X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fntp%2Ftemplates%2Fntp.conf;h=8cc742a613c5c45b012ccc7ceda5b9f8680e238c;hb=f7396dcf7cf934477bd85843c7ec9dc15cdd7012;hp=549f0234bc6a733a446505d2bda5c4ac36c75175;hpb=64ec5d92d6433b19208ca77846e1615a37771fdc;p=mirror%2Fdsa-puppet.git diff --git a/modules/ntp/templates/ntp.conf b/modules/ntp/templates/ntp.conf index 549f0234b..8cc742a61 100644 --- a/modules/ntp/templates/ntp.conf +++ b/modules/ntp/templates/ntp.conf @@ -6,39 +6,57 @@ driftfile /var/lib/ntp/ntp.drift statsdir /var/log/ntpstats/ -statistics loopstats peerstats clockstats +statistics loopstats peerstats clockstats cryptostats filegen loopstats file loopstats type day enable filegen peerstats file peerstats type day enable filegen clockstats file clockstats type day enable +filegen cryptostats file cryptostats type day enable crypto randfile /dev/urandom keysdir /etc/ntp.keys.d -<% if nodeinfo['timeserver'] -%> +<% if scope.lookupvar('site::nodeinfo')['timeserver'] -%> server 0.debian.pool.ntp.org iburst dynamic server 1.debian.pool.ntp.org iburst dynamic server 2.debian.pool.ntp.org iburst dynamic server 3.debian.pool.ntp.org iburst dynamic + +leapfile /var/lib/ntp/leap-seconds.list <% if fqdn == "orff.debian.org" -%> -server ntp.grnet.gr iburst +server ntp.grnet.gr iburst dynamic +server chronos.duth.gr iburst <% end -%> <% elsif fqdn == "ancina.debian.org" -%> server ntp.ugent.be iburst dynamic -<% elsif nodeinfo['misc']['natted'] -%> +<% elsif scope.lookupvar('site::nodeinfo')['misc']['natted'] -%> # autokey doesn't work behind nat -server merikanto.debian.org iburst -server orff.debian.org iburst -server ravel.debian.org iburst -server busoni.debian.org iburst + +# czerny's, bm-bl2's, and dijkstra's ipv4 IP, hard coded for the benefit of +# hosts that do not have RTC's (since they won't be able to do DNS until +# they have a reasonable clock). +server 82.195.75.109 iburst +server 5.153.231.242 iburst +server 206.12.19.218 iburst + +server czerny.debian.org iburst +server clementi.debian.org iburst +server bm-bl1.debian.org iburst +server bm-bl2.debian.org iburst +server dijkstra.debian.org iburst +server luchesi.debian.org iburst <% else -%> -server merikanto.debian.org iburst autokey -server orff.debian.org iburst autokey -server ravel.debian.org iburst autokey -server busoni.debian.org iburst autokey -restrict merikanto.debian.org notrust nomodify notrap ntpport -restrict orff.debian.org notrust nomodify notrap ntpport -restrict ravel.debian.org notrust nomodify notrap ntpport -restrict busoni.debian.org notrust nomodify notrap ntpport +server czerny.debian.org iburst autokey +server clementi.debian.org iburst autokey +server bm-bl1.debian.org iburst autokey +server bm-bl2.debian.org iburst autokey +server dijkstra.debian.org iburst autokey +server luchesi.debian.org iburst autokey +restrict czerny.debian.org notrust nomodify notrap ntpport +restrict clementi.debian.org notrust nomodify notrap ntpport +restrict bm-bl1.debian.org notrust nomodify notrap ntpport +restrict bm-bl2.debian.org notrust nomodify notrap ntpport +restrict dijkstra.debian.org notrust nomodify notrap ntpport +restrict luchesi.debian.org notrust nomodify notrap ntpport <% end -%> restrict -4 default kod notrap nomodify nopeer noquery