NTP-Config erweitert und srv02 hinzugefügt.

This commit is contained in:
baldo 2015-11-14 14:21:26 +01:00
parent 468ce89bdb
commit 96fa7430e6
6 changed files with 17 additions and 19 deletions

View file

@ -1,4 +0,0 @@
---
- hosts: all
roles:
- common

View file

@ -1,3 +1,4 @@
---
prefix4: 10.112.0.0/18
prefix6: 2a03:2267::/64
ffhh:
prefix4: 10.112.0.0/18
prefix6: 2a03:2267::/64

View file

@ -15,6 +15,8 @@ fudge 127.127.1.0 stratum 10
server ptbtime1.ptb.de
server ptbtime2.ptb.de
server ptbtime3.ptb.de
server 0.de.pool.ntp.org
server 1.de.pool.ntp.org
# Restrict all incoming connection
restrict -4 default ignore
@ -31,6 +33,6 @@ restrict -6 ::1
# Disable the monlist request as this is associated with ntp
# amplification attacks
disable monitor
restrict {{ prefix4.split("/")[0] }} mask {{ prefix4 | ipaddr('netmask') }} nomodify notrap nopeer
restrict {{ prefix6.split("/")[0] }} mask {{ prefix6 | ipaddr('netmask') }} nomodify notrap nopeer
restrict {{ ffhh.prefix4.split("/")[0] }} mask {{ ffhh.prefix4 | ipaddr('netmask') }} nomodify notrap nopeer
restrict {{ ffhh.prefix6.split("/")[0] }} mask {{ ffhh.prefix6 | ipaddr('netmask') }} nomodify notrap nopeer

View file

@ -1,8 +0,0 @@
---
- hosts: services
roles:
- ntp-server
- website/ffnord
- website/media
- website/meta

View file

@ -1,3 +1,8 @@
---
- include: common.yml
- include: services.yml
- hosts: all
roles:
- common
- hosts: ntp
roles:
- ntp-server

View file

@ -1,6 +1,8 @@
[services]
srv02 ansible_ssh_host=srv02.hamburg.freifunk.net
[ntp]
srv02
[ffhh]
srv02