summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--roles/common/templates/etc/ntp.conf.j26
1 files changed, 4 insertions, 2 deletions
diff --git a/roles/common/templates/etc/ntp.conf.j2 b/roles/common/templates/etc/ntp.conf.j2
index 5957276..2022a4b 100644
--- a/roles/common/templates/etc/ntp.conf.j2
+++ b/roles/common/templates/etc/ntp.conf.j2
@@ -10,42 +10,44 @@ statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
# You do need to talk to an NTP server or two (or three).
{% if 'NTP-master' in group_names %}
# Use Stratum One Time Servers:
# http://support.ntp.org/bin/view/Servers/StratumOneTimeServers
server ntp1.sp.se iburst
server ntp2.sp.se iburst
server ntp2.gbg.netnod.se iburst
server ntp1.sth.netnod.se iburst
server ntp2.sth.netnod.se iburst
{% else %}
# Sychronize to our (stratum 2) NTP server, to ensure our network has a
# consistent time.
{% for host in groups['NTP-master'] | sort %}
server {{ ipsec[ hostvars[host].inventory_hostname_short ] }} prefer iburst
{% endfor %}
-server 0.se.pool.ntp.org iburst
-server 1.se.pool.ntp.org iburst
+server 0.{{ geoip | default('debian') }}.pool.ntp.org iburst
+server 1.{{ geoip | default('debian') }}.pool.ntp.org iburst
+server 2.{{ geoip | default('debian') }}.pool.ntp.org iburst
+server 3.{{ geoip | default('debian') }}.pool.ntp.org iburst
{% endif %}
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default limited kod nomodify notrap nopeer noquery
restrict -6 default limited kod nomodify notrap nopeer noquery
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1
# Clients from this (example!) subnet have unlimited access, but only if
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-14 14:20:36 +0000