From b11bd2aee13f3c42b52a879b016277dcb91895b0 Mon Sep 17 00:00:00 2001
From: Sven Velt <sven@velt.de>
Date: Tue, 17 Sep 2024 13:08:46 +0200
Subject: [PATCH] Kapitel 05: Chrony mit Variablen

---
 05/chrony.conf.j2         |  8 ++++++++
 05/chrony.yml             | 20 ++++++++++++++++++++
 05/chrony_mit_vars.yml    | 20 ++++++++++++++++++++
 05/debug.yml              |  7 +++++++
 05/old.ntp/ntp.conf.j2    | 21 +++++++++++++++++++++
 05/old.ntp/ntp.yml        | 20 ++++++++++++++++++++
 group_vars/all/chrony.yml |  3 +++
 group_vars/apk/chrony.yml |  2 ++
 group_vars/apt/chrony.yml |  4 ++++
 group_vars/centos.yml     |  6 ++++++
 group_vars/debian.yml     |  7 +++++++
 group_vars/opensuse.yml   | 11 +++++++++++
 host_vars/tn00-suse-t.yml |  4 ++++
 host_vars/tn00-void.yml   |  7 +++++++
 14 files changed, 140 insertions(+)
 create mode 100644 05/chrony.conf.j2
 create mode 100644 05/chrony.yml
 create mode 100644 05/chrony_mit_vars.yml
 create mode 100644 05/debug.yml
 create mode 100644 05/old.ntp/ntp.conf.j2
 create mode 100644 05/old.ntp/ntp.yml
 create mode 100644 group_vars/all/chrony.yml
 create mode 100644 group_vars/apk/chrony.yml
 create mode 100644 group_vars/apt/chrony.yml
 create mode 100644 group_vars/centos.yml
 create mode 100644 group_vars/debian.yml
 create mode 100644 group_vars/opensuse.yml
 create mode 100644 host_vars/tn00-suse-t.yml
 create mode 100644 host_vars/tn00-void.yml

diff --git a/05/chrony.conf.j2 b/05/chrony.conf.j2
new file mode 100644
index 0000000..1a9d7ad
--- /dev/null
+++ b/05/chrony.conf.j2
@@ -0,0 +1,8 @@
+# {{ ansible_managed }}
+# Server/Pool-Platzhater
+{% for pool in chrony_pools %}pool {{ pool }} iburst
+{% endfor %}
+
+makestep 1 3
+rtcsync
+
diff --git a/05/chrony.yml b/05/chrony.yml
new file mode 100644
index 0000000..afa3fb5
--- /dev/null
+++ b/05/chrony.yml
@@ -0,0 +1,20 @@
+---
+- hosts: all
+
+  tasks:
+
+    - name: Install Chrony
+      ansible.builtin.package: name=chrony state=latest
+
+    - name: Show pools
+      ansible.builtin.debug: var=chrony_pools
+
+    - name: Template config file
+      ansible.builtin.template: "src=chrony.conf.j2 dest='{{ chrony_config_path }}' mode=0644 owner=root group=root backup=yes"
+
+    - name: Restart Chrony with new config
+      ansible.builtin.service: "name='{{ chrony_service_name }}' state=restarted"
+
+    - name: Enable Chrony at boot
+      ansible.builtin.service: "name={{ chrony_service_name }} state=started enabled=yes"
+
diff --git a/05/chrony_mit_vars.yml b/05/chrony_mit_vars.yml
new file mode 100644
index 0000000..c06fa7f
--- /dev/null
+++ b/05/chrony_mit_vars.yml
@@ -0,0 +1,20 @@
+---
+- hosts: all
+
+  vars:
+    chrony_pools: [0.de.pool.ntp.org, 1.de.pool.ntp.org, 2.de.pool.ntp.org]
+
+  tasks:
+
+    - name: Install Chrony
+      ansible.builtin.package: name=chrony state=latest
+
+    - name: Template config file
+      ansible.builtin.template: "src=chrony.conf.j2 dest='{{ chrony_config_path }}' mode=0644 owner=root group=root backup=yes"
+
+    - name: Restart Chrony with new config
+      ansible.builtin.service: "name='{{ chrony_service_name }}' state=restarted"
+
+    - name: Enable Chrony at boot
+      ansible.builtin.service: "name={{ chrony_service_name }} state=started enabled=yes"
+
diff --git a/05/debug.yml b/05/debug.yml
new file mode 100644
index 0000000..2512ddc
--- /dev/null
+++ b/05/debug.yml
@@ -0,0 +1,7 @@
+---
+- hosts:
+    - localhost
+  tasks:
+    - ansible.builtin.debug: "msg='IP: {{ ansible_default_ipv4.address}} - GW: {{ ansible_default_ipv4.gateway }}'"
+    - ansible.builtin.debug: var=ansible_default_ipv4
+
diff --git a/05/old.ntp/ntp.conf.j2 b/05/old.ntp/ntp.conf.j2
new file mode 100644
index 0000000..43d9590
--- /dev/null
+++ b/05/old.ntp/ntp.conf.j2
@@ -0,0 +1,21 @@
+# {{ ansible_managed }}
+driftfile /var/lib/ntp/ntp.drift
+
+leapfile /usr/share/zoneinfo/leap-seconds.list
+
+statistics loopstats peerstats clockstats
+filegen loopstats file loopstats type day enable
+filegen peerstats file peerstats type day enable
+filegen clockstats file clockstats type day enable
+
+{% for server in ntp_servers %}pool {{ server }} iburst
+{% endfor %}
+
+restrict -4 default kod notrap nomodify nopeer noquery limited
+restrict -6 default kod notrap nomodify nopeer noquery limited
+
+restrict 127.0.0.1
+restrict ::1
+
+restrict source notrap nomodify noquery
+
diff --git a/05/old.ntp/ntp.yml b/05/old.ntp/ntp.yml
new file mode 100644
index 0000000..e318b1e
--- /dev/null
+++ b/05/old.ntp/ntp.yml
@@ -0,0 +1,20 @@
+---
+- hosts: all
+
+  tasks:
+
+    - name: Install NTP
+      package: name=ntp state=latest
+
+    - name: Debug
+      debug: var=ntp_servers
+
+    - name: Template ntp.conf
+      template: src=ntp.conf.j2 dest=/etc/ntp.conf backup=yes
+
+    - name: Restart NTP
+      service: "name={{ ntp_service_name }} state=\"restarted\""
+
+    - name: Enable NTP
+      service: 'name="{{ ntp_service_name }}" enabled=yes state=started'
+
diff --git a/group_vars/all/chrony.yml b/group_vars/all/chrony.yml
new file mode 100644
index 0000000..2860b98
--- /dev/null
+++ b/group_vars/all/chrony.yml
@@ -0,0 +1,3 @@
+---
+chrony_config_path: /etc/chrony.conf
+chrony_service_name: chronyd
diff --git a/group_vars/apk/chrony.yml b/group_vars/apk/chrony.yml
new file mode 100644
index 0000000..8dd7b17
--- /dev/null
+++ b/group_vars/apk/chrony.yml
@@ -0,0 +1,2 @@
+---
+chrony_config_path: /etc/chrony/chrony.conf
diff --git a/group_vars/apt/chrony.yml b/group_vars/apt/chrony.yml
new file mode 100644
index 0000000..82fdd2e
--- /dev/null
+++ b/group_vars/apt/chrony.yml
@@ -0,0 +1,4 @@
+---
+chrony_config_path: /etc/chrony/chrony.conf
+chrony_service_name: chrony
+
diff --git a/group_vars/centos.yml b/group_vars/centos.yml
new file mode 100644
index 0000000..1de8ce0
--- /dev/null
+++ b/group_vars/centos.yml
@@ -0,0 +1,6 @@
+---
+chrony_pools:
+  - 0.centos.pool.ntp.org
+  - 1.centos.pool.ntp.org
+  - 2.centos.pool.ntp.org
+
diff --git a/group_vars/debian.yml b/group_vars/debian.yml
new file mode 100644
index 0000000..28f8c01
--- /dev/null
+++ b/group_vars/debian.yml
@@ -0,0 +1,7 @@
+---
+chrony_pools:
+  - 0.debian.pool.ntp.org
+  - 1.debian.pool.ntp.org
+  - 2.debian.pool.ntp.org
+  - 3.debian.pool.ntp.org
+
diff --git a/group_vars/opensuse.yml b/group_vars/opensuse.yml
new file mode 100644
index 0000000..57d8570
--- /dev/null
+++ b/group_vars/opensuse.yml
@@ -0,0 +1,11 @@
+---
+chrony_pools:
+  - 2.de.pool.ntp.org
+  - 3.de.pool.ntp.org
+  - 2.at.pool.ntp.org
+  - 3.at.pool.ntp.org
+  - 2.ch.pool.ntp.org
+  - 3.ch.pool.ntp.org
+  - 2.uk.pool.ntp.org
+  - 3.uk.pool.ntp.org
+
diff --git a/host_vars/tn00-suse-t.yml b/host_vars/tn00-suse-t.yml
new file mode 100644
index 0000000..e479b22
--- /dev/null
+++ b/host_vars/tn00-suse-t.yml
@@ -0,0 +1,4 @@
+---
+chrony_pools:
+  - ntp.meinberg.de
+
diff --git a/host_vars/tn00-void.yml b/host_vars/tn00-void.yml
new file mode 100644
index 0000000..e479f44
--- /dev/null
+++ b/host_vars/tn00-void.yml
@@ -0,0 +1,7 @@
+---
+chrony_pools:
+  - ntp.meinberg.de
+  - ptbtime1.ptb.de
+  - ptbtime2.ptb.de
+  - ptbtime3.ptb.de
+