nixpkgs/nixos/modules/services/networking/openntpd.nix

{ pkgs, lib, config, options, ... }:

with lib;

let
  cfg = config.services.openntpd;

  package = pkgs.openntpd.override {
    privsepUser = "ntp";
    privsepPath = "/var/empty";
  };

  cfgFile = pkgs.writeText "openntpd.conf" ''
    ${concatStringsSep "\n" (map (s: "server ${s}") cfg.servers)}
  '';
in
{
  ###### interface

  options.services.openntpd = {
    enable = mkEnableOption "OpenNTP time synchronization server";

    servers = mkOption {
      default = config.services.ntp.servers;
      type = types.listOf types.str;
      inherit (options.services.ntp.servers) description;
    };
  };

  ###### implementation

  config = mkIf cfg.enable {
    services.ntp.enable = mkForce false;

    users.extraUsers = singleton {
      name = "ntp";
      uid = config.ids.uids.ntp;
      description = "OpenNTP daemon user";
      home = "/var/empty";
    };

    systemd.services.openntpd = {
      description = "OpenNTP Server";
      wantedBy = [ "ip-up.target" ];
      partOf = [ "ip-up.target" ];
      serviceConfig.ExecStart = "${package}/sbin/ntpd -d -f ${cfgFile}";
    };
  };
}
nixos: Add new service for OpenNTPd. This conflicts with the existing reference NTP daemon, so we're using services.ntp.enable = mkForce false here to make sure both services aren't enabled in par. I was already trying to merge the module with services.ntp, but it would have been quite a mess with a bunch of conditions on the package name. They both have a bit in common if it comes to the configuration files, but differ in handling of the state dir (for example, OpenNTPd doesn't allow it to be owned by anything other than root). Signed-off-by: aszlig <aszlig@redmoonstudios.org> 2014-09-01 13:14:00 +00:00			`{ pkgs, lib, config, options, ... }:`

			`with lib;`

			`let`
			`cfg = config.services.openntpd;`

			`package = pkgs.openntpd.override {`
			`privsepUser = "ntp";`
			`privsepPath = "/var/empty";`
			`};`

			`cfgFile = pkgs.writeText "openntpd.conf" ''`
			`${concatStringsSep "\n" (map (s: "server ${s}") cfg.servers)}`
			`'';`
			`in`
			`{`
			`###### interface`

			`options.services.openntpd = {`
			`enable = mkEnableOption "OpenNTP time synchronization server";`

			`servers = mkOption {`
			`default = config.services.ntp.servers;`
			`type = types.listOf types.str;`
			`inherit (options.services.ntp.servers) description;`
			`};`
			`};`

			`###### implementation`

			`config = mkIf cfg.enable {`
			`services.ntp.enable = mkForce false;`

			`users.extraUsers = singleton {`
			`name = "ntp";`
			`uid = config.ids.uids.ntp;`
			`description = "OpenNTP daemon user";`
			`home = "/var/empty";`
			`};`

			`systemd.services.openntpd = {`
			`description = "OpenNTP Server";`
			`wantedBy = [ "ip-up.target" ];`
			`partOf = [ "ip-up.target" ];`
			`serviceConfig.ExecStart = "${package}/sbin/ntpd -d -f ${cfgFile}";`
			`};`
			`};`
			`}`