diff --git a/REFERENCE.md b/REFERENCE.md
index b6cea39..db17e59 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -1,39 +1,41 @@
# Reference
-
## Table of Contents
-### Classes
+**Classes**
-#### Public Classes
+_Public Classes_
* [`chrony`](#chrony): Installs and configures chrony
-#### Private Classes
+_Private Classes_
* `chrony::config`: Configures chrony
* `chrony::install`: Installs chrony
* `chrony::service`: Manages the chrony service
-### Functions
+**Functions**
+
+_Public Functions_
+
-#### Private Functions
+_Private Functions_
* `chrony::server_array_to_hash`: Function to normalise servers/pools/peers
-### Data types
+**Data types**
-* [`Chrony::Servers`](#Chrony--Servers): Type for the `servers`, `pools` and `peers` parameters.
+* [`Chrony::Servers`](#chronyservers): Type for the `servers`, `pools` and `peers` parameters.
## Classes
-### `chrony`
+### chrony
Installs and configures chrony
* **See also**
- * https://chrony.tuxfamily.org
+https://chrony.tuxfamily.org
#### Examples
@@ -124,100 +126,26 @@ class { 'chrony':
#### Parameters
-The following parameters are available in the `chrony` class:
-
-* [`bindaddress`](#-chrony--bindaddress)
-* [`bindcmdaddress`](#-chrony--bindcmdaddress)
-* [`initstepslew`](#-chrony--initstepslew)
-* [`sourcedir`](#-chrony--sourcedir)
-* [`confdir`](#-chrony--confdir)
-* [`cmdacl`](#-chrony--cmdacl)
-* [`cmdport`](#-chrony--cmdport)
-* [`commandkey`](#-chrony--commandkey)
-* [`chrony_password`](#-chrony--chrony_password)
-* [`config`](#-chrony--config)
-* [`config_template`](#-chrony--config_template)
-* [`config_keys`](#-chrony--config_keys)
-* [`config_keys_manage`](#-chrony--config_keys_manage)
-* [`config_keys_template`](#-chrony--config_keys_template)
-* [`config_keys_owner`](#-chrony--config_keys_owner)
-* [`config_keys_group`](#-chrony--config_keys_group)
-* [`config_keys_mode`](#-chrony--config_keys_mode)
-* [`keys`](#-chrony--keys)
-* [`driftfile`](#-chrony--driftfile)
-* [`local_stratum`](#-chrony--local_stratum)
-* [`ntpsigndsocket`](#-chrony--ntpsigndsocket)
-* [`stratumweight`](#-chrony--stratumweight)
-* [`log_options`](#-chrony--log_options)
-* [`logbanner`](#-chrony--logbanner)
-* [`logchange`](#-chrony--logchange)
-* [`package_ensure`](#-chrony--package_ensure)
-* [`package_name`](#-chrony--package_name)
-* [`package_source`](#-chrony--package_source)
-* [`package_provider`](#-chrony--package_provider)
-* [`peers`](#-chrony--peers)
-* [`servers`](#-chrony--servers)
-* [`pools`](#-chrony--pools)
-* [`minsources`](#-chrony--minsources)
-* [`minsamples`](#-chrony--minsamples)
-* [`refclocks`](#-chrony--refclocks)
-* [`makestep_seconds`](#-chrony--makestep_seconds)
-* [`makestep_updates`](#-chrony--makestep_updates)
-* [`queryhosts`](#-chrony--queryhosts)
-* [`denyqueryhosts`](#-chrony--denyqueryhosts)
-* [`port`](#-chrony--port)
-* [`service_enable`](#-chrony--service_enable)
-* [`service_ensure`](#-chrony--service_ensure)
-* [`service_manage`](#-chrony--service_manage)
-* [`service_name`](#-chrony--service_name)
-* [`wait_enable`](#-chrony--wait_enable)
-* [`wait_ensure`](#-chrony--wait_ensure)
-* [`wait_manage`](#-chrony--wait_manage)
-* [`wait_name`](#-chrony--wait_name)
-* [`smoothtime`](#-chrony--smoothtime)
-* [`mailonchange`](#-chrony--mailonchange)
-* [`threshold`](#-chrony--threshold)
-* [`lock_all`](#-chrony--lock_all)
-* [`sched_priority`](#-chrony--sched_priority)
-* [`leapsecmode`](#-chrony--leapsecmode)
-* [`leapsectz`](#-chrony--leapsectz)
