NTP: Difference between revisions
imported>IgorM m Fixed syntax highlighting errors by using lang=text where it was omitted |
m Add link to chrony article |
||
(3 intermediate revisions by 2 users not shown) | |||
Line 20: | Line 20: | ||
* for '''ntpd''', use <code>services.ntp.enable = true;</code> | * for '''ntpd''', use <code>services.ntp.enable = true;</code> | ||
* for '''openntpd''', use <code>services.openntpd.enable = true;</code> | * for '''openntpd''', use <code>services.openntpd.enable = true;</code> | ||
* for '''chrony''', use <code>services.chrony.enable = true;</code> | * for '''[[chrony]]''', use <code>services.chrony.enable = true;</code> | ||
== Set NTP from DHCP servers == | == Set NTP from DHCP servers == | ||
Most of the time the default NTP servers will be reachable. However, sometimes the NTP servers can be blocked by the firewall (for instance most universities block NTP for security reasons). This will be visible in the <code>systemd-timesyncd.service</code>: | Most of the time the default NTP servers will be reachable. However, sometimes the NTP servers can be blocked by the firewall (for instance most universities block NTP for security reasons). This will be visible in the <code>systemd-timesyncd.service</code>: | ||
<syntaxHighlight lang= | <syntaxHighlight lang=console> | ||
$ sudo systemctl status systemd-timesyncd.service | $ sudo systemctl status systemd-timesyncd.service | ||
● systemd-timesyncd.service - Network Time Synchronization | ● systemd-timesyncd.service - Network Time Synchronization | ||
Line 34: | Line 34: | ||
You can also test a specific server as follows: | You can also test a specific server as follows: | ||
<syntaxHighlight lang= | <syntaxHighlight lang=console> | ||
$ nix-shell -p ntp | $ nix-shell -p ntp | ||
$ ntpdate -q 0.nixos.pool.ntp.org | $ ntpdate -q 0.nixos.pool.ntp.org | ||
Line 41: | Line 41: | ||
However, a replacement NTP is usually provided in that case via the DHCP protocol. You can see it for instance if you use Network Manager: | However, a replacement NTP is usually provided in that case via the DHCP protocol. You can see it for instance if you use Network Manager: | ||
<syntaxHighlight lang= | <syntaxHighlight lang=console> | ||
$ nmcli connection show 'name-of-the-current-connection' | grep ntp | $ nmcli connection show 'name-of-the-current-connection' | grep ntp | ||
DHCP4.OPTION[8]: ntp_servers = 192.168.x.y | DHCP4.OPTION[8]: ntp_servers = 192.168.x.y | ||
Line 51: | Line 51: | ||
You might also be able to get the actual hostname of the DHCP (if it exists) using: | You might also be able to get the actual hostname of the DHCP (if it exists) using: | ||
<syntaxHighlight lang= | <syntaxHighlight lang=console> | ||
$ sudo nmap -sP 192.168.x.y | $ sudo nmap -sP 192.168.x.y | ||
</syntaxHighlight> | </syntaxHighlight> | ||
Line 118: | Line 118: | ||
To apply the change, switch to your new configuration and make sure to restart Network Manager: | To apply the change, switch to your new configuration and make sure to restart Network Manager: | ||
<syntaxHighlight lang= | <syntaxHighlight lang=console> | ||
$ sudo systemctl restart NetworkManager.service | $ sudo systemctl restart NetworkManager.service | ||
</syntaxHighlight> | |||
Check if the NTP server is used (may need to wait a few minutes): | |||
<syntaxHighlight lang=console> | |||
$ sudo systemctl status systemd-timesyncd.service | $ sudo systemctl status systemd-timesyncd.service | ||
</syntaxHighlight> | </syntaxHighlight> | ||
Line 126: | Line 128: | ||
</li> | </li> | ||
</ol> | </ol> | ||
[[Category:Server]] | |||
[[Category:Cookbook]] |
Latest revision as of 13:20, 14 June 2024
NTP is a protocol to synchronise time and date information through a network. It is used to set the clock of your system automatically when your computer is connected to the internet.
NTP servers
To choose which servers to ask for time information to, use the networking.timeServers
option.
If you simply want to add a server to the default list, you can retrieve the default value of the option under the name options.networking.timeServers.default
. Make sure to have options
in the arguments at the beginning of the file:
/etc/nixos/configuration.nix
{ pkgs, lib, options, ...}
{
networking.timeServers = options.networking.timeServers.default ++ [ "ntp.example.com" ];
}
NTP daemon
Different NTP daemons are available on NixOS. The default one is systemd-timesyncd
. To switch to another
implementation:
- for ntpd, use
services.ntp.enable = true;
- for openntpd, use
services.openntpd.enable = true;
- for chrony, use
services.chrony.enable = true;
Set NTP from DHCP servers
Most of the time the default NTP servers will be reachable. However, sometimes the NTP servers can be blocked by the firewall (for instance most universities block NTP for security reasons). This will be visible in the systemd-timesyncd.service
:
$ sudo systemctl status systemd-timesyncd.service
● systemd-timesyncd.service - Network Time Synchronization
…
nov. 22 16:33:23 me systemd-timesyncd[2171]: Timed out waiting for reply from 94.198.159.11:123 (1.nixos.pool.ntp.org).
