| 1 | ;;; GNU Guix --- Functional package management for GNU |
| 2 | ;;; Copyright © 2014 John Darrington <jmd@gnu.org> |
| 3 | ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org> |
| 4 | ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com> |
| 5 | ;;; Copyright © 2015, 2018 Ludovic Courtès <ludo@gnu.org> |
| 6 | ;;; Copyright © 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il> |
| 7 | ;;; Copyright © 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr> |
| 8 | ;;; Copyright © 2019 Maxim Cournoyer <maxim.cournoyer@gmail.com> |
| 9 | ;;; |
| 10 | ;;; This file is part of GNU Guix. |
| 11 | ;;; |
| 12 | ;;; GNU Guix is free software; you can redistribute it and/or modify it |
| 13 | ;;; under the terms of the GNU General Public License as published by |
| 14 | ;;; the Free Software Foundation; either version 3 of the License, or (at |
| 15 | ;;; your option) any later version. |
| 16 | ;;; |
| 17 | ;;; GNU Guix is distributed in the hope that it will be useful, but |
| 18 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of |
| 19 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 20 | ;;; GNU General Public License for more details. |
| 21 | ;;; |
| 22 | ;;; You should have received a copy of the GNU General Public License |
| 23 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. |
| 24 | |
| 25 | (define-module (gnu packages ntp) |
| 26 | #:use-module (gnu packages) |
| 27 | #:use-module (gnu packages autotools) |
| 28 | #:use-module (gnu packages base) |
| 29 | #:use-module (gnu packages libevent) |
| 30 | #:use-module (gnu packages linux) |
| 31 | #:use-module (gnu packages nettle) |
| 32 | #:use-module (gnu packages pkg-config) |
| 33 | #:use-module (gnu packages readline) |
| 34 | #:use-module (gnu packages tls) |
| 35 | #:use-module (guix build-system gnu) |
| 36 | #:use-module (guix download) |
| 37 | #:use-module (guix git-download) |
| 38 | #:use-module ((guix licenses) #:prefix l:) |
| 39 | #:use-module (guix packages) |
| 40 | #:use-module (guix utils) |
| 41 | #:use-module (srfi srfi-1)) |
| 42 | |
| 43 | (define-public chrony |
| 44 | (package |
| 45 | (name "chrony") |
| 46 | (version "4.0") |
| 47 | (source |
| 48 | (origin |
| 49 | (method url-fetch) |
| 50 | (uri (string-append "https://download.tuxfamily.org/chrony/" |
| 51 | "chrony-" version ".tar.gz")) |
| 52 | (sha256 |
| 53 | (base32 "09f6w2x5h5kamb4rhcbaz911q1f730qdalgsn8s48yjyqlafl9xy")))) |
| 54 | (build-system gnu-build-system) |
| 55 | (arguments |
| 56 | `(#:modules ((srfi srfi-26) |
| 57 | (guix build utils) |
| 58 | (guix build gnu-build-system)) |
| 59 | #:configure-flags |
| 60 | (list "--enable-scfilter" |
| 61 | "--with-sendmail=sendmail" |
| 62 | "--with-user=chrony") |
| 63 | #:phases |
| 64 | (modify-phases %standard-phases |
| 65 | (add-after 'unpack 'stay-inside-out |
| 66 | ;; Simply setting CHRONYVARDIR to something nonsensical at install |
| 67 | ;; time would result in nonsense file names in man pages. |
| 68 | (lambda _ |
| 69 | (substitute* "Makefile.in" |
| 70 | (("mkdir -p \\$\\(DESTDIR\\)\\$\\(CHRONYVARDIR\\)") ":")) |
| 71 | #t)) |
| 72 | (add-after 'install 'install-more-documentation |
| 73 | (lambda* (#:key outputs #:allow-other-keys) |
| 74 | (let* ((out (assoc-ref outputs "out")) |
| 75 | (doc (string-append out "/share/doc/" ,name "-" ,version))) |
| 76 | (for-each (cut install-file <> doc) |
| 77 | (list "README" "FAQ")) |
| 78 | (copy-recursively "examples" (string-append doc "/examples")) |
| 79 | #t)))))) |
| 80 | (native-inputs |
| 81 | `(("pkg-config" ,pkg-config))) |
| 82 | (inputs |
| 83 | `(("gnutls" ,gnutls) |
| 84 | ("libcap" ,libcap) |
| 85 | ("libseccomp" ,libseccomp) |
