Keep your server on time (ntpd)

It is crucial to set your server's date and time correctly. Even if the hardware is supposed to keep track of time, it sometimes isn't reliable. However, one must avoid time shift or fear database corruption and unexpected behaviour.

OpenNTPD in OpenBSD's base installation will ensure your server is on time.

Install

Nothing to do 😃, it's already there.

Just enable ntpd daemon and you're good to go :

# rcctl enable ntpd

Configure

Edit "/etc/ntpd.conf" file. You may copy the example at "/etc/examples/ntpd.conf"

# use a random selection of NTP Pool Time Servers           
# see http://support.ntp.org/bin/view/Servers/NTPPoolServers                                                            
servers pool.ntp.org          
# time server with excellent global adjacency               
server time.cloudflare.com    
# use all detected timedelta sensors                        
sensor *                     
# get the time constraint from a well-known HTTPS site      
constraint from "9.9.9.9"               # quad9 v4 without DNS 
constraint from "2620:fe::fe"           # quad9 v6 without DNS 
constraints from "www.openbsd.org"      # intentionally not 199.185.178.80 

Actually, default configuration is fine 😉.

You just don't want to be a NTP server telling others what time it is, so let "listen on *" commented.

You choose a few public ntp server you "trust", then use every sensors availables. Finally, add some contraints from well known IP and end with a https website using it's domain name (a domain name resolution is required).

Finally, restart ntpd :

# rcctl restart ntpd

It's all good 😊.