diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2020-11-05 17:13:03 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2020-11-15 18:33:37 +0100 |
commit | e8e01842f4e578ec427dd8d6f5a5e40b498458af (patch) | |
tree | b4fcd836afa59a11570d54ab2e55dceb99e98bfc /roles/common/tasks | |
parent | 6a7bf972fa2c054f1aef5465237343247959e313 (diff) |
Change NTP client to systemd-timesyncd.
(Excluding our NTP master.) It's simpler, arguably more secure, and
provides enough functionality when only simple client use-cases are
desired.
We allow outgoing connections to 123/udp also on NTP slaves so systemd-timesyncd
can connect to the fallbacks NTP servers.
Diffstat (limited to 'roles/common/tasks')
-rw-r--r-- | roles/common/tasks/ntp.yml | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/roles/common/tasks/ntp.yml b/roles/common/tasks/ntp.yml index f9a01c8..60ffef9 100644 --- a/roles/common/tasks/ntp.yml +++ b/roles/common/tasks/ntp.yml @@ -1,15 +1,30 @@ -- name: Install ntp - apt: pkg=ntp +- name: Install/Remove ntp + # TODO bullseye: install new package 'systemd-timesyncd' + apt: pkg=ntp state={{ state }} purge=yes + vars: + state: "{{ ('NTP_master' in group_names) | ternary('present', 'absent') }}" + +- name: Create /etc/systemd/timesyncd.conf.d + file: path=/etc/systemd/timesyncd.conf.d + state=directory + owner=root group=root + mode=0755 + when: "'NTP_master' not in group_names" - name: Configure ntp - template: src=etc/ntp.conf.j2 - dest=/etc/ntp.conf + template: src=etc/{{ conf }}.j2 + dest=/etc/{{ conf }} owner=root group=root mode=0644 + vars: + conf: "{{ ('NTP_master' in group_names) | ternary('ntp.conf', 'systemd/timesyncd.conf.d/fripost.conf') }}" + service: "{{ ('NTP_master' in group_names) | ternary('ntp', 'systemd-timesyncd') }}" notify: - - Restart ntp + - Restart {{ service }} - meta: flush_handlers -- name: Start ntp - service: name=ntp state=started +- name: Start and enable ntp + service: name={{ service }}.service state=started enabled=true + vars: + service: "{{ ('NTP_master' in group_names) | ternary('ntp', 'systemd-timesyncd') }}" |