Commit | Line | Data |
---|---|---|
d99e12d2 | 1 | ;;; GNU Guix --- Functional package management for GNU |
53a427cf | 2 | ;;; Copyright © 2014 John Darrington <jmd@gnu.org> |
b7921ba5 | 3 | ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org> |
4ee69624 | 4 | ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com> |
0927b5be | 5 | ;;; Copyright © 2015, 2018 Ludovic Courtès <ludo@gnu.org> |
16718b67 | 6 | ;;; Copyright © 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il> |
9f12e06b | 7 | ;;; Copyright © 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr> |
f92cf9d3 | 8 | ;;; Copyright © 2019 Maxim Cournoyer <maxim.cournoyer@gmail.com> |
d99e12d2 JD |
9 | ;;; |
10 | ;;; This file is part of GNU Guix. | |
11 | ;;; | |
12 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
13 | ;;; under the terms of the GNU General Public License as published by | |
14 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
15 | ;;; your option) any later version. | |
16 | ;;; | |
17 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
18 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
19 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
20 | ;;; GNU General Public License for more details. | |
21 | ;;; | |
22 | ;;; You should have received a copy of the GNU General Public License | |
23 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
24 | ||
25 | (define-module (gnu packages ntp) | |
26 | #:use-module (gnu packages) | |
4b163550 | 27 | #:use-module (gnu packages autotools) |
ce0614dd | 28 | #:use-module (gnu packages base) |
4b163550 | 29 | #:use-module (gnu packages libevent) |
52b321e9 | 30 | #:use-module (gnu packages linux) |
9f12e06b | 31 | #:use-module (gnu packages nettle) |
53a427cf | 32 | #:use-module (gnu packages pkg-config) |
9f12e06b | 33 | #:use-module (gnu packages readline) |
cc2b77df | 34 | #:use-module (gnu packages tls) |
4b163550 TGR |
35 | #:use-module (guix build-system gnu) |
36 | #:use-module (guix download) | |
37 | #:use-module (guix git-download) | |
53a427cf | 38 | #:use-module ((guix licenses) #:prefix l:) |
d99e12d2 | 39 | #:use-module (guix packages) |
53a427cf | 40 | #:use-module (guix utils) |
d99e12d2 JD |
41 | #:use-module (srfi srfi-1)) |
42 | ||
9f12e06b TGR |
43 | (define-public chrony |
44 | (package | |
45 | (name "chrony") | |
46 | (version "3.5") | |
47 | (source | |
48 | (origin | |
49 | (method url-fetch) | |
50 | (uri (string-append "https://download.tuxfamily.org/chrony/" | |
51 | "chrony-" version ".tar.gz")) | |
52 | (sha256 | |
53 | (base32 "1d9r2dhslll4kzdmxrj0qfgwq1b30d4l3s5cwr8yr93029dpj0jf")))) | |
54 | (build-system gnu-build-system) | |
55 | (arguments | |
56 | `(#:modules ((srfi srfi-26) | |
57 | (guix build utils) | |
58 | (guix build gnu-build-system)) | |
59 | #:configure-flags | |
60 | (list "--enable-scfilter" | |
61 | "--with-sendmail=sendmail" | |
62 | "--with-user=chrony") | |
63 | #:phases | |
64 | (modify-phases %standard-phases | |
65 | (add-after 'unpack 'stay-inside-out | |
66 | ;; Simply setting CHRONYVARDIR to something nonsensical at install | |
67 | ;; time would result in nonsense file names in man pages. | |
68 | (lambda _ | |
69 | (substitute* "Makefile.in" | |
70 | (("mkdir -p \\$\\(DESTDIR\\)\\$\\(CHRONYVARDIR\\)") ":")) | |
71 | #t)) | |
72 | (add-after 'install 'install-more-documentation | |
73 | (lambda* (#:key outputs #:allow-other-keys) | |
74 | (let* ((out (assoc-ref outputs "out")) | |
75 | (doc (string-append out "/share/doc/" ,name "-" ,version))) | |
76 | (for-each (cut install-file <> doc) | |
77 | (list "README" "FAQ")) | |
78 | (copy-recursively "examples" (string-append doc "/examples")) | |
79 | #t)))))) | |
80 | (native-inputs | |
81 | `(("pkg-config" ,pkg-config))) | |
82 | (inputs | |
83 | `(("libcap" ,libcap) | |
84 | ("libseccomp" ,libseccomp) | |
85 | ("nettle" ,nettle))) | |
