From 9d065d1cf5807abf0c5e1fbb36700c3aa6a5a070 Mon Sep 17 00:00:00 2001
From: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Date: Mon, 25 Mar 2024 13:18:13 +0000
Subject: [PATCH] coreos-base/oem-azure: Add chrony to sysext

Along with configuration, tmpfiles setup and service dependencies. The
files are added through normal ebuild mechanisms. The config file is
based on what Ubuntu ships on Azure.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
---
 .../coreos-base/oem-azure/files/chrony.conf   | 65 +++++++++++++++++++
 .../oem-azure/files/etc-chrony.conf           |  3 +
 .../coreos-base/oem-azure/files/manglefs.sh   |  4 +-
 .../oem-azure/files/var-chrony.conf           |  1 +
 .../oem-azure/oem-azure-2.9.1.1-r1.ebuild     | 13 ++++
 5 files changed, 84 insertions(+), 2 deletions(-)
 create mode 100644 sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/chrony.conf
 create mode 100644 sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/etc-chrony.conf
 create mode 100644 sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/var-chrony.conf

diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/chrony.conf b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/chrony.conf
new file mode 100644
index 0000000000..b5714071af
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/chrony.conf
@@ -0,0 +1,65 @@
+# CLOUD_IMG: This file was created/modified by the Cloud Image build process
+# Welcome to the chrony configuration file. See chrony.conf(5) for more
+# information about usable directives.
+
+# Include configuration files found in /etc/chrony/conf.d.
+confdir /etc/chrony/conf.d
+
+# This will use (up to):
+# - 2 sources from 2.ubuntu.pool.ntp.org which is ipv6 enabled as well
+# - 1 source from [013].ubuntu.pool.ntp.org each (ipv4 only atm)
+# This means by default, up to 2 dual-stack and up to 3 additional IPv4-only
+# sources will be used.
+# At the same time it retains some protection against one of the entries being
+# down (compare to just using one of the lines).
+#
+# See http://www.pool.ntp.org/join.html for more information.
+#pool 0.flatcar.pool.ntp.org iburst maxsources 1
+#pool 1.flatcar.pool.ntp.org iburst maxsources 1
+#pool 2.flatcar.pool.ntp.org iburst maxsources 2
+#pool 3.flatcar.pool.ntp.org iburst maxsources 1
+
+# Use time sources from DHCP.
+sourcedir /run/chrony-dhcp
+
+# Use NTP sources found in /etc/chrony/sources.d.
+sourcedir /etc/chrony/sources.d
+
+# This directive specify the location of the file containing ID/key pairs for
+# NTP authentication.
+#keyfile /etc/chrony/chrony.keys
+
+# This directive specify the file into which chronyd will store the rate
+# information.
+driftfile /var/lib/chrony/chrony.drift
+
+# Save NTS keys and cookies.
+ntsdumpdir /var/lib/chrony
+
+# Uncomment the following line to turn logging on.
+#log tracking measurements statistics
+
+# Log files location.
+#logdir /var/log/chrony
+
+# Stop bad estimates upsetting machine clock.
+maxupdateskew 100.0
+
+# This directive enables kernel synchronisation (every 11 minutes) of the
+# real-time clock. Note that it can't be used along with the 'rtcfile' directive.
+rtcsync
+
+# Step the system clock instead of slewing it if the adjustment is larger than
+# one second, but only in the first three clock updates.
+makestep 1.0 -1
+
+# Get TAI-UTC offset and leap seconds from the system tz database.
+# This directive must be commented out when using time sources serving
+# leap-smeared time.
+leapsectz right/UTC
+
+# Azure hosts are synchronized to internal Microsoft time servers
+# that take their time from Microsoft-owned Stratum 1 devices.
+# The Hyper-V drivers surface this time source as a PTP-based
+# time source in the guest. This configures chrony to use it.
+refclock PHC /dev/ptp_hyperv poll 3 dpoll -2 offset 0 stratum 2
diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/etc-chrony.conf b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/etc-chrony.conf
new file mode 100644
index 0000000000..95e9166535
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/etc-chrony.conf
@@ -0,0 +1,3 @@
+d /etc/chrony 0755 root root  - -
+d /etc/chrony/conf.d 0755 root root - -
+L /etc/chrony/chrony.conf - - - - ../../usr/share/oem-azure/chrony.conf
diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/manglefs.sh b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/manglefs.sh
index 03518b7169..29331dde04 100755
--- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/manglefs.sh
+++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/manglefs.sh
@@ -18,5 +18,5 @@ ln -sf /usr/bin/true "${rootfs}/usr/bin/eject"
 # At runtime we need the agent to write systemd.service to /etc but during
 # package creation it needs to be /usr/lib. waagent uses the same function in
 # both cases, so mangle manually.
-mkdir -p "${rootfs}"/usr/lib/systemd
-mv "${rootfs}"/{etc,usr/lib}/systemd/system
+mkdir -p "${rootfs}"/usr/lib/systemd/system
+cp -a "${rootfs}"/{etc,usr/lib}/systemd/system/.
diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/var-chrony.conf b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/var-chrony.conf
new file mode 100644
index 0000000000..09fd5a1a8e
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/var-chrony.conf
@@ -0,0 +1 @@
+d /var/lib/chrony 0770 ntp ntp - -
diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/oem-azure-2.9.1.1-r1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/oem-azure-2.9.1.1-r1.ebuild
index 2deb818840..8bb270c30d 100644
--- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/oem-azure-2.9.1.1-r1.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/oem-azure-2.9.1.1-r1.ebuild
@@ -3,6 +3,8 @@
 
 EAPI=8
 
+inherit systemd tmpfiles
+
 DESCRIPTION="OEM suite for Azure"
 HOMEPAGE="https://azure.microsoft.com/"
 SRC_URI=""
@@ -14,7 +16,18 @@ IUSE=""
 
 RDEPEND="
   ~app-emulation/wa-linux-agent-${PV}
+  net-misc/chrony
 "
 
 # for coreos-base/common-oem-files
 OEM_NAME="Microsoft Azure"
+
+S="${WORKDIR}"
+
+src_install() {
+	systemd_enable_service multi-user.target chronyd.service
+	dotmpfiles "${FILESDIR}"/var-chrony.conf
+	dotmpfiles "${FILESDIR}"/etc-chrony.conf
+	insinto /usr/share/${PN}
+	doins "${FILESDIR}"/chrony.conf
+}