Puppet Class: g_server::services::ntp

Defined in:
manifests/services/ntp.pp

Overview

Parameters:

  • side (G_server::Side) (defaults to: 'none')
  • servers (Array[String]) (defaults to: ['pool.ntp.org']) 


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
 
# File 'manifests/services/ntp.pp', line 1

class g_server::services::ntp(
  G_server::Side $side = 'none',
  Array[String] $servers = ['pool.ntp.org']
){
  include ::g_server

  if defined(Class['g_server::firewall']) {
    g_server::get_interfaces($side).each | $iface | {
      g_firewall { "006 Allow inbound NTP from ${iface}":
        dport   => 123,
        proto   => udp,
        action  => accept,
        iniface => $iface
      }
    }
  }

  $_restrict = $side?{
    'none' => [ # localhost only
      'default kod notrap nomodify nopeer noquery limited',
      '127.0.0.1',
      '[::1]',
      'source notrap nomodify noquery',
    ],
    default => fail("NTP server on ${side} side is not yet supported")
  }

  class { 'ntp':
    servers  => $servers,
    restrict => $_restrict
  }
}