-* [`maxdistance`](#-chrony--maxdistance)
-* [`maxslewrate`](#-chrony--maxslewrate)
-* [`ntsserverkey`](#-chrony--ntsserverkey)
-* [`ntsservercert`](#-chrony--ntsservercert)
-* [`ntsport`](#-chrony--ntsport)
-* [`maxntsconnections`](#-chrony--maxntsconnections)
-* [`ntsprocesses`](#-chrony--ntsprocesses)
-* [`ntsdumpdir`](#-chrony--ntsdumpdir)
-* [`ntsntpserver`](#-chrony--ntsntpserver)
-* [`ntsrotate`](#-chrony--ntsrotate)
-* [`clientlog`](#-chrony--clientlog)
-* [`clientloglimit`](#-chrony--clientloglimit)
-* [`rtcsync`](#-chrony--rtcsync)
-* [`rtconutc`](#-chrony--rtconutc)
-* [`hwtimestamps`](#-chrony--hwtimestamps)
-* [`dumpdir`](#-chrony--dumpdir)
-* [`maxupdateskew`](#-chrony--maxupdateskew)
-* [`acquisitionport`](#-chrony--acquisitionport)
-
-##### `bindaddress`
+The following parameters are available in the `chrony` class.
+
+##### `bindaddress`
Data type: `Array[Stdlib::IP::Address]`
Array of addresses of interfaces on which chronyd will listen for NTP traffic.
Listens on all addresses if left empty.
-Default value: `[]`
+Default value: []
-##### `bindcmdaddress`
+##### `bindcmdaddress`
Data type: `Array[String]`
Array of addresses of interfaces on which chronyd will listen for monitoring command packets.
-Default value: `['127.0.0.1', '::1']`
+Default value: ['127.0.0.1', '::1']
-##### `initstepslew`
+##### `initstepslew`
Data type: `Optional[String]`
@@ -226,7 +154,7 @@ and to correct the system clock by stepping before normal operation begins.
Default value: `undef`
-##### `sourcedir`
+##### `sourcedir`
Data type: `Optional[Stdlib::Absolutepath]`
@@ -234,7 +162,7 @@ The confdir directive includes configuration files with the .conf suffix from a
Default value: `undef`
-##### `confdir`
+##### `confdir`
Data type: `Optional[Stdlib::Absolutepath]`
@@ -242,7 +170,7 @@ The sourcedir directive is identical to the confdir directive, except the config
Default value: `undef`
-##### `cmdacl`
+##### `cmdacl`
Data type: `Array[String]`
@@ -252,9 +180,9 @@ the time of generating the configuration. The argument of the allow or deny
commands can be an address, a partial address or a subnet (see manpage for more
details).
-Default value: `[]`
+Default value: []
-##### `cmdport`
+##### `cmdport`
Data type: `Optional[Stdlib::Port]`
@@ -263,15 +191,15 @@ to be altered from its default (323).
Default value: `undef`
-##### `commandkey`
+##### `commandkey`
Data type: `NotUndef`
This sets the key ID used by chronyc to authenticate to chronyd.
-Default value: `0`
+Default value: 0
-##### `chrony_password`
+##### `chrony_password`
Data type: `Variant[Sensitive[String[1]], String[1]]`
@@ -279,33 +207,33 @@ This sets the chrony password to be used in the key file.
By default a short fixed string is used. If set explicitly to
'unset' then no password will be added to the keys file by puppet.
-Default value: `'xyzzy'`
+Default value: 'xyzzy'
-##### `config`
+##### `config`
Data type: `Stdlib::Unixpath`
This sets the file to write chrony configuration into.
-Default value: `'/etc/chrony/chrony.conf'`
+Default value: '/etc/chrony/chrony.conf'
-##### `config_template`
+##### `config_template`
Data type: `String[1]`
This determines which template puppet should use for the chrony configuration.
-Default value: `'chrony/chrony.conf.epp'`
+Default value: 'chrony/chrony.conf.epp'
-##### `config_keys`
+##### `config_keys`
Data type: `Variant[Stdlib::Unixpath,String[0,0]]`
This sets the file to write chrony keys into. Set to '' to remove `keyfile` attribute from the config.
