8e2d67d9f35479ef0cc6f823c
-  data.tar.gz: 1c54018b7438505c0d8de97337a0363435498c29682e93d7699ffacb2933e7f4af57037c52bbe180b6273066b2c48e6712b06bf3484a83902715e585931d656b
+  metadata.gz: 023627a6dcfb40be4e77f83fed7aebb7d96ff7c630105f967baaa4620ea6a1d403f139ecd42aa3a6ca92f92087399c5b515fb58c281da6ae36c8e1cb80bb57b0
+  data.tar.gz: d5b5ca744246290728a63e1a22e72b64a74ebf41e3f3ec9ead6b499e61a6b330f9655cb9d51c80c7381e71d878ccb9e479876103a693f810eff5cfdb352c6a69

data/README.md

@@ -1,38 +1,51 @@
 # Foreman Smart Proxy DHCP Kea API
+
 [![Gem Version](https://badge.fury.io/rb/smart_proxy_dhcp_kea_api.svg)](https://badge.fury.io/rb/smart_proxy_dhcp_kea_api)
 [![License: GPL v3](https://img.shields.io/badge/License-GPLv3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0)
 
-A Foreman Smart Proxy plugin to provide DHCP management by interacting with the ISC Kea API. This provider allows Foreman to view subnets and leases and to create and delete host reservations directly via Kea's JSON-RPC interface.
+A Foreman Smart Proxy plugin to provide DHCP management by interacting
+with the ISC Kea API. This provider allows Foreman to view subnets and
+leases and to create and delete host reservations directly via Kea's
+JSON-RPC interface.
 
 > [!NOTE]
 > This plugin currently supports **IPv4 only**.
 
-## Table of Contents
-
 [[_TOC_]]
 
 ## Compatibility
 
-*   **Foreman Smart Proxy:**
-*   **ISC Kea:** 3.0.0 or newer
+* **ISC Kea:** >= 3.0.0
 
 ## Features
 
-- Adds ISC Kea as a DHCP provider for Foreman.
-- Fetches subnet and pool information directly from the Kea API.
-- Fetches active lease information.
-- Provides host reservation management (add/delete).
-- Suggests the next available IP address from a subnet's pool.
-- Passes next-server and PXE boot file to Kea
+* Adds ISC Kea as a DHCP provider for Foreman.
+* Fetches subnet and pool information directly from the Kea API.
+* Fetches active lease information.
+* Provides host reservation management (add/delete).
+* Provides lease deletion via `lease4-del`.
+* Suggests the next available IP address from a subnet's pool.
+* Passes next-server, PXE boot file, DNS servers, NTP servers,
+  and domain-name to Kea.
+* Round-trips reservation options (PXE settings, DNS, routers)
+  so Foreman can pre-fill them on edit.
+* Exposes subnet-level DHCP options (next-server, boot-file-name,
+  DNS, NTP) to Foreman's UI.
+* Automatic cache refresh with configurable TTL.
+* Optional subnet filtering to manage only a subset of Kea's
+  subnets.
 
 ## Prerequisites
 
-- A running Foreman Smart Proxy instance.
-- A running ISC Kea DHCP server.
-- Network connectivity from the Smart Proxy server to the Kea server's API endpoint (default port 8000).
+* A running Foreman Smart Proxy instance.
+* A running ISC Kea DHCP server.
+* Network connectivity from the Smart Proxy server to the Kea
+  server's API endpoint (default port 8000).
 
 > [!WARNING]
-> The Kea server **must** be configured with the **`host_cmds`** and **`lease_cmds`** hook libraries loaded for the `dhcp4` service. This plugin will not function without them.
+> The Kea server **must** be configured with the **`host_cmds`**
+> and **`lease_cmds`** hook libraries loaded for the `dhcp4`
+> service. This plugin will not function without them.
 
 ## Installation
 
@@ -42,31 +55,39 @@ First, install the gem on your Foreman Smart Proxy server:
 gem install smart_proxy_dhcp_kea_api
 ```
 
-Add the gem to `/usr/share/foreman-proxy/bundler.d/Gemfile.local.rb`:
+Register the gem with the Smart Proxy bundler by creating a file
+in `/usr/share/foreman-proxy/bundler.d/`:
 
-```ruby
-gem 'smart_proxy_dhcp_kea_api'
+```bash
+echo "gem 'smart_proxy_dhcp_kea_api'" \
+  > /usr/share/foreman-proxy/bundler.d/dhcp_kea_api.rb
 ```
 
-After installing the gem or changing its configuration, you must restart the `foreman-proxy` service for the changes to take effect.
- ```bash
+Then run `bundle install` and restart the proxy:
+
+```bash
+cd /usr/share/foreman-proxy && bundle install
 systemctl restart foreman-proxy
- ```
+```
 
 ## Configuration
 
-Configuration is done in two files in the `/etc/foreman-proxy/settings.d/` directory.
+Configuration is done in two files in the
+`/etc/foreman-proxy/settings.d/` directory.
 
 ### 1. Enable the DHCP Module
 
-First, you must enable the main DHCP module and tell it to use this plugin as its provider.
+First, enable the main DHCP module and tell it to use this plugin
+as its provider.
 
 **File:** `/etc/foreman-proxy/settings.d/dhcp.yml`
+
 ```yaml
 ---
 :enabled: true
 :use_provider: dhcp_kea_api
-# It is highly recommended to enable the ping check for unused IPs to prevent conflicts.
+# It is highly recommended to enable the ping check for unused
+# IPs to prevent conflicts.
 :ping_free_ip: true
 ```
 
@@ -76,43 +97,74 @@ Next, create a configuration file for the Kea provider itself.
 
