104 lines
3 KiB
Markdown
104 lines
3 KiB
Markdown
|
# Ansible role: Chrony
|
||
|
|
|
||
|
|
[](https://code.waks.be/nishiki/ansible-role-chrony/releases)
|
||
|
|
[](https://code.waks.be/nishiki/ansible-role-chrony/src/branch/main/LICENSE)
|
||
|
|
[](https://code.waks.be/nishiki/ansible-role-chrony/actions?workflow=molecule.yml)
|
||
|
|
|
||
|
|
Install and configure Chrony a NTP client and server
|
||
|
|
|
||
|
|
## Requirements
|
||
|
|
|
||
|
|
- Ansible >= 2.10
|
||
|
|
- Debian
|
||
|
|
- Bookworm
|
||
|
|
|
||
|
|
## Role variables
|
||
|
|
|
||
|
|
| Name | Type | Required | Default | Comment |
|
||
|
|
| ------------- | ---- | -------- | ------- | -------------- |
|
||
|
|
| chrony_config | dict | no | | General config |
|
||
|
|
| chrony_keys | dict | no | | NTP keys |
|
||
|
|
|
||
|
|
### chrony_config
|
||
|
|
|
||
|
|
All options are in [the documentation](https://chrony-project.org/doc/3.4/chrony.conf.html)
|
||
|
|
|
||
|
|
Default value:
|
||
|
|
|
||
|
|
```yaml
|
||
|
|
pool: 2.debian.pool.ntp.org iburst
|
||
|
|
keyfile: /etc/chrony/chrony.keys
|
||
|
|
driftfile: /var/lib/chrony/chrony.drift
|
||
|
|
ntsdumpdir: /var/lib/chrony
|
||
|
|
logdir: /var/log/chrony
|
||
|
|
maxupdateskew: 100.0
|
||
|
|
rtcsync: true
|
||
|
|
makestep: 1 3
|
||
|
|
leapsectz: right/UTC
|
||
|
|
```
|
||
|
|
|
||
|
|
### chrony_keys
|
||
|
|
|
||
|
|
| Name | Type | Required | Default | Comment |
|
||
|
|
| ------ | ---- | -------- | ------- | ----------------------------- |
|
||
|
|
| key | int | yes | | the key ID |
|
||
|
|
| cipher | str | yes | | the cipher to use |
|
||
|
|
| hex | str | yes | | the key to hexadecimal format |
|
||
|
|
|
||
|
|
You can generate a new key with this command `chronyc keygen 43 SHA-256 256`
|
||
|
|
|
||
|
|
Example:
|
||
|
|
|
||
|
|
```yaml
|
||
|
|
42:
|
||
|
|
cipher: SHA-256
|
||
|
|
hex: 11881F168AF08DB67736A9530F952BB7D8CCA3F3
|
||
|
|
```
|
||
|
|
|
||
|
|
## How to use
|
||
|
|
|
||
|
|
```yaml
|
||
|
|
- hosts: server
|
||
|
|
roles:
|
||
|
|
- chrony
|
||
|
|
vars:
|
||
|
|
chrony_keys:
|
||
|
|
42:
|
||
|
|
type: SHA-256
|
||
|
|
hex: 11881F168AF08DB67736A9530F952BB7D8CCA3F3
|
||
|
|
chrony_config:
|
||
|
|
pool:
|
||
|
|
server:
|
||
|
|
- 0.fr.pool.ntp.org iburst
|
||
|
|
- 1.fr.pool.ntp.org iburst
|
||
|
|
- 2.fr.pool.ntp.org iburst
|
||
|
|
- 3.fr.pool.ntp.org iburst
|
||
|
|
```
|
||
|
|
|
||
|
|
## Development
|
||
|
|
|
||
|
|
### Test with molecule and docker
|
||
|
|
|
||
|
|
- install [docker](https://docs.docker.com/engine/installation/)
|
||
|
|
- install `python3` and `python3-pip`
|
||
|
|
- install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
|
||
|
|
- run `molecule test`
|
||
|
|
|
||
|
|
## License
|
||
|
|
|
||
|
|
```
|
||
|
|
Copyright (c) 2024 Adrien Waksberg
|
||
|
|
|
||
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||
|
|
you may not use this file except in compliance with the License.
|
||
|
|
You may obtain a copy of the License at
|
||
|
|
|
||
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
||
|
|
|
||
|
|
Unless required by applicable law or agreed to in writing, software
|
||
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
|
|
See the License for the specific language governing permissions and
|
||
|
|
limitations under the License.
|
||
|
|
```
|