evolix
/
ansible-roles
22
2
Fork 2
Code Issues 61 Pull Requests 18 Releases 32 Wiki Activity

* ntpd: Update the restrictions to follow wiki.evolix.org/HowtoNTP client config 

- Ensure the client won't respond to anybody but accept the timeserver 
answers
- Should work on both Jessie and Stretch
This commit is contained in:
Ludovic Poujol 2019-01-18 15:32:45 +01:00
parent 87860d5b7f
commit af896fe1fc
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -15,6 +15,7 @@ The **patch** part changes incrementally at each release.
### Changed ### Changed
### Fixed ### Fixed
* ntpd: Update the restrictions to follow wiki.evolix.org/HowtoNTP client config
### Security ### Security

6
ntpd/defaults/main.yml
View File

@ -2,7 +2,9 @@
ntpd_servers: ntpd_servers:
- 'ntp.evolix.net iburst' - 'ntp.evolix.net iburst'
ntpd_acls: ntpd_acls:
- '-4 default kod notrap nomodify nopeer noquery' - '-4 default ignore'
- '-6 default kod notrap nomodify nopeer noquery' - '-6 default ignore'
- 'source nomodify noquery notrap' # Debian 9 and later
- 'ntp.evolix.net nomodify noquery notrap' # Debian 8
- '127.0.0.1' - '127.0.0.1'
- '::1' - '::1'