From 9a60cf1fb1bfb591029d54f64d6f619a6786b7e6 Mon Sep 17 00:00:00 2001
From: chris <chris@scorpio-it.net>
Date: Fri, 23 Dec 2016 23:29:41 +0100
Subject: add restrict as default values (by psaavedra)

---
 defaults/main.yml     | 3 +++
 templates/ntp.conf.j2 | 5 +++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index a84e911..21d2b23 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -8,3 +8,6 @@ ntp_servers:
  - 1.pool.ntp.org iburst
  - 2.pool.ntp.org iburst
  - 3.pool.ntp.org iburst
+ntp_restrict:
+ - 127.0.0.1
+ - ::1
diff --git a/templates/ntp.conf.j2 b/templates/ntp.conf.j2
index cc1e0f0..e06ff1e 100644
--- a/templates/ntp.conf.j2
+++ b/templates/ntp.conf.j2
@@ -26,8 +26,9 @@ restrict default nomodify notrap nopeer noquery
 # Permit all access over the loopback interface.  This could
 # be tightened as well, but to do so would effect some of
 # the administrative functions.
-restrict 127.0.0.1
-restrict ::1
+{% for item in ntp_restrict %}
+restrict {{ item }}
+{% endfor %}
 
 # Clients from this (example!) subnet have unlimited access, but only if
 # cryptographically authenticated.
-- 
cgit v1.2.3


From 711363133f2644f2a6b690827a71607da08c0655 Mon Sep 17 00:00:00 2001
From: chris <chris@scorpio-it.net>
Date: Tue, 27 Dec 2016 00:33:08 +0100
Subject: make ntp pool server 'area' based

---
 defaults/main.yml | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 21d2b23..8d4c702 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -3,11 +3,22 @@ ntp_enabled: true
 ntp_timezone: Etc/UTC
 
 ntp_manage_config: false
+### choose ntp server area ###
+# http://support.ntp.org/bin/view/Servers/NTPPoolServers
+###
+# Leave empty for Worldwide Area
+#     Worldwide:    ''
+#          Asia:    '.asia'
+#        Europe:    '.europe'
+# North America:    '.north-america'
+#       Oceania:    '.oceania'
+# South America:    '.south-america'
+ntp_area: ''
 ntp_servers:
- - 0.pool.ntp.org iburst
- - 1.pool.ntp.org iburst
- - 2.pool.ntp.org iburst
- - 3.pool.ntp.org iburst
+ - 0{{ ntp_area }}.pool.ntp.org iburst
+ - 1{{ ntp_area }}.pool.ntp.org iburst
+ - 2{{ ntp_area }}.pool.ntp.org iburst
+ - 3{{ ntp_area }}.pool.ntp.org iburst
 ntp_restrict:
  - 127.0.0.1
  - ::1
-- 
cgit v1.2.3