From c0e2f38fdc6d6c105b2fcadffc8310606bceb359 Mon Sep 17 00:00:00 2001
From: Jose <joseraj@gmail.com>
Date: Wed, 8 Oct 2025 22:03:21 +0200
Subject: [PATCH] =?UTF-8?q?refactor=20=E2=99=BB=EF=B8=8F:=20Refactoring=20?=
 =?UTF-8?q?the=20main.yml=20files=20to=20include=20NTP=20server=20configur?=
 =?UTF-8?q?ation=20and=20backup=20of=20original=20ntp.conf.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Updated the `defaults/main.yml`, `handlers/main.yml`, and `tasks/main.yml` files to add NTP server configuration and a backup of the original `ntp.conf` file. This ensures that the system uses AD DCs as time sources and maintains a backup for future reference.
---
 defaults/main.yml |  2 ++
 handlers/main.yml |  5 +++++
 tasks/main.yml    | 28 ++++++++++++++++++++++++++++
 3 files changed, 35 insertions(+)

diff --git a/defaults/main.yml b/defaults/main.yml
index 36be5b5..8d8276f 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -8,3 +8,5 @@ dns_servers:
   - 192.168.1.11
 dns_search: example.com
 nm_connection_name: "Wired connection 1"  # Change this based on your setup
+ntp_servers:
+  - "{{ ad_dc }}"  # Your AD DC as time source
diff --git a/handlers/main.yml b/handlers/main.yml
index dce0e45..9a22049 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -9,3 +9,8 @@
   service:
     name: systemd-resolved
     state: restarted
+
+- name: Restart ntp
+  service:
+    name: ntp
+    state: restarted
diff --git a/tasks/main.yml b/tasks/main.yml
index eff19d2..db2f214 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -70,6 +70,7 @@
       - winbind
       - libpam-winbind
       - libnss-winbind
+      - ntp
     state: present
   become: yes
 
@@ -82,6 +83,33 @@
     mode: '0644'
   notify: Restart networking if required
 
+# Backup original ntp.conf (optional safety)
+- name: Backup original ntp.conf
+  copy:
+    src: /etc/ntp.conf
+    dest: /etc/ntp.conf.bak
+    remote_src: yes
+    force: no
+  ignore_errors: yes
+
+# Configure ntp.conf to use AD DCs
+- name: Configure ntp.conf with AD domain controllers
+  blockinfile:
+    path: /etc/ntp.conf
+    marker: "# {mark} ANSIBLE_MANAGED_AD_NTP"
+    block: |
+      {% for server in ntp_servers %}
+      server {{ server }} iburst
+      {% endfor %}
+  notify: Restart ntp
+
+# Enable and start ntp service
+- name: Ensure ntp is running and enabled
+  service:
+    name: ntp
+    state: started
+    enabled: yes
+
 - name: Configure Kerberos
   template:
     src: krb5.conf.j2