--- /dev/null
+## !/bin/bash
+#raw
+
+#-----------------------------------------------------------
+deinstall_ntp() {
+
+ if rpm -qa | grep '^ntp-[0-9]' >/dev/null ; then
+ :
+ else
+ echo
+ echo "ntp is not installed."
+ return 0
+ fi
+
+ echo
+ echo "${HASH_LINE}"
+ echo
+ log "Deinstalling ntp ..."
+ echo
+ echo "Stopping ntpd.service ..."
+ systemctl stop ntpd.service || return 5
+ echo
+ echo "Disabling ntpd.service ..."
+ systemctl disable ntpd.service || return 5
+ echo
+ echo "Deinstalling ntp ..."
+ yum remove -y ntp || return 5
+ return 0
+
+}
+
+#-----------------------------------------------------------
+install_chrony() {
+
+ if rpm -qa | grep '^chrony-[0-9]' >/dev/null ; then
+ echo
+ echo "chrony is already installed."
+ return 0
+ fi
+
+ echo
+ log "Installing Chrony ..."
+ if yum install -y chrony ; then
+ return 0
+ else
+ echo "[$(date)]: Could not install chrony" | tee -a "${ERROR_POINTER}"
+ return 6
+ fi
+ return 0
+
+}
+
+#-----------------------------------------------------------
+perform_chrony() {
+
+ if deinstall_ntp ; then
+ if install_chrony ; then
+ echo
+ echo "All packages okay."
+ else
+ return 6
+ fi
+ else
+ return 5
+ fi
+
+ echo
+ log "Configuring Chrony ..."
+
+ cat <<-EOF > /etc/chrony.conf
+ # Chrony configuration
+
+ # Using timeservers of pixelpark
+ server time01.pixelpark.com iburst
+ server time02.pixelpark.com iburst
+ server time03.pixelpark.com iburst
+
+ # Record the rate at which the system clock gains/losses time.
+ driftfile /var/lib/chrony/drift
+
+ # Allow the system clock to be stepped in the first three updates
+ # if its offset is larger than 1 second.
+ makestep 1.0 3
+
+ # Enable kernel synchronization of the real-time clock (RTC).
+ rtcsync
+
+ # Enable hardware timestamping on all interfaces that support it.
+ #hwtimestamp *
+
+ # Increase the minimum number of selectable sources required to adjust
+ # the system clock.
+ minsources 2
+
+ # Allow NTP client access from local network.
+ #allow 192.168.0.0/16
+ allow 10/8
+ allow 192.168/16
+ allow 172.16/12
+
+ # Serve time even if not synchronized to a time source.
+ local stratum 10
+
+ # Specify file containing keys for NTP authentication.
+ keyfile /etc/chrony.keys
+
+ # Specify directory for log files.
+ logdir /var/log/chrony
+
+ # Select which information is logged.
+ log measurements statistics tracking
+
+ EOF
+
+ mkdir -pv /var/log/chrony
+ chmod -v 0755 /var/log/chrony
+ chown -v chrony:chrony /var/log/chrony
+
+ echo
+ echo "Configuring chrony keys ..."
+ if [[ -f /etc/chrony.keys ]] ; then
+ echo "File /etc/chrony.keys is already existing"
+ else
+ cat <<-EOF > /etc/chrony.keys
+ # This is the chrony keys file. It is used for NTP authentication with
+ # symmetric keys. It should be readable only by root or the user to which
+ # chronyd is configured to switch to after start.
+
+ # Examples of valid keys:
+
+ #1 MD5 AVeryLongAndRandomPassword
+ #2 MD5 HEX:12114855C7931009B4049EF3EFC48A139C3F989F
+ #3 SHA1 HEX:B2159C05D6A219673A3B7E896B6DE07F6A440995
+
+ EOF
+ fi
+
+ echo "Removing of possibly existing keys ..."
+ sed -i -e '/^[1-9][0-9]*/d' /etc/chrony.keys
+
+ local method=
+ local keylen=256
+ local i=
+ local key=
+ for method in 'MD5' 'SHA1' 'SHA256' 'SHA512'; do
+ echo " * ${method}"
+ key=$( chronyc keygen $i "${method}" "${keylen}" )
+ echo " $key"
+ echo "${key}" >> /etc/chrony.keys
+ i=$(( $i + 1 ))
+ done
+ echo >> /etc/chrony.keys
+
+}
+
+perform_chrony
+
+#end raw
+## vim: ts=4 et list
projects / pixelpark / create-vmware-tpl.git / commitdiff