summaryrefslogtreecommitdiff
path: root/data/templates/chrony/chrony.conf.j2
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-01-13 22:07:34 +0100
committerChristian Breunig <christian@breunig.cc>2023-01-14 21:13:37 +0100
commit0d35a866ba12e66e504e1f575a04429c5d8cb9be (patch)
tree552d760211fbfca1ff4aa82625669eb501e56262 /data/templates/chrony/chrony.conf.j2
parentf570fce12e8675a66ef8a24e2e600c687475ebe7 (diff)
downloadvyos-1x-0d35a866ba12e66e504e1f575a04429c5d8cb9be.tar.gz
vyos-1x-0d35a866ba12e66e504e1f575a04429c5d8cb9be.zip
ntp: T3008: migrate from ntpd to chrony
* Move CLI from "system ntp" -> "service ntp" * Drop NTP server option preempt as not supported by chrony
Diffstat (limited to 'data/templates/chrony/chrony.conf.j2')
-rw-r--r--data/templates/chrony/chrony.conf.j258
1 files changed, 58 insertions, 0 deletions
diff --git a/data/templates/chrony/chrony.conf.j2 b/data/templates/chrony/chrony.conf.j2
new file mode 100644
index 000000000..b3bfc8c0c
--- /dev/null
+++ b/data/templates/chrony/chrony.conf.j2
@@ -0,0 +1,58 @@
+### Autogenerated by ntp.py ###
+
+# This would step the system clock if the adjustment is larger than 0.1 seconds,
+# but only in the first three clock updates.
+makestep 1.0 3
+
+# The rtcsync directive enables a mode where the system time is periodically
+# copied to the RTC and chronyd does not try to track its drift. This directive
+# cannot be used with the rtcfile directive. On Linux, the RTC copy is performed
+# by the kernel every 11 minutes.
+rtcsync
+
+# This directive specifies the maximum amount of memory that chronyd is allowed
+# to allocate for logging of client accesses and the state that chronyd as an
+# NTP server needs to support the interleaved mode for its clients.
+clientloglimit 1048576
+
+driftfile /run/chrony/drift
+dumpdir /run/chrony
+pidfile {{ config_file | replace('.conf', '.pid') }}
+
+# Determine when will the next leap second occur and what is the current offset
+leapsectz right/UTC
+
+user {{ user }}
+
+# NTP servers to reach out to
+{% if server is vyos_defined %}
+{% for server, config in server.items() %}
+{% set association = 'server' %}
+{% if config.pool is vyos_defined %}
+{% set association = 'pool' %}
+{% endif %}
+{{ association }} {{ server | replace('_', '-') }} iburst {{ 'noselect' if config.noselect is vyos_defined }} {{ 'prefer' if config.prefer is vyos_defined }}
+{% endfor %}
+{% endif %}
+
+# Allowed clients configuration
+{% if allow_client.address is vyos_defined %}
+{% for address in allow_client.address %}
+allow {{ address }}
+{% endfor %}
+{% endif %}
+deny all
+
+{% if listen_address is vyos_defined or interface is vyos_defined %}
+# NTP should listen on configured addresses only
+{% if listen_address is vyos_defined %}
+{% for address in listen_address %}
+bindaddress {{ address }}
+{% endfor %}
+{% endif %}
+{% if interface is vyos_defined %}
+{% for ifname in interface %}
+binddevice {{ ifname }}
+{% endfor %}
+{% endif %}
+{% endif %}