Loading nixos/modules/services/networking/ntp/ntpd.nix +51 −28 Original line number Diff line number Diff line { config, lib, pkgs, ... }: { config, lib, pkgs, ... }: with lib; Loading @@ -25,7 +30,12 @@ let ${cfg.extraConfig} ''; ntpFlags = [ "-c" "${configFile}" "-u" "ntp:ntp" ] ++ cfg.extraFlags; ntpFlags = [ "-c" "${configFile}" "-u" "ntp:ntp" ] ++ cfg.extraFlags; in Loading Loading @@ -58,7 +68,14 @@ in recommended in section 6.5.1.1.3, answer "No" of https://support.ntp.org/Support/AccessRestrictions ''; default = [ "limited" "kod" "nomodify" "notrap" "noquery" "nopeer" ]; default = [ "limited" "kod" "nomodify" "notrap" "noquery" "nopeer" ]; }; restrictSource = mkOption { Loading @@ -69,7 +86,13 @@ in The default flags allow peers to be added by ntpd from configured pool(s), but not by other means. ''; default = [ "limited" "kod" "nomodify" "notrap" "noquery" ]; default = [ "limited" "kod" "nomodify" "notrap" "noquery" ]; }; servers = mkOption { Loading Loading @@ -103,7 +126,6 @@ in }; ###### implementation config = mkIf config.services.ntp.enable { Loading @@ -113,25 +135,26 @@ in environment.systemPackages = [ pkgs.ntp ]; services.timesyncd.enable = mkForce false; systemd.services.systemd-timedated.environment = { SYSTEMD_TIMEDATED_NTP_SERVICES = "ntpd.service"; }; systemd.services.systemd-timedated.environment = { SYSTEMD_TIMEDATED_NTP_SERVICES = "ntpd.service"; }; users.users.ntp = { isSystemUser = true; users.users.ntp = { isSystemUser = true; group = "ntp"; description = "NTP daemon user"; home = stateDir; }; users.groups.ntp = { }; systemd.services.ntpd = { description = "NTP Daemon"; systemd.services.ntpd = { description = "NTP Daemon"; wantedBy = [ "multi-user.target" ]; wants = [ "time-sync.target" ]; before = [ "time-sync.target" ]; preStart = '' preStart = '' mkdir -m 0755 -p ${stateDir} chown ntp ${stateDir} ''; Loading Loading
nixos/modules/services/networking/ntp/ntpd.nix +51 −28 Original line number Diff line number Diff line { config, lib, pkgs, ... }: { config, lib, pkgs, ... }: with lib; Loading @@ -25,7 +30,12 @@ let ${cfg.extraConfig} ''; ntpFlags = [ "-c" "${configFile}" "-u" "ntp:ntp" ] ++ cfg.extraFlags; ntpFlags = [ "-c" "${configFile}" "-u" "ntp:ntp" ] ++ cfg.extraFlags; in Loading Loading @@ -58,7 +68,14 @@ in recommended in section 6.5.1.1.3, answer "No" of https://support.ntp.org/Support/AccessRestrictions ''; default = [ "limited" "kod" "nomodify" "notrap" "noquery" "nopeer" ]; default = [ "limited" "kod" "nomodify" "notrap" "noquery" "nopeer" ]; }; restrictSource = mkOption { Loading @@ -69,7 +86,13 @@ in The default flags allow peers to be added by ntpd from configured pool(s), but not by other means. ''; default = [ "limited" "kod" "nomodify" "notrap" "noquery" ]; default = [ "limited" "kod" "nomodify" "notrap" "noquery" ]; }; servers = mkOption { Loading Loading @@ -103,7 +126,6 @@ in }; ###### implementation config = mkIf config.services.ntp.enable { Loading @@ -113,25 +135,26 @@ in environment.systemPackages = [ pkgs.ntp ]; services.timesyncd.enable = mkForce false; systemd.services.systemd-timedated.environment = { SYSTEMD_TIMEDATED_NTP_SERVICES = "ntpd.service"; }; systemd.services.systemd-timedated.environment = { SYSTEMD_TIMEDATED_NTP_SERVICES = "ntpd.service"; }; users.users.ntp = { isSystemUser = true; users.users.ntp = { isSystemUser = true; group = "ntp"; description = "NTP daemon user"; home = stateDir; }; users.groups.ntp = { }; systemd.services.ntpd = { description = "NTP Daemon"; systemd.services.ntpd = { description = "NTP Daemon"; wantedBy = [ "multi-user.target" ]; wants = [ "time-sync.target" ]; before = [ "time-sync.target" ]; preStart = '' preStart = '' mkdir -m 0755 -p ${stateDir} chown ntp ${stateDir} ''; Loading
