Knife-Zero doesn't include Berkshelf support, so vendoring everything in the repo is convenient again
		
			
				
	
	
		
			131 lines
		
	
	
		
			5.1 KiB
		
	
	
	
		
			Ruby
		
	
	
	
	
	
			
		
		
	
	
			131 lines
		
	
	
		
			5.1 KiB
		
	
	
	
		
			Ruby
		
	
	
	
	
	
| #
 | |
| # Cookbook:: ntp
 | |
| # Attributes:: default
 | |
| #
 | |
| # Author:: Joshua Timberman (<joshua@chef.io>)
 | |
| # Author:: Tim Smith (<tsmith@chef.io>)
 | |
| # Author:: Charles Johnson (<charles@chef.io>)
 | |
| #
 | |
| # Copyright:: 2009-2017, Chef Software, Inc.
 | |
| #
 | |
| # Licensed under the Apache License, Version 2.0 (the "License");
 | |
| # you may not use this file except in compliance with the License.
 | |
| # You may obtain a copy of the License at
 | |
| #
 | |
| #     http://www.apache.org/licenses/LICENSE-2.0
 | |
| #
 | |
| # Unless required by applicable law or agreed to in writing, software
 | |
| # distributed under the License is distributed on an "AS IS" BASIS,
 | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 | |
| # See the License for the specific language governing permissions and
 | |
| # limitations under the License.
 | |
| #
 | |
| 
 | |
| # default attributes for all platforms
 | |
| default['ntp']['servers'] = [] # The default recipe sets a list of common NTP servers (COOK-1170)
 | |
| default['ntp']['peers'] = []
 | |
| default['ntp']['restrictions'] = []
 | |
| default['ntp']['tinker'] = { 'panic' => 0 }
 | |
| 
 | |
| # set `restrict default` for IPv4 and IPv6
 | |
| default['ntp']['restrict_default'] = 'kod notrap nomodify nopeer noquery'
 | |
| 
 | |
| # internal attributes
 | |
| default['ntp']['packages'] = %w(ntp)
 | |
| default['ntp']['service'] = 'ntpd'
 | |
| default['ntp']['varlibdir'] = '/var/lib/ntp'
 | |
| default['ntp']['driftfile'] = "#{node['ntp']['varlibdir']}/ntp.drift"
 | |
| default['ntp']['logfile'] = nil
 | |
| default['ntp']['conffile'] = '/etc/ntp.conf'
 | |
| default['ntp']['statsdir'] = '/var/log/ntpstats/'
 | |
| default['ntp']['conf_owner'] = 'root'
 | |
| default['ntp']['conf_group'] = 'root'
 | |
| default['ntp']['var_owner'] = 'ntp'
 | |
| default['ntp']['var_group'] = 'ntp'
 | |
| default['ntp']['leapfile'] = '/etc/ntp.leapseconds'
 | |
| default['ntp']['sync_clock'] = false
 | |
| default['ntp']['sync_hw_clock'] = false
 | |
| default['ntp']['listen'] = nil
 | |
| default['ntp']['listen_network'] = nil
 | |
| default['ntp']['ignore'] = nil
 | |
| default['ntp']['apparmor_enabled'] = false
 | |
| default['ntp']['monitor'] = false
 | |
| default['ntp']['statistics'] = true
 | |
| default['ntp']['conf_restart_immediate'] = false
 | |
| default['ntp']['keys'] = nil
 | |
| default['ntp']['trustedkey'] = nil
 | |
| default['ntp']['requestkey'] = nil
 | |
| 
 | |
| # See http://www.vmware.com/vmtn/resources/238 p. 23 for explanation
 | |
| default['ntp']['disable_tinker_panic_on_virtualization_guest'] = true
 | |
| 
 | |
| default['ntp']['peer']['key'] = nil
 | |
| default['ntp']['peer']['use_iburst'] = true
 | |
| default['ntp']['peer']['use_burst'] = false
 | |
| default['ntp']['peer']['minpoll'] = 6
 | |
| default['ntp']['peer']['maxpoll'] = 10
 | |
| 
 | |
