From da3444e49fa82fad2a8ba70d3bfbf78482f0a463 Mon Sep 17 00:00:00 2001
From: Ben Vincent <ben@unkin.net>
Date: Sun, 2 Jun 2024 19:23:39 +1000
Subject: [PATCH] feat: create ntp consul service

- create consul policy for ntp servers
- add consul service check and check script
---
 hieradata/roles/infra/ntp/server.yaml     | 21 +++++++++++++++++++++
 hieradata/roles/infra/storage/consul.yaml |  6 ++++++
 site/profiles/manifests/ntp/server.pp     |  8 ++++++++
 3 files changed, 35 insertions(+)

diff --git a/hieradata/roles/infra/ntp/server.yaml b/hieradata/roles/infra/ntp/server.yaml
index 839e32d..6e4bd92 100644
--- a/hieradata/roles/infra/ntp/server.yaml
+++ b/hieradata/roles/infra/ntp/server.yaml
@@ -12,3 +12,24 @@ profiles::ntp::server::peers:
   - '1.au.pool.ntp.org'
   - '2.au.pool.ntp.org'
   - '3.au.pool.ntp.org'
+
+consul::services:
+  ntp:
+    service_name: 'ntp'
+    tags:
+      - 'ntp'
+      - 'time'
+      - 'sync'
+    address: "%{facts.networking.ip}"
+    port: 123
+    checks:
+      - id: ntp_check
+        name: "NTP Service Check"
+        args:
+          - '/usr/local/bin/check_ntp.sh'
+        interval: '15s'
+        timeout: '5s'
+profiles::consul::client::node_rules:
+  - resource: service
+    segment: ntp
+    disposition: write
diff --git a/hieradata/roles/infra/storage/consul.yaml b/hieradata/roles/infra/storage/consul.yaml
index a3ea581..2902de3 100644
--- a/hieradata/roles/infra/storage/consul.yaml
+++ b/hieradata/roles/infra/storage/consul.yaml
@@ -77,3 +77,9 @@ profiles::consul::prepared_query::rules:
     service_failover_n: 3
     service_only_passing: true
     ttl: 10
+  ntp:
+    ensure: 'present'
+    service_name: 'ntp'
+    service_failover_n: 3
+    service_only_passing: true
+    ttl: 10
diff --git a/site/profiles/manifests/ntp/server.pp b/site/profiles/manifests/ntp/server.pp
index 88f1426..d97491d 100644
--- a/site/profiles/manifests/ntp/server.pp
+++ b/site/profiles/manifests/ntp/server.pp
@@ -35,5 +35,13 @@ class profiles::ntp::server (
         queryhosts => $allowquery,
       }
     }
+
+    file {'/usr/local/bin/check_ntp.sh':
+      ensure  => 'file',
+      owner   => 'root',
+      group   => 'root',
+      mode    => '0644',
+      content => template('profiles/ntp/check_ntp.sh.erb'),
+    }
   }
 }