{"id":13781134,"url":"https://github.com/sous-chefs/ntp","last_synced_at":"2025-04-07T12:09:10.800Z","repository":{"id":2725726,"uuid":"3720637","full_name":"sous-chefs/ntp","owner":"sous-chefs","description":"Development repository for the ntp cookbook","archived":false,"fork":false,"pushed_at":"2024-02-14T09:24:30.000Z","size":600,"stargazers_count":68,"open_issues_count":7,"forks_count":147,"subscribers_count":30,"default_branch":"main","last_synced_at":"2024-04-14T11:03:42.007Z","etag":null,"topics":["chef","chef-cookbook","chef-resource","hacktoberfest","managed-by-terraform","ntp"],"latest_commit_sha":null,"homepage":"https://supermarket.chef.io/cookbooks/ntp","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sous-chefs.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null},"funding":{"open_collective":"sous-chefs"}},"created_at":"2012-03-14T18:17:13.000Z","updated_at":"2024-07-15T16:20:28.614Z","dependencies_parsed_at":"2024-02-24T20:42:36.596Z","dependency_job_id":"ef02cc62-fea4-4d12-a4cf-94c59b0390f6","html_url":"https://github.com/sous-chefs/ntp","commit_stats":{"total_commits":517,"total_committers":80,"mean_commits":6.4625,"dds":0.8007736943907157,"last_synced_commit":"4bf9dcc0ffb30f2d5a62f6f85ecb9c91142d4eca"},"previous_names":[],"tags_count":86,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sous-chefs%2Fntp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sous-chefs%2Fntp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sous-chefs%2Fntp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sous-chefs%2Fntp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sous-chefs","download_url":"https://codeload.github.com/sous-chefs/ntp/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247352672,"owners_count":20925309,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["chef","chef-cookbook","chef-resource","hacktoberfest","managed-by-terraform","ntp"],"created_at":"2024-08-03T18:01:23.281Z","updated_at":"2025-04-07T12:09:10.773Z","avatar_url":"https://github.com/sous-chefs.png","language":"Ruby","funding_links":["https://opencollective.com/sous-chefs"],"categories":["Cookbooks"],"sub_categories":["Network/Security"],"readme":"# NTP Cookbook\n\n[![Cookbook Version](https://img.shields.io/cookbook/v/ntp.svg)](https://supermarket.chef.io/cookbooks/ntp)\n[![CI State](https://github.com/sous-chefs/ntp/workflows/ci/badge.svg)](https://github.com/sous-chefs/ntp/actions?query=workflow%3Aci)\n[![OpenCollective](https://opencollective.com/sous-chefs/backers/badge.svg)](#backers)\n[![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors)\n[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0)\n\nInstalls and configures ntp. On Windows systems it uses the Meinberg port of the standard NTPd client to Windows.\n\n## Maintainers\n\nThis cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF).\n\n## Requirements\n\n### Platforms\n\n- Debian-family Linux Distributions\n- RedHat-family Linux Distributions 5-7 (8 does not contain NTP client)\n- Fedora\n- Gentoo Linux\n- FreeBSD\n- Windows 2008 R2+\n- macOS 10.11+\n\n### Chef\n\n- Chef 15.5+\n\n### Cookbooks\n\n- none\n\n## Attributes\n\n### Recommended tunables\n\n- `ntp['servers']` - (applies to NTP Servers and Clients)\n\n  - Array, should be a list of upstream NTP servers that will be considered authoritative by the local NTP daemon. The local NTP daemon will act as a client, adjusting local time to match time data retrieved from the upstream NTP servers.\n\n  The NTP protocol works best with at least 4 servers. The ntp daemon will disregard any server after the 10th listed, but will continue monitoring all listed servers. For more information, see [Upstream Server Time Quantity](http://support.ntp.org/bin/view/Support/SelectingOffsiteNTPServers#Section_5.3.3.) at [support.ntp.org](http://support.ntp.org).\n\n- `ntp['pools']` - (applies to NTP Servers and Clients)\n\n  - Array, should be a list of upstream NTP pools that will be considered authoritative by the local NTP daemon. The local NTP daemon will act as a client, adjusting local time to match time data retrieved from each of the servers in the upstream pool.