fatalerrors/init.sh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

updated ntp.conf to modern ntpsec serveur

Browse Source
This commit is contained in:
fatalerrors
2025-09-19 13:10:47 +02:00
parent 9144f48000
commit 10e2150353
2 changed files with 62 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
repo/hosts/cagua/ntp.conf
View File

@@ -1,22 +1,27 @@
*# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
# State files
driftfile /var/lib/ntp/ntp.drift
leapfile /usr/share/zoneinfo/leap-seconds.list
# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/
# Statistics
statistics loopstats peerstats clockstats
statistics loopstats peerstats clockstats sysstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
filegen sysstats file sysstats type day enable
# Interfaces to listen on:
interface listen 192.168.1.0/24
interface listen 10.250.42.0/24
interface listen 10.42.250.0/16
interface ignore wildcard
# You do need to talk to an NTP server or two (or three).
#server ntp.your-provider.example
# NTP sources
# Our other NTP server, to have consistant REFID
server didicas prefer iburst
# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will
# pick a different set every time it starts up. Please consider joining the
# pool: <http://www.pool.ntp.org/join.html>
server ntp.laas.fr iburst
server ntp.sophia.cnrs.fr iburst
server ntp2.emn.fr iburst
@@ -33,32 +38,11 @@ server time.resolvlab.com iburst
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited
# Local users may interrogate the ntp server more closely.
restrict 192.168.1.0/24
restrict 127.0.0.1
restrict ::1
# Needed for adding pool entries
restrict default limited nomodify notrap nopeer noquery
restrict source notrap nomodify noquery
# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
restrict 192.168.0.0 mask 255.255.0.0 trust
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
broadcast 192.168.1.255
# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines. Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient
restrict 192.168.1.0/24
restrict 10.250.42.0/24
restrict 10.42.250.0/16
restrict 127.0.0.1
restrict ::1

56
repo/hosts/didicas/ntp.conf
View File

@@ -1,22 +1,27 @@
*# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
# State files
driftfile /var/lib/ntp/ntp.drift
leapfile /usr/share/zoneinfo/leap-seconds.list
# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/
# Statistics
statistics loopstats peerstats clockstats
statistics loopstats peerstats clockstats sysstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
filegen sysstats file sysstats type day enable
# Interfaces to listen on:
interface listen 192.168.1.0/24
interface listen 10.250.42.0/24
interface listen 10.42.250.0/16
interface ignore wildcard
# You do need to talk to an NTP server or two (or three).
#server ntp.your-provider.example
# NTP sources
# Our other NTP server, to have consistant REFID
server cagua prefer iburst
# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will
# pick a different set every time it starts up. Please consider joining the
# pool: <http://www.pool.ntp.org/join.html>
server ntp.laas.fr iburst
server ntp.sophia.cnrs.fr iburst
server ntp2.emn.fr iburst
@@ -33,32 +38,11 @@ server time.resolvlab.com iburst
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited
# Local users may interrogate the ntp server more closely.
restrict 192.168.1.0/24
restrict 127.0.0.1
restrict ::1
# Needed for adding pool entries
restrict default limited nomodify notrap nopeer noquery
restrict source notrap nomodify noquery
# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
restrict 192.168.0.0 mask 255.255.0.0 trust
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
broadcast 192.168.1.255
# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines. Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient
restrict 192.168.1.0/24
restrict 10.250.42.0/24
restrict 10.42.250.0/16
restrict 127.0.0.1
restrict ::1