From 579275e495a7835244f00b74b5aae3d9121a5b24 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 5 Apr 2020 16:53:38 +0200 Subject: ntp: T2230: move inlined templates to dedicated files --- data/templates/ntp/ntp.conf.tmpl | 38 ++++++++++++++++++++++++++ src/conf_mode/ntp.py | 59 ++++++++-------------------------------- 2 files changed, 49 insertions(+), 48 deletions(-) create mode 100644 data/templates/ntp/ntp.conf.tmpl diff --git a/data/templates/ntp/ntp.conf.tmpl b/data/templates/ntp/ntp.conf.tmpl new file mode 100644 index 000000000..52042d218 --- /dev/null +++ b/data/templates/ntp/ntp.conf.tmpl @@ -0,0 +1,38 @@ +### Autogenerated by ntp.py ### + +# +# Non-configurable defaults +# +driftfile /var/lib/ntp/ntp.drift +# By default, only allow ntpd to query time sources, ignore any incoming requests +restrict default noquery nopeer notrap nomodify +# Local users have unrestricted access, allowing reconfiguration via ntpdc +restrict 127.0.0.1 +restrict -6 ::1 + +# +# Configurable section +# + +{% if servers -%} +{% for s in servers -%} +# Server configuration for: {{ s.name }} +server {{ s.name }} iburst {{ s.options | join(" ") }} +{% endfor -%} +{% endif %} + +{% if allowed_networks -%} +{% for n in allowed_networks -%} +# Client configuration for network: {{ n.network }} +restrict {{ n.address }} mask {{ n.netmask }} nomodify notrap nopeer + +{% endfor -%} +{% endif %} + +{% if listen_address -%} +# NTP should listen on configured addresses only +interface ignore wildcard +{% for a in listen_address -%} +interface listen {{ a }} +{% endfor -%} +{% endif %} diff --git a/src/conf_mode/ntp.py b/src/conf_mode/ntp.py index c3e8d51b3..e147c8e4c 100755 --- a/src/conf_mode/ntp.py +++ b/src/conf_mode/ntp.py @@ -14,61 +14,19 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . -import sys import os -import jinja2 -import ipaddress from copy import deepcopy +from ipaddress import ip_network +from jinja2 import FileSystemLoader, Environment +from sys import exit from vyos.config import Config +from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError config_file = r'/etc/ntp.conf' -# Please be careful if you edit the template. -config_tmpl = """ -### Autogenerated by ntp.py ### - -# -# Non-configurable defaults -# -driftfile /var/lib/ntp/ntp.drift -# By default, only allow ntpd to query time sources, ignore any incoming requests -restrict default noquery nopeer notrap nomodify -# Local users have unrestricted access, allowing reconfiguration via ntpdc -restrict 127.0.0.1 -restrict -6 ::1 - -# -# Configurable section -# - -{% if servers -%} -{% for s in servers -%} -# Server configuration for: {{ s.name }} -server {{ s.name }} iburst {{ s.options | join(" ") }} -{% endfor -%} -{% endif %} - -{% if allowed_networks -%} -{% for n in allowed_networks -%} -# Client configuration for network: {{ n.network }} -restrict {{ n.address }} mask {{ n.netmask }} nomodify notrap nopeer - -{% endfor -%} -{% endif %} - -{% if listen_address -%} -# NTP should listen on configured addresses only -interface ignore wildcard -{% for a in listen_address -%} -interface listen {{ a }} -{% endfor -%} -{% endif %} - -""" - default_config_data = { 'servers': [], 'allowed_networks': [], @@ -140,7 +98,12 @@ def generate(ntp): if ntp is None: return None - tmpl = jinja2.Template(config_tmpl) + # Prepare Jinja2 template loader from files + tmpl_path = os.path.join(vyos_data_dir['data'], 'templates', 'ntp') + fs_loader = FileSystemLoader(tmpl_path) + env = Environment(loader=fs_loader) + + tmpl = env.get_template('ntp.conf.tmpl') config_text = tmpl.render(ntp) with open(config_file, 'w') as f: f.write(config_text) @@ -165,4 +128,4 @@ if __name__ == '__main__': apply(c) except ConfigError as e: print(e) - sys.exit(1) + exit(1) -- cgit v1.2.3