feat: add chrony role

alesharik · Jul 6, 2024 · a163d80 · a163d80
1 parent e6f5160
commit a163d80
Show file tree

Hide file tree

Showing 6 changed files with 97 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -1,6 +1,8 @@
 # Ansible Collection - alesharik.baseinfra
 
-**WARNING: Collection is not intended for public use**
+### Roles
+- `bootstrap` installs base utils
+- `chrony` - setup chrony NTP server
 
 ### `procusers` user group
 This group exists for users assigned to processes (like nginx, postgres, etc).

diff --git a/ROLE_README.template.md b/ROLE_README.template.md
@@ -0,0 +1,39 @@
+# nginx-proxy
+__Tags - `TAG`__
+
+Deploys ABCD
+
+### Usage
+```yaml
+    - alesharik.baseinfra.
+```
+```yaml
+
+```
+
+### Vars
+```yaml
+```
+
+### Effects
+- installs `passlib`, `bcrypt`
+- creates and manages `{{ dir.ansible }}/docker-registry`
+- creates `{{ dir.data }}/docker-registry`
+- creates and manages `{{ dir.ansible }}/docker-registry/htpasswd` - auth file for server
+- creates `{{ dir.ansible }}/nginx-proxy/vhost.d/{{ docker.registry.server.host }}` - to set max file size
+- deploys docker compose project `docker-registry`
+- logges in created docker registry with specified creds 
+
+#### Docker networks
+- connect to `nginx-proxy` if role `nginx_proxy_base` is deployed
+
+### Networking
+- exposes 80 port through `nginx-proxy` with host specified in config 
+- connects to network `nginx-proxy`
+
+### Handlers
+- `restart docker registry server` - restarts registry
+
+### Dependencies
+- `bootstrap`
+- `docker`
diff --git a/roles/chrony/README.md b/roles/chrony/README.md
@@ -0,0 +1,17 @@
+# chrony
+__Tags - `chrony`__
+
+Deploys chrony
+
+### Usage
+```yaml
+    - alesharik.baseinfra.chrony
+```
+
+### Effects
+- installs `chrony` with apt
+- stops and disables `systemd-timesyncd`
+- starts and enables `chrony`
+
+### Dependencies
+- `bootstrap`
diff --git a/roles/chrony/meta/main.yaml b/roles/chrony/meta/main.yaml
@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: alesharik.baseinfra.bootstrap
diff --git a/roles/chrony/tasks/main.yaml b/roles/chrony/tasks/main.yaml
@@ -0,0 +1,25 @@
+- name: Install chrony
+  tags: chrony
+  ansible.builtin.apt:
+    name: chrony
+    state: present
+- name: Setup config
+  tags: chrony
+  ansible.builtin.template:
+    src: chrony.conf
+    dest: /etc/chrony.conf
+    mode: 0500
+    owner: root
+    group: root
+- name: Stop systemd-timesyncd
+  tags: chrony
+  ansible.builtin.systemd:
+    name: systemd-timesyncd
+    state: stopped
+    enabled: false
+- name: Start chrony
+  tags: chrony
+  ansible.builtin.systemd:
+    name: chronyd
+    state: restarted
+    enabled: true
diff --git a/roles/chrony/templates/chrony.conf b/roles/chrony/templates/chrony.conf
@@ -0,0 +1,10 @@
+poool pool.ntp.org iburst burst
+driftfile /var/lib/chrony/drift
+makestep 0.1 -1
+rtcsync
+keyfile /etc/chrony.keys
+leapsectz right/UTC
+logdir /var/log/chrony
+deny all
+minsources 2
+maxupdateskew 5