 **File:** `/etc/foreman-proxy/settings.d/dhcp_kea_api.yml`
 
-This file enables the provider and contains all the settings needed to connect to your Kea API server.
+This file enables the provider and contains all the settings
+needed to connect to your Kea API server.
+
 
-| Setting                    | Description                                                                  | Default                  | Required |
-| -------------------------- | ---------------------------------------------------------------------------- | ------------------------ | -------- |
-| `:enabled`                 | Enables or disables this provider module.                                    | `false`                  | **Yes**  |
-| `:kea_api_url`             | The full URL to your Kea API endpoint (HTTP or HTTPS).                       | `http://127.0.0.1:8000/` | **Yes**  |
-| `:open_timeout`            | Time in seconds to wait for the initial connection to be established.        | `5`                      | No       |
-| `:read_timeout`            | Time in seconds to wait for a response after connecting.                     | `10`                     | No       |
-| `:blacklist_duration_minutes` | The duration in minutes to temporarily blacklist a suggested IP.             | `5`                      | No       |
+| Setting                       | Default                  | Required | Description                     |
+| ----------------------------- | ------------------------ | -------- | ------------------------------- |
+| `:enabled`                    | `false`                  | **Yes**  | Enables this provider.          |
+| `:kea_api_url`                | `http://127.0.0.1:8000/` | **Yes**  | Kea API endpoint URL.           |
+| `:kea_api_username`           | `nil`                    | No       | HTTP Basic Auth username.       |
+| `:kea_api_password`           | `nil`                    | No       | HTTP Basic Auth password.       |
+| `:open_timeout`               | `5`                      | No       | Connect timeout (seconds).      |
+| `:read_timeout`               | `10`                     | No       | Response timeout (seconds).     |
+| `:blacklist_duration_minutes` | `5`                      | No       | IP blacklist duration (min).    |
+| `:cache_ttl`                  | `60`                     | No       | Cache refresh interval (sec).   |
+| `:managed_subnets`            | `nil`                    | No       | CIDRs to manage (all if unset). |
+
+**Example configuration:**
+
+```yaml
+---
+:enabled: true
+:kea_api_url: http://127.0.0.1:8000/
+:kea_api_username: admin
+:kea_api_password: secret
+:cache_ttl: 120
+:managed_subnets:
+  - 192.168.1.0/24
+  - 10.0.0.0/16
+```
 
 ### Verifying the Installation
 
-The Smart Proxy will test its connection to the Kea API upon initialisation. Due to lazy loading, this check runs **on the first DHCP request** after a proxy restart, not during the initial boot sequence.
+Due to lazy loading, the plugin connects to Kea on the **first
+DHCP request** after a proxy restart, not at boot time.
 
-Check `/var/log/foreman-proxy/proxy.log` for a "Successfully connected to Kea API" message at that time to confirm everything is working. If the connection fails, the first DHCP request will fail with an error in the log, preventing further issues.
+Check `/var/log/foreman-proxy/proxy.log` for messages like
+`Loaded subnet 192.168.x.x/255.255.255.0 and mapped to Kea ID 1`
+to confirm the connection is working. If the connection fails,
+the first DHCP request will return an error and the log will
+contain the details.
 
 ## Contributing
 
-Bug reports and pull requests are welcome on this project's GitLab page.
+Bug reports and pull requests are welcome on this project's
+GitLab page.
 
 ## Licence Information
 
+<!-- markdownlint-disable MD033 -->
+
 <details>
 <summary>Copyright and Licence (GPLv3)</summary>
 
-Copyright © 2025 Sam McCarthy
+Copyright (c) 2025 Sam McCarthy
 
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public Licence as published by
-the Free Software Foundation, either version 3 of the Licence or
-(at your option) any later version.
+This program is free software: you can redistribute it and/or
+modify it under the terms of the GNU General Public Licence as
+published by the Free Software Foundation, either version 3 of
+the Licence or (at your option) any later version.
 
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 GNU General Public Licence for more details.
 
 You should have received a copy of the GNU General Public Licence
-along with this program.  If not, see <https://www.gnu.org/licenses/>.
-</details>
+along with this program. If not, see
+[https://www.gnu.org/licenses/](https://www.gnu.org/licenses/).
+
+</details>
+<!-- markdownlint-enable MD033 -->

data/lib/smart_proxy_dhcp_kea_api/dhcp_kea_api_main.rb

@@ -8,7 +8,7 @@ module Proxy
     module KeaApi
       # The main provider class for the `dhcp_kea_api` module. This class inherits
       # from the Foreman Smart Proxy's core `DHCP::Server` and implements the
-      # Kea-specific logic for adding and deleting DHCP reservations.
+      # Kea-specific logic for adding and deleting DHCP reservations and leases.
       class Provider < ::Proxy::DHCP::Server
         attr_reader :subnet_service, :client
 
@@ -25,40 +25,9 @@ module Proxy
         end
 
         # Creates a new DHCP reservation in Kea.
-        # This method orchestrates the process by first calling the parent class's
-        # `add_record` to perform initial validation and IP selection, then building
-        # the Kea-specific payload and sending it via the API client.
         #
         # @param options [Hash] A hash containing the details for the new reservation.
-        # @option options [String] 'mac' The hardware address of the host.
-        # @option options [String] 'ip' The IP address to reserve.
-        # @option options [String] 'hostname' The hostname for the reservation.
-        # @option options [Proxy::DHCP::Subnet] :subnet The subnet object this reservation belongs to.
-        # @option options [String, nil] 'nextServer' (optional) The IP of the TFTP boot server.
-        # @option options [String, nil] 'filename' (optional) The boot filename (e.g., 'pxelinux.0').
         # @return [Proxy::DHCP::Reservation] The created reservation object.
-        #
-        # @example Add a new DHCP reservation for a host
-        #   # Assume @provider is an instance of Proxy::DHCP::KeaApi::Provider
-        #   # and 'subnet' is a valid Proxy::DHCP::Subnet object for '192.168.1.0/24'
-        #   options = {
-        #     'mac' => 'aa:bb:cc:dd:ee:ff',
-        #     'hostname' => 'test-host.example.com',
-        #     'ip' => '192.168.1.15',
-        #     subnet: subnet,
-        #     'nextServer' => 'tftp.example.com',
-        #     'filename' => 'pxelinux.0',
-        #     'routers' => ['192.168.1.1'],
-        #     'ntp_servers' => ['192.168.1.254']
-        #   }
-        #
-        #   reservation = @provider.add_record(options)
-        #
-        #   reservation.mac      #=> "aa:bb:cc:dd:ee:ff"
-        #   reservation.ip       #=> "192.168.1.15"
-        #   reservation.name     #=> "test-host.example.com"
-        #   reservation.subnet   #=> #<Proxy::DHCP::Subnet ...>
-        #
         def add_record(options = {})
           logger.debug "DHCP options received from Foreman: #{options.inspect}"
           record = super
@@ -70,43 +39,93 @@ module Proxy
           reservation_args['option-data'] = option_data unless option_data.empty?
 
