55 lines
1.5 KiB
TypeScript
55 lines
1.5 KiB
TypeScript
import { Alpine } from "../alpine.js";
|
|
import { Runit } from "../runit/index.js";
|
|
import { FluentBitParser, runitLokiLogger } from "../software/fluentbit.js";
|
|
|
|
export async function setupNtpsec(alpine: Alpine, runit: Runit) {
|
|
await alpine.addPackages(["ntpsec"]);
|
|
|
|
// In the ntpsec-doc package, open in browser:
|
|
// file:///usr/share/doc/ntpsec/quick.html
|
|
// file:///usr/share/doc/ntpsec/NTS-QuickStart.html
|
|
// XXX: revisar driftfile, creo que tiene que poder escribir pero está readonly
|
|
await alpine.writeFile(
|
|
"/etc/ntp.conf",
|
|
`
|
|
driftfile /var/lib/ntp/ntp.drift
|
|
|
|
restrict default kod limited nomodify nopeer noquery
|
|
restrict 127.0.0.1
|
|
restrict ::1
|
|
|
|
# https://gist.github.com/jauderho/2ad0d441760fc5ed69d8d4e2d6b35f8d
|
|
|
|
server time.cloudflare.com nts iburst
|
|
server nts.ntp.se nts iburst
|
|
|
|
# https://nts.time.nl/
|
|
server ntppool1.time.nl nts iburst
|
|
server ntppool2.time.nl nts iburst
|
|
|
|
# https://system76.com/time/
|
|
server paris.time.system76.com nts iburst
|
|
server brazil.time.system76.com nts iburst
|
|
|
|
# https://www.netnod.se/netnod-time/how-to-use-nts
|
|
server sth1.nts.netnod.se nts iburst
|
|
server sth2.nts.netnod.se nts iburst
|
|
|
|
# https://ntp.br/guia/linux/
|
|
server a.st1.ntp.br nts iburst
|
|
server b.st1.ntp.br nts iburst
|
|
server c.st1.ntp.br nts iburst
|
|
server d.st1.ntp.br nts iburst
|
|
server gps.ntp.br nts iburst
|
|
`
|
|
);
|
|
|
|
await runit.addService(
|
|
"ntpsec",
|
|
`#!/bin/sh
|
|
exec ntpd --nice --nofork --panicgate --user=ntp
|
|
`,
|
|
runitLokiLogger(FluentBitParser.Ntpsec, "ntpsec")
|
|
);
|
|
}
|