summaryrefslogtreecommitdiff
path: root/data/templates/chrony/chrony.conf.j2
blob: 838813866b6fa1ca63697d8327c37068aecb492a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
### Autogenerated by service_ntp.py ###

# This would step the system clock if the adjustment is larger than 0.1 seconds,
# but only in the first three clock updates.
makestep 1.0 3

# The rtcsync directive enables a mode where the system time is periodically
# copied to the RTC and chronyd does not try to track its drift. This directive
# cannot be used with the rtcfile directive. On Linux, the RTC copy is performed
# by the kernel every 11 minutes.
rtcsync

# This directive specifies the maximum amount of memory that chronyd is allowed
# to allocate for logging of client accesses and the state that chronyd as an
# NTP server needs to support the interleaved mode for its clients.
clientloglimit 1048576

driftfile /run/chrony/drift
dumpdir /run/chrony
ntsdumpdir /run/chrony
pidfile {{ config_file | replace('.conf', '.pid') }}

# Determine when will the next leap second occur and what is the current offset
{% if leap_second is vyos_defined('timezone') %}
leapsectz right/UTC
{% elif leap_second is vyos_defined('ignore') %}
leapsecmode ignore
{% elif leap_second is vyos_defined('smear') %}
leapsecmode slew
maxslewrate 1000
smoothtime 400 0.001024 leaponly
{% elif leap_second is vyos_defined('system') %}
leapsecmode system
{% endif %}

user {{ user }}

# NTP servers to reach out to
{% if server is vyos_defined %}
{%     for server, config in server.items() %}
{%         set association = 'server' %}
{%         if config.pool is vyos_defined %}
{%             set association = 'pool' %}
{%         endif %}
{{ association }} {{ server | replace('_', '-') }} iburst {{- ' nts' if config.nts is vyos_defined }} {{- ' noselect' if config.noselect is vyos_defined }} {{- ' prefer' if config.prefer is vyos_defined }} {{- ' xleave' if config.interleave is vyos_defined }}
{%     endfor %}
{% endif %}

# Allowed clients configuration
{% if allow_client.address is vyos_defined %}
{%     for address in allow_client.address %}
allow {{ address }}
{%     endfor %}
{% else %}
deny all
{% endif %}

{% if listen_address is vyos_defined or interface is vyos_defined %}
# NTP should listen on configured addresses only
{%     if listen_address is vyos_defined %}
{%         for address in listen_address %}
bindaddress {{ address }}
{%         endfor %}
{%     endif %}
{%     if interface is vyos_defined %}
binddevice {{ interface }}
{%     endif %}
{% endif %}

{% if offload.timestamp.interface is vyos_defined %}
# Enable hardware timestamping on the specified interfaces
{%     for interface, config in offload.timestamp.interface.items() %}
hwtimestamp {{ interface }} {{- ' rxfilter ' ~ config.receive_filter if config.receive_filter is vyos_defined }}
{%     endfor %}
{% endif %}
{% if offload.timestamp.default_enable is vyos_defined %}
# Enable hardware timestamping on all supported interfaces not otherwise configured
hwtimestamp *
{% endif %}