diff options
Diffstat (limited to 'data/templates/ntp')
| -rw-r--r-- | data/templates/ntp/ntp.conf.tmpl | 47 | ||||
| -rw-r--r-- | data/templates/ntp/override.conf.tmpl | 11 |
2 files changed, 58 insertions, 0 deletions
diff --git a/data/templates/ntp/ntp.conf.tmpl b/data/templates/ntp/ntp.conf.tmpl new file mode 100644 index 000000000..6ef0c0f2c --- /dev/null +++ b/data/templates/ntp/ntp.conf.tmpl @@ -0,0 +1,47 @@ +### Autogenerated by ntp.py ### + +# +# Non-configurable defaults +# +driftfile /var/lib/ntp/ntp.drift +# By default, only allow ntpd to query time sources, ignore any incoming requests +restrict default noquery nopeer notrap nomodify +# Local users have unrestricted access, allowing reconfiguration via ntpdc +restrict 127.0.0.1 +restrict -6 ::1 + +# +# Configurable section +# +{% if server %} +{% for srv in server %} +{% set options = '' %} +{% set options = options + 'noselect ' if server[srv].noselect is defined else '' %} +{% set options = options + 'preempt ' if server[srv].preempt is defined else '' %} +{% set options = options + 'prefer ' if server[srv].prefer is defined else '' %} +server {{ srv | replace('_', '-') }} iburst {{ options }} +{% endfor %} +{% endif %} + +{% if allow_clients is defined and allow_clients.address is defined %} +# Allowed clients configuration +{% if allow_clients.address is string %} +restrict {{ allow_clients.address|address_from_cidr }} mask {{ allow_clients.address|netmask_from_cidr }} nomodify notrap nopeer +{% else %} +{% for address in allow_clients.address %} +restrict {{ address|address_from_cidr }} mask {{ address|netmask_from_cidr }} nomodify notrap nopeer +{% endfor %} +{% endif %} +{% endif %} + +{% if listen_address %} +# NTP should listen on configured addresses only +interface ignore wildcard +{% if listen_address is string %} +interface listen {{ listen_address }} +{% else %} +{% for address in listen_address %} +interface listen {{ address }} +{% endfor %} +{% endif %} +{% endif %} diff --git a/data/templates/ntp/override.conf.tmpl b/data/templates/ntp/override.conf.tmpl new file mode 100644 index 000000000..466638e5a --- /dev/null +++ b/data/templates/ntp/override.conf.tmpl @@ -0,0 +1,11 @@ +{% set vrf_command = '/sbin/ip vrf exec ' + vrf + ' ' if vrf is defined else '' %} +[Unit] +StartLimitIntervalSec=0 +After=vyos-router.service + +[Service] +ExecStart= +ExecStart={{vrf_command}}/usr/lib/ntp/ntp-systemd-wrapper +Restart=on-failure +RestartSec=10 + |