86 | (home-page "https://chrony.tuxfamily.org/") | |
87 | (synopsis "System clock synchronisation service that speaks NTP") | |
88 | (description | |
89 | "Chrony keeps your system time accurate. It synchronises your computer's | |
90 | clock with @acronym{NTP, Network Time Protocol} servers, reference clocks such | |
91 | as GPS receivers, or even manual input of the correct time from a wristwatch. | |
92 | ||
93 | Chrony will determine the rate at which the computer gains or loses time, and | |
94 | compensate for it. It can also operate as an NTPv4 (RFC 5905) server and peer | |
95 | to tell time to other computers on the network. | |
96 | ||
97 | It's designed to perform well even under adverse conditions: congested | |
98 | networks, unreliable clocks drifting with changes in temperature, and devices | |
99 | or virtual machines that are frequently turned off and connect to the Internet | |
100 | for only a few minutes at a time. | |
101 | ||
102 | Typical accuracy when synchronised over the Internet is several milliseconds. | |
103 | On a local network this can reach tens of microseconds. With hardware | |
104 | time-stamping or reference clock, sub-microsecond accuracy is possible.") | |
105 | (license l:gpl2))) | |
106 | ||
d99e12d2 JD |
107 | (define-public ntp |
108 | (package | |
109 | (name "ntp") | |
db34ab73 | 110 | (version "4.2.8p14") |
d35de59b EF |
111 | (source |
112 | (origin | |
113 | (method url-fetch) | |
114 | (uri (list (string-append | |
115 | "http://archive.ntp.org/ntp4/ntp-" | |
116 | (version-major+minor version) | |
117 | "/ntp-" version ".tar.gz") | |
118 | (string-append | |
119 | "https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-" | |
120 | (version-major+minor version) | |
121 | "/ntp-" version ".tar.gz"))) | |
122 | (sha256 | |
db34ab73 | 123 | (base32 "1dsfbrad5adwjnm3k0y0ip8dzs7r2nmw66vjil8gvapnh7qf8q0r")) |
d35de59b EF |
124 | (modules '((guix build utils))) |
125 | (snippet | |
126 | '(begin | |
127 | ;; Remove the bundled copy of libevent, but we must keep | |
128 | ;; sntp/libevent/build-aux since configure.ac contains | |
129 | ;; AC_CONFIG_AUX_DIR([sntp/libevent/build-aux]) | |
130 | (rename-file "sntp/libevent/build-aux" | |
131 | "sntp/libevent:build-aux") | |
132 | (delete-file-recursively "sntp/libevent") | |
133 | (mkdir "sntp/libevent") | |
134 | (rename-file "sntp/libevent:build-aux" | |
135 | "sntp/libevent/build-aux") | |
136 | #t)))) | |
53a427cf MW |
137 | (native-inputs `(("which" ,which) |
138 | ("pkg-config" ,pkg-config))) | |
52b321e9 | 139 | (inputs |
53a427cf | 140 | `(("openssl" ,openssl) |
a60cd281 | 141 | ("libevent" ,libevent) |
53a427cf MW |
142 | ;; Build with POSIX capabilities support on GNU/Linux. This allows 'ntpd' |
143 | ;; to run as non-root (when invoked with '-u'.) | |
144 | ,@(if (string-suffix? "-linux" | |
145 | (or (%current-target-system) (%current-system))) | |
146 | `(("libcap" ,libcap)) | |
147 | '()))) | |
a60cd281 MW |
148 | (arguments |
149 | `(#:phases | |
150 | (modify-phases %standard-phases | |
151 | (add-after 'unpack 'disable-network-test | |
152 | (lambda _ | |
153 | (substitute* "tests/libntp/Makefile.in" | |
154 | (("test-decodenetnum\\$\\(EXEEXT\\) ") "")) | |
155 | #t))))) | |
d99e12d2 | 156 | (build-system gnu-build-system) |
e881752c | 157 | (synopsis "Real time clock synchronization system") |
d99e12d2 JD |
158 | (description "NTP is a system designed to synchronize the clocks of |
159 | computers over a network.") | |
53a427cf | 160 | (license (l:x11-style |
e4a9f135 | 161 | "https://www.eecis.udel.edu/~mills/ntp/html/copyright.html" |
d99e12d2 | 162 | "A non-copyleft free licence from the University of Delaware")) |
e4a9f135 | 163 | (home-page "https://www.ntp.org"))) |
4ee69624 TUBK |
164 | |
165 | (define-public openntpd | |
166 | (package | |
167 | (name "openntpd") | |
