summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDylan William Hardison <dylan@hardison.net>2017-07-17 19:06:53 +0200
committerGitHub <noreply@github.com>2017-07-17 19:06:53 +0200
commitc7db6b60df0b555477fa08c9db2ee48fa1dd7c7a (patch)
treeb9e569935c532cfda86a12138fb22298131dd4af
parent73707dc43ec352cddb6c8ca9463c80cb00e9eae6 (diff)
downloadbugzilla-c7db6b60df0b555477fa08c9db2ee48fa1dd7c7a.tar.gz
bugzilla-c7db6b60df0b555477fa08c9db2ee48fa1dd7c7a.tar.xz
add ntp configuration to prevent clock skew inside some VM providers, such as vmware fusion (#155)
-rw-r--r--vagrant_support/ntp.conf54
-rw-r--r--vagrant_support/playbook.yml17
2 files changed, 71 insertions, 0 deletions
diff --git a/vagrant_support/ntp.conf b/vagrant_support/ntp.conf
new file mode 100644
index 000000000..8db0de6d2
--- /dev/null
+++ b/vagrant_support/ntp.conf
@@ -0,0 +1,54 @@
+tinker panic 0
+# For more information about this file, see the man pages
+# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
+
+driftfile /var/lib/ntp/drift
+
+# Permit time synchronization with our time source, but do not
+# permit the source to query or modify the service on this system.
+restrict default kod nomodify notrap nopeer noquery
+restrict -6 default kod nomodify notrap nopeer noquery
+
+# Permit all access over the loopback interface. This could
+# be tightened as well, but to do so would effect some of
+# the administrative functions.
+restrict 127.0.0.1
+restrict -6 ::1
+
+# Hosts on local network are less restricted.
+#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
+
+# Use public servers from the pool.ntp.org project.
+# Please consider joining the pool (http://www.pool.ntp.org/join.html).
+server 0.centos.pool.ntp.org iburst
+server 1.centos.pool.ntp.org iburst
+server 2.centos.pool.ntp.org iburst
+server 3.centos.pool.ntp.org iburst
+
+#broadcast 192.168.1.255 autokey # broadcast server
+#broadcastclient # broadcast client
+#broadcast 224.0.1.1 autokey # multicast server
+#multicastclient 224.0.1.1 # multicast client
+#manycastserver 239.255.254.254 # manycast server
+#manycastclient 239.255.254.254 autokey # manycast client
+
+# Enable public key cryptography.
+#crypto
+
+includefile /etc/ntp/crypto/pw
+
+# Key file containing the keys and key identifiers used when operating
+# with symmetric key cryptography.
+keys /etc/ntp/keys
+
+# Specify the key identifiers which are trusted.
+#trustedkey 4 8 42
+
+# Specify the key identifier to use with the ntpdc utility.
+#requestkey 8
+
+# Specify the key identifier to use with the ntpq utility.
+#controlkey 8
+
+# Enable writing of statistics records.
+#statistics clockstats cryptostats loopstats peerstats \ No newline at end of file
diff --git a/vagrant_support/playbook.yml b/vagrant_support/playbook.yml
index f5ff7335a..093444143 100644
--- a/vagrant_support/playbook.yml
+++ b/vagrant_support/playbook.yml
@@ -41,6 +41,23 @@
group: root
mode: 0644
+ - name: copy ntp.conf
+ copy:
+ src: ntp.conf
+ dest: /etc/ntp.conf
+
+ - name: setup time server
+ service: name=ntpd enabled=yes
+
+ - name: stop time server to run ntpdate
+ service: name=ntpd state=stopped
+
+ - name: run ntpdate
+ shell: ntpdate pool.ntp.org
+
+ - name: start time server
+ service: name=ntpd state=started
+
- hosts: db
become: true
tasks: