fatalerrors/init.sh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

updated ntp.conf to modern ntpsec serveur

Browse Source
This commit is contained in:
fatalerrors
2025-09-19 13:10:47 +02:00
parent 9144f48000
commit 10e2150353
2 changed files with 62 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
repo/hosts/cagua/ntp.conf
View File

@@ -1,64 +1,48 @@
*# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help # /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
# State files
driftfile /var/lib/ntp/ntp.drift driftfile /var/lib/ntp/ntp.drift
leapfile /usr/share/zoneinfo/leap-seconds.list
# Enable this if you want statistics to be logged. # Statistics
#statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats statistics loopstats peerstats clockstats sysstats
filegen loopstats file loopstats type day enable filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable filegen clockstats file clockstats type day enable
filegen sysstats file sysstats type day enable
# Interfaces to listen on:
interface listen 192.168.1.0/24
interface listen 10.250.42.0/24
interface listen 10.42.250.0/16
interface ignore wildcard
# You do need to talk to an NTP server or two (or three). # NTP sources
#server ntp.your-provider.example # Our other NTP server, to have consistant REFID
server didicas prefer iburst
# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will server ntp.laas.fr iburst
# pick a different set every time it starts up. Please consider joining the server ntp.sophia.cnrs.fr iburst
# pool: <http://www.pool.ntp.org/join.html> server ntp2.emn.fr iburst
server ntp.laas.fr iburst server delphi.phys.univ-tours.fr iburst
server ntp.sophia.cnrs.fr iburst server ntp.crashdump.fr iburst
server ntp2.emn.fr iburst server ntp.ilianum.com iburst
server delphi.phys.univ-tours.fr iburst server ntp.unice.fr iburst
server ntp.crashdump.fr iburst server ntp.accelance.net iburst
server ntp.ilianum.com iburst server ntp.deuza.net iburst
server ntp.unice.fr iburst server ntp1.jussieu.fr iburst
server ntp.accelance.net iburst server time.resolvlab.com iburst
server ntp.deuza.net iburst
server ntp1.jussieu.fr iburst
server time.resolvlab.com iburst
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for # Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions> # details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful. # might also be helpful.
# #
# Note that "restrict" applies to both servers and clients, so a configuration restrict default limited nomodify notrap nopeer noquery
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited
# Local users may interrogate the ntp server more closely.
restrict 192.168.1.0/24
restrict 127.0.0.1
restrict ::1
# Needed for adding pool entries
restrict source notrap nomodify noquery restrict source notrap nomodify noquery
# Clients from this (example!) subnet have unlimited access, but only if restrict 192.168.1.0/24
# cryptographically authenticated. restrict 10.250.42.0/24
restrict 192.168.0.0 mask 255.255.0.0 trust restrict 10.42.250.0/16
restrict 127.0.0.1
restrict ::1
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
broadcast 192.168.1.255
# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines. Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient

78
repo/hosts/didicas/ntp.conf
View File

@@ -1,64 +1,48 @@
*# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help # /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
# State files
driftfile /var/lib/ntp/ntp.drift driftfile /var/lib/ntp/ntp.drift
leapfile /usr/share/zoneinfo/leap-seconds.list
# Enable this if you want statistics to be logged. # Statistics
#statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats statistics loopstats peerstats clockstats sysstats
filegen loopstats file loopstats type day enable filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable filegen clockstats file clockstats type day enable
filegen sysstats file sysstats type day enable
# Interfaces to listen on:
interface listen 192.168.1.0/24
interface listen 10.250.42.0/24
interface listen 10.42.250.0/16
interface ignore wildcard
# You do need to talk to an NTP server or two (or three). # NTP sources
#server ntp.your-provider.example # Our other NTP server, to have consistant REFID
server cagua prefer iburst
# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will server ntp.laas.fr iburst
# pick a different set every time it starts up. Please consider joining the server ntp.sophia.cnrs.fr iburst
# pool: <http://www.pool.ntp.org/join.html> server ntp2.emn.fr iburst
server ntp.laas.fr iburst server delphi.phys.univ-tours.fr iburst
server ntp.sophia.cnrs.fr iburst server ntp.crashdump.fr iburst
server ntp2.emn.fr iburst server ntp.ilianum.com iburst
server delphi.phys.univ-tours.fr iburst server ntp.unice.fr iburst
server ntp.crashdump.fr iburst server ntp.accelance.net iburst
server ntp.ilianum.com iburst server ntp.deuza.net iburst
server ntp.unice.fr iburst server ntp1.jussieu.fr iburst
server ntp.accelance.net iburst server time.resolvlab.com iburst
server ntp.deuza.net iburst
server ntp1.jussieu.fr iburst
server time.resolvlab.com iburst
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for # Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions> # details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful. # might also be helpful.
# #
# Note that "restrict" applies to both servers and clients, so a configuration restrict default limited nomodify notrap nopeer noquery
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited
# Local users may interrogate the ntp server more closely.
restrict 192.168.1.0/24
restrict 127.0.0.1
restrict ::1
# Needed for adding pool entries
restrict source notrap nomodify noquery restrict source notrap nomodify noquery
# Clients from this (example!) subnet have unlimited access, but only if restrict 192.168.1.0/24
# cryptographically authenticated. restrict 10.250.42.0/24
restrict 192.168.0.0 mask 255.255.0.0 trust restrict 10.42.250.0/16
restrict 127.0.0.1
restrict ::1
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
broadcast 192.168.1.255
# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines. Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient