Role that setup the chrony service using the security guidelines established by the CIS Benchmark for RHEL 7 over the 2.2.1 Time Synchronization section.
This role was created using Ansible 2.9 for macOS and tested using the centos/7 boxes for Vagrant v.2.2.6 with VirtualBox as a Provider.
The Ansible modules used in the role are:
The only variable to be used is a list named chrony_ntp_servers
that should hold the pool to be used. By default the next public ones are set:
chrony_ntp_servers:
- 0.centos.pool.ntp.org
- 1.centos.pool.ntp.org
- 2.centos.pool.ntp.org
- 3.centos.pool.ntp.org
The list should be replaced by the ones of the organisation/environment and the
chrony.conf
template tweak to match requirements.
This role doesn't have any dependencies.
A working example using Vagrant and Virtual Box is setup under tests.