bug#27759: NTP pool vendor zone

bug#27759: NTP pool vendor zone

[Leo Famulari]

[-- Attachment #1: Type: text/plain, Size: 1209 bytes --]

Currently our ntp-service uses the top-level NTP pool servers [0]:

(define %ntp-servers
  ;; Default set of NTP servers.
  '("0.pool.ntp.org"
    "1.pool.ntp.org"
    "2.pool.ntp.org"))

However, the NTP Pool project requests that operating system vendors
(that's us!) don't use these servers directly [1]:

------
You must get approval from the server operator before you hardcode any
IP addresses or hostnames. This is easy to get if your own organization
runs the NTP servers you are planning to use. In most other cases you
will not get it.

Do not use the standard pool.ntp.org names as a default configuration in
your system. The NTP Pool can offer services for you, but it must be
setup in advance (see below).
------

They recommend we apply for a vendor zone instead [2]. We would not have
to run our own NTP servers.

Does anyone know if GNU or the FSF have a vendor zone we could use?
Otherwise, we should apply for one and adjust our ntp-service.

[0]
https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/services/networking.scm?id=ec5c24f9a8421172a0cf9133d512014b31815a76#n336

[1]
http://www.pool.ntp.org/en/vendors.html#basic-guidelines

[2]
http://www.pool.ntp.org/en/vendors.html#vendor-zone

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

bug#27759: NTP pool vendor zone

[Ludovic Courtès]

Leo Famulari <leo@famulari.name> skribis:

> Currently our ntp-service uses the top-level NTP pool servers [0]:
>
> (define %ntp-servers
>   ;; Default set of NTP servers.
>   '("0.pool.ntp.org"
>     "1.pool.ntp.org"
>     "2.pool.ntp.org"))
>
> However, the NTP Pool project requests that operating system vendors
> (that's us!) don't use these servers directly [1]:

Oops!  I had read about this before and then forgot.

> They recommend we apply for a vendor zone instead [2]. We would not have
> to run our own NTP servers.
>
> Does anyone know if GNU or the FSF have a vendor zone we could use?
> Otherwise, we should apply for one and adjust our ntp-service.

Apparently 1.gnu.pool.ntp.org does not exist, so I suppose we can apply
for one.

I’ll email the GNU maintainer list to let them know and double-check.

Thanks,
LUdo’.

bug#27759: NTP pool vendor zone

[Leo Famulari]

[-- Attachment #1: Type: text/plain, Size: 604 bytes --]

On Wed, Jul 19, 2017 at 10:40:20PM +0200, Ludovic Courtès wrote:
> Leo Famulari <leo@famulari.name> skribis:
> > They recommend we apply for a vendor zone instead [2]. We would not have
> > to run our own NTP servers.
> >
> > Does anyone know if GNU or the FSF have a vendor zone we could use?
> > Otherwise, we should apply for one and adjust our ntp-service.
> 
> Apparently 1.gnu.pool.ntp.org does not exist, so I suppose we can apply
> for one.
> 
> I’ll email the GNU maintainer list to let them know and double-check.

Based on that discussion, I've applied for guix.pool.ntp.org.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

bug#27759: NTP pool vendor zone

[Leo Famulari]

[-- Attachment #1.1: Type: text/plain, Size: 918 bytes --]

On Thu, Jul 20, 2017 at 02:59:14PM -0400, Leo Famulari wrote:
> On Wed, Jul 19, 2017 at 10:40:20PM +0200, Ludovic Courtès wrote:
> > Leo Famulari <leo@famulari.name> skribis:
> > > They recommend we apply for a vendor zone instead [2]. We would not have
> > > to run our own NTP servers.
> > >
> > > Does anyone know if GNU or the FSF have a vendor zone we could use?
> > > Otherwise, we should apply for one and adjust our ntp-service.
> > 
> > Apparently 1.gnu.pool.ntp.org does not exist, so I suppose we can apply
> > for one.
> > 
> > I’ll email the GNU maintainer list to let them know and double-check.
> 
> Based on that discussion, I've applied for guix.pool.ntp.org.

The DNS for {0,1,2,3}.guix.pool.ntp.org is live, and the attached patch
is working for me.

I think we should document that I am the administrative contact for the
"zone". Any suggestions for where to document that?

