pyrox.dev
1{ config, lib, pkgs, ... }:
2
3with lib;
4
5let
6
7 inherit (pkgs) ntp;
8
9 stateDir = "/var/lib/ntp";
10
11 ntpUser = "ntp";
12
13 configFile = pkgs.writeText "ntp.conf" ''
14 driftfile ${stateDir}/ntp.drift
15
16 restrict 127.0.0.1
17 restrict -6 ::1
18
19 ${toString (map (server: "server " + server + " iburst\n") config.services.ntp.servers)}
20 '';
21
22 ntpFlags = "-c ${configFile} -u ${ntpUser}:nogroup";
23
24in
25
26{
27
28 ###### interface
29
30 options = {
31
32 services.ntp = {
33
34 enable = mkOption {
35 default = !config.boot.isContainer;
36 description = ''
37 Whether to synchronise your machine's time using the NTP
38 protocol.
39 '';
40 };
41
42 servers = mkOption {
43 default = [
44 "0.nixos.pool.ntp.org"
45 "1.nixos.pool.ntp.org"
46 "2.nixos.pool.ntp.org"
47 "3.nixos.pool.ntp.org"
48 ];
49 description = ''
50 The set of NTP servers from which to synchronise.
51 '';
52 };
53
54 };
55
56 };
57
58
59 ###### implementation
60
61 config = mkIf config.services.ntp.enable {
62
63 # Make tools such as ntpq available in the system path.
64 environment.systemPackages = [ pkgs.ntp ];
65
66 users.extraUsers = singleton
67 { name = ntpUser;
68 uid = config.ids.uids.ntp;
69 description = "NTP daemon user";
70 home = stateDir;
71 };
72
73 systemd.services.ntpd =
74 { description = "NTP Daemon";
75
76 wantedBy = [ "multi-user.target" ];
77
78 preStart =
79 ''
80 mkdir -m 0755 -p ${stateDir}
81 chown ${ntpUser} ${stateDir}
82 '';
83
84 serviceConfig = {
85 ExecStart = "@${ntp}/bin/ntpd ntpd -g ${ntpFlags}";
86 Type = "forking";
87 };
88 };
89
90 };
91
92}