Vendor the external cookbooks
Knife-Zero doesn't include Berkshelf support, so vendoring everything in the repo is convenient again
This commit is contained in:
Greg Karékinian
102
cookbooks/ntp/templates/default/ntp.conf.erb
Normal file
102
cookbooks/ntp/templates/default/ntp.conf.erb
Normal file
@@ -0,0 +1,102 @@
|
||||
# Auto-generated by Chef.
|
||||
# Local modifications will be overwritten.
|
||||
#
|
||||
<%# Windows OHAI does not support determining if a host is a guest %>
|
||||
<% unless node['platform'] == 'windows' -%>
|
||||
<%-%>tinker <%= node['ntp']['tinker'].flatten.join(' ') %>
|
||||
<%-%>statsdir <%= node['ntp']['statsdir'] %>
|
||||
<% if @ntpd_supports_native_leapfiles -%>
|
||||
<%-%>leapfile <%= node['ntp']['leapfile'] %>
|
||||
<% end -%>
|
||||
<% end -%>
|
||||
driftfile <%= node['ntp']['driftfile'] %>
|
||||
<% if node['ntp']['logfile'] -%>
|
||||
<%-%>logfile <%= node['ntp']['logfile'] %>
|
||||
<% end -%>
|
||||
|
||||
<%# Enable logs only if statistics option is defined %>
|
||||
<% if node['ntp']['statistics'] -%>
|
||||
<%-%>statistics loopstats peerstats clockstats
|
||||
<%-%>filegen loopstats file loopstats type day enable
|
||||
<%-%>filegen peerstats file peerstats type day enable
|
||||
<%-%>filegen clockstats file clockstats type day enable
|
||||
<% end -%>
|
||||
|
||||
<%# If the ignore attribute is set on the node, then apply it %>
|
||||
<% unless node['ntp']['ignore'].nil? -%>
|
||||
<% Array(node['ntp']['ignore']).each do |ignore| -%>
|
||||
interface ignore <%= ignore %>
|
||||
<% end -%>
|
||||
<% end -%>
|
||||
|
||||
<%# If the listen attribute is set on the node, then apply it %>
|
||||
<% unless node['ntp']['listen'].nil? -%>
|
||||
<% Array(node['ntp']['listen']).each do |listen| -%>
|
||||
interface listen <%= listen %>
|
||||
<% end -%>
|
||||
<%# The service must always listen on localhost %>
|
||||
<% unless Array(node['ntp']['listen']).include? '127.0.0.1' -%>
|
||||
interface listen 127.0.0.1
|
||||
<% end -%>
|
||||
<% end -%>
|
||||
|
||||
<% if node['ntp']['monitor'] -%>
|
||||
enable monitor
|
||||
<% else -%>
|
||||
disable monitor
|
||||
<% end -%>
|
||||
|
||||
<%# If ntp.peers is not empty %>
|
||||
<% unless node['ntp']['peers'].empty? -%>
|
||||
<% node['ntp']['peers'].sort.each do |ntppeer| -%>
|
||||
<%# Don't peer with ourself %>
|
||||
<% if node['ipaddress'] != ntppeer && node['fqdn'] != ntppeer -%>
|
||||
<% -%>peer <%= ntppeer %><% if key = node['ntp']['peer']['key'] -%> key <%= key %><% end -%><% if node['ntp']['peer']['use_iburst'] -%> iburst<% end -%><% if node['ntp']['peer']['use_burst'] -%> burst<% end -%> minpoll <%= node['ntp']['peer']['minpoll'] %> maxpoll <%= node['ntp']['peer']['maxpoll'] %>
|
||||
<% -%>restrict <%= ntppeer %> nomodify
|
||||
<% end -%>
|
||||
<% end -%>
|
||||
<% end -%>
|
||||
|
||||
<%# Whether this is a client or server, we want upstream servers. %>
|
||||
<%# We should guard the servers array against deep merge. %>
|
||||
<%# This should keep authoritative local servers from being included twice. %>
|
||||
<% ( node['ntp']['servers'] - node['ntp']['peers'] ).sort.each do |ntpserver| -%>
|
||||
<%# Loop through defined servers, but don't try to upstream ourself %>
|
||||
<% if node['ipaddress'] != ntpserver and node['fqdn'] != ntpserver -%>
|
||||
<% -%>server <%= ntpserver %><% if node['ntp']['server']['use_iburst'] -%> iburst<% end -%><% if node['ntp']['server']['use_burst'] -%> burst<% end -%> minpoll <%= node['ntp']['server']['minpoll'] %> maxpoll <%= node['ntp']['server']['maxpoll'] %><% if node['ntp']['server']['prefer'] == ntpserver -%> prefer<% end -%>
|
||||
<% -%>restrict <%= ntpserver %> nomodify notrap noquery
|
||||
<% end -%>
|
||||
<% end -%>
|
||||
|
||||
restrict default <%= node['ntp']['restrict_default'] %>
|
||||
restrict 127.0.0.1<%if node['ntp']['localhost']['noquery'] -%> noquery<% end -%>
|
||||
restrict -6 default <%= node['ntp']['restrict_default'] %>
|
||||
restrict -6 ::1<%if node['ntp']['localhost']['noquery'] -%> noquery<% end -%>
|
||||
|
||||
<%# If this is a server with additional LAN restriction lines, put them here %>
|
||||
<% unless node['ntp']['restrictions'].empty? -%>
|
||||
<% node['ntp']['restrictions'].each do |restriction| -%>
|
||||
<% -%>restrict <%= restriction %>
|
||||
<% end -%>
|
||||
<% end -%>
|
||||
|
||||
<%# It is best practice to use a high stratum undisciplined clock, if you have a real CMOS clock %>
|
||||
<%# Except cases where you have a low stratum server, or a virtualized system without a real CMOS clock %>
|
||||
<% if node['ntp']['use_cmos'] -%>
|
||||
<% -%>server 127.127.1.0 # local clock
|
||||
<% -%>fudge 127.127.1.0 stratum 10
|
||||
<% end -%>
|
||||
|
||||
<% if node['ntp']['orphan']['enabled'] -%>
|
||||
tos orphan <%= node['ntp']['orphan']['stratum'] %>
|
||||
<% end -%>
|
||||
|
||||
<% if node['ntp']['keys'] -%>
|
||||
keys <%= node['ntp']['keys'] %>
|
||||
<% end -%>
|
||||
<% if node['ntp']['trustedkey'] -%>
|
||||
trustedkey <%= node['ntp']['trustedkey'] %>
|
||||
<% end -%>
|
||||
<% if node['ntp']['requestkey'] -%>
|
||||
requestkey <%= node['ntp']['requestkey'] %>
|
||||
<% end -%>
|
||||
Reference in New Issue
Block a user