## NTP ## === ## ## A network time protocol implementation so that your Liminix device ## may synchronize its clock with an accurate time source, and ## optionally also provide time service to its peers. The ## implementation used in Liminix is Chrony { lib, pkgs, config, ... }: let inherit (lib) mkOption types; inherit (pkgs) liminix; serverOpts = types.listOf types.str; in { options = { system.service.ntp = mkOption { type = liminix.lib.types.serviceDefn; }; }; config = { system.service.ntp = config.system.callService ./service.nix { user = mkOption { type = types.str; default = "ntp"; }; servers = mkOption { type = types.attrsOf serverOpts; default = { }; }; pools = mkOption { type = types.attrsOf serverOpts; default = { }; }; peers = mkOption { type = types.attrsOf serverOpts; default = { }; }; makestep = mkOption { default = null; type = types.nullOr ( types.submodule { options = { threshold = mkOption { type = types.number; default = null; }; limit = mkOption { type = types.number; }; }; } ); }; allow = mkOption { description = "subnets from which NTP clients are allowed to access the server"; type = types.listOf types.str; default = [ ]; }; bindaddress = mkOption { type = types.nullOr types.str; default = null; }; binddevice = mkOption { type = types.nullOr types.str; default = null; }; dumpdir = mkOption { internal = true; type = types.path; default = "/run/chrony"; }; extraConfig = mkOption { type = types.lines; default = ""; }; }; users.ntp = { uid = 52; gid = 52; gecos = "Unprivileged NTP user"; dir = "/run/ntp"; shell = "/bin/false"; }; # groups.system.usernames = ["ntp"]; }; }