blob: 720577a671a03aad4063d2e199d7deb464fedcb3 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
# Set upstream servers
server mmo1.nts.netnod.se iburst nts
server mmo2.nts.netnod.se iburst nts
server time.cloudflare.com iburst nts
server time.fiberby.net iburst nts
# Specify file containing keys for NTP authentication
keyfile /etc/chrony.keys
# Dump measurement history here
dumpdir /var/lib/chrony
# Dump NTS cookies here
ntsdumpdir /var/lib/chrony
# Record the rate at which the system clock gains/losses time
driftfile /var/lib/chrony/drift
# Use /etc/adjtime
hwclockfile /etc/adjtime
# Make requests from space.labitat.dk public addresses
bindacqaddress 45.145.93.0
bindacqaddress 185.38.175.0
bindacqaddress 2a00:fbe4:1ab::
bindacqaddress 2a01:4262:1ab::
# Listen to NTP on space.labitat.dk public addresses
bindaddress 45.145.93.0
bindaddress 185.38.175.0
bindaddress 2a00:fbe4:1ab::
bindaddress 2a01:4262:1ab::
# Allow NTP access only from local network
deny all
allow 45.145.93.0/24
allow 185.38.175.0/24
allow 10.42.0.0/16
allow 2a00:fbe4:1ab::/48
allow 2a01:4262:1ab::/48
# NTS server certificate and key
ntsservercert /etc/chrony.cert
ntsserverkey /etc/chrony.key
# Allow the system clock to be stepped in the first three updates
# if its offset is larger than 1 second.
makestep 1.0 3
# Enable kernel synchronization of the real-time clock (RTC).
rtcsync
# Let the kernel handle leap seconds
leapsecmode system
# Get TAI-UTC offset and leap seconds from the system tz database
leapsectz right/UTC
# Specify directory for log files
#logdir /var/log/chrony
# Select which information is logged
#log measurements statistics tracking
|
