├── .yardopts ├── pdk.yaml ├── .rspec ├── data ├── SLES-10.yaml ├── OpenSuSE.yaml ├── SLES-12.yaml ├── SLES-15.yaml ├── Debian-12.yaml ├── Ubuntu-24.04.yaml ├── AIX-family.yaml ├── Fedora.yaml ├── Solaris-10.yaml ├── Debian-family.yaml ├── Amazon.yaml ├── Archlinux-family.yaml ├── Gentoo-family.yaml ├── RedHat-family.yaml ├── Suse-family.yaml ├── Solaris-family.yaml ├── Solaris-11.yaml ├── FreeBSD-family.yaml └── common.yaml ├── .gitattributes ├── CODEOWNERS ├── spec ├── fixtures │ └── my_ntp │ │ └── templates │ │ └── ntp.conf.epp ├── spec_helper_acceptance_local.rb ├── spec_helper_acceptance.rb ├── default_facts.yml ├── acceptance │ ├── unsupported_spec.rb │ ├── ntp_install_spec.rb │ ├── preferred_servers_spec.rb │ ├── class_spec.rb │ ├── ntp_service_spec.rb │ ├── ntp_parameters_spec.rb │ └── ntp_user_and_daemon_opts_spec.rb ├── spec_helper_local.rb ├── classes │ ├── contains_spec.rb │ └── ntp_spec.rb └── spec_helper.rb ├── templates ├── keys.epp ├── step-tickers.epp └── ntp.conf.epp ├── .vscode └── extensions.json ├── types ├── key_id.pp └── poll_interval.pp ├── .gitpod.yml ├── CONTRIBUTING.md ├── examples └── init.pp ├── .github ├── workflows │ ├── release.yml │ ├── mend.yml │ ├── release_prep.yml │ ├── nightly.yml │ └── ci.yml └── pull_request_template.md ├── .devcontainer ├── Dockerfile ├── devcontainer.json └── README.md ├── .puppet-lint.rc ├── manifests ├── service.pp ├── install.pp ├── config.pp └── init.pp ├── .fixtures.yml ├── hiera.yaml ├── .gitignore ├── NOTICE ├── .sync.yml ├── .rubocop_todo.yml ├── .pdkignore ├── Rakefile ├── .gitpod.Dockerfile ├── provision.yaml ├── metadata.json ├── README.md ├── Gemfile ├── LICENSE ├── readmes └── README_ja_JP.md ├── HISTORY.md ├── .rubocop.yml └── REFERENCE.md /.yardopts: -------------------------------------------------------------------------------- 1 | --markup markdown 2 | -------------------------------------------------------------------------------- /pdk.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | ignore: [] 3 | -------------------------------------------------------------------------------- /.rspec: -------------------------------------------------------------------------------- 1 | --color 2 | --format documentation 3 | -------------------------------------------------------------------------------- /data/SLES-10.yaml: -------------------------------------------------------------------------------- 1 | ntp::package_name: [ 'xntp' ] 2 | -------------------------------------------------------------------------------- /data/OpenSuSE.yaml: -------------------------------------------------------------------------------- 1 | ntp::service_name: ntpd 2 | ntp::service_provider: systemd 3 | -------------------------------------------------------------------------------- /data/SLES-12.yaml: -------------------------------------------------------------------------------- 1 | ntp::service_name: ntpd 2 | ntp::service_provider: systemd 3 | -------------------------------------------------------------------------------- /data/SLES-15.yaml: -------------------------------------------------------------------------------- 1 | ntp::service_name: ntpd 2 | ntp::service_provider: systemd 3 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | *.rb eol=lf 2 | *.erb eol=lf 3 | *.pp eol=lf 4 | *.sh eol=lf 5 | *.epp eol=lf 6 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | # Setting ownership to the modules team 2 | * @puppetlabs/modules @bastelfreak @smortex 3 | -------------------------------------------------------------------------------- /data/Debian-12.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | ntp::package_name: 3 | - ntpsec 4 | ntp::config: '/etc/ntpsec/ntp.conf' 5 | -------------------------------------------------------------------------------- /data/Ubuntu-24.04.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | ntp::package_name: 3 | - ntpsec 4 | ntp::config: '/etc/ntpsec/ntp.conf' 5 | -------------------------------------------------------------------------------- /spec/fixtures/my_ntp/templates/ntp.conf.epp: -------------------------------------------------------------------------------- 1 | # EPP template 2 | <% [1].each |$i| { -%>eppserver<%= $i %><% } -%> 3 | -------------------------------------------------------------------------------- /templates/keys.epp: -------------------------------------------------------------------------------- 1 | # THIS FILE IS MANAGED BY PUPPET 2 | 3 | <% $ntp::keys.each |$key| { -%> 4 | <%= $key %> 5 | <% } -%> 6 | -------------------------------------------------------------------------------- /.vscode/extensions.json: -------------------------------------------------------------------------------- 1 | { 2 | "recommendations": [ 3 | "puppet.puppet-vscode", 4 | "Shopify.ruby-lsp" 5 | ] 6 | } 7 | -------------------------------------------------------------------------------- /spec/spec_helper_acceptance_local.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | include PuppetLitmus 4 | 5 | UNSUPPORTED_PLATFORMS = ['windows', 'darwin'].freeze 6 | -------------------------------------------------------------------------------- /types/key_id.pp: -------------------------------------------------------------------------------- 1 | # See http://doc.ntp.org/4.2.6/authopt.html#controlkey for documentation 2 | # Alternatively: type Ntp::Key_id = Variant[Integer, Pattern['']] 3 | type Ntp::Key_id = Integer[1, 65534] 4 | -------------------------------------------------------------------------------- /.gitpod.yml: -------------------------------------------------------------------------------- 1 | image: 2 | file: .gitpod.Dockerfile 3 | 4 | tasks: 5 | - init: pdk bundle install 6 | 7 | vscode: 8 | extensions: 9 | - puppet.puppet-vscode@1.2.0:f5iEPbmOj6FoFTOV6q8LTg== 10 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing to Puppet modules 2 | 3 | Check out our [Contributing to Supported Modules Blog Post](https://puppetlabs.github.io/iac/docs/contributing_to_a_module.html) to find all the information that you will need. 4 | -------------------------------------------------------------------------------- /examples/init.pp: -------------------------------------------------------------------------------- 1 | node default { 2 | notify { 'enduser-before': } 3 | notify { 'enduser-after': } 4 | 5 | class { 'ntp': 6 | require => Notify['enduser-before'], 7 | before => Notify['enduser-after'], 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /types/poll_interval.pp: -------------------------------------------------------------------------------- 1 | # See https://doc.ntp.org/documentation/4.2.6-series/confopt/#command-options for documentation 2 | # Alternatively: type Ntp::Poll_interval = Variant[Integer, Pattern['']] 3 | type Ntp::Poll_interval = Integer[3, 17] 4 | -------------------------------------------------------------------------------- /.github/workflows/release.yml: -------------------------------------------------------------------------------- 1 | name: "Publish module" 2 | 3 | on: 4 | workflow_dispatch: 5 | 6 | jobs: 7 | release: 8 | uses: "puppetlabs/cat-github-actions/.github/workflows/module_release.yml@main" 9 | secrets: "inherit" 10 | -------------------------------------------------------------------------------- /spec/spec_helper_acceptance.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'puppet_litmus' 4 | require 'spec_helper_acceptance_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_acceptance_local.rb')) 5 | 6 | PuppetLitmus.configure! 7 | -------------------------------------------------------------------------------- /data/AIX-family.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | ntp::driftfile: '/etc/ntp.drift' 3 | ntp::package_name: 4 | - 'bos.net.tcp.client' 5 | ntp::restrict: 6 | - 'default nomodify notrap nopeer noquery' 7 | - '127.0.0.1' 8 | ntp::service_name: 'xntpd' 9 | ntp::slewalways: 'no' 10 | -------------------------------------------------------------------------------- /data/Fedora.yaml: -------------------------------------------------------------------------------- 1 | ntp::restrict: 2 | - 'default nomodify notrap nopeer noquery' 3 | - '127.0.0.1' 4 | - '::1' 5 | ntp::servers: 6 | - '0.fedora.pool.ntp.org' 7 | - '1.fedora.pool.ntp.org' 8 | - '2.fedora.pool.ntp.org' 9 | - '3.fedora.pool.ntp.org' 10 | -------------------------------------------------------------------------------- /.devcontainer/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM puppet/pdk:latest 2 | 3 | # [Optional] Uncomment this section to install additional packages. 4 | # RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ 5 | # && apt-get -y install --no-install-recommends 6 | 7 | -------------------------------------------------------------------------------- /spec/default_facts.yml: -------------------------------------------------------------------------------- 1 | # Use default_module_facts.yml for module specific facts. 2 | # 3 | # Facts specified here will override the values provided by rspec-puppet-facts. 4 | --- 5 | networking: 6 | ip: "172.16.254.254" 7 | ip6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" 8 | mac: "AA:AA:AA:AA:AA:AA" 9 | is_pe: false 10 | -------------------------------------------------------------------------------- /.github/workflows/mend.yml: -------------------------------------------------------------------------------- 1 | name: "mend" 2 | 3 | on: 4 | pull_request: 5 | branches: 6 | - "main" 7 | schedule: 8 | - cron: "0 0 * * *" 9 | workflow_dispatch: 10 | 11 | jobs: 12 | 13 | mend: 14 | uses: "puppetlabs/cat-github-actions/.github/workflows/mend_ruby.yml@main" 15 | secrets: "inherit" 16 | -------------------------------------------------------------------------------- /data/Solaris-10.yaml: -------------------------------------------------------------------------------- 1 | ntp::config: '/etc/inet/ntp.conf' 2 | ntp::driftfile: '/var/ntp/ntp.drift' 3 | ntp::keys_file: '/etc/inet/ntp.keys' 4 | ntp::package_name: [ 'SUNWntp4r', 'SUNWntp4u' ] 5 | ntp::restrict: 6 | - 'default nomodify notrap nopeer noquery' 7 | - '127.0.0.1' 8 | ntp::service_name: 'network/ntp4' 9 | ntp::iburst_enable: false 10 | -------------------------------------------------------------------------------- /.devcontainer/devcontainer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "Puppet Development Kit (Community)", 3 | "dockerFile": "Dockerfile", 4 | 5 | "settings": { 6 | "terminal.integrated.profiles.linux": { 7 | "bash": { 8 | "path": "bash" 9 | } 10 | } 11 | }, 12 | 13 | "extensions": [ 14 | "puppet.puppet-vscode", 15 | "rebornix.Ruby" 16 | ] 17 | } 18 | -------------------------------------------------------------------------------- /templates/step-tickers.epp: -------------------------------------------------------------------------------- 1 | # List of NTP servers used by the ntpdate service. 2 | 3 | <% $ntp::servers.each |$server| { -%> 4 | <% if $ntp::noselect_servers.member($server) { -%> 5 | # <%= $server %> 6 | <% } elsif $ntp::preferred_servers.size() == 0 or $ntp::preferred_servers.member($server) { -%> 7 | <%= $server %> 8 | <% } -%> 9 | <% } -%> 10 | -------------------------------------------------------------------------------- /data/Debian-family.yaml: -------------------------------------------------------------------------------- 1 | ntp::restrict: 2 | - '-4 default kod nomodify notrap nopeer noquery' 3 | - '-6 default kod nomodify notrap nopeer noquery' 4 | - '127.0.0.1' 5 | - '::1' 6 | ntp::service_name: 'ntp' 7 | ntp::servers: 8 | - '0.debian.pool.ntp.org' 9 | - '1.debian.pool.ntp.org' 10 | - '2.debian.pool.ntp.org' 11 | - '3.debian.pool.ntp.org' 12 | -------------------------------------------------------------------------------- /.puppet-lint.rc: -------------------------------------------------------------------------------- 1 | --fail-on-warnings 2 | --relative 3 | --no-80chars-check 4 | --no-140chars-check 5 | --no-class_inherits_from_params_class-check 6 | --no-autoloader_layout-check 7 | --no-documentation-check 8 | --no-single_quote_string_with_variables-check 9 | --ignore-paths=.vendor/**/*.pp,.bundle/**/*.pp,pkg/**/*.pp,spec/**/*.pp,tests/**/*.pp,types/**/*.pp,vendor/**/*.pp 10 | -------------------------------------------------------------------------------- /data/Amazon.yaml: -------------------------------------------------------------------------------- 1 | ntp::keys_file: '/etc/ntp/keys' 2 | ntp::restrict: 3 | - 'default kod nomodify notrap nopeer noquery' 4 | - '-6 default kod nomodify notrap nopeer noquery' 5 | - '127.0.0.1' 6 | - '-6 ::1' 7 | ntp::iburst_enable: false 8 | ntp::servers: 9 | - '0.centos.pool.ntp.org' 10 | - '1.centos.pool.ntp.org' 11 | - '2.centos.pool.ntp.org' 12 | ntp::disable_monitor: false 13 | -------------------------------------------------------------------------------- /data/Archlinux-family.yaml: -------------------------------------------------------------------------------- 1 | ntp::driftfile: '/var/lib/ntp/ntp.drift' 2 | ntp::restrict: 3 | - 'default kod nomodify notrap nopeer noquery' 4 | - '-6 default kod nomodify notrap nopeer noquery' 5 | - '127.0.0.1' 6 | - '-6 ::1' 7 | ntp::iburst_enable: false 8 | ntp::servers: 9 | - '0.arch.pool.ntp.org' 10 | - '1.arch.pool.ntp.org' 11 | - '2.arch.pool.ntp.org' 12 | - '3.arch.pool.ntp.org' 13 | -------------------------------------------------------------------------------- /data/Gentoo-family.yaml: -------------------------------------------------------------------------------- 1 | ntp::package_name: [ 'net-misc/ntp' ] 2 | ntp::restrict: 3 | - 'default kod nomodify notrap nopeer noquery' 4 | - '-6 default kod nomodify notrap nopeer noquery' 5 | - '127.0.0.1' 6 | - '-6 ::1' 7 | ntp::iburst_enable: false 8 | ntp::servers: 9 | - '0.gentoo.pool.ntp.org' 10 | - '1.gentoo.pool.ntp.org' 11 | - '2.gentoo.pool.ntp.org' 12 | - '3.gentoo.pool.ntp.org' 13 | -------------------------------------------------------------------------------- /data/RedHat-family.yaml: -------------------------------------------------------------------------------- 1 | ntp::keys_file: '/etc/ntp/keys' 2 | ntp::restrict: 3 | - 'default kod nomodify notrap nopeer noquery' 4 | - '-6 default kod nomodify notrap nopeer noquery' 5 | - '127.0.0.1' 6 | - '-6 ::1' 7 | ntp::iburst_enable: false 8 | ntp::servers: 9 | - '0.centos.pool.ntp.org' 10 | - '1.centos.pool.ntp.org' 11 | - '2.centos.pool.ntp.org' 12 | ntp::step_tickers_file: '/etc/ntp/step-tickers' 13 | -------------------------------------------------------------------------------- /data/Suse-family.yaml: -------------------------------------------------------------------------------- 1 | ntp::service_name: ntp 2 | ntp::driftfile: '/var/lib/ntp/drift/ntp.drift' 3 | ntp::restrict: 4 | - 'default kod nomodify notrap nopeer noquery' 5 | - '-6 default kod nomodify notrap nopeer noquery' 6 | - '127.0.0.1' 7 | - '-6 ::1' 8 | ntp::servers: 9 | - '0.opensuse.pool.ntp.org' 10 | - '1.opensuse.pool.ntp.org' 11 | - '2.opensuse.pool.ntp.org' 12 | - '3.opensuse.pool.ntp.org' 13 | -------------------------------------------------------------------------------- /data/Solaris-family.yaml: -------------------------------------------------------------------------------- 1 | ntp::config: '/etc/inet/ntp.conf' 2 | ntp::driftfile: '/var/ntp/ntp.drift' 3 | ntp::keys_file: '/etc/inet/ntp.keys' 4 | ntp::package_name: [ 'service/network/ntp' ] 5 | ntp::restrict: 6 | - 'default kod nomodify notrap nopeer noquery' 7 | - '-6 default kod nomodify notrap nopeer noquery' 8 | - '127.0.0.1' 9 | - '-6 ::1' 10 | ntp::service_name: 'network/ntp' 11 | ntp::iburst_enable: false 12 | -------------------------------------------------------------------------------- /data/Solaris-11.yaml: -------------------------------------------------------------------------------- 1 | ntp::config: '/etc/inet/ntp.conf' 2 | ntp::driftfile: '/var/ntp/ntp.drift' 3 | ntp::keys_file: '/etc/inet/ntp.keys' 4 | ntp::package_name: [ 'service/network/ntp' ] 5 | ntp::restrict: 6 | - 'default kod nomodify notrap nopeer noquery' 7 | - '-6 default kod nomodify notrap nopeer noquery' 8 | - '127.0.0.1' 9 | - '-6 ::1' 10 | ntp::service_name: 'network/ntp:default' 11 | ntp::iburst_enable: false 12 | -------------------------------------------------------------------------------- /spec/acceptance/unsupported_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'spec_helper_acceptance' 4 | 5 | describe 'unsupported distributions and OSes', if: UNSUPPORTED_PLATFORMS.include?(os[:family]) do 6 | it 'fails' do 7 | pp = <<-MANIFEST 8 | class { 'ntp': } 9 | MANIFEST 10 | expect(apply_manifest(pp, expect_failures: true).stderr).to match(%r{is not supported on an}i) 11 | end 12 | end 13 | -------------------------------------------------------------------------------- /.github/workflows/release_prep.yml: -------------------------------------------------------------------------------- 1 | name: "Release Prep" 2 | 3 | on: 4 | workflow_dispatch: 5 | inputs: 6 | version: 7 | description: "Module version to be released. Must be a valid semver string. (1.2.3)" 8 | required: true 9 | 10 | jobs: 11 | release_prep: 12 | uses: "puppetlabs/cat-github-actions/.github/workflows/module_release_prep.yml@main" 13 | with: 14 | version: "${{ github.event.inputs.version }}" 15 | secrets: "inherit" 16 | -------------------------------------------------------------------------------- /manifests/service.pp: -------------------------------------------------------------------------------- 1 | # @summary 2 | # This class handles the ntp service. 3 | # 4 | # @api private 5 | # 6 | class ntp::service { 7 | if $ntp::service_manage == true { 8 | service { 'ntp': 9 | ensure => $ntp::service_ensure, 10 | enable => $ntp::service_enable, 11 | name => $ntp::service_name, 12 | provider => $ntp::service_provider, 13 | hasstatus => $ntp::service_hasstatus, 14 | hasrestart => $ntp::service_hasrestart, 15 | } 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /.fixtures.yml: -------------------------------------------------------------------------------- 1 | fixtures: 2 | repositories: 3 | "augeas_core": "https://github.com/puppetlabs/puppetlabs-augeas_core.git" 4 | facts: 'https://github.com/puppetlabs/puppetlabs-facts.git' 5 | "stdlib": "https://github.com/puppetlabs/puppetlabs-stdlib.git" 6 | provision: "https://github.com/puppetlabs/provision.git" 7 | puppet_agent: "https://github.com/puppetlabs/puppetlabs-puppet_agent.git" 8 | symlinks: 9 | "ntp": "#{source_dir}" 10 | "my_ntp": "#{source_dir}/spec/fixtures/my_ntp" 11 | -------------------------------------------------------------------------------- /data/FreeBSD-family.yaml: -------------------------------------------------------------------------------- 1 | ntp::driftfile: '/var/db/ntpd.drift' 2 | ntp::leapfile: '/var/db/ntpd.leap-seconds.list' 3 | ntp::package_name: ['net/ntp'] 4 | ntp::restrict: 5 | - 'default kod nomodify notrap nopeer noquery' 6 | - '-6 default kod nomodify notrap nopeer noquery' 7 | - '127.0.0.1' 8 | - '-6 ::1' 9 | ntp::servers: 10 | - '0.freebsd.pool.ntp.org' 11 | - '1.freebsd.pool.ntp.org' 12 | - '2.freebsd.pool.ntp.org' 13 | - '3.freebsd.pool.ntp.org' 14 | ntp::maxpoll: 9 15 | ntp::package_manage: false 16 | -------------------------------------------------------------------------------- /.github/pull_request_template.md: -------------------------------------------------------------------------------- 1 | ## Summary 2 | Provide a detailed description of all the changes present in this pull request. 3 | 4 | ## Additional Context 5 | Add any additional context about the problem here. 6 | - [ ] Root cause and the steps to reproduce. (If applicable) 7 | - [ ] Thought process behind the implementation. 8 | 9 | ## Related Issues (if any) 10 | Mention any related issues or pull requests. 11 | 12 | ## Checklist 13 | - [ ] 🟢 Spec tests. 14 | - [ ] 🟢 Acceptance tests. 15 | - [ ] Manually verified. (For example `puppet apply`) -------------------------------------------------------------------------------- /hiera.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | version: 5 3 | 4 | defaults: 5 | datadir: 'data' 6 | data_hash: 'yaml_data' 7 | 8 | hierarchy: 9 | - name: 'Full Version' 10 | path: '%{facts.os.name}-%{facts.os.release.full}.yaml' 11 | 12 | - name: 'Major Version' 13 | path: '%{facts.os.name}-%{facts.os.release.major}.yaml' 14 | 15 | - name: 'Distribution Name' 16 | path: '%{facts.os.name}.yaml' 17 | 18 | - name: 'Operating System Family' 19 | path: '%{facts.os.family}-family.yaml' 20 | 21 | - name: 'common' 22 | path: 'common.yaml' 23 | 24 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .git/ 2 | .*.sw[op] 3 | .metadata 4 | .yardoc 5 | .yardwarns 6 | *.iml 7 | /.bundle/ 8 | /.idea/ 9 | /.vagrant/ 10 | /coverage/ 11 | /bin/ 12 | /doc/ 13 | /Gemfile.local 14 | /Gemfile.lock 15 | /junit/ 16 | /log/ 17 | /pkg/ 18 | /spec/fixtures/manifests/ 19 | /spec/fixtures/modules/* 20 | /tmp/ 21 | /vendor/ 22 | /.vendor/ 23 | /convert_report.txt 24 | /update_report.txt 25 | .DS_Store 26 | .project 27 | .envrc 28 | /inventory.yaml 29 | /spec/fixtures/litmus_inventory.yaml 30 | .resource_types 31 | .modules 32 | .task_cache.json 33 | .plan_cache.json 34 | .rerun.json 35 | bolt-debug.log 36 | -------------------------------------------------------------------------------- /NOTICE: -------------------------------------------------------------------------------- 1 | Puppet Module - puppetlabs-ntp 2 | 3 | Copyright 2018 Puppet, Inc. 4 | 5 | Licensed under the Apache License, Version 2.0 (the "License"); 6 | you may not use this file except in compliance with the License. 7 | You may obtain a copy of the License at 8 | 9 | http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | Unless required by applicable law or agreed to in writing, software 12 | distributed under the License is distributed on an "AS IS" BASIS, 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | See the License for the specific language governing permissions and 15 | limitations under the License. -------------------------------------------------------------------------------- /manifests/install.pp: -------------------------------------------------------------------------------- 1 | # @summary 2 | # This class handles ntp packages. 3 | # 4 | # @api private 5 | # 6 | class ntp::install { 7 | if $ntp::package_manage { 8 | if ($facts['os']['name'] == 'SLES' and $facts['os']['release']['major'] == '15') { 9 | exec { 'Enable legacy repos': 10 | path => '/bin:/usr/bin/:/sbin:/usr/sbin', 11 | command => '/usr/bin/SUSEConnect --product sle-module-legacy/15.6/x86_64', 12 | unless => 'SUSEConnect --status-text | grep sle-module-legacy/15.6/x86_64', 13 | } 14 | } 15 | 16 | package { $ntp::package_name: 17 | ensure => $ntp::package_ensure, 18 | } 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /.github/workflows/nightly.yml: -------------------------------------------------------------------------------- 1 | name: "nightly" 2 | 3 | on: 4 | schedule: 5 | - cron: "0 0 * * *" 6 | workflow_dispatch: 7 | 8 | jobs: 9 | Spec: 10 | uses: "puppetlabs/cat-github-actions/.github/workflows/module_ci.yml@main" 11 | with: 12 | runs_on: "ubuntu-24.04" 13 | flags: "--nightly" 14 | secrets: "inherit" 15 | 16 | Acceptance: 17 | needs: Spec 18 | uses: "puppetlabs/cat-github-actions/.github/workflows/module_acceptance.yml@main" 19 | with: 20 | runs_on: "ubuntu-24.04" 21 | flags: "--nightly --platform-exclude centos-7 --platform-exclude oraclelinux-7 --platform-exclude scientific-7" 22 | secrets: "inherit" 23 | -------------------------------------------------------------------------------- /.github/workflows/ci.yml: -------------------------------------------------------------------------------- 1 | name: "ci" 2 | 3 | on: 4 | pull_request: 5 | branches: 6 | - "main" 7 | workflow_dispatch: 8 | 9 | jobs: 10 | Spec: 11 | uses: "puppetlabs/cat-github-actions/.github/workflows/module_ci.yml@main" 12 | with: 13 | runs_on: "ubuntu-24.04" 14 | flags: "--nightly" 15 | secrets: "inherit" 16 | 17 | Acceptance: 18 | needs: Spec 19 | uses: "puppetlabs/cat-github-actions/.github/workflows/module_acceptance.yml@main" 20 | with: 21 | runs_on: "ubuntu-24.04" 22 | flags: "--nightly --platform-exclude centos-7 --platform-exclude oraclelinux-7 --platform-exclude scientific-7" 23 | secrets: "inherit" 24 | -------------------------------------------------------------------------------- /.sync.yml: -------------------------------------------------------------------------------- 1 | --- 2 | ".gitlab-ci.yml": 3 | delete: true 4 | appveyor.yml: 5 | delete: true 6 | .rubocop.yml: 7 | include_todos: true 8 | 9 | Gemfile: 10 | optional: 11 | ":development": 12 | - gem: github_changelog_generator 13 | version: '= 1.15.2' 14 | Rakefile: 15 | changelog_user: puppetlabs 16 | spec/spec_helper.rb: 17 | mock_with: ":rspec" 18 | coverage_report: true 19 | .gitpod.Dockerfile: 20 | unmanaged: false 21 | .gitpod.yml: 22 | unmanaged: false 23 | .github/workflows/auto_release.yml: 24 | unmanaged: false 25 | .github/workflows/ci.yml: 26 | unmanaged: true 27 | .github/workflows/nightly.yml: 28 | unmanaged: true 29 | .github/workflows/release.yml: 30 | unmanaged: false 31 | .travis.yml: 32 | delete: true 33 | -------------------------------------------------------------------------------- /spec/acceptance/ntp_install_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'spec_helper_acceptance' 4 | 5 | case os[:family] 6 | when 'freebsd' 7 | packagename = 'net/ntp' 8 | when 'aix' 9 | packagename = 'bos.net.tcp.client' 10 | when 'solaris' 11 | case fact('kernelrelease') 12 | when '5.10' 13 | packagename = ['SUNWntp4r', 'SUNWntp4u'] 14 | when '5.11' 15 | packagename = 'service/network/ntp' 16 | end 17 | end 18 | 19 | describe 'ntp::install class', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do 20 | it 'installs the package' do 21 | apply_manifest(%( class { 'ntp': } ), catch_failures: true) 22 | Array(packagename).each do |package| 23 | expect(package(package)).to be_installed 24 | end 25 | end 26 | end 27 | -------------------------------------------------------------------------------- /.rubocop_todo.yml: -------------------------------------------------------------------------------- 1 | # This configuration was generated by 2 | # `rubocop --auto-gen-config` 3 | # on 2023-11-28 17:37:55 UTC using RuboCop version 1.48.1. 