liminix/modules/ntp/default.nix

## NTP
## ===
##
## A network time protocol implementation so that your Liminix device
## may synchronize its clock with an accurate time source, and
## optionally also provide time service to its peers. The
## implementation used in Liminix is Chrony

{
  lib,
  pkgs,
  config,
  ...
}:
let
  inherit (lib) mkOption types;
  inherit (pkgs) liminix;
  serverOpts = types.listOf types.str;
in
{
  options = {
    system.service.ntp = mkOption {
      type = liminix.lib.types.serviceDefn;
    };
  };
  config = {
    system.service.ntp = config.system.callService ./service.nix {
      user = mkOption {
        type = types.str;
        default = "ntp";
      };
      servers = mkOption {
        type = types.attrsOf serverOpts;
        default = { };
      };
      pools = mkOption {
        type = types.attrsOf serverOpts;
        default = { };
      };
      peers = mkOption {
        type = types.attrsOf serverOpts;
        default = { };
      };
      makestep = mkOption {
        default = null;
        type = types.nullOr (
          types.submodule {
            options = {
              threshold = mkOption {
                type = types.number;
                default = null;
              };
              limit = mkOption { type = types.number; };
            };
          }
        );
      };
      allow = mkOption {
        description = "subnets from which NTP clients are allowed to access the server";
        type = types.listOf types.str;
        default = [ ];
      };
      bindaddress = mkOption {
        type = types.nullOr types.str;
        default = null;
      };
      binddevice = mkOption {
        type = types.nullOr types.str;
        default = null;
      };
      dumpdir = mkOption {
        internal = true;
        type = types.path;
        default = "/run/chrony";
      };
      extraConfig = mkOption {
        type = types.lines;
        default = "";
      };
    };
    users.ntp = {
      uid = 52;
      gid = 52;
      gecos = "Unprivileged NTP user";
      dir = "/run/ntp";
      shell = "/bin/false";
    };
    # groups.system.usernames = ["ntp"];
  };
}
add preamble text to each service-providing-module 2023-08-07 22:03:49 +00:00			`## NTP`
			`## ===`
			`##`
			`## A network time protocol implementation so that your Liminix device`
			`## may synchronize its clock with an accurate time source, and`
			`## optionally also provide time service to its peers. The`
			`## implementation used in Liminix is Chrony`

nixfmt-rfc-style There is nothing in this commit except for the changes made by nix-shell -p nixfmt-rfc-style --run "nixfmt ." If this has mucked up your open branches then sorry about that. You can probably nixfmt them to match before merging 2025-02-10 21:55:08 +00:00			`{`
			`lib,`
			`pkgs,`
			`config,`
			`...`
			`}:`
add first version of ntp module 2023-07-22 22:22:45 +00:00			`let`
			`inherit (lib) mkOption types;`
convert ntp to serviceDefn 2023-08-05 13:16:54 +00:00			`inherit (pkgs) liminix;`
			`serverOpts = types.listOf types.str;`
nixfmt-rfc-style There is nothing in this commit except for the changes made by nix-shell -p nixfmt-rfc-style --run "nixfmt ." If this has mucked up your open branches then sorry about that. You can probably nixfmt them to match before merging 2025-02-10 21:55:08 +00:00			`in`
			`{`
add first version of ntp module 2023-07-22 22:22:45 +00:00			`options = {`
			`system.service.ntp = mkOption {`
convert ntp to serviceDefn 2023-08-05 13:16:54 +00:00			`type = liminix.lib.types.serviceDefn;`
add first version of ntp module 2023-07-22 22:22:45 +00:00			`};`
			`};`
			`config = {`
finish moving pkgs.linimix.callService to config.system 2024-07-15 18:00:08 +00:00			`system.service.ntp = config.system.callService ./service.nix {`
convert ntp to serviceDefn 2023-08-05 13:16:54 +00:00			`user = mkOption {`
			`type = types.str;`
			`default = "ntp";`
			`};`
nixfmt-rfc-style There is nothing in this commit except for the changes made by nix-shell -p nixfmt-rfc-style --run "nixfmt ." If this has mucked up your open branches then sorry about that. You can probably nixfmt them to match before merging 2025-02-10 21:55:08 +00:00			`servers = mkOption {`
			`type = types.attrsOf serverOpts;`
			`default = { };`
			`};`
			`pools = mkOption {`
			`type = types.attrsOf serverOpts;`
			`default = { };`
			`};`
			`peers = mkOption {`
			`type = types.attrsOf serverOpts;`
			`default = { };`
			`};`
convert ntp to serviceDefn 2023-08-05 13:16:54 +00:00			`makestep = mkOption {`
			`default = null;`
nixfmt-rfc-style There is nothing in this commit except for the changes made by nix-shell -p nixfmt-rfc-style --run "nixfmt ." If this has mucked up your open branches then sorry about that. You can probably nixfmt them to match before merging 2025-02-10 21:55:08 +00:00			`type = types.nullOr (`
			`types.submodule {`
convert ntp to serviceDefn 2023-08-05 13:16:54 +00:00			`options = {`
nixfmt-rfc-style There is nothing in this commit except for the changes made by nix-shell -p nixfmt-rfc-style --run "nixfmt ." If this has mucked up your open branches then sorry about that. You can probably nixfmt them to match before merging 2025-02-10 21:55:08 +00:00			`threshold = mkOption {`
			`type = types.number;`
			`default = null;`
			`};`
convert ntp to serviceDefn 2023-08-05 13:16:54 +00:00			`limit = mkOption { type = types.number; };`
			`};`
nixfmt-rfc-style There is nothing in this commit except for the changes made by nix-shell -p nixfmt-rfc-style --run "nixfmt ." If this has mucked up your open branches then sorry about that. You can probably nixfmt them to match before merging 2025-02-10 21:55:08 +00:00			`}`
			`);`
convert ntp to serviceDefn 2023-08-05 13:16:54 +00:00			`};`
			`allow = mkOption {`
			`description = "subnets from which NTP clients are allowed to access the server";`
			`type = types.listOf types.str;`
nixfmt-rfc-style There is nothing in this commit except for the changes made by nix-shell -p nixfmt-rfc-style --run "nixfmt ." If this has mucked up your open branches then sorry about that. You can probably nixfmt them to match before merging 2025-02-10 21:55:08 +00:00			`default = [ ];`
convert ntp to serviceDefn 2023-08-05 13:16:54 +00:00			`};`
			`bindaddress = mkOption {`
			`type = types.nullOr types.str;`
			`default = null;`
			`};`
			`binddevice = mkOption {`
			`type = types.nullOr types.str;`
			`default = null;`
			`};`
			`dumpdir = mkOption {`
			`internal = true;`
			`type = types.path;`
			`default = "/run/chrony";`
			`};`
			`extraConfig = mkOption {`
			`type = types.lines;`
			`default = "";`
			`};`
			`};`
add first version of ntp module 2023-07-22 22:22:45 +00:00			`users.ntp = {`
nixfmt-rfc-style There is nothing in this commit except for the changes made by nix-shell -p nixfmt-rfc-style --run "nixfmt ." If this has mucked up your open branches then sorry about that. You can probably nixfmt them to match before merging 2025-02-10 21:55:08 +00:00			`uid = 52;`
			`gid = 52;`
			`gecos = "Unprivileged NTP user";`
add first version of ntp module 2023-07-22 22:22:45 +00:00			`dir = "/run/ntp";`
			`shell = "/bin/false";`
			`};`
			`# groups.system.usernames = ["ntp"];`
			`};`
			`}`