pyrox.dev / nixpkgs
lol
fork atom

nixos/ntpd-rs: Handle configuring NTP pools (#403903)

Franz Pletz 2634ca82 674b4ebd

options
unified split
Changed files
+27 -5
nixos
modules
services
networking
ntp
ntpd-rs.nix
tests
ntpd-rs.nix
+1 -1
nixos/modules/services/networking/ntp/ntpd-rs.nix 
···

       
63

       
 

       
      };


     

       
64

       
 

       
      source = lib.mkIf cfg.useNetworkingTimeServers (


     

       
65

       
 

       
        map (ts: {


     

       
66

       
-

       
          mode = "server";


     

       
67

       
 

       
          address = ts;


     

       
68

       
 

       
        }) config.networking.timeServers


     

       
69

       
 

       
      );


     
···

       
63

       
 

       
      };


     

       
64

       
 

       
      source = lib.mkIf cfg.useNetworkingTimeServers (


     

       
65

       
 

       
        map (ts: {


     

       
66

       
+

       
          mode = if lib.strings.hasInfix "pool" ts then "pool" else "server";


     

       
67

       
 

       
          address = ts;


     

       
68

       
 

       
        }) config.networking.timeServers


     

       
69

       
 

       
      );
+26 -4
nixos/tests/ntpd-rs.nix 
···

       
11

       
 

       
      client = {


     

       
12

       
 

       
        services.ntpd-rs = {


     

       
13

       
 

       
          enable = true;


     

       
14

       
-

       
          metrics.enable = true;


     

       
15

       
 

       
          useNetworkingTimeServers = false;


     

       
16

       
 

       
          settings = {


     

       
17

       
 

       
            source = [


     
···

       
27

       
 

       
        };


     

       
28

       
 

       
      };


     

       
29

       
 

       
      server = {


     

       
30

       
-

       
        networking.firewall.allowedUDPPorts = [ 123 ];


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
31

       
 

       
        services.ntpd-rs = {


     

       
32

       
 

       
          enable = true;


     

       
33

       
 

       
          metrics.enable = true;


     

       
34

       
 

       
          settings = {


     

       

       

       
     

       

       

       
     

       

       

       
     

       
35

       
 

       
            server = [


     

       
36

       
 

       
              { listen = "[::]:123"; }


     

       
37

       
 

       
            ];


     
···

       
48

       
 

       
        for machine in (server, client):


     

       
49

       
 

       
          machine.wait_for_unit('multi-user.target')


     

       
50

       
 

       
          machine.succeed('systemctl is-active ntpd-rs.service')


     

       
51

       
-

       
          machine.succeed('systemctl is-active ntpd-rs-metrics.service')


     

       
52

       
-

       
          machine.succeed('curl http://localhost:9975/metrics | grep ntp_uptime_seconds')


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
53

       
 

       
      '';


     

       
54

       
 

       
  }


     

       
55

       
 

       
)


     
···

       
11

       
 

       
      client = {


     

       
12

       
 

       
        services.ntpd-rs = {


     

       
13

       
 

       
          enable = true;


     

       
14

       
+

       
          metrics.enable = false;


     

       
15

       
 

       
          useNetworkingTimeServers = false;


     

       
16

       
 

       
          settings = {


     

       
17

       
 

       
            source = [


     
···

       
27

       
 

       
        };


     

       
28

       
 

       
      };


     

       
29

       
 

       
      server = {


     

       
30

       
+

       
        networking.firewall = {


     

       
31

       
+

       
          allowedTCPPorts = [


     

       
32

       
+

       
            9975


     

       
33

       
+

       
          ];


     

       
34

       
+

       
          allowedUDPPorts = [


     

       
35

       
+

       
            123


     

       
36

       
+

       
          ];


     

       
37

       
+

       
        };


     

       
38

       
+

       



     

       
39

       
 

       
        services.ntpd-rs = {


     

       
40

       
 

       
          enable = true;


     

       
41

       
 

       
          metrics.enable = true;


     

       
42

       
 

       
          settings = {


     

       
43

       
+

       
            observability = {


     

       
44

       
+

       
              metrics-exporter-listen = "[::]:9975";


     

       
45

       
+

       
            };


     

       
46

       
 

       
            server = [


     

       
47

       
 

       
              { listen = "[::]:123"; }


     

       
48

       
 

       
            ];


     
···

       
59

       
 

       
        for machine in (server, client):


     

       
60

       
 

       
          machine.wait_for_unit('multi-user.target')


     

       
61

       
 

       
          machine.succeed('systemctl is-active ntpd-rs.service')


     

       
62

       
+

       



     

       
63

       
+

       
        client.fail('systemctl is-active ntpd-rs-metrics.service')


     

       
64

       
+

       
        server.succeed('systemctl is-active ntpd-rs-metrics.service')


     

       
65

       
+

       



     

       
66

       
+

       
        server.wait_for_open_port(9975)


     

       
67

       
+

       
        client.succeed('curl http://server:9975/metrics | grep ntp_uptime_seconds')


     

       
68

       
+

       
        server.fail('curl --fail --connect-timeout 2 http://client:9975/metrics | grep ntp_uptime_seconds')


     

       
69

       
+

       



     

       
70

       
+

       
        client.succeed("ntp-ctl status | grep server:123")


     

       
71

       
+

       
        server.succeed("ntp-ctl status | grep '\[::\]:123'")


     

       
72

       
+

       



     

       
73

       
+

       
        client.succeed("grep '^mode = \"server\"' $(systemctl status ntpd-rs | grep -oE '/nix/store[^ ]*ntpd-rs.toml')")


     

       
74

       
+

       
        server.succeed("grep '^mode = \"pool\"' $(systemctl status ntpd-rs | grep -oE '/nix/store[^ ]*ntpd-rs.toml')")


     

       
75

       
 

       
      '';


     

       
76

       
 

       
  }


     

       
77

       
 

       
)