[-- Attachment #1.2: 0001-services-ntp-Use-the-NTP-pool-via-the-guix-zone.patch --]
[-- Type: text/plain, Size: 937 bytes --]

From e8fd9d703dba134dab7f008951e68d11d3d2ca21 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Sat, 29 Jul 2017 20:43:40 -0400
Subject: [PATCH] services: ntp: Use the NTP pool via the 'guix' zone.

* gnu/services/networking.scm (%ntp-servers): Use *.guix.pool.ntp.org.
---
 gnu/services/networking.scm | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
index c38158189..b52af69b4 100644
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@@ -335,9 +335,10 @@ Protocol (DHCP) client, on all the non-loopback network interfaces."
 
 (define %ntp-servers
   ;; Default set of NTP servers.
-  '("0.pool.ntp.org"
-    "1.pool.ntp.org"
-    "2.pool.ntp.org"))
+  '("0.guix.pool.ntp.org"
+    "1.guix.pool.ntp.org"
+    "2.guix.pool.ntp.org"
+    "3.guix.pool.ntp.org"))
 
 \f
 ;;;
-- 
2.13.3


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

bug#27759: NTP pool vendor zone

[Ludovic Courtès]

Hi Leo!

Leo Famulari <leo@famulari.name> skribis:

> On Thu, Jul 20, 2017 at 02:59:14PM -0400, Leo Famulari wrote:
>> On Wed, Jul 19, 2017 at 10:40:20PM +0200, Ludovic Courtès wrote:
>> > Leo Famulari <leo@famulari.name> skribis:
>> > > They recommend we apply for a vendor zone instead [2]. We would not have
>> > > to run our own NTP servers.
>> > >
>> > > Does anyone know if GNU or the FSF have a vendor zone we could use?
>> > > Otherwise, we should apply for one and adjust our ntp-service.
>> > 
>> > Apparently 1.gnu.pool.ntp.org does not exist, so I suppose we can apply
>> > for one.
>> > 
>> > I’ll email the GNU maintainer list to let them know and double-check.
>> 
>> Based on that discussion, I've applied for guix.pool.ntp.org.
>
> The DNS for {0,1,2,3}.guix.pool.ntp.org is live, and the attached patch
> is working for me.

Great!

> I think we should document that I am the administrative contact for the
> "zone". Any suggestions for where to document that?

At least as a comment in the definition of ‘%ntp-servers’?

Maybe we should also have a file in guix-maintenance.git listing
specific responsibilities like this, membership to linux-distros or
similar lists, privileged contact with upstream for specific packages,
etc.  WDYT?

> From e8fd9d703dba134dab7f008951e68d11d3d2ca21 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <leo@famulari.name>
> Date: Sat, 29 Jul 2017 20:43:40 -0400
> Subject: [PATCH] services: ntp: Use the NTP pool via the 'guix' zone.
>
> * gnu/services/networking.scm (%ntp-servers): Use *.guix.pool.ntp.org.

Yes!  :-)

Thanks,
Ludo’.

bug#27759: NTP pool vendor zone

[Leo Famulari]

[-- Attachment #1: Type: text/plain, Size: 1048 bytes --]

On Sun, Jul 30, 2017 at 02:36:58PM +0200, Ludovic Courtès wrote:
> > I think we should document that I am the administrative contact for the
> > "zone". Any suggestions for where to document that?
> 
> At least as a comment in the definition of ‘%ntp-servers’?
> 
> Maybe we should also have a file in guix-maintenance.git listing
> specific responsibilities like this, membership to linux-distros or
> similar lists, privileged contact with upstream for specific packages,
> etc.  WDYT?

Yes, perhaps, although I'm worried it will fall out of sync and become
more frustrating than useful. For now I added a comment above
%ntp-servers.

> > From e8fd9d703dba134dab7f008951e68d11d3d2ca21 Mon Sep 17 00:00:00 2001
> > From: Leo Famulari <leo@famulari.name>
> > Date: Sat, 29 Jul 2017 20:43:40 -0400
> > Subject: [PATCH] services: ntp: Use the NTP pool via the 'guix' zone.
> >
> > * gnu/services/networking.scm (%ntp-servers): Use *.guix.pool.ntp.org.
> 
> Yes!  :-)

Pushed as 57f57a7bbfe1dbb2092ea082f575706fed03a42f!

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]