valitydev/salt-common
14
0
Fork 0
mirror of https://github.com/valitydev/salt-common.git synced 2024-11-07 02:45:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
6139b6dead
salt-common/sls/chrony/chrony.conf.tpl
Antsiferov Grigory d07c5e425a Update chrony.conf.tpl;
2017-08-02 20:57:51 +03:00

77 lines
2.4 KiB
Smarty
Raw Blame History

{% set conf = salt['pillar.get']('chrony:conf', {}) -%}
# Managed by Salt
driftfile /var/lib/chrony/drift
keyfile /etc/chrony/chrony.keys
pidfile /run/chronyd.pid
dumpdir /var/lib/chrony
dumponexit
{% for h,c in conf.get('server', {'ntp.bakka.su': 'iburst'}).items() %}
server {{ h }} {{ c }}
{% endfor %}
{% for h,c in conf.get('peer', {}).items() %}
peer {{ h }} {{ c }}
{% endfor %}
{% for h,c in conf.get('pool', {}).items() %}
pool {{ h }} {{ c }}
{% endfor %}
maxupdateskew {{ conf.get('maxupdateskew', 100) }}
# This option is useful to quickly correct the clock on start if it's
# off by a large amount. The value '10' means that if the error is less
# than 10 seconds, it will be gradually removed by speeding up or
# slowing down your computer's clock until it is correct. If the error
# is above 10 seconds, an immediate time jump will be applied to correct
# it. The value '1' means the step is allowed only on the first update
# of the clock. Some software can get upset if the system clock jumps
# (especially backwards), so be careful!
makestep {{ conf.get('makestep', '30 5') }}
logchange {{ conf.get('logchange', 1) }}
{% if 'log' in conf %}
logdir /var/log/chrony
log {{ conf['log'] }}
{% endif %}
{% for net in conf.get('allow', ['::1']) %}
allow {{ net }}
{% endfor %}
{% for net in conf.get('deny', []) %}
deny {{ net }}
{% endfor %}
clientloglimit {{ conf.get('clientloglimit', 4194304) }}
# Perhaps you want to know if chronyd suddenly detects any large error
# in your computer's clock. This might indicate a fault or a problem
# with the server(s) you are using, for example.
#
# The next option causes a message to be written to syslog when chronyd
# has to correct an error above 0.5 seconds (you can use any amount you
# like).
bindcmdaddress {{ conf.get('bindcmdaddress', '::1') }}
# Normally, chronyd will only allow connections from chronyc on the same
# machine as itself. This is for security. If you have a subnet
# 192.168.*.* and you want to be able to use chronyc from any machine on
# it, you could uncomment the following line. (Edit this to your own
# situation.)
{% for net in conf.get('cmdallow', ['::1/128']) %}
cmdallow {{ net }}
{% endfor %}
{% for net in conf.get('cmddeny', []) %}
cmddeny {{ net }}
{% endfor %}
rtcfile {{ conf.get('rtcfile', '/var/lib/chrony/rtc') }}
rtconutc
{% if 'rtcdevice' in conf %}rtcdevice {{ conf['rtcdevice'] }}{% endif %}
sched_priority {{ conf.get('sched_priority', 1) }}
lock_all
Reference in New Issue View Git Blame Copy Permalink