# Ansible role: Chrony

[![Version](https://img.shields.io/badge/latest_version-0.0.0-green.svg)](https://code.waks.be/nishiki/ansible-role-chrony/releases)
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://code.waks.be/nishiki/ansible-role-chrony/src/branch/main/LICENSE)
[![Build](https://code.waks.be/nishiki/ansible-role-chrony/actions/workflows/molecule.yml/badge.svg?branch=main)](https://code.waks.be/nishiki/ansible-role-chrony/actions?workflow=molecule.yml)

Install and configure Chrony a NTP client and server

## Requirements

- Ansible >= 2.10
- Debian
  - Bookworm

## Role variables

| Name          | Type | Required | Default | Comment        |
| ------------- | ---- | -------- | ------- | -------------- |
| chrony_config | dict | no       |         | General config |
| chrony_keys   | dict | no       |         | NTP keys       |

### chrony_config

All options are in [the documentation](https://chrony-project.org/doc/3.4/chrony.conf.html)

Default value:

```yaml
pool: 2.debian.pool.ntp.org iburst
keyfile: /etc/chrony/chrony.keys
driftfile: /var/lib/chrony/chrony.drift
ntsdumpdir: /var/lib/chrony
logdir: /var/log/chrony
maxupdateskew: 100.0
rtcsync: true
makestep: 1 3
leapsectz: right/UTC
```

### chrony_keys

| Name   | Type | Required | Default | Comment                       |
| ------ | ---- | -------- | ------- | ----------------------------- |
| key    | int  | yes      |         | the key ID                    |
| cipher | str  | yes      |         | the cipher to use             |
| hex    | str  | yes      |         | the key to hexadecimal format |

You can generate a new key with this command `chronyc keygen 43 SHA-256 256`

Example:

```yaml
42:
  cipher: SHA-256
  hex: 11881F168AF08DB67736A9530F952BB7D8CCA3F3
```

## How to use

```yaml
- hosts: server
  roles:
    - chrony
  vars:
    chrony_keys:
      42:
        type: SHA-256
        hex: 11881F168AF08DB67736A9530F952BB7D8CCA3F3
    chrony_config:
      pool:
      server:
        - 0.fr.pool.ntp.org iburst
        - 1.fr.pool.ntp.org iburst
        - 2.fr.pool.ntp.org iburst
        - 3.fr.pool.ntp.org iburst
```

## Development

### Test with molecule and docker

- install [docker](https://docs.docker.com/engine/installation/)
- install `python3` and `python3-pip`
- install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
- run `molecule test`

## License

```
Copyright (c) 2024 Adrien Waksberg

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
```