6dbad376 | 168 | (version "6.2p3") |
4ee69624 TUBK |
169 | (source (origin |
170 | (method url-fetch) | |
4ee69624 | 171 | (uri (string-append |
198571b2 | 172 | "mirror://openbsd/OpenNTPD/openntpd-" version ".tar.gz")) |
4ee69624 TUBK |
173 | (sha256 |
174 | (base32 | |
6dbad376 | 175 | "0fn12i4kzsi0zkr4qp3dp9bycmirnfapajqvdfx02zhr4hanj0kv")))) |
4ee69624 | 176 | (build-system gnu-build-system) |
16718b67 | 177 | (arguments |
f92cf9d3 MC |
178 | '(#:configure-flags `( "--with-privsep-user=ntpd" |
179 | "--localstatedir=/var" | |
180 | ,(string-append "--with-cacert=" | |
181 | (assoc-ref %build-inputs "libressl") | |
182 | "/etc/ssl/cert.pem")) | |
16718b67 EF |
183 | #:phases |
184 | (modify-phases %standard-phases | |
185 | (add-after 'unpack 'modify-install-locations | |
186 | (lambda _ | |
187 | ;; Don't try to create /var/run or /var/db | |
188 | (substitute* "src/Makefile.in" | |
189 | (("DESTDIR\\)\\$\\(localstatedir") "TMPDIR")) | |
190 | #t))))) | |
080e023d LF |
191 | (inputs |
192 | `(("libressl" ,libressl))) ; enable TLS time constraints. See ntpd.conf(5). | |
4ee69624 TUBK |
193 | (home-page "http://www.openntpd.org/") |
194 | (synopsis "NTP client and server by the OpenBSD Project") | |
195 | (description "OpenNTPD is the OpenBSD Project's implementation of a client | |
196 | and server for the Network Time Protocol. Its design goals include being | |
197 | secure, easy to configure, and accurate enough for most purposes, so it's more | |
198 | minimalist than ntpd.") | |
199 | ;; A few of the source files are under bsd-3. | |
200 | (license (list l:isc l:bsd-3)))) | |
604d20a2 LC |
201 | |
202 | (define-public tlsdate | |
203 | (package | |
204 | (name "tlsdate") | |
205 | (version "0.0.13") | |
206 | (home-page "https://github.com/ioerror/tlsdate") | |
207 | (source (origin | |
208 | (method git-fetch) | |
209 | (uri (git-reference | |
210 | (commit (string-append "tlsdate-" version)) | |
211 | (url home-page))) | |
212 | (sha256 | |
213 | (base32 | |
214 | "0w3v63qmbhpqlxjsvf4k3zp90k6mdzi8cdpgshan9iphy1f44xgl")) | |
215 | (file-name (string-append name "-" version "-checkout")))) | |
216 | (build-system gnu-build-system) | |
217 | (arguments | |
0927b5be LC |
218 | `(;; Disable seccomp when it's not supported--e.g., on aarch64. See |
219 | ;; 'src/seccomp.c' for the list of supported systems. | |
220 | #:configure-flags ,(if (any (lambda (system) | |
221 | (string-contains (or | |
222 | (%current-target-system) | |
223 | (%current-system)) | |
224 | system)) | |
225 | '("x86_64" "i686" "arm")) | |
226 | ''() | |
227 | ''("--disable-seccomp-filter")) | |
228 | ||
229 | #:phases (modify-phases %standard-phases | |
604d20a2 LC |
230 | (add-after 'unpack 'autogen |
231 | (lambda _ | |
232 | ;; The ancestor of 'SOURCE_DATE_EPOCH'; it contains the | |
233 | ;; date that is recorded in binaries. It must be a | |
234 | ;; "recent date" since it is used to detect bogus dates | |
235 | ;; received from servers. | |
23256858 | 236 | (setenv "COMPILE_DATE" (number->string 1530144000)) |
efc1fd32 | 237 | (invoke "sh" "autogen.sh")))))) |
4ecf790e | 238 | (inputs `(("openssl" ,openssl-1.0) |
604d20a2 LC |
239 | ("libevent" ,libevent))) |
240 | (native-inputs `(("pkg-config" ,pkg-config) | |
241 | ("autoconf" ,autoconf) | |
242 | ("automake" ,automake) | |
243 | ("libtool" ,libtool))) | |
244 | (synopsis "Extract remote time from TLS handshakes") | |
245 | (description | |
246 | "@command{tlsdate} sets the local clock by securely connecting with TLS | |
247 | to remote servers and extracting the remote time out of the secure handshake. | |
248 | Unlike ntpdate, @command{tlsdate} uses TCP, for instance connecting to a | |
249 | remote HTTPS or TLS enabled service, and provides some protection against | |
250 | adversaries that try to feed you malicious time information.") | |
251 | (license l:bsd-3))) |