net/chrony: Improve configuration options

net/chrony/Makefile

@@ -1,5 +1,5 @@
 PLUGIN_NAME=		chrony
-PLUGIN_VERSION=		1.5
+PLUGIN_VERSION=		1.6
 PLUGIN_REVISION=	3
 PLUGIN_COMMENT=		Chrony time synchronisation
 PLUGIN_DEPENDS=		chrony

net/chrony/pkg-descr

@@ -4,6 +4,18 @@ better in virtual environments.
 Plugin Changelog
 ----------------
 
+1.6
+
+* Update config UI to expose the following features:
+    - local/orphan mode
+    - pools
+    - prefer
+    - iburst
+    - min/max poll
+    - interleaving
+* Add per-source NTS option
+* Add NTP data diagnostics
+
 1.5
 
 * Allow adding a fallback NTP when using NTS

net/chrony/src/opnsense/mvc/app/controllers/OPNsense/Chrony/Api/GeneralController.php

@@ -32,6 +32,36 @@
 
 class GeneralController extends ApiMutableModelControllerBase
 {
-    protected static $internalModelClass = '\OPNsense\Chrony\General';
     protected static $internalModelName = 'general';
+    protected static $internalModelClass = '\OPNsense\Chrony\General';
+
+    public function searchItemAction()
+    {
+        return $this->searchBase("peers.peer", null, "address");
+    }
+
+    public function setItemAction($uuid)
+    {
+        return $this->setBase("peer", "peers.peer", $uuid);
+    }
+
+    public function addItemAction()
+    {
+        return $this->addBase("peer", "peers.peer");
+    }
+
+    public function getItemAction($uuid = null)
+    {
+        return $this->getBase("peer", "peers.peer", $uuid);
+    }
+
+    public function delItemAction($uuid)
+    {
+        return $this->delBase("peers.peer", $uuid);
+    }
+
+    public function toggleItemAction($uuid, $enabled = null)
+    {
+        return $this->toggleBase("peers.peer", $uuid, $enabled);
+    }
 }

net/chrony/src/opnsense/mvc/app/controllers/OPNsense/Chrony/Api/ServiceController.php

@@ -82,4 +82,15 @@ public function chronyauthdataAction()
         $response = $backend->configdRun("chrony chronyauthdata");
         return array("response" => $response);
     }
+
+    /**
+     * show chrony ntpdata
+     * @return array
+     */
+    public function chronyntpdataAction()
+    {
+        $backend = new Backend();
+        $response = $backend->configdRun("chrony chronyntpdata");
+        return array("response" => $response);
+    }
 }

net/chrony/src/opnsense/mvc/app/controllers/OPNsense/Chrony/GeneralController.php → net/chrony/src/opnsense/mvc/app/controllers/OPNsense/Chrony/IndexController.php

@@ -28,11 +28,13 @@
 
 namespace OPNsense\Chrony;
 
-class GeneralController extends \OPNsense\Base\IndexController
+class IndexController extends \OPNsense\Base\IndexController
 {
     public function indexAction()
     {
+        $this->view->pick('OPNsense/Chrony/index');
         $this->view->generalForm = $this->getForm('general');
-        $this->view->pick('OPNsense/Chrony/general');
+        $this->view->formDialogPeer = $this->getForm("dialogPeer");
+        $this->view->formGridPeer = $this->getFormGrid("dialogPeer");
     }
 }

