AETHER-2805
Suport adding individual trusted servers to Chrony config
Add support for Debian 11
Change-Id: Ide4dadf59bebd0b2304041eead52298a5aeb4c48
diff --git a/defaults/main.yml b/defaults/main.yml
index e401cf0..09073c2 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -5,7 +5,7 @@
# SPDX-License-Identifier: Apache-2.0
-# list of NTP poos, and # of servers to use from each
+# list of NTP pools, and # of servers to use from each
ntp_pools:
- name: ntp.ubuntu.com
count: 4
@@ -16,5 +16,8 @@
- name: 2.ubuntu.pool.ntp.org
count: 2
+# list of individual NTP servers
+ntp_servers: {}
+
# List of IP ranges in CIDR format to allow to use this NTP server
ntp_client_allow: []
diff --git a/meta/main.yml b/meta/main.yml
index 1c0ebc6..512fbd4 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -5,6 +5,7 @@
# SPDX-License-Identifier: Apache-2.0
galaxy_info:
+ role_name: chrony
author: Open Networking Foundation
description: Chrony NTP server
company: Open Networking Foundation
@@ -13,15 +14,18 @@
license: Apache-2.0
- min_ansible_version: 2.9.5
+ min_ansible_version: 2.10.17
platforms:
- - name: Ubuntu
+ - name: ubuntu
versions:
- - "16.04"
- - "18.04"
+ - bionic
+ - name: debian
+ versions:
+ - bullseye
galaxy_tags:
- chrony
+ - ntp
dependencies: []
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index a9e8bbc..3b259b2 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -14,6 +14,11 @@
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:ro"
+ - name: "debian-11-priv"
+ image: "onfinfra/molecule-systemd:debian-11"
+ privileged: true
+ volumes:
+ - "/sys/fs/cgroup:/sys/fs/cgroup:ro"
provisioner:
name: ansible
inventory:
diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
new file mode 100644
index 0000000..fa0fb92
--- /dev/null
+++ b/molecule/default/prepare.yml
@@ -0,0 +1,15 @@
+---
+# chrony molecule/default/verify.yml
+#
+# SPDX-FileCopyrightText: © 2021 Open Networking Foundation <support@opennetworking.org>
+# SPDX-License-Identifier: Apache-2.0
+
+
+- name: Prepare for chrony role
+ hosts: all
+
+ pre_tasks:
+
+ - name: update apt cache
+ apt:
+ update_cache: true
diff --git a/templates/chrony.conf.j2 b/templates/chrony.conf.j2
index 89844fb..c1c4a3a 100644
--- a/templates/chrony.conf.j2
+++ b/templates/chrony.conf.j2
@@ -6,10 +6,19 @@
# this is derived from the Ubuntu 18.04 default file, with modifications
+{% if ntp_pools %}
# NTP pools to obtain time from
{% for pool in ntp_pools %}
pool {{ pool['name'] }} iburst maxsources {{ pool['count'] }}
{% endfor %}
+{% endif %}
+
+{% if ntp_servers %}
+# Individual NTP servers
+{% for ntpserv in ntp_servers %}
+server {{ ntpserv['name'] }} iburst trust
+{% endfor %}
+{% endif %}
# This directive specify the location of the file containing ID/key pairs for
# NTP authentication.