(define-module (services chrony) #:use-module (gnu packages admin) #:use-module (gnu packages ntp) #:use-module (gnu services) #:use-module (gnu services shepherd) #:use-module (gnu system shadow) #:use-module (guix gexp) #:use-module (guix modules) #:use-module (guix records) #:export (chrony-service-type chrony-configuration)) (define %chrony-accounts (list (user-group (name "chrony") (system? #t)) (user-account (name "chrony") (group "chrony") (system? #t) (comment "chronyd user") (home-directory "/var/lib/chrony") (shell (file-append shadow "/sbin/nologin"))))) (define-record-type* chrony-configuration make-chrony-configuration chrony-configuration? (chrony chrony-configuration-chrony (default chrony)) (syscall-filter chrony-configuration-syscall-filter (default "0")) (config-file chrony-configuration-config-file (default (plain-file "empty" "")))) (define (chrony-shepherd-service config) (match-record config (chrony syscall-filter config-file) (list (shepherd-service (provision '(ntpd)) (documentation "Run the chrony NTP daemon.") (requirement '(user-processes networking syslogd)) (start #~(make-forkexec-constructor (list (string-append #$chrony "/sbin/chronyd") "-n" "-u" "chrony" "-F" #$syscall-filter "-f" #$config-file))) (stop #~(make-kill-destructor)))))) (define chrony-service-type (service-type (name 'chrony) (extensions (list (service-extension shepherd-root-service-type chrony-shepherd-service) (service-extension account-service-type (const %chrony-accounts)) (service-extension profile-service-type (compose list chrony-configuration-chrony)))) (default-value (chrony-configuration)) (description "Run @command{chronyd}, a Network Time Protocol (NTP) daemon. The daemon will keep the system clock synchronized with that of the given servers.")))