From b5f43160f9e4a518e1b4e670c1e850d6dc7ca41e Mon Sep 17 00:00:00 2001
From: pyllyukko <pyllyukko@maimed.org>
Date: Thu, 9 Nov 2023 18:11:02 +0200
Subject: [PATCH] Disable monlist in NTP & fixed failed_when in /etc/ntp.keys
 replace

---
 tasks/misc.yml | 33 ++++++++++++++++++++++-----------
 1 file changed, 22 insertions(+), 11 deletions(-)

diff --git a/tasks/misc.yml b/tasks/misc.yml
index 3aa4717..5ba8165 100644
--- a/tasks/misc.yml
+++ b/tasks/misc.yml
@@ -237,15 +237,26 @@
     Storage: none
     ProcessSizeMax: 0
 
-- name: Comment out default keys from /etc/ntp.keys
+- name: NTP
   become: true
-  register: result
-  failed_when:
-    - result.failed == true
-    - result.state != "absent"
-  tags:
-    - ntp
-  ansible.builtin.replace:
-    path: /etc/ntp.keys
-    regexp: '^((1|65535)\s+M\s+(akey|pass))$'
-    replace: '#\g<1>'
+  tags: ntp
+  block:
+    - name: Comment out default keys from /etc/ntp.keys
+      register: result
+      failed_when:
+        - result.failed
+        - result.msg != "Path /etc/ntp.keys does not exist !"
+      ansible.builtin.replace:
+        path: /etc/ntp.keys
+        regexp: '^((1|65535)\s+M\s+(akey|pass))$'
+        replace: '#\g<1>'
+    - name: Disable monlist in NTP
+      ansible.builtin.lineinfile:
+        path: /etc/ntp.conf
+        regexp: '^disable\s+monitor$'
+        line: disable monitor
+        create: false
+      register: result
+      failed_when:
+        - result.failed
+        - result.msg != "Destination /etc/ntp.conf does not exist !"