4 | # The point is for the user to remove these configuration records 5 | # one by one as the offenses are removed from the code base. 6 | # Note that changes in the inspected code, or installation of new 7 | # versions of RuboCop, may require this file to be generated again. 8 | 9 | # Offense count: 1 10 | # This cop supports safe autocorrection (--autocorrect). 11 | Lint/RedundantCopDisableDirective: 12 | Exclude: 13 | - 'spec/acceptance/ntp_user_and_daemon_opts_spec.rb' 14 | 15 | # Offense count: 95 16 | # Configuration parameters: EnforcedStyle, IgnoreSharedExamples. 17 | # SupportedStyles: always, named_only 18 | RSpec/NamedSubject: 19 | Exclude: 20 | - 'spec/classes/ntp_spec.rb' 21 | -------------------------------------------------------------------------------- /.pdkignore: -------------------------------------------------------------------------------- 1 | .git/ 2 | .*.sw[op] 3 | .metadata 4 | .yardoc 5 | .yardwarns 6 | *.iml 7 | /.bundle/ 8 | /.idea/ 9 | /.vagrant/ 10 | /coverage/ 11 | /bin/ 12 | /doc/ 13 | /Gemfile.local 14 | /Gemfile.lock 15 | /junit/ 16 | /log/ 17 | /pkg/ 18 | /spec/fixtures/manifests/ 19 | /spec/fixtures/modules/* 20 | /tmp/ 21 | /vendor/ 22 | /.vendor/ 23 | /convert_report.txt 24 | /update_report.txt 25 | .DS_Store 26 | .project 27 | .envrc 28 | /inventory.yaml 29 | /spec/fixtures/litmus_inventory.yaml 30 | .resource_types 31 | .modules 32 | .task_cache.json 33 | .plan_cache.json 34 | .rerun.json 35 | bolt-debug.log 36 | /.fixtures.yml 37 | /Gemfile 38 | /.gitattributes 39 | /.github/ 40 | /.gitignore 41 | /.pdkignore 42 | /.puppet-lint.rc 43 | /Rakefile 44 | /rakelib/ 45 | /.rspec 46 | /..yml 47 | /.yardopts 48 | /spec/ 49 | /.vscode/ 50 | /.sync.yml 51 | /.devcontainer/ 52 | -------------------------------------------------------------------------------- /spec/spec_helper_local.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | if ENV['COVERAGE'] == 'yes' 4 | require 'simplecov' 5 | require 'simplecov-console' 6 | require 'codecov' 7 | 8 | SimpleCov.formatters = [ 9 | SimpleCov::Formatter::HTMLFormatter, 10 | SimpleCov::Formatter::Console, 11 | SimpleCov::Formatter::Codecov, 12 | ] 13 | SimpleCov.start do 14 | track_files 'lib/**/*.rb' 15 | 16 | add_filter '/spec' 17 | 18 | # do not track vendored files 19 | add_filter '/vendor' 20 | add_filter '/.vendor' 21 | 22 | # do not track gitignored files 23 | # this adds about 4 seconds to the coverage check 24 | # this could definitely be optimized 25 | add_filter do |f| 26 | # system returns true if exit status is 0, which with git-check-ignore means file is ignored 27 | system("git check-ignore --quiet #{f.filename}") 28 | end 29 | end 30 | end 31 | require 'rspec-puppet-facts' 32 | include RspecPuppetFacts 33 | -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'bundler' 4 | require 'puppet_litmus/rake_tasks' if Gem.loaded_specs.key? 'puppet_litmus' 5 | require 'puppetlabs_spec_helper/rake_tasks' 6 | require 'puppet-syntax/tasks/puppet-syntax' 7 | require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings' 8 | 9 | PuppetLint.configuration.send('disable_relative') 10 | PuppetLint.configuration.send('disable_80chars') 11 | PuppetLint.configuration.send('disable_140chars') 12 | PuppetLint.configuration.send('disable_class_inherits_from_params_class') 13 | PuppetLint.configuration.send('disable_autoloader_layout') 14 | PuppetLint.configuration.send('disable_documentation') 15 | PuppetLint.configuration.send('disable_single_quote_string_with_variables') 16 | PuppetLint.configuration.fail_on_warnings = true 17 | PuppetLint.configuration.ignore_paths = [".vendor/**/*.pp", ".bundle/**/*.pp", "pkg/**/*.pp", "spec/**/*.pp", "tests/**/*.pp", "types/**/*.pp", "vendor/**/*.pp"] 18 | -------------------------------------------------------------------------------- /.devcontainer/README.md: -------------------------------------------------------------------------------- 1 | # devcontainer 2 | 3 | 4 | For format details, see https://aka.ms/devcontainer.json. 5 | 6 | For config options, see the README at: 7 | https://github.com/microsoft/vscode-dev-containers/tree/v0.140.1/containers/puppet 8 | 9 | ``` json 10 | { 11 | "name": "Puppet Development Kit (Community)", 12 | "dockerFile": "Dockerfile", 13 | 14 | // Set *default* container specific settings.json values on container create. 15 | "settings": { 16 | "terminal.integrated.profiles.linux": { 17 | "bash": { 18 | "path": "bash", 19 | } 20 | } 21 | }, 22 | 23 | // Add the IDs of extensions you want installed when the container is created. 24 | "extensions": [ 25 | "puppet.puppet-vscode", 26 | "rebornix.Ruby" 27 | ], 28 | 29 | // Use 'forwardPorts' to make a list of ports inside the container available locally. 30 | "forwardPorts": [], 31 | 32 | // Use 'postCreateCommand' to run commands after the container is created. 33 | "postCreateCommand": "pdk --version", 34 | } 35 | ``` 36 | 37 | 38 | 39 | -------------------------------------------------------------------------------- /spec/acceptance/preferred_servers_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'spec_helper_acceptance' 4 | 5 | config = if os[:family] == 'solaris' 6 | '/etc/inet/ntp.conf' 7 | elsif os[:family] == 'debian' && os[:release].start_with?('12') 8 | '/etc/ntpsec/ntp.conf' 9 | elsif os[:family] == 'ubuntu' && os[:release].start_with?('24') 10 | '/etc/ntpsec/ntp.conf' 11 | else 12 | '/etc/ntp.conf' 13 | end 14 | 15 | describe 'preferred servers', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do 16 | pp = <<-MANIFEST 17 | class { '::ntp': 18 | servers => ['a', 'b', 'c', 'd'], 19 | preferred_servers => ['c', 'd'], 20 | } 21 | MANIFEST 22 | 23 | it 'applies cleanly' do 24 | idempotent_apply(pp) 25 | expect(file(config.to_s)).to be_file 26 | ['server a', 'server b', %r{server c (iburst\s|)prefer}, %r{server d (iburst\s|)prefer}].each do |check| 27 | expect(file(config.to_s).content).to match(check) 28 | end 29 | end 30 | end 31 | -------------------------------------------------------------------------------- /spec/classes/contains_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | # To check the correct dependancies are set up for NTP. 4 | 5 | require 'spec_helper' 6 | describe 'ntp' do 7 | let(:facts) { { is_virtual: false } } 8 | let :pre_condition do 9 | 'file { "foo.rb": 10 | ensure => present, 11 | path => "/etc/tmp", 12 | notify => Service["ntp"] }' 13 | end 14 | 15 | on_supported_os.each do |os, f| 16 | context "when on #{os}" do 17 | let(:facts) do 18 | f.merge(super()) 19 | end 20 | 21 | it { is_expected.to compile.with_all_deps } 22 | 23 | describe 'Testing the dependancies between the classes' do 24 | it { is_expected.to contain_class('ntp::install') } 25 | it { is_expected.to contain_class('ntp::config') } 26 | it { is_expected.to contain_class('ntp::service') } 27 | it { is_expected.to contain_class('ntp::install').that_comes_before('Class[ntp::config]') } 28 | it { is_expected.to contain_class('ntp::service').that_subscribes_to('Class[ntp::config]') } 29 | it { is_expected.to contain_file('foo.rb').that_notifies('Service[ntp]') } 30 | end 31 | end 32 | end 33 | end 34 | -------------------------------------------------------------------------------- /.gitpod.Dockerfile: -------------------------------------------------------------------------------- 1 | FROM gitpod/workspace-full 2 | RUN sudo wget https://apt.puppet.com/puppet-tools-release-bionic.deb && \ 3 | wget https://apt.puppetlabs.com/puppet6-release-bionic.deb && \ 4 | sudo dpkg -i puppet6-release-bionic.deb && \ 5 | sudo dpkg -i puppet-tools-release-bionic.deb && \ 6 | sudo apt-get update && \ 7 | sudo apt-get install -y pdk zsh puppet-agent && \ 8 | sudo apt-get clean && \ 9 | sudo rm -rf /var/lib/apt/lists/* 10 | RUN sudo usermod -s $(which zsh) gitpod && \ 11 | sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" && \ 12 | echo "plugins=(git gitignore github gem pip bundler python ruby docker docker-compose)" >> /home/gitpod/.zshrc && \ 13 | echo 'PATH="$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/opt/puppetlabs/bin:/opt/puppetlabs/puppet/bin"' >> /home/gitpod/.zshrc && \ 14 | sudo /opt/puppetlabs/puppet/bin/gem install puppet-debugger hub -N && \ 15 | mkdir -p /home/gitpod/.config/puppet && \ 16 | /opt/puppetlabs/puppet/bin/ruby -r yaml -e "puts ({'disabled' => true}).to_yaml" > /home/gitpod/.config/puppet/analytics.yml 17 | RUN rm -f puppet6-release-bionic.deb puppet-tools-release-bionic.deb 18 | ENTRYPOINT /usr/bin/zsh 19 | -------------------------------------------------------------------------------- /spec/acceptance/class_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'spec_helper_acceptance' 4 | 5 | describe 'ntp class:', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do 6 | context 'with ntp' do 7 | let(:pp) { "class { 'ntp': }" } 8 | 9 | it 'runs successfully - not_to match' do 10 | apply_manifest(pp, catch_failures: true) do |r| 11 | expect(r.stderr).not_to match(%r{error}i) 12 | end 13 | end 14 | 15 | it 'runs successfully - not_to eq' do 16 | apply_manifest(pp, catch_failures: true) do |r| 17 | expect(r.stderr).not_to eq(%r{error}i) 18 | end 19 | end 20 | 21 | it 'runs successfully - to be_zero' do 22 | apply_manifest(pp, catch_failures: true) do |r| 23 | expect(r.exit_code).to be_zero 24 | end 25 | end 26 | end 27 | 28 | context 'when service_ensure => stopped:' do 29 | let(:pp) { "class { 'ntp': service_ensure => stopped }" } 30 | 31 | it 'runs successfully - not_to match' do 32 | apply_manifest(pp, catch_failures: true) do |r| 33 | expect(r.stderr).not_to match(%r{error}i) 34 | end 35 | end 36 | end 37 | 38 | context 'when service_ensure => running:' do 39 | it 'runs successfully - not_to match' do 40 | pp = "class { 'ntp': service_ensure => running }" 41 | 42 | apply_manifest(pp, catch_failures: true) do |r| 43 | expect(r.stderr).not_to match(%r{error}i) 44 | end 45 | end 46 | end 47 | end 48 | -------------------------------------------------------------------------------- /provision.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | default: 3 | provisioner: docker_exp 4 | images: 5 | - litmusimage/centos:7 6 | vagrant: 7 | provisioner: vagrant 8 | images: 9 | - centos/7 10 | - generic/ubuntu1804 11 | docker_deb: 12 | provisioner: docker_exp 13 | images: 14 | - litmusimage/debian:8 15 | - litmusimage/debian:9 16 | - litmusimage/debian:10 17 | docker_ub_6: 18 | provisioner: docker 19 | images: 20 | - litmusimage/ubuntu:14.04 21 | - litmusimage/ubuntu:16.04 22 | - litmusimage/ubuntu:18.04 23 | - litmusimage/ubuntu:20.04 24 | docker_el7: 25 | provisioner: docker_exp 26 | images: 27 | - litmusimage/centos:7 28 | - litmusimage/oraclelinux:7 29 | - litmusimage/scientificlinux:7 30 | release_checks_6: 31 | provisioner: abs 32 | images: 33 | - redhat-6-x86_64 34 | - redhat-7-x86_64 35 | - centos-6-x86_64 36 | - centos-7-x86_64 37 | - oracle-5-x86_64 38 | - oracle-6-x86_64 39 | - oracle-7-x86_64 40 | - scientific-6-x86_64 41 | - scientific-7-x86_64 42 | - debian-8-x86_64 43 | - debian-9-x86_64 44 | - debian-10-x86_64 45 | - sles-12-x86_64 46 | - sles-15-x86_64 47 | - ubuntu-1404-x86_64 48 | - ubuntu-1604-x86_64 49 | - ubuntu-1804-x86_64 50 | - ubuntu-2004-x86_64 51 | release_checks_7: 52 | provisioner: abs 53 | images: 54 | - redhat-7-x86_64 55 | - centos-7-x86_64 56 | - oracle-7-x86_64 57 | - scientific-7-x86_64 58 | - sles-12-x86_64 59 | - sles-15-x86_64 60 | - debian-9-x86_64 61 | - debian-10-x86_64 62 | - ubuntu-1804-x86_64 63 | - ubuntu-2004-x86_64 64 | -------------------------------------------------------------------------------- /data/common.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | ntp::authprov: ~ 3 | ntp::broadcastclient: false 4 | ntp::burst: false 5 | ntp::config_dir: ~ 6 | ntp::config_file_mode: '0644' 7 | ntp::config: '/etc/ntp.conf' 8 | ntp::config_epp: ~ 9 | ntp::daemon_extra_opts: ~ 10 | ntp::disable_auth: false 11 | ntp::disable_dhclient: false 12 | ntp::disable_kernel: false 13 | ntp::disable_monitor: true 14 | ntp::driftfile: '/var/lib/ntp/drift' 15 | ntp::enable_mode7: false 16 | ntp::fudge: [] 17 | ntp::iburst_enable: true 18 | ntp::interfaces_ignore: [] 19 | ntp::interfaces: [] 20 | ntp::keys_controlkey: ~ 21 | ntp::keys_enable: false 22 | ntp::keys_file: '/etc/ntp.keys' 23 | ntp::keys_requestkey: ~ 24 | ntp::keys_trusted: [] 25 | ntp::keys: [] 26 | ntp::leapfile: ~ 27 | ntp::logfile: ~ 28 | ntp::logfile_user: 'ntp' 29 | ntp::logfile_mode: '0664' 30 | ntp::logfile_group: 'ntp' 31 | ntp::logconfig: ~ 32 | ntp::ntpsigndsocket: ~ 33 | ntp::maxpoll: ~ 34 | ntp::minpoll: ~ 35 | ntp::package_ensure: present 36 | ntp::package_manage: true 37 | ntp::package_name: [ 'ntp' ] 38 | ntp::panic: ~ 39 | ntp::peers: [] 40 | ntp::pool: [] 41 | ntp::preferred_servers: [] 42 | ntp::noselect_servers: [] 43 | ntp::servers: 44 | - '0.pool.ntp.org' 45 | - '1.pool.ntp.org' 46 | - '2.pool.ntp.org' 47 | - '3.pool.ntp.org' 48 | ntp::service_enable: true 49 | ntp::service_ensure: running 50 | ntp::service_manage: true 51 | ntp::service_name: ntpd 52 | ntp::service_provider: ~ 53 | ntp::service_hasstatus: true 54 | ntp::service_hasrestart: true 55 | ntp::slewalways: ~ 56 | ntp::statistics: [] 57 | ntp::statsdir: '/var/log/ntpstats' 58 | ntp::stepout: ~ 59 | ntp::step_tickers_file: ~ 60 | ntp::step_tickers_template: ~ 61 | ntp::step_tickers_epp: ~ 62 | ntp::tinker: ~ 63 | ntp::tos_ceiling: 15 64 | ntp::tos_cohort: 0 65 | ntp::tos_floor: 1 66 | ntp::tos_maxclock: 6 67 | ntp::tos_minclock: 3 68 | ntp::tos_minsane: 1 69 | ntp::tos_orphan: ~ 70 | ntp::tos: false 71 | ntp::udlc_stratum: 10 72 | ntp::udlc: false 73 | ntp::user: ~ 74 | -------------------------------------------------------------------------------- /spec/acceptance/ntp_service_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'spec_helper_acceptance' 4 | require 'specinfra' 5 | 6 | case os[:family] 7 | when 'redhat', 'freebsd', 'linux' 8 | servicename = 'ntpd' 9 | when 'solaris' 10 | case fact('kernelrelease') 11 | when '5.10' 12 | servicename = 'network/ntp4' 13 | when '5.11' 14 | servicename = 'network/ntp' 15 | end 16 | when 'aix' 17 | servicename = 'xntpd' 18 | else 19 | servicename = if os[:family] == 'sles' && os[:release].start_with?('12', '15') 20 | 'ntpd' 21 | else 22 | 'ntp' 23 | end 24 | end 25 | 26 | describe 'ntp::service class', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do 27 | describe 'with a basic test' do 28 | pp = <<-MANIFEST 29 | class { 'ntp': } 30 | MANIFEST 31 | it 'sets up the service' do 32 | apply_manifest(pp, catch_failures: true) 33 | expect(service(servicename)).to be_running 34 | expect(service(servicename)).to be_enabled 35 | end 36 | end 37 | 38 | describe 'service parameters' do 39 | pp = <<-MANIFEST 40 | class { 'ntp': 41 | service_enable => true, 42 | service_ensure => running, 43 | service_manage => true, 44 | service_name => '#{servicename}' 45 | } 46 | MANIFEST 47 | it 'starts the service' do 48 | apply_manifest(pp, catch_failures: true) 49 | expect(service(servicename)).to be_running 50 | expect(service(servicename)).to be_enabled 51 | end 52 | end 53 | 54 | describe 'service is unmanaged' do 55 | pp = <<-MANIFEST 56 | class { 'ntp': 57 | service_enable => false, 58 | service_ensure => stopped, 59 | service_manage => false, 60 | service_name => '#{servicename}' 61 | } 62 | MANIFEST 63 | it 'shouldnt stop the service' do 64 | apply_manifest(pp, catch_failures: true) 65 | expect(service(servicename)).to be_running 66 | expect(service(servicename)).to be_enabled 67 | end 68 | end 69 | end 70 | -------------------------------------------------------------------------------- /metadata.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "puppetlabs-ntp", 3 | "version": "11.1.0", 4 | "author": "puppetlabs", 5 | "summary": "Installs, configures, and manages the NTP service.", 6 | "license": "Apache-2.0", 7 | "source": "https://github.com/puppetlabs/puppetlabs-ntp", 8 | "project_page": "https://github.com/puppetlabs/puppetlabs-ntp", 9 | "issues_url": "https://github.com/puppetlabs/puppetlabs-ntp/issues", 10 | "dependencies": [ 11 | { 12 | "name": "puppetlabs/stdlib", 13 | "version_requirement": ">= 4.13.1 < 10.0.0" 14 | } 15 | ], 16 | "operatingsystem_support": [ 17 | { 18 | "operatingsystem": "RedHat", 19 | "operatingsystemrelease": [ 20 | "7" 21 | ] 22 | }, 23 | { 24 | "operatingsystem": "CentOS", 25 | "operatingsystemrelease": [ 26 | "7" 27 | ] 28 | }, 29 | { 30 | "operatingsystem": "OracleLinux", 31 | "operatingsystemrelease": [ 32 | "7" 33 | ] 34 | }, 35 | { 36 | "operatingsystem": "Scientific", 37 | "operatingsystemrelease": [ 38 | "7" 39 | ] 40 | }, 41 | { 42 | "operatingsystem": "SLES", 43 | "operatingsystemrelease": [ 44 | "12", 45 | "15" 46 | ] 47 | }, 48 | { 49 | "operatingsystem": "Debian", 50 | "operatingsystemrelease": [ 51 | "10", 52 | "11", 53 | "12" 54 | ] 55 | }, 56 | { 57 | "operatingsystem": "Ubuntu", 58 | "operatingsystemrelease": [ 59 | "18.04", 60 | "20.04", 61 | "22.04", 62 | "24.04" 63 | ] 64 | }, 65 | { 66 | "operatingsystem": "Solaris", 67 | "operatingsystemrelease": [ 68 | "11" 69 | ] 70 | }, 71 | { 72 | "operatingsystem": "AIX", 73 | "operatingsystemrelease": [ 74 | "7.1" 75 | ] 76 | } 77 | ], 78 | "requirements": [ 79 | { 80 | "name": "puppet", 81 | "version_requirement": ">= 8.0.0 < 9.0.0" 82 | } 83 | ], 84 | "description": "NTP Module for Debian, Ubuntu, CentOS, RHEL, OEL, Fedora, FreeBSD, ArchLinux, Amazon Linux and Gentoo.", 85 | "template-url": "https://github.com/puppetlabs/pdk-templates.git#main", 86 | "template-ref": "heads/main-0-g9d5b193", 87 | "pdk-version": "3.5.0" 88 | } 89 | -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | RSpec.configure do |c| 4 | c.mock_with :rspec 5 | end 6 | 7 | require 'puppetlabs_spec_helper/module_spec_helper' 8 | require 'rspec-puppet-facts' 9 | 10 | require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb')) 11 | 12 | include RspecPuppetFacts 13 | 14 | default_facts = { 15 | puppetversion: Puppet.version, 16 | facterversion: Facter.version, 17 | } 18 | 19 | default_fact_files = [ 20 | File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml')), 21 | File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml')), 22 | ] 23 | 24 | default_fact_files.each do |f| 25 | next unless File.exist?(f) && File.readable?(f) && File.size?(f) 26 | 27 | begin 28 | require 'deep_merge' 29 | default_facts.deep_merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true)) 30 | rescue StandardError => e 31 | RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" 32 | end 33 | end 34 | 35 | # read default_facts and merge them over what is provided by facterdb 36 | default_facts.each do |fact, value| 37 | add_custom_fact fact, value, merge_facts: true 38 | end 39 | 40 | RSpec.configure do |c| 41 | c.default_facts = default_facts 42 | c.before :each do 43 | # set to strictest setting for testing 44 | # by default Puppet runs at warning level 45 | Puppet.settings[:strict] = :warning 46 | Puppet.settings[:strict_variables] = true 47 | end 48 | c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT'] 49 | c.after(:suite) do 50 | RSpec::Puppet::Coverage.report!(0) 51 | end 52 | 53 | # Filter backtrace noise 54 | backtrace_exclusion_patterns = [ 55 | %r{spec_helper}, 56 | %r{gems}, 57 | ] 58 | 59 | if c.respond_to?(:backtrace_exclusion_patterns) 60 | c.backtrace_exclusion_patterns = backtrace_exclusion_patterns 61 | elsif c.respond_to?(:backtrace_clean_patterns) 62 | c.backtrace_clean_patterns = backtrace_exclusion_patterns 63 | end 64 | end 65 | 66 | # Ensures that a module is defined 67 | # @param module_name Name of the module 68 | def ensure_module_defined(module_name) 69 | module_name.split('::').reduce(Object) do |last_module, next_module| 70 | last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module, false) 71 | last_module.const_get(next_module, false) 72 | end 73 | end 74 | 75 | # 'spec_overrides' from sync.yml will appear below this line 76 | -------------------------------------------------------------------------------- /spec/acceptance/ntp_parameters_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'spec_helper_acceptance' 4 | 5 | case os[:family] 6 | when 'freebsd' 7 | packagename = 'net/ntp' 8 | when 'aix' 9 | packagename = 'bos.net.tcp.client' 10 | when 'solaris' 11 | case linux_kernel_parameter('kernel.osrelease').value 12 | when %r{^5.10} 13 | packagename = ['SUNWntp4r', 'SUNWntp4u'] 14 | when %r{^5.11} 15 | packagename = 'service/network/ntp' 16 | end 17 | else 18 | if os[:family] == 'sles' && os[:release].start_with?('12', '15') 19 | 'ntpd' 20 | else 21 | 'ntp' 22 | end 23 | end 24 | 25 | config = if os[:family] == 'solaris' 26 | '/etc/inet/ntp.conf' 27 | elsif os[:family] == 'debian' && os[:release].start_with?('12') 28 | '/etc/ntpsec/ntp.conf' 29 | elsif os[:family] == 'ubuntu' && os[:release].start_with?('24') 30 | '/etc/ntpsec/ntp.conf' 31 | else 32 | '/etc/ntp.conf' 33 | end 34 | 35 | modulepath = run_shell('puppet config print modulepath').stdout.split(':')[0] 36 | describe 'ntp class', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) do 37 | it 'applies successfully' do 38 | pp = "class { 'ntp': }" 39 | 40 | apply_manifest(pp, catch_failures: true) do |r| 41 | expect(r.stderr).not_to match(%r{error}i) 42 | end 43 | end 44 | 45 | describe 'config' do 46 | it 'sets the ntp.conf location' do 47 | pp = "class { 'ntp': config => '/etc/antp.conf' }" 48 | apply_manifest(pp, catch_failures: true) 49 | expect(file('/etc/antp.conf')).to be_file 50 | end 51 | end 52 | 53 | describe 'config_epp' do 54 | before :all do 55 | run_shell("mkdir -p #{modulepath}/test/templates") 56 | # Add spurious template logic to verify the use of the correct template rendering engine 57 | run_shell("echo '<% [1].each |$i| { -%>eppserver<%= $i %><% } -%>' >> #{modulepath}/test/templates/ntp.conf.epp") 58 | end 59 | 60 | it 'sets the ntp.conf epp template location' do 61 | pp = "class { 'ntp': config_epp => 'test/ntp.conf.epp' }" 62 | apply_manifest(pp, catch_failures: true) 63 | expect(file(config.to_s)).to be_file 64 | expect(file(config.to_s).content).to match 'eppserver1' 65 | end 66 | end 67 | 68 | describe 'package' do 69 | pp = <<-MANIFEST 70 | class { 'ntp': 71 | package_ensure => present, 72 | package_name => #{Array(packagename).inspect}, 73 | } 74 | MANIFEST 75 | 76 | it 'installs the right package' do 77 | apply_manifest(pp, catch_failures: true) 78 | Array(packagename).each do |package| 79 | expect(package(package)).to be_installed 80 | end 81 | end 82 | end 83 | end 84 | -------------------------------------------------------------------------------- /spec/acceptance/ntp_user_and_daemon_opts_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'spec_helper_acceptance' 4 | 5 | case os[:family] 6 | when 'redhat', 'freebsd', 'linux' 7 | servicename = 'ntpd' 8 | when 'solaris' 9 | case fact('kernelrelease') 10 | when '5.10' 11 | servicename = 'network/ntp4' 12 | when '5.11' 13 | servicename = 'network/ntp' 14 | end 15 | when 'aix' 16 | servicename = 'xntpd' 17 | else 18 | servicename = if os[:family] == 'sles' && os[:release].start_with?