           @client.post_command('dhcp4', 'reservation-add', { reservation: reservation_args })
-          subnet_service.add_host(record.subnet.network, record)
+          begin
+            subnet_service.add_host(record.subnet.network, record)
+          rescue StandardError => e
+            logger.error "Cache update failed after successful reservation-add for MAC #{record.mac}. " \
+                         "Kea and cache are out of sync: #{e.message}"
+            raise
+          end
 
           logger.info "Successfully added reservation for MAC #{record.mac} and IP #{record.ip}"
           record
         end
 
-        # Deletes a DHCP reservation from Kea.
-        #
-        # @param record [Proxy::DHCP::Reservation] The reservation object to be deleted.
-        #   This object should be retrieved from the subnet service first.
-        # @return [Proxy::DHCP::Reservation] The object that was successfully deleted.
-        # @raise [Proxy::DHCP::Error] if the corresponding Kea subnet-id cannot be found or the API call fails.
+        # Deletes a DHCP record from Kea. Handles both reservations and leases.
         #
-        # @example Delete a known DHCP reservation
-        #   # Assume @provider is an instance of Proxy::DHCP::KeaApi::Provider
-        #   mac_to_delete = 'aa:bb:cc:dd:ee:ff'
+        # @param record [Proxy::DHCP::Reservation, Proxy::DHCP::Lease] The record to be deleted.
+        # @return [Proxy::DHCP::Record] The object that was successfully deleted.
+        # @raise [Proxy::DHCP::Error] if the record type is unsupported, the corresponding
+        #   Kea subnet-id cannot be found, or the API call fails.
+        def del_record(record)
+          logger.debug "Deleting record: #{record.inspect}"
+
+          if record.is_a?(::Proxy::DHCP::Reservation)
+            del_reservation(record)
+          elsif record.is_a?(::Proxy::DHCP::Lease)
+            del_lease(record)
+          else
+            raise Proxy::DHCP::Error, "Cannot delete unsupported record type: #{record.class.name}"
+          end
+
+          record
+        end
+
+        # Loads subnet-level DHCP options from the cached Kea configuration.
         #
-        #   # First, find the reservation object
-        #   record_to_delete = @provider.get_record('mac' => mac_to_delete)
+        # @param subnet [Proxy::DHCP::Subnet] The subnet to load options for.
+        # @return [void]
+        def load_subnet_options(subnet)
+          opts = @subnet_service.subnet_options[subnet.network]
+          return unless opts
+
+          apply_boot_subnet_options(subnet, opts)
+          apply_mapped_subnet_options(subnet, opts)
+        end
+
+        private
+
+        # Applies the boot/server fields, which are top-level Kea config fields
+        # rather than `option-data` entries (so they are not in OPTION_MAP).
         #
-        #   # Now, pass the entire object to del_record
-        #   if record_to_delete
-        #     result = @provider.del_record(record_to_delete)
-        #     #=> #<Proxy::DHCP::Reservation ...>
-        #   end
+        # @param subnet [Proxy::DHCP::Subnet] The subnet to modify.
+        # @param opts [Hash] The cached options hash.
+        # @return [void]
+        def apply_boot_subnet_options(subnet, opts)
+          subnet.options[:nextServer] = opts['next-server'] if opts['next-server']
+          subnet.options[:filename] = opts['boot-file-name'] if opts['boot-file-name']
+        end
+
+        # Applies every `option-data`-derived subnet option using OPTION_MAP as the
+        # single source of truth for the Kea-name -> Foreman-key (and list) mapping.
         #
-        def del_record(record)
-          logger.debug "Deleting record; #{record.inspect}"
-          unless record.is_a?(::Proxy::DHCP::Reservation)
-            logger.warn "Attempted to delete a record for MAC '#{record.mac}' but it is not a Reservation (actual type: #{record.class.name}). No action taken."
-            return record
+        # @param subnet [Proxy::DHCP::Subnet] The subnet to modify.
+        # @param opts [Hash] The cached options hash.
+        # @return [void]
+        def apply_mapped_subnet_options(subnet, opts)
+          SubnetService::OPTION_MAP.each do |kea_name, mapping|
+            value = opts[kea_name]
+            next unless value
+
+            subnet.options[mapping[:key]] = mapping[:list] ? split_option(value) : value
           end
+        end
+
+        # Splits a comma-separated option string into a trimmed array.
+        #
+        # @param value [String] The comma-separated string.
+        # @return [Array<String>] The split and stripped values.
+        def split_option(value)
+          value.split(',').map(&:strip)
+        end
 
-          subnet_id = @subnet_service.kea_id_map[record.subnet.network]
-          raise Proxy::DHCP::Error, "Unable to find Kea subnet-id for network #{record.subnet.network}" unless subnet_id
+        # Deletes a reservation from Kea by MAC address.
+        #
+        # @param record [Proxy::DHCP::Reservation] The reservation to delete.
+        # @return [void]
+        def del_reservation(record)
+          subnet_id = find_subnet_id!(record.subnet.network)
 
-          # Construct the arguments for the 'reservation-del' command using the identifier triplet.
           args = {
             'subnet-id': subnet_id,
             'identifier-type': 'hw-address',
@@ -114,21 +133,59 @@ module Proxy
           }
 
           @client.post_command('dhcp4', 'reservation-del', args)
-          subnet_service.delete_host(record)
+          begin
+            subnet_service.delete_host(record)
+          rescue StandardError => e
+            logger.error "Cache update failed after successful reservation-del for MAC #{record.mac}. " \
+                         "Kea and cache are out of sync: #{e.message}"
+            raise
+          end
 
           logger.info "Successfully deleted reservation for MAC #{record.mac} and IP #{record.ip}"
-          record
         end
 
-        private
+        # Deletes a lease from Kea by IP address.
+        #
+        # @param record [Proxy::DHCP::Lease] The lease to delete.
+        # @return [void]
+        def del_lease(record)
+          subnet_id = find_subnet_id!(record.subnet.network)
+
+          args = {
+            'subnet-id': subnet_id,
+            'ip-address': record.ip
+          }
+
+          @client.post_command('dhcp4', 'lease4-del', args)
+          begin
+            subnet_service.delete_lease(record)
+          rescue StandardError => e
+            logger.error "Cache update failed after successful lease4-del for IP #{record.ip}. " \
+                         "Kea and cache are out of sync: #{e.message}"
+            raise
+          end
+
+          logger.info "Successfully deleted lease for IP #{record.ip}"
+        end
+
+        # Looks up the Kea subnet-id for a network address, raising if not found.
+        #
+        # @param network [String] The subnet network address.
+        # @return [Integer] The Kea subnet-id.
+        # @raise [Proxy::DHCP::Error] if the subnet-id is not in the map.
+        def find_subnet_id!(network)
+          subnet_id = @subnet_service.kea_id_map[network]
+          raise Proxy::DHCP::Error, "Unable to find Kea subnet-id for network #{network}" unless subnet_id
+
+          subnet_id
+        end
 
