ansible_qemu_ceph_xcat_test.../cluster/roles/ntp/tasks/main.yml

---

# - name: merge custom vars
#   block:

#   - name: set role variable sources
#     set_fact:
#       role_info:
#         role_defaults_file: "{{ role_path }}/defaults/main.yml"
#         role_override_file: "{{ ansible_inventory_sources[0] | dirname }}/group_vars/{{ role_name }}.yml"
#         vars_return: "placeholder"

#   - set_fact:
#       source_role: "{{ role_name }}"

#   - name: run merge_vars role
#     include_role:
#       name: "merge_vars"
#     vars:
#       a_config_file: "{{ role_info['role_defaults_file'] }}"
#       b_config_file: "{{ role_info['role_override_file'] }}"
#       calling_role: "{{ source_role }}"

#   - name: merge custom vars to vars[]
#     set_fact:
#       { "{{ entry }}": "{{ role_info['vars_return'][entry] }}" }
#     loop: "{{ role_info['vars_return'] | list }}"
#     loop_control:
#       loop_var: entry
#     when:
#       - not role_info['vars_return'] == 'placeholder'

#   - debug:
#       msg:
#         - "{{ vars['ntp'] }}"
#         - "{{ vars['a'] }}"

#   delegate_to: localhost

- name: get facts for localhost
  ansible.builtin.setup:
  delegate_to: localhost
  delegate_facts: true

- name: test for clock skew
  set_fact:
    _clock_skew: True
  when:
    - (((hostvars[ansible_hostname]['ansible_date_time']['epoch_int'] | int) - (hostvars['localhost']['ansible_date_time']['epoch_int'] | int)) | abs) >86400

# manually set date on host where it differs from the localhost by more than 1 day, host must be able to validate ssl certs to download ntp packages
# test with:
# - date --set="2 year ago"
# - date --set="2 year"
- name: set host time to localhost time
  ansible.builtin.command: date --set '@{{ hostvars['localhost']['ansible_date_time']['epoch_int'] }}'
  when:
    - _clock_skew is defined

- name: install ntp packages
  ansible.builtin.package:
    name:
      - tzdata
      - chrony
    state: latest

- name: update package facts
  ansible.builtin.package_facts:
    manager: auto
    strategy: all

- name: set timezone to Europe/London
  community.general.timezone:
    name: Europe/London
  when:
    - "'tzdata' in ansible_facts['packages']"

- name: set facts to render config as ntp client
  set_fact:
    _enable_ntp_servers: "{{ ['pool 0.europe.pool.ntp.org iburst prefer', 'pool 1.europe.pool.ntp.org', 'pool 2.europe.pool.ntp.org', 'pool 3.europe.pool.ntp.org'] }}"

- name: set facts to render config as ntp client with private ntp sources
  set_fact:
    _enable_ntp_servers: "{{ vars['groups']['ntpd'] | map('regex_replace', '$', suffix_domain) | map('regex_replace', '$', ' iburst prefer')  | map('regex_replace', '^', 'server ') }}"
  vars:
    suffix_domain: ".{{ vars[config_namespace]['env']['cluster_domain'] }}"
  when:
    - vars['groups']['ntpd'] is defined

- name: set facts to render config as ntp server
  set_fact:
    _enable_ntp_server: true
    _external_time_sources: "{{ ntp['external_time_sources'] }}"
    _allow_network: "{{ _allow_network | default([]) + [cidr_range] }}"
  loop: "{{ ntp['allow_network'] }}"
  loop_control:
    loop_var: entry
  vars:
    cidr_range: "{{ vars[config_namespace]['cluster_networks'][entry]['network'] }}/{{ (vars[config_namespace]['cluster_networks'][entry]['network'] + '/' + vars[config_namespace]['cluster_networks'][entry]['netmask']) | ansible.utils.ipaddr('prefix') }}"
  when:
    # - "'ntp_server' in hostvars[ansible_hostname]['group_names']"
    - "'ntpd' in active_role_groups"

- name: configure chrony.conf
  ansible.builtin.template:
    src: templates/chrony.conf.j2
    dest: /etc/chrony.conf
    owner: root
    group: root
    mode: 0644
  notify: restart_chronyd

- name: start chronyd service
  ansible.builtin.service:
    name: chronyd
    state: started
    enabled: true
initial commit 2022-11-30 12:05:03 +00:00			`---`

