consider using ntpsec for Debian instead of ntp

2024-08-16 12:59:49 +02:00 · 2023-11-28 03:05:59 +01:00 · 2023-11-28 03:05:59 +01:00 · bc84cec5fb
commit bc84cec5fb
parent a3ac34e33d
15 changed files with 70 additions and 17 deletions
--- a/README.md
+++ b/README.md
@ -38,6 +38,10 @@ ntp_servers:
 ntp_set_time_zone: false
 ntp_timezone: 'Europe/Berlin'
 # Leap seconds definition provided by tzdata
 ntp_leap: true
 ntp_leapfile: '/usr/share/zoneinfo/leap-seconds.list'
 # Enable or disable ntp statistics
 ntp_statistics: false
@ -83,6 +87,9 @@ You can install it with this command:
 ansible-galaxy collection install -r requirements.yml --upgrade
 ```
 ## Testing
 This role is tested on debian stable. It should work on other operating systems. Please Report issues if it does not work.
 ## Author Information
 + This role was created in 2018 by diodonfrost.
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -20,10 +20,19 @@ ntp_servers:
 # Enable or disable ntp statistics
 ntp_statistics: false
 ntp_ntpstats_dir: '/var/log/ntpstats/'
 ntp_statistics_overview:
  - 'clockstats'
  - 'peerstats'
  - 'loopstats'
 # optionally set timezone
 ntp_set_time_zone: false
 ntp_timezone: 'Europe/Berlin'
 # Leap seconds definition provided by tzdata
 ntp_leap: true
 ntp_leapfile: '/usr/share/zoneinfo/leap-seconds.list'
 # version check for this playbook (true is recomended)
 submodules_versioncheck: false
--- a/tasks/config.yml
+++ b/tasks/config.yml
@ -8,3 +8,12 @@
    group: "{{ ntp_configfile_group }}"
    mode: 0644
  notify: "Restart ntp daemons on {{ ansible_system }}"
 - name: Create logging folder
  become: true
  ansible.builtin.file:
    path: "{{ ntp_ntpstats_dir }}"
    state: directory
    mode: 0755
    owner: ntp
    group: ntp
--- a/tasks/packages/setup-Linux.yml
+++ b/tasks/packages/setup-Linux.yml
@ -16,7 +16,13 @@
  when: ansible_os_family == "Gentoo"
  tags: 'skip_ansible_lint'
- name: Install ntp daemon on Linux
+- name: Remove ntp legacy daemon on Linux
  become: true
  ansible.builtin.package:
    name: "{{ ntp_package_absent }}"
    state: absent
 - name: Install ntpsec daemon on Linux
  become: true
  ansible.builtin.package:
    name: "{{ ntp_package }}"
--- a/templates/ntp.conf.j2
+++ b/templates/ntp.conf.j2
@ -1,13 +1,18 @@
-#####################################
+######################################################
 ##                                                  ##
 ##       THIS  FILE  IS  MANAGED  BY  ANSIBLE       ##
 ##                                                  ##
 ##                It is about time                  ##
 ##                                                  ##
-#####################################
+######################################################
-# > galaxy.ansible.com/do1jlr/ntp < #
+# > galaxy.ansible.com/ui/repo/published/l3d/time/ < #
 driftfile {{ ntp_driftfile }}
 {% if ntp_leap %}
 # Leap seconds definition provided by tzdata
 leapfile {{ ntp_leapfile }}
 {% endif %}
 {% for restrict_ip in ntp_restrict %}
 restrict {{ restrict_ip }}
 {% endfor %}
@ -17,5 +22,13 @@ server {{ pool_server }}
 {% endfor %}
 {% if ntp_statistics | bool %}
-statistics clockstats cryptostats loopstats peerstats
+statistics {{ ntp_statistics_overview | join(' ') }}
 # Enable this if you want statistics to be logged.
 statsdir {{ ntp_ntpstats_dir }}
 {%     for stat in ntp_statistics_overview %}
 filegen {{ stat }} file {{ stat }} type day enable
 {%     endfor %}
 {% endif %}
--- a/vars/ArchLinux.yml
+++ b/vars/ArchLinux.yml
@ -1,8 +1,9 @@
 ---
-ntp_package: ntp
+ntp_package: 'ntpsec'
 ntp_package_absent: 'ntp'
 ntp_service: ntpd
-ntp_configfile: /etc/ntp.conf
+ntp_configfile: /etc/ntpsec/ntp.conf
 ntp_configfile_user: root
 ntp_configfile_group: root
 ntp_driftfile: /var/lib/ntp/drift
--- a/vars/Darwin.yml
+++ b/vars/Darwin.yml
@ -1,6 +1,7 @@
 ---
-ntp_package:
+ntp_package: ntp
 ntp_service: ntp
 ntp_package_absent: []
 ntp_configfile: /private/etc/ntp.conf
 ntp_configfile_user: root
--- a/vars/Debian.yml
+++ b/vars/Debian.yml
@ -1,8 +1,9 @@
 ---
-ntp_package: ntp
+ntp_package: 'ntpsec'
-ntp_service: ntp
+ntp_package_absent: 'ntp'
 ntp_service: 'ntpsec'
-ntp_configfile: /etc/ntp.conf
+ntp_configfile: '/etc/ntpsec/ntp.conf'
 ntp_configfile_user: root
 ntp_configfile_group: root
 ntp_driftfile: /var/lib/ntp/drift
--- a/vars/FreeBSD.yml
+++ b/vars/FreeBSD.yml
@ -1,5 +1,6 @@
 ---
 ntp_package: ntp
 ntp_package_absent: []
 ntp_service: ntpd
 ntp_configfile: /etc/ntp.conf
--- a/vars/Gentoo.yml
+++ b/vars/Gentoo.yml
@ -1,5 +1,6 @@
 ---
 ntp_package: net-misc/ntp
 ntp_package_absent: []
 ntp_service: ntp-client
 ntp_configfile: /etc/ntp.conf
--- a/vars/OpenBSD.yml
+++ b/vars/OpenBSD.yml
@ -1,5 +1,6 @@
 ---
 ntp_package: ntp
 ntp_package_absent: []
 ntp_service: ntpd
 ntp_configfile: /etc/ntp.conf
--- a/vars/RedHat.yml
+++ b/vars/RedHat.yml
@ -1,5 +1,6 @@
 ---
 ntp_package: ntp
 ntp_package_absent: []
 ntp_service: ntpd
 ntp_configfile: /etc/ntp.conf
--- a/vars/Suse.yml
+++ b/vars/Suse.yml
@ -1,5 +1,6 @@
 ---
 ntp_package: ntp
 ntp_package_absent: []
 ntp_service: ntpd
 ntp_configfile: /etc/ntp.conf
--- a/vars/fallback.yml
+++ b/vars/fallback.yml
@ -1,5 +1,6 @@
 ---
 ntp_package: ntp
 ntp_package_absent: []
 ntp_service: ntp
 ntp_configfile: /etc/ntp.conf
--- a/vars/main.yml
+++ b/vars/main.yml
@ -1,5 +1,5 @@
 ---
-playbook_version_number: 2060
+playbook_version_number: 2061
 ntp__playbook_version_path: 'role-ntp_chaos-bodensee_github.com.version'
 ntp__vars: