ansible-install-server/roles/fai/tasks/time-server.yml

- name: install inetd
  package:
    name: inetutils-tools
    state: present

- name: activate rdate
  copy:
    content: |
      time stream tcp nowait root internal
    dest: /etc/inetd.conf
    owner: root
    group: root
    mode: u=rw,g=r,o=r
  register: inetd_conf

- name: ensure inetd is started
  service:
    name: inetd
    state: started
    enabled: true
  when: inetd_conf.changed

- name: ensure inetd is refreshed, when config changed
  service:
    name: inetd
    state: restarted
  when: inetd_conf.changed

- name: install ntp server
  package:
    name: ntp
    state: present

- name: configure ntp server
  copy:
    content: |
      driftfile /var/lib/ntp/ntp.drift

      leapfile /usr/share/zoneinfo/leap-seconds.list
      statistics loopstats peerstats clockstats

      filegen loopstats file loopstats type day enable
      filegen peerstats file peerstats type day enable
      filegen clockstats file clockstats type day enable

      pool 0.debian.pool.ntp.org iburst
      pool 1.debian.pool.ntp.org iburst
      pool 2.debian.pool.ntp.org iburst
      pool 3.debian.pool.ntp.org iburst

      restrict -4 default kod notrap nomodify nopeer noquery limited
      restrict -6 default kod notrap nomodify nopeer noquery limited

      # Local users may interrogate the ntp server more closely.
      restrict 127.0.0.1
      restrict {{server_net}}.0/24
      restrict ::1

      restrict source notrap nomodify noquery
    dest: /etc/ntp.conf
    mode: 0644
    owner: root
    group: root
  register: ntp_conf

- name: ntp is running and enabled
  service:
    name: ntp
    state: started
    enabled: true

- name: reload ntp config
  service:
    name: ntp
    state: restarted
  when: ntp_conf.changed
Initial 2020-08-26 10:10:36 +00:00			`- name: install inetd`
WIP 2020-10-14 22:20:05 +00:00			`package:`
Initial 2020-08-26 10:10:36 +00:00			`name: inetutils-tools`
			`state: present`

			`- name: activate rdate`
			`copy:`
			`content: \|`
			`time stream tcp nowait root internal`
			`dest: /etc/inetd.conf`
			`owner: root`
			`group: root`
WIP 2020-10-14 22:20:05 +00:00			`mode: u=rw,g=r,o=r`
Initial 2020-08-26 10:10:36 +00:00			`register: inetd_conf`

WIP 2020-10-14 22:20:05 +00:00			`- name: ensure inetd is started`
Some extensions - add offline mode - removed wan config - add apt.faiserver.lan domain to unbound - website apt.faiserver.lan in nginx to point to apt-cacher apt-repo 2020-10-08 18:17:01 +00:00			`service:`
WIP 2020-10-14 22:20:05 +00:00			`name: inetd`
			`state: started`
Some extensions - add offline mode - removed wan config - add apt.faiserver.lan domain to unbound - website apt.faiserver.lan in nginx to point to apt-cacher apt-repo 2020-10-08 18:17:01 +00:00			`enabled: true`
Initial 2020-08-26 10:10:36 +00:00			`when: inetd_conf.changed`

WIP 2020-10-14 22:20:05 +00:00			`- name: ensure inetd is refreshed, when config changed`
			`service:`
			`name: inetd`
			`state: restarted`
			`when: inetd_conf.changed`

Initial 2020-08-26 10:10:36 +00:00			`- name: install ntp server`
WIP 2020-10-14 22:20:05 +00:00			`package:`
Initial 2020-08-26 10:10:36 +00:00			`name: ntp`
			`state: present`

			`- name: configure ntp server`
			`copy:`
			`content: \|`
			`driftfile /var/lib/ntp/ntp.drift`

			`leapfile /usr/share/zoneinfo/leap-seconds.list`
			`statistics loopstats peerstats clockstats`

			`filegen loopstats file loopstats type day enable`
			`filegen peerstats file peerstats type day enable`
			`filegen clockstats file clockstats type day enable`

			`pool 0.debian.pool.ntp.org iburst`
			`pool 1.debian.pool.ntp.org iburst`
			`pool 2.debian.pool.ntp.org iburst`
			`pool 3.debian.pool.ntp.org iburst`

			`restrict -4 default kod notrap nomodify nopeer noquery limited`
			`restrict -6 default kod notrap nomodify nopeer noquery limited`

			`# Local users may interrogate the ntp server more closely.`
			`restrict 127.0.0.1`
			`restrict {{server_net}}.0/24`
			`restrict ::1`

			`restrict source notrap nomodify noquery`
			`dest: /etc/ntp.conf`
			`mode: 0644`
			`owner: root`
			`group: root`
			`register: ntp_conf`

Some extensions - add offline mode - removed wan config - add apt.faiserver.lan domain to unbound - website apt.faiserver.lan in nginx to point to apt-cacher apt-repo 2020-10-08 18:17:01 +00:00			`- name: ntp is running and enabled`
			`service:`
			`name: ntp`
			`state: started`
			`enabled: true`

Initial 2020-08-26 10:10:36 +00:00			`- name: reload ntp config`
WIP 2020-10-14 22:20:05 +00:00			`service:`
Initial 2020-08-26 10:10:36 +00:00			`name: ntp`
			`state: restarted`
			`when: ntp_conf.changed`