Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F24678374
D3990.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
4 KB
Referenced Files
None
Subscribers
None
D3990.diff
View Options
diff --git a/pillar/core/ntp.sls b/pillar/core/ntp.sls
new file mode 100644
--- /dev/null
+++ b/pillar/core/ntp.sls
@@ -0,0 +1,12 @@
+# -------------------------------------------------------------
+# Salt — NTP servers
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+ntp_servers:
+ - 0.fr.pool.ntp.org
+ - 1.fr.pool.ntp.org
+ - 2.fr.pool.ntp.org
+ - 3.fr.pool.ntp.org
diff --git a/pillar/top.sls b/pillar/top.sls
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -11,6 +11,7 @@
- core.users
- core.groups
- core.network
+ - core.ntp
- nodes.nodes
- nodes.forests
- hotfixes.roles
diff --git a/roles/core/ntp/files/rc/ntpd.conf b/roles/core/ntp/files/chrony.conf.jinja
copy from roles/core/ntp/files/rc/ntpd.conf
copy to roles/core/ntp/files/chrony.conf.jinja
--- a/roles/core/ntp/files/rc/ntpd.conf
+++ b/roles/core/ntp/files/chrony.conf.jinja
@@ -1,9 +1,9 @@
# -------------------------------------------------------------
-# ntpd — rc configuration
+# Chrony configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
-# Source file: roles/core/ntp/files/rc/ntpd.conf
+# Source file: roles/core/ntp/files/chrony.conf.jinja
# -------------------------------------------------------------
#
# <auto-generated>
@@ -13,4 +13,12 @@
# and will be lost if the state is redeployed.
# </auto-generated>
-ntpd_enable=YES
+{% for server in servers %}
+pool {{ server }} iburst
+{% endfor %}
+
+driftfile /var/lib/chrony/drift
+makestep 1.0 3
+rtcsync
+
+logdir /var/log/chrony
diff --git a/roles/core/ntp/files/rc/ntpd.conf b/roles/core/ntp/files/ntp.conf.jinja
copy from roles/core/ntp/files/rc/ntpd.conf
copy to roles/core/ntp/files/ntp.conf.jinja
--- a/roles/core/ntp/files/rc/ntpd.conf
+++ b/roles/core/ntp/files/ntp.conf.jinja
@@ -1,9 +1,9 @@
# -------------------------------------------------------------
-# ntpd — rc configuration
+# ntpd configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
-# Source file: roles/core/ntp/files/rc/ntpd.conf
+# Source file: roles/core/ntp/files/ntp.conf.jinja
# -------------------------------------------------------------
#
# <auto-generated>
@@ -13,4 +13,15 @@
# and will be lost if the state is redeployed.
# </auto-generated>
-ntpd_enable=YES
+tos minclock 3 maxclock 6
+
+{% for server in servers %}
+pool {{ server }} iburst
+{% endfor %}
+
+restrict default limited kod nomodify notrap noquery nopeer
+restrict source limited kod nomodify notrap noquery
+restrict 127.0.0.1
+restrict ::1
+
+leapfile "/var/db/ntpd.leap-seconds.list"
diff --git a/roles/core/ntp/files/rc/ntpd.conf b/roles/core/ntp/files/rc/ntpd.conf
--- a/roles/core/ntp/files/rc/ntpd.conf
+++ b/roles/core/ntp/files/rc/ntpd.conf
@@ -13,4 +13,4 @@
# and will be lost if the state is redeployed.
# </auto-generated>
-ntpd_enable=YES
+ntpd_enable="YES"
diff --git a/roles/core/ntp/init.sls b/roles/core/ntp/init.sls
--- a/roles/core/ntp/init.sls
+++ b/roles/core/ntp/init.sls
@@ -1,4 +1,4 @@
-# -------------------------------------------------------------
+ # -------------------------------------------------------------
# Salt — NTP
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
@@ -9,17 +9,38 @@
chrony:
pkg.installed
+/etc/chrony.conf:
+ file.managed:
+ - source: salt://roles/core/ntp/files/chrony.conf.jinja
+ - template: jinja
+ - context:
+ servers: {% salt['pillar.get']('ntp_servers') %}
+ - user: root
+ - group: root
+ - mode: 644
+ - watch_in:
+ - service: chrony_service
+
chrony_service:
service.running:
- name: chronyd
- enable: true
{% endif %}
-{% if grains["os"] == "FreeBSD" %}
+{% if grains['os'] == 'FreeBSD' %}
/etc/rc.conf.d/ntpd:
file.managed:
- source: salt://roles/core/ntp/files/rc/ntpd.conf
+/etc/ntp.conf:
+ file.managed:
+ - source: salt://roles/core/ntp/files/ntp.conf.jinja
+ - template: jinja
+ - context:
+ servers: {% salt['pillar.get']('ntp_servers') %}
+ - watch_in:
+ - service: ntpd
+
ntpd:
service.running:
- enable: True
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Thu, Mar 5, 18:52 (19 h, 6 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3499469
Default Alt Text
D3990.diff (4 KB)
Attached To
Mode
D3990: Standardize NTP configuration
Attached
Detach File
Event Timeline
Log In to Comment