From 9a60cf1fb1bfb591029d54f64d6f619a6786b7e6 Mon Sep 17 00:00:00 2001 From: chris Date: Fri, 23 Dec 2016 23:29:41 +0100 Subject: add restrict as default values (by psaavedra) --- defaults/main.yml | 3 +++ templates/ntp.conf.j2 | 5 +++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index a84e911..21d2b23 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -8,3 +8,6 @@ ntp_servers: - 1.pool.ntp.org iburst - 2.pool.ntp.org iburst - 3.pool.ntp.org iburst +ntp_restrict: + - 127.0.0.1 + - ::1 diff --git a/templates/ntp.conf.j2 b/templates/ntp.conf.j2 index cc1e0f0..e06ff1e 100644 --- a/templates/ntp.conf.j2 +++ b/templates/ntp.conf.j2 @@ -26,8 +26,9 @@ restrict default nomodify notrap nopeer noquery # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. -restrict 127.0.0.1 -restrict ::1 +{% for item in ntp_restrict %} +restrict {{ item }} +{% endfor %} # Clients from this (example!) subnet have unlimited access, but only if # cryptographically authenticated. -- cgit v1.2.3