blob: 5e9818858e0ca5811b24d9caf38d5d881c9a7025 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
{ config, pkgs, ... }:
with pkgs.lib;
let
inherit (pkgs) chrony;
stateDir = "/var/lib/chrony";
chronyUser = "chrony";
cfg = config.services.chrony;
configFile = pkgs.writeText "chrony.conf" ''
${toString (map (server: "server " + server + "\n") cfg.servers)}
${optionalString cfg.initstepslew.enabled ''
initstepslew ${toString cfg.initstepslew.threshold} ${toString (map (server: server + " ") cfg.initstepslew.servers)}
''}
driftfile ${stateDir}/chrony.drift
${optionalString (!config.time.hardwareClockInLocalTime) "rtconutc"}
${cfg.extraConfig}
'';
chronyFlags = "-m -f ${configFile} -u ${chronyUser}";
in
{
###### interface
options = {
services.chrony = {
enable = mkOption {
default = false;
description = ''
Whether to synchronise your machine's time using chrony.
Make sure you disable NTP if you enable this service.
'';
};
servers = mkOption {
default = [
"0.pool.ntp.org"
"1.pool.ntp.org"
"2.pool.ntp.org"
];
description = ''
The set of NTP servers from which to synchronise.
'';
};
initstepslew = mkOption {
default = {
enabled = true;
threshold = 1000; # by default, same threshold as 'ntpd -g' (1000s)
servers = cfg.servers;
};
description = ''
Allow chronyd to make a rapid measurement of the system clock error at
boot time, and to correct the system clock by stepping before normal
operation begins.
'';
};
extraConfig = mkOption {
default = "";
description = ''
Extra configuration directives that should be added to
<literal>chrony.conf</literal>
'';
};
};
};
###### implementation
config = mkIf config.services.chrony.enable {
# Make chronyc available in the system path
environment.systemPackages = [ pkgs.chrony ];
users.extraUsers = singleton
{ name = chronyUser;
uid = config.ids.uids.chrony;
description = "chrony daemon user";
home = stateDir;
};
jobs.chronyd =
{ description = "chrony daemon";
wantedBy = [ "ip-up.target" ];
partOf = [ "ip-up.target" ];
path = [ chrony ];
preStart =
''
mkdir -m 0755 -p ${stateDir}
chown ${chronyUser} ${stateDir}
'';
exec = "chronyd -n ${chronyFlags}";
};
};
}
|