diff options
Diffstat (limited to 'roles/core')
| -rw-r--r-- | roles/core/ntp/defaults/main.yml | 28 | ||||
| -rw-r--r-- | roles/core/ntp/handlers/main.yml | 5 | ||||
| -rw-r--r-- | roles/core/ntp/tasks/chrony.yml | 11 | ||||
| -rw-r--r-- | roles/core/ntp/tasks/main.yml | 5 | ||||
| -rw-r--r-- | roles/core/ntp/templates/chrony.conf.j2 | 56 |
5 files changed, 105 insertions, 0 deletions
diff --git a/roles/core/ntp/defaults/main.yml b/roles/core/ntp/defaults/main.yml new file mode 100644 index 00000000..08e0ca80 --- /dev/null +++ b/roles/core/ntp/defaults/main.yml @@ -0,0 +1,28 @@ +--- +# ntp_variant: systemd-timesyncd +# ntp_variant: chrony +# ntp_variant: openntpd + + +# ntp_client: +# servers: +# - name: ntp.example.com +# options: iburst ... +# pools: +# - name: pool.example.com +# options: iburst .... +# peers: +# - name: peer.example.com +# options: iburst .... + + +# ntp_hwtimestamp_interfaces: +# - name: "*" +# options: .... + + +# ntp_server: +# allow: [] +# deny: [] +# bind: 0.0.0.0 +# port: 123 diff --git a/roles/core/ntp/handlers/main.yml b/roles/core/ntp/handlers/main.yml new file mode 100644 index 00000000..08d878be --- /dev/null +++ b/roles/core/ntp/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: restart chrony + service: + name: chrony + state: restarted diff --git a/roles/core/ntp/tasks/chrony.yml b/roles/core/ntp/tasks/chrony.yml new file mode 100644 index 00000000..d220af30 --- /dev/null +++ b/roles/core/ntp/tasks/chrony.yml @@ -0,0 +1,11 @@ +--- +- name: install chrony + apt: + name: chrony + state: present + +- name: install chrony configuration + template: + src: chrony.conf.j2 + dest: /etc/chrony/chrony.conf + notify: restart chrony diff --git a/roles/core/ntp/tasks/main.yml b/roles/core/ntp/tasks/main.yml new file mode 100644 index 00000000..77f281ff --- /dev/null +++ b/roles/core/ntp/tasks/main.yml @@ -0,0 +1,5 @@ +--- +## TODO: make this work on openbsd and debian/ubuntu +- name: run ntp-variant specific tasks + when: ntp_variant is defined + include_tasks: "{{ ntp_variant }}.yml" diff --git a/roles/core/ntp/templates/chrony.conf.j2 b/roles/core/ntp/templates/chrony.conf.j2 new file mode 100644 index 00000000..0bad9235 --- /dev/null +++ b/roles/core/ntp/templates/chrony.conf.j2 @@ -0,0 +1,56 @@ +### Global options + +cmdport 0 +keyfile /etc/chrony/chrony.keys +driftfile /var/lib/chrony/chrony.drift +logdir /var/log/chrony +maxupdateskew 100.0 +rtcsync +makestep 1 3 +{% if ntp_hwtimestamp_interfaces is defined %} + +{% for interface in ntp_hwtimestamp_interfaces %} +hwtimestamp {{ interface.name }}{% if 'options' in interface %} {{ interface.options }}{% endif %}{{ '' }} +{% endfor %} +{% endif %} +{% if ntp_client is defined %} + + +### Client +{% if 'servers' in ntp_client %} + +{% for server in ntp_client.servers %} +server {{ server.name }}{% if 'options' in server %} {{ server.options }}{% endif %}{{ '' }} +{% endfor %} +{% endif %} +{% if 'pools' in ntp_client %} + +{% for pool in ntp_client.pools %} +pool {{ pool.name }}{% if 'options' in pool %} {{ pool.options }}{% endif %}{{ '' }} +{% endfor %} +{% endif %} +{% if 'peers' in ntp_client %} + +{% for peer in ntp_client.peers %} +peer {{ peer.name }}{% if 'options' in peer %} {{ peer.options }}{% endif %}{{ '' }} +{% endfor %} +{% endif %} +{% endif %} +{% if ntp_server is defined %} + + +### Server + +{% for rule in ntp_server.allow | default([]) %} +allow {{ rule }} +{% endfor %} +{% for rule in ntp_server.deny | default([]) %} +deny {{ rule }} +{% endfor %} +{% if 'bindaddress' in ntp_server %} +bindaddress {{ ntp_server.bind }} +{% endif %} +{% if 'port' in ntp_server %} + port {{ ntp_server.port }} +{% endif %} +{% endif %} |