diff --git a/chrony b/chrony new file mode 120000 index 0000000..945c9b4 --- /dev/null +++ b/chrony @@ -0,0 +1 @@ +. \ No newline at end of file diff --git a/tasks/config.yml b/tasks/config.yml index 4de5f89..e2489da 100644 --- a/tasks/config.yml +++ b/tasks/config.yml @@ -1,4 +1,21 @@ --- +# Copyright 2022 Red Hat, Inc. +# # All Rights Reserved. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); you may +# # not use this file except in compliance with the License. You may obtain +# # a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# # License for the specific language governing permissions and limitations +# # under the License. + +- name: Load distro-specific variables + include_tasks: vars.yml - name: Install chrony configuration file template: src: chrony.conf.j2 @@ -8,23 +25,3 @@ mode: 0644 register: chrony_config notify: Restart chronyd - -- name: Ensure chronyd is running - service: - enabled: "{{ (chrony_service_state|default('started') in ['running', 'started']) |bool }}" - name: "{{ chrony_service_name }}" - state: "{{ chrony_service_state|default('started') }}" - when: chrony_manage_service|bool - -# ansible sometimes ignores handlers when invoked elsewhere. Since we will -# likely want to restart chrony after a configuration update, let's do it here -# always. The handler will still trigger for upgrades/updates later as well. -# This won't have any effect if chrony_manage_service is set to false. -# See also https://github.com/ansible/ansible/issues/37512 -- name: Force chronyd restart - service: - name: "{{ chrony_service_name }}" - state: restarted - when: - - chrony_manage_service|bool - - chrony_config.changed diff --git a/tasks/install.yml b/tasks/install.yml index cdc8082..66e0c74 100644 --- a/tasks/install.yml +++ b/tasks/install.yml @@ -1,4 +1,33 @@ --- +# Copyright 2022 Red Hat, Inc. +# # All Rights Reserved. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); you may +# # not use this file except in compliance with the License. You may obtain +# # a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# # License for the specific language governing permissions and limitations +# # under the License. + +- name: Load distro-specific variables + include_tasks: vars.yml +- name: Check for NTP service + shell: systemctl is-active ntpd.service || systemctl is-enabled ntpd.service + failed_when: false + register: ntp_service_check +- name: Disable NTP before configuring Chrony + service: + name: ntpd + state: stopped + enabled: false + when: + - ntp_service_check.rc is defined + - ntp_service_check.rc == 0 - name: Install chronyd package package: name: "{{ chrony_package_name }}" diff --git a/tasks/main.yml b/tasks/main.yml index 840d75b..49f9103 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,10 +1,21 @@ --- +# Copyright 2022 Red Hat, Inc. +# # All Rights Reserved. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); you may +# # not use this file except in compliance with the License. You may obtain +# # a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# # License for the specific language governing permissions and limitations +# # under the License. + - name: Load distro-specific variables - include_vars: "{{ item }}" - with_first_found: - - "{{ ansible_facts['distribution'] }}.yml" - - "{{ ansible_facts['os_family'] }}.yml" - - default.yml + include_tasks: vars.yml - name: Install chronyd include_tasks: install.yml @@ -18,6 +29,14 @@ include_tasks: config.yml when: chrony_role_action in ['all', 'config'] +- name: Run chronyd + include_tasks: run.yml + when: chrony_role_action in ['all', 'config', 'run'] + - name: Enable online service include_tasks: online.yml when: chrony_role_action in ['all', 'online'] + +- name: Sync chronyc + include_tasks: sync.yml + when: chrony_role_action in ['all', 'sync'] diff --git a/tasks/run.yml b/tasks/run.yml new file mode 100644 index 0000000..1729cc3 --- /dev/null +++ b/tasks/run.yml @@ -0,0 +1,37 @@ +--- +# Copyright 2022 Red Hat, Inc. +# # All Rights Reserved. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); you may +# # not use this file except in compliance with the License. You may obtain +# # a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# # License for the specific language governing permissions and limitations +# # under the License. + +- name: Load distro-specific variables + include_tasks: vars.yml +- name: Ensure chronyd is running + service: + enabled: "{{ (chrony_service_state|default('started') in ['running', 'started']) |bool }}" + name: "{{ chrony_service_name }}" + state: "{{ chrony_service_state|default('started') }}" + when: chrony_manage_service|bool + +# ansible sometimes ignores handlers when invoked elsewhere. Since we will +# likely want to restart chrony after a configuration update, let's do it here +# always. The handler will still trigger for upgrades/updates later as well. +# This won't have any effect if chrony_manage_service is set to false. +# See also https://github.com/ansible/ansible/issues/37512 +- name: Force chronyd restart + service: + name: "{{ chrony_service_name }}" + state: restarted + when: + - chrony_manage_service|bool + - chrony_config.changed|default(false) diff --git a/tasks/sync.yml b/tasks/sync.yml new file mode 100644 index 0000000..f3665e4 --- /dev/null +++ b/tasks/sync.yml @@ -0,0 +1,20 @@ +--- +# Copyright 2022 Red Hat, Inc. +# # All Rights Reserved. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); you may +# # not use this file except in compliance with the License. You may obtain +# # a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# # License for the specific language governing permissions and limitations +# # under the License. + +- name: Force NTP sync + command: chronyc makestep +- name: Ensure system is NTP time synced + command: chronyc waitsync 30 diff --git a/tasks/vars.yml b/tasks/vars.yml new file mode 100644 index 0000000..f8ea689 --- /dev/null +++ b/tasks/vars.yml @@ -0,0 +1,22 @@ +--- +# Copyright 2022 Red Hat, Inc. +# # All Rights Reserved. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); you may +# # not use this file except in compliance with the License. You may obtain +# # a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# # License for the specific language governing permissions and limitations +# # under the License. + +- name: Load distro-specific variables + include_vars: "{{ item }}" + with_first_found: + - "{{ ansible_facts['distribution'] }}.yml" + - "{{ ansible_facts['os_family'] }}.yml" + - default.yml