         # Builds the initial hash of arguments required for a Kea reservation.
         #
         # @param record [Proxy::DHCP::Reservation] The reservation object from the parent class.
         # @return [Hash] A hash containing the base arguments for the Kea API.
         def build_base_reservation_args(record)
-          subnet_id = @subnet_service.kea_id_map[record.subnet.network]
-          raise Proxy::DHCP::Error, "Unable to find Kea subnet-id for network #{record.subnet.network}" unless subnet_id
+          subnet_id = find_subnet_id!(record.subnet.network)
 
           {
             'subnet-id': subnet_id,
@@ -139,16 +196,15 @@ module Proxy
         end
 
         # Adds next-server and boot-file-name options to the reservation arguments hash.
-        # This method modifies the `reservation_args` hash in place.
         #
         # @param reservation_args [Hash] The hash of arguments to be modified.
         # @param options [Hash] The original options hash from Foreman.
         # @return [void]
         def add_boot_and_server_options(reservation_args, options)
-          next_server_value = options[:nextServer]
+          next_server_value = options['nextServer']
           reservation_args[:'next-server'] = resolve_hostname(next_server_value) unless next_server_value.to_s.empty?
 
-          reservation_args[:'boot-file-name'] = options[:filename] unless options[:filename].to_s.empty?
+          reservation_args[:'boot-file-name'] = options['filename'] unless options['filename'].to_s.empty?
         end
 
         # Resolves a hostname to an IP address. If the provided string is already
@@ -165,27 +221,26 @@ module Proxy
           raise Proxy::DHCP::Error, "Could not resolve next-server hostname '#{hostname}': #{e.message}"
         end
 
-        # Builds the array of DHCP options (e.g. routers, ntp-servers) for the reservation.
+        # Builds the array of DHCP options (e.g. routers, ntp-servers, dns-servers) for the reservation.
         #
         # @param options [Hash] The original options hash from Foreman.
         # @return [Array<Hash>] An array of option hashes for the Kea API.
         def build_option_data(options)
           option_data = []
-          add_dhcp_option(option_data, 'routers', options[:routers])
-          add_dhcp_option(option_data, 'ntp-servers', options[:ntp_servers])
-          add_dhcp_option(option_data, 'domain-name', options[:domain_name])
+          SubnetService::OPTION_MAP.each do |kea_name, mapping|
+            add_dhcp_option(option_data, kea_name, options[mapping[:key].to_s])
+          end
           option_data
         end
 
         # A helper to add a DHCP option to the data array if the value exists.
-        # This method modifies the `option_data` array in place.
         #
         # @param option_data [Array<Hash>] The array of options to be modified.
         # @param name [String] The name of the DHCP option (e.g. 'routers').
         # @param value [String, Array] The value of the option.
         # @return [void]
         def add_dhcp_option(option_data, name, value)
-          return if value.to_s.empty?
+          return if value.nil? || (value.respond_to?(:empty?) && value.empty?)
 
           option_data << { name: name, data: Array(value).join(',') }
         end

data/lib/smart_proxy_dhcp_kea_api/dhcp_kea_api_plugin.rb

@@ -21,17 +21,18 @@ module Proxy
         # that the base classes we inherit from (like DHCP::Server) are available.
         requires :dhcp, '>= 1.17'
 
-        # Defines the default settings for this provider. These values are used if
-        # they are not explicitly overridden in a user's settings file
-        # The `kea_api_username` and `kea_api_password` can be used to enable
-        # HTTP Basic Authentication if required by the Kea control agent.
-        # (e.g. `/etc/foreman-proxy/settings.d/dhcp_kea_api.yml`).
+        # Defines the default settings for this provider. These values are used
+        # if they are not overridden in the user's settings file
+        # (`/etc/foreman-proxy/settings.d/dhcp_kea_api.yml`).
+        # The `kea_api_username` and `kea_api_password` enable HTTP Basic
+        # Authentication when the Kea control agent requires it.
         default_settings kea_api_url: 'http://127.0.0.1:8000/',
                          kea_api_username: nil,
                          kea_api_password: nil,
                          blacklist_duration_minutes: 5,
                          open_timeout: 5,
-                         read_timeout: 10
+                         read_timeout: 10,
+                         cache_ttl: 60
 
         # Hooks into the Smart Proxy's dependency injection (DI) framework. These lines
         # delegate the responsibility of loading the required classes and wiring up

data/lib/smart_proxy_dhcp_kea_api/dhcp_kea_api_subnet_service.rb

@@ -18,11 +18,38 @@ module Proxy
       class SubnetService < ::Proxy::DHCP::SubnetService
         include Proxy::Log
 
-        # A hash mapping a subnet network address (e.g., "192.168.1.0") to its
-        # internal Kea API integer ID (e.g., 1). This is crucial for making
+        # Holds the data fetched during a reload before it is atomically swapped
+        # into the live cache. Wraps a throwaway parent SubnetService (for its
+        # thread-safe stores and lookup helpers) plus the Kea-specific maps, so
+        # the loaders can populate it exactly as they would the live object.
+        class Staging
+          attr_reader :service, :kea_id_map, :subnet_options
+
+          # @return [void]
+          def initialize
+            @service = ::Proxy::DHCP::SubnetService.initialized_instance
+            @kea_id_map = {}
+            @subnet_options = {}
+          end
+        end
+
+        # Maps Kea option-data names to their Foreman option keys and whether they are lists.
+        OPTION_MAP = {
+          'routers' => { key: :routers, list: true },
+          'domain-name-servers' => { key: :dns_servers, list: true },
+          'domain-name' => { key: :domain_name, list: false },
+          'ntp-servers' => { key: :ntp_servers, list: true }
+        }.freeze
+
+        # A hash mapping a subnet network address (e.g. "192.168.1.0") to its
+        # internal Kea API integer ID (e.g. 1). This is crucial for making
         # API calls that require a `subnet-id`.
         attr_reader :kea_id_map
 