| 86 | ("nettle" ,nettle))) |
| 87 | (home-page "https://chrony.tuxfamily.org/") |
| 88 | (synopsis "System clock synchronisation service that speaks NTP") |
| 89 | (description |
| 90 | "Chrony keeps your system time accurate. It synchronises your computer's |
| 91 | clock with @acronym{NTP, Network Time Protocol} servers, reference clocks such |
| 92 | as GPS receivers, or even manual input of the correct time from a wristwatch. |
| 93 | |
| 94 | Chrony will determine the rate at which the computer gains or loses time, and |
| 95 | compensate for it. It can also operate as an NTPv4 (RFC 5905) server and peer |
| 96 | to tell time to other computers on the network. |
| 97 | |
| 98 | It's designed to perform well even under adverse conditions: congested |
| 99 | networks, unreliable clocks drifting with changes in temperature, and devices |
| 100 | or virtual machines that are frequently turned off and connect to the Internet |
| 101 | for only a few minutes at a time. |
| 102 | |
| 103 | Typical accuracy when synchronised over the Internet is several milliseconds. |
| 104 | On a local network this can reach tens of microseconds. With hardware |
| 105 | time-stamping or reference clock, sub-microsecond accuracy is possible.") |
| 106 | (license l:gpl2))) |
| 107 | |
| 108 | (define-public ntp |
| 109 | (package |
| 110 | (name "ntp") |
| 111 | (version "4.2.8p15") |
| 112 | (source |
| 113 | (origin |
| 114 | (method url-fetch) |
| 115 | (uri (list (string-append |
| 116 | "https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-" |
| 117 | (version-major+minor version) |
| 118 | "/ntp-" version ".tar.gz") |
| 119 | (string-append |
| 120 | "http://archive.ntp.org/ntp4/ntp-" |
| 121 | (version-major+minor version) |
| 122 | "/ntp-" version ".tar.gz"))) |
| 123 | (sha256 |
| 124 | (base32 "06cwhimm71safmwvp6nhxp6hvxsg62whnbgbgiflsqb8mgg40n7n")) |
| 125 | (modules '((guix build utils))) |
| 126 | (snippet |
| 127 | '(begin |
| 128 | ;; Remove the bundled copy of libevent, but we must keep |
| 129 | ;; sntp/libevent/build-aux since configure.ac contains |
| 130 | ;; AC_CONFIG_AUX_DIR([sntp/libevent/build-aux]) |
| 131 | (rename-file "sntp/libevent/build-aux" |
| 132 | "sntp/libevent:build-aux") |
| 133 | (delete-file-recursively "sntp/libevent") |
| 134 | (mkdir "sntp/libevent") |
| 135 | (rename-file "sntp/libevent:build-aux" |
| 136 | "sntp/libevent/build-aux") |
| 137 | #t)))) |
| 138 | (native-inputs `(("which" ,which) |
| 139 | ("pkg-config" ,pkg-config))) |
| 140 | (inputs |
| 141 | `(("openssl" ,openssl) |
| 142 | ("libevent" ,libevent) |
| 143 | ;; Build with POSIX capabilities support on GNU/Linux. This allows 'ntpd' |
| 144 | ;; to run as non-root (when invoked with '-u'.) |
| 145 | ,@(if (string-suffix? "-linux" |
| 146 | (or (%current-target-system) (%current-system))) |
| 147 | `(("libcap" ,libcap)) |
| 148 | '()))) |
| 149 | (arguments |
| 150 | `(#:phases |
| 151 | (modify-phases %standard-phases |
| 152 | (add-after 'unpack 'disable-network-test |
| 153 | (lambda _ |
| 154 | (substitute* "tests/libntp/Makefile.in" |
| 155 | (("test-decodenetnum\\$\\(EXEEXT\\) ") "")) |
| 156 | #t))))) |
| 157 | (build-system gnu-build-system) |
| 158 | (synopsis "Real time clock synchronization system") |
| 159 | (description "NTP is a system designed to synchronize the clocks of |
| 160 | computers over a network.") |
| 161 | (license (l:x11-style |
| 162 | "https://www.eecis.udel.edu/~mills/ntp/html/copyright.html" |
| 163 | "A non-copyleft free licence from the University of Delaware")) |
| 164 | (home-page "https://www.ntp.org"))) |
| 165 | |
| 166 | (define-public openntpd |
| 167 | (package |
| 168 | (name "openntpd") |