-Default value: `'/etc/chrony/chrony.keys'`
+Default value: '/etc/chrony/chrony.keys'
-##### `config_keys_manage`
+##### `config_keys_manage`
Data type: `Boolean`
@@ -313,55 +241,55 @@ Determines whether puppet will manage the content of the keys file after it has
Default value: `true`
-##### `config_keys_template`
+##### `config_keys_template`
Data type: `String[1]`
This determines which template puppet should use for the chrony key file.
-Default value: `'chrony/chrony.keys.epp'`
+Default value: 'chrony/chrony.keys.epp'
-##### `config_keys_owner`
+##### `config_keys_owner`
Data type: `Variant[Integer[0],String[1]]`
Specify unix owner of chrony keys file, defaults to 0.
-Default value: `0`
+Default value: 0
-##### `config_keys_group`
+##### `config_keys_group`
Data type: `Variant[Integer[0],String[1]]`
Specify unix group of chrony keys files, defaults to 0 on ArchLinux and chrony on Redhat.
-Default value: `0`
+Default value: 0
-##### `config_keys_mode`
+##### `config_keys_mode`
Data type: `Stdlib::Filemode`
Specify unix mode of chrony keys files, defaults to 0644 on ArchLinux and 0640 on Redhat.
-Default value: `'0640'`
+Default value: '0640'
-##### `keys`
+##### `keys`
Data type: `Array[String[1]]`
An array of key lines. These are printed as-is into the chrony key file.
-Default value: `[]`
+Default value: []
-##### `driftfile`
+##### `driftfile`
Data type: `Stdlib::Unixpath`
A file for chrony to record clock drift in.
-Default value: `'/var/lib/chrony/drift'`
+Default value: '/var/lib/chrony/drift'
-##### `local_stratum`
+##### `local_stratum`
Data type: `Variant[Boolean[false],Integer[1,15]]`
@@ -369,9 +297,9 @@ Override the stratum of the server which will be reported to clients
when the local reference is active. Use `false` to not set local_stratum in
chrony configuration.
-Default value: `10`
+Default value: 10
-##### `ntpsigndsocket`
+##### `ntpsigndsocket`
Data type: `Optional[Stdlib::Unixpath]`
@@ -379,7 +307,7 @@ This sets the location of the Samba ntp_signd socket when it is running as a Dom
Default value: `undef`
-##### `stratumweight`
+##### `stratumweight`
Data type: `Optional[Numeric]`
@@ -389,7 +317,7 @@ When not set, chronyd's default will be used, which since version 2.0 of chrony,
Default value: `undef`
-##### `log_options`
+##### `log_options`
Data type: `Optional[String[1]]`
@@ -397,7 +325,7 @@ Specify which information is to be logged.
Default value: `undef`
-##### `logbanner`
+##### `logbanner`
Data type: `Optional[Integer[0]]`
@@ -405,7 +333,7 @@ Specify how often the log banner is placed in the logfile.
Default value: `undef`
-##### `logchange`
+##### `logchange`
Data type: `Float`
@@ -413,26 +341,26 @@ Sets the threshold for the adjustment of the system clock that will generate a s
Clock errors detected via NTP packets, reference clocks, or timestamps entered via the settime
command of chronyc are logged.
-Default value: `0.5`
+Default value: 0.5
-##### `package_ensure`
+##### `package_ensure`
Data type: `String[1]`
This can be set to 'present' or 'latest' or a specific version to choose the
chrony package to be installed.
-Default value: `'present'`
+Default value: 'present'
-##### `package_name`
+##### `package_name`
Data type: `String[1]`
This determines the name of the package to install.
-Default value: `'chrony'`
+Default value: 'chrony'
-##### `package_source`
+##### `package_source`
Data type: `Optional[String]`
@@ -441,7 +369,7 @@ Source for the package when not wanting to install from a package repository. T
Default value: `undef`
-##### `package_provider`
+##### `package_provider`
Data type: `Optional[String]`
@@ -450,16 +378,16 @@ Also see [`package_source`](#package_source).
Default value: `undef`
-##### `peers`
+##### `peers`
Data type: `Chrony::Servers`
This selects the servers to use for NTP peers (symmetric association).
It can be an array of peers or a hash of peers with their respective options.
-Default value: `[]`
+Default value: []
-##### `servers`
+##### `servers`
Data type: `Chrony::Servers`
@@ -467,18 +395,14 @@ This selects the servers to use for NTP servers. It can be an array of servers
or a hash of servers to their respective options. If an array is used, `iburst` will be configured for each server.
If you don't want to use `iburst`, use a hash instead.
-Default value:
-
-```puppet
-{
+Default value: {
'0.pool.ntp.org' => ['iburst'],
'1.pool.ntp.org' => ['iburst'],
'2.pool.ntp.org' => ['iburst'],
'3.pool.ntp.org' => ['iburst'],
}
-```
-##### `pools`
+##### `pools`
Data type: `Chrony::Servers`
@@ -486,9 +410,9 @@ This is used to specify one or more *pools* of NTP servers to use instead of ind
Similar to [`server`](#server), it can be an array of pools, (using iburst), or a hash of pools to their respective options.
See [pool](https://chrony.tuxfamily.org/doc/3.4/chrony.conf.html#pool)
-Default value: `{}`
+Default value: {}
-##### `minsources`
+##### `minsources`
Data type: `Optional[Integer[1]]`
@@ -497,7 +421,7 @@ before the local clock is updated.
Default value: `undef`
-##### `minsamples`
+##### `minsamples`
Data type: `Optional[Integer[1]]`
@@ -505,24 +429,23 @@ Specifies the minimum number of readings kept for tracking of the NIC clock.
Default value: `undef`
-##### `refclocks`
+##### `refclocks`
-Data type: `Array`
+Data type: `Hash`
This should be a Hash of hardware reference clock drivers to use. They hash
-can either list a single list of options for the driver, or any array of
-multiple options if the same driver is used for multiple hardware clocks.
+should be an array of hardware clocks and their options for that driver.
Example:
```puppet
refclocks => { 'PPS' => [ '/dev/pps0 lock NMEA refid GPS',
'/dev/pps1:clear refid GPS2' ],
- 'SHM' => '0 offset 0.5 delay 0.2 refid NMEA noselect' }
+ 'SHM' => [ '0 offset 0.5 delay 0.2 refid NMEA noselect' ] }
```
-Default value: `[]`
+Default value: {}
-##### `makestep_seconds`
+##### `makestep_seconds`
Data type: `Numeric`
@@ -531,9 +454,9 @@ Normally chronyd will cause the system to gradually correct any time offset, by
If the adjustment is larger than `makestep_seconds`, chronyd will step the clock.
Also see [`makestep_updates`](#makestep_updates).
-Default value: `10`
+Default value: 10
-##### `makestep_updates`
+##### `makestep_updates`
Data type: `Integer`
@@ -542,26 +465,26 @@ Chronyd will step the time only if there have been no more than `makestep_update
Set to a negative value to disable the limit (useful for virtual machines and laptops that may get suspended for a prolonged time).
Also see [`makestep_seconds`](#makestep_seconds).
-Default value: `3`
+Default value: 3
-##### `queryhosts`
+##### `queryhosts`
Data type: `Array[String[0]]`
This adds the networks, hosts that are allowed to query the daemon.
-Default value: `[]`
+Default value: []
-##### `denyqueryhosts`
+##### `denyqueryhosts`
Data type: `Array[String[0]]`
Similar to queryhosts, except that it denies NTP client access to a particular subnet or host,
rather than allowing it.
-Default value: `[]`
+Default value: []
-##### `port`
+##### `port`
Data type: `Optional[Stdlib::Port]`
@@ -571,7 +494,7 @@ isn't added to chrony.conf, and chrony listens to the default ntp port 123 if
Default value: `undef`
-##### `service_enable`
+##### `service_enable`
Data type: `Boolean`
@@ -579,15 +502,15 @@ This determines if the service should be enabled at boot.
Default value: `true`
-##### `service_ensure`
+##### `service_ensure`
Data type: `Stdlib::Ensure::Service`
This determines if the service should be running or not.
-Default value: `'running'`
+Default value: 'running'
-##### `service_manage`
+##### `service_manage`
Data type: `Boolean`
@@ -595,15 +518,15 @@ This selects if puppet should manage the service in the first place.
Default value: `true`
-##### `service_name`
+##### `service_name`
Data type: `String[1]`
This selects the name of the chrony service for puppet to manage.
-Default value: `'chronyd'`
+Default value: 'chronyd'
-##### `wait_enable`
+##### `wait_enable`
Data type: `Boolean`
@@ -611,15 +534,15 @@ This determines if the chrony-wait service should be enabled at boot.