			`# - name: merge custom vars`
			`# block:`

			`# - name: set role variable sources`
			`# set_fact:`
			`# role_info:`
			`# role_defaults_file: "{{ role_path }}/defaults/main.yml"`
			`# role_override_file: "{{ ansible_inventory_sources[0] \| dirname }}/group_vars/{{ role_name }}.yml"`
			`# vars_return: "placeholder"`

			`# - set_fact:`
			`# source_role: "{{ role_name }}"`

			`# - name: run merge_vars role`
			`# include_role:`
			`# name: "merge_vars"`
			`# vars:`
			`# a_config_file: "{{ role_info['role_defaults_file'] }}"`
			`# b_config_file: "{{ role_info['role_override_file'] }}"`
			`# calling_role: "{{ source_role }}"`

			`# - name: merge custom vars to vars[]`
			`# set_fact:`
			`# { "{{ entry }}": "{{ role_info['vars_return'][entry] }}" }`
			`# loop: "{{ role_info['vars_return'] \| list }}"`
			`# loop_control:`
			`# loop_var: entry`
			`# when:`
			`# - not role_info['vars_return'] == 'placeholder'`

			`# - debug:`
			`# msg:`
			`# - "{{ vars['ntp'] }}"`
			`# - "{{ vars['a'] }}"`

			`# delegate_to: localhost`

			`- name: get facts for localhost`
			`ansible.builtin.setup:`
			`delegate_to: localhost`
			`delegate_facts: true`

			`- name: test for clock skew`
			`set_fact:`
			`_clock_skew: True`
			`when:`
			`- (((hostvars[ansible_hostname]['ansible_date_time']['epoch_int'] \| int) - (hostvars['localhost']['ansible_date_time']['epoch_int'] \| int)) \| abs) >86400`

			`# manually set date on host where it differs from the localhost by more than 1 day, host must be able to validate ssl certs to download ntp packages`
			`# test with:`
			`# - date --set="2 year ago"`
			`# - date --set="2 year"`
			`- name: set host time to localhost time`
			`ansible.builtin.command: date --set '@{{ hostvars['localhost']['ansible_date_time']['epoch_int'] }}'`
			`when:`
			`- _clock_skew is defined`

			`- name: install ntp packages`
			`ansible.builtin.package:`
			`name:`
			`- tzdata`
			`- chrony`
			`state: latest`

			`- name: update package facts`
			`ansible.builtin.package_facts:`
			`manager: auto`
			`strategy: all`

			`- name: set timezone to Europe/London`
			`community.general.timezone:`
			`name: Europe/London`
			`when:`
			`- "'tzdata' in ansible_facts['packages']"`

			`- name: set facts to render config as ntp client`
			`set_fact:`
			`_enable_ntp_servers: "{{ ['pool 0.europe.pool.ntp.org iburst prefer', 'pool 1.europe.pool.ntp.org', 'pool 2.europe.pool.ntp.org', 'pool 3.europe.pool.ntp.org'] }}"`

			`- name: set facts to render config as ntp client with private ntp sources`
			`set_fact:`
			`_enable_ntp_servers: "{{ vars['groups']['ntpd'] \| map('regex_replace', '$', suffix_domain) \| map('regex_replace', '$', ' iburst prefer') \| map('regex_replace', '^', 'server ') }}"`
			`vars:`
			`suffix_domain: ".{{ vars[config_namespace]['env']['cluster_domain'] }}"`
			`when:`
			`- vars['groups']['ntpd'] is defined`

			`- name: set facts to render config as ntp server`
			`set_fact:`
			`_enable_ntp_server: true`
			`_external_time_sources: "{{ ntp['external_time_sources'] }}"`
			`_allow_network: "{{ _allow_network \| default([]) + [cidr_range] }}"`
			`loop: "{{ ntp['allow_network'] }}"`
			`loop_control:`
			`loop_var: entry`
			`vars:`
			`cidr_range: "{{ vars[config_namespace]['cluster_networks'][entry]['network'] }}/{{ (vars[config_namespace]['cluster_networks'][entry]['network'] + '/' + vars[config_namespace]['cluster_networks'][entry]['netmask']) \| ansible.utils.ipaddr('prefix') }}"`
			`when:`
			`# - "'ntp_server' in hostvars[ansible_hostname]['group_names']"`
			`- "'ntpd' in active_role_groups"`

			`- name: configure chrony.conf`
			`ansible.builtin.template:`
			`src: templates/chrony.conf.j2`
			`dest: /etc/chrony.conf`
			`owner: root`
			`group: root`
			`mode: 0644`
			`notify: restart_chronyd`

			`- name: start chronyd service`
			`ansible.builtin.service:`
			`name: chronyd`
			`state: started`
			`enabled: true`