…
You can also test a specific server as follows:
$ nix-shell -p ntp
$ ntpdate -q 0.nixos.pool.ntp.org
22 Nov 17:06:57 ntpdate[4020886]: no server suitable for synchronization found
However, a replacement NTP is usually provided in that case via the DHCP protocol. You can see it for instance if you use Network Manager:
$ nmcli connection show 'name-of-the-current-connection' | grep ntp
DHCP4.OPTION[8]: ntp_servers = 192.168.x.y
DHCP4.OPTION[18]: requested_ntp_servers = 1
$ ntpdate -q 192.168.x.y
server 192.168.x.y, stratum 3, offset +2.493988, delay 0.02779
22 Nov 16:51:37 ntpdate[3923570]: step time server 192.168.128.1 offset +2.493988 sec
You might also be able to get the actual hostname of the DHCP (if it exists) using:
$ sudo nmap -sP 192.168.x.y
Then, you can of course manually add the DHCP server as explained above… but it's not practical when you often go to new places, or if the NTP server changes over time. For laptop it may not be a big issue (your internal clock will be used in that case until you reach a new network without firewalls) but for some devices like raspberry pi that can't store the time when device is turned off, or for servers that will always be behind the firewall, it can be interesting to automatically configure the NTP server using DHCP.
The procedure depends on how you configure internet:
- By default: (if you have not installed network manager…) the module
network-interfaces-scripted
will be used… unfortunately as far as I know this script cannot deal with NTP. - networkd: If you use
systemd-networkd
, then it should automatically use the right NTP… However if you want the configuration to be automatic you want to usenetworking.useNetworkd = true;
instead ofsystemd.network.enable
(useNetworkd
will automatically configuresystemd.network
to provide a good default experience as alonesystemd.network
does basically nothing). However,networking.useNetworkd
is apparently experimental now (2022) according to its documentation, so use it at your own risks. As far as I understand you can also disable the default behavior using:systemd.network.config = { dhcpV4Config = { UseNTP = false; }; dhcpV6Config = { UseNTP = false; }; }
but I have not tested it.
- Network Manager If you use Network Manager, then Network Manager cannot (in 2022) automatically configure the NTP as-it… but you can use this trick to fake it, by automatically creating a new connection-specific NTP configuration every time the connection changes and restarting
systemd-timesyncd.service
:# In /etc/nixos/configuration.nix { pkgs, lib, options, ...} { ## To use, put this in your configuration, switch to it, and restart NM: ## $ sudo systemctl restart NetworkManager.service ## To check if it works, you can do `sudo systemctl status systemd-timesyncd.service` ## (it may take a bit of time to pick the right NTP as it may try the ## other NTP firsts) networking.networkmanager.dispatcherScripts = [ { # https://wiki.archlinux.org/title/NetworkManager#Dynamically_set_NTP_servers_received_via_DHCP_with_systemd-timesyncd # You can debug with sudo journalctl -u NetworkManager-dispatcher -e # make sure to restart NM as described above source = pkgs.writeText "10-update-timesyncd" '' [ -z "$CONNECTION_UUID" ] && exit 0 INTERFACE="$1" ACTION="$2" case $ACTION in up | dhcp4-change | dhcp6-change) systemctl restart systemd-timesyncd.service if [ -n "$DHCP4_NTP_SERVERS" ]; then echo "Will add the ntp server $DHCP4_NTP_SERVERS" else echo "No DHCP4 NTP available." exit 0 fi mkdir -p /etc/systemd/timesyncd.conf.d # <<-EOF must really use tabs to keep indentation correct… and tabs are often converted to space in wiki # so I don't want to risk strange issues with indentation echo "[Time]" > "/etc/systemd/timesyncd.conf.d/''${CONNECTION_UUID}.conf" echo "NTP=$DHCP4_NTP_SERVERS" >> "/etc/systemd/timesyncd.conf.d/''${CONNECTION_UUID}.conf" systemctl restart systemd-timesyncd.service ;; down) rm -f "/etc/systemd/timesyncd.conf.d/''${CONNECTION_UUID}.conf" systemctl restart systemd-timesyncd.service ;; esac echo 'Done!' ''; } ]; }
To apply the change, switch to your new configuration and make sure to restart Network Manager:
$ sudo systemctl restart NetworkManager.service
Check if the NTP server is used (may need to wait a few minutes):
$ sudo systemctl status systemd-timesyncd.service
You might need to wait a one or two minutes as
systemd-timesyncd
may try to load other ntp servers, timeout, and then try the new NTP server.