diff --git a/common.yml b/common.yml deleted file mode 100644 index 99861b5..0000000 --- a/common.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: all - roles: - - common diff --git a/group_vars/ffhh b/group_vars/ffhh index 10c9f5a..b9c8ee3 100644 --- a/group_vars/ffhh +++ b/group_vars/ffhh @@ -1,3 +1,4 @@ --- -prefix4: 10.112.0.0/18 -prefix6: 2a03:2267::/64 +ffhh: + prefix4: 10.112.0.0/18 + prefix6: 2a03:2267::/64 diff --git a/roles/ntp-server/templates/ntp.conf.j2 b/roles/ntp-server/templates/ntp.conf.j2 index f4c065d..ed17a3a 100644 --- a/roles/ntp-server/templates/ntp.conf.j2 +++ b/roles/ntp-server/templates/ntp.conf.j2 @@ -15,6 +15,8 @@ fudge 127.127.1.0 stratum 10 server ptbtime1.ptb.de server ptbtime2.ptb.de server ptbtime3.ptb.de +server 0.de.pool.ntp.org +server 1.de.pool.ntp.org # Restrict all incoming connection restrict -4 default ignore @@ -31,6 +33,6 @@ restrict -6 ::1 # Disable the monlist request as this is associated with ntp # amplification attacks disable monitor -restrict {{ prefix4.split("/")[0] }} mask {{ prefix4 | ipaddr('netmask') }} nomodify notrap nopeer -restrict {{ prefix6.split("/")[0] }} mask {{ prefix6 | ipaddr('netmask') }} nomodify notrap nopeer +restrict {{ ffhh.prefix4.split("/")[0] }} mask {{ ffhh.prefix4 | ipaddr('netmask') }} nomodify notrap nopeer +restrict {{ ffhh.prefix6.split("/")[0] }} mask {{ ffhh.prefix6 | ipaddr('netmask') }} nomodify notrap nopeer diff --git a/services.yml b/services.yml deleted file mode 100644 index 4bbc197..0000000 --- a/services.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- hosts: services - roles: - - ntp-server - - website/ffnord - - website/media - - website/meta - diff --git a/site.yml b/site.yml index 7562765..9e24286 100644 --- a/site.yml +++ b/site.yml @@ -1,3 +1,8 @@ --- -- include: common.yml -- include: services.yml +- hosts: all + roles: + - common + +- hosts: ntp + roles: + - ntp-server diff --git a/srv02.inventory b/srv02.inventory index f9020bd..c3001d0 100644 --- a/srv02.inventory +++ b/srv02.inventory @@ -1,6 +1,8 @@ -[services] srv02 ansible_ssh_host=srv02.hamburg.freifunk.net +[ntp] +srv02 + [ffhh] srv02