Ana Sayfa Keşfet Yardım
Giriş Yap
ffdo-infrastruktur
/
ffdo-ansible
şunun yansıması https://github.com/ffdo/ffdo-ansible.git
5
0
Çatalla 0
Dosyalar
Ağaç: a23a36e022
Dallar Biçim İmleri
ffdo-ansible
/
roles
/
ff-supernode
/
templates
/
ntp.conf.j2

ntp.conf.j2 2.4 KB
Geçmiş Ham

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 
  1. # /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
    2. 

  2. 

  3. driftfile /var/lib/ntp/ntp.drift
    4. 

  4. 

  5. 

  6. # listen on if
    7. 

  7. interface ignore wildcard
    8. 

  8. interface listen bat0
    9. 

  9. interface listen eth0
    10. 

  10. 

  11. # Enable this if you want statistics to be logged.
    12. 

  12. #statsdir /var/log/ntpstats/
    13. 

  13. 

  14. statistics loopstats peerstats clockstats
    15. 

  15. filegen loopstats file loopstats type day enable
    16. 

  16. filegen peerstats file peerstats type day enable
    17. 

  17. filegen clockstats file clockstats type day enable
    18. 

  18. 

  19. 

  20. # You do need to talk to an NTP server or two (or three).
    21. 

  21. #server ntp.your-provider.example
    22. 

  22. 

  23. # pool.ntp.org maps to about 1000 low-stratum NTP servers.  Your server will
    24. 

  24. # pick a different set every time it starts up.  Please consider joining the
    25. 

  25. # pool: <http://www.pool.ntp.org/join.html>
    26. 

  26. server 0.debian.pool.ntp.org iburst
    27. 

  27. server 1.debian.pool.ntp.org iburst
    28. 

  28. server 2.debian.pool.ntp.org iburst
    29. 

  29. server 3.debian.pool.ntp.org iburst
    30. 

  30. 

  31. 

  32. # Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
    33. 

  33. # details.  The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
    34. 

  34. # might also be helpful.
    35. 

  35. #
    36. 

  36. # Note that "restrict" applies to both servers and clients, so a configuration
    37. 

  37. # that might be intended to block requests from certain clients could also end
    38. 

  38. # up blocking replies from your own upstream servers.
    39. 

  39. 

  40. # By default, exchange time with everybody, but don't allow configuration.
    41. 

  41. # restrict -4 default kod notrap nomodify nopeer noquery
    42. 

  42. # restrict -6 default kod notrap nomodify nopeer noquery
    43. 

  43. restrict -4 default ignore
    44. 

  44. restrict -6 default ignore
    45. 

  45. 

  46. 

  47. # Local users may interrogate the ntp server more closely.
    48. 

  48. restrict 127.0.0.1
    49. 

  49. restrict ::1
    50. 

  50. 

  51. # allow from ff-do-subnets
    52. 

  52. restrict {{supernode_mesh_ipv4|ipaddr('network')}} mask {{supernode_mesh_ipv4|ipaddr('netmask')}} kod notrap nomodify nopeer noquery
    53. 

  53. restrict {{supernode_mesh_ipv6|ipaddr('network')}} mask {{supernode_mesh_ipv6|ipaddr('netmask')}} kod notrap nomodify nopeer noquery
    54. 

  54. 

  55. # Clients from this (example!) subnet have unlimited access, but only if
    56. 

  56. # cryptographically authenticated.
    57. 

  57. #restrict 192.168.123.0 mask 255.255.255.0 notrust
    58. 

  58. 

  59. 

  60. # If you want to provide time to your local subnet, change the next line.
    61. 

  61. # (Again, the address is an example only.)
    62. 

  62. #broadcast 192.168.123.255
    63. 

  63. 

  64. # If you want to listen to time broadcasts on your local subnet, de-comment the
    65. 

  65. # next lines.  Please do this only if you trust everybody on the network!
    66. 

  66. #disable auth
    67. 

  67. #broadcastclient
    68.