diff options
author | Christian Pointner <equinox@spreadspace.org> | 2020-02-08 02:27:20 +0100 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2020-02-08 02:27:20 +0100 |
commit | 58bf20f8a6709f2ea75f95659c0211c1aff7c7b3 (patch) | |
tree | 8f6a6bc7473ae285c7981c10b44a79b30b1e40e5 | |
parent | ele-helene|dione: installer net config (diff) |
added chrony role
-rw-r--r-- | inventory/host_vars/ele-dione.yml | 12 | ||||
-rw-r--r-- | inventory/host_vars/ele-helene.yml | 8 | ||||
-rw-r--r-- | roles/chrony/defaults/main.yml | 24 | ||||
-rw-r--r-- | roles/chrony/handlers/main.yml | 5 | ||||
-rw-r--r-- | roles/chrony/tasks/main.yml | 11 | ||||
-rw-r--r-- | roles/chrony/templates/chrony.conf.j2 | 55 |
6 files changed, 115 insertions, 0 deletions
diff --git a/inventory/host_vars/ele-dione.yml b/inventory/host_vars/ele-dione.yml index 5654d8c8..e6676a23 100644 --- a/inventory/host_vars/ele-dione.yml +++ b/inventory/host_vars/ele-dione.yml @@ -36,3 +36,15 @@ kubelet_lvm: lv: kubelet size: 10G fs: ext4 + + +chrony_source_pools: + - name: at.pool.ntp.org + options: iburst + +chrony_hwtimestamp_interfaces: + - name: "*" + +chrony_server: + allow: + - "{{ network_zones.lan.prefix }}" diff --git a/inventory/host_vars/ele-helene.yml b/inventory/host_vars/ele-helene.yml index 1d32bb9d..75868f2d 100644 --- a/inventory/host_vars/ele-helene.yml +++ b/inventory/host_vars/ele-helene.yml @@ -36,3 +36,11 @@ kubelet_lvm: lv: kubelet size: 10G fs: ext4 + + +chrony_source_servers: + - name: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets['ele-dione']) | ipaddr('address') }}" + options: iburst minpoll 1 maxpoll 3 polltarget 30 + +chrony_hwtimestamp_interfaces: + - name: "*" diff --git a/roles/chrony/defaults/main.yml b/roles/chrony/defaults/main.yml new file mode 100644 index 00000000..bec79d5f --- /dev/null +++ b/roles/chrony/defaults/main.yml @@ -0,0 +1,24 @@ +--- +# chrony_source_servers: +# - name: ntp.example.com +# options: iburst ... + +# chrony_source_pools: +# - name: pool.example.com +# options: iburst .... + +# chrony_source_peers: +# - name: peer.example.com +# options: iburst .... + + +# chrony_hwtimestamp_interfaces: +# - name: "*" +# options: .... + + +# chrony_server: +# allow: [] +# deny: [] +# bind: 0.0.0.0 +# port: 123 diff --git a/roles/chrony/handlers/main.yml b/roles/chrony/handlers/main.yml new file mode 100644 index 00000000..08d878be --- /dev/null +++ b/roles/chrony/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: restart chrony + service: + name: chrony + state: restarted diff --git a/roles/chrony/tasks/main.yml b/roles/chrony/tasks/main.yml new file mode 100644 index 00000000..d220af30 --- /dev/null +++ b/roles/chrony/tasks/main.yml @@ -0,0 +1,11 @@ +--- +- name: install chrony + apt: + name: chrony + state: present + +- name: install chrony configuration + template: + src: chrony.conf.j2 + dest: /etc/chrony/chrony.conf + notify: restart chrony diff --git a/roles/chrony/templates/chrony.conf.j2 b/roles/chrony/templates/chrony.conf.j2 new file mode 100644 index 00000000..62d45315 --- /dev/null +++ b/roles/chrony/templates/chrony.conf.j2 @@ -0,0 +1,55 @@ +### Global options + +cmdport 0 +keyfile /etc/chrony/chrony.keys +driftfile /var/lib/chrony/chrony.drift +logdir /var/log/chrony +maxupdateskew 100.0 +rtcsync +makestep 1 3 + +{% if chrony_hwtimestamp_interfaces is defined %} +{% for interface in chrony_hwtimestamp_interfaces %} +hwtimestamp {{ interface.name }}{% if 'options' in interface %} {{ interface.options }}{% endif %}{{ '' }} +{% endfor %} + +{% endif %} + +### Sources + +{% if chrony_source_servers is defined %} +{% for server in chrony_source_servers %} +server {{ server.name }}{% if 'options' in server %} {{ server.options }}{% endif %}{{ '' }} +{% endfor %} + +{% endif %} +{% if chrony_source_pools is defined %} +{% for pool in chrony_source_pools %} +pool {{ pool.name }}{% if 'options' in pool %} {{ pool.options }}{% endif %}{{ '' }} +{% endfor %} + +{% endif %} +{% if chrony_source_peers is defined %} +{% for peer in chrony_source_peers %} +peer {{ peer.name }}{% if 'options' in peer %} {{ peer.options }}{% endif %}{{ '' }} +{% endfor %} + +{% endif %} + + +{% if chrony_server is defined %} +### Server + +{% for rule in chrony_server.allow | default([]) %} +allow {{ rule }} +{% endfor %} +{% for rule in chrony_server.deny | default([]) %} +deny {{ rule }} +{% endfor %} +{% if 'bindaddress' in chrony_server %} +bindaddress {{ chrony_server.bind }} +{% endif %} +{% if 'port' in chrony_server %} + port {{ chrony_server.port }} +{% endif %} +{% endif %} |