net/chrony/src/opnsense/mvc/app/controllers/OPNsense/Chrony/forms/dialogPeer.xml

@@ -0,0 +1,75 @@
+<form>
+    <field>
+        <id>peer.pool</id>
+        <label>pool</label>
+        <type>checkbox</type>
+        <help>Address refers to a pool of NTP servers</help>
+        <grid_view>
+            <width>6em</width>
+            <type>boolean</type>
+            <formatter>boolean</formatter>
+        </grid_view>
+    </field>
+    <field>
+        <id>peer.address</id>
+        <label>Address</label>
+        <type>text</type>
+        <help>The address/hostname of the NTP server or pool.</help>
+    </field>
+    <field>
+        <id>peer.prefer</id>
+        <label>prefer</label>
+        <type>checkbox</type>
+        <help>Prefer this source over sources without the prefer option.</help>
+        <grid_view>
+            <width>6em</width>
+            <type>boolean</type>
+            <formatter>boolean</formatter>
+        </grid_view>
+    </field>
+    <field>
+        <id>peer.iburst</id>
+        <label>iburst</label>
+        <type>checkbox</type>
+        <help>Enable iburst for this source.</help>
+        <grid_view>
+            <width>6em</width>
+            <type>boolean</type>
+            <formatter>boolean</formatter>
+        </grid_view>
+    </field>
+    <field>
+        <id>peer.xleave</id>
+        <label>xleave</label>
+        <type>checkbox</type>
+        <help>Enable interleaved mode for this source.</help>
+        <grid_view>
+            <width>6em</width>
+            <type>boolean</type>
+            <formatter>boolean</formatter>
+        </grid_view>
+    </field>
+    <field>
+        <id>peer.minpoll</id>
+        <label>minpoll</label>
+        <type>text</type>
+        <help>The minimum interval between requests sent to the server as a power of 2 in seconds.</help>
+    </field>
+    <field>
+        <id>peer.maxpoll</id>
+        <label>maxpoll</label>
+        <type>text</type>
+        <help>The maximum interval between requests sent to the server as a power of 2 in seconds.</help>
+    </field>
+    <field>
+        <id>peer.nts</id>
+        <label>NTS</label>
+        <type>checkbox</type>
+        <help>Enable NTS authentication.</help>
+        <grid_view>
+            <width>6em</width>
+            <type>boolean</type>
+            <formatter>boolean</formatter>
+        </grid_view>
+    </field>
+</form>

net/chrony/src/opnsense/mvc/app/controllers/OPNsense/Chrony/forms/general.xml

@@ -6,36 +6,22 @@
         <help>Enable Chrony time daemon.</help>
     </field>
     <field>
-        <id>general.port</id>
-        <label>Listen Port</label>
+        <id>general.localstratum</id>
+        <label>Local Stratum</label>
         <type>text</type>
-        <help>Set the port chrony listen to.</help>
-    </field>
-    <field>
-        <id>general.ntsclient</id>
-        <label>NTS Client Support</label>
-        <type>checkbox</type>
-        <help>Enable NTS in client mode. This will add another layer of security for peers when OPNsense is the client. Every server in Peers has to support NTS.</help>
+        <help>(1-15) Local mode allows the system clock to be used when no other clocks are available. The number here specifies the stratum reported by the local clock and should normally be set to a number high enough to ensure that any other servers available to clients are preferred over this server.</help>
     </field>
     <field>
-        <id>general.ntsnocert</id>
-        <label>NTS Disable Certcheck</label>
+        <id>general.orphanmode</id>
+        <label>Orphan Mode</label>
         <type>checkbox</type>
-        <help>If you run NTS mode you can enable this option in order to ignore wrong time in certificates for the first check. This helps if your system starts with wrong time.</help>
+        <help></help>
     </field>
     <field>
-        <id>general.peers</id>
-        <label>NTP Peers</label>
-        <style>tokenize</style>
-        <type>select_multiple</type>
-        <allownew>true</allownew>
-        <help>Set as many NTP peers you need.</help>
-    </field>
-    <field>
-        <id>general.fallbackpeers</id>
-        <label>Fallback Peer</label>
+        <id>general.port</id>
+        <label>Listen Port</label>
         <type>text</type>
-        <help>Set fallback peer if you use NTS and your system starts with wrong time. Best to only use this for internal trusted peers.</help>
+        <help>Set the port chrony listen to.</help>
     </field>
     <field>
         <id>general.allowednetworks</id>
@@ -45,4 +31,10 @@
         <allownew>true</allownew>
         <help>Set the networks allowed to synchronize time with this server. If this value is not set it will also not listen to the port and just synchronize the time for itself.</help>
     </field>
+    <field>
+        <id>general.ntsnocert</id>
+        <label>NTS Disable Certcheck</label>
+        <type>checkbox</type>
+        <help>If you run NTS mode you can enable this option in order to ignore wrong time in certificates for the first check. This helps if your system starts with wrong time.</help>
+    </field>
 </form>