+        # A hash mapping a subnet network address to its DHCP options hash.
+        # Used by the Provider to serve subnet-level options back to Foreman.
+        attr_reader :subnet_options
+
         # Initialises the SubnetService.
         #
         # @param client [Proxy::DHCP::KeaApi::Client] The client for communicating with the Kea API.
@@ -31,19 +58,31 @@ module Proxy
         # @param reservations_by_ip [Proxy::MemoryStore] A memory store for reservations, passed to the parent class.
         # @param reservations_by_mac [Proxy::MemoryStore] A memory store for reservations, passed to the parent class.
         # @param reservations_by_name [Proxy::MemoryStore] A memory store for reservations, passed to the parent class.
+        # @param cache_ttl [Integer] Number of seconds before the cache is considered stale (default: 60).
+        # @param managed_subnets [Array<String>, nil] List of CIDR networks to manage. Nil means manage all.
         # @return [void]
         # rubocop:disable Metrics/ParameterLists
-        def initialize(client, leases_by_ip, leases_by_mac, reservations_by_ip, reservations_by_mac, reservations_by_name)
+        def initialize(client, leases_by_ip, leases_by_mac, reservations_by_ip, reservations_by_mac, reservations_by_name,
+                       cache_ttl: 60, managed_subnets: nil)
           @client = client
           @kea_id_map = {}
-          # The `super` call initialises the parent `DHCP::SubnetService`, setting up all the
-          # underlying data stores for caching subnets, leases, and reservations.
+          @subnet_options = {}
+          @cache_ttl = cache_ttl
+          @loaded_at = nil
+          @reload_mutex = Mutex.new
+          @managed_subnets = parse_managed_subnets(managed_subnets)
           super(leases_by_ip, leases_by_mac, reservations_by_ip, reservations_by_mac, reservations_by_name)
         end
         # rubocop:enable Metrics/ParameterLists
 
         # The main entry point for loading all DHCP data from the Kea server.
-        # It ensures the cache is cleared before performing a fresh load.
+        #
+        # All Kea API calls populate a fresh, off-to-the-side set of stores
+        # (`staging`); only once every fetch has succeeded are the new stores
+        # swapped into the live cache under the parent's monitor. This keeps the
+        # slow network fetch off the live cache so concurrent readers never see a
+        # half-populated state, and leaves the previous cache intact if the fetch
+        # fails partway through.
         #
         # @return [true] on success.
         # @raise [Proxy::DHCP::Error] if any part of the loading process fails.
@@ -51,31 +90,59 @@ module Proxy
         # @see #load_leases_from_kea
         # rubocop:disable Naming/PredicateMethod
         def load!
-          subnets.clear
-          @kea_id_map.clear
+          staging = Staging.new
+
+          load_subnets_and_reservations_from_kea(staging)
+          load_reservations_from_database(staging)
+          load_leases_from_kea(staging)
 
-          load_subnets_and_reservations_from_kea
-          load_leases_from_kea
+          commit(staging)
           true
         end
         # rubocop:enable Naming/PredicateMethod
 
+        # Returns all subnets, refreshing the cache if stale.
+        #
+        # @return [Array<Proxy::DHCP::Subnet>] All cached subnets.
+        def all_subnets
+          reload_if_stale!
+          super
+        end
+
+        # Returns all host reservations, refreshing the cache if stale.
+        #
+        # @param subnet_address [String, nil] Optional subnet to filter by.
+        # @return [Array<Proxy::DHCP::Reservation>] All cached reservations.
+        def all_hosts(subnet_address = nil)
+          reload_if_stale!
+          super
+        end
+
+        # Returns all leases, refreshing the cache if stale.
+        #
+        # @param subnet_address [String, nil] Optional subnet to filter by.
+        # @return [Array<Proxy::DHCP::Lease>] All cached leases.
+        def all_leases(subnet_address = nil)
+          reload_if_stale!
+          super
+        end
+
         # Fetches all subnets and their associated reservations from the Kea API.
         # This single `config-get` call is the most efficient way to get all static configuration.
+        #
+        # @param staging [Staging] The buffer to populate with fetched data.
         # @return [void]
         # @raise [Proxy::DHCP::Error] if the API call fails.
         # @raise [IPAddr::InvalidAddressError] if a subnet address from Kea is invalid.
         # @see Proxy::DHCP::KeaApi::Client#post_command
-        def load_subnets_and_reservations_from_kea
+        def load_subnets_and_reservations_from_kea(staging)
           config = @client.post_command('dhcp4', 'config-get')
           subnets_data = config&.dig('Dhcp4', 'subnet4')
           return unless subnets_data
 
           subnets_data.each do |subnet_data|
-            process_subnet(subnet_data)
+            process_subnet(subnet_data, staging)
           end
-          # The rescue blocks ensure that if any API or parsing error occurs, the provider
-          # will fail to load, preventing the proxy from starting in a broken state.
         rescue Proxy::DHCP::Error => e
           logger.error "Failed to load subnets and reservations from Kea: #{e.message}"
           raise
@@ -84,31 +151,47 @@ module Proxy
           raise
         end
 
+        # Fetches dynamically added reservations from Kea's hosts-database via
+        # `reservation-get-all`. These are not included in `config-get` which only
+        # returns static reservations from the config file.
+        #
+        # @param staging [Staging] The buffer to populate with fetched data.
+        # @return [void]
+        def load_reservations_from_database(staging)
+          return if staging.kea_id_map.empty?
+
+          staging.kea_id_map.each do |network, subnet_id|
+            response = @client.post_command('dhcp4', 'reservation-get-all', { 'subnet-id': subnet_id })
+            hosts = response&.[]('hosts')
+            next unless hosts
+
+            subnet_obj = staging.service.find_subnet(network)
+            next unless subnet_obj
+
+            hosts.each do |res_data|
+              next if staging.service.find_host_by_mac(network, res_data['hw-address'])
+
+              process_reservation(res_data, subnet_obj, staging)
+            end
+          end
+        rescue Proxy::DHCP::Error => e
+          logger.debug "reservation-get-all not available or failed: #{e.message}"
+        end
+
         # Fetches all active leases from the Kea API for the subnets currently in the cache.
+        #
+        # @param staging [Staging] The buffer to populate with fetched data.
         # @return [void]
         # @raise [Proxy::DHCP::Error] if the API call fails.
         # @see Proxy::DHCP::KeaApi::Client#post_command
-        def load_leases_from_kea
-          # This guard is necessary because the `lease4-get-all` command requires
-          # a list of subnet IDs to query. If no subnets were loaded, we can't get leases.
-          return if @kea_id_map.empty?
+        def load_leases_from_kea(staging)
+          return if staging.kea_id_map.empty?
 