\n\n  See this [Release Announcement](http://lists.ntp.org/pipermail/questions/2010-April/026304.html) for discussion about tuning this option.\n\n- `ntp['peers']` - (applies to NTP Servers ONLY)\n\n  - Array, should be a list of local NTP peers. For more information, see [Designing Your NTP Network](http://support.ntp.org/bin/view/Support/DesigningYourNTPNetwork) at [support.ntp.org](http://support.ntp.org).\n\n- `ntp['restrictions']` - (applies to NTP Servers only)\n\n  - Array, should be a list of restrict lines to define access to NTP clients on your LAN.\n\n- `ntp['sync_clock']` (applies to NTP Servers and Clients)\n\n  - Boolean. Defaults to false. Forces the ntp daemon to be halted, an ntp -q command to be issued, and the ntp daemon to be restarted again on every Chef-client run. Will have no effect if drift is over 1000 seconds.\n\n- `ntp['sync_hw_clock']` (applies to NTP Servers and Clients)\n\n  - Boolean. Defaults to false. On \\*nix-based systems, forces the 'hwclock --systohc' command to be issued on every Chef-client run. This will sync the hardware clock to the system clock.\n  - Not available on Windows.\n\n- `ntp['restrict_default']`\n\n  - String. Defaults to 'kod notrap nomodify nopeer noquery'. Set to 'ignore' to [further lock down access](http://support.ntp.org/bin/view/Support/AccessRestrictions#Section_6.5.1.1.2.).\n\n- `ntp[\"listen_network\"]` / `ntp[\"listen\"]`\n\n  - String, optional attribute. Default is for NTP to listen on all addresses.\n  - `ntp[\"listen_network\"]` should be set to 'primary' to listen on the node's primary IP address as determined by ohai, or set to a CIDR (eg: '192.168.4.0/24') to listen on the last node address on that CIDR.\n  - `ntp[\"listen\"]` can be set to a specific address (eg: '192.168.4.10') instead of `ntp[\"listen_network\"]` to force listening on a specific address.\n  - If both `ntp[\"listen\"]` and `ntp[\"listen_network\"]` are set then `ntp[\"listen\"]` will always win.\n\n- `ntp[\"ignore\"]`\n\n  - Array, interface names to ignore from listening. Can be used to disable listening wildcard interfaces (eg: ['wildcard', '::1']), can be combined with `ntp[\"listen\"]`\n\n- `ntp[\"statistics\"]`\n\n  - Boolean. Default to true. Enable/disable statistics data logging into `ntp['statsdir']`.\n  - Not available on Windows.\n\n- `ntp['conf_restart_immediate']`\n\n  - Boolean. Defaults to false. Restarts NTP service immediately after a config update if true. Otherwise it is a delayed restart.\n\n- `ntp['peer']['disable_tinker_panic_on_virtualization_guest']` (applies to virtualized hosts only)\n\n  - Boolean. Defaults to true. Sets tinker panic to 0\\. NTP default it 1000\\. (See \u003chttp://www.vmware.com/vmtn/resources/238\u003e p. 23 for explanation on disabling panic) (Note: this overrides `ntp['tinker']['panic']` attribute)\n\n- `ntp['peer']['use_iburst']` (applies to NTP Servers ONLY)\n\n  - Boolean. Defaults to true. Enables iburst in peer declaration.\n\n- `ntp['peer']['use_burst']` (applies to NTP Servers ONLY)\n\n  - Boolean. Defaults to false. Enables burst in peer declaration.\n\n- `ntp['peer']['minpoll']` (applies to NTP Servers ONLY)\n\n  - Boolean. Defaults to 6 (ntp default). Specify the minimum poll intervals for NTP messages, in seconds to the power of two.\n\n- `ntp['peer']['maxpoll']` (applies to NTP Servers ONLY)\n\n  - Boolean. Defaults to 10 (ntp default). Specify the maximum poll intervals for NTP messages, in seconds to the power of two.\n\n- `ntp['server']['prefer']` (applies to NTP Servers and Clients)\n\n  - String. Defaults to emtpy string. The server from `ntp['servers']` to prefer getting the time from.\n\n- `ntp['server']['use_iburst']` (applies to NTP Servers and Clients)\n\n  - Boolean. Defaults to true. Enables iburst in server declaration.\n\n- `ntp['server']['use_burst']` (applies to NTP Servers and Clients)\n\n  - Boolean. Defaults to false. Enables burst in server declaration.\n\n- `ntp['server']['minpoll']` (applies to NTP Servers and Clients)\n\n  - Boolean. Defaults to 6 (ntp default). Specify the minimum poll intervals for NTP messages, in seconds to the power of two.