pyrox.dev
1{ config, lib, pkgs, ... }:
2
3with lib;
4
5let
6
7 inherit (pkgs) ntp;
8
9 cfg = config.services.ntp;
10
11 stateDir = "/var/lib/ntp";
12
13 ntpUser = "ntp";
14
15 configFile = pkgs.writeText "ntp.conf" ''
16 driftfile ${stateDir}/ntp.drift
17
18 restrict 127.0.0.1
19 restrict -6 ::1
20
21 ${toString (map (server: "server " + server + " iburst\n") cfg.servers)}
22 '';
23
24 ntpFlags = "-c ${configFile} -u ${ntpUser}:nogroup ${toString cfg.extraFlags}";
25
26in
27
28{
29
30 ###### interface
31
32 options = {
33
34 services.ntp = {
35
36 enable = mkOption {
37 default = false;
38 description = ''
39 Whether to synchronise your machine's time using the NTP
40 protocol.
41 '';
42 };
43
44 servers = mkOption {
45 default = config.networking.timeServers;
46 description = ''
47 The set of NTP servers from which to synchronise.
48 '';
49 };
50
51 extraFlags = mkOption {
52 type = types.listOf types.str;
53 description = "Extra flags passed to the ntpd command.";
54 default = [];
55 };
56
57 };
58
59 };
60
61
62 ###### implementation
63
64 config = mkIf config.services.ntp.enable {
65
66 # Make tools such as ntpq available in the system path.
67 environment.systemPackages = [ pkgs.ntp ];
68 services.timesyncd.enable = mkForce false;
69
70 users.extraUsers = singleton
71 { name = ntpUser;
72 uid = config.ids.uids.ntp;
73 description = "NTP daemon user";
74 home = stateDir;
75 };
76
77 systemd.services.ntpd =
78 { description = "NTP Daemon";
79
80 wantedBy = [ "multi-user.target" ];
81 wants = [ "time-sync.target" ];
82 before = [ "time-sync.target" ];
83
84 preStart =
85 ''
86 mkdir -m 0755 -p ${stateDir}
87 chown ${ntpUser} ${stateDir}
88 '';
89
90 serviceConfig = {
91 ExecStart = "@${ntp}/bin/ntpd ntpd -g ${ntpFlags}";
92 Type = "forking";
93 };
94 };
95
96 };
97
98}