49 lines
1.2 KiB
YAML
49 lines
1.2 KiB
YAML
---
|
|
- name: install NTP package
|
|
package:
|
|
name: "ntp"
|
|
state: present
|
|
update_cache: yes
|
|
|
|
- name: set system timezone to {{ ntp_timezone }}"
|
|
community.general.timezone:
|
|
name: "{{ ntp_timezone }}"
|
|
notify: "Restart ntpd service"
|
|
|
|
- name: ensure NTP drift file directory exists
|
|
ansible.builtin.file:
|
|
path: "{{ ntp_drift_file | dirname }}"
|
|
state: directory
|
|
owner: "ntp"
|
|
group: "ntp"
|
|
mode: "0750"
|
|
|
|
- name: setup systems timezone
|
|
community.general.timezone:
|
|
name: "{{ ntp_timezone }}"
|
|
notify: Restart chronyd # Redémarrer chrony peut être utile après un changement de TZ pour qu'il la prenne bien en compte dans ses logs/opérations
|
|
|
|
- name: "configure {{ ntp_config_file }}"
|
|
ansible.builtin.template:
|
|
src: "ntp.conf.j2"
|
|
dest: "{{ ntp_config_file }}"
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
notify: "Restart ntpd service"
|
|
|
|
- name: "ensure ntpd service is started and enabled"
|
|
ansible.builtin.systemd:
|
|
name: "ntpd"
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: "configure ufw firewall"
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: "{{ ntp_port }}"
|
|
proto: udp
|
|
src: "{{ item }}"
|
|
direction: in
|
|
loop: "{{ ntp_firewall_allowed_sources | default([]) }}"
|