| default['ntp']['server']['prefer'] = ''
 | |
| default['ntp']['server']['use_iburst'] = true
 | |
| default['ntp']['server']['use_burst'] = false
 | |
| default['ntp']['server']['minpoll'] = 6
 | |
| default['ntp']['server']['maxpoll'] = 10
 | |
| 
 | |
| default['ntp']['tinker']['allan'] = 1500
 | |
| default['ntp']['tinker']['dispersion'] = 15
 | |
| default['ntp']['tinker']['panic'] = 1000
 | |
| default['ntp']['tinker']['step'] = 0.128
 | |
| default['ntp']['tinker']['stepout'] = 900
 | |
| 
 | |
| default['ntp']['orphan']['enabled'] = false
 | |
| default['ntp']['orphan']['stratum'] = 5 # ntp recommends 2 more than the worst-case externally-reachable source of time
 | |
| 
 | |
| # Set to true if using ntp < 4.2.8 or any unpatched ntp version to mitigate CVE-2014-9293 / CVE-2014-9294 / CVE-2014-9295
 | |
| default['ntp']['localhost']['noquery'] = false
 | |
| 
 | |
| # overrides on a platform-by-platform basis
 | |
| case node['platform_family']
 | |
| when 'debian'
 | |
|   default['ntp']['service'] = 'ntp'
 | |
|   default['ntp']['apparmor_enabled'] = true if File.exist? '/etc/init.d/apparmor'
 | |
| when 'rhel', 'fedora'
 | |
|   default['ntp']['packages'] = %w(ntp ntpdate) if node['platform_version'].to_i >= 7
 | |
| when 'windows'
 | |
|   default['ntp']['service'] = 'NTP'
 | |
|   default['ntp']['driftfile'] = 'C:\\NTP\\ntp.drift'
 | |
|   default['ntp']['conffile'] = 'C:\\NTP\\etc\\ntp.conf'
 | |
|   default['ntp']['conf_owner'] = 'Administrators'
 | |
|   default['ntp']['conf_group'] = 'Administrators'
 | |
|   default['ntp']['package_url'] = 'https://www.meinbergglobal.com/download/ntp/windows/ntp-4.2.8p5-win32-setup.exe'
 | |
|   default['ntp']['statistics'] = false
 | |
| when 'freebsd'
 | |
|   default['ntp']['varlibdir'] = '/var/db'
 | |
|   default['ntp']['driftfile'] = "#{node['ntp']['varlibdir']}/ntpd.drift"
 | |
|   default['ntp']['statsdir'] = "#{node['ntp']['varlibdir']}/ntpstats"
 | |
|   default['ntp']['conf_group'] = 'wheel'
 | |
|   default['ntp']['var_owner'] = 'root'
 | |
|   default['ntp']['var_group'] = 'wheel'
 | |
| when 'gentoo'
 | |
|   default['ntp']['leapfile'] = "#{node['ntp']['varlibdir']}/ntp.leapseconds"
 | |
| when 'solaris2'
 | |
|   default['ntp']['service'] = 'ntp'
 | |
|   default['ntp']['varlibdir'] = '/var/ntp'
 | |
|   default['ntp']['conffile'] = '/etc/inet/ntp.conf'
 | |
|   default['ntp']['statsdir'] = "#{node['ntp']['varlibdir']}/ntpstats/"
 | |
|   default['ntp']['conf_owner'] = 'root'
 | |
|   default['ntp']['conf_group'] = 'root'
 | |
|   default['ntp']['var_owner'] = 'root'
 | |
|   default['ntp']['var_group'] = 'sys'
 | |
|   default['ntp']['leapfile'] = '/etc/inet/ntp.leap'
 | |
| when 'pld'
 | |
|   default['ntp']['packages'] = %w(ntpd)
 | |
|   default['ntp']['conffile'] = '/etc/ntp/ntp.conf'
 | |
|   default['ntp']['leapfile'] = '/etc/ntp/ntp.leapseconds'
 | |
|   default['ntp']['driftfile'] = "#{node['ntp']['varlibdir']}/drift"
 | |
|   default['ntp']['var_owner'] = 'root'
 | |
| end
 | |
| 
 | |
| unless node['platform'] == 'windows'
 | |
|   default['ntp']['use_cmos'] = !node['virtualization'] || node['virtualization']['role'] != 'guest' ? true : false
 | |
| end
 |