summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorchris <chris@scorpio-it.net>2016-12-23 23:29:41 +0100
committerchris <chris@scorpio-it.net>2016-12-27 00:11:12 +0100
commit9a60cf1fb1bfb591029d54f64d6f619a6786b7e6 (patch)
tree895518afca86e7465318b2e578782d8206723ae0
parent9ed5664d74e501ac78b73df0edd72ec18f846dc9 (diff)
downloadntp-9a60cf1fb1bfb591029d54f64d6f619a6786b7e6.tar.gz
ntp-9a60cf1fb1bfb591029d54f64d6f619a6786b7e6.tar.bz2
ntp-9a60cf1fb1bfb591029d54f64d6f619a6786b7e6.tar.xz
ntp-9a60cf1fb1bfb591029d54f64d6f619a6786b7e6.zip
add restrict as default values (by psaavedra)
-rw-r--r--defaults/main.yml3
-rw-r--r--templates/ntp.conf.j25
2 files changed, 6 insertions, 2 deletions
diff --git a/defaults/main.yml b/defaults/main.yml
index a84e911..21d2b23 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -8,3 +8,6 @@ ntp_servers:
- 1.pool.ntp.org iburst
- 2.pool.ntp.org iburst
- 3.pool.ntp.org iburst
+ntp_restrict:
+ - 127.0.0.1
+ - ::1
diff --git a/templates/ntp.conf.j2 b/templates/ntp.conf.j2
index cc1e0f0..e06ff1e 100644
--- a/templates/ntp.conf.j2
+++ b/templates/ntp.conf.j2
@@ -26,8 +26,9 @@ restrict default nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
-restrict 127.0.0.1
-restrict ::1
+{% for item in ntp_restrict %}
+restrict {{ item }}
+{% endfor %}
# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.