| 169 | (version "6.8p1") |
| 170 | (source (origin |
| 171 | (method url-fetch) |
| 172 | (uri (string-append |
| 173 | "mirror://openbsd/OpenNTPD/openntpd-" version ".tar.gz")) |
| 174 | (sha256 |
| 175 | (base32 |
| 176 | "0ijsylc7a4jlpxsqa0jq1w1c7333id8pcakzl7a5749ria1xp0l5")))) |
| 177 | (build-system gnu-build-system) |
| 178 | (arguments |
| 179 | '(#:configure-flags `( "--with-privsep-user=ntpd" |
| 180 | "--localstatedir=/var" |
| 181 | ,(string-append "--with-cacert=" |
| 182 | (assoc-ref %build-inputs "libressl") |
| 183 | "/etc/ssl/cert.pem")) |
| 184 | #:phases |
| 185 | (modify-phases %standard-phases |
| 186 | (add-after 'unpack 'modify-install-locations |
| 187 | (lambda _ |
| 188 | ;; Don't try to create /var/run or /var/db |
| 189 | (substitute* "src/Makefile.in" |
| 190 | (("DESTDIR\\)\\$\\(localstatedir") "TMPDIR")) |
| 191 | #t))))) |
| 192 | (inputs |
| 193 | `(("libressl" ,libressl))) ; enable TLS time constraints. See ntpd.conf(5). |
| 194 | (home-page "http://www.openntpd.org/") |
| 195 | (synopsis "NTP client and server by the OpenBSD Project") |
| 196 | (description "OpenNTPD is the OpenBSD Project's implementation of a client |
| 197 | and server for the Network Time Protocol. Its design goals include being |
| 198 | secure, easy to configure, and accurate enough for most purposes, so it's more |
| 199 | minimalist than ntpd.") |
| 200 | ;; A few of the source files are under bsd-3. |
| 201 | (license (list l:isc l:bsd-3)))) |
| 202 | |
| 203 | (define-public tlsdate |
| 204 | (package |
| 205 | (name "tlsdate") |
| 206 | (version "0.0.13") |
| 207 | (home-page "https://github.com/ioerror/tlsdate") |
| 208 | (source (origin |
| 209 | (method git-fetch) |
| 210 | (uri (git-reference |
| 211 | (commit (string-append "tlsdate-" version)) |
| 212 | (url home-page))) |
| 213 | (sha256 |
| 214 | (base32 |
| 215 | "0w3v63qmbhpqlxjsvf4k3zp90k6mdzi8cdpgshan9iphy1f44xgl")) |
| 216 | (file-name (string-append name "-" version "-checkout")))) |
| 217 | (build-system gnu-build-system) |
| 218 | (arguments |
| 219 | `(;; Disable seccomp when it's not supported--e.g., on aarch64. See |
| 220 | ;; 'src/seccomp.c' for the list of supported systems. |
| 221 | #:configure-flags ,(if (any (lambda (system) |
| 222 | (string-contains (or |
| 223 | (%current-target-system) |
| 224 | (%current-system)) |
| 225 | system)) |
| 226 | '("x86_64" "i686" "arm")) |
| 227 | ''() |
| 228 | ''("--disable-seccomp-filter")) |
| 229 | |
| 230 | #:phases (modify-phases %standard-phases |
| 231 | (add-after 'unpack 'autogen |
| 232 | (lambda _ |
| 233 | ;; The ancestor of 'SOURCE_DATE_EPOCH'; it contains the |
| 234 | ;; date that is recorded in binaries. It must be a |
| 235 | ;; "recent date" since it is used to detect bogus dates |
| 236 | ;; received from servers. |
| 237 | (setenv "COMPILE_DATE" (number->string 1530144000)) |
| 238 | (invoke "sh" "autogen.sh")))))) |
| 239 | (inputs `(("openssl" ,openssl-1.0) |
| 240 | ("libevent" ,libevent))) |
| 241 | (native-inputs `(("pkg-config" ,pkg-config) |
| 242 | ("autoconf" ,autoconf) |
| 243 | ("automake" ,automake) |
| 244 | ("libtool" ,libtool))) |
| 245 | (synopsis "Extract remote time from TLS handshakes") |
| 246 | (description |
| 247 | "@command{tlsdate} sets the local clock by securely connecting with TLS |
| 248 | to remote servers and extracting the remote time out of the secure handshake. |
| 249 | Unlike ntpdate, @command{tlsdate} uses TCP, for instance connecting to a |
| 250 | remote HTTPS or TLS enabled service, and provides some protection against |
| 251 | adversaries that try to feed you malicious time information.") |
| 252 | (license l:bsd-3))) |