('12', '15') 19 | 'ntpd' 20 | elsif os[:family] == 'debian' && os[:release].start_with?('12') 21 | 'ntpsec' 22 | else 23 | 'ntp' 24 | end 25 | end 26 | config = if os[:family] == 'redhat' 27 | '/etc/sysconfig/ntpd' 28 | elsif os[:family] == 'sles' 29 | '/etc/sysconfig/ntp' 30 | elsif os[:family] == 'debian' && os[:release].start_with?('12') 31 | '/etc/default/ntpsec' 32 | elsif os[:family] == 'ubuntu' && os[:release].start_with?('24') 33 | '/etc/default/ntpsec' 34 | else 35 | '/etc/default/ntp' 36 | end 37 | 38 | if os[:family] == 'debian' && os[:release].to_i >= 12 39 | ntpd_opts_match = %r{(OPTIONS|NTPD_OPTS)='-g '} 40 | chroot_opt = '' 41 | elsif os[:family] == 'ubuntu' && os[:release].to_f >= 24.04 42 | ntpd_opts_match = %r{(OPTIONS|NTPD_OPTS)='-g '} 43 | chroot_opt = '' 44 | else 45 | ntpd_opts_match = %r{(OPTIONS|NTPD_OPTS)='-g -i /var/lib/ntp'} 46 | chroot_opt = '-i /var/lib/ntp' 47 | end 48 | 49 | describe 'ntp class with daemon options:', unless: UNSUPPORTED_PLATFORMS.include?(os[:family]) || (os[:release].start_with?('5') && os[:family] == 'redhat') do 50 | let(:pp) do 51 | "class { 'ntp': service_enable => true, service_ensure => running, service_manage => true, service_name => '#{servicename}', user => 'ntp', daemon_extra_opts => '-g #{chroot_opt}' }" 52 | end 53 | 54 | context 'when run' do 55 | it 'is successful' do # rubocop:disable RSpec/NoExpectationExample 56 | apply_manifest(pp, catch_failures: true) 57 | end 58 | 59 | describe file(config.to_s) do 60 | its(:content) { is_expected.to match(ntpd_opts_match) } 61 | end 62 | 63 | if os[:family] == 'redhat' && !os[:release].start_with?('6') 64 | describe file('/etc/systemd/system/multi-user.target.wants/ntpd.service') do 65 | its(:content) { is_expected.to match(%r{ntpd -u ntp:ntp}) } 66 | end 67 | elsif os[:family] == 'ubuntu' && os[:release].start_with?('18') 68 | describe file('/usr/lib/ntp/ntp-systemd-wrapper') do 69 | its(:content) { is_expected.to match(%r{RUNASUSER=ntp}) } 70 | end 71 | end 72 | end 73 | end 74 | -------------------------------------------------------------------------------- /templates/ntp.conf.epp: -------------------------------------------------------------------------------- 1 | # ntp.conf: Managed by puppet. 2 | # 3 | <% if $ntp::_tinker and ($ntp::_panic or $ntp::stepout) {-%> 4 | # Enable next tinker options: 5 | # panic - keep ntpd from panicking in the event of a large clock skew 6 | # when a VM guest is suspended and resumed; 7 | # stepout - allow ntpd change offset faster 8 | tinker<% if $ntp::_panic { %> panic <%= $ntp::_panic %><% } %><%if $ntp::stepout { %> stepout <%=$ntp::stepout %><% } %> 9 | <% } -%> 10 | <%# -%> 11 | <% if $ntp::disable_monitor {-%> 12 | disable monitor 13 | <% } -%> 14 | 15 | statsdir <%= $ntp::statsdir %> 16 | <% unless $ntp::statistics.empty {-%> 17 | # Build requested statistics files 18 | statistics <%= $ntp::statistics.join(' ') %> 19 | <% $ntp::statistics.each |$statistic| {-%> 20 | filegen <%= $statistic %> file <%= $statistic %> type day enable 21 | <% } -%> 22 | 23 | <% } -%> 24 | <% if $ntp::disable_auth {-%> 25 | disable auth 26 | <% } -%> 27 | <% if $ntp::disable_kernel {-%> 28 | disable kernel 29 | <% } -%> 30 | <% if $ntp::enable_mode7 {-%> 31 | enable mode7 32 | <% } -%> 33 | <%# -%> 34 | <% unless $ntp::restrict.empty {-%> 35 | 36 | # Permit time synchronization with our time source, but do not 37 | # permit the source to query or modify the service on this system. 38 | <% $ntp::restrict.each |$restrict| {-%> 39 | restrict <%= $restrict %> 40 | <% } -%> 41 | <% } -%> 42 | <%# -%> 43 | <% unless $ntp::interfaces.empty {-%> 44 | <% if $ntp::interfaces_ignore.empty {-%> 45 | 46 | # Ignore wildcard interface and only listen on the following specified 47 | # interfaces 48 | interface ignore wildcard 49 | <% } else {-%> 50 | <% $ntp::interfaces_ignore.each |$interface| {-%> 51 | interface ignore <%= $interface %> 52 | <% } -%> 53 | <% } -%> 54 | <% $ntp::interfaces.each |$interface| {-%> 55 | interface listen <%= $interface %> 56 | <% } -%> 57 | <% } -%> 58 | <%# -%> 59 | <% if $ntp::broadcastclient {-%> 60 | broadcastclient 61 | <% } -%> 62 | 63 | # Set up servers for ntpd with next options: 64 | # server - IP address or DNS name of upstream NTP server 65 | # burst - send a burst of eight packets instead of the usual one. 66 | # iburst - allow send sync packages faster if upstream unavailable 67 | # prefer - select preferrable server 68 | # minpoll - set minimal update frequency 69 | # maxpoll - set maximal update frequency 70 | # noselect - do not sync with this server 71 | <% $ntp::servers.each |$server| {-%> 72 | server <%= $server %><% if $ntp::iburst_enable == true {%> iburst<% } %><% if ($ntp::preferred_servers).member($server) { %> prefer<% } %><% if $ntp::burst == true {%> burst<% } %><% if $ntp::minpoll { %> minpoll <%= $ntp::minpoll %><% } %><% if $ntp::maxpoll { %> maxpoll <%= $ntp::maxpoll %><% } %><% if ($ntp::noselect_servers).member($server) { %> noselect<% } %> 73 | <% } -%> 74 | <%# -%> 75 | <% if $ntp::udlc {-%> 76 | 77 | # Undisciplined Local Clock. This is a fake driver intended for backup 78 | # and when no outside source of synchronized time is available. 79 | server 127.127.1.0 80 | fudge 127.127.1.0 stratum <%= $ntp::udlc_stratum %> 81 | restrict 127.127.1.0 82 | <% } -%> 83 | 84 | # Driftfile. 85 | driftfile <%= $ntp::driftfile %> 86 | <%# -%> 87 | <% if $ntp::logfile {-%> 88 | 89 | # Logfile 90 | logfile <%= $ntp::logfile %> 91 | <% } -%> 92 | <%# -%> 93 | <% if $ntp::logconfig {-%> 94 | 95 | # Logconfig 96 | logconfig <%= $ntp::logconfig %> 97 | <% } -%> 98 | <%# -%> 99 | <% if $ntp::ntpsigndsocket {-%> 100 | 101 | # Enable signed packets 102 | ntpsigndsocket <%= $ntp::ntpsigndsocket %> 103 | <% } -%> 104 | <%# -%> 105 | <% unless $ntp::peers.empty {-%> 106 | 107 | # Peers 108 | <% $ntp::peers.each |$peer| {-%> 109 | peer <%= $peer %> 110 | <% } -%> 111 | <% if $ntp::tos_orphan {-%> 112 | # Enable peer group orphan mode 113 | tos orphan <%= $ntp::tos_orphan %> 114 | <% } -%> 115 | <% } -%> 116 | <% unless $ntp::pool.empty {-%> 117 | 118 | # Pool 119 | <% $ntp::pool.each |$pool_srv| {-%> 120 | pool <%= $pool_srv %> 121 | <% } -%> 122 | <% } -%> 123 | <%# -%> 124 | <% if $ntp::keys_enable {-%> 125 | keys <%= $ntp::keys_file %> 126 | <% unless $ntp::keys_trusted.empty {-%> 127 | trustedkey <%= $ntp::keys_trusted.join(' ') %> 128 | <% } -%> 129 | <% if $ntp::keys_requestkey != '' {-%> 130 | requestkey <%= $ntp::keys_requestkey %> 131 | <% } -%> 132 | <% if $ntp::keys_controlkey != '' {-%> 133 | controlkey <%= $ntp::keys_controlkey %> 134 | <% } -%> 135 | <% } -%> 136 | <% $ntp::fudge.each |$entry| {-%> 137 | fudge <%= $entry %> 138 | <% } -%> 139 | <%# -%> 140 | <% if $ntp::leapfile {-%> 141 | 142 | # Leapfile 143 | leapfile <%= $ntp::leapfile %> 144 | <% } -%> 145 | <%# -%> 146 | <% if $ntp::tos {-%> 147 | tos <% if $ntp::tos_minclock {-%> minclock <%= $ntp::tos_minclock %><% } %> <% if $ntp::tos_maxclock {-%> maxclock <%= $ntp::tos_maxclock %><% } %> <% if $ntp::tos_minsane {-%> minsane <%= $ntp::tos_minsane %><% } %> <% if $ntp::tos_floor {-%> floor <%= $ntp::tos_floor %><% } %> <% if $ntp::tos_ceiling {-%> ceiling <%= $ntp::tos_ceiling %><% } %> <% if $ntp::tos_cohort {-%> cohort <%= $ntp::tos_cohort %><% } %> 148 | <% } -%> 149 | <%# -%> 150 | <% if $ntp::authprov {-%> 151 | authprov <%= $ntp::authprov %> 152 | <% } -%> 153 | <%# -%> 154 | <% if $ntp::slewalways {-%> 155 | 156 | slewalways <%= $ntp::slewalways -%> 157 | <% } -%> 158 | -------------------------------------------------------------------------------- /manifests/config.pp: -------------------------------------------------------------------------------- 1 | # @summary 2 | # This class handles the configuration file. 3 | # 4 | # @api private 5 | # 6 | class ntp::config { 7 | #The servers-netconfig file overrides NTP config on SLES 12, interfering with our configuration. 8 | if ($facts['os']['name'] == 'SLES' and $facts['os']['release']['major'] == '12') or 9 | ($facts['os']['name'] == 'OpenSuSE' and $facts['os']['release']['major'] == '42') { 10 | file { '/var/run/ntp/servers-netconfig': 11 | ensure => 'absent', 12 | } 13 | } 14 | 15 | case $facts['os']['family'] { 16 | 'redhat': { 17 | $daemon_config = '/etc/sysconfig/ntpd' 18 | if $ntp::daemon_extra_opts { 19 | file_line { 'Set NTPD daemon options': 20 | ensure => present, 21 | path => $daemon_config, 22 | line => "OPTIONS='${ntp::daemon_extra_opts}'", 23 | match => '^OPTIONS\=', 24 | } 25 | } 26 | if $ntp::user and $facts['os']['release']['major'] != '6' { 27 | file_line { 'Set NTPD daemon user': 28 | ensure => present, 29 | path => '/etc/systemd/system/multi-user.target.wants/ntpd.service', 30 | line => "ExecStart=/usr/sbin/ntpd -u ${ntp::user}:${ntp::user} \$OPTIONS", 31 | match => '^ExecStart\=', 32 | } 33 | } 34 | } 35 | 'Debian': { 36 | if $facts['os']['name'] == 'Ubuntu' { 37 | if (versioncmp($facts['os']['release']['major'], '18.04') >= 0 and 38 | versioncmp($facts['os']['release']['major'], '24.04') < 0 and 39 | $ntp::user) { 40 | file_line { 'Set NTPD daemon user': 41 | ensure => present, 42 | path => '/usr/lib/ntp/ntp-systemd-wrapper', 43 | line => "RUNASUSER=${ntp::user}", 44 | match => '^RUNASUSER\=', 45 | } 46 | } 47 | } 48 | if 'ntpsec' in $ntp::package_name { 49 | $daemon_config = '/etc/default/ntpsec' 50 | } else { 51 | $daemon_config = '/etc/default/ntp' 52 | } 53 | if $ntp::daemon_extra_opts { 54 | file_line { 'Set NTPD daemon options': 55 | ensure => present, 56 | path => $daemon_config, 57 | line => "NTPD_OPTS='${ntp::daemon_extra_opts}'", 58 | match => '^NTPD_OPTS\=', 59 | } 60 | } 61 | } 62 | 'Suse': { 63 | $daemon_config = '/etc/sysconfig/ntp' 64 | if $ntp::daemon_extra_opts { 65 | file_line { 'Set NTPD daemon options': 66 | ensure => present, 67 | path => $daemon_config, 68 | line => "OPTIONS='${ntp::daemon_extra_opts}'", 69 | match => '^OPTIONS\=', 70 | } 71 | } 72 | } 73 | default: { 74 | # Empty 75 | } 76 | } 77 | 78 | if $ntp::keys_enable { 79 | case $ntp::config_dir { 80 | '/', '/etc', undef: {} 81 | default: { 82 | file { $ntp::config_dir: 83 | ensure => directory, 84 | owner => 0, 85 | group => 0, 86 | mode => '0775', 87 | recurse => false, 88 | } 89 | } 90 | } 91 | 92 | file { $ntp::keys_file: 93 | ensure => file, 94 | owner => 0, 95 | group => 0, 96 | mode => '0600', 97 | content => epp('ntp/keys.epp'), 98 | } 99 | } 100 | 101 | if $ntp::config_epp { 102 | $config_content = epp($ntp::config_epp) 103 | } else { 104 | $config_content = epp('ntp/ntp.conf.epp') 105 | } 106 | 107 | file { $ntp::config: 108 | ensure => file, 109 | owner => 0, 110 | group => 0, 111 | mode => $ntp::config_file_mode, 112 | content => $config_content, 113 | } 114 | 115 | #If both epp and erb are defined, throw validation error. 116 | #Otherwise use the defined erb/epp template, or use default 117 | 118 | if $ntp::step_tickers_file { 119 | if $ntp::step_tickers_template and $ntp::step_tickers_epp { 120 | fail('Cannot supply both step_tickers_file and step_tickers_epp templates for step ticker file') 121 | } elsif $ntp::step_tickers_template { 122 | $step_ticker_content = template($ntp::step_tickers_template) 123 | } elsif $ntp::step_tickers_epp { 124 | $step_ticker_content = epp($ntp::step_tickers_epp) 125 | } else { 126 | $step_ticker_content = epp('ntp/step-tickers.epp') 127 | } 128 | 129 | file { $ntp::step_tickers_file: 130 | ensure => file, 131 | owner => 0, 132 | group => 0, 133 | mode => $ntp::config_file_mode, 134 | content => $step_ticker_content, 135 | } 136 | } 137 | 138 | if $ntp::logfile { 139 | file { $ntp::logfile: 140 | ensure => file, 141 | owner => $ntp::logfile_user, 142 | group => $ntp::logfile_group, 143 | mode => $ntp::logfile_mode, 144 | } 145 | } 146 | 147 | if $ntp::disable_dhclient { 148 | augeas { 'disable ntp-servers in dhclient.conf': 149 | context => '/files/etc/dhcp/dhclient.conf', 150 | changes => 'rm request/*[.="ntp-servers"]', 151 | } 152 | 153 | file { '/var/lib/ntp/ntp.conf.dhcp': 154 | ensure => absent, 155 | } 156 | 157 | #remove dhclient ntp script which modifies ntp.conf on RHEL and Amazon Linux 158 | file { '/etc/dhcp/dhclient.d/ntp.sh': 159 | ensure => absent, 160 | } 161 | } 162 | } 163 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ntp 2 | 3 | #### Table of Contents 4 | 5 | 6 | 1. [Module Description - What the module does and why it is useful](#module-description) 7 | 1. [Setup - The basics of getting started with ntp](#setup) 8 | 1. [Usage - Configuration options and additional functionality](#usage) 9 | 1. [Reference - An under-the-hood peek at what the module is doing and how](#reference) 10 | 1. [Limitations - OS compatibility, etc.](#limitations) 11 | 1. [License](#license) 12 | 1. [Development - Guide for contributing to the module](#development) 13 | 14 | 15 | ## Module description 16 | 17 | The ntp module installs, configures, and manages the NTP service across a range of operating systems and distributions. 18 | 19 | 20 | ## Setup 21 | 22 | ### Beginning with ntp 23 | 24 | `include ntp` is enough to get you up and running. To pass in parameters specifying which servers to use: 25 | 26 | ```puppet 27 | class { 'ntp': 28 | servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], 29 | } 30 | ``` 31 | 32 | 33 | ## Usage 34 | 35 | All parameters for the ntp module are contained within the main `ntp` class, so for any function of the module, set the options you want. See the common usages below for examples. 36 | 37 | ### Install and enable NTP 38 | 39 | ```puppet 40 | include ntp 41 | ``` 42 | 43 | ### Change NTP servers 44 | 45 | ```puppet 46 | class { 'ntp': 47 | servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], 48 | } 49 | ``` 50 | 51 | ### Restrict who can connect 52 | 53 | ```puppet 54 | class { 'ntp': 55 | servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], 56 | restrict => ['127.0.0.1'], 57 | } 58 | ``` 59 | 60 | ### Install a client that can't be queried 61 | 62 | ```puppet 63 | class { 'ntp': 64 | servers => ['ntp1.corp.com', 'ntp2.corp.com'], 65 | restrict => [ 66 | 'default ignore', 67 | '-6 default ignore', 68 | '127.0.0.1', 69 | '-6 ::1', 70 | 'ntp1.corp.com nomodify notrap nopeer noquery', 71 | 'ntp2.corp.com nomodify notrap nopeer noquery' 72 | ], 73 | } 74 | ``` 75 | 76 | ### Listen on specific interfaces 77 | 78 | Restricting NTP to a specific interface is especially useful on Openstack node, which may have numerous virtual interfaces. 79 | 80 | ```puppet 81 | class { 'ntp': 82 | servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], 83 | interfaces => ['127.0.0.1', '1.2.3.4'] 84 | } 85 | ``` 86 | 87 | ### Opt out of Puppet controlling the service 88 | 89 | ```puppet 90 | class { 'ntp': 91 | servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], 92 | restrict => ['127.0.0.1'], 93 | service_manage => false, 94 | } 95 | ``` 96 | 97 | ### Configure and run ntp without installing 98 | 99 | ```puppet 100 | class { 'ntp': 101 | package_manage => false, 102 | } 103 | ``` 104 | 105 | ### Pass in a custom template 106 | 107 | ```puppet 108 | class { 'ntp': 109 | servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], 110 | restrict => ['127.0.0.1'], 111 | service_manage => false, 112 | config_epp => 'different/module/custom.template.epp', 113 | } 114 | ``` 115 | 116 | ### Connect to an NTP server with the burst option enabled 117 | 118 | ```puppet 119 | class { 'ntp': 120 | servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], 121 | burst => true, 122 | } 123 | ``` 124 | 125 | 126 | ## Reference 127 | 128 | See [REFERENCE.md](https://github.com/puppetlabs/puppetlabs-ntp/blob/main/REFERENCE.md) 129 | 130 | 131 | ## Limitations 132 | 133 | This module has been tested on [all PE-supported platforms](https://forge.puppetlabs.com/supported#compat-matrix). Additionally, it is tested (but not supported) on Solaris 10 and Fedora 20-22. 134 | 135 | For an extensive list of supported operating systems, see [metadata.json](https://github.com/puppetlabs/puppetlabs-ntp/blob/main/metadata.json) 136 | 137 | 138 | ## License 139 | 140 | This codebase is licensed under the Apache2.0 licensing, however due to the nature of the codebase the open source dependencies may also use a combination of [AGPL](https://opensource.org/license/agpl-v3/), [BSD-2](https://opensource.org/license/bsd-2-clause/), [BSD-3](https://opensource.org/license/bsd-3-clause/), [GPL2.0](https://opensource.org/license/gpl-2-0/), [LGPL](https://opensource.org/license/lgpl-3-0/), [MIT](https://opensource.org/license/mit/) and [MPL](https://opensource.org/license/mpl-2-0/) Licensing. 141 | 142 | 143 | ## Development 144 | 145 | We are experimenting with a new tool for running acceptance tests. It's name is [puppet_litmus](https://github.com/puppetlabs/puppet_litmus) this replaces beaker as the test runner. To run the acceptance tests follow the instructions [here](https://github.com/puppetlabs/puppet_litmus/wiki/Tutorial:-use-Litmus-to-execute-acceptance-tests-with-a-sample-module-(MoTD)#install-the-necessary-gems-for-the-module). 146 | 147 | Puppet modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. Please follow our guidelines when contributing changes. 148 | 149 | For more information, see our [module contribution guide.](https://puppet.com/docs/puppet/latest/contributing.html) 150 | 151 | ### Contributors 152 | 153 | To see who's already involved, see the [list of contributors.](https://github.com/puppetlabs/puppetlabs-ntp/graphs/contributors) 154 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | # For puppetcore, set GEM_SOURCE_PUPPETCORE = 'https://rubygems-puppetcore.puppet.com' 4 | gemsource_default = ENV['GEM_SOURCE'] || 'https://rubygems.org' 5 | gemsource_puppetcore = if ENV['PUPPET_FORGE_TOKEN'] 6 | 'https://rubygems-puppetcore.puppet.com' 7 | else 8 | ENV['GEM_SOURCE_PUPPETCORE'] || gemsource_default 9 | end 10 | source gemsource_default 11 | 12 | def location_for(place_or_constraint, fake_constraint = nil, opts = {}) 13 | git_url_regex = /\A(?(?:https?|git)[:@][^#]*)(?:#(?.*))?/ 14 | file_url_regex = %r{\Afile://(?.*)} 15 | 16 | if place_or_constraint && (git_url = place_or_constraint.match(git_url_regex)) 17 | # Git source → ignore :source, keep fake_constraint 18 | [fake_constraint, { git: git_url[:url], branch: git_url[:branch], require: false }].compact 19 | 20 | elsif place_or_constraint && (file_url = place_or_constraint.match(file_url_regex)) 21 | # File source → ignore :source, keep fake_constraint or default >= 0 22 | [fake_constraint || '>= 0', { path: File.expand_path(file_url[:path]), require: false }] 23 | 24 | else 25 | # Plain version constraint → merge opts (including :source if provided) 26 | [place_or_constraint, { require: false }.merge(opts)] 27 | end 28 | end 29 | 30 | # Print debug information if DEBUG_GEMS or VERBOSE is set 31 | def print_gem_statement_for(gems) 32 | puts 'DEBUG: Gem definitions that will be generated:' 33 | gems.each do |gem_name, gem_params| 34 | puts "DEBUG: gem #{([gem_name.inspect] + gem_params.map(&:inspect)).join(', ')}" 35 | end 36 | end 37 | 38 | group :development do 39 | gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) 40 | gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) 41 | gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) 42 | gem "deep_merge", '~> 1.2.2', require: false 43 | gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false 44 | gem "facterdb", '~> 2.1', require: false if Gem::Requirement.create(['< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) 45 | gem "facterdb", '~> 3.0', require: false if Gem::Requirement.create(['>= 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) 46 | gem "metadata-json-lint", '~> 4.0', require: false 47 | gem "json-schema", '< 5.1.1', require: false 48 | gem "rspec-puppet-facts", '~> 4.0', require: false if Gem::Requirement.create(['< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) 49 | gem "rspec-puppet-facts", '~> 5.0', require: false if Gem::Requirement.create(['>= 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) 50 | gem "dependency_checker", '~> 1.0.0', require: false 51 | gem "parallel_tests", '= 3.12.1', require: false 52 | gem "pry", '~> 0.10', require: false 53 | gem "simplecov-console", '~> 0.9', require: false 54 | gem "puppet-debugger", '~> 1.6', require: false 55 | gem "rubocop", '~> 1.50.0', require: false 56 | gem "rubocop-performance", '= 1.16.0', require: false 57 | gem "rubocop-rspec", '= 2.19.0', require: false 58 | gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] 59 | gem "bigdecimal", '< 3.2.2', require: false, platforms: [:mswin, :mingw, :x64_mingw] 60 | gem "github_changelog_generator", '= 1.15.2', require: false 61 | end 62 | group :development, :release_prep do 63 | gem "puppet-strings", '~> 4.0', require: false 64 | gem "puppetlabs_spec_helper", '~> 8.0', require: false 65 | gem "puppet-blacksmith", '~> 7.0', require: false 66 | end 67 | group :system_tests do 68 | gem "puppet_litmus", '~> 2.0', require: false, platforms: [:ruby, :x64_mingw] if !ENV['PUPPET_FORGE_TOKEN'].to_s.empty? 69 | gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] if ENV['PUPPET_FORGE_TOKEN'].to_s.empty? 70 | gem "CFPropertyList", '< 3.0.7', require: false, platforms: [:mswin, :mingw, :x64_mingw] 71 | gem "serverspec", '~> 2.41', require: false 72 | end 73 | 74 | gems = {} 75 | puppet_version = ENV.fetch('PUPPET_GEM_VERSION', nil) 76 | facter_version = ENV.fetch('FACTER_GEM_VERSION', nil) 77 | hiera_version = ENV.fetch('HIERA_GEM_VERSION', nil) 78 | 79 | gems['puppet'] = location_for(puppet_version, nil, { source: gemsource_puppetcore }) 80 | gems['facter'] = location_for(facter_version, nil, { source: gemsource_puppetcore }) 81 | gems['hiera'] = location_for(hiera_version, nil, {}) if hiera_version 82 | 83 | # Generate the gem definitions 84 | print_gem_statement_for(gems) if ENV['DEBUG'] 85 | gems.each do |gem_name, gem_params| 86 | gem gem_name, *gem_params 87 | end 88 | 89 | # Evaluate Gemfile.local and ~/.gemfile if they exist 90 | extra_gemfiles = [ 91 | "#{__FILE__}.local", 92 | File.join(Dir.home, '.gemfile') 93 | ] 94 | 95 | extra_gemfiles.each do |gemfile| 96 | next unless File.file?(gemfile) && File.readable?(gemfile) 97 | 98 | # rubocop:disable Security/Eval 99 | eval(File.read(gemfile), binding) 100 | # rubocop:enable Security/Eval 101 | end 102 | # vim: syntax=ruby 103 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | 2 | Apache License 3 | Version 2.0, January 2004 4 | http://www.apache.org/licenses/ 5 | 6 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 7 | 8 | 1. Definitions. 9 | 10 | "License" shall mean the terms and conditions for use, reproduction, 11 | and distribution as defined by Sections 1 through 9 of this document. 12 | 13 | "Licensor" shall mean the copyright owner or entity authorized by 14 | the copyright owner that is granting the License. 15 | 16 | "Legal Entity" shall mean the union of the acting entity and all 17 | other entities that control, are controlled by, or are under common 18 | control with that entity. For the purposes of this definition, 19 | "control" means (i) the power, direct or indirect, to cause the 20 | direction or management of such entity, whether by contract or 21 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 22 | outstanding shares, or (iii) beneficial ownership of such entity. 23 | 24 | "You" (or "Your") shall mean an individual or Legal Entity 25 | exercising permissions granted by this License. 26 | 27 | "Source" form shall mean the preferred form for making modifications, 28 | including but not limited to software source code, documentation 29 | source, and configuration files. 30 | 31 | "Object" form shall mean any form resulting from mechanical 32 | transformation or translation of a Source form, including but 33 | not limited to compiled object code, generated documentation, 34 | and conversions to other media types. 35 | 36 | "Work" shall mean the work of authorship, whether in Source or 37 | Object form, made available under the License, as indicated by a 38 | copyright notice that is included in or attached to the work 39 | (an example is provided in the Appendix below). 40 | 41 | "Derivative Works" shall mean any work, whether in Source or Object 42 | form, that is based on (or derived from) the Work and for which the 43 | editorial revisions, annotations, elaborations, or other modifications 44 | represent, as a whole, an original work of authorship. For the purposes 45 | of this License, Derivative Works shall not include works that remain 46 | separable from, or merely link (or bind by name) to the interfaces of, 47 | the Work and Derivative Works thereof. 