From 8ffeaf71efa7472ff8511c445aa8874b1b1f3613 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Fri, 27 Nov 2020 21:24:53 +0100
Subject: move chrony role to core/ntp (WIP)

---
 dan/ele-dione.yml                       |  2 +-
 dan/ele-helene.yml                      |  2 +-
 inventory/host_vars/ele-dione.yml       |  9 ++++--
 inventory/host_vars/ele-helene.yml      |  7 +++--
 inventory/host_vars/lw-dione.yml        |  9 ++++--
 inventory/host_vars/lw-helene.yml       |  5 +--
 roles/chrony/defaults/main.yml          | 24 --------------
 roles/chrony/handlers/main.yml          |  5 ---
 roles/chrony/tasks/main.yml             | 11 -------
 roles/chrony/templates/chrony.conf.j2   | 55 --------------------------------
 roles/core/ntp/defaults/main.yml        | 28 +++++++++++++++++
 roles/core/ntp/handlers/main.yml        |  5 +++
 roles/core/ntp/tasks/chrony.yml         | 11 +++++++
 roles/core/ntp/tasks/main.yml           |  5 +++
 roles/core/ntp/templates/chrony.conf.j2 | 56 +++++++++++++++++++++++++++++++++
 spreadspace/lw-dione.yml                |  2 +-
 spreadspace/lw-helene.yml               |  2 +-
 17 files changed, 129 insertions(+), 109 deletions(-)
 delete mode 100644 roles/chrony/defaults/main.yml
 delete mode 100644 roles/chrony/handlers/main.yml
 delete mode 100644 roles/chrony/tasks/main.yml
 delete mode 100644 roles/chrony/templates/chrony.conf.j2
 create mode 100644 roles/core/ntp/defaults/main.yml
 create mode 100644 roles/core/ntp/handlers/main.yml
 create mode 100644 roles/core/ntp/tasks/chrony.yml
 create mode 100644 roles/core/ntp/tasks/main.yml
 create mode 100644 roles/core/ntp/templates/chrony.conf.j2

diff --git a/dan/ele-dione.yml b/dan/ele-dione.yml
index fe6a0593..742598a8 100644
--- a/dan/ele-dione.yml
+++ b/dan/ele-dione.yml
@@ -7,6 +7,6 @@
   - role: core/sshd
   - role: core/zsh
   - role: core/cpu-microcode
+  - role: core/ntp
   - role: core/admin-users
   - role: streaming/blackmagic/desktopvideo
-  - role: chrony
diff --git a/dan/ele-helene.yml b/dan/ele-helene.yml
index a18477b9..88fae823 100644
--- a/dan/ele-helene.yml
+++ b/dan/ele-helene.yml
@@ -7,9 +7,9 @@
   - role: core/sshd
   - role: core/zsh
   - role: core/cpu-microcode
+  - role: core/ntp
   - role: core/admin-users
   - role: streaming/blackmagic/desktopvideo
-  - role: chrony
   post_tasks:
     ## this is needed for local rtmp proxy
   - name: install interface config for guest vlan
diff --git a/inventory/host_vars/ele-dione.yml b/inventory/host_vars/ele-dione.yml
index 1152e5cf..e187f8aa 100644
--- a/inventory/host_vars/ele-dione.yml
+++ b/inventory/host_vars/ele-dione.yml
@@ -39,13 +39,16 @@ kubelet_lvm:
   fs: ext4
 
 
-chrony_source_pools:
+ntp_variant: chrony
+
+ntp_client:
+  pools:
   - name: at.pool.ntp.org
     options: iburst
 
-chrony_hwtimestamp_interfaces:
+ntp_hwtimestamp_interfaces:
   - name: "*"
 
-chrony_server:
+ntp_server:
   allow:
     - "{{ network_zones.lan.prefix }}"
diff --git a/inventory/host_vars/ele-helene.yml b/inventory/host_vars/ele-helene.yml
index a5418e56..a753a35c 100644
--- a/inventory/host_vars/ele-helene.yml
+++ b/inventory/host_vars/ele-helene.yml
@@ -39,9 +39,12 @@ kubelet_lvm:
   fs: ext4
 
 
-chrony_source_servers:
+ntp_variant: chrony
+
+ntp_client:
+  servers:
   - name: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets['ele-dione']) | ipaddr('address') }}"
     options: iburst minpoll 1 maxpoll 3 polltarget 30
 
-chrony_hwtimestamp_interfaces:
+ntp_hwtimestamp_interfaces:
   - name: "*"
diff --git a/inventory/host_vars/lw-dione.yml b/inventory/host_vars/lw-dione.yml
index 9b05f037..3e38dbd1 100644
--- a/inventory/host_vars/lw-dione.yml
+++ b/inventory/host_vars/lw-dione.yml
@@ -40,13 +40,16 @@ kubelet_lvm:
   fs: ext4
 
 
-chrony_source_pools:
+ntp_variant: chrony
+
+ntp_client:
+  pools:
   - name: at.pool.ntp.org
     options: iburst
 
