patch undefined: Updated the DNS configuration in the resolv.conf.j2 template to include both the local host and the Ansible-managed DNS server.
Added a new line to the `resolv.conf.j2` template to specify the Ansible-managed DNS server (`{{ addc_ansible_host }}`). This ensures that the system uses both the local host and the managed DNS server for DNS resolution.
This commit is contained in:
54
tasks/ntpd.yml
Normal file
54
tasks/ntpd.yml
Normal file
@@ -0,0 +1,54 @@
|
||||
---
|
||||
- name: Ensure the ntp package is installed
|
||||
ansible.builtin.package:
|
||||
name: ntp
|
||||
state: present
|
||||
|
||||
- name: Search common Samba locations for the 'ntp_signd' directory
|
||||
ansible.builtin.find:
|
||||
paths:
|
||||
# Common paths for Samba installations
|
||||
- /var/lib/samba/
|
||||
- /usr/local/samba/
|
||||
- /etc/samba/
|
||||
pattern: ntp_signd
|
||||
file_type: directory
|
||||
register: find_ntp_signd
|
||||
|
||||
- name: Set the path variable, failing if not found
|
||||
ansible.builtin.set_fact:
|
||||
ntp_signd_path: "{{ find_ntp_signd.files[0].path }}"
|
||||
# This conditional logic ensures the playbook stops if the directory is missing,
|
||||
# or if more than one directory named 'ntp_signd' is found (which is unlikely/undesirable).
|
||||
when: find_ntp_signd.matched == 1
|
||||
failed_when: find_ntp_signd.matched != 1
|
||||
|
||||
- name: Verify permissions on the detected 'ntp_signd' directory
|
||||
ansible.builtin.stat:
|
||||
path: "{{ ntp_signd_path }}"
|
||||
register: ntp_signd_stats
|
||||
|
||||
- name: Assert that the permissions allow read access
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
# Check if the directory exists and has permissions that grant read/execute to 'other' (r-x)
|
||||
- ntp_signd_stats.stat.exists
|
||||
- ntp_signd_stats.stat.mode is search('[rwx-]{2}[rwx-]{2}[4-7]')
|
||||
fail_msg: "FATAL: The detected ntp_signd directory ({{ ntp_signd_path }}) does not have necessary read permissions (mode: {{ ntp_signd_stats.stat.mode }})."
|
||||
success_msg: "SUCCESS: Permissions on {{ ntp_signd_path }} are correctly configured."
|
||||
|
||||
- name: Configure ntp.conf for Active Directory Domain Controller (AD DC)
|
||||
ansible.builtin.template:
|
||||
src: templates/ntp.conf.j2 # Path to your NTP template file
|
||||
dest: /etc/ntp.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
notify:
|
||||
- Restart ntp service
|
||||
|
||||
- name: Enable and start the ntp service
|
||||
ansible.builtin.service:
|
||||
name: ntp
|
||||
state: started
|
||||
enabled: true
|
||||
Reference in New Issue
Block a user