Ben Vincent
da3444e49f
- create consul policy for ntp servers - add consul service check and check script
48 lines
1.2 KiB
Puppet
48 lines
1.2 KiB
Puppet
# chronyd server class with exported resources
|
|
class profiles::ntp::server (
|
|
Array[Variant[
|
|
Stdlib::IP::Address::V4,
|
|
Stdlib::IP::Address::V4::CIDR
|
|
]] $allowquery = ['127.0.0.1'],
|
|
Array[Stdlib::Host] $peers = [
|
|
'0.pool.ntp.org',
|
|
'1.pool.ntp.org',
|
|
'2.pool.ntp.org',
|
|
'3.pool.ntp.org'
|
|
],
|
|
Boolean $wait_enable = true,
|
|
Enum[
|
|
'running',
|
|
'stopped'
|
|
] $wait_ensure = 'running',
|
|
){
|
|
|
|
# check the enc_role has been set, it can take two puppet runs to do this
|
|
# TODO: change away from external fact
|
|
if $facts['enc_role'] == 'roles::infra::ntp::server' {
|
|
|
|
# define the server
|
|
if $facts['os']['family'] == 'RedHat' {
|
|
class { 'chrony':
|
|
servers => $peers,
|
|
queryhosts => $allowquery,
|
|
wait_enable => $wait_enable,
|
|
wait_ensure => $wait_ensure,
|
|
}
|
|
} else {
|
|
class { 'chrony':
|
|
servers => $peers,
|
|
queryhosts => $allowquery,
|
|
}
|
|
}
|
|
|
|
file {'/usr/local/bin/check_ntp.sh':
|
|
ensure => 'file',
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0644',
|
|
content => template('profiles/ntp/check_ntp.sh.erb'),
|
|
}
|
|
}
|
|
}
|