-chrony_hwtimestamp_interfaces:
+ntp_hwtimestamp_interfaces:
   - name: "*"
 
-chrony_server:
+ntp_server:
   allow:
     - "192.168.32.0/24"
diff --git a/inventory/host_vars/lw-helene.yml b/inventory/host_vars/lw-helene.yml
index 6b68549b..16c89e76 100644
--- a/inventory/host_vars/lw-helene.yml
+++ b/inventory/host_vars/lw-helene.yml
@@ -40,9 +40,10 @@ kubelet_lvm:
   fs: ext4
 
 
-chrony_source_servers:
+ntp_client:
+  servers:
   - name: "192.168.32.202"
     options: iburst minpoll 1 maxpoll 3 polltarget 30
 
-chrony_hwtimestamp_interfaces:
+ntp_hwtimestamp_interfaces:
   - name: "*"
diff --git a/roles/chrony/defaults/main.yml b/roles/chrony/defaults/main.yml
deleted file mode 100644
index bec79d5f..00000000
--- a/roles/chrony/defaults/main.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-# chrony_source_servers:
-#   - name: ntp.example.com
-#     options: iburst ...
-
-# chrony_source_pools:
-#   - name: pool.example.com
-#     options: iburst ....
-
-# chrony_source_peers:
-#   - name: peer.example.com
-#     options: iburst ....
-
-
-# chrony_hwtimestamp_interfaces:
-#   - name: "*"
-#     options: ....
-
-
-# chrony_server:
-#   allow: []
-#   deny: []
-#   bind: 0.0.0.0
-#   port: 123
diff --git a/roles/chrony/handlers/main.yml b/roles/chrony/handlers/main.yml
deleted file mode 100644
index 08d878be..00000000
--- a/roles/chrony/handlers/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: restart chrony
-  service:
-    name: chrony
-    state: restarted
diff --git a/roles/chrony/tasks/main.yml b/roles/chrony/tasks/main.yml
deleted file mode 100644
index d220af30..00000000
--- a/roles/chrony/tasks/main.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-- name: install chrony
-  apt:
-    name: chrony
-    state: present
-
-- name: install chrony configuration
-  template:
-    src: chrony.conf.j2
-    dest: /etc/chrony/chrony.conf
-  notify: restart chrony
diff --git a/roles/chrony/templates/chrony.conf.j2 b/roles/chrony/templates/chrony.conf.j2
deleted file mode 100644
index 62d45315..00000000
--- a/roles/chrony/templates/chrony.conf.j2
+++ /dev/null
@@ -1,55 +0,0 @@
-### Global options
-
-cmdport 0
-keyfile /etc/chrony/chrony.keys
-driftfile /var/lib/chrony/chrony.drift
-logdir /var/log/chrony
-maxupdateskew 100.0
-rtcsync
-makestep 1 3
-
-{% if chrony_hwtimestamp_interfaces is defined %}
-{%   for interface in chrony_hwtimestamp_interfaces %}
-hwtimestamp {{ interface.name }}{% if 'options' in interface %} {{ interface.options }}{% endif %}{{ '' }}
-{%   endfor %}
-
-{% endif %}
-
-### Sources
-
-{% if chrony_source_servers is defined %}
-{%   for server in chrony_source_servers %}
-server {{ server.name }}{% if 'options' in server %} {{ server.options }}{% endif %}{{ '' }}
-{%   endfor %}
-
-{% endif %}
-{% if chrony_source_pools is defined %}
-{%   for pool in chrony_source_pools %}
-pool {{ pool.name }}{% if 'options' in pool %} {{ pool.options }}{% endif %}{{ '' }}
-{%   endfor %}
-
-{% endif %}
-{% if chrony_source_peers is defined %}
-{%   for peer in chrony_source_peers %}
-peer {{ peer.name }}{% if 'options' in peer %} {{ peer.options }}{% endif %}{{ '' }}
-{%   endfor %}
-
-{% endif %}
-
-
-{% if chrony_server is defined %}
-### Server
-
-{%   for rule in chrony_server.allow | default([]) %}
-allow {{ rule }}
-{%   endfor %}
-{%   for rule in chrony_server.deny | default([]) %}
-deny {{ rule }}
-{%   endfor %}
-{%   if 'bindaddress' in chrony_server %}
-bindaddress {{ chrony_server.bind }}
-{%   endif %}
-{%   if 'port' in chrony_server %}
-  port {{ chrony_server.port }}
-{%   endif %}
-{% endif %}
diff --git a/roles/core/ntp/defaults/main.yml b/roles/core/ntp/defaults/main.yml
new file mode 100644
index 00000000..08e0ca80
--- /dev/null
+++ b/roles/core/ntp/defaults/main.yml
@@ -0,0 +1,28 @@
+---
+# ntp_variant: systemd-timesyncd
+# ntp_variant: chrony
+# ntp_variant: openntpd