48 | 49 | "Contribution" shall mean any work of authorship, including 50 | the original version of the Work and any modifications or additions 51 | to that Work or Derivative Works thereof, that is intentionally 52 | submitted to Licensor for inclusion in the Work by the copyright owner 53 | or by an individual or Legal Entity authorized to submit on behalf of 54 | the copyright owner. For the purposes of this definition, "submitted" 55 | means any form of electronic, verbal, or written communication sent 56 | to the Licensor or its representatives, including but not limited to 57 | communication on electronic mailing lists, source code control systems, 58 | and issue tracking systems that are managed by, or on behalf of, the 59 | Licensor for the purpose of discussing and improving the Work, but 60 | excluding communication that is conspicuously marked or otherwise 61 | designated in writing by the copyright owner as "Not a Contribution." 62 | 63 | "Contributor" shall mean Licensor and any individual or Legal Entity 64 | on behalf of whom a Contribution has been received by Licensor and 65 | subsequently incorporated within the Work. 66 | 67 | 2. Grant of Copyright License. Subject to the terms and conditions of 68 | this License, each Contributor hereby grants to You a perpetual, 69 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 70 | copyright license to reproduce, prepare Derivative Works of, 71 | publicly display, publicly perform, sublicense, and distribute the 72 | Work and such Derivative Works in Source or Object form. 73 | 74 | 3. Grant of Patent License. Subject to the terms and conditions of 75 | this License, each Contributor hereby grants to You a perpetual, 76 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 77 | (except as stated in this section) patent license to make, have made, 78 | use, offer to sell, sell, import, and otherwise transfer the Work, 79 | where such license applies only to those patent claims licensable 80 | by such Contributor that are necessarily infringed by their 81 | Contribution(s) alone or by combination of their Contribution(s) 82 | with the Work to which such Contribution(s) was submitted. If You 83 | institute patent litigation against any entity (including a 84 | cross-claim or counterclaim in a lawsuit) alleging that the Work 85 | or a Contribution incorporated within the Work constitutes direct 86 | or contributory patent infringement, then any patent licenses 87 | granted to You under this License for that Work shall terminate 88 | as of the date such litigation is filed. 89 | 90 | 4. Redistribution. You may reproduce and distribute copies of the 91 | Work or Derivative Works thereof in any medium, with or without 92 | modifications, and in Source or Object form, provided that You 93 | meet the following conditions: 94 | 95 | (a) You must give any other recipients of the Work or 96 | Derivative Works a copy of this License; and 97 | 98 | (b) You must cause any modified files to carry prominent notices 99 | stating that You changed the files; and 100 | 101 | (c) You must retain, in the Source form of any Derivative Works 102 | that You distribute, all copyright, patent, trademark, and 103 | attribution notices from the Source form of the Work, 104 | excluding those notices that do not pertain to any part of 105 | the Derivative Works; and 106 | 107 | (d) If the Work includes a "NOTICE" text file as part of its 108 | distribution, then any Derivative Works that You distribute must 109 | include a readable copy of the attribution notices contained 110 | within such NOTICE file, excluding those notices that do not 111 | pertain to any part of the Derivative Works, in at least one 112 | of the following places: within a NOTICE text file distributed 113 | as part of the Derivative Works; within the Source form or 114 | documentation, if provided along with the Derivative Works; or, 115 | within a display generated by the Derivative Works, if and 116 | wherever such third-party notices normally appear. The contents 117 | of the NOTICE file are for informational purposes only and 118 | do not modify the License. You may add Your own attribution 119 | notices within Derivative Works that You distribute, alongside 120 | or as an addendum to the NOTICE text from the Work, provided 121 | that such additional attribution notices cannot be construed 122 | as modifying the License. 123 | 124 | You may add Your own copyright statement to Your modifications and 125 | may provide additional or different license terms and conditions 126 | for use, reproduction, or distribution of Your modifications, or 127 | for any such Derivative Works as a whole, provided Your use, 128 | reproduction, and distribution of the Work otherwise complies with 129 | the conditions stated in this License. 130 | 131 | 5. Submission of Contributions. Unless You explicitly state otherwise, 132 | any Contribution intentionally submitted for inclusion in the Work 133 | by You to the Licensor shall be under the terms and conditions of 134 | this License, without any additional terms or conditions. 135 | Notwithstanding the above, nothing herein shall supersede or modify 136 | the terms of any separate license agreement you may have executed 137 | with Licensor regarding such Contributions. 138 | 139 | 6. Trademarks. This License does not grant permission to use the trade 140 | names, trademarks, service marks, or product names of the Licensor, 141 | except as required for reasonable and customary use in describing the 142 | origin of the Work and reproducing the content of the NOTICE file. 143 | 144 | 7. Disclaimer of Warranty. Unless required by applicable law or 145 | agreed to in writing, Licensor provides the Work (and each 146 | Contributor provides its Contributions) on an "AS IS" BASIS, 147 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 148 | implied, including, without limitation, any warranties or conditions 149 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 150 | PARTICULAR PURPOSE. You are solely responsible for determining the 151 | appropriateness of using or redistributing the Work and assume any 152 | risks associated with Your exercise of permissions under this License. 153 | 154 | 8. Limitation of Liability. In no event and under no legal theory, 155 | whether in tort (including negligence), contract, or otherwise, 156 | unless required by applicable law (such as deliberate and grossly 157 | negligent acts) or agreed to in writing, shall any Contributor be 158 | liable to You for damages, including any direct, indirect, special, 159 | incidental, or consequential damages of any character arising as a 160 | result of this License or out of the use or inability to use the 161 | Work (including but not limited to damages for loss of goodwill, 162 | work stoppage, computer failure or malfunction, or any and all 163 | other commercial damages or losses), even if such Contributor 164 | has been advised of the possibility of such damages. 165 | 166 | 9. Accepting Warranty or Additional Liability. While redistributing 167 | the Work or Derivative Works thereof, You may choose to offer, 168 | and charge a fee for, acceptance of support, warranty, indemnity, 169 | or other liability obligations and/or rights consistent with this 170 | License. However, in accepting such obligations, You may act only 171 | on Your own behalf and on Your sole responsibility, not on behalf 172 | of any other Contributor, and only if You agree to indemnify, 173 | defend, and hold each Contributor harmless for any liability 174 | incurred by, or claims asserted against, such Contributor by reason 175 | of your accepting any such warranty or additional liability. 176 | 177 | END OF TERMS AND CONDITIONS 178 | 179 | APPENDIX: How to apply the Apache License to your work. 180 | 181 | To apply the Apache License to your work, attach the following 182 | boilerplate notice, with the fields enclosed by brackets "[]" 183 | replaced with your own identifying information. (Don't include 184 | the brackets!) The text should be enclosed in the appropriate 185 | comment syntax for the file format. We also recommend that a 186 | file or class name and description of purpose be included on the 187 | same "printed page" as the copyright notice for easier 188 | identification within third-party archives. 189 | 190 | Copyright [yyyy] [name of copyright owner] 191 | 192 | Licensed under the Apache License, Version 2.0 (the "License"); 193 | you may not use this file except in compliance with the License. 194 | You may obtain a copy of the License at 195 | 196 | http://www.apache.org/licenses/LICENSE-2.0 197 | 198 | Unless required by applicable law or agreed to in writing, software 199 | distributed under the License is distributed on an "AS IS" BASIS, 200 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 201 | See the License for the specific language governing permissions and 202 | limitations under the License. 203 | -------------------------------------------------------------------------------- /readmes/README_ja_JP.md: -------------------------------------------------------------------------------- 1 | # ntp 2 | 3 | #### 目次 4 | 5 | 6 | 1. [モジュールの概要 - ntpモジュールについて](#モジュールの概要) 7 | 1. [セットアップ - ntpを開始するにあたっての基本設定](#セットアップ) 8 | 1. [利用例 - 設定オプションと追加機能](#利用例) 9 | 1. [参照 - モジュールのクラスやパラメータの説明](#参照) 10 | 1. [制限事項 - OSの互換性など](#制限事項) 11 | 1. [開発 - モジュールへの貢献方法](#開発) 12 | 13 | 14 | ## モジュールの概要 15 | 16 | このモジュールは様々なOSや環境において、NTPサービスをインストール、設定、管理するものです。 17 | 18 | ## セットアップ 19 | 20 | ### ntpモジュールの利用方法 21 | 22 | `include ntp`と記述するだけで利用可能です。参照するNTPサーバは、以下のようにパラメータで指定します。 23 | 24 | ```puppet 25 | class { 'ntp': 26 | servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], 27 | } 28 | ``` 29 | 30 | ## 利用例 31 | 32 | ntpモジュールのすべてのパラメータは、メインクラスである`ntp`クラスに含まれているため、ntpモジュールで利用可能な全てのオプションを自由に設定できます。以下にユースケースを示します。 33 | 34 | ### NTPをインストールして有効にする 35 | 36 | ```puppet 37 | include ntp 38 | ``` 39 | 40 | ### NTPサーバを変更する 41 | 42 | ```puppet 43 | class { 'ntp': 44 | servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], 45 | } 46 | ``` 47 | 48 | ### 接続可能ユーザ数を制限する 49 | 50 | ```puppet 51 | class { 'ntp': 52 | servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], 53 | restrict => ['127.0.0.1'], 54 | } 55 | ``` 56 | 57 | ### 参照不可のNTPクライアントをインストールする 58 | 59 | ```puppet 60 | class { 'ntp': 61 | servers => ['ntp1.corp.com', 'ntp2.corp.com'], 62 | restrict => [ 63 | 'default ignore', 64 | '-6 default ignore', 65 | '127.0.0.1', 66 | '-6 ::1', 67 | 'ntp1.corp.com nomodify notrap nopeer noquery', 68 | 'ntp2.corp.com nomodify notrap nopeer noquery' 69 | ], 70 | } 71 | ``` 72 | 73 | ### 特定のインターフェイスでのみLISTENする 74 | 75 | Openstackノードには多数の仮想インターフェイスが存在する場合があるため、NTPサーバでLISTENするインターフェイスを特定のインターフェイスに制限するのは有効な手段です。 76 | 77 | ```puppet 78 | class { 'ntp': 79 | servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], 80 | interfaces => ['127.0.0.1', '1.2.3.4'] 81 | } 82 | ``` 83 | 84 | ### Puppetによるサービスの制御を中止する 85 | 86 | ```puppet 87 | class { 'ntp': 88 | servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], 89 | restrict => ['127.0.0.1'], 90 | service_manage => false, 91 | } 92 | ``` 93 | 94 | ### ntpパッケージはインストールせず、設定とサービス起動のみ実行する 95 | 96 | ```puppet 97 | class { 'ntp': 98 | package_manage => false, 99 | } 100 | ``` 101 | 102 | ### カスタムテンプレートにパラメータを渡す 103 | 104 | ```puppet 105 | class { 'ntp': 106 | servers => [ 'ntp1.corp.com', 'ntp2.corp.com' ], 107 | restrict => ['127.0.0.1'], 108 | service_manage => false, 109 | config_epp => 'different/module/custom.template.epp', 110 | } 111 | ``` 112 | 113 | ## 参照 114 | 115 | ### クラス 116 | 117 | #### パブリッククラス 118 | 119 | * ntp: その他すべてのクラスを含むメインクラス。 120 | 121 | #### プライベートクラス 122 | 123 | * ntp::install: パッケージのインストール 124 | * ntp::config: 設定ファイルのセットアップ 125 | * ntp::service: サービスの制御 126 | 127 | ### パラメータ 128 | 129 | `ntp`クラスでは、以下のパラメータを使用できます。 130 | 131 | #### `authprov` 132 | 133 | 任意 134 | 135 | データタイプ: 文字列 136 | 137 | NTPdの一部のバージョン(Novell DSfWなど)で、W32Timeとの互換性を確保できます。 138 | デフォルト値: `undef` 139 | 140 | #### `broadcastclient` 141 | 142 | データタイプ: 真偽値(boolean) 143 | 144 | あらゆるローカルインターフェイスでブロードキャストサーバのメッセージを受信できるようになります。 145 | 146 | デフォルト値: `false` 147 | 148 | #### `config` 149 | 150 | データタイプ: Stdlib::Absolutepath. 151 | 152 | NTPの構成情報を含むファイルを指定します。 153 | 154 | デフォルト値: '/etc/ntp.conf' (Solaris: '/etc/inet/ntp.conf') 155 | 156 | #### `config_dir` 157 | 158 | 任意 159 | 160 | データタイプ: Stdlib::Absolutepath. 161 | 162 | NTP構成ファイルのディレクトリを指定します。 163 | 164 | デフォルト値: `undef` 165 | 166 | #### `config_epp` 167 | 168 | 任意 169 | 170 | データタイプ: 文字列 171 | 172 | 構成ファイルのEPPテンプレートへの絶対パスまたは相対パスを指定します(値の例: 'ntp/ntp.conf.epp')。このパラメータと`config_template`パラメータの**両方**を指定すると、バリデーションエラーが発生します。 173 | 174 | #### `config_file_mode` 175 | 176 | データタイプ: 文字列 177 | 178 | 設定ファイルのファイルモードを指定します。 179 | 180 | デフォルト値: '0664' 181 | 182 | #### `disable_auth` 183 | 184 | データタイプ: 真偽値(boolean) 185 | 186 | ブロードキャストクライアントモード、マルチキャストクライアントモード、対象モード/ピアモードの暗号化認証を無効にします。 187 | 188 | #### `disable_dhclient` 189 | 190 | データタイプ: 真偽値(boolean) 191 | 192 | `dhclient.conf`内の`ntp-servers`を無効にすることによって、DhclientがNTPの設定を管理できないようにします。 193 | 194 | #### `disable_kernel` 195 | 196 | データタイプ: 真偽値(boolean) 197 | 198 | カーネルによる時刻の調整を無効にします。 199 | 200 | #### `disable_monitor` 201 | 202 | データタイプ: 真偽値(boolean) 203 | 204 | NTP内のモニタリング機能を無効にします。 205 | 206 | デフォルト値: `true` 207 | 208 | #### `driftfile` 209 | 210 | データタイプ: Stdlib::Absolutepath. 211 | 212 | NTP driftfileの保存場所を指定します。 213 | 214 | デフォルト値: '/var/lib/ntp/drift' (AIX: 'ntp::driftfile:', Solaris: '/var/ntp/ntp.drift'). 215 | 216 | #### `enable_mode7` 217 | 218 | データタイプ: 真偽値(boolean) 219 | 220 | 非推奨のntpdcプログラムによって使用される、NTPモード7の実装固有リクエストの処理を有効化します。 221 | 222 | デフォルト値: `false` 223 | 224 | #### `fudge` 225 | 226 | 任意 227 | 228 | データタイプ: 配列[文字列] 229 | 230 | 個々のクロックドライバの追加情報を提供します。 231 | 232 | デフォルト値: [ ] 233 | 234 | #### `iburst_enable` 235 | 236 | データタイプ: 真偽値(boolean) 237 | 238 | すべてのNTPピアのiburstオプションを有効にするかどうかを指定します。 239 | 240 | デフォルト値: `false` (AIX、Debian: `true`) 241 | 242 | #### `interfaces` 243 | 244 | データタイプ: 配列[文字列] 245 | 246 | NTPがLISTENする1つ以上のネットワークインターフェイスを指定します。 247 | 248 | デフォルト値: [ ] 249 | 250 | #### `interfaces_ignore` 251 | 252 | データタイプ: 配列[文字列] 253 | 254 | 1つ以上のNTPリスナー設定で無視するパターン(例: all、wildcard、ipv6)を指定します。 255 | 256 | デフォルト値: [ ] 257 | 258 | #### `keys` 259 | 260 | データタイプ: 配列[文字列] 261 | 262 | 鍵ファイルに鍵を配布します。 263 | 264 | デフォルト値: [ ] 265 | 266 | #### `keys_controlkey` 267 | 268 | 任意 269 | 270 | データタイプ: Ntp::Key_id 271 | 272 | ntpqユーティリティと共に使用する鍵識別子(値の範囲: 1~65,534)を指定します。 273 | 274 | デフォルト値: ' ' 275 | 276 | #### `keys_enable` 277 | 278 | データタイプ: 真偽値(boolean) 279 | 280 | 鍵による認証を有効にするかどうかを指定します。 281 | 282 | デフォルト値: `false` 283 | 284 | #### `keys_file` 285 | 286 | Stdlib::Absolutepath. 287 | 288 | MD5鍵ファイルの完全パスと保存場所を指定します。MD5鍵ファイルには、対称鍵暗号の使用時にntpd、ntpqおよびntpdcが使用する鍵と鍵識別子が含まれています。 289 | 290 | デフォルト値: '/etc/ntp.keys' (RedHat、Amazon: `/etc/ntp/keys`) 291 | 292 | #### `keys_requestkey` 293 | 294 | 任意 295 | 296 | データタイプ: Ntp::Key_id 297 | 298 | ntpdcユーティリティプログラムと共に使用する鍵識別子(値の範囲: 1~65,534)を指定します。 299 | 300 | デフォルト値: ' ' 301 | 302 | #### `keys_trusted` 303 | 304 | 任意 305 | 306 | データタイプ: 配列[Ntp::Key_id] 307 | 308 | NTPが信頼している1つ以上の鍵を提供します。 309 | 310 | デフォルト値: [ ] 311 | 312 | #### `leapfile` 313 | 314 | 任意 315 | 316 | データタイプ: Stdlib::Absolutepath. 317 | 318 | NTPが使用する「うるう秒ファイル」を指定します。 319 | 320 | デフォルト値: ' ' 321 | 322 | #### `logfile` 323 | 324 | 任意 325 | 326 | データタイプ: Stdlib::Absolutepath. 327 | 328 | NTPがsyslogの代わりに使用するログファイルを指定します。 329 | 330 | デフォルト値: ' ' 331 | 332 | #### `minpoll` 333 | 334 | 任意 335 | 336 | データタイプ: Ntp::Poll_interval 337 | 338 | Puppetをアップストリームサーバの規格外の最小ポーリング間隔に設定します(値: 4~17)。 339 | デフォルト: `undef` 340 | 341 | #### `maxpoll` 342 | 343 | 任意 344 | 345 | データタイプ: Ntp::Poll_interval 346 | 347 | アップストリームサーバの規格外の最大ポーリング間隔に設定します(値: 4~17)。 348 | デフォルトオプション: `undef`(FreeBSD: 9) 349 | 350 | #### `ntpsigndsocket` 351 | 352 | 任意 353 | 354 | データタイプ: Stdlib::Absolutepath. 355 | 356 | NTPがntpsigndsocketパスのソケットを使用してパケットに署名するよう設定します。NTPがソケットに署名するよう設定されていなければなりません。値: ソケットディレクトリへのパス(例: Samba: `usr/local/samba/var/lib/ntp_signd/`)。 357 | 358 | デフォルト値: `undef` 359 | 360 | #### `package_ensure` 361 | 362 | データタイプ: 文字列 363 | 364 | NTPパッケージをインストールするかどうか、インストールする場合はどのバージョンをインストールするかを指定します(値: 'present'、'latest'、または特定のバージョン番号)。 365 | 366 | デフォルト値: 'present' 367 | 368 | #### `package_manage` 369 | 370 | データタイプ: 真偽値(boolean) 371 | 372 | NTPパッケージを管理するかどうか指定します。 373 | 374 | デフォルト値: `true` 375 | 376 | #### `package_name` 377 | 378 | データタイプ: 配列[文字列] 379 | 380 | 管理するNTPパッケージを指定します。 381 | 382 | デフォルト値: ['ntp'] (AIX: 'bos.net.tcp.client'、Solaris: [ 'SUNWntp4r'、'SUNWntp4u' ]) 383 | 384 | #### `panic` 385 | 386 | 任意 387 | データタイプ: 整数[0] 388 | 389 | クロックキューが大きすぎる場合にNTPでパニックを発生させ終了させるかどうか指定します。この指定は`tinker`オプションが`true`に設定されている場合のみ、または仮想マシン環境でのみ適用されます。 390 | 391 | デフォルト値: `undef` (仮想環境: 0) 392 | 393 | #### `pool` 394 | 395 | 任意 396 | 397 | データタイプ: 配列[文字列] 398 | 399 | ローカルクロックを同期させるNTPサーバプールのリスト 400 | 401 | デフォルト値: [ ] 402 | 403 | #### `peers` 404 | 405 | データタイプ: 配列[文字列] 406 | 407 | ローカルクロックを同期させるNTPサーバのリスト 408 | 409 | #### `preferred_servers` 410 | 411 | データタイプ: 配列[文字列] 412 | 413 | 1つ以上の優先ピアを指定します。Puppetによって`servers`配列内の一致する項目の最後に'prefer'が追加されます。 414 | 415 | デフォルト値: [ ] 416 | 417 | #### `noselect_servers` 418 | 419 | 配列[文字列]で、同期させない1つ以上のピアを指定します。Puppetによって`servers`配列内の一致する項目の最後に'noselect'が追加されます。デフォルト値: [ ] 420 | 421 | #### `restrict` 422 | 423 | データタイプ: 配列[文字列] 424 | 425 | NTP設定の1つ以上の`restrict`オプションを指定します。Puppetによって各項目の先頭に'restrict'が追加されるため、リストする必要があるのは制限事項の内容のみです。 426 | 427 | ほとんどのオペレーティングシステムでのデフォルト値: 428 | 429 | ```shell 430 | [ 431 | 'default kod nomodify notrap nopeer noquery', 432 | '-6 default kod nomodify notrap nopeer noquery', 433 | '127.0.0.1', 434 | '-6 ::1', 435 | ] 436 | ``` 437 | 438 | AIXシステムのデフォルト値: 439 | 440 | ```shell 441 | [ 442 | 'default nomodify notrap nopeer noquery', 443 | '127.0.0.1', 444 | ] 445 | ``` 446 | 447 | #### `servers` 448 | 449 | データタイプ: 配列[文字列] 450 | 451 | NTPピアとして使用する1つ以上のサーバを指定します。 452 | 453 | デフォルト値: オペレーティングシステムによって異なります。 454 | 455 | #### `service_enable` 456 | 457 | データタイプ: 真偽値(boolean) 458 | 459 | 起動時にNTPサービスを有効にするかどうか指定します。 460 | 461 | デフォルト値: `true` 462 | 463 | #### `service_ensure` 464 | 465 | データタイプ: Enum['running'、'stopped'] 466 | 467 | NTPサービスを実行するかどうか指定します。 468 | 469 | デフォルト値: 'running' 470 | 471 | 472 | #### `service_manage` 473 | 474 | データタイプ: 真偽値(boolean) 475 | 476 | NTPサービスを管理するかどうか指定します。 477 | 478 | デフォルト値: `true` 479 | 480 | #### `service_name` 481 | 482 | データタイプ: 文字列 483 | 484 | 管理対象のNTPサービス 485 | 486 | デフォルト値: オペレーティングシステムによって異なります。 487 | 488 | #### `service_provider` 489 | 490 | データタイプ: 文字列 491 | 492 | NTPに使用するサービスプロバイダ 493 | 494 | デフォルト値: `undef` 495 | 496 | #### `slewalways` 497 | 498 | データタイプ: Enum['no'、'yes'] 499 | 500 | step動作を無効にし常にslewモードで徐々に時計を合わせるよう`xntpd`を設定するかどうかを指定します。 501 | 502 | AIXといった`xntpd`を実行するプラットフォームにのみ適用し、その他のプラットフォームにこの設定を指定しないようにしてください。 503 | 504 | デフォルト値: オペレーティングシステムによって異なります。 505 | 506 | #### `statistics` 507 | 508 | データタイプ: 配列 509 | 510 | ntpモニタリングが有効になっている場合に収集する統計のリスト 511 | 512 | デフォルト値: [] 513 | 514 | #### `statsdir` 515 | 516 | データタイプ: Stdlib::Absolutepath. 517 | 518 | NTP統計の保存先(ntpモニタリングが有効になっている場合) 519 | 520 | デフォルト値: '/var/log/ntpstats' 521 | 522 | #### `step_tickers_file` 523 | 524 | 任意 525 | 526 | データタイプ: Stdlib::Absolutepath. 527 | 528 | 管理対象システム上のstep tickersファイルの保存場所 529 | 530 | デフォルト値: オペレーティングシステムによって異なります。 531 | 532 | 533 | #### `step_tickers_epp` 534 | 535 | 任意 536 | 537 | データタイプ: 文字列 538 | 539 | step tickers EPPテンプレートファイルの保存場所。このパラメータと`step_tickers_template`パラメータの両方を指定すると、バリデーションエラーが発生します。 540 | 541 | デフォルト値: オペレーティングシステムによって異なります。 542 | 543 | #### `step_tickers_template` 544 | 545 | 任意 546 | 547 | データタイプ: 文字列 548 | 549 | step tickers ERBテンプレートファイルの保存場所。 このパラメータと`step_tickers_epp`パラメータの両方を指定すると、バリデーションエラーが発生します。 550 | 551 | デフォルト値: オペレーティングシステムによって異なります。 552 | 553 | #### `stepout` 554 | 555 | 任意 556 | 557 | データタイプ: 整数[0, 65535] 558 | 559 | `tinker`値が`true`の場合のstepoutの値。有効なオプション: unsigned shortint digit 560 | 561 | デフォルト値: `undef` 562 | 563 | #### `tos` 564 | 565 | データタイプ: 真偽値(boolean) 566 | 567 | tosオプションを有効にするかどうかを指定します。 568 | 569 | デフォルト値: `false` 570 | 571 | #### `tos_maxclock` 572 | 573 | 任意 574 | 575 | データタイプ: 整数[1] 576 | 577 | maxclock tosオプションを指定します。 578 | 579 | デフォルト値: 6。 580 | 581 | #### `tos_minclock` 582 | 583 | 任意 584 | 585 | データタイプ: 整数[1] 586 | 587 | minclock tosオプションを指定します。 588 | 589 | デフォルト値: 3 590 | 591 | #### `tos_minsane` 592 | 593 | 任意 594 | 595 | データタイプ: 整数[1] 596 | 597 | minsane tosオプションを指定します。 598 | 599 | デフォルト値: 1 600 | 601 | #### `tos_floor` 602 | 603 | 任意 604 | 605 | データタイプ: 整数[1] 606 | 607 | floor tosオプションを指定します。 608 | 609 | デフォルト値: 1 610 | 611 | #### `tos_ceiling` 612 | 613 | 任意 614 | 615 | データタイプ: 整数[1] 616 | 617 | ceiling tosオプションを指定します。 618 | 619 | デフォルト値: 15 620 | 621 | #### `tos_cohort` 622 | 623 | 624 | データタイプ: 真偽値(boolean)、整数[0,1] 625 | 626 | cohort tosオプションを指定します。有効なオプション: 0または1 627 | 628 | デフォルト値: 0 629 | 630 | #### `tinker` 631 | 632 | データタイプ: 真偽値(boolean) 633 | 634 | tinkerオプションを有効にするかどうかを指定します。 635 | 636 | デフォルト値: `false` 637 | 638 | #### `udlc` 639 | 640 | データタイプ: 真偽値(boolean) 641 | 642 | Undisciplined Local Clockを時刻ソースとして使用するようNTPを設定するかどうか指定します。 643 | デフォルト値: `false` 644 | 645 | #### `udlc_stratum` 646 | 647 | 任意。データタイプ: 整数[1,15] 648 | 649 | Undisciplined Local Clockを時刻ソースとして使用する場合にサーバを実行する階層を指定します。ntpdが外部アクセス可能なネットワークに接続する場合は、この値を10以上にする必要があります。 650 | 651 | デフォルト値: 10 652 | 653 | ## 制限事項 654 | 655 | このモジュールは[PE対応のすべてのプラットフォーム](https://forge.puppetlabs.com/supported#compat-matrix)上でテスト済みです。さらに、Solaris 10とFedora 20-22上でもテスト済み(ただし非対応)です。 656 | 657 | ## 開発 658 | 659 | Puppet Forge上のPuppetモジュールは公開プロジェクトです。このモジュールの今後の進展にはコミュニティによる協力が不可欠です。変更にご協力いただける場合はガイドラインに従ってください。 660 | 661 | 詳しくは[モジュールへの貢献に関するガイド](https://docs.puppetlabs.com/forge/contributing.html)をご覧ください。 662 | 663 | ### 貢献者 664 | 665 | すでにご協力いただいている方のリストについては、[貢献者リスト](https://github.com/puppetlabs/puppetlabs-ntp/graphs/contributors)をご覧ください。 -------------------------------------------------------------------------------- /manifests/init.pp: -------------------------------------------------------------------------------- 1 | # ntp 2 | # 3 | # Main class, includes all other classes. 4 | # 5 | # @param authprov 6 | # Enables compatibility with W32Time in some versions of NTPd (such as Novell DSfW). Default value: undef. 7 | # 8 | # @param broadcastclient 9 | # Enables reception of broadcast server messages to any local interface. Default value: false. 10 | # 11 | # @param burst 12 | # When the server is reachable, send a burst of eight packets instead of the usual one. Default value: false. 13 | # 14 | # @param config 15 | # Specifies a file for NTP's configuration info. Default value: '/etc/ntp.conf' (or '/etc/inet/ntp.conf' on Solaris). 16 | # 17 | # @param config_dir 18 | # Specifies a directory for the NTP configuration files. Default value: undef. 19 | # 20 | # @param config_epp 21 | # Specifies an absolute or relative file path to an EPP template for the config file. 22 | # Example value: 'ntp/ntp.conf.epp'. A validation error is thrown if `config_epp` parameter is not specified. 23 | # 24 | # @param config_file_mode 25 | # Specifies a file mode for the ntp configuration file. Default value: '0664'. 26 | # 27 | # @param daemon_extra_opts 28 | # Specifies any arguments to pass to ntp daemon. Default value: '-g'. 29 | # Example value: '-g -i /var/lib/ntp' to enable jaildir options. 30 | # Note that user is a specific parameter handled separately. 31 | # 32 | # @param disable_auth 33 | # Disables cryptographic authentication for broadcast client, multicast client, and symmetric passive associations. 34 | # 35 | # @param disable_dhclient 36 | # Disables `ntp-servers` in `dhclient.conf` to prevent Dhclient from managing the NTP configuration. 37 | # 38 | # @param disable_kernel 39 | # Disables kernel time discipline. 40 | # 41 | # @param disable_monitor 42 | # Disables the monitoring facility in NTP. Default value: true. 43 | # 44 | # @param driftfile 45 | # Specifies an NTP driftfile. Default value: '/var/lib/ntp/drift' (except on AIX and Solaris). 46 | # 47 | # @param enable_mode7 48 | # Enables processing of NTP mode 7 implementation-specific requests which are used by the deprecated ntpdc program. Default value: false. 49 | # 50 | # @param fudge 51 | # Provides additional information for individual clock drivers. Default value: [ ] 52 | # 53 | # @param iburst_enable 54 | # Specifies whether to enable the iburst option for every NTP peer. Default value: false (true on AIX and Debian). 55 | # 56 | # @param interfaces 57 | # Specifies one or more network interfaces for NTP to listen on. Default value: [ ]. 