\n\n- `ntp['server']['maxpoll']` (applies to NTP Servers and Clients)\n\n  - Boolean. Defaults to 10 (ntp default). Specify the maximum poll intervals for NTP messages, in seconds to the power of two.\n\n- `ntp['tinker']['allan']`\n\n  - Number. Defaults to 1500 (ntp default). Specifies the Allan intercept, which is a parameter of the PLL/FLL clock discipline algorithm, in seconds.\n\n- `ntp['tinker']['dispersion']`\n\n  - Number. Defaults to 15 (ntp default). Specifies the dispersion increase rate in parts-per-million (PPM).\n\n- `ntp['tinker']['panic']`\n\n  - Number. Defaults to 1000 (ntp default). Specifies the panic threshold in seconds. If set to zero, the panic sanity check is disabled and a clock offset of any value will be accepted.\n\n- `ntp['tinker']['step']`\n\n  - Number. Defaults to 0.128 (ntp default). Specifies the step threshold in seconds. If set to zero, step adjustments will never occur. Note: The kernel time discipline is disabled if the step threshold is set to zero or greater than 0.5 s.\n\n- `ntp['tinker']['stepout']`\n\n  - Number. Defaults to 900 (ntp default). Specifies the stepout threshold in seconds. If set to zero, popcorn spikes will not be suppressed.\n\n- `ntp['localhost']['noquery']` (applies to NTP Servers and Clients)\n\n  - Boolean. Defaults to false. Set to true if using ntp \u003c 4.2.8 or any unpatched ntp version to mitigate CVE-2014-9293 / CVE-2014-9294 / CVE-2014-9295\n\n- ntp['tos']['maxdist']\n\n  - Number. Defaults to 1 (ntp default). Specifies the tos maxdist value in seconds. Where the remote ntp server is a Windows domain controller, this value can be set to 30.\n\n- `ntp['orphan']['enabled']`\n\n  - Boolean, enables orphan mode if set to true\n\n- `ntp['orphan']['stratum']`\n\n  - Number. Defaults to 5, recommended value for stratum is 2 more than the worst-case externally-reachable source of time\n\n- `ntp['dscp']`\n\n  - Number. Default is set to `nil`, This option specifies the Differentiated Services Control Point (DSCP) value, a 6-bit code. The default value is 46, signifying Expedited Forwarding.\n  - This is to support Cisco Application Centric Infrastructure (ACI).\n\n### Automatically Set Attributes\n\nThese attributes are set based on platform / system information provided by Ohai\n\n- `ntp['packages']`\n\n  - Array, the packages to install\n  - Default, ntp for everything, ntpdate depending on platform. Not applicable for Windows nodes.\n\n- `ntp['service']`\n\n  - String, the service to act on\n  - Default, ntp, NTP, or ntpd, depending on platform\n\n- `ntp['varlibdir']`\n\n  - String, the path to /var/lib files such as the driftfile.\n  - Default, platform-specific location. Not applicable for Windows nodes\n\n- `ntp['driftfile']`\n\n  - String, the path to the frequency file.\n  - Default, platform-specific location.\n\n- `ntp['conffile']`\n\n  - String, the path to the ntp configuration file.\n  - Default, platform-specific location.\n\n- `ntp['statsdir']`\n\n  - String, the directory path for files created by the statistics facility.\n  - Default, platform-specific location. Not applicable for Windows nodes\n\n- `ntp['conf_owner'] and ntp['conf_group']`\n\n  - String, the owner and group of the sysconf directory files, such as /etc/ntp.conf.\n  - Default, platform-specific root:root or root:wheel.\n\n- `ntp['var_owner'] and ntp['var_group']`\n\n  - String, the owner and group of the /var/lib directory files, such as /var/lib/ntp.\n  - Default, platform-specific ntp:ntp or root:wheel. Not applicable for Windows nodes\n\n- `['ntp']['leapfile_managed_by_os']`\n  - Boolean. Defaults to false. This uses leapfile provided by the cookbook, when combined with leapfile you can use the leapfile provided by your OS.\n\n- `ntp['leapfile']`\n\n  - String, the path to the ntp leapfile.\n  - Default: `/etc/ntp.leapseconds`\n  - Debian default: `/usr/share/zoneinfo/leap-seconds.list`,\n  - RedHat default: `/usr/share/zoneinfo/leapseconds`\n\n- `ntp['package_url']`\n\n  - String, the URL to the the Meinberg NTPd client installation package.\n  - Default, Meinberg site download URL\n  - Windows platform only\n\n- `ntp['vs_runtime_url']`\n\n  - String, the URL to the the Visual Studio C++ 2008 runtime libraries that are required for the Meinberg NTP client.