1.4 KiB
1.4 KiB
Chrony
Setup alternative ntp that does well with systems that may or may not always be online.
Inspiration / Further Reading
- https://salsa.debian.org/debian/chrony
- https://wiki.archlinux.org/index.php/Chrony
- https://insights.ubuntu.com/2018/04/09/ubuntu-bionic-using-chrony-to-configure-ntp
- http://manpages.ubuntu.com/manpages/trusty/man5/chrony.conf.5.html
Install
apt update
apt install chrony
systemctl enable chrony # Enable service
systemctl disable ntp.service # Disable std ntpd (replaced by chrony)
systemctl start chrony # Start service
chronyc activity # Verify install successful
Configuration
cat >> /etc/chrony/chrony.conf <<EOF
allow 172.16.16.0/24
allow 172.17.17.0/24
allow 172.18.18.0/24
allow 172.30.0.0/16
# Allow large clock adjustments (you want this as there is no RTC on most SBCs)
makestep 1 -1
EOF
systemctl restart chrony # Restart chrony to pickup config changes
Allow NTP access via internal/trusted networks
firewall-cmd --permanent --zone=internal --add-service ntp
firewall-cmd --permanent --zone=trusted --add-service ntp
firewall-cmd --reload
firewall-cmd --info-zone internal
firewall-cmd --info-zone trusted