58 | # 59 | # @param interfaces_ignore 60 | # Specifies one or more ignore pattern for the NTP listener configuration (for example: all, wildcard, ipv6). Default value: [ ]. 61 | # 62 | # @param keys 63 | # Distributes keys to keys file. Default value: [ ]. 64 | # 65 | # @param keys_controlkey 66 | # Specifies the key identifier to use with the ntpq utility. Value in the range of 1 to 65,534 inclusive. Default value: ' '. 67 | # 68 | # @param keys_enable 69 | # Whether to enable key-based authentication. Default value: false. 70 | # 71 | # @param keys_file 72 | # Specifies the complete path and location of the MD5 key file containing the keys and key identifiers used by ntpd, ntpq and ntpdc 73 | # when operating with symmetric key cryptography. Default value: `/etc/ntp.keys` (on RedHat and Amazon, `/etc/ntp/keys`). 74 | # 75 | # @param keys_requestkey 76 | # Specifies the key identifier to use with the ntpdc utility program. Value in the range of 1 to 65,534. Default value: ' '. 77 | # 78 | # @param keys_trusted 79 | # Provides one or more keys to be trusted by NTP. Default value: [ ]. 80 | # 81 | # @param leapfile 82 | # Specifies a leap second file for NTP to use. Default value: ' '. 83 | # 84 | # @param logfile 85 | # Specifies a log file for NTP to use instead of syslog. Default value: ' '. 86 | # 87 | # @param logfile_group 88 | # Specifies the group for the NTP log file. Default is 'ntp'. 89 | # 90 | # @param logfile_mode 91 | # Specifies the permission for the NTP log file. Default is 0664. 92 | # 93 | # @param logfile_user 94 | # Specifies the user for the NTP log file. Default is 'ntp'. 95 | # 96 | # @param logconfig 97 | # Specifies the logconfig for NTP to use. Default value: ' '. 98 | # 99 | # @param minpoll 100 | # Sets Puppet to non-standard minimal poll interval of upstream servers. 101 | # Values: 3 to 16. Default: undef. 102 | # 103 | # @param maxpoll 104 | # Sets use non-standard maximal poll interval of upstream servers. 105 | # Values: 3 to 16. Default option: undef, except on FreeBSD (on FreeBSD, defaults to 9). 106 | # 107 | # @param ntpsigndsocket 108 | # Sets NTP to sign packets using the socket in the ntpsigndsocket path. Requires NTP to be configured to sign sockets. 109 | # Value: Path to the socket directory; for example, for Samba: `usr/local/samba/var/lib/ntp_signd/`. Default value: undef. 110 | # 111 | # @param package_ensure 112 | # Whether to install the NTP package, and what version to install. Values: 'present', 'latest', or a specific version number. 113 | # Default value: 'present'. 114 | # 115 | # @param package_manage 116 | # Whether to manage the NTP package. Default value: true. 117 | # 118 | # @param package_name 119 | # Specifies the NTP package to manage. Default value: ['ntp'] (except on AIX and Solaris). 120 | # 121 | # @param panic 122 | # Whether NTP should "panic" in the event of a very large clock skew. Applies only if `tinker` option set to true or if your environment 123 | # is in a virtual machine. Default value: 0 if environment is virtual, undef in all other cases. 124 | # 125 | # @param peers 126 | # List of NTP servers with which to synchronise the local clock. 127 | # 128 | # @param tos_orphan 129 | # Enables Orphan mode for peer group 130 | # Value: Should be set to 2 more than the worst-case externally-reachable source's stratum. 131 | # 132 | # @param pool 133 | # List of NTP server pools with which to synchronise the local clock. 134 | # 135 | # @param preferred_servers 136 | # Specifies one or more preferred peers. Puppet appends 'prefer' to each matching item in the `servers` array. 137 | # Default value: [ ]. 138 | # 139 | # @param noselect_servers 140 | # Specifies one or more peers to not sync with. Puppet appends 'noselect' to each matching item in the `servers` array. 141 | # Default value: [ ]. 142 | # 143 | # @param restrict 144 | # Specifies one or more `restrict` options for the NTP configuration. 145 | # Puppet prefixes each item with 'restrict', so you need to list only the content of the restriction. 146 | # Default value for most operating systems: 147 | # '[default kod nomodify notrap nopeer noquery', '-6 default kod nomodify notrap nopeer noquery', '127.0.0.1', '-6 ::1']'. 148 | # Default value for AIX systems: 149 | # '['default nomodify notrap nopeer noquery', '127.0.0.1',]'. 150 | # 151 | # @param servers 152 | # Specifies one or more servers to be used as NTP peers. Default value: varies by operating system. 153 | # 154 | # @param service_enable 155 | # Whether to enable the NTP service at boot. Default value: true. 156 | # 157 | # @param service_ensure 158 | # Whether the NTP service should be running. Default value: 'running'. 159 | # 160 | # @param service_manage 161 | # Whether to manage the NTP service. Default value: true. 162 | # 163 | # @param service_name 164 | # The NTP service to manage. Default value: varies by operating system. 165 | # 166 | # @param service_provider 167 | # Which service provider to use for NTP. Default value: 'undef'. 168 | # 169 | # @param service_hasstatus 170 | # Whether service has a functional status command. Default value: true. 171 | # 172 | # @param service_hasrestart 173 | # Whether service has a restart command. Default value: true. 174 | # 175 | # @param slewalways 176 | # xntpd setting to disable stepping behavior and always slew the clock to handle adjustments. 177 | # Only relevant for AIX. Default value: 'undef'. Allowed values: 'yes', 'no' 178 | # 179 | # @param statistics 180 | # List of statistics to have NTP generate and keep. Default value: [ ]. 181 | # 182 | # @param statsdir 183 | # Location of the NTP statistics directory on the managed system. Default value: '/var/log/ntpstats'. 184 | # 185 | # @param step_tickers_file 186 | # Location of the step tickers file on the managed system. Default value: varies by operating system. 187 | # 188 | # @param step_tickers_epp 189 | # Location of the step tickers EPP template file. Default value: varies by operating system. 190 | # Validation error is thrown if both this and the `step_tickers_template` parameters are specified. 191 | # 192 | # @param step_tickers_template 193 | # Location of the step tickers ERB template file. Default value: varies by operating system. 194 | # Validation error is thrown if both this and the `step_tickers_epp` parameter are specified. 195 | # 196 | # @param stepout 197 | # Value for stepout if `tinker` value is true. Valid options: unsigned shortint digit. Default value: undef. 198 | # 199 | # @param tos 200 | # Whether to enable tos options. Default value: false. 201 | # 202 | # @param tos_minclock 203 | # Specifies the minclock tos option. Default value: 3. 204 | # 205 | # @param tos_maxclock 206 | # Specifies the maxclock tos option. Default value: 6. 207 | # 208 | # @param tos_minsane 209 | # Specifies the minsane tos option. Default value: 1. 210 | # 211 | # @param tos_floor 212 | # Specifies the floor tos option. Default value: 1. 213 | # 214 | # @param tos_ceiling 215 | # Specifies the ceiling tos option. Default value: 15. 216 | # 217 | # @param tos_cohort 218 | # Specifies the cohort tos option. Valid options: 0 or 1. Default value: 0. 219 | # 220 | # @param tinker 221 | # Whether to enable tinker options. Default value: false. 222 | # 223 | # @param udlc 224 | # Specifies whether to configure NTP to use the undisciplined local clock as a time source. Default value: false. 225 | # 226 | # @param udlc_stratum 227 | # Specifies the stratum the server should operate at when using the undisciplined local clock as the time source. 228 | # This value should be set to no less than 10 if ntpd might be accessible outside your immediate, controlled network. 229 | # Default value: 10.am udlc 230 | # 231 | # @param user 232 | # Specifies user to run ntpd daemon. Default value: ntp. 233 | # Usually set by default on Centos7 (/etc/systemd/system/multi-user.target.wants/ntpd.service) and 234 | # ubuntu 18.04 (/usr/lib/ntp/ntp-systemd-wrapper) 235 | # This is currently restricted to Redhat based systems of version 7 and above and Ubuntu 18.04. 236 | # 237 | class ntp ( 238 | Boolean $broadcastclient, 239 | Boolean $burst, 240 | Stdlib::Absolutepath $config, 241 | Optional[Stdlib::Absolutepath] $config_dir, 242 | String $config_file_mode, 243 | Optional[String] $config_epp, 244 | Boolean $disable_auth, 245 | Boolean $disable_dhclient, 246 | Boolean $disable_kernel, 247 | Boolean $disable_monitor, 248 | Boolean $enable_mode7, 249 | Optional[Array[String]] $fudge, 250 | Stdlib::Absolutepath $driftfile, 251 | Optional[Stdlib::Absolutepath] $leapfile, 252 | Optional[Stdlib::Absolutepath] $logfile, 253 | Optional[Variant[String, Integer]] $logfile_group, 254 | String $logfile_mode, 255 | Optional[Variant[String, Integer]] $logfile_user, 256 | Optional[String] $logconfig, 257 | Boolean $iburst_enable, 258 | Array[String] $keys, 259 | Boolean $keys_enable, 260 | Stdlib::Absolutepath $keys_file, 261 | Optional[Ntp::Key_id] $keys_controlkey, 262 | Optional[Ntp::Key_id] $keys_requestkey, 263 | Optional[Array[Ntp::Key_id]] $keys_trusted, 264 | Optional[Ntp::Poll_interval] $minpoll, 265 | Optional[Ntp::Poll_interval] $maxpoll, 266 | String $package_ensure, 267 | Boolean $package_manage, 268 | Array[String] $package_name, 269 | Optional[Integer[0]] $panic, 270 | Array[String] $peers, 271 | Optional[Array[String]] $pool, 272 | Array[String] $preferred_servers, 273 | Array[String] $noselect_servers, 274 | Array[String] $restrict, 275 | Array[String] $interfaces, 276 | Array[String] $interfaces_ignore, 277 | Array[String] $servers, 278 | Boolean $service_enable, 279 | Enum['running', 'stopped'] $service_ensure, 280 | Boolean $service_manage, 281 | String $service_name, 282 | Optional[String] $service_provider, 283 | Boolean $service_hasstatus, 284 | Boolean $service_hasrestart, 285 | Optional[Enum['yes','no']] $slewalways, 286 | Optional[Array] $statistics, 287 | Optional[Stdlib::Absolutepath] $statsdir, 288 | Optional[Integer[0, 65535]] $stepout, 289 | Optional[Stdlib::Absolutepath] $step_tickers_file, 290 | Optional[String] $step_tickers_epp, 291 | Optional[String] $step_tickers_template, 292 | Optional[Boolean] $tinker, 293 | Boolean $tos, 294 | Optional[Integer[1]] $tos_maxclock, 295 | Optional[Integer[1]] $tos_minclock, 296 | Optional[Integer[1]] $tos_minsane, 297 | Optional[Integer[1]] $tos_floor, 298 | Optional[Integer[1]] $tos_ceiling, 299 | Optional[Integer[1]] $tos_orphan, 300 | Variant[Boolean, Integer[0,1]] $tos_cohort, 301 | Boolean $udlc, 302 | Optional[Integer[1,15]] $udlc_stratum, 303 | Optional[Stdlib::Absolutepath] $ntpsigndsocket, 304 | Optional[String] $authprov, 305 | Optional[String] $user, 306 | Optional[String] $daemon_extra_opts, 307 | ) { 308 | # defaults for tinker and panic are different, when running on virtual machines 309 | if $facts['is_virtual'] { 310 | $_tinker = pick($tinker, true) 311 | $_panic = pick($panic, 0) 312 | } else { 313 | $_tinker = pick($tinker, false) 314 | $_panic = $panic 315 | } 316 | 317 | contain ntp::install 318 | contain ntp::config 319 | contain ntp::service 320 | 321 | Class['ntp::install'] 322 | -> Class['ntp::config'] 323 | ~> Class['ntp::service'] 324 | } 325 | -------------------------------------------------------------------------------- /HISTORY.md: -------------------------------------------------------------------------------- 1 | ## 7.1.1 2 | ### Summary 3 | This release includes updated Japanese translations. 4 | 5 | ### Added 6 | - Updating translations for readmes/README_ja_JP.md 7 | 8 | ## 7.1.0 9 | ### Summary 10 | This release uses the PDK convert functionality which in return makes the module PDK compliant. It also includes one feature and a roll up of maintenance changes. 11 | 12 | ### Added 13 | - PDK convert ntp ([MODULES-6326](https://tickets.puppet.com/browse/MODULES-6326)). 14 | - Create parameter for slewalways to be exposed in the ntp.conf template. 15 | 16 | ### Fixed 17 | - `is_virtual` fact is boolean and cant be given to str2bool. 18 | - Don't use 'inherits' in config, install and service. 19 | - Roll up of modulesync changes. 20 | - Make documentation more readable. 21 | - Fix up rubocop errors ([FM-6634](https://tickets.puppet.com/browse/FM-6634)). 22 | - Strip data types out of puppet-strings comments. 23 | 24 | ## 7.0.0 25 | ### Summary 26 | Hiera 5 only works with Puppet 4.9.4 and above, we have bumped the Puppet requirement for the module accordingly. 27 | 28 | ### Changed 29 | - Update YAML to version 5 ([PR 428](https://github.com/puppetlabs/puppetlabs-ntp/pull/428)) 30 | - Updates the lower puppet version boundary to 4.9.4. 31 | 32 | ## 6.4.1 33 | ### Summary 34 | This release reverts a PR that implements Hiera 5. Issues have been seen due to compatibility issues. The issues that have been seen are ([MODULES-5775](https://tickets.puppet.com/browse/MODULES-5775)) and ([MODULES-5780](https://tickets.puppet.com/browse/MODULES-5780)). 35 | 36 | ### Changed 37 | - Reverts ([PR 394](https://github.com/puppetlabs/puppetlabs-ntp/pull/394)) 38 | 39 | ## 6.4.0 40 | ### Summary 41 | This release is to both update the modules code so that it matches the set standards and make it so that all future prs are checked by Rubocop before release. 42 | 43 | #### Added 44 | - Rubocop is now enabled. 45 | 46 | #### Changed 47 | - All ruby code within module has been altered to match standards. 48 | 49 | ## 6.3.0 50 | ### Summary 51 | This is a feature release with some bugfixes and updated Japanese translations, too. 52 | 53 | #### Added 54 | - `enable_mode7` parameter (defaults to `false`) 55 | - disable monitor availability while setting stat properties 56 | 57 | #### Changed 58 | - Lower bound of Puppet requirement from 4.5.0 to 4.7.0 59 | - hiera.yaml to Hiera version 5 format 60 | 61 | #### Removed 62 | - Ubuntu 10.04 and 12.04, Debian 6, SLES 10 SP4, and Fedora 20-23 support from metadata.json (existing compatibility remains) 63 | 64 | #### Fixed 65 | - Path to driftfile on Suse ([MODULES-4941](https://tickets.puppet.com/browse/MODULES-4941)) 66 | - Whitespace issue in ntp.conf.epp with `tos` 67 | - Permissions on keys file 68 | 69 | ## 6.2.0 70 | ### Summary 71 | This is a small minor release that adds the `pool` parameter and revises some Japanese translations. 72 | 73 | #### Added 74 | - The `pool` parameter 75 | 76 | #### Fixed 77 | - Japanese translations for the README 78 | 79 | ## 6.1.0 80 | ### Summary 81 | 82 | This release adds support for internationalization of the module. It also contains Japanese translations for the README, summary and description of the metadata.json and major cleanups in the README. Additional folders have been introduced called locales and readmes where translation files can be found. A number of features and bug fixes are also included in this release. 83 | 84 | #### Features 85 | - Addition of POT file for metadata translation for i18n. 86 | - Multiple Gemfile updates for Ruby and Gems support. 87 | - (MODULES-4225) Addition of Puppet strings to the ntp module. 88 | - Implements beaker module install helper and cleanup spec helper acceptance.rb. 89 | - (MODULES-4414) Allow NTP statistics if requested. 90 | - (MODULES-4278) Addition of noselect feature. 91 | - Addition of 'pool' parameter. 92 | - Addition of Ubuntu Xenial Support. 93 | 94 | #### Bugfixes 95 | - Huge readme updates for adding tags to private classes, edits for localization and general cleanups. 96 | - (MODULES-3397) Fix of the default Solaris settings. 97 | - Changed 'service_ensure' data type to Enum. 98 | - (MODULES-3396) remove superfluous empty lines in ntp.conf. 99 | - (MODULES-4528) Replace Puppet.version.to_f version comparison from spec helper. 100 | - Solaris data that was the wrong way round now fixed. 101 | 102 | ##s 5.0.0 and 6.0.0 103 | ### Summary 104 | 105 | This double release adds new Puppet 4 features: data in modules, EPP templates, the $facts hash, and data types. The 5.0.0 release is fully backwards compatible to existing Puppet 4 configurations and provides you with [deprecation warnings](https://github.com/puppetlabs/puppetlabs-stdlib#deprecation) for every argument that will not work as expected with the final 6.0.0 release. See the [stdlib docs](https://github.com/puppetlabs/puppetlabs-stdlib#validate_legacy) for an in-depth discussion of this. 106 | 107 | If you want to learn more about the new features used, have a look at the [NTP: A Puppet 4 language update](https://puppet.com/blog/ntp-puppet-4-language-update) blog post. 108 | 109 | If you're still running Puppet 3, remain on the latest puppetlabs-ntp 4.x release for now, and see the documentation to [upgrade to Puppet 4](https://docs.puppet.com/puppet/4.6/reference/upgrade_major_pre.html). 110 | 111 | ### Changes 112 | 113 | * [Data in modules](https://docs.puppet.com/puppet/latest/reference/lookup_quick_module.html#example-with-hiera): Moves all distribution and OS-dependent defaults into YAML files in `data/`, alleviating the need for a `params` class. Note that while this feature is currently still classed as experimental, the final implementation will support the changes here. 114 | * [EPP templating](https://docs.puppet.com/puppet/latest/reference/lang_template_epp.html): Uses the Puppet language as a base for templates to create simpler and safer templates. No need for Ruby anymore! You can pass in EPP templates for the `ntp.conf` and `step-tickers` files using the new `config_epp` and `step_tickers_epp` parameters. 115 | * [The $facts hash](https://docs.puppet.com/puppet/latest/reference/lang_facts_and_builtin_vars.html#the-factsfactname-hash): Makes facts visibly distinct from other variables for more readable and maintainable code. This helps eliminate confusion if you use a local variable whose name happens to match that of a common fact. 116 | * [Data types for validation](https://docs.puppet.com/puppet/4.6/reference/lang_data.html): Helps you find and replace deprecated code in existing `validate_*` functions with stricter, more readable data type notation. First upgrade to the 5.0.0 release of this module, and address all deprecation warnings before upgrading to the final 6.0.0 release. Please see the [stdlib docs](https://github.com/puppetlabs/puppetlabs-stdlib#validate_legacy) for an in-depth discussion of this process. 117 | 118 | ## 4.2.0 119 | ### Summary 120 | 121 | A large release with many new features. Multiple additions to parameters and work contributed to OS compatibility. Also includes several bug fixes, including clean ups of code. 122 | 123 | #### Features 124 | - Updated spec helper for more consistency 125 | - Addition of config_dir variable 126 | - Addition of puppet TOS options 127 | - Added support for disabling kernel time discipline in ntp.conf 128 | - Update Solaris support for newer Facter, and Amazon for < 1.7.0 facter 129 | - Added disable_dhclient parameter 130 | - Added OpenSUSE 13.2 compatibility 131 | - Parameterize file mode of config file 132 | - Enhanced the default configuration 133 | - Debian 8 compatibility 134 | - Enabled usage of the $ntpsigndsocket parameter 135 | - Added parameter for interfaces to ignore 136 | - Added support for the authprov parameter 137 | - Additional work done for SLES 12 compatibility 138 | - Addition of key template options/ key distribution 139 | 140 | #### Bugfixes 141 | - Fix for strict variables and tests 142 | - Fixed test with preferred server and iburst enabled 143 | - Added logfile parameter test 144 | - Cleaned out unused cleanup code and utilities from spec_helper 145 | - Deprecated ntp_dirname function 146 | - No longer manages the keys_file parent when it would be inappropriate to do so 147 | - Converted license string to SPDX format 148 | - Removed ruby 1.8.7 and puppet 2.7 from travis-ci jobs 149 | 150 | ## 4.1.2 151 | ###Summary 152 | 153 | Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. 154 | 155 | ## 4.1.1 156 | ### Summary 157 | This is a bugfix release to address security vulnerability CVE-2013-5211. 158 | 159 | #### Bugfixes 160 | - Changes the default behavior to disable monitoring as part of the solution for CVE-2013-5211. 161 | 162 | ## 2015-07-21 - Supported Release 4.1.0 163 | ### Summary 164 | This release updates metadata to support new version of puppet enterprise, as well as new features, bugfixes, and test improvements. 165 | 166 | #### Features 167 | - Adds Solaris 10 support 168 | - Adds Fedora 20, 21, 22 compatibility 169 | 170 | #### Bugfixes 171 | - Fix default configuration for Debian (MODULES-2087) 172 | - Fix to ensure log file is created before service starts 173 | - Fixes SLES params for SLES 10, 11, 12 174 | 175 | ## 2015-05-26 - Supported Release 4.0.0 176 | ### Summary 177 | This release drops puppet 2.7 support and older stdlib support. It also includes the addition of 12 new properties, as well as numerous bug fixes and other improvements. 178 | 179 | #### Backwards-incompatible changes 180 | - UDLC (Undisciplined local clock) is now no longer enabled by default on anything (previous was enabled on non-virtual). 181 | - Puppet 2.7 no longer supported 182 | - puppetlabs-stdlib less than 4.5.0 no longer supported 183 | 184 | #### Features 185 | - Readme, Metadata, and Contribution documentation improvements 186 | - Acceptance test improvements 187 | - Added the `broadcastclient` property 188 | - Added the `disable_auth` property 189 | - Added `broadcastclient` property 190 | - Added `disable_auth` property 191 | - Added `fudge` property 192 | - Added `peers` property 193 | - Added `udlc_stratum` property 194 | - Added `tinker` property 195 | - Added `minpoll` property 196 | - Added `maxpoll` property 197 | - Added `stepout` property 198 | - Added `leapfile` property 199 | 200 | #### Bugfixes 201 | - Removing equal sign as delimiter in ntp.conf for the logfile parameter. 202 | - Add package_manage parameter, which is set to false by default on FreeBSD 203 | - Fixed an issue with the `is_virtual` property 204 | - Fixed debian wheezy issue 205 | - Fix for Redhat to disable ntp restart due to dhcp ntp server updates 206 | 207 | ##2014-11-04 - Supported Release 3.3.0 208 | ###Summary 209 | 210 | This release adds support for SLES 12. 211 | 212 | ####Features 213 | - Added support for SLES 12 214 | 215 | ##2014-10-02 - Supported Release 3.2.1 216 | ###Summary 217 | 218 | This is a bug-fix release addressing the security concerns of setting /etc/ntp to mode 0755 recursively. 219 | 220 | ####Bugfixes 221 | - Do not recursively set ownership/mode of /etc/ntp 222 | 223 | ##2014-09-10 - Supported Release 3.2.0 224 | ###Summary 225 | 226 | This is primarily a feature release. It adds a few new parameters to class `ntp` 227 | and adds support for Solaris 11. 228 | 229 | ####Features 230 | - Add the `$interfaces` parameter to `ntp` 231 | - Add support for Solaris 10 and 11 232 | - Synchronized files with modulesync 233 | - Test updates 234 | - Add the `$iburst_enable` parameter to `ntp` 235 | 236 | ####Bugfixes 237 | - Fixes for strict variables 238 | - Remove dependency on stdlib4 239 | 240 | ##2014-06-06 - Release 3.1.2 241 | ###Summary 242 | 243 | This is a supported release. This release fixes a manifest typo. 244 | 245 | ##2014-06-06 - Release 3.1.1 246 | ###Summary 247 | 248 | This is a bugfix release to get around dependency issues in PMT 3.6. This 249 | version has a dependency on puppetlabs-stdlib >= 4 so PE3.2.x is no longer 250 | supported. 251 | 252 | ####Bugfixes 253 | - Remove deprecated Modulefile as it was causing duplicate dependencies with PMT. 254 | 255 | ##2014-05-14 - Release 3.1.0 256 | ###Summary 257 | 258 | This release adds `disable_monitor` so you can disable the monitor functionality 259 | of NTP, which was recently used in NTP amplification attacks. It also adds 260 | support for RHEL7 and Ubuntu 14.04. 261 | 262 | ####Features 263 | - Add `disable_monitor` 264 | 265 | ####Bugfixes 266 | 267 | #####Known Bugs 268 | * No known bugs 269 | 270 | ##2014-04-09 - Supported Release 3.0.4 271 | ###Summary 272 | This is a supported release. 273 | 274 | The only functional change in this release is to split up the restrict 275 | defaults to be per operating system so that we can provide safer defaults 276 | for AIX, to resolve cases where IPv6 are disabled. 277 | 278 | ####Features 279 | - Rework restrict defaults. 280 | 281 | ####Bugfixes 282 | - Fix up a comment. 283 | - Fix a test to work better on PE. 284 | 285 | #####Known Bugs 286 | * No known bugs 287 | 288 | ##2014-03-04 - Supported Release 3.0.3 289 | ###Summary 290 | This is a supported release. Correct stdlib compatibility 291 | 292 | ####Bugfixes 293 | - Remove `dirname()` call for correct stdlib compatibility. 294 | - Improved tests 295 | 296 | ####Known Bugs 297 | * No known bugs 298 | 299 | 300 | ## 2014-02-13 - Release 3.0.2 301 | ###Summary 302 | 303 | No functional changes: Update the README and allow custom gem sources. 