Default value: `false`
-##### `wait_ensure`
+##### `wait_ensure`
Data type: `Stdlib::Ensure::Service`
This determines if the chrony-wait service should be running or not.
-Default value: `'stopped'`
+Default value: 'stopped'
-##### `wait_manage`
+##### `wait_manage`
Data type: `Boolean`
@@ -627,15 +550,15 @@ This selects if puppet should manage the chrony-wait service in the first place.
Default value: `false`
-##### `wait_name`
+##### `wait_name`
Data type: `String[1]`
This selects the name of the chrony-wait service for puppet to manage.
-Default value: `'chrony-wait.service'`
+Default value: 'chrony-wait.service'
-##### `smoothtime`
+##### `smoothtime`
Data type: `Optional[String]`
@@ -643,7 +566,7 @@ Specify the smoothing of the time parameter as a string, for example `smoothtime
Default value: `undef`
-##### `mailonchange`
+##### `mailonchange`
Data type: `Optional[String[1]]`
@@ -651,15 +574,15 @@ Specify the mail you wanna alert when chronyd executes a sync grater than the `t
Default value: `undef`
-##### `threshold`
+##### `threshold`
Data type: `Float`
Specify the time limit for triggering events.
-Default value: `0.5`
+Default value: 0.5
-##### `lock_all`
+##### `lock_all`
Data type: `Boolean`
@@ -667,7 +590,7 @@ Force chrony to only use RAM & prevent swapping.
Default value: `false`
-##### `sched_priority`
+##### `sched_priority`
Data type: `Optional[Integer[0,100]]`
@@ -675,7 +598,7 @@ Set the CPU thread scheduler, this value is OS specific.
Default value: `undef`
-##### `leapsecmode`
+##### `leapsecmode`
Data type: `Optional[Enum['system', 'step', 'slew', 'ignore']]`
@@ -683,7 +606,7 @@ Configures how to insert the leap second mode.
Default value: `undef`
-##### `leapsectz`
+##### `leapsectz`
Data type: `Optional[String]`
@@ -691,7 +614,7 @@ Specifies a timezone that chronyd can use to determine the offset between UTC an
Default value: `undef`
-##### `maxdistance`
+##### `maxdistance`
Data type: `Optional[Float]`
@@ -699,7 +622,7 @@ Sets the maximum root distance of a source to be acceptable for synchronisation
Default value: `undef`
-##### `maxslewrate`
+##### `maxslewrate`
Data type: `Optional[Float]`
@@ -707,7 +630,7 @@ Maximum rate for chronyd to slew the time. Only float type values possible, for
Default value: `undef`
-##### `ntsserverkey`
+##### `ntsserverkey`
Data type: `Optional[Stdlib::Absolutepath]`
@@ -715,7 +638,7 @@ This directive specifies a file containing a private key in the PEM format for c
Default value: `undef`
-##### `ntsservercert`
+##### `ntsservercert`
Data type: `Optional[Stdlib::Absolutepath]`
@@ -723,7 +646,7 @@ This directive specifies a file containing a certificate in the PEM format for c
Default value: `undef`
-##### `ntsport`
+##### `ntsport`
Data type: `Optional[Stdlib::Port]`
@@ -731,7 +654,7 @@ This directive specifies the TCP port on which chronyd will provide the NTS Key
Default value: `undef`
-##### `maxntsconnections`
+##### `maxntsconnections`
Data type: `Optional[Integer[0]]`
@@ -739,7 +662,7 @@ This directive specifies the maximum number of concurrent NTS-KE connections per
Default value: `undef`
-##### `ntsprocesses`
+##### `ntsprocesses`
Data type: `Optional[Integer[0]]`
@@ -748,7 +671,7 @@ This directive specifies how many helper processes will chronyd operating as an
Default value: `undef`
-##### `ntsdumpdir`
+##### `ntsdumpdir`
Data type: `Optional[Stdlib::Absolutepath]`
@@ -756,7 +679,7 @@ This directive specifies a directory where chronyd operating as an NTS server ca
Default value: `undef`
-##### `ntsntpserver`
+##### `ntsntpserver`
Data type: `Optional[String]`
@@ -765,7 +688,7 @@ This directive specifies the hostname (as a fully qualified domain name) or addr
Default value: `undef`
-##### `ntsrotate`
+##### `ntsrotate`
Data type: `Optional[Integer[0]]`
@@ -773,7 +696,7 @@ This directive specifies the rotation interval (in seconds) of the server key wh
Default value: `undef`
-##### `clientlog`
+##### `clientlog`
Data type: `Boolean`
@@ -781,7 +704,7 @@ Determines whether to log client accesses.