-          response = @client.post_command('dhcp4', 'lease4-get-all', { subnets: @kea_id_map.values })
+          response = @client.post_command('dhcp4', 'lease4-get-all', { subnets: staging.kea_id_map.values })
           return unless response && response['leases']
 
           response['leases'].each do |lease|
-            ip = lease['ip-address']
-            mac = lease['hw-address']
-            # We must find the corresponding Subnet object from our cache to associate with the lease.
-            subnet_obj = find_subnet(ip)
-            unless subnet_obj
-              logger.warn "Skipping lease for IP #{ip} as it does not belong to any known subnet."
-              next
-            end
-
-            record = ::Proxy::DHCP::Lease.new(nil, ip, mac, subnet_obj, lease['cltt'], lease['expire'], 'active')
-            # Add the lease to the parent class's cache.
-            add_lease(subnet_obj.network, record)
+            process_lease(lease, staging)
           end
         rescue Proxy::DHCP::Error => e
           logger.error "Failed to load all leases from Kea: #{e.message}"
@@ -117,68 +200,217 @@ module Proxy
 
         private
 
+        # Reloads the cache if it is older than the configured TTL. Only one thread
+        # performs the reload at a time (single-flight via `try_lock`); other threads
+        # that observe a stale cache serve the current snapshot instead of piling on
+        # duplicate, concurrent reloads.
+        #
+        # @return [void]
+        def reload_if_stale!
+          return unless stale?
+          return unless @reload_mutex.try_lock
+
+          begin
+            return unless stale? # re-check: another thread may have just reloaded
+
+            logger.debug "Cache TTL (#{@cache_ttl}s) expired, reloading from Kea"
+            load!
+          ensure
+            @reload_mutex.unlock
+          end
+        end
+
+        # Atomically replaces the live cache with the freshly-staged data. The swap
+        # runs under the parent's monitor so that readers (which take the same lock)
+        # observe either the entire old cache or the entire new one, never a mix.
+        #
+        # @param staging [Staging] The fully-populated buffer to promote.
+        # @return [void]
+        def commit(staging)
+          m.synchronize do
+            @subnets = staging.service.subnets
+            @leases_by_ip = staging.service.leases_by_ip
+            @leases_by_mac = staging.service.leases_by_mac
+            @reservations_by_ip = staging.service.reservations_by_ip
+            @reservations_by_mac = staging.service.reservations_by_mac
+            @reservations_by_name = staging.service.reservations_by_name
+            @kea_id_map = staging.kea_id_map
+            @subnet_options = staging.subnet_options
+            @loaded_at = Time.now
+          end
+        end
+
+        # Checks whether the cache has exceeded its TTL.
+        #
+        # @return [Boolean] true if the cache needs refreshing.
+        def stale?
+          return true unless @loaded_at
+
+          (Time.now - @loaded_at) > @cache_ttl
+        end
+
+        # Parses the managed_subnets setting into IPAddr objects for matching.
+        #
+        # @param managed_subnets [Array<String>, String, nil] CIDR networks to manage.
+        # @return [Array<IPAddr>, nil] Parsed networks, or nil to manage all.
+        def parse_managed_subnets(managed_subnets)
+          return nil if managed_subnets.nil?
+
+          subnets = Array(managed_subnets)
+          return nil if subnets.empty?
+
+          subnets.map { |cidr| IPAddr.new(cidr) }
+        end
+
+        # Checks whether a subnet should be managed by this proxy.
+        #
+        # @param subnet_addr [String] The network address of the subnet.
+        # @return [Boolean] true if the subnet should be managed.
+        def managed?(subnet_addr)
+          return true unless @managed_subnets
+
+          ip = IPAddr.new(subnet_addr)
+          # include? already returns true for an exact match (e.g. a /32 entry), so
+          # no separate equality check is needed.
+          @managed_subnets.any? { |network| network.include?(ip) }
+        end
+
         # Parses a single subnet hash from the API response, creates the necessary
         # Foreman Subnet and Reservation objects, and adds them to the cache.
         #
         # @param subnet_data [Hash] The hash representing a single subnet from Kea's `config-get` response.
+        # @param staging [Staging] The buffer to populate with the parsed subnet.
         # @return [void]
         # @raise [IPAddr::InvalidAddressError] if the subnet string is not a valid IP address.
-        def process_subnet(subnet_data)
+        def process_subnet(subnet_data, staging)
           ip_object = IPAddr.new(subnet_data['subnet'])
           subnet_addr = ip_object.to_s
-          # Correctly derive the netmask string from the IPAddr object's prefix
           mask = IPAddr.new('255.255.255.255').mask(ip_object.prefix).to_s
 
+          return unless managed?(subnet_addr)
+
           options = {
             routers: extract_routers(subnet_data),
             range: extract_range(subnet_data)
           }.compact
           subnet = ::Proxy::DHCP::Subnet.new(subnet_addr, mask, options)
 
-          # Add the parsed subnet to the parent class's in-memory cache.
-          add_subnet(subnet)
-          # Store the mapping between the network address and Kea's internal ID for future API calls.
-          @kea_id_map[subnet.network] = subnet_data['id']
+          staging.service.add_subnet(subnet)
+          staging.kea_id_map[subnet.network] = subnet_data['id']
+          staging.subnet_options[subnet.network] = extract_subnet_options(subnet_data)
           logger.info "Loaded subnet #{subnet.network}/#{subnet.netmask} and mapped to Kea ID #{subnet_data['id']}"
 
