parent
ff95f2fdfc
commit
92c82d5ad8
2 changed files with 55 additions and 0 deletions
2
index.ts
2
index.ts
|
|
@ -11,6 +11,7 @@ import { setupKernel } from "./kernel.js";
|
||||||
import { runQemu } from "./qemu.js";
|
import { runQemu } from "./qemu.js";
|
||||||
import { Runit } from "./runit/index.js";
|
import { Runit } from "./runit/index.js";
|
||||||
import { setupDhcpcd } from "./services/dhcpcd.js";
|
import { setupDhcpcd } from "./services/dhcpcd.js";
|
||||||
|
import { setupNtpsec } from "./services/ntpsec.js";
|
||||||
|
|
||||||
if (process.argv[2] === "generate-secrets") {
|
if (process.argv[2] === "generate-secrets") {
|
||||||
await generateForgejoSecretsFile();
|
await generateForgejoSecretsFile();
|
||||||
|
|
@ -32,6 +33,7 @@ if (process.argv[2] === "generate-secrets") {
|
||||||
await alpine.addPackages(["helix", "iproute2-ss", "socat"]);
|
await alpine.addPackages(["helix", "iproute2-ss", "socat"]);
|
||||||
const runit = await Runit.setup(alpine);
|
const runit = await Runit.setup(alpine);
|
||||||
await setupDhcpcd(alpine, runit);
|
await setupDhcpcd(alpine, runit);
|
||||||
|
await setupNtpsec(alpine, runit);
|
||||||
await setupForgejo(alpine, runit);
|
await setupForgejo(alpine, runit);
|
||||||
const kernel = await setupKernel(alpine, kernelDir);
|
const kernel = await setupKernel(alpine, kernelDir);
|
||||||
|
|
||||||
|
|
|
||||||
53
services/ntpsec.ts
Normal file
53
services/ntpsec.ts
Normal file
|
|
@ -0,0 +1,53 @@
|
||||||
|
import { Alpine } from "../alpine.js";
|
||||||
|
import { sudoWriteFile } from "../helpers/sudo.js";
|
||||||
|
import { Runit } from "../runit/index.js";
|
||||||
|
|
||||||
|
export async function setupNtpsec(alpine: Alpine, runit: Runit) {
|
||||||
|
await alpine.addPackages(["ntpsec"]);
|
||||||
|
|
||||||
|
// In the ntpsec-doc package, open in browser:
|
||||||
|
// file:///usr/share/doc/ntpsec/quick.html
|
||||||
|
// file:///usr/share/doc/ntpsec/NTS-QuickStart.html
|
||||||
|
// XXX: revisar driftfile, creo que tiene que poder escribir pero está readonly
|
||||||
|
await sudoWriteFile(
|
||||||
|
alpine.path("/etc/ntp.conf"),
|
||||||
|
`
|
||||||
|
driftfile /var/lib/ntp/ntp.drift
|
||||||
|
|
||||||
|
restrict default kod limited nomodify nopeer noquery
|
||||||
|
restrict 127.0.0.1
|
||||||
|
restrict ::1
|
||||||
|
|
||||||
|
# https://gist.github.com/jauderho/2ad0d441760fc5ed69d8d4e2d6b35f8d
|
||||||
|
|
||||||
|
server time.cloudflare.com nts iburst
|
||||||
|
server nts.ntp.se nts iburst
|
||||||
|
|
||||||
|
# https://nts.time.nl/
|
||||||
|
server ntppool1.time.nl nts iburst
|
||||||
|
server ntppool2.time.nl nts iburst
|
||||||
|
|
||||||
|
# https://system76.com/time/
|
||||||
|
server paris.time.system76.com nts iburst
|
||||||
|
server brazil.time.system76.com nts iburst
|
||||||
|
|
||||||
|
# https://www.netnod.se/netnod-time/how-to-use-nts
|
||||||
|
server sth1.nts.netnod.se nts iburst
|
||||||
|
server sth2.nts.netnod.se nts iburst
|
||||||
|
|
||||||
|
# https://ntp.br/guia/linux/
|
||||||
|
server a.st1.ntp.br nts iburst
|
||||||
|
server b.st1.ntp.br nts iburst
|
||||||
|
server c.st1.ntp.br nts iburst
|
||||||
|
server d.st1.ntp.br nts iburst
|
||||||
|
server gps.ntp.br nts iburst
|
||||||
|
`
|
||||||
|
);
|
||||||
|
|
||||||
|
await runit.addService(
|
||||||
|
"ntpsec",
|
||||||
|
`#!/bin/sh
|
||||||
|
exec ntpd --nice --nofork --panicgate
|
||||||
|
`
|
||||||
|
);
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue