From a39d50f8b3a21ed7f24124198f73f7a7abb47b3d Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Tue, 31 Oct 2023 14:27:42 +0000 Subject: [PATCH 1/2] ntpd-rs: 0.3.7 -> 1.1.0 --- pkgs/tools/networking/ntpd-rs/default.nix | 32 ++++++++++++++++------- 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/pkgs/tools/networking/ntpd-rs/default.nix b/pkgs/tools/networking/ntpd-rs/default.nix index 0fa44cb418c7..828110037896 100644 --- a/pkgs/tools/networking/ntpd-rs/default.nix +++ b/pkgs/tools/networking/ntpd-rs/default.nix @@ -1,39 +1,51 @@ { lib , rustPlatform , fetchFromGitHub +, installShellFiles +, pandoc }: rustPlatform.buildRustPackage rec { pname = "ntpd-rs"; - version = "0.3.7"; + version = "1.1.0"; src = fetchFromGitHub { owner = "pendulum-project"; repo = "ntpd-rs"; rev = "v${version}"; - hash = "sha256-AUCzsveG9U+KxYO/4LGmyCPkR+w9pGDA/vTzMAGiVuI="; + hash = "sha256-IoTuI0M+stZNUVpaVsf7JR7uHcamSSVDMJxJ+7n5ayA="; }; - cargoHash = "sha256-6FUVkr3uock43ZBHuMEVIZ5F8Oh8wMifh2EokMWv4hU="; + cargoHash = "sha256-iZuDNFy8c2UZUh3J11lEtfHlDFN+qPl4iZg+ps7AenE="; + + nativeBuildInputs = [ pandoc installShellFiles ]; + + postPatch = '' + substituteInPlace utils/generate-man.sh \ + --replace 'utils/pandoc.sh' 'pandoc' + ''; + + postBuild = '' + source utils/generate-man.sh + ''; + + doCheck = true; checkFlags = [ # doesn't find the testca "--skip=keyexchange::tests::key_exchange_roundtrip" - # seems flaky + # seems flaky? "--skip=algorithm::kalman::peer::tests::test_offset_steering_and_measurements" # needs networking "--skip=hwtimestamp::tests::get_hwtimestamp" ]; postInstall = '' - install -vDt $out/lib/systemd/system pkg/common/ntpd-rs.service - - for testprog in demobilize-server rate-limit-server nts-ke nts-ke-server peer-state simple-daemon; do - moveToOutput bin/$testprog "$tests" - done + install -Dm444 -t $out/lib/systemd/system docs/examples/conf/{ntpd-rs,ntpd-rs-metrics}.service + installManPage docs/precompiled/man/{ntp.toml.5,ntp-ctl.8,ntp-daemon.8,ntp-metrics-exporter.8} ''; - outputs = [ "out" "tests" ]; + outputs = [ "out" "man" ]; meta = with lib; { description = "A full-featured implementation of the Network Time Protocol"; From 9707745cf8af50adf2ef2408933be3e7ea0b1912 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Tue, 31 Oct 2023 14:28:49 +0000 Subject: [PATCH 2/2] nixos/ntpd-rs: init --- nixos/modules/module-list.nix | 1 + nixos/modules/services/networking/dhcpcd.nix | 2 +- .../services/networking/ntp/ntpd-rs.nix | 89 +++++++++++++++++++ nixos/tests/all-tests.nix | 1 + nixos/tests/ntpd-rs.nix | 49 ++++++++++ 5 files changed, 141 insertions(+), 1 deletion(-) create mode 100644 nixos/modules/services/networking/ntp/ntpd-rs.nix create mode 100644 nixos/tests/ntpd-rs.nix diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 4e3ce4d08896..e6fffd4716de 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -1044,6 +1044,7 @@ ./services/networking/ntopng.nix ./services/networking/ntp/chrony.nix ./services/networking/ntp/ntpd.nix + ./services/networking/ntp/ntpd-rs.nix ./services/networking/ntp/openntpd.nix ./services/networking/nullidentdmod.nix ./services/networking/nylon.nix diff --git a/nixos/modules/services/networking/dhcpcd.nix b/nixos/modules/services/networking/dhcpcd.nix index 8b6d3fc55f3e..2b59352ac616 100644 --- a/nixos/modules/services/networking/dhcpcd.nix +++ b/nixos/modules/services/networking/dhcpcd.nix @@ -98,7 +98,7 @@ let # anything ever again ("couldn't resolve ..., giving up on # it"), so we silently lose time synchronisation. This also # applies to openntpd. - /run/current-system/systemd/bin/systemctl try-reload-or-restart ntpd.service openntpd.service chronyd.service || true + /run/current-system/systemd/bin/systemctl try-reload-or-restart ntpd.service openntpd.service chronyd.service ntpd-rs.service || true fi ${cfg.runHook} diff --git a/nixos/modules/services/networking/ntp/ntpd-rs.nix b/nixos/modules/services/networking/ntp/ntpd-rs.nix new file mode 100644 index 000000000000..a10b570f30bc --- /dev/null +++ b/nixos/modules/services/networking/ntp/ntpd-rs.nix @@ -0,0 +1,89 @@ +{ lib, config, pkgs, ... }: + +let + cfg = config.services.ntpd-rs; + format = pkgs.formats.toml { }; + configFile = format.generate "ntpd-rs.toml" cfg.settings; +in +{ + options.services.ntpd-rs = { + enable = lib.mkEnableOption "Network Time Service (ntpd-rs)"; + metrics.enable = lib.mkEnableOption "ntpd-rs Prometheus Metrics Exporter"; + + package = lib.mkPackageOption pkgs "ntpd-rs" { }; + + useNetworkingTimeServers = lib.mkOption { + type = lib.types.bool; + default = true; + description = lib.mdDoc '' + Use source time servers from {var}`networking.timeServers` in config. + ''; + }; + + settings = lib.mkOption { + type = lib.types.submodule { + freeformType = format.type; + }; + default = { }; + description = lib.mdDoc '' + Settings to write to {file}`ntp.toml` + + See + for more information about available options. + ''; + }; + }; + + config = lib.mkIf cfg.enable { + assertions = [ + { + assertion = !config.services.timesyncd.enable; + message = '' + `ntpd-rs` is not compatible with `services.timesyncd`. Please disable one of them. + ''; + } + ]; + + environment.systemPackages = [ cfg.package ]; + systemd.packages = [ cfg.package ]; + + services.timesyncd.enable = false; + systemd.services.systemd-timedated.environment = { + SYSTEMD_TIMEDATED_NTP_SERVICES = "ntpd-rs.service"; + }; + + services.ntpd-rs.settings = { + observability = { + observation-path = lib.mkDefault "/var/run/ntpd-rs/observe"; + }; + source = lib.mkIf cfg.useNetworkingTimeServers (map + (ts: { + mode = "server"; + address = ts; + }) + config.networking.timeServers); + }; + + systemd.services.ntpd-rs = { + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = ""; + Group = ""; + DynamicUser = true; + ExecStart = [ "" "${lib.makeBinPath [ cfg.package ]}/ntp-daemon --config=${configFile}" ]; + }; + }; + + systemd.services.ntp-rs-metrics = lib.mkIf cfg.metrics.enable { + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = ""; + Group = ""; + DynamicUser = true; + ExecStart = [ "" "${lib.makeBinPath [ cfg.package ]}/bin/ntp-metrics-exporter --config=${configFile}" ]; + }; + }; + }; + + meta.maintainers = with lib.maintainers; [ fpletz ]; +} diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 33f13c3d1181..98e3ca880141 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -620,6 +620,7 @@ in { nsd = handleTest ./nsd.nix {}; ntfy-sh = handleTest ./ntfy-sh.nix {}; ntfy-sh-migration = handleTest ./ntfy-sh-migration.nix {}; + ntpd-rs = handleTest ./ntpd-rs.nix {}; nzbget = handleTest ./nzbget.nix {}; nzbhydra2 = handleTest ./nzbhydra2.nix {}; oh-my-zsh = handleTest ./oh-my-zsh.nix {}; diff --git a/nixos/tests/ntpd-rs.nix b/nixos/tests/ntpd-rs.nix new file mode 100644 index 000000000000..2901be523520 --- /dev/null +++ b/nixos/tests/ntpd-rs.nix @@ -0,0 +1,49 @@ +import ./make-test-python.nix ({ lib, ... }: +{ + name = "ntpd-rs"; + + meta = { + maintainers = with lib.maintainers; [ fpletz ]; + }; + + nodes = { + client = { + services.ntpd-rs = { + enable = true; + metrics.enable = true; + useNetworkingTimeServers = false; + settings = { + source = [ + { + mode = "server"; + address = "server"; + } + ]; + synchronization = { + minimum-agreeing-sources = 1; + }; + }; + }; + }; + server = { + networking.firewall.allowedUDPPorts = [ 123 ]; + services.ntpd-rs = { + enable = true; + metrics.enable = true; + settings = { + server = [ + { listen = "[::]:123"; } + ]; + }; + }; + }; + }; + + testScript = { nodes, ... }: '' + start_all() + server.wait_for_unit('multi-user.target') + client.wait_for_unit('multi-user.target') + server.succeed('systemctl is-active ntpd-rs.service') + client.succeed('systemctl is-active ntpd-rs.service') + ''; +})