-          # The reservations are conveniently nested within each subnet object in the config.
           subnet_data['reservations']&.each do |res_data|
-            process_reservation(res_data, subnet)
+            process_reservation(res_data, subnet, staging)
+          end
+        end
+
+        # Extracts all DHCP options from a subnet into a normalised hash.
+        #
+        # @param subnet_data [Hash] The hash representing a single subnet.
+        # @return [Hash] A hash of option names to their values.
+        def extract_subnet_options(subnet_data)
+          opts = {}
+          option_data = subnet_data['option-data'] || []
+          option_data.each do |opt|
+            opts[opt['name']] = opt['data']
           end
+          opts['next-server'] = subnet_data['next-server'] if meaningful_boot_value?(subnet_data['next-server'])
+          opts['boot-file-name'] = subnet_data['boot-file-name'] if meaningful_boot_value?(subnet_data['boot-file-name'])
+          opts
+        end
+
+        # Returns true when a Kea boot field carries a real value. Kea reports an
+        # unset next-server as "0.0.0.0" and an unset boot-file-name as "", which
+        # are placeholders that must not be round-tripped back to Foreman as if a
+        # user had configured them (doing so triggers spurious DHCP rebuilds).
+        #
+        # @param value [String, nil] The raw value from Kea.
+        # @return [Boolean] true if the value is present and not a placeholder.
+        def meaningful_boot_value?(value)
+          !value.nil? && !value.to_s.strip.empty? && value != '0.0.0.0'
         end
 
         # Extracts and formats the router data from a subnet's options.
         #
         # @param subnet_data [Hash] The hash representing a single subnet.
         # @return [Array<String>, nil] An array of router IP addresses, or nil if none are found.
-        # @note The router data in Kea is a single comma-separated string which must be split into an array.
         def extract_routers(subnet_data)
-          # The router data is a comma-separated string which must be split into an array.
-          subnet_data['option-data']&.find { |opt| opt['name'] == 'routers' }&.[]('data')&.split(',')
+          router_opt = subnet_data['option-data']&.find { |opt| opt['name'] == 'routers' }
+          data = router_opt&.[]('data')
+          data&.split(',')&.map(&:strip)
         end
 
         # Extracts the IP range from a subnet's first pool.
         #
         # @param subnet_data [Hash] The hash representing a single subnet.
         # @return [Array<String>, nil] A two-element array containing the start and end of the range, or nil.
-        # @note The pool range is a hyphen-separated string (e.g. "10.0.0.10-10.0.0.20").
         def extract_range(subnet_data)
-          # The pool range is a hyphen-separated string (e.g. "10.0.0.10-10.0.0.20").
           pool_string = subnet_data.dig('pools', 0, 'pool')
-          pool_string&.split('-')
+          pool_string&.split('-')&.map(&:strip)
         end
 
         # Creates a Foreman Reservation object from Kea data and adds it to the cache.
+        # Includes option-data, next-server, and boot-file-name so that Foreman can
+        # round-trip these values when querying existing reservations.
         #
         # @param res_data [Hash] The hash representing a single reservation.
         # @param subnet [Proxy::DHCP::Subnet] The subnet object this reservation belongs to.
+        # @param staging [Staging] The buffer to populate with the parsed reservation.
         # @return [void]
-        def process_reservation(res_data, subnet)
-          record = ::Proxy::DHCP::Reservation.new(res_data['hostname'], res_data['ip-address'], res_data['hw-address'], subnet)
-          # Add the reservation to the parent class's cache, making it searchable.
-          add_host(subnet.network, record)
+        def process_reservation(res_data, subnet, staging)
+          opts = extract_reservation_options(res_data)
+          record = ::Proxy::DHCP::Reservation.new(
+            res_data['hostname'], res_data['ip-address'], res_data['hw-address'], subnet, opts
+          )
+          staging.service.add_host(subnet.network, record)
           logger.debug "Loaded reservation for #{res_data['hw-address']} on subnet #{subnet.network}"
         end
+
+        # Extracts Foreman-compatible options from a Kea reservation hash.
+        #
+        # @param res_data [Hash] The reservation data from Kea's config-get.
+        # @return [Hash] Options hash suitable for Proxy::DHCP::Reservation.
+        def extract_reservation_options(res_data)
+          opts = {}
+          opts[:nextServer] = res_data['next-server'] if meaningful_boot_value?(res_data['next-server'])
+          opts[:filename] = res_data['boot-file-name'] if meaningful_boot_value?(res_data['boot-file-name'])
+          map_option_data(opts, res_data['option-data'] || [])
+          opts
+        end
+
+        # Applies Kea option-data entries to a Foreman options hash using OPTION_MAP.
+        #
+        # @param opts [Hash] The target options hash to populate.
+        # @param option_data [Array<Hash>] The option-data array from Kea.
+        # @return [void]
+        def map_option_data(opts, option_data)
+          option_data.each do |opt|
+            mapping = OPTION_MAP[opt['name']]
+            next unless mapping
+
+            data = opt['data']
+            opts[mapping[:key]] = mapping[:list] ? data&.split(',')&.map(&:strip) : data
+          end
+        end
+
+        # Creates a Foreman Lease object from Kea data and adds it to the cache.
+        #
+        # @param lease [Hash] The lease data from Kea's lease4-get-all response.
+        # @param staging [Staging] The buffer to populate with the parsed lease.
+        # @return [void]
+        def process_lease(lease, staging)
+          ip = lease['ip-address']
+          mac = lease['hw-address']
+          subnet_obj = staging.service.find_subnet(ip)
+          unless subnet_obj
+            logger.warn "Skipping lease for IP #{ip} as it does not belong to any known subnet."
+            return
+          end
+
+          record = ::Proxy::DHCP::Lease.new(nil, ip, mac, subnet_obj, lease['cltt'], lease['expire'], 'active')
+          staging.service.add_lease(subnet_obj.network, record)
+        end
       end
     end
   end

data/lib/smart_proxy_dhcp_kea_api/dhcp_kea_api_version.rb

@@ -4,7 +4,7 @@ module Proxy
   module DHCP
     module KeaApi
       # The current version of the smart_proxy_dhcp_kea_api gem.
-      VERSION = '1.1.0'
+      VERSION = '2.1.0'
     end
   end
 end

data/lib/smart_proxy_dhcp_kea_api/kea_api_client.rb

@@ -29,7 +29,7 @@ module Proxy
         #   client = Proxy::DHCP::KeaApi::Client.new(
         #     url: 'http://127.0.0.1:8000',
         #     username: 'myuser',
-        #     password: 'mypassword'
+        #     password: 'mypassword',
         #     open_timeout: 2,
         #     read_timeout: 5
         #   )
@@ -97,7 +97,7 @@ module Proxy
           http.read_timeout = @read_timeout
           request = Net::HTTP::Post.new(@uri.request_uri, header)
           request.body = payload.to_json
-          request.basic_auth(@username, @password) if @username && @password
+          request.basic_auth(@username, @password.to_s) if @username
 
           logger.debug "Sending command to Kea: #{payload.inspect}"
           response = http.request(request)
@@ -146,11 +146,13 @@ module Proxy
         # @see https://kea.readthedocs.io/en/stable/api.html For documentation on Kea API result codes.
         # @private
         def response_successful?(result, command)
-          # Universal success is result code 0.
-          return true if result['result'].zero?
+          result_code = result['result']
+          raise Proxy::DHCP::Error, "Kea API Error: Response missing 'result' field" if result_code.nil?
+
+          return true if result_code.zero?
 
