heat_template_version: rocky

description: >
  Chrony time service deployment using ansible, this YAML file
  creates the interface between the HOT template
  and the ansible role that actually installs
  and configure chronyd.

parameters:
  ServiceData:
    default: {}
    description: Dictionary packing service data
    type: json
  ServiceNetMap:
    default: {}
    description: Mapping of service_name -> network name. Typically set
                 via parameter_defaults in the resource registry.  This
                 mapping overrides those in ServiceNetMapDefaults.
    type: json
  DefaultPasswords:
    default: {}
    type: json
  RoleName:
    default: ''
    description: Role name on which the service is applied
    type: string
  RoleParameters:
    default: {}
    description: Parameters specific to the role
    type: json
  EndpointMap:
    default: {}
    description: Mapping of service endpoint -> protocol. Typically set
                 via parameter_defaults in the resource registry.
    type: json
  NtpServer:
    default: ['0.pool.ntp.org', '1.pool.ntp.org', '2.pool.ntp.org', '3.pool.ntp.org']
    description: NTP servers list. Defaulted to a set of pool.ntp.org servers
                 in order to have a sane default for Pacemaker deployments when
                 not configuring this parameter by default.
    type: comma_delimited_list
  NtpPool:
    default: []
    description: NTP pool list.  Defaults to [], so only NtpServer is used by
                 default.
    type: comma_delimited_list
  ChronyGlobalServerOptions:
    default: ''
    description: Default server options for the configured NTP servers in
                 chrony.conf. If this is specified, NtpIburstEnable, MaxPoll,
                 and MinPoll are ignored.
    type: string
  ChronyGlobalPoolOptions:
    default: ''
    description: Default pool options for the configured NTP pools in
                 chrony.conf. If this is specified, NtpIburstEnable, MaxPoll,
                 and MinPoll are ignored.
    type: string
  NtpIburstEnable:
    default: true
    description: Specifies whether to enable the iburst option for every NTP
                 peer. If iburst is enabled, when the ntp server is unreachable
                 ntp will send a burst of eight packages instead of one. This
                 is designed to speed up the initial syncrhonization.
    type: boolean
  MaxPoll:
    description: Specify maximum poll interval of upstream servers for NTP
                 messages, in seconds to the power of two.
                 The maximum poll interval defaults to 10 (1,024 s).
                 Allowed values are 4 to 17.
    type: number
    default: 10
    constraints:
      - range: { min: 4, max: 17 }
  MinPoll:
    description: Specify minimum poll interval of upstream servers for NTP
                 messages, in seconds to the power of two.
                 The minimum poll interval defaults to 6 (64 s).
                 Allowed values are 4 to 17.
    type: number
    default: 6
    constraints:
      - range: { min: 4, max: 17 }
  EnablePackageInstall:
    default: 'false'
    description: Set to true to enable package installation at deploy time
    type: boolean
  ChronyAclRules:
    default: ['deny all']
    description: Access Control List of NTP clients.  By default no clients
                 are permitted.
    type: comma_delimited_list

conditions:
  chrony_global_server_settings_is_empty: {equals: [{get_param: ChronyGlobalServerOptions}, '']}
  chrony_global_pool_settings_is_empty: {equals: [{get_param: ChronyGlobalPoolOptions}, '']}
  ntp_iburst: {equals: [{get_param: NtpIburstEnable}, true]}

outputs:
  role_data:
    description: Role chrony using composable timesync services.
    value:
      service_name: chrony
      config_settings:
        tripleo::ntp::firewall_rules:
          '105 ntp':
            dport: 123
            proto: udp
      step_config: ''
      host_prep_tasks:
        - name: Populate service facts (chrony)
          service_facts: # needed to make yaml happy
        - name: Disable NTP before configuring Chrony
          service:
              name: ntpd
              state: stopped
              enabled: no
          when: "'ntpd.service' in ansible_facts.services"
        - name: Install, Configure and Run Chrony
          include_role:
            name: chrony
        - name: Ensure chrony has been restarted
          meta: flush_handlers
        - name: Ensure system is NTP time synced
          command: chronyc waitsync 20
      ansible_group_vars:
        chrony_role_action: all
        chrony_ntp_servers: {get_param: NtpServer}
        chrony_ntp_pools: {get_param: NtpPool}
        chrony_global_server_settings:
          if:
          - chrony_global_server_settings_is_empty
          - str_replace:
              template: IBURST minpoll MINPOLL maxpoll MAXPOLL
              params:
                IBURST:
                  if:
                  - ntp_iburst
                  - iburst
                  - ''
                MINPOLL: { get_param: MinPoll }
                MAXPOLL: { get_param: MaxPoll }
          - {get_param: ChronyGlobalServerOptions}
        chrony_global_pool_settings:
          if:
          - chrony_global_pool_settings_is_empty
          - str_replace:
              template: IBURST minpoll MINPOLL maxpoll MAXPOLL
              params:
                IBURST:
                  if:
                  - ntp_iburst
                  - iburst
                  - ''
                MINPOLL: { get_param: MinPoll }
                MAXPOLL: { get_param: MaxPoll }
          - {get_param: ChronyGlobalPoolOptions}
        chrony_manage_package: {get_param: EnablePackageInstall}
        chrony_acl_rules: {get_param: ChronyAclRules}