pyrox.dev
1{
2 pkgs,
3 lib,
4 config,
5 options,
6 ...
7}:
8
9with lib;
10
11let
12 cfg = config.services.openntpd;
13
14 package = pkgs.openntpd_nixos;
15
16 configFile = ''
17 ${concatStringsSep "\n" (map (s: "server ${s}") cfg.servers)}
18 ${cfg.extraConfig}
19 '';
20
21 pidFile = "/run/openntpd.pid";
22
23in
24{
25 ###### interface
26
27 options.services.openntpd = {
28 enable = mkEnableOption "OpenNTP time synchronization server";
29
30 servers = mkOption {
31 default = config.services.ntp.servers;
32 defaultText = literalExpression "config.services.ntp.servers";
33 type = types.listOf types.str;
34 inherit (options.services.ntp.servers) description;
35 };
36
37 extraConfig = mkOption {
38 type = with types; lines;
39 default = "";
40 example = ''
41 listen on 127.0.0.1
42 listen on ::1
43 '';
44 description = ''
45 Additional text appended to {file}`openntpd.conf`.
46 '';
47 };
48
49 extraOptions = mkOption {
50 type = with types; separatedString " ";
51 default = "";
52 example = "-s";
53 description = ''
54 Extra options used when launching openntpd.
55 '';
56 };
57 };
58
59 ###### implementation
60
61 meta.maintainers = with lib.maintainers; [ thoughtpolice ];
62
63 config = mkIf cfg.enable {
64 services.timesyncd.enable = mkForce false;
65
66 # Add ntpctl to the environment for status checking
67 environment.systemPackages = [ package ];
68
69 environment.etc."ntpd.conf".text = configFile;
70
71 users.users.ntp = {
72 isSystemUser = true;
73 group = "ntp";
74 description = "OpenNTP daemon user";
75 home = "/var/empty";
76 };
77 users.groups.ntp = { };
78
79 systemd.services.openntpd = {
80 description = "OpenNTP Server";
81 wantedBy = [ "multi-user.target" ];
82 wants = [
83 "network-online.target"
84 "time-sync.target"
85 ];
86 before = [ "time-sync.target" ];
87 after = [
88 "dnsmasq.service"
89 "bind.service"
90 "network-online.target"
91 ];
92 serviceConfig = {
93 ExecStart = "${package}/sbin/ntpd -p ${pidFile} ${cfg.extraOptions}";
94 Type = "forking";
95 PIDFile = pidFile;
96 };
97 };
98 };
99}