           # Special case: 'lease4-get-all' is successful even with result code 3 (no leases found).
-          command == 'lease4-get-all' && result['result'] == 3
+          command == 'lease4-get-all' && result_code == 3
         end
       end
     end

data/lib/smart_proxy_dhcp_kea_api/plugin_configuration.rb

@@ -28,16 +28,12 @@ module Proxy
         # @param settings [Hash] The settings hash for this provider.
 
         def load_dependency_injection_wirings(container, settings)
-          # A standard in-memory key-value store provided by the Smart Proxy framework.
-          # It's used by the SubnetService to cache DHCP data.
-          container.singleton_dependency :memory_store, -> { ::Proxy::MemoryStore.new }
-
           # A singleton service that manages the temporary blacklisting of suggested IP addresses
           # to prevent race conditions. Its duration is configured via the settings file.
           container.singleton_dependency :unused_ips, -> { ::Proxy::DHCP::FreeIps.new(settings[:blacklist_duration_minutes]) }
 
           # The custom client for communicating with the Kea API. This is registered as a singleton
-          # so that a single, persistent HTTP connection pool is used for all API calls.
+          # so that a single client instance (with its configuration) is shared across all requests.
           # @see Proxy::DHCP::KeaApi::Client#initialize
           container.singleton_dependency :kea_client, (lambda do
             ::Proxy::DHCP::KeaApi::Client.new(
@@ -51,18 +47,19 @@ module Proxy
 
           # The custom service for caching all subnet, reservation, and lease data.
           # This is a singleton because we want one central, authoritative cache that all
-          # requests can share. It depends on the Kea client to fetch data and the memory
-          # stores to cache it.
+          # requests can share. Each store must be a separate instance to avoid collisions
+          # between leases and reservations keyed by the same IP/MAC.
           # @see Proxy::DHCP::KeaApi::SubnetService#initialize
           container.singleton_dependency :subnet_service, (lambda do
-            memory_store = container.get_dependency(:memory_store)
             ::Proxy::DHCP::KeaApi::SubnetService.new(
               container.get_dependency(:kea_client),
-              memory_store,
-              memory_store,
-              memory_store,
-              memory_store,
-              memory_store
+              ::Proxy::MemoryStore.new,
+              ::Proxy::MemoryStore.new,
+              ::Proxy::MemoryStore.new,
+              ::Proxy::MemoryStore.new,
+              ::Proxy::MemoryStore.new,
+              cache_ttl: settings[:cache_ttl],
+              managed_subnets: settings.fetch(:managed_subnets, nil)
             )
           end)
 
@@ -70,7 +67,7 @@ module Proxy
           # for handling DHCP requests from Foreman. It depends on the subnet service,
           # the API client, and the IP blacklist service to do its job.
           # @see Proxy::DHCP::KeaApi::Provider#initialize
-          container.dependency :dhcp_provider, (lambda do
+          container.singleton_dependency :dhcp_provider, (lambda do
             ::Proxy::DHCP::KeaApi::Provider.new(
               container.get_dependency(:subnet_service),
               container.get_dependency(:kea_client),

data/smart_proxy_dhcp_kea_api.gemspec

@@ -17,7 +17,9 @@ Gem::Specification.new do |s|
   s.metadata = {
     'bug_tracker_uri' => 'https://gitlab.surrey.ac.uk/sm0049/smart-proxy-dhcp-kea-api/-/issues',
     'homepage_uri' => 'https://gitlab.surrey.ac.uk/sm0049/smart-proxy-dhcp-kea-api',
-    'rubygems_mfa_required' => 'true'
+    'rubygems_mfa_required' => 'true',
+    'changelog_uri' => "https://gitlab.surrey.ac.uk/sm0049/smart-proxy-dhcp-kea-api/-/blob/main/CHANGELOG.md",
+    'documentation_uri' => "https://smart-proxy-dhcp-kea-api-1fed73.pages.surrey.ac.uk/",
   }
 
   s.files = Dir.glob('{lib}/**/*', File::FNM_DOTMATCH).reject { |f| File.directory?(f) }

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_dhcp_kea_api
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 2.1.0
 platform: ruby
 authors:
 - Sam McCarthy
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2025-07-22 00:00:00.000000000 Z
+date: 2026-06-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -152,14 +152,13 @@ dependencies:
         version: '0'
 description: Provides DHCP management for Foreman via the ISC Kea API, requiring the
   host_cmds and lease_cmds hooks.
-email:
+email: 
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
 - LICENSE
 - README.md
-- lib/.DS_Store
 - lib/smart_proxy_dhcp_kea_api.rb
 - lib/smart_proxy_dhcp_kea_api/dhcp_kea_api_main.rb
 - lib/smart_proxy_dhcp_kea_api/dhcp_kea_api_plugin.rb
@@ -175,7 +174,9 @@ metadata:
   bug_tracker_uri: https://gitlab.surrey.ac.uk/sm0049/smart-proxy-dhcp-kea-api/-/issues
   homepage_uri: https://gitlab.surrey.ac.uk/sm0049/smart-proxy-dhcp-kea-api
   rubygems_mfa_required: 'true'
-post_install_message:
+  changelog_uri: https://gitlab.surrey.ac.uk/sm0049/smart-proxy-dhcp-kea-api/-/blob/main/CHANGELOG.md
+  documentation_uri: https://smart-proxy-dhcp-kea-api-1fed73.pages.surrey.ac.uk/
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -193,8 +194,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.19
-signing_key:
+rubygems_version: 3.0.3.1
+signing_key: 
 specification_version: 4
 summary: Foreman Smart Proxy plugin for ISC Kea DHCP API
 test_files: []