chronyd: add role + playbook
This commit is contained in:
parent
69dc3052ab
commit
d2c1b1c07a
6 changed files with 79 additions and 0 deletions
16
playbooks/chronyd.yml
Executable file
16
playbooks/chronyd.yml
Executable file
|
@ -0,0 +1,16 @@
|
|||
#!/usr/bin/env ansible-playbook
|
||||
---
|
||||
- hosts:
|
||||
- ntp-1.int.infra.auro.re
|
||||
vars:
|
||||
chronyd__allow_networks:
|
||||
- 10.128.0.0/16
|
||||
- 2a09:6840:128::/48
|
||||
chronyd__pools:
|
||||
- 0.pool.ntp.org
|
||||
- 1.pool.ntp.org
|
||||
- 2.pool.ntp.org
|
||||
- 3.pool.ntp.org
|
||||
roles:
|
||||
- chronyd
|
||||
...
|
9
roles/chronyd/defaults/main.yml
Normal file
9
roles/chronyd/defaults/main.yml
Normal file
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
chronyd__pools: []
|
||||
chronyd__key_file: /etc/chrony/chrony.keys
|
||||
chronyd__drift_file: /var/lib/chrony/chrony.drift
|
||||
chronyd__nts_dump_dir: /var/lib/chrony
|
||||
chronyd__max_update_skew: 100.0
|
||||
chronyd__rtcsync: true
|
||||
chronyd__allow_networks: []
|
||||
...
|
6
roles/chronyd/handlers/main.yml
Normal file
6
roles/chronyd/handlers/main.yml
Normal file
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
- name: Restart chronyd
|
||||
systemd:
|
||||
name: chronyd.service
|
||||
state: restarted
|
||||
...
|
24
roles/chronyd/tasks/main.yml
Normal file
24
roles/chronyd/tasks/main.yml
Normal file
|
@ -0,0 +1,24 @@
|
|||
---
|
||||
- name: Install chronyd
|
||||
apt:
|
||||
name: chrony
|
||||
|
||||
- name: Configure chronyd
|
||||
template:
|
||||
src: "{{ item }}.j2"
|
||||
dest: "/etc/chrony/{{ item }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: u=rw,g=r,o=
|
||||
loop:
|
||||
- chrony.conf
|
||||
- chrony.keys
|
||||
notify:
|
||||
- Restart chronyd
|
||||
|
||||
- name: Enable and start chronyd
|
||||
systemd:
|
||||
name: chronyd.service
|
||||
enabled: true
|
||||
state: started
|
||||
...
|
23
roles/chronyd/templates/chrony.conf.j2
Normal file
23
roles/chronyd/templates/chrony.conf.j2
Normal file
|
@ -0,0 +1,23 @@
|
|||
{{ ansible_managed | comment }}
|
||||
|
||||
{% for pool in chronyd__pools %}
|
||||
pool {{ pool }} iburst
|
||||
{% endfor %}
|
||||
|
||||
keyfile {{ chronyd__key_file }}
|
||||
dritfile {{ chronyd__drift_file }}
|
||||
ntsdumpdir {{ chronyd__nts_dump_dir }}
|
||||
|
||||
log tracking measurements statistics
|
||||
|
||||
maxupdateskew {{ chronyd__max_update_skew | float }}
|
||||
|
||||
{% if chronyd__rtcsync %}
|
||||
rtcsync
|
||||
{% endif %}
|
||||
|
||||
leapsectz right/UTC
|
||||
|
||||
{% for network in chronyd__allow_networks %}
|
||||
allow {{ network | ipaddr }}
|
||||
{% endfor %}
|
1
roles/chronyd/templates/chrony.keys.j2
Normal file
1
roles/chronyd/templates/chrony.keys.j2
Normal file
|
@ -0,0 +1 @@
|
|||
{{ ansible_managed | comment }}
|
Loading…
Reference in a new issue