diff options
author | Paul Sherwood <paul.sherwood@codethink.co.uk> | 2015-09-25 08:47:49 +0000 |
---|---|---|
committer | Paul Sherwood <paul.sherwood@codethink.co.uk> | 2015-09-26 08:27:41 +0100 |
commit | 3a2f641e4e70e76ffa77629c6208970c1a7af667 (patch) | |
tree | e6635788976c616017c05b5ea93432f9b2dc769e /baserock/strata/ntpd/ntpd.morph | |
parent | c844667a718e8640d9ae2b7640a3b0dc0fb53b0e (diff) | |
download | definitions-baserock/ps/reorganise-definitions.tar.gz |
Proposed re-org of definitions repobaserock/ps/reorganise-definitions
Diffstat (limited to 'baserock/strata/ntpd/ntpd.morph')
-rw-r--r-- | baserock/strata/ntpd/ntpd.morph | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/baserock/strata/ntpd/ntpd.morph b/baserock/strata/ntpd/ntpd.morph new file mode 100644 index 00000000..762762c7 --- /dev/null +++ b/baserock/strata/ntpd/ntpd.morph @@ -0,0 +1,51 @@ +name: ntpd +kind: chunk +build-system: autotools +configure-commands: +- ./configure --prefix="$PREFIX" --enable-linuxcaps +post-install-commands: +- | + cat > ntpd.service << EOF + [Unit] + Description=Network Time Service + After=network.target nss-lookup.target + Conflicts=systemd-timesyncd.service + + [Service] + Type=forking + ExecStart=/usr/bin/ntpd -u ntp:ntp -Ng + PrivateTmp=True + Restart=on-failure + + [Install] + WantedBy=multi-user.target + EOF +- install -D -m 644 ntpd.service "$DESTDIR"/lib/systemd/system/ntpd.service +- mkdir -p "$DESTDIR"/lib/systemd/system/multi-user.target.wants +- ln -s /lib/systemd/system/ntpd.service "$DESTDIR"/lib/systemd/system/multi-user.target.wants/ntpd.service +- | + cat > ntp.conf << EOF + # We use iburst here to reduce the potential initial delay to set the clock + server 0.pool.ntp.org iburst + server 1.pool.ntp.org iburst + server 2.pool.ntp.org iburst + server 3.pool.ntp.org iburst + + # kod - notify client when packets are denied service, + # rather than just dropping the packets + # + # nomodify - deny queries which attempt to modify the state of the server + # + # notrap - decline to provide mode 6 control message trap service to + # matching hosts + # + # see ntp.conf(5) for more details + restrict -4 default limit kod notrap nomodify + restrict -6 default limit kod notrap nomodify + EOF +- install -D -m 644 ntp.conf "$DESTDIR"/etc/ntp.conf +system-integration: + ntpd-misc: + 00-add-ntpd-user: + - groupadd -r ntp + - useradd -g ntp -d /home/ntp -s /bin/false -r ntp |