forked from ccchb/ansible
parent
9110d9df82
commit
4addf597cc
10 changed files with 241 additions and 0 deletions
8
ntp.yml
Normal file
8
ntp.yml
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
---
|
||||||
|
- hosts:
|
||||||
|
- mail
|
||||||
|
|
||||||
|
become: yes
|
||||||
|
|
||||||
|
roles:
|
||||||
|
- openntpd
|
11
roles/openntpd/handlers/main.yml
Normal file
11
roles/openntpd/handlers/main.yml
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
- name: Reload s6-rc
|
||||||
|
service:
|
||||||
|
name: s6-rc
|
||||||
|
state: reloaded
|
||||||
|
|
||||||
|
- name: Restart OpenNTPD
|
||||||
|
command: s6-svc -wR -T 5000 -t /run/service/openntpd
|
||||||
|
|
||||||
|
- name: Restart OpenNTPD log
|
||||||
|
command: s6-svc -wR -T 5000 -t /run/service/openntpd-log
|
84
roles/openntpd/tasks/main.yml
Normal file
84
roles/openntpd/tasks/main.yml
Normal file
|
@ -0,0 +1,84 @@
|
||||||
|
---
|
||||||
|
- name: Install OpenNTPD
|
||||||
|
package:
|
||||||
|
name: openntpd
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Add /var/log/openntpd to fstab
|
||||||
|
mount:
|
||||||
|
path: /var/log/openntpd
|
||||||
|
src: tmpfs
|
||||||
|
fstype: tmpfs
|
||||||
|
opts: 'rw,size={{ openntpd_log_size }},mode={{ openntpd_log_mode }},uid={{ openntpd_log_uid }},gid={{ openntpd_log_gid }},late'
|
||||||
|
state: mounted
|
||||||
|
|
||||||
|
- name: Create OpenNTPD service directories
|
||||||
|
file:
|
||||||
|
path: '/etc/s6-rc/service/{{ item }}'
|
||||||
|
state: directory
|
||||||
|
owner: root
|
||||||
|
group: wheel
|
||||||
|
mode: 0755
|
||||||
|
with_items: '{{ openntpd_service_dirs }}'
|
||||||
|
notify:
|
||||||
|
- Reload s6-rc
|
||||||
|
- Restart OpenNTPD log
|
||||||
|
- Restart OpenNTPD
|
||||||
|
|
||||||
|
- name: Generate OpenNTPD service scripts
|
||||||
|
template:
|
||||||
|
dest: '/etc/s6-rc/service/{{ item }}'
|
||||||
|
src: '{{ item }}.j2'
|
||||||
|
mode: 0555
|
||||||
|
owner: root
|
||||||
|
group: wheel
|
||||||
|
with_items: '{{ openntpd_service_scripts }}'
|
||||||
|
notify:
|
||||||
|
- Reload s6-rc
|
||||||
|
- Restart OpenNTPD log
|
||||||
|
- Restart OpenNTPD
|
||||||
|
|
||||||
|
- name: Generate OpenNTPD service configuration
|
||||||
|
copy:
|
||||||
|
dest: '/etc/s6-rc/service/{{ item.name }}'
|
||||||
|
content: '{{ item.content }}'
|
||||||
|
mode: 0444
|
||||||
|
owner: root
|
||||||
|
group: wheel
|
||||||
|
loop_control:
|
||||||
|
label: '{{ item.name }} = {{ item.content }}'
|
||||||
|
notify:
|
||||||
|
- Reload s6-rc
|
||||||
|
- Restart OpenNTPD log
|
||||||
|
- Restart OpenNTPD
|
||||||
|
with_items: '{{ openntpd_service_config }}'
|
||||||
|
|
||||||
|
- name: Configure OpenNTPD
|
||||||
|
template:
|
||||||
|
dest: /usr/local/etc/ntpd.conf
|
||||||
|
src: ntpd.conf.j2
|
||||||
|
mode: 0444
|
||||||
|
owner: root
|
||||||
|
group: wheel
|
||||||
|
notify:
|
||||||
|
- Restart OpenNTPD
|
||||||
|
|
||||||
|
- name: Flush handlers
|
||||||
|
meta: flush_handlers
|
||||||
|
|
||||||
|
- name: Start OpenNTPD
|
||||||
|
command: fdmove -c 2 1 s6-rc -u -v 2 -t 15000 change openntpd
|
||||||
|
register: change
|
||||||
|
changed_when: change.stdout | length > 0
|
||||||
|
|
||||||
|