304 | 305 | ## 2013-12-17 - Release 3.0.1 306 | ### Summary 307 | 308 | Work around a packaging bug with symlinks, no other functional changes. 309 | 310 | ## 2013-12-13 - Release 3.0.0 311 | ### Summary 312 | 313 | Final release of 3.0, enjoy! 314 | 315 | 316 | ## 2013-10-14 - Version 3.0.0-rc1 317 | 318 | ###Summary 319 | 320 | This release changes the behavior of restrict and adds AIX osfamily support. 321 | 322 | ####Backwards-incompatible Changes: 323 | 324 | `restrict` no longer requires you to pass in parameters as: 325 | 326 | restrict => [ 'restrict x', 'restrict y' ] 327 | 328 | but just as: 329 | 330 | restrict => [ 'x', 'y' ] 331 | 332 | As the template now prefixes each line with restrict. 333 | 334 | ####Features 335 | - Change the behavior of `restrict` so you no longer need the restrict 336 | keyword. 337 | - Add `udlc` parameter to enable undisciplined local clock regardless of the 338 | machines status as a virtual machine. 339 | - Add AIX support. 340 | 341 | ####Fixes 342 | - Use class{} instead of including and then anchoring. (style) 343 | - Extend Gentoo coverage to Facter 1.7. 344 | 345 | --- 346 | ##2013-09-05 - Version 2.0.1 347 | 348 | ###Summary 349 | 350 | Correct the LICENSE file. 351 | 352 | ####Bugfixes 353 | - Add in the appropriate year and name in LICENSE. 354 | 355 | 356 | ##2013-07-31 - Version 2.0.0 357 | 358 | ###Summary 359 | 360 | The 2.0 release focuses on merging all the distro specific 361 | templates into a single reusable template across all platforms. 362 | 363 | To aid in that goal we now allow you to change the driftfile, 364 | ntp keys, and perferred_servers. 365 | 366 | ####Backwards-incompatible changes 367 | 368 | As all the distro specific templates have been removed and a 369 | unified one created you may be missing functionality you 370 | previously relied on. Please test carefully before rolling 371 | out globally. 372 | 373 | Configuration directives that might possibly be affected: 374 | - `filegen` 375 | - `fudge` (for virtual machines) 376 | - `keys` 377 | - `logfile` 378 | - `restrict` 379 | - `restrictkey` 380 | - `statistics` 381 | - `trustedkey` 382 | 383 | ####Features: 384 | - All templates merged into a single template. 385 | - NTP Keys support added. 386 | - Add preferred servers support. 387 | - Parameters in `ntp` class: 388 | - `driftfile`: path for the ntp driftfile. 389 | - `keys_enable`: Enable NTP keys feature. 390 | - `keys_file`: Path for the NTP keys file. 391 | - `keys_trusted`: Which keys to trust. 392 | - `keys_controlkey`: Which key to use for the control key. 393 | - `keys_requestkey`: Which key to use for the request key. 394 | - `preferred_servers`: Array of servers to prefer. 395 | - `restrict`: Array of restriction options to apply. 396 | 397 | --- 398 | ###2013-07-15 - Version 1.0.1 399 | ####Bugfixes 400 | - Fix deprecated warning in `autoupdate` parameter. 401 | - Correctly quote is_virtual fact. 402 | 403 | 404 | ##2013-07-08 - Version 1.0.0 405 | ####Features 406 | - Completely refactored to split across several classes. 407 | - rspec-puppet tests rewritten to cover more options. 408 | - rspec-system tests added. 409 | - ArchLinux handled via osfamily instead of special casing. 410 | - parameters in `ntp` class: 411 | - `autoupdate`: deprecated in favor of directly setting package_ensure. 412 | - `panic`: set to false if you wish to allow large clock skews. 413 | 414 | --- 415 | ##2011-11-10 Dan Bode - 0.0.4 416 | * Add Amazon Linux as a supported platform 417 | * Add unit tests 418 | 419 | 420 | ##2011-06-16 Jeff McCune - 0.0.3 421 | * Initial release under puppetlabs 422 | -------------------------------------------------------------------------------- /.rubocop.yml: -------------------------------------------------------------------------------- 1 | --- 2 | require: 3 | - rubocop-performance 4 | - rubocop-rspec 5 | AllCops: 6 | NewCops: enable 7 | DisplayCopNames: true 8 | TargetRubyVersion: 3.1 9 | Include: 10 | - "**/*.rb" 11 | Exclude: 12 | - bin/* 13 | - ".vendor/**/*" 14 | - "**/Gemfile" 15 | - "**/Rakefile" 16 | - pkg/**/* 17 | - spec/fixtures/**/* 18 | - vendor/**/* 19 | - "**/Puppetfile" 20 | - "**/Vagrantfile" 21 | - "**/Guardfile" 22 | inherit_from: ".rubocop_todo.yml" 23 | Layout/LineLength: 24 | Description: People have wide screens, use them. 25 | Max: 200 26 | RSpec/BeforeAfterAll: 27 | Description: Beware of using after(:all) as it may cause state to leak between tests. 28 | A necessary evil in acceptance testing. 29 | Exclude: 30 | - spec/acceptance/**/*.rb 31 | RSpec/HookArgument: 32 | Description: Prefer explicit :each argument, matching existing module's style 33 | EnforcedStyle: each 34 | RSpec/DescribeSymbol: 35 | Exclude: 36 | - spec/unit/facter/**/*.rb 37 | Style/BlockDelimiters: 38 | Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to 39 | be consistent then. 40 | EnforcedStyle: braces_for_chaining 41 | Style/ClassAndModuleChildren: 42 | Description: Compact style reduces the required amount of indentation. 43 | EnforcedStyle: compact 44 | Style/EmptyElse: 45 | Description: Enforce against empty else clauses, but allow `nil` for clarity. 46 | EnforcedStyle: empty 47 | Style/FormatString: 48 | Description: Following the main puppet project's style, prefer the % format format. 49 | EnforcedStyle: percent 50 | Style/FormatStringToken: 51 | Description: Following the main puppet project's style, prefer the simpler template 52 | tokens over annotated ones. 53 | EnforcedStyle: template 54 | Style/Lambda: 55 | Description: Prefer the keyword for easier discoverability. 56 | EnforcedStyle: literal 57 | Style/RegexpLiteral: 58 | Description: Community preference. See https://github.com/voxpupuli/modulesync_config/issues/168 59 | EnforcedStyle: percent_r 60 | Style/TernaryParentheses: 61 | Description: Checks for use of parentheses around ternary conditions. Enforce parentheses 62 | on complex expressions for better readability, but seriously consider breaking 63 | it up. 64 | EnforcedStyle: require_parentheses_when_complex 65 | Style/TrailingCommaInArguments: 66 | Description: Prefer always trailing comma on multiline argument lists. This makes 67 | diffs, and re-ordering nicer. 68 | EnforcedStyleForMultiline: comma 69 | Style/TrailingCommaInArrayLiteral: 70 | Description: Prefer always trailing comma on multiline literals. This makes diffs, 71 | and re-ordering nicer. 72 | EnforcedStyleForMultiline: comma 73 | Style/SymbolArray: 74 | Description: Using percent style obscures symbolic intent of array's contents. 75 | EnforcedStyle: brackets 76 | RSpec/MessageSpies: 77 | EnforcedStyle: receive 78 | Style/Documentation: 79 | Exclude: 80 | - lib/puppet/parser/functions/**/* 81 | - spec/**/* 82 | Style/WordArray: 83 | EnforcedStyle: brackets 84 | Performance/AncestorsInclude: 85 | Enabled: true 86 | Performance/BigDecimalWithNumericArgument: 87 | Enabled: true 88 | Performance/BlockGivenWithExplicitBlock: 89 | Enabled: true 90 | Performance/CaseWhenSplat: 91 | Enabled: true 92 | Performance/ConstantRegexp: 93 | Enabled: true 94 | Performance/MethodObjectAsBlock: 95 | Enabled: true 96 | Performance/RedundantSortBlock: 97 | Enabled: true 98 | Performance/RedundantStringChars: 99 | Enabled: true 100 | Performance/ReverseFirst: 101 | Enabled: true 102 | Performance/SortReverse: 103 | Enabled: true 104 | Performance/Squeeze: 105 | Enabled: true 106 | Performance/StringInclude: 107 | Enabled: true 108 | Performance/Sum: 109 | Enabled: true 110 | Style/CollectionMethods: 111 | Enabled: true 112 | Style/MethodCalledOnDoEndBlock: 113 | Enabled: true 114 | Style/StringMethods: 115 | Enabled: true 116 | Bundler/GemFilename: 117 | Enabled: false 118 | Bundler/InsecureProtocolSource: 119 | Enabled: false 120 | Capybara/CurrentPathExpectation: 121 | Enabled: false 122 | Capybara/VisibilityMatcher: 123 | Enabled: false 124 | Gemspec/DuplicatedAssignment: 125 | Enabled: false 126 | Gemspec/OrderedDependencies: 127 | Enabled: false 128 | Gemspec/RequiredRubyVersion: 129 | Enabled: false 130 | Gemspec/RubyVersionGlobalsUsage: 131 | Enabled: false 132 | Layout/ArgumentAlignment: 133 | Enabled: false 134 | Layout/BeginEndAlignment: 135 | Enabled: false 136 | Layout/ClosingHeredocIndentation: 137 | Enabled: false 138 | Layout/EmptyComment: 139 | Enabled: false 140 | Layout/EmptyLineAfterGuardClause: 141 | Enabled: false 142 | Layout/EmptyLinesAroundArguments: 143 | Enabled: false 144 | Layout/EmptyLinesAroundAttributeAccessor: 145 | Enabled: false 146 | Layout/EndOfLine: 147 | Enabled: false 148 | Layout/FirstArgumentIndentation: 149 | Enabled: false 150 | Layout/HashAlignment: 151 | Enabled: false 152 | Layout/HeredocIndentation: 153 | Enabled: false 154 | Layout/LeadingEmptyLines: 155 | Enabled: false 156 | Layout/SpaceAroundMethodCallOperator: 157 | Enabled: false 158 | Layout/SpaceInsideArrayLiteralBrackets: 159 | Enabled: false 160 | Layout/SpaceInsideReferenceBrackets: 161 | Enabled: false 162 | Lint/BigDecimalNew: 163 | Enabled: false 164 | Lint/BooleanSymbol: 165 | Enabled: false 166 | Lint/ConstantDefinitionInBlock: 167 | Enabled: false 168 | Lint/DeprecatedOpenSSLConstant: 169 | Enabled: false 170 | Lint/DisjunctiveAssignmentInConstructor: 171 | Enabled: false 172 | Lint/DuplicateElsifCondition: 173 | Enabled: false 174 | Lint/DuplicateRequire: 175 | Enabled: false 176 | Lint/DuplicateRescueException: 177 | Enabled: false 178 | Lint/EmptyConditionalBody: 179 | Enabled: false 180 | Lint/EmptyFile: 181 | Enabled: false 182 | Lint/ErbNewArguments: 183 | Enabled: false 184 | Lint/FloatComparison: 185 | Enabled: false 186 | Lint/HashCompareByIdentity: 187 | Enabled: false 188 | Lint/IdentityComparison: 189 | Enabled: false 190 | Lint/InterpolationCheck: 191 | Enabled: false 192 | Lint/MissingCopEnableDirective: 193 | Enabled: false 194 | Lint/MixedRegexpCaptureTypes: 195 | Enabled: false 196 | Lint/NestedPercentLiteral: 197 | Enabled: false 198 | Lint/NonDeterministicRequireOrder: 199 | Enabled: false 200 | Lint/OrderedMagicComments: 201 | Enabled: false 202 | Lint/OutOfRangeRegexpRef: 203 | Enabled: false 204 | Lint/RaiseException: 205 | Enabled: false 206 | Lint/RedundantCopEnableDirective: 207 | Enabled: false 208 | Lint/RedundantRequireStatement: 209 | Enabled: false 210 | Lint/RedundantSafeNavigation: 211 | Enabled: false 212 | Lint/RedundantWithIndex: 213 | Enabled: false 214 | Lint/RedundantWithObject: 215 | Enabled: false 216 | Lint/RegexpAsCondition: 217 | Enabled: false 218 | Lint/ReturnInVoidContext: 219 | Enabled: false 220 | Lint/SafeNavigationConsistency: 221 | Enabled: false 222 | Lint/SafeNavigationWithEmpty: 223 | Enabled: false 224 | Lint/SelfAssignment: 225 | Enabled: false 226 | Lint/SendWithMixinArgument: 227 | Enabled: false 228 | Lint/ShadowedArgument: 229 | Enabled: false 230 | Lint/StructNewOverride: 231 | Enabled: false 232 | Lint/ToJSON: 233 | Enabled: false 234 | Lint/TopLevelReturnWithArgument: 235 | Enabled: false 236 | Lint/TrailingCommaInAttributeDeclaration: 237 | Enabled: false 238 | Lint/UnreachableLoop: 239 | Enabled: false 240 | Lint/UriEscapeUnescape: 241 | Enabled: false 242 | Lint/UriRegexp: 243 | Enabled: false 244 | Lint/UselessMethodDefinition: 245 | Enabled: false 246 | Lint/UselessTimes: 247 | Enabled: false 248 | Metrics/AbcSize: 249 | Enabled: false 250 | Metrics/BlockLength: 251 | Enabled: false 252 | Metrics/BlockNesting: 253 | Enabled: false 254 | Metrics/ClassLength: 255 | Enabled: false 256 | Metrics/CyclomaticComplexity: 257 | Enabled: false 258 | Metrics/MethodLength: 259 | Enabled: false 260 | Metrics/ModuleLength: 261 | Enabled: false 262 | Metrics/ParameterLists: 263 | Enabled: false 264 | Metrics/PerceivedComplexity: 265 | Enabled: false 266 | Migration/DepartmentName: 267 | Enabled: false 268 | Naming/AccessorMethodName: 269 | Enabled: false 270 | Naming/BlockParameterName: 271 | Enabled: false 272 | Naming/HeredocDelimiterCase: 273 | Enabled: false 274 | Naming/HeredocDelimiterNaming: 275 | Enabled: false 276 | Naming/MemoizedInstanceVariableName: 277 | Enabled: false 278 | Naming/MethodParameterName: 279 | Enabled: false 280 | Naming/RescuedExceptionsVariableName: 281 | Enabled: false 282 | Naming/VariableNumber: 283 | Enabled: false 284 | Performance/BindCall: 285 | Enabled: false 286 | Performance/DeletePrefix: 287 | Enabled: false 288 | Performance/DeleteSuffix: 289 | Enabled: false 290 | Performance/InefficientHashSearch: 291 | Enabled: false 292 | Performance/UnfreezeString: 293 | Enabled: false 294 | Performance/UriDefaultParser: 295 | Enabled: false 296 | RSpec/Be: 297 | Enabled: false 298 | RSpec/Capybara/FeatureMethods: 299 | Enabled: false 300 | RSpec/ContainExactly: 301 | Enabled: false 302 | RSpec/ContextMethod: 303 | Enabled: false 304 | RSpec/ContextWording: 305 | Enabled: false 306 | RSpec/DescribeClass: 307 | Enabled: false 308 | RSpec/EmptyHook: 309 | Enabled: false 310 | RSpec/EmptyLineAfterExample: 311 | Enabled: false 312 | RSpec/EmptyLineAfterExampleGroup: 313 | Enabled: false 314 | RSpec/EmptyLineAfterHook: 315 | Enabled: false 316 | RSpec/ExampleLength: 317 | Enabled: false 318 | RSpec/ExampleWithoutDescription: 319 | Enabled: false 320 | RSpec/ExpectChange: 321 | Enabled: false 322 | RSpec/ExpectInHook: 323 | Enabled: false 324 | RSpec/FactoryBot/AttributeDefinedStatically: 325 | Enabled: false 326 | RSpec/FactoryBot/CreateList: 327 | Enabled: false 328 | RSpec/FactoryBot/FactoryClassName: 329 | Enabled: false 330 | RSpec/HooksBeforeExamples: 331 | Enabled: false 332 | RSpec/ImplicitBlockExpectation: 333 | Enabled: false 334 | RSpec/ImplicitSubject: 335 | Enabled: false 336 | RSpec/LeakyConstantDeclaration: 337 | Enabled: false 338 | RSpec/LetBeforeExamples: 339 | Enabled: false 340 | RSpec/MatchArray: 341 | Enabled: false 342 | RSpec/MissingExampleGroupArgument: 343 | Enabled: false 344 | RSpec/MultipleExpectations: 345 | Enabled: false 346 | RSpec/MultipleMemoizedHelpers: 347 | Enabled: false 348 | RSpec/MultipleSubjects: 349 | Enabled: false 350 | RSpec/NestedGroups: 351 | Enabled: false 352 | RSpec/PredicateMatcher: 353 | Enabled: false 354 | RSpec/ReceiveCounts: 355 | Enabled: false 356 | RSpec/ReceiveNever: 357 | Enabled: false 358 | RSpec/RepeatedExampleGroupBody: 359 | Enabled: false 360 | RSpec/RepeatedExampleGroupDescription: 361 | Enabled: false 362 | RSpec/RepeatedIncludeExample: 363 | Enabled: false 364 | RSpec/ReturnFromStub: 365 | Enabled: false 366 | RSpec/SharedExamples: 367 | Enabled: false 368 | RSpec/StubbedMock: 369 | Enabled: false 370 | RSpec/UnspecifiedException: 371 | Enabled: false 372 | RSpec/VariableDefinition: 373 | Enabled: false 374 | RSpec/VoidExpect: 375 | Enabled: false 376 | RSpec/Yield: 377 | Enabled: false 378 | Security/Open: 379 | Enabled: false 380 | Style/AccessModifierDeclarations: 381 | Enabled: false 382 | Style/AccessorGrouping: 383 | Enabled: false 384 | Style/BisectedAttrAccessor: 385 | Enabled: false 386 | Style/CaseLikeIf: 387 | Enabled: false 388 | Style/ClassEqualityComparison: 389 | Enabled: false 390 | Style/ColonMethodDefinition: 391 | Enabled: false 392 | Style/CombinableLoops: 393 | Enabled: false 394 | Style/CommentedKeyword: 395 | Enabled: false 396 | Style/Dir: 397 | Enabled: false 398 | Style/DoubleCopDisableDirective: 399 | Enabled: false 400 | Style/EmptyBlockParameter: 401 | Enabled: false 402 | Style/EmptyLambdaParameter: 403 | Enabled: false 404 | Style/Encoding: 405 | Enabled: false 406 | Style/EvalWithLocation: 407 | Enabled: false 408 | Style/ExpandPathArguments: 409 | Enabled: false 410 | Style/ExplicitBlockArgument: 411 | Enabled: false 412 | Style/ExponentialNotation: 413 | Enabled: false 414 | Style/FloatDivision: 415 | Enabled: false 416 | Style/FrozenStringLiteralComment: 417 | Enabled: false 418 | Style/GlobalStdStream: 419 | Enabled: false 420 | Style/HashAsLastArrayItem: 421 | Enabled: false 422 | Style/HashLikeCase: 423 | Enabled: false 424 | Style/HashTransformKeys: 425 | Enabled: false 426 | Style/HashTransformValues: 427 | Enabled: false 428 | Style/IfUnlessModifier: 429 | Enabled: false 430 | Style/KeywordParametersOrder: 431 | Enabled: false 432 | Style/MinMax: 433 | Enabled: false 434 | Style/MixinUsage: 435 | Enabled: false 436 | Style/MultilineWhenThen: 437 | Enabled: false 438 | Style/NegatedUnless: 439 | Enabled: false 440 | Style/NumericPredicate: 441 | Enabled: false 442 | Style/OptionalBooleanParameter: 443 | Enabled: false 444 | Style/OrAssignment: 445 | Enabled: false 446 | Style/RandomWithOffset: 447 | Enabled: false 448 | Style/RedundantAssignment: 449 | Enabled: false 450 | Style/RedundantCondition: 451 | Enabled: false 452 | Style/RedundantConditional: 453 | Enabled: false 454 | Style/RedundantFetchBlock: 455 | Enabled: false 456 | Style/RedundantFileExtensionInRequire: 457 | Enabled: false 458 | Style/RedundantRegexpCharacterClass: 459 | Enabled: false 460 | Style/RedundantRegexpEscape: 461 | Enabled: false 462 | Style/RedundantSelfAssignment: 463 | Enabled: false 464 | Style/RedundantSort: 465 | Enabled: false 466 | Style/RescueStandardError: 467 | Enabled: false 468 | Style/SingleArgumentDig: 469 | Enabled: false 470 | Style/SlicingWithRange: 471 | Enabled: false 472 | Style/SoleNestedConditional: 473 | Enabled: false 474 | Style/StderrPuts: 475 | Enabled: false 476 | Style/StringConcatenation: 477 | Enabled: false 478 | Style/Strip: 479 | Enabled: false 480 | Style/SymbolProc: 481 | Enabled: false 482 | Style/TrailingBodyOnClass: 483 | Enabled: false 484 | Style/TrailingBodyOnMethodDefinition: 485 | Enabled: false 486 | Style/TrailingBodyOnModule: 487 | Enabled: false 488 | Style/TrailingCommaInHashLiteral: 489 | Enabled: false 490 | Style/TrailingMethodEndStatement: 491 | Enabled: false 492 | Style/UnpackFirst: 493 | Enabled: false 494 | Capybara/MatchStyle: 495 | Enabled: false 496 | Capybara/NegationMatcher: 497 | Enabled: false 498 | Capybara/SpecificActions: 499 | Enabled: false 500 | Capybara/SpecificFinders: 501 | Enabled: false 502 | Capybara/SpecificMatcher: 503 | Enabled: false 504 | Gemspec/DeprecatedAttributeAssignment: 505 | Enabled: false 506 | Gemspec/DevelopmentDependencies: 507 | Enabled: false 508 | Gemspec/RequireMFA: 509 | Enabled: false 510 | Layout/LineContinuationLeadingSpace: 511 | Enabled: false 512 | Layout/LineContinuationSpacing: 513 | Enabled: false 514 | Layout/LineEndStringConcatenationIndentation: 515 | Enabled: false 516 | Layout/SpaceBeforeBrackets: 517 | Enabled: false 518 | Lint/AmbiguousAssignment: 519 | Enabled: false 520 | Lint/AmbiguousOperatorPrecedence: 521 | Enabled: false 522 | Lint/AmbiguousRange: 523 | Enabled: false 524 | Lint/ConstantOverwrittenInRescue: 525 | Enabled: false 526 | Lint/DeprecatedConstants: 527 | Enabled: false 528 | Lint/DuplicateBranch: 529 | Enabled: false 530 | Lint/DuplicateMagicComment: 531 | Enabled: false 532 | Lint/DuplicateMatchPattern: 533 | Enabled: false 534 | Lint/DuplicateRegexpCharacterClassElement: 535 | Enabled: false 536 | Lint/EmptyBlock: 537 | Enabled: false 538 | Lint/EmptyClass: 539 | Enabled: false 540 | Lint/EmptyInPattern: 541 | Enabled: false 542 | Lint/IncompatibleIoSelectWithFiberScheduler: 543 | Enabled: false 544 | Lint/LambdaWithoutLiteralBlock: 545 | Enabled: false 546 | Lint/NoReturnInBeginEndBlocks: 547 | Enabled: false 548 | Lint/NonAtomicFileOperation: 549 | Enabled: false 550 | Lint/NumberedParameterAssignment: 551 | Enabled: false 552 | Lint/OrAssignmentToConstant: 553 | Enabled: false 554 | Lint/RedundantDirGlobSort: 555 | Enabled: false 556 | Lint/RefinementImportMethods: 557 | Enabled: false 558 | Lint/RequireRangeParentheses: 559 | Enabled: false 560 | Lint/RequireRelativeSelfPath: 561 | Enabled: false 562 | Lint/SymbolConversion: 563 | Enabled: false 564 | Lint/ToEnumArguments: 565 | Enabled: false 566 | Lint/TripleQuotes: 567 | Enabled: false 568 | Lint/UnexpectedBlockArity: 569 | Enabled: false 570 | Lint/UnmodifiedReduceAccumulator: 571 | Enabled: false 572 | Lint/UselessRescue: 573 | Enabled: false 574 | Lint/UselessRuby2Keywords: 575 | Enabled: false 576 | Metrics/CollectionLiteralLength: 577 | Enabled: false 578 | Naming/BlockForwarding: 579 | Enabled: false 580 | Performance/CollectionLiteralInLoop: 581 | Enabled: false 582 | Performance/ConcurrentMonotonicTime: 583 | Enabled: false 584 | Performance/MapCompact: 585 | Enabled: false 586 | Performance/RedundantEqualityComparisonBlock: 587 | Enabled: false 588 | Performance/RedundantSplitRegexpArgument: 589 | Enabled: false 590 | Performance/StringIdentifierArgument: 591 | Enabled: false 592 | RSpec/BeEq: 593 | Enabled: false 594 | RSpec/BeNil: 595 | Enabled: false 596 | RSpec/ChangeByZero: 597 | Enabled: false 598 | RSpec/ClassCheck: 599 | Enabled: false 600 | RSpec/DuplicatedMetadata: 601 | Enabled: false 602 | RSpec/ExcessiveDocstringSpacing: 603 | Enabled: false 604 | RSpec/FactoryBot/ConsistentParenthesesStyle: 605 | Enabled: false 606 | RSpec/FactoryBot/FactoryNameStyle: 607 | Enabled: false 608 | RSpec/FactoryBot/SyntaxMethods: 609 | Enabled: false 610 | RSpec/IdenticalEqualityAssertion: 611 | Enabled: false 612 | RSpec/NoExpectationExample: 613 | Enabled: false 614 | RSpec/PendingWithoutReason: 615 | Enabled: false 616 | RSpec/Rails/AvoidSetupHook: 617 | Enabled: false 618 | RSpec/Rails/HaveHttpStatus: 619 | Enabled: false 620 | RSpec/Rails/InferredSpecType: 621 | Enabled: false 622 | RSpec/Rails/MinitestAssertions: 623 | Enabled: false 624 | RSpec/Rails/TravelAround: 625 | Enabled: false 626 | RSpec/RedundantAround: 627 | Enabled: false 628 | RSpec/SkipBlockInsideExample: 629 | Enabled: false 630 | RSpec/SortMetadata: 631 | Enabled: false 632 | RSpec/SubjectDeclaration: 633 | Enabled: false 634 | RSpec/VerifiedDoubleReference: 635 | Enabled: false 636 | Security/CompoundHash: 637 | Enabled: false 638 | Security/IoMethods: 639 | Enabled: false 640 | Style/ArgumentsForwarding: 641 | Enabled: false 642 | Style/ArrayIntersect: 643 | Enabled: false 644 | Style/CollectionCompact: 645 | Enabled: false 646 | Style/ComparableClamp: 647 | Enabled: false 648 | Style/ConcatArrayLiterals: 649 | Enabled: false 650 | Style/DataInheritance: 651 | Enabled: false 652 | Style/DirEmpty: 653 | Enabled: false 654 | Style/DocumentDynamicEvalDefinition: 655 | Enabled: false 656 | Style/EmptyHeredoc: 657 | Enabled: false 658 | Style/EndlessMethod: 659 | Enabled: false 660 | Style/EnvHome: 661 | Enabled: false 662 | Style/FetchEnvVar: 663 | Enabled: false 664 | Style/FileEmpty: 665 | Enabled: false 666 | Style/FileRead: 667 | Enabled: false 668 | Style/FileWrite: 669 | Enabled: false 670 | Style/HashConversion: 671 | Enabled: false 672 | Style/HashExcept: 673 | Enabled: false 674 | Style/IfWithBooleanLiteralBranches: 675 | Enabled: false 676 | Style/InPatternThen: 677 | Enabled: false 678 | Style/MagicCommentFormat: 679 | Enabled: false 680 | Style/MapCompactWithConditionalBlock: 681 | Enabled: false 682 | Style/MapToHash: 683 | Enabled: false 684 | Style/MapToSet: 685 | Enabled: false 686 | Style/MinMaxComparison: 687 | Enabled: false 688 | Style/MultilineInPatternThen: 689 | Enabled: false 690 | Style/NegatedIfElseCondition: 691 | Enabled: false 692 | Style/NestedFileDirname: 693 | Enabled: false 694 | Style/NilLambda: 695 | Enabled: false 696 | Style/NumberedParameters: 697 | Enabled: false 698 | Style/NumberedParametersLimit: 699 | Enabled: false 700 | Style/ObjectThen: 701 | Enabled: false 702 | Style/OpenStructUse: 703 | Enabled: false 704 | Style/OperatorMethodCall: 705 | Enabled: false 706 | Style/QuotedSymbols: 707 | Enabled: false 708 | Style/RedundantArgument: 709 | Enabled: false 710 | Style/RedundantConstantBase: 711 | Enabled: false 712 | Style/RedundantDoubleSplatHashBraces: 713 | Enabled: false 714 | Style/RedundantEach: 715 | Enabled: false 716 | Style/RedundantHeredocDelimiterQuotes: 717 | Enabled: false 718 | Style/RedundantInitialize: 719 | Enabled: false 720 | Style/RedundantLineContinuation: 721 | Enabled: false 722 | Style/RedundantSelfAssignmentBranch: 723 | Enabled: false 724 | Style/RedundantStringEscape: 725 | Enabled: false 726 | Style/SelectByRegexp: 727 | Enabled: false 728 | Style/StringChars: 729 | Enabled: false 730 | Style/SwapValues: 731 | Enabled: false 732 | -------------------------------------------------------------------------------- /REFERENCE.md: -------------------------------------------------------------------------------- 1 | # Reference 2 | 3 | 4 | 5 | ## Table of Contents 6 | 7 | ### Classes 8 | 9 | #### Public Classes 10 | 11 | * [`ntp`](#ntp): ntp Main class, includes all other classes. 12 | 13 | #### Private Classes 14 | 15 | * `ntp::config`: This class handles the configuration file. 16 | * `ntp::install`: This class handles ntp packages. 