From 2cf26665e0084efcd419e558b9ee7a80a4e4b9fd Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@thegeeklab.de>
Date: Sun, 18 Sep 2022 23:27:54 +0200
Subject: [PATCH] fix: use client-only mode by default

---
 defaults/main.yml            | 5 +++++
 templates/etc/chrony.conf.j2 | 2 ++
 2 files changed, 7 insertions(+)

diff --git a/defaults/main.yml b/defaults/main.yml
index 749e6d8..462c74a 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -4,6 +4,11 @@ chrony_server: []
 
 chrony_allow: []
 
+# @var chrony_port:description: >
+# The port option can be set to 0 to make chrony daemon to never open any listening port
+# for server operation and to operate strictly in a client-only mode.
+# @end
+chrony_port: 0
 chrony_ntsdumpdir: /var/lib/chrony
 
 chrony_logdir: /var/log/chrony
diff --git a/templates/etc/chrony.conf.j2 b/templates/etc/chrony.conf.j2
index 100f71b..96c582f 100644
--- a/templates/etc/chrony.conf.j2
+++ b/templates/etc/chrony.conf.j2
@@ -7,6 +7,8 @@ pool {{ chrony_pool }}
 server {{ item }}
 {% endfor %}
 
+port {{ chrony_port }}
+
 sourcedir /run/chrony-dhcp
 driftfile /var/lib/chrony/drift
 makestep 1.0 3