From 221413244a408cfe27c894a8aef4c68a38348b43 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Fri, 27 Nov 2020 23:26:04 +0100 Subject: core/ntp role add systemd-timesyncd and openntpd --- roles/core/ntp/handlers/main.yml | 10 ++++++++++ roles/core/ntp/tasks/openntpd.yml | 11 +++++++++++ roles/core/ntp/tasks/systemd-timesyncd.yml | 18 ++++++++++++++++++ roles/core/ntp/templates/chrony.conf.j2 | 4 ++-- roles/core/ntp/templates/openntpd.conf.j2 | 20 ++++++++++++++++++++ 5 files changed, 61 insertions(+), 2 deletions(-) create mode 100644 roles/core/ntp/tasks/openntpd.yml create mode 100644 roles/core/ntp/tasks/systemd-timesyncd.yml create mode 100644 roles/core/ntp/templates/openntpd.conf.j2 (limited to 'roles/core') diff --git a/roles/core/ntp/handlers/main.yml b/roles/core/ntp/handlers/main.yml index 08d878be..0f11a5da 100644 --- a/roles/core/ntp/handlers/main.yml +++ b/roles/core/ntp/handlers/main.yml @@ -3,3 +3,13 @@ service: name: chrony state: restarted + +- name: restart systemd-timesyncd + service: + name: systemd-timesyncd + state: restarted + +- name: restart openntpd + service: + name: openntpd + state: restarted diff --git a/roles/core/ntp/tasks/openntpd.yml b/roles/core/ntp/tasks/openntpd.yml new file mode 100644 index 00000000..76f62646 --- /dev/null +++ b/roles/core/ntp/tasks/openntpd.yml @@ -0,0 +1,11 @@ +--- +- name: install openntpd + apt: + name: openntpd + state: present + +- name: install openntpd configuration + template: + src: openntpd.conf.j2 + dest: /etc/openntpd/ntpd.conf + notify: restart openntpd diff --git a/roles/core/ntp/tasks/systemd-timesyncd.yml b/roles/core/ntp/tasks/systemd-timesyncd.yml new file mode 100644 index 00000000..20a5f379 --- /dev/null +++ b/roles/core/ntp/tasks/systemd-timesyncd.yml @@ -0,0 +1,18 @@ +--- +- name: set ntp servers + when: + - ntp_client is defined + - "'servers' in ntp_client" + lineinfile: + path: /etc/systemd/timesyncd.conf + regexp: '^#?NTP=' + line: "NTP={{ ntp_client.servers | map(attribute='name') | join(' ') }}" + notify: restart systemd-timesyncd + +- name: un-set ntp servers + when: "ntp_client is not defined or 'servers' not in ntp_client" + lineinfile: + path: /etc/systemd/timesyncd.conf + regexp: '^#?NTP=' + line: "#NTP=" + notify: restart systemd-timesyncd diff --git a/roles/core/ntp/templates/chrony.conf.j2 b/roles/core/ntp/templates/chrony.conf.j2 index 0bad9235..e404da18 100644 --- a/roles/core/ntp/templates/chrony.conf.j2 +++ b/roles/core/ntp/templates/chrony.conf.j2 @@ -47,10 +47,10 @@ allow {{ rule }} {% for rule in ntp_server.deny | default([]) %} deny {{ rule }} {% endfor %} -{% if 'bindaddress' in ntp_server %} +{% if 'bind' in ntp_server %} bindaddress {{ ntp_server.bind }} {% endif %} {% if 'port' in ntp_server %} - port {{ ntp_server.port }} +port {{ ntp_server.port }} {% endif %} {% endif %} diff --git a/roles/core/ntp/templates/openntpd.conf.j2 b/roles/core/ntp/templates/openntpd.conf.j2 new file mode 100644 index 00000000..09a6a9c3 --- /dev/null +++ b/roles/core/ntp/templates/openntpd.conf.j2 @@ -0,0 +1,20 @@ +### Client +{% if 'servers' in ntp_client %} + +{% for server in ntp_client.servers %} +server {{ server.name }}{% if 'options' in server %} {{ server.options }}{% endif %}{{ '' }} +{% endfor %} +{% endif %} +{% if 'pools' in ntp_client %} + +{% for pool in ntp_client.pools %} +servers {{ pool.name }}{% if 'options' in pool %} {{ pool.options }}{% endif %}{{ '' }} +{% endfor %} +{% endif %} +{% if ntp_server is defined %} + + +### Server + +listen on {{ ntp_server.bind | default('*') }} +{% endif %} -- cgit v1.2.3