diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-04-14 21:34:40 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2022-04-14 21:34:43 +0200 |
commit | b0acc3a58f75f01ff19dbc9544e681cfc9d50c8e (patch) | |
tree | 6397ac19ced890b7b5ec9ef17cb410880e66697c /data/templates/ntp/ntpd.conf.j2 | |
parent | d40e86aeb4e91fa9f8191b3c49830d9ba227c92c (diff) | |
download | vyos-1x-b0acc3a58f75f01ff19dbc9544e681cfc9d50c8e.tar.gz vyos-1x-b0acc3a58f75f01ff19dbc9544e681cfc9d50c8e.zip |
ntp: T4353: fix Jinja2 linting errors
Diffstat (limited to 'data/templates/ntp/ntpd.conf.j2')
-rw-r--r-- | data/templates/ntp/ntpd.conf.j2 | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/data/templates/ntp/ntpd.conf.j2 b/data/templates/ntp/ntpd.conf.j2 new file mode 100644 index 000000000..da610051e --- /dev/null +++ b/data/templates/ntp/ntpd.conf.j2 @@ -0,0 +1,42 @@ +### Autogenerated by ntp.py ### + +# +# Non-configurable defaults +# +driftfile /var/lib/ntp/ntp.drift +# By default, only allow ntpd to query time sources, ignore any incoming requests +restrict default noquery nopeer notrap nomodify +# Allow pool associations +restrict source nomodify notrap noquery +# Local users have unrestricted access, allowing reconfiguration via ntpdc +restrict 127.0.0.1 +restrict -6 ::1 + +# +# Configurable section +# +{% if server is vyos_defined %} +{% for server, config in server.items() %} +{% set association = 'server' %} +{% if config.pool is vyos_defined %} +{% set association = 'pool' %} +{% endif %} +{{ association }} {{ server | replace('_', '-') }} iburst {{ 'noselect' if config.noselect is vyos_defined }} {{ 'preempt' if config.preempt is vyos_defined }} {{ 'prefer' if config.prefer is vyos_defined }} +{% endfor %} +{% endif %} + +{% if allow_clients.address is vyos_defined %} +# Allowed clients configuration +restrict default ignore +{% for address in allow_clients.address %} +restrict {{ address | address_from_cidr }} mask {{ address | netmask_from_cidr }} nomodify notrap nopeer +{% endfor %} +{% endif %} + +{% if listen_address %} +# NTP should listen on configured addresses only +interface ignore wildcard +{% for address in listen_address %} +interface listen {{ address }} +{% endfor %} +{% endif %} |