17 | * `ntp::service`: This class handles the ntp service. 18 | 19 | ### Data types 20 | 21 | * [`Ntp::Key_id`](#Ntp--Key_id): See http://doc.ntp.org/4.2.6/authopt.html#controlkey for documentation Alternatively: type Ntp::Key_id = Variant[Integer, Pattern['']] 22 | * [`Ntp::Poll_interval`](#Ntp--Poll_interval): See https://doc.ntp.org/documentation/4.2.6-series/confopt/#command-options for documentation Alternatively: type Ntp::Poll_interval = Varian 23 | 24 | ### Plans 25 | 26 | * [`ntp::acceptance::pe_agent`](#ntp--acceptance--pe_agent): Install PE 27 | * [`ntp::acceptance::pe_server`](#ntp--acceptance--pe_server): Install PE Server 28 | * [`ntp::acceptance::provision_integration`](#ntp--acceptance--provision_integration): Provisions machines 29 | 30 | ## Classes 31 | 32 | ### `ntp` 33 | 34 | ntp 35 | 36 | Main class, includes all other classes. 37 | 38 | #### Parameters 39 | 40 | The following parameters are available in the `ntp` class: 41 | 42 | * [`authprov`](#-ntp--authprov) 43 | * [`broadcastclient`](#-ntp--broadcastclient) 44 | * [`burst`](#-ntp--burst) 45 | * [`config`](#-ntp--config) 46 | * [`config_dir`](#-ntp--config_dir) 47 | * [`config_epp`](#-ntp--config_epp) 48 | * [`config_file_mode`](#-ntp--config_file_mode) 49 | * [`daemon_extra_opts`](#-ntp--daemon_extra_opts) 50 | * [`disable_auth`](#-ntp--disable_auth) 51 | * [`disable_dhclient`](#-ntp--disable_dhclient) 52 | * [`disable_kernel`](#-ntp--disable_kernel) 53 | * [`disable_monitor`](#-ntp--disable_monitor) 54 | * [`driftfile`](#-ntp--driftfile) 55 | * [`enable_mode7`](#-ntp--enable_mode7) 56 | * [`fudge`](#-ntp--fudge) 57 | * [`iburst_enable`](#-ntp--iburst_enable) 58 | * [`interfaces`](#-ntp--interfaces) 59 | * [`interfaces_ignore`](#-ntp--interfaces_ignore) 60 | * [`keys`](#-ntp--keys) 61 | * [`keys_controlkey`](#-ntp--keys_controlkey) 62 | * [`keys_enable`](#-ntp--keys_enable) 63 | * [`keys_file`](#-ntp--keys_file) 64 | * [`keys_requestkey`](#-ntp--keys_requestkey) 65 | * [`keys_trusted`](#-ntp--keys_trusted) 66 | * [`leapfile`](#-ntp--leapfile) 67 | * [`logfile`](#-ntp--logfile) 68 | * [`logfile_group`](#-ntp--logfile_group) 69 | * [`logfile_mode`](#-ntp--logfile_mode) 70 | * [`logfile_user`](#-ntp--logfile_user) 71 | * [`logconfig`](#-ntp--logconfig) 72 | * [`minpoll`](#-ntp--minpoll) 73 | * [`maxpoll`](#-ntp--maxpoll) 74 | * [`ntpsigndsocket`](#-ntp--ntpsigndsocket) 75 | * [`package_ensure`](#-ntp--package_ensure) 76 | * [`package_manage`](#-ntp--package_manage) 77 | * [`package_name`](#-ntp--package_name) 78 | * [`panic`](#-ntp--panic) 79 | * [`peers`](#-ntp--peers) 80 | * [`tos_orphan`](#-ntp--tos_orphan) 81 | * [`pool`](#-ntp--pool) 82 | * [`preferred_servers`](#-ntp--preferred_servers) 83 | * [`noselect_servers`](#-ntp--noselect_servers) 84 | * [`restrict`](#-ntp--restrict) 85 | * [`servers`](#-ntp--servers) 86 | * [`service_enable`](#-ntp--service_enable) 87 | * [`service_ensure`](#-ntp--service_ensure) 88 | * [`service_manage`](#-ntp--service_manage) 89 | * [`service_name`](#-ntp--service_name) 90 | * [`service_provider`](#-ntp--service_provider) 91 | * [`service_hasstatus`](#-ntp--service_hasstatus) 92 | * [`service_hasrestart`](#-ntp--service_hasrestart) 93 | * [`slewalways`](#-ntp--slewalways) 94 | * [`statistics`](#-ntp--statistics) 95 | * [`statsdir`](#-ntp--statsdir) 96 | * [`step_tickers_file`](#-ntp--step_tickers_file) 97 | * [`step_tickers_epp`](#-ntp--step_tickers_epp) 98 | * [`step_tickers_template`](#-ntp--step_tickers_template) 99 | * [`stepout`](#-ntp--stepout) 100 | * [`tos`](#-ntp--tos) 101 | * [`tos_minclock`](#-ntp--tos_minclock) 102 | * [`tos_maxclock`](#-ntp--tos_maxclock) 103 | * [`tos_minsane`](#-ntp--tos_minsane) 104 | * [`tos_floor`](#-ntp--tos_floor) 105 | * [`tos_ceiling`](#-ntp--tos_ceiling) 106 | * [`tos_cohort`](#-ntp--tos_cohort) 107 | * [`tinker`](#-ntp--tinker) 108 | * [`udlc`](#-ntp--udlc) 109 | * [`udlc_stratum`](#-ntp--udlc_stratum) 110 | * [`user`](#-ntp--user) 111 | 112 | ##### `authprov` 113 | 114 | Data type: `Optional[String]` 115 | 116 | Enables compatibility with W32Time in some versions of NTPd (such as Novell DSfW). Default value: undef. 117 | 118 | ##### `broadcastclient` 119 | 120 | Data type: `Boolean` 121 | 122 | Enables reception of broadcast server messages to any local interface. Default value: false. 123 | 124 | ##### `burst` 125 | 126 | Data type: `Boolean` 127 | 128 | When the server is reachable, send a burst of eight packets instead of the usual one. Default value: false. 129 | 130 | ##### `config` 131 | 132 | Data type: `Stdlib::Absolutepath` 133 | 134 | Specifies a file for NTP's configuration info. Default value: '/etc/ntp.conf' (or '/etc/inet/ntp.conf' on Solaris). 135 | 136 | ##### `config_dir` 137 | 138 | Data type: `Optional[Stdlib::Absolutepath]` 139 | 140 | Specifies a directory for the NTP configuration files. Default value: undef. 141 | 142 | ##### `config_epp` 143 | 144 | Data type: `Optional[String]` 145 | 146 | Specifies an absolute or relative file path to an EPP template for the config file. 147 | Example value: 'ntp/ntp.conf.epp'. A validation error is thrown if `config_epp` parameter is not specified. 148 | 149 | ##### `config_file_mode` 150 | 151 | Data type: `String` 152 | 153 | Specifies a file mode for the ntp configuration file. Default value: '0664'. 154 | 155 | ##### `daemon_extra_opts` 156 | 157 | Data type: `Optional[String]` 158 | 159 | Specifies any arguments to pass to ntp daemon. Default value: '-g'. 160 | Example value: '-g -i /var/lib/ntp' to enable jaildir options. 161 | Note that user is a specific parameter handled separately. 162 | 163 | ##### `disable_auth` 164 | 165 | Data type: `Boolean` 166 | 167 | Disables cryptographic authentication for broadcast client, multicast client, and symmetric passive associations. 168 | 169 | ##### `disable_dhclient` 170 | 171 | Data type: `Boolean` 172 | 173 | Disables `ntp-servers` in `dhclient.conf` to prevent Dhclient from managing the NTP configuration. 174 | 175 | ##### `disable_kernel` 176 | 177 | Data type: `Boolean` 178 | 179 | Disables kernel time discipline. 180 | 181 | ##### `disable_monitor` 182 | 183 | Data type: `Boolean` 184 | 185 | Disables the monitoring facility in NTP. Default value: true. 186 | 187 | ##### `driftfile` 188 | 189 | Data type: `Stdlib::Absolutepath` 190 | 191 | Specifies an NTP driftfile. Default value: '/var/lib/ntp/drift' (except on AIX and Solaris). 192 | 193 | ##### `enable_mode7` 194 | 195 | Data type: `Boolean` 196 | 197 | Enables processing of NTP mode 7 implementation-specific requests which are used by the deprecated ntpdc program. Default value: false. 198 | 199 | ##### `fudge` 200 | 201 | Data type: `Optional[Array[String]]` 202 | 203 | Provides additional information for individual clock drivers. Default value: [ ] 204 | 205 | ##### `iburst_enable` 206 | 207 | Data type: `Boolean` 208 | 209 | Specifies whether to enable the iburst option for every NTP peer. Default value: false (true on AIX and Debian). 210 | 211 | ##### `interfaces` 212 | 213 | Data type: `Array[String]` 214 | 215 | Specifies one or more network interfaces for NTP to listen on. Default value: [ ]. 216 | 217 | ##### `interfaces_ignore` 218 | 219 | Data type: `Array[String]` 220 | 221 | Specifies one or more ignore pattern for the NTP listener configuration (for example: all, wildcard, ipv6). Default value: [ ]. 222 | 223 | ##### `keys` 224 | 225 | Data type: `Array[String]` 226 | 227 | Distributes keys to keys file. Default value: [ ]. 228 | 229 | ##### `keys_controlkey` 230 | 231 | Data type: `Optional[Ntp::Key_id]` 232 | 233 | Specifies the key identifier to use with the ntpq utility. Value in the range of 1 to 65,534 inclusive. Default value: ' '. 234 | 235 | ##### `keys_enable` 236 | 237 | Data type: `Boolean` 238 | 239 | Whether to enable key-based authentication. Default value: false. 240 | 241 | ##### `keys_file` 242 | 243 | Data type: `Stdlib::Absolutepath` 244 | 245 | Specifies the complete path and location of the MD5 key file containing the keys and key identifiers used by ntpd, ntpq and ntpdc 246 | when operating with symmetric key cryptography. Default value: `/etc/ntp.keys` (on RedHat and Amazon, `/etc/ntp/keys`). 247 | 248 | ##### `keys_requestkey` 249 | 250 | Data type: `Optional[Ntp::Key_id]` 251 | 252 | Specifies the key identifier to use with the ntpdc utility program. Value in the range of 1 to 65,534. Default value: ' '. 253 | 254 | ##### `keys_trusted` 255 | 256 | Data type: `Optional[Array[Ntp::Key_id]]` 257 | 258 | Provides one or more keys to be trusted by NTP. Default value: [ ]. 259 | 260 | ##### `leapfile` 261 | 262 | Data type: `Optional[Stdlib::Absolutepath]` 263 | 264 | Specifies a leap second file for NTP to use. Default value: ' '. 265 | 266 | ##### `logfile` 267 | 268 | Data type: `Optional[Stdlib::Absolutepath]` 269 | 270 | Specifies a log file for NTP to use instead of syslog. Default value: ' '. 271 | 272 | ##### `logfile_group` 273 | 274 | Data type: `Optional[Variant[String, Integer]]` 275 | 276 | Specifies the group for the NTP log file. Default is 'ntp'. 277 | 278 | ##### `logfile_mode` 279 | 280 | Data type: `String` 281 | 282 | Specifies the permission for the NTP log file. Default is 0664. 283 | 284 | ##### `logfile_user` 285 | 286 | Data type: `Optional[Variant[String, Integer]]` 287 | 288 | Specifies the user for the NTP log file. Default is 'ntp'. 289 | 290 | ##### `logconfig` 291 | 292 | Data type: `Optional[String]` 293 | 294 | Specifies the logconfig for NTP to use. Default value: ' '. 295 | 296 | ##### `minpoll` 297 | 298 | Data type: `Optional[Ntp::Poll_interval]` 299 | 300 | Sets Puppet to non-standard minimal poll interval of upstream servers. 301 | Values: 3 to 16. Default: undef. 302 | 303 | ##### `maxpoll` 304 | 305 | Data type: `Optional[Ntp::Poll_interval]` 306 | 307 | Sets use non-standard maximal poll interval of upstream servers. 308 | Values: 3 to 16. Default option: undef, except on FreeBSD (on FreeBSD, defaults to 9). 309 | 310 | ##### `ntpsigndsocket` 311 | 312 | Data type: `Optional[Stdlib::Absolutepath]` 313 | 314 | Sets NTP to sign packets using the socket in the ntpsigndsocket path. Requires NTP to be configured to sign sockets. 315 | Value: Path to the socket directory; for example, for Samba: `usr/local/samba/var/lib/ntp_signd/`. Default value: undef. 316 | 317 | ##### `package_ensure` 318 | 319 | Data type: `String` 320 | 321 | Whether to install the NTP package, and what version to install. Values: 'present', 'latest', or a specific version number. 322 | Default value: 'present'. 323 | 324 | ##### `package_manage` 325 | 326 | Data type: `Boolean` 327 | 328 | Whether to manage the NTP package. Default value: true. 329 | 330 | ##### `package_name` 331 | 332 | Data type: `Array[String]` 333 | 334 | Specifies the NTP package to manage. Default value: ['ntp'] (except on AIX and Solaris). 335 | 336 | ##### `panic` 337 | 338 | Data type: `Optional[Integer[0]]` 339 | 340 | Whether NTP should "panic" in the event of a very large clock skew. Applies only if `tinker` option set to true or if your environment 341 | is in a virtual machine. Default value: 0 if environment is virtual, undef in all other cases. 342 | 343 | ##### `peers` 344 | 345 | Data type: `Array[String]` 346 | 347 | List of NTP servers with which to synchronise the local clock. 348 | 349 | ##### `tos_orphan` 350 | 351 | Data type: `Optional[Integer[1]]` 352 | 353 | Enables Orphan mode for peer group 354 | Value: Should be set to 2 more than the worst-case externally-reachable source's stratum. 355 | 356 | ##### `pool` 357 | 358 | Data type: `Optional[Array[String]]` 359 | 360 | List of NTP server pools with which to synchronise the local clock. 361 | 362 | ##### `preferred_servers` 363 | 364 | Data type: `Array[String]` 365 | 366 | Specifies one or more preferred peers. Puppet appends 'prefer' to each matching item in the `servers` array. 367 | Default value: [ ]. 368 | 369 | ##### `noselect_servers` 370 | 371 | Data type: `Array[String]` 372 | 373 | Specifies one or more peers to not sync with. Puppet appends 'noselect' to each matching item in the `servers` array. 374 | Default value: [ ]. 375 | 376 | ##### `restrict` 377 | 378 | Data type: `Array[String]` 379 | 380 | Specifies one or more `restrict` options for the NTP configuration. 381 | Puppet prefixes each item with 'restrict', so you need to list only the content of the restriction. 382 | Default value for most operating systems: 383 | '[default kod nomodify notrap nopeer noquery', '-6 default kod nomodify notrap nopeer noquery', '127.0.0.1', '-6 ::1']'. 384 | Default value for AIX systems: 385 | '['default nomodify notrap nopeer noquery', '127.0.0.1',]'. 386 | 387 | ##### `servers` 388 | 389 | Data type: `Array[String]` 390 | 391 | Specifies one or more servers to be used as NTP peers. Default value: varies by operating system. 392 | 393 | ##### `service_enable` 394 | 395 | Data type: `Boolean` 396 | 397 | Whether to enable the NTP service at boot. Default value: true. 398 | 399 | ##### `service_ensure` 400 | 401 | Data type: `Enum['running', 'stopped']` 402 | 403 | Whether the NTP service should be running. Default value: 'running'. 404 | 405 | ##### `service_manage` 406 | 407 | Data type: `Boolean` 408 | 409 | Whether to manage the NTP service. Default value: true. 410 | 411 | ##### `service_name` 412 | 413 | Data type: `String` 414 | 415 | The NTP service to manage. Default value: varies by operating system. 416 | 417 | ##### `service_provider` 418 | 419 | Data type: `Optional[String]` 420 | 421 | Which service provider to use for NTP. Default value: 'undef'. 422 | 423 | ##### `service_hasstatus` 424 | 425 | Data type: `Boolean` 426 | 427 | Whether service has a functional status command. Default value: true. 428 | 429 | ##### `service_hasrestart` 430 | 431 | Data type: `Boolean` 432 | 433 | Whether service has a restart command. Default value: true. 434 | 435 | ##### `slewalways` 436 | 437 | Data type: `Optional[Enum['yes','no']]` 438 | 439 | xntpd setting to disable stepping behavior and always slew the clock to handle adjustments. 440 | Only relevant for AIX. Default value: 'undef'. Allowed values: 'yes', 'no' 441 | 442 | ##### `statistics` 443 | 444 | Data type: `Optional[Array]` 445 | 446 | List of statistics to have NTP generate and keep. Default value: [ ]. 447 | 448 | ##### `statsdir` 449 | 450 | Data type: `Optional[Stdlib::Absolutepath]` 451 | 452 | Location of the NTP statistics directory on the managed system. Default value: '/var/log/ntpstats'. 453 | 454 | ##### `step_tickers_file` 455 | 456 | Data type: `Optional[Stdlib::Absolutepath]` 457 | 458 | Location of the step tickers file on the managed system. Default value: varies by operating system. 459 | 460 | ##### `step_tickers_epp` 461 | 462 | Data type: `Optional[String]` 463 | 464 | Location of the step tickers EPP template file. Default value: varies by operating system. 465 | Validation error is thrown if both this and the `step_tickers_template` parameters are specified. 466 | 467 | ##### `step_tickers_template` 468 | 469 | Data type: `Optional[String]` 470 | 471 | Location of the step tickers ERB template file. Default value: varies by operating system. 472 | Validation error is thrown if both this and the `step_tickers_epp` parameter are specified. 473 | 474 | ##### `stepout` 475 | 476 | Data type: `Optional[Integer[0, 65535]]` 477 | 478 | Value for stepout if `tinker` value is true. Valid options: unsigned shortint digit. Default value: undef. 479 | 480 | ##### `tos` 481 | 482 | Data type: `Boolean` 483 | 484 | Whether to enable tos options. Default value: false. 485 | 486 | ##### `tos_minclock` 487 | 488 | Data type: `Optional[Integer[1]]` 489 | 490 | Specifies the minclock tos option. Default value: 3. 491 | 492 | ##### `tos_maxclock` 493 | 494 | Data type: `Optional[Integer[1]]` 495 | 496 | Specifies the maxclock tos option. Default value: 6. 497 | 498 | ##### `tos_minsane` 499 | 500 | Data type: `Optional[Integer[1]]` 501 | 502 | Specifies the minsane tos option. Default value: 1. 503 | 504 | ##### `tos_floor` 505 | 506 | Data type: `Optional[Integer[1]]` 507 | 508 | Specifies the floor tos option. Default value: 1. 509 | 510 | ##### `tos_ceiling` 511 | 512 | Data type: `Optional[Integer[1]]` 513 | 514 | Specifies the ceiling tos option. Default value: 15. 515 | 516 | ##### `tos_cohort` 517 | 518 | Data type: `Variant[Boolean, Integer[0,1]]` 519 | 520 | Specifies the cohort tos option. Valid options: 0 or 1. Default value: 0. 521 | 522 | ##### `tinker` 523 | 524 | Data type: `Optional[Boolean]` 525 | 526 | Whether to enable tinker options. Default value: false. 527 | 528 | ##### `udlc` 529 | 530 | Data type: `Boolean` 531 | 532 | Specifies whether to configure NTP to use the undisciplined local clock as a time source. Default value: false. 533 | 534 | ##### `udlc_stratum` 535 | 536 | Data type: `Optional[Integer[1,15]]` 537 | 538 | Specifies the stratum the server should operate at when using the undisciplined local clock as the time source. 539 | This value should be set to no less than 10 if ntpd might be accessible outside your immediate, controlled network. 540 | Default value: 10.am udlc 541 | 542 | ##### `user` 543 | 544 | Data type: `Optional[String]` 545 | 546 | Specifies user to run ntpd daemon. Default value: ntp. 547 | Usually set by default on Centos7 (/etc/systemd/system/multi-user.target.wants/ntpd.service) and 548 | ubuntu 18.04 (/usr/lib/ntp/ntp-systemd-wrapper) 549 | This is currently restricted to Redhat based systems of version 7 and above and Ubuntu 18.04. 550 | 551 | ## Data types 552 | 553 | ### `Ntp::Key_id` 554 | 555 | See http://doc.ntp.org/4.2.6/authopt.html#controlkey for documentation 556 | Alternatively: type Ntp::Key_id = Variant[Integer, Pattern['']] 557 | 558 | Alias of `Integer[1, 65534]` 559 | 560 | ### `Ntp::Poll_interval` 561 | 562 | See https://doc.ntp.org/documentation/4.2.6-series/confopt/#command-options for documentation 563 | Alternatively: type Ntp::Poll_interval = Variant[Integer, Pattern['']] 564 | 565 | Alias of `Integer[3, 17]` 566 | 567 | ## Plans 568 | 569 | ### `ntp::acceptance::pe_agent` 570 | 571 | Install PE Agent 572 | 573 | #### Examples 574 | 575 | ##### 576 | 577 | ```puppet 578 | ntp::acceptance::pe_agent 579 | ``` 580 | 581 | ### `ntp::acceptance::pe_server` 582 | 583 | Install PE Server 584 | 585 | #### Examples 586 | 587 | ##### 588 | 589 | ```puppet 590 | ntp::acceptance::pe_server 591 | ``` 592 | 593 | #### Parameters 594 | 595 | The following parameters are available in the `ntp::acceptance::pe_server` plan: 596 | 597 | * [`version`](#-ntp--acceptance--pe_server--version) 598 | * [`pe_settings`](#-ntp--acceptance--pe_server--pe_settings) 599 | 600 | ##### `version` 601 | 602 | Data type: `Optional[String]` 603 | 604 | 605 | 606 | Default value: `'2021.7.9'` 607 | 608 | ##### `pe_settings` 609 | 610 | Data type: `Optional[Hash]` 611 | 612 | 613 | 614 | Default value: `{ password => 'puppetlabs' }` 615 | 616 | ### `ntp::acceptance::provision_integration` 617 | 618 | Provisions machines for integration testing 619 | 620 | #### Examples 621 | 622 | ##### 623 | 624 | ```puppet 625 | ntp::acceptance::provision_integration 626 | ``` 627 | 628 | #### Parameters 629 | 630 | The following parameters are available in the `ntp::acceptance::provision_integration` plan: 631 | 632 | * [`image`](#-ntp--acceptance--provision_integration--image) 633 | * [`provision_type`](#-ntp--acceptance--provision_integration--provision_type) 634 | 635 | ##### `image` 636 | 637 | Data type: `Optional[String]` 638 | 639 | 640 | 641 | Default value: `'centos-7'` 642 | 643 | ##### `provision_type` 644 | 645 | Data type: `Optional[String]` 646 | 647 | 648 | 649 | Default value: `'provision_service'` 650 | 651 | -------------------------------------------------------------------------------- /spec/classes/ntp_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require 'spec_helper' 4 | 5 | on_supported_os.each do |os, f| 6 | describe 'ntp' do 7 | let(:facts) { { is_virtual: false } } 8 | 9 | let(:conf_path) do 10 | if os.include?('solaris') 11 | '/etc/inet/ntp.conf' 12 | elsif f[:os]['name'] == 'Debian' && f[:os]['release']['major'].to_f >= 12 13 | '/etc/ntpsec/ntp.conf' 14 | elsif f[:os]['name'] == 'Ubuntu' && f[:os]['release']['major'].to_f >= 24.04 15 | '/etc/ntpsec/ntp.conf' 16 | else 17 | '/etc/ntp.conf' 18 | end 19 | end 20 | 21 | context "when on #{os}" do 22 | let(:facts) do 23 | f.merge(super()) 24 | end 25 | 26 | it { is_expected.to compile.with_all_deps } 27 | 28 | it { is_expected.to contain_class('ntp::install') } 29 | it { is_expected.to contain_class('ntp::config') } 30 | it { is_expected.to contain_class('ntp::service') } 31 | 32 | describe 'ntp::config' do 33 | it { is_expected.to contain_file(conf_path).with_owner('0') } 34 | it { is_expected.to contain_file(conf_path).with_group('0') } 35 | it { is_expected.to contain_file(conf_path).with_mode('0644') } 36 | 37 | if f[:os]['family'] == 'RedHat' 38 | it { is_expected.to contain_file('/etc/ntp/step-tickers').with_owner('0') } 39 | it { is_expected.to contain_file('/etc/ntp/step-tickers').with_group('0') } 40 | it { is_expected.to contain_file('/etc/ntp/step-tickers').with_mode('0644') } 41 | end 42 | 43 | it { is_expected.to contain_file('/var/run/ntp/servers-netconfig').with_ensure_absent } if f[:os]['family'] == 'Suse' && f[:os]['release']['major'] == '12' 44 | 45 | describe 'allows template to be overridden with epp template' do 46 | let(:params) { { config_epp: 'my_ntp/ntp.conf.epp' } } 47 | 48 | it { is_expected.to contain_file(conf_path).with_content(%r{eppserver1}) } 49 | end 50 | 51 | describe 'broadcastclient' do 52 | context 'when set to true' do 53 | let(:params) do 54 | { 55 | broadcastclient: true 56 | } 57 | end 58 | 59 | it 'contains broadcastclient setting' do 60 | expect(subject).to contain_file(conf_path).with('content' => %r{^broadcastclient\n}) 61 | end 62 | end 63 | 64 | context 'when set to false' do 65 | let(:params) do 66 | { 67 | broadcastclient: false 68 | } 69 | end 70 | 71 | it 'does not contain broadcastclient setting' do 72 | expect(subject).not_to contain_file(conf_path).with('content' => %r{^broadcastclient\n}) 73 | end 74 | end 75 | end 76 | 77 | describe 'burst' do 78 | context 'when set to true' do 79 | let(:params) do 80 | { 81 | burst: true 82 | } 83 | end 84 | 85 | it do 86 | expect(subject).to contain_file(conf_path).with('content' => %r{ burst\n}) 87 | end 88 | end 89 | 90 | context 'when set to false' do 91 | let(:params) do 92 | { 93 | burst: false 94 | } 95 | end 96 | 97 | it do 98 | expect(subject).not_to contain_file(conf_path).with('content' => %r{ burst\n}) 99 | end 100 | end 101 | end 102 | 103 | context 'with config_dir' do 104 | context 'when set to custom dir' do 105 | let(:params) do 106 | { 107 | keys_enable: true, 108 | config_dir: '/tmp/foo', 109 | keys_file: '/tmp/foo/ntp.keys' 110 | } 111 | end 112 | 113 | it 'contains custom config directory' do 114 | expect(subject).to contain_file('/tmp/foo').with( 115 | 'ensure' => 'directory', 'owner' => '0', 'group' => '0', 'mode' => '0775', 'recurse' => 'false', 116 | ) 117 | end 118 | end 119 | end 120 | 121 | context 'with config_file_mode' do 122 | context 'when set to custom mode' do 123 | let(:params) do 124 | { 125 | config_file_mode: '0777' 126 | } 127 | end 128 | 129 | it 'contains file mode of 0777' do 130 | expect(subject).to contain_file(conf_path).with_mode('0777') 131 | end 132 | end 133 | end 134 | 135 | context 'with default pool servers' do 136 | case f[:os]['family'] 137 | when 'RedHat' 138 | it 'uses the centos ntp servers' do 139 | expect(subject).to contain_file(conf_path).with('content' => %r{server \d.centos.pool.ntp.org}) 140 | end 141 | 142 | it do 143 | expect(subject).to contain_file('/etc/ntp/step-tickers').with('content' => %r{\d.centos.pool.ntp.org}) 144 | end 145 | when 'Debian' 146 | it 'uses the debian ntp servers' do 147 | expect(subject).to contain_file(conf_path).with('content' => %r{server \d.debian.pool.ntp.org iburst\n}) 148 | end 149 | when 'Suse' 150 | it 'uses the opensuse ntp servers' do 151 | expect(subject).to contain_file(conf_path).with('content' => %r{server \d.opensuse.pool.ntp.org}) 152 | end 153 | when 'FreeBSD' 154 | it 'uses the freebsd ntp servers' do 155 | expect(subject).to contain_file(conf_path).with('content' => %r{server \d.freebsd.pool.ntp.org iburst maxpoll 9}) 156 | end 157 | when 'Solaris' 158 | it 'uses the generic NTP pool servers' do 159 | expect(subject).to contain_file('/etc/inet/ntp.conf').with('content' => %r{server \d.pool.ntp.org}) 160 | end 161 | when 'AIX' 162 | it 'uses the generic NTP pool servers on AIX' do 163 | expect(subject).to contain_file(conf_path).with('content' => %r{server \d.pool.ntp.org}) 164 | end 165 | else 166 | it { 167 | expect { catalogue }.to raise_error( 168 | %r{The ntp module is not supported on an unsupported based system.