]> git.friedersdorff.com Git - max/saltfiles.git/commitdiff
Install and manage ntp
authorMaximilian Friedersdorff <max@friedersdorff.com>
Tue, 4 Jun 2019 15:18:52 +0000 (16:18 +0100)
committerMaximilian Friedersdorff <max@friedersdorff.com>
Tue, 4 Jun 2019 15:18:52 +0000 (16:18 +0100)
states/ntp/files/ntp.conf [new file with mode: 0644]
states/ntp/gentoo.sls [new file with mode: 0644]
states/ntp/init.sls [new file with mode: 0644]

diff --git a/states/ntp/files/ntp.conf b/states/ntp/files/ntp.conf
new file mode 100644 (file)
index 0000000..5008e12
--- /dev/null
@@ -0,0 +1,56 @@
+# NOTES:
+# DHCP clients can append or replace NTP configuration files.
+# You should consult your DHCP client documentation about its
+# default behaviour and how to change it.
+
+# Name of the servers ntpd should sync with
+# Please respect the access policy as stated by the responsible person.
+#server                ntp.example.tld         iburst
+
+# Common pool for random people
+#server pool.ntp.org
+
+# Pools for Gentoo users
+server 0.gentoo.pool.ntp.org
+server 1.gentoo.pool.ntp.org
+server 2.gentoo.pool.ntp.org
+server 3.gentoo.pool.ntp.org
+server 127.127.1.0
+fudge 127.127.1.0 stratum 10
+
+##
+# A list of available servers can be found here:
+# http://www.pool.ntp.org/
+# http://www.pool.ntp.org/#use
+# A good way to get servers for your machine is:
+# netselect -s 3 pool.ntp.org
+##
+
+# you should not need to modify the following paths
+driftfile      /var/lib/ntp/ntp.drift
+
+#server ntplocal.example.com prefer 
+#server timeserver.example.org 
+
+# Warning: Using default NTP settings will leave your NTP
+# server accessible to all hosts on the Internet.
+
+# If you want to deny all machines (including your own)
+# from accessing the NTP server, uncomment:
+#restrict default ignore
+
+
+# Default configuration:
+# - Allow only time queries, at a limited rate, sending KoD when in excess.
+# - Allow all local queries (IPv4, IPv6)
+restrict default nomodify nopeer noquery
+restrict 127.0.0.1
+restrict [::1]
+
+
+# To allow machines within your network to synchronize
+# their clocks with your server, but ensure they are
+# not allowed to configure the server or used as peers
+# to synchronize against, uncomment this line.
+#
+#restrict 192.168.0.0 mask 255.255.255.0 nomodify nopeer notrap
diff --git a/states/ntp/gentoo.sls b/states/ntp/gentoo.sls
new file mode 100644 (file)
index 0000000..03a8253
--- /dev/null
@@ -0,0 +1,9 @@
+install ntp:
+  pkg.install:
+    - name: net-misc/ntp
+    - require:
+      - pkg: remove other ntp
+
+remove other ntp:
+  pkg.removed:
+    - pkgs: ['net-misc/openntpd', 'net-misc/ntpclient']
diff --git a/states/ntp/init.sls b/states/ntp/init.sls
new file mode 100644 (file)
index 0000000..0555738
--- /dev/null
@@ -0,0 +1,7 @@
+ntp configuration:
+  file.managed:
+    - name: /etc/ntp.conf
+    - source: salt://ntp/files/ntp.conf
+    - mode: 644
+    - user: root
+    - group: root