nixos: Add new service for OpenNTPd.

This conflicts with the existing reference NTP daemon, so we're using
services.ntp.enable = mkForce false here to make sure both services
aren't enabled in par.

I was already trying to merge the module with services.ntp, but it would
have been quite a mess with a bunch of conditions on the package name.
They both have a bit in common if it comes to the configuration files,
but differ in handling of the state dir (for example, OpenNTPd doesn't
allow it to be owned by anything other than root).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This commit is contained in:
aszlig 2014-09-01 15:14:00 +02:00
parent 3fbb9f0502
commit 29f4642284
No known key found for this signature in database
GPG Key ID: D0EBD0EC8C2DC961
2 changed files with 50 additions and 0 deletions

View File

@ -231,6 +231,7 @@
./services/networking/ntpd.nix ./services/networking/ntpd.nix
./services/networking/oidentd.nix ./services/networking/oidentd.nix
./services/networking/openfire.nix ./services/networking/openfire.nix
./services/networking/openntpd.nix
./services/networking/openvpn.nix ./services/networking/openvpn.nix
./services/networking/polipo.nix ./services/networking/polipo.nix
./services/networking/prayer.nix ./services/networking/prayer.nix

View File

@ -0,0 +1,49 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
cfg = config.services.openntpd;
package = pkgs.openntpd.override {
privsepUser = "ntp";
privsepPath = "/var/empty";
};
cfgFile = pkgs.writeText "openntpd.conf" ''
${concatStringsSep "\n" (map (s: "server ${s}") cfg.servers)}
'';
in
{
###### interface
options.services.openntpd = {
enable = mkEnableOption "OpenNTP time synchronization server";
servers = mkOption {
default = config.services.ntp.servers;
type = types.listOf types.str;
inherit (options.services.ntp.servers) description;
};
};
###### implementation
config = mkIf cfg.enable {
services.ntp.enable = mkForce false;
users.extraUsers = singleton {
name = "ntp";
uid = config.ids.uids.ntp;
description = "OpenNTP daemon user";
home = "/var/empty";
};
systemd.services.openntpd = {
description = "OpenNTP Server";
wantedBy = [ "ip-up.target" ];
partOf = [ "ip-up.target" ];
serviceConfig.ExecStart = "${package}/sbin/ntpd -d -f ${cfgFile}";
};
};
}