\n  - Default, Microsoft site download URL\n  - Windows platform only\n\n- `ntp['vs_runtime_productname']`\n\n  - String, the installation name of the Visual Studio C++ Runtimes file.\n  - Default, \"Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022\"\n  - Windows platform only\n\n- `ntp['sync_hw_clock']`\n\n  - Boolean, determines if the ntpdate command is issued to sync the hardware clock\n  - Default, false\n  - Not applicable for Windows nodes\n\n- `ntp['apparmor_enabled']`\n\n  - Boolean, enables configuration of apparmor if set to true\n  - Defaults to false and will make no provisions for apparmor.\n  - If a platform has apparmor enabled (currently Ubuntu) default will become true.\n\n- `ntp['pkg_source']`\n  - _Only applicable to Solaris 10_\n  - String, device/path to Solaris packages.\n  - Defaults to `/var/spool/pkg`\n\n- `ntp['leapfile_from_mirror']`\n  - Using ntp.leapseconds from http resources. Store `true` with `ntp['leapfile_url']` file location\n  - Boolean\n  - Defaults to false\n\n- `ntp['leapfile_url']`\n  - Remote file location of ntp.leapseconds. Use only with `ntp ['leapfile_from_mirror'] = true`\n  - String, URL\n\n## Usage\n\n### default recipe\n\nSet up the ntp attributes in a role. For example in a base.rb role applied to all nodes:\n\n```ruby\nname 'base'\ndescription 'Role applied to all systems'\ndefault_attributes(\n  'ntp' =\u003e {\n    'servers' =\u003e ['time0.int.example.org', 'time1.int.example.org']\n  }\n)\n```\n\nThen in an ntpserver.rb role that is applied to NTP servers (e.g., time.int.example.org):\n\n```ruby\nname 'ntp_server'\ndescription 'Role applied to the system that should be an NTP server.'\ndefault_attributes(\n  'ntp' =\u003e {\n    'servers'      =\u003e ['0.pool.ntp.org', '1.pool.ntp.org'],\n    'peers'        =\u003e ['time0.int.example.org', 'time1.int.example.org'],\n    'restrictions' =\u003e ['10.0.0.0 mask 255.0.0.0 nomodify notrap']\n  }\n)\n```\n\nThe timeX.int.example.org used in these roles should be the names or IP addresses of internal NTP servers. Then simply add ntp, or `ntp::default` to your run_list to apply the ntp daemon's configuration.\n\n### windows_client recipe\n\nWindows only. Apply on a Windows host to install the Meinberg NTPd client.\n\n### mac_os_x_client recipe\n\nmacOS only. Apply on a macOS host to configure NTP.\n\n## Contributors\n\nThis project exists thanks to all the people who [contribute.](https://opencollective.com/sous-chefs/contributors.svg?width=890\u0026button=false)\n\n### Backers\n\nThank you to all our backers!\n\n![https://opencollective.com/sous-chefs#backers](https://opencollective.com/sous-chefs/backers.svg?width=600\u0026avatarHeight=40)\n\n### Sponsors\n\nSupport this project by becoming a sponsor. Your logo will show up here with a link to your website.\n\n![https://opencollective.com/sous-chefs/sponsor/0/website](https://opencollective.com/sous-chefs/sponsor/0/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/1/website](https://opencollective.com/sous-chefs/sponsor/1/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/2/website](https://opencollective.com/sous-chefs/sponsor/2/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/3/website](https://opencollective.com/sous-chefs/sponsor/3/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/4/website](https://opencollective.com/sous-chefs/sponsor/4/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/5/website](https://opencollective.com/sous-chefs/sponsor/5/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/6/website](https://opencollective.com/sous-chefs/sponsor/6/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/7/website](https://opencollective.com/sous-chefs/sponsor/7/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/8/website](https://opencollective.com/sous-chefs/sponsor/8/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/9/website](https://opencollective.com/sous-chefs/sponsor/9/avatar.svg?avatarHeight=100)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsous-chefs%2Fntp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsous-chefs%2Fntp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsous-chefs%2Fntp/lists"}