diff options
| -rw-r--r-- | defaults/main.yml | 22 | ||||
| -rw-r--r-- | templates/ntp.conf.j2 | 5 |
2 files changed, 21 insertions, 6 deletions
diff --git a/defaults/main.yml b/defaults/main.yml index a84e911..8d4c702 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,8 +3,22 @@ ntp_enabled: true ntp_timezone: Etc/UTC ntp_manage_config: false +### choose ntp server area ### +# http://support.ntp.org/bin/view/Servers/NTPPoolServers +### +# Leave empty for Worldwide Area +# Worldwide: '' +# Asia: '.asia' +# Europe: '.europe' +# North America: '.north-america' +# Oceania: '.oceania' +# South America: '.south-america' +ntp_area: '' ntp_servers: - - 0.pool.ntp.org iburst - - 1.pool.ntp.org iburst - - 2.pool.ntp.org iburst - - 3.pool.ntp.org iburst + - 0{{ ntp_area }}.pool.ntp.org iburst + - 1{{ ntp_area }}.pool.ntp.org iburst + - 2{{ ntp_area }}.pool.ntp.org iburst + - 3{{ ntp_area }}.pool.ntp.org iburst +ntp_restrict: + - 127.0.0.1 + - ::1 diff --git a/templates/ntp.conf.j2 b/templates/ntp.conf.j2 index cc1e0f0..e06ff1e 100644 --- a/templates/ntp.conf.j2 +++ b/templates/ntp.conf.j2 @@ -26,8 +26,9 @@ restrict default nomodify notrap nopeer noquery # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. -restrict 127.0.0.1 -restrict ::1 +{% for item in ntp_restrict %} +restrict {{ item }} +{% endfor %} # Clients from this (example!) subnet have unlimited access, but only if # cryptographically authenticated. |