Default value: `false`
-##### `clientloglimit`
+##### `clientloglimit`
Data type: `Optional[Integer]`
@@ -791,7 +714,7 @@ See [clientloglimit](https://chrony.tuxfamily.org/doc/3.4/chrony.conf.html#clien
Default value: `undef`
-##### `rtcsync`
+##### `rtcsync`
Data type: `Boolean`
@@ -799,7 +722,7 @@ Sync system clock to RTC periodically
Default value: `true`
-##### `rtconutc`
+##### `rtconutc`
Data type: `Boolean`
@@ -809,16 +732,16 @@ See [rtconutc](https://chrony.tuxfamily.org/doc/3.4/chrony.conf.html#rtconutc)
Default value: `false`
-##### `hwtimestamps`
+##### `hwtimestamps`
Data type: `Variant[Hash,Array[String]]`
This selects interfaces to enable hardware timestamps on. It can be an array of
interfaces or a hash of interfaces to their respective options.
-Default value: `[]`
+Default value: []
-##### `dumpdir`
+##### `dumpdir`
Data type: `Optional[Stdlib::Unixpath]`
@@ -826,7 +749,7 @@ Directory to store measurement history in on exit.
Default value: `undef`
-##### `maxupdateskew`
+##### `maxupdateskew`
Data type: `Optional[Float]`
@@ -834,7 +757,7 @@ Sets the threshold for determining whether an estimate might be so unreliable th
Default value: `undef`
-##### `acquisitionport`
+##### `acquisitionport`
Data type: `Optional[Integer[1,65535]]`
@@ -842,9 +765,11 @@ Sets the acquisitionport for client queries
Default value: `undef`
+## Functions
+
## Data types
-### `Chrony::Servers`
+### Chrony::Servers
This type is for the `servers`, `pools` and `peers` parameters.
diff --git a/manifests/init.pp b/manifests/init.pp
index d024d8d..31bd7dd 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -146,14 +146,13 @@
# Specifies the minimum number of readings kept for tracking of the NIC clock.
# @param refclocks
# This should be a Hash of hardware reference clock drivers to use. They hash
-# can either list a single list of options for the driver, or any array of
-# multiple options if the same driver is used for multiple hardware clocks.
+# should be an array of hardware clocks and their options for that driver.
#
# Example:
# ```puppet
# refclocks => { 'PPS' => [ '/dev/pps0 lock NMEA refid GPS',
# '/dev/pps1:clear refid GPS2' ],
-# 'SHM' => '0 offset 0.5 delay 0.2 refid NMEA noselect' }
+# 'SHM' => [ '0 offset 0.5 delay 0.2 refid NMEA noselect' ] }
# ```
# @param makestep_seconds
# Configures the [`makestep`](https://chrony.tuxfamily.org/doc/3.4/chrony.conf.html#makestep) `threshold`.
@@ -275,7 +274,7 @@
String[1] $package_name = 'chrony',
Optional[String] $package_source = undef,
Optional[String] $package_provider = undef,
- Array $refclocks = [],
+ Hash $refclocks = {},
Chrony::Servers $peers = [],
Chrony::Servers $servers = {
'0.pool.ntp.org' => ['iburst'],
diff --git a/templates/chrony.conf.epp b/templates/chrony.conf.epp
index ed114c8..f562505 100644
--- a/templates/chrony.conf.epp
+++ b/templates/chrony.conf.epp
@@ -157,8 +157,10 @@ log <%= $chrony::log_options %>
<% } -%>
<% unless $chrony::refclocks.empty { -%>
-<% $chrony::refclocks.each |$driver| { -%>
-refclock <%= $driver.flatten.join(' ') %>
+<% $chrony::refclocks.each |$driver, $clocks| { -%>
+<% $clocks.each |$clock| { -%>
+refclock <%= $driver %> <%= $clock %>
+<% } -%>
<% } -%>
<% } -%>
<% if $chrony::lock_all { -%>