From 86802342be3c8bd8d4af84fd8d4ccca6cb4fba89 Mon Sep 17 00:00:00 2001 From: Maximilian Friedersdorff Date: Tue, 4 Jun 2019 16:18:52 +0100 Subject: [PATCH 1/1] Install and manage ntp --- states/ntp/files/ntp.conf | 56 +++++++++++++++++++++++++++++++++++++++ states/ntp/gentoo.sls | 9 +++++++ states/ntp/init.sls | 7 +++++ 3 files changed, 72 insertions(+) create mode 100644 states/ntp/files/ntp.conf create mode 100644 states/ntp/gentoo.sls create mode 100644 states/ntp/init.sls diff --git a/states/ntp/files/ntp.conf b/states/ntp/files/ntp.conf new file mode 100644 index 0000000..5008e12 --- /dev/null +++ b/states/ntp/files/ntp.conf @@ -0,0 +1,56 @@ +# NOTES: +# DHCP clients can append or replace NTP configuration files. +# You should consult your DHCP client documentation about its +# default behaviour and how to change it. + +# Name of the servers ntpd should sync with +# Please respect the access policy as stated by the responsible person. +#server ntp.example.tld iburst + +# Common pool for random people +#server pool.ntp.org + +# Pools for Gentoo users +server 0.gentoo.pool.ntp.org +server 1.gentoo.pool.ntp.org +server 2.gentoo.pool.ntp.org +server 3.gentoo.pool.ntp.org +server 127.127.1.0 +fudge 127.127.1.0 stratum 10 + +## +# A list of available servers can be found here: +# http://www.pool.ntp.org/ +# http://www.pool.ntp.org/#use +# A good way to get servers for your machine is: +# netselect -s 3 pool.ntp.org +## + +# you should not need to modify the following paths +driftfile /var/lib/ntp/ntp.drift + +#server ntplocal.example.com prefer +#server timeserver.example.org + +# Warning: Using default NTP settings will leave your NTP +# server accessible to all hosts on the Internet. + +# If you want to deny all machines (including your own) +# from accessing the NTP server, uncomment: +#restrict default ignore + + +# Default configuration: +# - Allow only time queries, at a limited rate, sending KoD when in excess. +# - Allow all local queries (IPv4, IPv6) +restrict default nomodify nopeer noquery +restrict 127.0.0.1 +restrict [::1] + + +# To allow machines within your network to synchronize +# their clocks with your server, but ensure they are +# not allowed to configure the server or used as peers +# to synchronize against, uncomment this line. +# +#restrict 192.168.0.0 mask 255.255.255.0 nomodify nopeer notrap diff --git a/states/ntp/gentoo.sls b/states/ntp/gentoo.sls new file mode 100644 index 0000000..03a8253 --- /dev/null +++ b/states/ntp/gentoo.sls @@ -0,0 +1,9 @@ +install ntp: + pkg.install: + - name: net-misc/ntp + - require: + - pkg: remove other ntp + +remove other ntp: + pkg.removed: + - pkgs: ['net-misc/openntpd', 'net-misc/ntpclient'] diff --git a/states/ntp/init.sls b/states/ntp/init.sls new file mode 100644 index 0000000..0555738 --- /dev/null +++ b/states/ntp/init.sls @@ -0,0 +1,7 @@ +ntp configuration: + file.managed: + - name: /etc/ntp.conf + - source: salt://ntp/files/ntp.conf + - mode: 644 + - user: root + - group: root -- 2.46.2