nixos/timesyncd: allow NTP servers advertised by DHCP to be used #335755
Conversation
github-actions
bot
added
6.topic: nixos
| @@ -82,8 +93,9 @@ with lib; | |||
|
|
|||
| environment.etc."systemd/timesyncd.conf".text = '' | |||
| [Time] | |||
| NTP=${concatStringsSep " " config.services.timesyncd.servers} | |||
| ${config.services.timesyncd.extraConfig} | |||
| NTP=${concatStringsSep " " cfg.servers} | |||
There was a problem hiding this comment.
In man:timesyncd.conf(5), NTP=:
When the empty string is assigned, the list of NTP servers is reset, and all prior assignments will have no effect.
So, should we write NTP= in the file:
# cat /etc/systemd/timesyncd.conf
[Time]
NTP=
FallbackNTP=0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.orgor remove the empty NTP= altogether when servers is the empty list:
# cat /etc/systemd/timesyncd.conf
[Time]
FallbackNTP=0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.orgWhat do you suggest?
There was a problem hiding this comment.
Wouldn't setting this to an empty string imply the defaults are always used, and it's not possible to receive config over DHCP?
I feel like we need a VM test that sends config over DHCP and peeks at what's getting set.
There was a problem hiding this comment.
When the empty string is assigned, the list of NTP servers is reset, and all prior assignments will have no effect.
This probably refers to dropins like for service files. eg. if you want to overwrite ExecStart= you first need to set it to empty otherwise systemd thinks it is a list which doesn't work.
There was a problem hiding this comment.
Setting NTP= to an empty string will allows the NTP servers advertised by DHCP to be used:
# cat /etc/systemd/timesyncd.conf
[Time]
NTP=I tested it on a local system and I confirm it works.
There was a problem hiding this comment.
FallbackNTP=0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org
This is already an implied default because of
https://github.com/systemd/systemd/blob/0197fb599ac4f29871e8ea1923be7b14bbd7bbf0/src/timesync/timesyncd.conf.in#L21or remove the empty
NTP=altogether whenserversis the empty list:
I think we should remove it because we do not intent do explicitly remove any previously set value.
There was a problem hiding this comment.
I just do not want to break compatibility for users who are setting networking.timeServers to something different than the compiled-in values (i.e. {0..4}.nixos.pool.ntp.org). Hence the necessity to add the fallbackServers option.
There was a problem hiding this comment.
I updated the PR to let the module user choose, and by default we do not write NTP= (with empty string) so there is no risk of resetting anything.
There was a problem hiding this comment.
I would like the advice from systemd experts.
It seems that my worries about drop-ins are not justified after all.
When the empty string is assigned, the list of NTP servers is reset, and all prior assignments will have no effect.
I believe there will be no differences between writing NTP= or not writing NTP= at all despite the systemd documentation. That is because we are configuring the "main configuration file" which has lower precedence and therefore, there are no prior assignments. See CONFIGURATION DIRECTORIES AND PRECEDENCE in man:timesyncd.conf(5).
Do you agree, should I remove the possibility to set null?
ofborg
bot
added
10.rebuild-darwin: 0
datafoo
force-pushed
the
allow-ntp-servers-from-dhcp
branch
from
8e23482 to
b998047
Compare
datafoo
force-pushed
the
allow-ntp-servers-from-dhcp
branch
from
b998047 to
428fbe4
Compare
datafoo
force-pushed
the
allow-ntp-servers-from-dhcp
branch
2 times, most recently
from
3de4356 to
0db6b99
Compare
github-actions
bot
added
8.has: documentation
|
Despite my wishes, this PR breaks compatibility in few cases. Example: services.timesyncd = {
servers = [];
extraConfig = ''
FallbackNTP=0.it.pool.ntp.org 1.it.pool.ntp.org 2.it.pool.ntp.org 3.it.pool.ntp.org
'';
};Therefore, I have added some release notes. |
|
This needs another rebase, due to conflicts in the release notes. |
This gives the ability to not write `NTP=` to the `timesyncd.conf` file (servers = null) as opposed to writing `NTP=` (servers = []) which is interpreted slightly differently by systemd: > When the empty string is assigned, the list of NTP servers is reset, and all prior assignments will have no effect.
- add option `fallbackServers` with default to `networking.timeServers` - option `servers` now default to null Fix NixOS#335050
datafoo
force-pushed
the
allow-ntp-servers-from-dhcp
branch
from
0db6b99 to
24e08d0
Compare
|
Rebase done. |
|
Thanks! |
Description of changes
Things done
nix.conf? (See Nix manual)sandbox = relaxedsandbox = truenix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)Add a 👍 reaction to pull requests you find important.