From cca2800ea453fba61edece248812e243f761a286 Mon Sep 17 00:00:00 2001
From: Jakob Englisch <jakob.englisch@catalysts.cc>
Date: Tue, 8 Jan 2019 22:06:30 +0100
Subject: [PATCH] Chrony: make ntp server options configurable

Users may wish to remove the 'offline' option for increased
reliability, since ifup/ifdown scripts are typically not
required in (static) server environments. Futhermore it
enables users to adjust the polling timers to their needs.

Change-Id: Iafa31c03e98785a574f38bb2206b9bea9550743e
---
 defaults/main.yml                                             | 2 ++
 .../notes/chrony-ntp-server-options-f8f87225a5282e1a.yaml     | 4 ++++
 templates/chrony.conf.j2                                      | 2 +-
 3 files changed, 7 insertions(+), 1 deletion(-)
 create mode 100644 releasenotes/notes/chrony-ntp-server-options-f8f87225a5282e1a.yaml

diff --git a/defaults/main.yml b/defaults/main.yml
index 458eaaf7..cd4ac047 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -270,6 +270,8 @@ security_ntp_servers:
   - 1.pool.ntp.org
   - 2.pool.ntp.org
   - 3.pool.ntp.org
+# NTP server options.
+security_ntp_server_options: offline maxpoll 10 minpoll 8
 # Chrony limits access to clients that are on certain subnets.  Adjust the
 # following subnets here to limit client access to chrony servers.
 security_allowed_ntp_subnets:
diff --git a/releasenotes/notes/chrony-ntp-server-options-f8f87225a5282e1a.yaml b/releasenotes/notes/chrony-ntp-server-options-f8f87225a5282e1a.yaml
new file mode 100644
index 00000000..d52bf606
--- /dev/null
+++ b/releasenotes/notes/chrony-ntp-server-options-f8f87225a5282e1a.yaml
@@ -0,0 +1,4 @@
+---
+features:
+  - It is now possible to modify the NTP server options in chrony using
+    ``security_ntp_server_options``.
diff --git a/templates/chrony.conf.j2 b/templates/chrony.conf.j2
index 3e5a6b4d..d5ed910a 100644
--- a/templates/chrony.conf.j2
+++ b/templates/chrony.conf.j2
@@ -20,7 +20,7 @@
 # better to use IP numbers than host names.
 
 {% for ntp_server in security_ntp_servers %}
-server {{ ntp_server }} offline maxpoll 10 minpoll 8
+server {{ ntp_server }} {{ security_ntp_server_options }}
 {% endfor %}
 
 # Look here for the admin password needed for chronyc.  The initial