Ansible Role chrony¶
This role installs and configures chrony, a NTP daemon. This role configures Chrony
to act like a client
by specifying
chrony__allowto act like a NTP-server providing time syncing to other clients
Mandatory Role Variables¶
This role does not have any mandatory variables. However, either chrony__ntp_pools or chrony__ntp_servers should be set to enable time synchronisation.
Optional Role Variables¶
chrony__allow
A list of subnets which are allowed to access the server as a NTP server. Setting this effectively turns this server into a NTP server.
Type: List.
Default:
[]
chrony__bindaddress
On which address chrony should listen. Can be used to restrict access to a certain address.
Type: String.
Default: unset
chrony__binddevice
To which network interface chrony should bind. Can be used to restrict access to certain interfaces. Note that this does not work with enforcing SELinux. Try using
chrony__bindaddress.Type: String.
Default: unset
chrony__ntp_pools
A list of NTP server pools. Same as
chrony__ntp_servers, except that it is used to specify a pool of NTP servers rather than a single NTP server.Type: List.
Default:
[]
chrony__ntp_servers
A list of NTP servers which should be used as a time source. The
ibustoption is always used, meaning chronyd will start with a burst of 4-8 requests in order to make the first update of the clock sooner.Type: List.
Default:
[]
chrony__service_enabled
Enables or disables the chrony service, analogous to
systemctl enable/disable --now.Type: Bool.
Default:
true
Example:
# optional
chrony__allow:
- '192.0.2.0/24' # whole subnet
- '198.51.100.8' # only this address
chrony__bindaddress: '192.0.2.1'
chrony__binddevice: 'eth0'
chrony__ntp_pools:
- 'ch.pool.ntp.org'
chrony__ntp_servers:
- '192.0.2.2'
chrony__service_enabled: true