- name: Enable OpenNTPD
|
||||||
|
lineinfile:
|
||||||
|
path: /etc/s6-rc/service/enabled/contents
|
||||||
|
regexp: "^openntpd$"
|
||||||
|
line: openntpd
|
||||||
|
state: present
|
||||||
|
notify:
|
||||||
|
- Reload s6-rc
|
||||||
|
|
||||||
|
- name: Flush handlers (again)
|
||||||
|
meta: flush_handlers
|
8
roles/openntpd/templates/ntpd.conf.j2
Normal file
8
roles/openntpd/templates/ntpd.conf.j2
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
server 0.de.pool.ntp.org
|
||||||
|
server 1.de.pool.ntp.org
|
||||||
|
server 2.de.pool.ntp.org
|
||||||
|
server 3.de.pool.ntp.org
|
||||||
|
|
||||||
|
constraints from "https://www.google.com"
|
13
roles/openntpd/templates/openntpd-log/finish.j2
Normal file
13
roles/openntpd/templates/openntpd-log/finish.j2
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
#!/usr/local/bin/execlineb -S2
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
s6-envdir ./env
|
||||||
|
multisubstitute {
|
||||||
|
importas -i -u NAME NAME
|
||||||
|
}
|
||||||
|
|
||||||
|
fdmove -c 1 2
|
||||||
|
ifelse { test "${1}" -eq 0 } {
|
||||||
|
echo "${NAME}-log: Stopped."
|
||||||
|
}
|
||||||
|
echo "${NAME}-log: Failed with exit status (${1}, ${2})."
|
23
roles/openntpd/templates/openntpd-log/run.j2
Normal file
23
roles/openntpd/templates/openntpd-log/run.j2
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
#!/usr/local/bin/execlineb
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
s6-envdir ./env
|
||||||
|
multisubstitute {
|
||||||
|
importas -i -u NAME NAME
|
||||||
|
importas -i -u USER USER
|
||||||
|
importas -i -u GROUP GROUP
|
||||||
|
importas -i -u MODE MODE
|
||||||
|
importas -i -u DIR DIR
|
||||||
|
}
|
||||||
|
|
||||||
|
foreground { fdmove -c 1 2 echo "${NAME} log: Starting." }
|
||||||
|
|
||||||
|
ifelse -n { install -d -o "${USER}" -g "${GROUP}" -m "${MODE}" "$DIR" } {
|
||||||
|
foreground { fdmove -c 1 2 echo "${NAME} log: Failed to create logging directory." }
|
||||||
|
false
|
||||||
|
}
|
||||||
|
|
||||||
|
fdmove -c 2 1
|
||||||
|
|
||||||
|
s6-envuidgid $USER
|
||||||
|
s6-log -d 3 T $DIR
|
18
roles/openntpd/templates/openntpd/data/check.j2
Normal file
18
roles/openntpd/templates/openntpd/data/check.j2
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
#!/usr/local/bin/execlineb -P
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
s6-envdir ./env
|
||||||
|
multisubstitute {
|
||||||
|
importas -i -u NAME NAME
|
||||||
|
}
|
||||||
|
|
||||||
|
ifelse {
|
||||||
|
redirfd -w 1 /dev/null
|
||||||
|
fdmove -c 2 1
|
||||||
|
ntpctl -s status
|
||||||
|
} {
|
||||||
|
foreground { fdmove -c 1 2 echo "${NAME}: Ready." }
|
||||||
|
true
|
||||||
|
}
|
||||||
|
foreground { fdmove -c 1 2 echo "${NAME}: Poll." }
|
||||||
|
false
|
13
roles/openntpd/templates/openntpd/finish.j2
Normal file
13
roles/openntpd/templates/openntpd/finish.j2
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
#!/usr/local/bin/execlineb -S2
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
s6-envdir ./env
|
||||||
|
multisubstitute {
|
||||||
|
importas -i -u NAME NAME
|
||||||
|
}
|
||||||
|
|
||||||
|
fdmove -c 1 2
|
||||||
|
ifelse { test "${1}" -eq 0 } {
|
||||||
|
echo "${NAME}: Stopped."
