blob: 8921826fa06b21ae0606b5306e8add9c9020438e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
### Autogenerated by ntp.py ###
#
# Non-configurable defaults
#
driftfile /var/lib/ntp/ntp.drift
# By default, only allow ntpd to query time sources, ignore any incoming requests
restrict default noquery nopeer notrap nomodify
# Allow pool associations
restrict source nomodify notrap noquery
# Local users have unrestricted access, allowing reconfiguration via ntpdc
restrict 127.0.0.1
restrict -6 ::1
#
# Configurable section
#
{% if server is vyos_defined %}
{% for server, config in server.items() %}
{% set association = 'server' %}
{% if config.pool is vyos_defined %}
{% set association = 'pool' %}
{% endif %}
{{ association }} {{ server | replace('_', '-') }} iburst {{ 'noselect' if config.noselect is vyos_defined }} {{ 'preempt' if config.preempt is vyos_defined }} {{ 'prefer' if config.prefer is vyos_defined }}
{% endfor %}
{% endif %}
{% if allow_clients.address is vyos_defined %}
# Allowed clients configuration
restrict default ignore
{% for address in allow_clients.address %}
restrict {{ address | address_from_cidr }} mask {{ address | netmask_from_cidr }} nomodify notrap nopeer
{% endfor %}
{% endif %}
{% if listen_address is vyos_defined or interface is vyos_defined %}
# NTP should listen on configured addresses only
interface ignore wildcard
{% if listen_address is vyos_defined %}
{% for address in listen_address %}
interface listen {{ address }}
{% endfor %}
{% endif %}
{% if interface is vyos_defined %}
{% for ifname in interface %}
interface listen {{ ifname }}
{% endfor %}
{% endif %}
{% endif %}
|
