refactor ♻️: Refactoring the main.yml files to include NTP server configuration and backup of original ntp.conf.

Updated the `defaults/main.yml`, `handlers/main.yml`, and `tasks/main.yml` files to add NTP server configuration and a backup of the original `ntp.conf` file. This ensures that the system uses AD DCs as time sources and maintains a backup for future reference.

defaults/main.yml

@@ -8,3 +8,5 @@ dns_servers:
   - 192.168.1.11
 dns_search: example.com
 nm_connection_name: "Wired connection 1"  # Change this based on your setup
+ntp_servers:
+  - "{{ ad_dc }}"  # Your AD DC as time source

handlers/main.yml

@@ -9,3 +9,8 @@
   service:
     name: systemd-resolved
     state: restarted
+
+- name: Restart ntp
+  service:
+    name: ntp
+    state: restarted

tasks/main.yml

@@ -70,6 +70,7 @@
       - winbind
       - libpam-winbind
       - libnss-winbind
+      - ntp
     state: present
   become: yes
 
@@ -82,6 +83,33 @@
     mode: '0644'
   notify: Restart networking if required
 
+# Backup original ntp.conf (optional safety)
+- name: Backup original ntp.conf
+  copy:
+    src: /etc/ntp.conf
+    dest: /etc/ntp.conf.bak
+    remote_src: yes
+    force: no
+  ignore_errors: yes
+
+# Configure ntp.conf to use AD DCs
+- name: Configure ntp.conf with AD domain controllers
+  blockinfile:
+    path: /etc/ntp.conf
+    marker: "# {mark} ANSIBLE_MANAGED_AD_NTP"
+    block: |
+      {% for server in ntp_servers %}
+      server {{ server }} iburst
+      {% endfor %}
+  notify: Restart ntp
+
+# Enable and start ntp service
+- name: Ensure ntp is running and enabled
+  service:
+    name: ntp
+    state: started
+    enabled: yes
+
 - name: Configure Kerberos
   template:
     src: krb5.conf.j2