+
+
+# ntp_client:
+#   servers:
+#   - name: ntp.example.com
+#     options: iburst ...
+#   pools:
+#   - name: pool.example.com
+#     options: iburst ....
+#   peers:
+#   - name: peer.example.com
+#     options: iburst ....
+
+
+# ntp_hwtimestamp_interfaces:
+#   - name: "*"
+#     options: ....
+
+
+# ntp_server:
+#   allow: []
+#   deny: []
+#   bind: 0.0.0.0
+#   port: 123
diff --git a/roles/core/ntp/handlers/main.yml b/roles/core/ntp/handlers/main.yml
new file mode 100644
index 00000000..08d878be
--- /dev/null
+++ b/roles/core/ntp/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: restart chrony
+  service:
+    name: chrony
+    state: restarted
diff --git a/roles/core/ntp/tasks/chrony.yml b/roles/core/ntp/tasks/chrony.yml
new file mode 100644
index 00000000..d220af30
--- /dev/null
+++ b/roles/core/ntp/tasks/chrony.yml
@@ -0,0 +1,11 @@
+---
+- name: install chrony
+  apt:
+    name: chrony
+    state: present
+
+- name: install chrony configuration
+  template:
+    src: chrony.conf.j2
+    dest: /etc/chrony/chrony.conf
+  notify: restart chrony
diff --git a/roles/core/ntp/tasks/main.yml b/roles/core/ntp/tasks/main.yml
new file mode 100644
index 00000000..77f281ff
--- /dev/null
+++ b/roles/core/ntp/tasks/main.yml
@@ -0,0 +1,5 @@
+---
+## TODO: make this work on openbsd and debian/ubuntu
+- name: run ntp-variant specific tasks
+  when: ntp_variant is defined
+  include_tasks: "{{ ntp_variant }}.yml"
diff --git a/roles/core/ntp/templates/chrony.conf.j2 b/roles/core/ntp/templates/chrony.conf.j2
new file mode 100644
index 00000000..0bad9235
--- /dev/null
+++ b/roles/core/ntp/templates/chrony.conf.j2
@@ -0,0 +1,56 @@
+### Global options
+
+cmdport 0
+keyfile /etc/chrony/chrony.keys
+driftfile /var/lib/chrony/chrony.drift
+logdir /var/log/chrony
+maxupdateskew 100.0
+rtcsync
+makestep 1 3
+{% if ntp_hwtimestamp_interfaces is defined %}
+
+{%   for interface in ntp_hwtimestamp_interfaces %}
+hwtimestamp {{ interface.name }}{% if 'options' in interface %} {{ interface.options }}{% endif %}{{ '' }}
+{%   endfor %}
+{% endif %}
+{% if ntp_client is defined %}
+
+
+### Client
+{%   if 'servers' in ntp_client %}
+
+{%     for server in ntp_client.servers %}
+server {{ server.name }}{% if 'options' in server %} {{ server.options }}{% endif %}{{ '' }}
+{%     endfor %}
+{%   endif %}
+{%   if 'pools' in ntp_client %}
+
+{%     for pool in ntp_client.pools %}
+pool {{ pool.name }}{% if 'options' in pool %} {{ pool.options }}{% endif %}{{ '' }}
+{%     endfor %}
+{%   endif %}
+{%   if 'peers' in ntp_client %}
+
+{%     for peer in ntp_client.peers %}
+peer {{ peer.name }}{% if 'options' in peer %} {{ peer.options }}{% endif %}{{ '' }}
+{%     endfor %}
+{%   endif %}
+{% endif %}
+{% if ntp_server is defined %}
+
+
+### Server
+
+{%   for rule in ntp_server.allow | default([]) %}
+allow {{ rule }}
+{%   endfor %}
+{%   for rule in ntp_server.deny | default([]) %}
+deny {{ rule }}
+{%   endfor %}
+{%   if 'bindaddress' in ntp_server %}
+bindaddress {{ ntp_server.bind }}
+{%   endif %}
+{%   if 'port' in ntp_server %}
+  port {{ ntp_server.port }}
+{%   endif %}
+{% endif %}
diff --git a/spreadspace/lw-dione.yml b/spreadspace/lw-dione.yml
index f0a3ce59..edc2e97b 100644
--- a/spreadspace/lw-dione.yml
+++ b/spreadspace/lw-dione.yml
@@ -7,6 +7,6 @@
   - role: core/sshd
   - role: core/zsh
   - role: core/cpu-microcode
+  - role: core/ntp
   - role: core/admin-users
   - role: streaming/blackmagic/desktopvideo
-  - role: chrony
diff --git a/spreadspace/lw-helene.yml b/spreadspace/lw-helene.yml
index 5b2afda3..cbf9f3b9 100644
--- a/spreadspace/lw-helene.yml
+++ b/spreadspace/lw-helene.yml
@@ -7,6 +7,6 @@
   - role: core/sshd
   - role: core/zsh
   - role: core/cpu-microcode
+  - role: core/ntp
   - role: core/admin-users
   - role: streaming/blackmagic/desktopvideo
-  - role: chrony
-- 
cgit v1.2.3