T6357: create test repository to validate setup

2 files changed, 85 insertions, 0 deletions

diff --git a/data/templates/chrony/chrony.conf.j2 b/data/templates/chrony/chrony.conf.j2
new file mode 100644
index 0000000..e3f078f
--- /dev/null
+++ b/data/templates/chrony/chrony.conf.j2
@@ -0,0 +1,68 @@
+### Autogenerated by service_ntp.py ###
+
+# This would step the system clock if the adjustment is larger than 0.1 seconds,
+# but only in the first three clock updates.
+makestep 1.0 3
+
+# The rtcsync directive enables a mode where the system time is periodically
+# copied to the RTC and chronyd does not try to track its drift. This directive
+# cannot be used with the rtcfile directive. On Linux, the RTC copy is performed
+# by the kernel every 11 minutes.
+rtcsync
+
+# This directive specifies the maximum amount of memory that chronyd is allowed
+# to allocate for logging of client accesses and the state that chronyd as an
+# NTP server needs to support the interleaved mode for its clients.
+clientloglimit 1048576
+
+driftfile /run/chrony/drift
+dumpdir /run/chrony
+ntsdumpdir /run/chrony
+pidfile {{ config_file | replace('.conf', '.pid') }}
+
+# Determine when will the next leap second occur and what is the current offset
+{% if leap_second is vyos_defined('timezone') %}
+leapsectz right/UTC
+{% elif leap_second is vyos_defined('ignore') %}
+leapsecmode ignore
+{% elif leap_second is vyos_defined('smear') %}
+leapsecmode slew
+maxslewrate 1000
+smoothtime 400 0.001024 leaponly
+{% elif leap_second is vyos_defined('system') %}
+leapsecmode system
+{% endif %}
+
+user {{ user }}
+
+# NTP servers to reach out to
+{% if server is vyos_defined %}
+{%     for server, config in server.items() %}
+{%         set association = 'server' %}
+{%         if config.pool is vyos_defined %}
+{%             set association = 'pool' %}
+{%         endif %}
+{{ association }} {{ server | replace('_', '-') }} iburst {{ 'nts' if config.nts is vyos_defined }} {{ 'noselect' if config.noselect is vyos_defined }} {{ 'prefer' if config.prefer is vyos_defined }}
+{%     endfor %}
+{% endif %}
+
+# Allowed clients configuration
+{% if allow_client.address is vyos_defined %}
+{%     for address in allow_client.address %}
+allow {{ address }}
+{%     endfor %}
+{% else %}
+deny all
+{% endif %}
+
+{% if listen_address is vyos_defined or interface is vyos_defined %}
+# NTP should listen on configured addresses only
+{%     if listen_address is vyos_defined %}
+{%         for address in listen_address %}
+bindaddress {{ address }}
+{%         endfor %}
+{%     endif %}
+{%     if interface is vyos_defined %}
+binddevice {{ interface }}
+{%     endif %}
+{% endif %}
diff --git a/data/templates/chrony/override.conf.j2 b/data/templates/chrony/override.conf.j2
new file mode 100644
index 0000000..b8935ae
--- /dev/null
+++ b/data/templates/chrony/override.conf.j2
@@ -0,0 +1,17 @@
+{% set vrf_command = 'ip vrf exec ' ~ vrf ~ ' ' if vrf is vyos_defined else '' %}
+[Unit]
+StartLimitIntervalSec=0
+ConditionPathExists={{ config_file }}
+After=vyos-router.service
+
+[Service]
+EnvironmentFile=
+ExecStart=
+ExecStart=!{{ vrf_command }}/usr/sbin/chronyd -F 1 -f {{ config_file }}
+PIDFile=
+PIDFile={{ config_file | replace('.conf', '.pid') }}
+Restart=always
+RestartSec=10
+# Required for VRF support
+ProcSubset=all
+ProtectControlGroups=no