}, 169 | ) 170 | } 171 | end 172 | end 173 | 174 | describe 'disable_auth' do 175 | context 'when set to true' do 176 | let(:params) do 177 | { 178 | disable_auth: true 179 | } 180 | end 181 | 182 | it 'contains disable auth setting' do 183 | expect(subject).to contain_file(conf_path).with('content' => %r{^disable auth\n}) 184 | end 185 | end 186 | 187 | context 'when set to false' do 188 | let(:params) do 189 | { 190 | disable_auth: false 191 | } 192 | end 193 | 194 | it 'does not contain disable auth setting' do 195 | expect(subject).not_to contain_file(conf_path).with('content' => %r{^disable auth\n}) 196 | end 197 | end 198 | end 199 | 200 | describe 'disable_dhclient' do 201 | context 'when set to true' do 202 | let(:params) do 203 | { 204 | disable_dhclient: true 205 | } 206 | end 207 | 208 | it 'contains disable ntp-servers setting' do 209 | expect(subject).to contain_augeas('disable ntp-servers in dhclient.conf') 210 | end 211 | 212 | it 'contains dhcp file' do 213 | expect(subject).to contain_file('/var/lib/ntp/ntp.conf.dhcp').with_ensure('absent') 214 | end 215 | 216 | it 'contains ntp.sh file' do 217 | expect(subject).to contain_file('/etc/dhcp/dhclient.d/ntp.sh').with_ensure('absent') 218 | end 219 | end 220 | 221 | context 'when set to false' do 222 | let(:params) do 223 | { 224 | disable_dhclient: false 225 | } 226 | end 227 | 228 | it 'does not contain disable ntp-servers setting' do 229 | expect(subject).not_to contain_augeas('disable ntp-servers in dhclient.conf') 230 | end 231 | 232 | it 'does not contain dhcp file' do 233 | expect(subject).not_to contain_file('/var/lib/ntp/ntp.conf.dhcp').with_ensure('absent') 234 | end 235 | end 236 | end 237 | 238 | describe 'disable_kernel' do 239 | context 'when set to true' do 240 | let(:params) do 241 | { 242 | disable_kernel: true 243 | } 244 | end 245 | 246 | it 'contains disable kernel setting' do 247 | expect(subject).to contain_file(conf_path).with('content' => %r{^disable kernel\n}) 248 | end 249 | end 250 | 251 | context 'when set to false' do 252 | let(:params) do 253 | { 254 | disable_kernel: false 255 | } 256 | end 257 | 258 | it 'does not contain disable kernel setting' do 259 | expect(subject).not_to contain_file(conf_path).with('content' => %r{^disable kernel\n}) 260 | end 261 | end 262 | end 263 | 264 | describe 'disable_monitor' do 265 | context 'when default' do 266 | let(:params) do 267 | {} 268 | end 269 | 270 | it 'contains disable monitor setting' do 271 | expect(subject).to contain_file(conf_path).with('content' => %r{^disable monitor\n}) 272 | end 273 | end 274 | 275 | context 'when set to true' do 276 | let(:params) do 277 | { 278 | disable_monitor: true 279 | } 280 | end 281 | 282 | it 'contains disable monitor setting' do 283 | expect(subject).to contain_file(conf_path).with('content' => %r{^disable monitor\n}) 284 | end 285 | end 286 | 287 | context 'when set to false' do 288 | let(:params) do 289 | { 290 | disable_monitor: false 291 | } 292 | end 293 | 294 | it 'does not contain disable monitor setting' do 295 | expect(subject).not_to contain_file(conf_path).with('content' => %r{^disable monitor\n}) 296 | end 297 | end 298 | end 299 | 300 | describe 'driftfile' do 301 | context 'when not set' do 302 | it 'contains default driftfile' do 303 | expect(subject).to contain_file(conf_path).with('content' => %r{^driftfile}) 304 | end 305 | end 306 | 307 | context 'when set' do 308 | let(:params) do 309 | { 310 | driftfile: '/tmp/driftfile' 311 | } 312 | end 313 | 314 | it 'contains driftfile value' do 315 | expect(subject).to contain_file(conf_path).with('content' => %r{^driftfile /tmp/driftfile\n}) 316 | end 317 | end 318 | end 319 | 320 | describe 'enable_mode7' do 321 | context 'when default' do 322 | let(:params) do 323 | {} 324 | end 325 | 326 | it 'does not contain enable mode7 setting' do 327 | expect(subject).not_to contain_file(conf_path).with('content' => %r{^enable mode7\n}) 328 | end 329 | end 330 | 331 | context 'when set to true' do 332 | let(:params) do 333 | { 334 | enable_mode7: true 335 | } 336 | end 337 | 338 | it 'contains enable mode7 setting' do 339 | expect(subject).to contain_file(conf_path).with('content' => %r{^enable mode7\n}) 340 | end 341 | end 342 | 343 | context 'when set to false' do 344 | let(:params) do 345 | { 346 | enable_mode7: false 347 | } 348 | end 349 | 350 | it 'does not contain enable mode7 setting' do 351 | expect(subject).not_to contain_file(conf_path).with('content' => %r{^enable mode7\n}) 352 | end 353 | end 354 | end 355 | 356 | describe 'interfaces' do 357 | context 'when set' do 358 | let(:params) do 359 | { 360 | servers: ['a', 'b', 'c', 'd'], 361 | interfaces: ['127.0.0.1', 'a.b.c.d'] 362 | } 363 | end 364 | 365 | it { 366 | expect(subject).to contain_file(conf_path).with('content' => %r{interface ignore wildcard\ninterface listen 127.0.0.1\ninterface listen a.b.c.d}) 367 | } 368 | end 369 | 370 | context 'when not set' do 371 | let(:params) do 372 | { 373 | servers: ['a', 'b', 'c', 'd'] 374 | } 375 | end 376 | 377 | it { 378 | expect(subject).not_to contain_file(conf_path).with('content' => %r{interface ignore wildcard}) 379 | } 380 | end 381 | end 382 | 383 | describe 'interfaces_ignore' do 384 | context 'when set' do 385 | let(:params) do 386 | { 387 | interfaces: ['a.b.c.d'], 388 | interfaces_ignore: ['wildcard', 'ipv6'] 389 | } 390 | end 391 | 392 | it { 393 | expect(subject).to contain_file(conf_path).with('content' => %r{interface ignore wildcard\ninterface ignore ipv6\ninterface listen a.b.c.d}) 394 | } 395 | end 396 | 397 | context 'when not set' do 398 | let(:params) do 399 | { 400 | interfaces: ['127.0.0.1'], 401 | servers: ['a', 'b', 'c', 'd'] 402 | } 403 | end 404 | 405 | it { 406 | expect(subject).to contain_file(conf_path).with('content' => %r{interface ignore wildcard\ninterface listen 127.0.0.1}) 407 | } 408 | end 409 | end 410 | 411 | describe 'keys' do 412 | context 'when enabled' do 413 | let(:params) do 414 | { 415 | keys_enable: true, 416 | keys_trusted: [1, 2, 3], 417 | keys_controlkey: 2, 418 | keys_requestkey: 3, 419 | keys: ['1 M AAAABBBB'] 420 | } 421 | end 422 | 423 | let(:keys_file) do 424 | if os.match?(%r{redhat|centos|oracle|scientific}) 425 | '/etc/ntp/keys' 426 | elsif os.include?('solaris') 427 | '/etc/inet/ntp.keys' 428 | else 429 | '/etc/ntp.keys' 430 | end 431 | end 432 | 433 | it { 434 | expect(subject).to contain_file(conf_path).with('content' => %r{trustedkey 1 2 3}) 435 | } 436 | 437 | it { 438 | expect(subject).to contain_file(conf_path).with('content' => %r{controlkey 2}) 439 | } 440 | 441 | it { 442 | expect(subject).to contain_file(conf_path).with('content' => %r{requestkey 3}) 443 | } 444 | 445 | it { 446 | expect(subject).to contain_file(keys_file).with('content' => %r{1 M AAAABBBB}) 447 | } 448 | end 449 | end 450 | 451 | context 'when disabled' do 452 | let(:params) do 453 | { 454 | keys_enable: false, 455 | keys_trusted: [1, 2, 3], 456 | keys_controlkey: 2, 457 | keys_requestkey: 3 458 | } 459 | end 460 | 461 | it { 462 | expect(subject).not_to contain_file(conf_path).with('content' => %r{trustedkey 1 2 3}) 463 | } 464 | 465 | it { 466 | expect(subject).not_to contain_file(conf_path).with('content' => %r{controlkey 2}) 467 | } 468 | 469 | it { 470 | expect(subject).not_to contain_file(conf_path).with('content' => %r{requestkey 3}) 471 | } 472 | end 473 | 474 | describe 'noselect servers' do 475 | context 'when set' do 476 | let(:params) do 477 | { 478 | servers: ['a', 'b', 'c', 'd'], 479 | noselect_servers: ['a', 'b'], 480 | iburst_enable: false 481 | } 482 | end 483 | 484 | it { 485 | expect(subject).to contain_file(conf_path).with('content' => %r{server a (maxpoll 9 )?noselect\nserver b (maxpoll 9 )?noselect\nserver c( maxpoll 9)?\nserver d( maxpoll 9)?}) 486 | } 487 | end 488 | 489 | context 'when not set' do 490 | let(:params) do 491 | { 492 | servers: ['a', 'b', 'c', 'd'], 493 | noselect_servers: [] 494 | } 495 | end 496 | 497 | it { 498 | expect(subject).not_to contain_file(conf_path).with('content' => %r{server a noselect}) 499 | } 500 | end 501 | end 502 | 503 | describe 'preferred servers' do 504 | context 'when set' do 505 | let(:params) do 506 | { 507 | servers: ['a', 'b', 'c', 'd'], 508 | preferred_servers: ['a', 'b'], 509 | iburst_enable: false 510 | } 511 | end 512 | 513 | it { 514 | expect(subject).to contain_file(conf_path).with('content' => %r{server a prefer( maxpoll 9)?\nserver b prefer( maxpoll 9)?\nserver c( maxpoll 9)?\nserver d( maxpoll 9)?}) 515 | } 516 | end 517 | 518 | context 'when not set' do 519 | let(:params) do 520 | { 521 | servers: ['a', 'b', 'c', 'd'], 522 | preferred_servers: [] 523 | } 524 | end 525 | 526 | it { 527 | expect(subject).not_to contain_file(conf_path).with('content' => %r{server a prefer}) 528 | } 529 | end 530 | end 531 | 532 | describe 'restrict' do 533 | context 'when not set' do 534 | it 'does not contain restrict value' do 535 | expect(subject).to contain_file(conf_path).without_content(%r{^restrict test restrict}) 536 | end 537 | end 538 | 539 | context 'when set' do 540 | let(:params) do 541 | { 542 | restrict: ['test restrict'] 543 | } 544 | end 545 | 546 | it 'contains restrict value' do 547 | expect(subject).to contain_file(conf_path).with_content(%r{^restrict test restrict}) 548 | end 549 | end 550 | end 551 | 552 | describe 'slewalways' do 553 | context 'when absent' do 554 | if f[:kernel] == 'AIX' 555 | it 'on AIX does contain "slewalways no"' do 556 | expect(subject).to contain_file(conf_path).with_content(%r{^slewalways no}) 557 | end 558 | else 559 | it 'on non-AIX does not contain a slewalways' do 560 | expect(subject).to contain_file(conf_path).without_content(%r{^slewalways}) 561 | end 562 | end 563 | end 564 | 565 | context 'when "no"' do 566 | let(:params) do 567 | { 568 | slewalways: 'no' 569 | } 570 | end 571 | 572 | it 'does contain "slewalways no"' do 573 | expect(subject).to contain_file(conf_path).with_content(%r{^slewalways no}) 574 | end 575 | end 576 | 577 | context 'when "yes"' do 578 | let(:params) do 579 | { 580 | slewalways: 'yes' 581 | } 582 | end 583 | 584 | it 'does contain "slewalways yes"' do 585 | expect(subject).to contain_file(conf_path).with_content(%r{^slewalways yes}) 586 | end 587 | end 588 | end 589 | 590 | describe 'statistics' do 591 | context 'when not set' do 592 | it 'does not contain statistics' do 593 | expect(subject).to contain_file(conf_path).without_content(%r{^filegen loopstats file loopstats type day enable}) 594 | end 595 | end 596 | 597 | context 'when set' do 598 | let(:params) do 599 | { 600 | statistics: ['loopstats'], 601 | disable_monitor: false 602 | } 603 | end 604 | 605 | it 'contains statistics value' do 606 | expect(subject).to contain_file(conf_path).with_content(%r{^filegen loopstats file loopstats type day enable}) 607 | expect(subject).to contain_file(conf_path).with_content(%r{^statsdir /var/log/ntpstats}) 608 | end 609 | end 610 | end 611 | 612 | describe 'udlc' do 613 | context 'when not set' do 614 | it 'does not contain udlc' do 615 | expect(subject).to contain_file(conf_path).without_content(%r{127.127.1.0}) 616 | end 617 | end 618 | 619 | context 'when set' do 620 | let(:params) do 621 | { 622 | udlc: true 623 | } 624 | end 625 | 626 | it 'contains udlc value' do 627 | expect(subject).to contain_file(conf_path).with_content(%r{127.127.1.0}) 628 | end 629 | end 630 | end 631 | 632 | describe 'udlc_stratum' do 633 | context 'when not set' do 634 | it 'does not contain udlc_stratum' do 635 | expect(subject).to contain_file(conf_path).without_content(%r{stratum 10}) 636 | end 637 | end 638 | 639 | context 'when set' do 640 | let(:params) do 641 | { 642 | udlc: true, 643 | udlc_stratum: 10 644 | } 645 | end 646 | 647 | it 'contains udlc_stratum value' do 648 | expect(subject).to contain_file(conf_path).with_content(%r{stratum 10}) 649 | end 650 | end 651 | end 652 | end 653 | 654 | describe 'ntp::install' do 655 | let(:params) { { package_ensure: 'present', package_name: ['ntp'], package_manage: true } } 656 | 657 | it { 658 | expect(subject).to contain_package('ntp').with( 659 | ensure: 'present', 660 | ) 661 | } 662 | 663 | describe 'should allow package ensure to be overridden' do 664 | let(:params) { { package_ensure: 'latest', package_name: ['ntp'], package_manage: true } } 665 | 666 | it { is_expected.to contain_package('ntp').with_ensure('latest') } 667 | end 668 | 669 | describe 'should allow the package name to be overridden' do 670 | let(:params) { { package_ensure: 'present', package_name: ['hambaby'], package_manage: true } } 671 | 672 | it { is_expected.to contain_package('hambaby') } 673 | end 674 | 675 | describe 'should allow the package to be unmanaged' do 676 | let(:params) { { package_manage: false, package_name: ['ntp'] } } 677 | 678 | it { is_expected.not_to contain_package('ntp') } 679 | end 680 | end 681 | 682 | describe 'ntp::service' do 683 | let(:params) do 684 | { 685 | service_manage: true, 686 | service_enable: true, 687 | service_ensure: 'running', 688 | service_name: 'ntp' 689 | } 690 | end 691 | 692 | describe 'with defaults' do 693 | it { 694 | expect(subject).to contain_service('ntp').with( 695 | enable: true, ensure: 'running', name: 'ntp', 696 | hasstatus: true, hasrestart: true 697 | ) 698 | } 699 | end 700 | 701 | describe 'authprov' do 702 | context 'when set to true' do 703 | let(:params) do 704 | { 705 | servers: ['a', 'b', 'c', 'd'], 706 | authprov: '/opt/novell/xad/lib64/libw32time.so 131072:4294967295 global' 707 | } 708 | end 709 | 710 | it 'contains authprov setting' do 711 | expect(subject).to contain_file(conf_path).with('content' => %r{^authprov /opt/novell/xad/lib64/libw32time.so 131072:4294967295 global\n}) 712 | end 713 | end 714 | 715 | context 'when set to false' do 716 | let(:params) do 717 | { 718 | servers: ['a', 'b', 'c', 'd'] 719 | } 720 | end 721 | 722 | it 'does not contain a authprov line' do 723 | expect(subject).not_to contain_file(conf_path).with('content' => %r{authprov }) 724 | end 725 | end 726 | end 727 | 728 | describe 'for physical machines' do 729 | let :facts do 730 | super().merge(is_virtual: false) 731 | end 732 | 733 | it 'disallows large clock skews' do 734 | expect(subject).not_to contain_file(conf_path).with('content' => %r{tinker panic 0}) 735 | end 736 | end 737 | 738 | describe 'for virtual machines' do 739 | let :facts do 740 | super().merge(is_virtual: true) 741 | end 742 | 743 | it 'does not use local clock as a time source' do 744 | expect(subject).not_to contain_file(conf_path).with('content' => %r{server.*127.127.1.0.*fudge.*127.127.1.0 stratum 10}) 745 | end 746 | 747 | it 'allows large clock skews' do 748 | expect(subject).to contain_file(conf_path).with('content' => %r{tinker panic 0}) 749 | end 750 | end 751 | 752 | describe 'iburst_enable' do 753 | context 'when set to true' do 754 | let(:params) do 755 | { 756 | iburst_enable: true 757 | } 758 | end 759 | 760 | it do 761 | expect(subject).to contain_file(conf_path).with('content' => %r{iburst}) 762 | end 763 | end 764 | 765 | context 'when set to false' do 766 | let(:params) do 767 | { 768 | iburst_enable: false 769 | } 770 | end 771 | 772 | it do 773 | expect(subject).not_to contain_file(conf_path).with('content' => %r{iburst\n}) 774 | end 775 | end 776 | end 777 | 778 | describe 'leapfile' do 779 | context 'when set to true' do 780 | let(:params) do 781 | { 782 | servers: ['a', 'b', 'c', 'd'], 783 | leapfile: '/etc/leap-seconds.3629404800' 784 | } 785 | end 786 | 787 | it 'contains leapfile setting' do 788 | expect(subject).to contain_file(conf_path).with('content' => %r{^leapfile /etc/leap-seconds\.3629404800\n}) 789 | end 790 | end 791 | 792 | context 'when set to false' do 793 | let(:params) do 794 | { 795 | servers: ['a', 'b', 'c', 'd'] 796 | } 797 | end 798 | 799 | it 'does not contain a leapfile line' do 800 | expect(subject).not_to contain_file(conf_path).with('content' => %r{leapfile }) 801 | end 802 | end 803 | end 804 | 805 | describe 'logfile' do 806 | context 'when set to true' do 807 | let(:params) do 808 | { 809 | servers: ['a', 'b', 'c', 'd'], 810 | logfile: '/var/log/foobar.log' 811 | } 812 | end 813 | 814 | it 'contains logfile setting' do 815 | expect(subject).to contain_file(conf_path).with('content' => %r{^logfile /var/log/foobar\.log\n}) 816 | end 817 | end 818 | 819 | context 'when set to false' do 820 | let(:params) do 821 | { 822 | servers: ['a', 'b', 'c', 'd'] 823 | } 824 | end 825 | 826 | it 'does not contain a logfile line' do 827 | expect(subject).not_to contain_file(conf_path).with('content' => %r{logfile }) 828 | end 829 | end 830 | end 831 | 832 | describe 'logconfig' do 833 | context 'when set to true' do 834 | let(:params) do 835 | { 836 | servers: ['a', 'b', 'c', 'd'], 837 | logconfig: '=syncall +peerinfo' 838 | } 839 | end 840 | 841 | it 'contains logconfig setting' do 842 | expect(subject).to contain_file(conf_path).with('content' => %r{^logconfig =syncall \+peerinfo\n}) 843 | end 844 | end 845 | 846 | context 'when set to false' do 847 | let(:params) do 848 | { 849 | servers: ['a', 'b', 'c', 'd'] 850 | } 851 | end 852 | 853 | it 'does not contain a logconfig line' do 854 | expect(subject).not_to contain_file(conf_path).with('content' => %r{logconfig }) 855 | end 856 | end 857 | end 858 | 859 | describe 'minpoll and maxpoll' do 860 | context 'when minpoll changed from default' do 861 | let(:params) do 862 | { 863 | minpoll: 6 864 | } 865 | end 866 | 867 | it do 868 | expect(subject).to contain_file(conf_path).with('content' => %r{minpoll 6}) 869 | end 870 | end 871 | 872 | context 'when maxpoll changed from default' do 873 | let(:params) do 874 | { 875 | maxpoll: 12 876 | } 877 | end 878 | 879 | it do 880 | expect(subject).to contain_file(conf_path).with('content' => %r{maxpoll 12\n}) 881 | end 882 | end 883 | 884 | context 'when minpoll and maxpoll changed from default simultaneously' do 885 | let(:params) do 886 | { 887 | minpoll: 6, 888 | maxpoll: 12 889 | } 890 | end 891 | 892 | it do 893 | expect(subject).to contain_file(conf_path).with('content' => %r{minpoll 6 maxpoll 12\n}) 894 | end 895 | end 896 | end 897 | 898 | describe 'ntpsigndsocket' do 899 | context 'when set to true' do 900 | let(:params) do 901 | { 902 | servers: ['a', 'b', 'c', 'd'], 903 | ntpsigndsocket: '/usr/local/samba/var/lib/ntp_signd' 904 | } 905 | end 906 | 907 | it 'contains ntpsigndsocket setting' do 908 | expect(subject).to contain_file(conf_path).with('content' => %r{^ntpsigndsocket /usr/local/samba/var/lib/ntp_signd\n}) 909 | end 910 | end 911 | 912 | context 'when set to false' do 913 | let(:params) do 914 | { 915 | servers: ['a', 'b', 'c', 'd'] 916 | } 917 | end 918 | 919 | it 'does not contain a ntpsigndsocket line' do 920 | expect(subject).not_to contain_file(conf_path).with('content' => %r{ntpsigndsocket }) 921 | end 922 | end 923 | end 924 | 925 | describe 'peers' do 926 | context 'when empty' do 927 | let(:params) do 928 | { 929 | peers: [] 930 | } 931 | end 932 | 933 | it 'does not contain a peer line' do 934 | expect(subject).to contain_file(conf_path).without_content(%r{^peer}) 935 | end 936 | end 937 | 938 | context 'when set' do 939 | let(:params) do 940 | { 941 | peers: ['foo', 'bar'] 942 | } 943 | end 944 | 945 | it 'contains the peer lines - expectation one' do 946 | expect(subject).to contain_file(conf_path).with_content(%r{peer foo}) 947 | end 948 | 949 | it 'contains the peer lines - expectation two' do 950 | expect(subject).to contain_file(conf_path).with_content(%r{peer bar}) 951 | end 952 | end 953 | end 954 | 955 | describe 'pool' do 956 | context 'when empty' do 957 | let(:params) do 958 | { 959 | pool: [] 960 | } 961 | end 962 | 963 | it 'does not contain a pool line' do 964 | expect(subject).to contain_file(conf_path).without_content(%r{^pool}) 965 | end 966 | end 967 | 968 | context 'when set' do 969 | let(:params) do 970 | { 971 | pool: ['foo', 'bar'] 972 | } 973 | end 974 | 975 | it 'contains the pool lines - expectation one' do 976 | expect(subject).to contain_file(conf_path).with_content(%r{pool foo}) 977 | end 978 | 979 | it 'contains the pool lines - expectation two' do 980 | expect(subject).to contain_file(conf_path).with_content(%r{pool bar}) 981 | end 982 | end 983 | end 984 | 985 | describe 'service_ensure' do 986 | describe 'when overridden' do 987 | let(:params) { { service_name: 'ntp', service_ensure: 'stopped' } } 988 | 989 | it { is_expected.to contain_service('ntp').with_ensure('stopped') } 990 | end 991 | end 992 | 993 | describe 'service_hasstatus' do 994 | describe 'when overridden' do 995 | let(:params) { { service_name: 'ntp', service_hasstatus: false } } 996 | 997 | it { is_expected.to contain_service('ntp').with_hasstatus(false) } 998 | end 999 | end 1000 | 1001 | describe 'service_hasrestart' do 1002 | describe 'when overridden' do 1003 | let(:params) { { service_name: 'ntp', service_hasrestart: false } } 1004 | 1005 | it { is_expected.to contain_service('ntp').with_hasrestart(false) } 1006 | end 1007 | end 1008 | 1009 | describe 'service_manage' do 1010 | let(:params) do 1011 | { 1012 | service_manage: false, 1013 | service_enable: true, 1014 | service_ensure: 'running', 1015 | service_name: 'ntpd' 1016 | } 1017 | end 1018 | 1019 | it 'when set to false' do 1020 | expect(subject).not_to contain_service('ntp').with('enable' => true, 1021 | 'ensure' => 'running', 1022 | 'name' => 'ntpd') 1023 | end 1024 | end 1025 | 1026 | describe 'tinker' do 1027 | describe 'when set to false' do 1028 | context 'when panic or stepout not overriden' do 1029 | let(:params) do 1030 | { 1031 | tinker: false 1032 | } 1033 | end 1034 | 1035 | it do 1036 | expect(subject).not_to contain_file(conf_path).with('content' => %r{^tinker }) 1037 | end 1038 | end 1039 | 1040 | context 'when panic overriden' do 1041 | let(:params) do 1042 | { 1043 | tinker: false, 1044 | panic: 257 1045 | } 1046 | end 1047 | 1048 | it do 1049 | expect(subject).not_to contain_file(conf_path).with('content' => %r{^tinker }) 1050 | end 1051 | end 1052 | 1053 | context 'when stepout overriden' do 1054 | let(:params) do 1055 | { 1056 | tinker: false, 1057 | stepout: 5 1058 | } 1059 | end 1060 | 1061 | it do 1062 | expect(subject).not_to contain_file(conf_path).with('content' => %r{^tinker }) 1063 | end 1064 | end 1065 | 1066 | context 'when panic and stepout overriden' do 1067 | let(:params) do 1068 | { 1069 | tinker: false, 1070 | panic: 257, 1071 | stepout: 5 1072 | } 1073 | end 1074 | 1075 | it do 1076 | expect(subject).not_to contain_file(conf_path).with('content' => %r{^tinker }) 1077 | end 1078 | end 1079 | end 1080 | 1081 | describe 'when set to true' do 1082 | context 'when only tinker set to true' do 1083 | let(:params) do 1084 | { 1085 | tinker: true 1086 | } 1087 | end 1088 | 1089 | it do 1090 | expect(subject).not_to contain_file(conf_path).with('content' => %r{^tinker }) 1091 | end 1092 | end 1093 | 1094 | context 'when panic changed' do 1095 | let(:params) do 1096 | { 1097 | tinker: true, 1098 | panic: 257 1099 | } 1100 | end 1101 | 1102 | it do 1103 | expect(subject).to contain_file(conf_path).with('content' => %r{^tinker panic 257\n}) 1104 | end 1105 | end 1106 | 1107 | context 'when stepout changed' do 1108 | let(:params) do 1109 | { 1110 | tinker: true, 1111 | stepout: 5 1112 | } 1113 | end 1114 | 1115 | it do 1116 | expect(subject).to contain_file(conf_path).with('content' => %r{^tinker stepout 5\n}) 1117 | end 1118 | end 1119 | 1120 | context 'when panic and stepout changed' do 1121 | let(:params) do 1122 | { 1123 | tinker: true, 1124 | panic: 257, 1125 | stepout: 5 1126 | } 1127 | end 1128 | 1129 | it do 1130 | expect(subject).to contain_file(conf_path).with('content' => %r{^tinker panic 257 stepout 5\n}) 1131 | end 1132 | end 1133 | end 1134 | end 1135 | 1136 | describe 'tos' do 1137 | context 'when set to true' do 1138 | let(:params) do 1139 | { 1140 | tos: true 1141 | } 1142 | end 1143 | 1144 | it 'contains tos setting' do 1145 | expect(subject).to contain_file(conf_path).with('content' => %r{^tos}) 1146 | end 1147 | end 1148 | 1149 | context 'when set to false' do 1150 | let(:params) do 1151 | { 1152 | tos: false 1153 | } 1154 | end 1155 | 1156 | it 'does not contain tos setting' do 1157 | expect(subject).not_to contain_file(conf_path).with('content' => %r{^tos}) 1158 | end 1159 | end 1160 | end 1161 | end 1162 | end 1163 | end 1164 | end 1165 | --------------------------------------------------------------------------------