folliehiyuki/sysconfig
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
This repository has been archived on 2024-02-16. You can view files and clone it, but cannot push or open issues or pull requests.
sysconfig/roles/ntpd
History
Hoang Nguyen ec72f75587
Add 'ntpd' and 'auditd' roles 
More changes:
- Remove 'grub' role. We shouldn't touch anything related to the
  bootloader here, as it's dangerous. I'll write docs for myself on
  this.
- Fix linting here and there, so ansible-lint won't complain
- Refactor group_vars/all.yml to be more readable
2023-04-06 00:00:00 +07:00
..
tasks Add 'ntpd' and 'auditd' roles 2023-04-06 00:00:00 +07:00
templates Add 'ntpd' and 'auditd' roles 2023-04-06 00:00:00 +07:00
README.md Add 'ntpd' and 'auditd' roles 2023-04-06 00:00:00 +07:00

README.md

Notes

Tasks not needed in NTP client mode but might come handy in the future.

Generate NTP symetric key for chronyd

NOTE: NTS should be used if the server is publicly accessible. Otherwise, for a private NTP server, symetric key is sufficient.

- name: chrony | Generate the symetric key with chronyc
  command:
    cmd: /usr/bin/chronyc keygen {{ (2**32 - 1) | random }} SHA512 256
    creates: /etc/chrony/chrony.keys
  register: chrony_keys

- name: chrony | Create chrony.keys file from chronyc output
  copy:
    content: |
      {{ chrony_keys['stdout'] }}      
    dest: /etc/chrony/chrony.keys
    mode: '400'
    owner: chrony
    group: root
  when: chrony_keys is defined

Then add keyfile /etc/chrony/chrony.keys to /etc/chrony/chrony.conf file.