# Don't log client accesses
noclientlog
-# set the system clock else the kernel will always stay in UNSYNC state
+# Mark the system clock as synchronized
rtcsync
+
+# Record the clock's drift
+driftfile /var/run/chrony/drift
+
+# Save NTS keys and cookies
+ntsdumpdir /var/run/chrony
PROG=/usr/sbin/chronyd
CONFIGFILE=/etc/chrony/chrony.conf
INCLUDEFILE=/var/etc/chrony.d/10-uci.conf
+RTCDEVICE=/dev/rtc0
handle_source() {
- local cfg=$1 sourcetype=$2 hostname minpoll maxpoll iburst
+ local cfg=$1 sourcetype=$2 disabled hostname minpoll maxpoll iburst nts
+ config_get_bool disabled "$cfg" disabled 0
+ [ "$disabled" = "1" ] && return
hostname=$NTP_SOURCE_HOSTNAME
[ -z "$hostname" ] && config_get hostname "$cfg" hostname
[ -z "$hostname" ] && return
config_get minpoll "$cfg" minpoll
config_get maxpoll "$cfg" maxpoll
config_get_bool iburst "$cfg" iburst 0
+ config_get_bool nts "$cfg" nts 0
echo $(
echo $sourcetype $hostname
[ -n "$minpoll" ] && echo minpoll $minpoll
[ -n "$maxpoll" ] && echo maxpoll $maxpoll
[ "$iburst" = "1" ] && echo iburst
+ [ "$nts" = "1" ] && echo nts
)
}
echo makestep $threshold $limit
}
+handle_nts() {
+ local cfg=$1 threshold limit
+
+ config_get_bool rtccheck "$cfg" rtccheck 0
+ config_get_bool systemcerts "$cfg" systemcerts 1
+ config_get trustedcerts "$cfg" trustedcerts
+ # Disable certificate time checks if no RTC is present
+ [ "$rtccheck" = "1" ] && ! [ -c $RTCDEVICE ] && echo nocerttimecheck 1
+ [ "$systemcerts" = "0" ] && echo nosystemcert
+ [ -n "$trustedcerts" ] && echo ntstrustedcerts "$trustedcerts"
+}
+
start_service() {
. /lib/functions/network.sh
config_foreach handle_source peer peer
config_foreach handle_allow allow
config_foreach handle_makestep makestep
+ config_foreach handle_nts nts
) > $INCLUDEFILE
}
projects / feed / packages.git / commitdiff