|
||||||
|
}
|
||||||
|
echo "${NAME}: Failed with exit status (${1}, ${2})."
|
13
roles/openntpd/templates/openntpd/run.j2
Normal file
13
roles/openntpd/templates/openntpd/run.j2
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
#!/usr/local/bin/execlineb -P
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
s6-envdir ./env
|
||||||
|
multisubstitute {
|
||||||
|
importas -i -u NAME NAME
|
||||||
|
}
|
||||||
|
|
||||||
|
foreground { fdmove -c 1 2 echo "${NAME}: Starting." }
|
||||||
|
s6-notifyoncheck -d -w 100 -n 70
|
||||||
|
|
||||||
|
fdmove -c 2 1
|
||||||
|
/usr/local/sbin/ntpd -d
|
50
roles/openntpd/vars/main.yml
Normal file
50
roles/openntpd/vars/main.yml
Normal file
|
@ -0,0 +1,50 @@
|
||||||
|
---
|
||||||
|
openntpd_log_size: '32m'
|
||||||
|
openntpd_log_mode: '750'
|
||||||
|
openntpd_log_uid: '20000'
|
||||||
|
openntpd_log_gid: '20000'
|
||||||
|
|
||||||
|
openntpd_service_dirs:
|
||||||
|
- openntpd
|
||||||
|
- openntpd/env
|
||||||
|
- openntpd/data
|
||||||
|
- openntpd-log
|
||||||
|
- openntpd-log/env
|
||||||
|
|
||||||
|
openntpd_service_scripts:
|
||||||
|
- openntpd/run
|
||||||
|
- openntpd/finish
|
||||||
|
- openntpd/data/check
|
||||||
|
- openntpd-log/run
|
||||||
|
- openntpd-log/finish
|
||||||
|
|
||||||
|
openntpd_service_config:
|
||||||
|
- name: openntpd/type
|
||||||
|
content: longrun
|
||||||
|
- name: openntpd/producer-for
|
||||||
|
content: openntpd-log
|
||||||
|
- name: openntpd/notification-fd
|
||||||
|
content: 3
|
||||||
|
- name: openntpd/env/NAME
|
||||||
|
content: OpenNTPD
|
||||||
|
- name: openntpd/env/PATH
|
||||||
|
content: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/root/bin
|
||||||
|
|
||||||
|
- name: openntpd-log/type
|
||||||
|
content: longrun
|
||||||
|
- name: openntpd-log/notification-fd
|
||||||
|
content: 3
|
||||||
|
- name: openntpd-log/consumer-for
|
||||||
|
content: openntpd
|
||||||
|
- name: openntpd-log/env/NAME
|
||||||
|
content: openntpd
|
||||||
|
- name: openntpd-log/env/PATH
|
||||||
|
content: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/root/bin
|
||||||
|
- name: openntpd-log/env/MODE
|
||||||
|
content: '750'
|
||||||
|
- name: openntpd-log/env/USER
|
||||||
|
content: s6-log
|
||||||
|
- name: openntpd-log/env/GROUP
|
||||||
|
content: s6-log
|
||||||
|
- name: openntpd-log/env/DIR
|
||||||
|
content: /var/log/openntpd
|
Loading…
Reference in a new issue