fixing issue #582

ansible/inventories/production/group_vars/chronyclients/main.yml

@@ -1,3 +0,0 @@
----
-
-chrony_timeservers = ["chrony001.rockylinux.com", "chrony002.rockylinux.com"]

ansible/inventories/production/hosts.ini

@@ -23,8 +23,6 @@ build-a-box ansible_host=10.100.1.112
 idp001 ansible_host=10.100.x.x
 
 [chronyservers]
-chronyd001 ansiblehost=10.100.3.110
-chronyd002 ansiblehost=10.200.3.111
+chrony001 ansiblehost=10.100.3.110
+chrony002 ansiblehost=10.200.3.111
 
-[chronyclients]
-build-abox asnsiblehost=10.100.x.x

ansible/playbooks/init-rocky-chrony.yml

@@ -2,10 +2,38 @@
 # Sets Up Chrony Server/Client
 # Created: @derekmpage
 # Kudos: @danielkubat  @Darkbat91
+# Fixes: @nazunalika
 - name: Rocky Chrony Runbook
   hosts: all
   become: true
+  vars_files:
+    - vars/chrony.yml
+
+  # This is to try to avoid the handler issue in pre/post tasks
+  handlers:
+    - import_tasks: handlers/main.yml
+
+  pre_tasks:
+    - name: Check if ansible cannot be run here
+      stat:
+        path: /etc/no-ansible
+      register: no_ansible
+
+    - name: Verify if we can run ansible
+      assert:
+        that:
+          - "not no_ansible.stat.exists"
+        msg: "/etc/no-ansible exists - skipping run on this node"
 
   tasks:
     - name: Configure Chrony
       import_tasks: tasks/chrony.yml
+
+  post_tasks:
+    - name: Touching run file that ansible has ran here
+      file:
+        path: /var/log/ansible.run
+        state: touch
+        mode: '0644'
+        owner: root
+        group: root

ansible/playbooks/tasks/chrony.yml

@@ -1,4 +1,10 @@
 ---
+- name: Create overrides if we're an IPA Replica
+  include_vars: "{{ item }}"
+  with_first_found:
+    - "chronyserver.yml"
+  when: "'chronyservers' in group_names"
+
 - name: Install chrony packages
   yum:
     name: "{{ chrony_packages }}"

ansible/playbooks/vars/RedHat.yml

@@ -160,5 +160,3 @@ enable_svc:
 syslog_packages:
   - rsyslog
 
-ntp_packages:
-  - chrony

ansible/playbooks/vars/chrony.yml

@@ -26,9 +26,8 @@ chrony_service_enabled: yes
 
 # default internet timeservers to use
 chrony_timeservers:
-  - 0.pool.ntp.org
-  - 1.pool.ntp.org
-  - 2.pool.ntp.org
+  - chrony001.rockylinux.com
+  - chrony002.rockylinux.com
 
 # is chrony ntp server - allows client connections
 chrony_server: false

ansible/playbooks/vars/chronyserver.yml

@@ -0,0 +1,9 @@
+---
+
+# default internet timeservers to use
+chrony_timeservers:
+  - chrony001.rockylinux.com
+  - chrony002.rockylinux.com
+
+# is chrony ntp server - allows client connections
+chrony_server: true