Mikaela/shell-things
1
0
Fork 0
mirror of https://gitea.blesmrt.net/mikaela/shell-things.git synced 2025-10-31 01:17:20 +01:00
Code Issues Projects Releases Wiki Activity

chrony: add broken NTS configuration

Browse Source 
Ref: #94
This commit is contained in:
Aminda Suomalainen 2021-08-07 23:52:15 +03:00
parent 42d0842380
commit a43478e430
Signed by: Mikaela
GPG Key ID: 99392F62BAE30723
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
etc/chrony/conf.d/allow-yggdrasil.conf
View File

@ -2,4 +2,5 @@
# Yggdrasil should protect from spoofing so this should be OK
# ufw allow from 0200::/7 to any port 123 proto udp
# NTS: ufw allow from 0200::/7 to any port 4460 proto udp
allow 0200::/7

5
etc/chrony/conf.d/nts-server.conf Normal file
View File

@ -0,0 +1,5 @@
# Functioning as NTS server, these are usual TLS certificates from acme.sh
# Note the port 4460
ntsserverkey /etc/chrony/tls/etro.mikaela.info.key
ntsservercert /etc/chrony/tls/etro.mikaela.info.crt