net/chrony/src/opnsense/mvc/app/models/OPNsense/Chrony/General.xml

@@ -7,31 +7,68 @@
             <Default>0</Default>
             <Required>Y</Required>
         </enabled>
-        <port type="PortField">
-            <Default>323</Default>
-            <Required>Y</Required>
-        </port>
-        <ntsclient type="BooleanField">
-            <Default>0</Default>
-            <Required>Y</Required>
-        </ntsclient>
-        <ntsnocert type="BooleanField">
+        <localstratum type="IntegerField">
+            <MinimumValue>1</MinimumValue>
+            <MaximumValue>15</MaximumValue>
+            <Required>N</Required>
+            <ValidationMessage>Local stratum must be within 1-15.</ValidationMessage>
+        </localstratum>
+        <orphanmode type="BooleanField">
             <Default>0</Default>
             <Required>Y</Required>
-        </ntsnocert>
-        <peers type="HostnameField">
-            <Default>0.opnsense.pool.ntp.org</Default>
+        </orphanmode>
+        <port type="PortField">
+            <Default>123</Default>
             <Required>Y</Required>
-            <FieldSeparator>,</FieldSeparator>
-            <AsList>Y</AsList>
-        </peers>
-        <fallbackpeers type="HostnameField">
-            <Required>N</Required>
-        </fallbackpeers>
+        </port>
         <allowednetworks type="NetworkField">
             <Required>N</Required>
             <FieldSeparator>,</FieldSeparator>
             <AsList>Y</AsList>
         </allowednetworks>
+        <ntsnocert type="BooleanField">
+            <Default>0</Default>
+            <Required>Y</Required>
+        </ntsnocert>
+        <peers>
+            <peer type="ArrayField">
+                <pool type="BooleanField">
+                    <Default>0</Default>
+                    <Required>Y</Required>
+                </pool>
+                <address type="HostnameField">
+                    <Default>opnsense.pool.ntp.org</Default>
+                    <Required>Y</Required>
+                </address>
+                <prefer type="BooleanField">
+                    <Default>0</Default>
+                    <Required>Y</Required>
+                </prefer>
+                <iburst type="BooleanField">
+                    <Default>0</Default>
+                    <Required>Y</Required>
+                </iburst>
+                <xleave type="BooleanField">
+                    <Default>0</Default>
+                    <Required>Y</Required>
+                </xleave>
+                <minpoll type="IntegerField">
+                    <MinimumValue>-6</MinimumValue>
+                    <MaximumValue>24</MaximumValue>
+                    <Required>N</Required>
+                    <ValidationMessage>minpoll value must be between -6 and 24.</ValidationMessage>
+                </minpoll>
+                <maxpoll type="IntegerField">
+                    <MinimumValue>-6</MinimumValue>
+                    <MaximumValue>24</MaximumValue>
+                    <Required>N</Required>
+                    <ValidationMessage>maxpoll value must be between -6 and 24.</ValidationMessage>
+                </maxpoll>
+                <nts type="BooleanField">
+                    <Default>0</Default>
+                    <Required>Y</Required>
+                </nts>
+            </peer>
+        </peers>
     </items>
 </model>

net/chrony/src/opnsense/mvc/app/models/OPNsense/Chrony/Menu/Menu.xml

@@ -1,7 +1,7 @@
 <menu>
   <Services>
     <Chrony cssClass="fa fa-clock-o">
-      <General url="/ui/chrony/general/index"/>
+      <General url="/ui/chrony/index/index"/>
     </Chrony>
   </Services>
 </menu>