forked from infra/ansible
common: install chrony (instead of ntp)
This commit is contained in:
parent
0d288bf6e1
commit
2eb5440c3c
@ -1,9 +1,11 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
|
ntp_server: true
|
||||||
|
|
||||||
ntp_servers:
|
ntp_servers:
|
||||||
- ptbtime2.ptb.de
|
- ptbtime2.ptb.de
|
||||||
- ntp1.rrze.uni-erlangen.de
|
- ntp1.rrze.uni-erlangen.de
|
||||||
- ntps1-0.cs.tu-berlin.de
|
- rustime01.rus.uni-stuttgart.de
|
||||||
|
|
||||||
ntp_peers:
|
ntp_peers:
|
||||||
- 172.23.1.60
|
- 172.23.1.60
|
||||||
|
|||||||
@ -1,6 +1,8 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
|
ntp_server: true
|
||||||
|
|
||||||
ntp_servers:
|
ntp_servers:
|
||||||
- ptbtime1.ptb.de
|
- ptbtime1.ptb.de
|
||||||
- ntp1.rrze.uni-erlangen.de
|
- ntp1.rrze.uni-erlangen.de
|
||||||
- ntps1-0.cs.tu-berlin.de
|
- rustime01.rus.uni-stuttgart.de
|
||||||
|
|||||||
@ -1,9 +1,11 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
|
ntp_server: true
|
||||||
|
|
||||||
ntp_servers:
|
ntp_servers:
|
||||||
- ptbtime1.ptb.de
|
- ptbtime1.ptb.de
|
||||||
- ntp1.rrze.uni-erlangen.de
|
- ntp1.rrze.uni-erlangen.de
|
||||||
- ntps1-0.cs.tu-berlin.de
|
- rustime01.rus.uni-stuttgart.de
|
||||||
|
|
||||||
ntp_peers:
|
ntp_peers:
|
||||||
- 172.23.2.3
|
- 172.23.2.3
|
||||||
|
|||||||
@ -1,5 +1,8 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
|
- name: Restart chrony
|
||||||
|
service: name=chrony state=restarted
|
||||||
|
|
||||||
- name: Restart journald
|
- name: Restart journald
|
||||||
service: name=systemd-journald state=restarted
|
service: name=systemd-journald state=restarted
|
||||||
|
|
||||||
|
|||||||
8
roles/common/tasks/chrony.yml
Normal file
8
roles/common/tasks/chrony.yml
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Install chrony
|
||||||
|
apt: name=chrony
|
||||||
|
|
||||||
|
- name: Configure chrony
|
||||||
|
template: src=chrony.conf.j2 dest=/etc/chrony/chrony.conf
|
||||||
|
notify: Restart chrony
|
||||||
@ -16,3 +16,6 @@
|
|||||||
- name: Debian
|
- name: Debian
|
||||||
include: Debian.yml
|
include: Debian.yml
|
||||||
when: ansible_os_family == 'Debian' and 'pve-manager' not in ansible_facts.packages
|
when: ansible_os_family == 'Debian' and 'pve-manager' not in ansible_facts.packages
|
||||||
|
|
||||||
|
- name: Setup chrony
|
||||||
|
include: chrony.yml
|
||||||
|
|||||||
46
roles/common/templates/chrony.conf.j2
Normal file
46
roles/common/templates/chrony.conf.j2
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
# Welcome to the chrony configuration file. See chrony.conf(5) for more
|
||||||
|
# information about usable directives.
|
||||||
|
|
||||||
|
{% for srv in ntp_servers %}
|
||||||
|
server {{ srv }} iburst
|
||||||
|
{% endfor %}
|
||||||
|
{% if ntp_peers is defined %}
|
||||||
|
|
||||||
|
{% for peer in ntp_peers %}
|
||||||
|
peer {{ peer }}
|
||||||
|
{% endfor %}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if ntp_server is defined and ntp_server is true %}
|
||||||
|
allow 172.23.0.0/16
|
||||||
|
{% endif -%}
|
||||||
|
|
||||||
|
# This directive specify the location of the file containing ID/key pairs for
|
||||||
|
# NTP authentication.
|
||||||
|
keyfile /etc/chrony/chrony.keys
|
||||||
|
|
||||||
|
# This directive specify the file into which chronyd will store the rate
|
||||||
|
# information.
|
||||||
|
driftfile /var/lib/chrony/chrony.drift
|
||||||
|
|
||||||
|
# Uncomment the following line to turn logging on.
|
||||||
|
#log tracking measurements statistics
|
||||||
|
|
||||||
|
# Log files location.
|
||||||
|
logdir /var/log/chrony
|
||||||
|
|
||||||
|
# Stop bad estimates upsetting machine clock.
|
||||||
|
maxupdateskew 100.0
|
||||||
|
|
||||||
|
# This directive enables kernel synchronisation (every 11 minutes) of the
|
||||||
|
# real-time clock. Note that it can’t be used along with the 'rtcfile' directive.
|
||||||
|
rtcsync
|
||||||
|
|
||||||
|
# Step the system clock instead of slewing it if the adjustment is larger than
|
||||||
|
# one second, but only in the first three clock updates.
|
||||||
|
makestep 1 3
|
||||||
|
|
||||||
|
# Get TAI-UTC offset and leap seconds from the system tz database.
|
||||||
|
# This directive must be commented out when using time sources serving
|
||||||
|
# leap-smeared time.
|
||||||
|
leapsectz right/UTC
|
||||||
@ -1,7 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Restart ntp
|
|
||||||
service: name=ntp state=restarted
|
|
||||||
|
|
||||||
- name: Restart ntpd
|
|
||||||
service: name=ntpd state=restarted
|
|
||||||
@ -1,11 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Install ntp
|
|
||||||
apt: name=ntp
|
|
||||||
|
|
||||||
- name: Configure ntp
|
|
||||||
template: src=ntp.conf.j2 dest=/etc/ntp.conf
|
|
||||||
notify: Restart ntp
|
|
||||||
|
|
||||||
- name: Start the ntp service
|
|
||||||
service: name=ntp state=started enabled=yes
|
|
||||||
@ -1,10 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
# ntp is already installed on FreeBSD
|
|
||||||
|
|
||||||
- name: Configure ntp
|
|
||||||
template: src=ntp.conf.j2 dest=/etc/ntp.conf
|
|
||||||
notify: Restart ntpd
|
|
||||||
|
|
||||||
- name: Start the ntp service
|
|
||||||
service: name=ntpd state=started enabled=yes
|
|
||||||
@ -1,9 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Debian
|
|
||||||
include: Debian.yml
|
|
||||||
when: ansible_os_family == 'Debian'
|
|
||||||
|
|
||||||
- name: FreeBSD
|
|
||||||
include: FreeBSD.yml
|
|
||||||
when: ansible_distribution == 'FreeBSD'
|
|
||||||
@ -1,15 +0,0 @@
|
|||||||
{% for srv in ntp_servers %}
|
|
||||||
server {{ srv }} iburst
|
|
||||||
{% endfor %}
|
|
||||||
{% if ntp_peers is defined %}
|
|
||||||
|
|
||||||
{% for peer in ntp_peers %}
|
|
||||||
peer {{ peer }}
|
|
||||||
{% endfor %}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
restrict default kod nomodify notrap nopeer noquery
|
|
||||||
restrict -6 default kod nomodify notrap nopeer noquery
|
|
||||||
|
|
||||||
restrict 127.0.0.1
|
|
||||||
restrict -6 ::1
|
|
||||||
Loading…
Reference in New Issue
Block a user