Global Variables and Configuration File Initialization

The use of global variables (optNTPServer, optFallbackNTPServer) is generally discouraged as it can lead to issues with state management, especially in a multi-threaded environment. Consider encapsulating these within the timesyncd struct to better manage their scope and lifecycle.

Suggest encapsulating global variables within the timesyncd struct:

-type timesyncd struct {
-	conn  *dbus.Conn
-	props *prop.Properties
+type timesyncd struct {
+	conn                *dbus.Conn
+	props               *prop.Properties
+	optNTPServer        []string
+	optFallbackNTPServer []string
}

Committable suggestion was skipped due to low confidence.

Function setNTPServer Review

This function handles the setting of NTP servers via D-Bus properties. The error handling and type assertion are correctly implemented. However, the function directly modifies a global variable, which could lead to race conditions or other concurrency issues. Consider using a mutex or similar synchronization mechanism if the API is expected to handle concurrent modifications.

Suggest adding synchronization to handle concurrent access:

+import "sync"

+var mutex sync.Mutex

func setNTPServer(c *prop.Change) *dbus.Error {
+	mutex.Lock()
+	defer mutex.Unlock()
	...
}

Committable suggestion was skipped due to low confidence.

Review of Line Processing Functions: processPresent and processAbsent

These functions contain complex logic for inserting or removing lines based on the provided parameters. The error handling for conflicting Before and After parameters is correctly implemented. However, the regex compilation inside the loop (lines 113, 114, 162, 163) should be moved outside the loop to optimize performance, as compiling the same regex repeatedly is inefficient.

Consider refactoring to compile the regex expressions once before the loop starts to enhance performance.

- afterRegexp, _ := re.Compile(params.After)
- beforeRegexp, _ := re.Compile(params.Before)
+ var afterRegexp, beforeRegexp *re.Regexp
+ var err error
+ if params.After != "" {
+     afterRegexp, err = re.Compile(params.After)
+     if err != nil {
+         return nil, err
+     }
+ }
+ if params.Before != "" {
+     beforeRegexp, err = re.Compile(params.Before)
+     if err != nil {
+         return nil, err
+     }
+ }

Also applies to: 152-190

Review of Auxiliary Method: Find

The Find method provides functionality to search for a line based on a regex, optionally after a certain line. The implementation handles file existence checks and reads the file content correctly. The separation of the regex matching logic into processFind is a good practice, keeping the Find method clean and focused. However, the error handling could be improved by logging errors consistently as done in other methods.

Enhance error handling by adding logging for all errors in the Find method to maintain consistency with other methods in the file.

- fmt.Print(err)
+ logging.Error.Printf("Error reading file %s: %s", l.FilePath, err)

To avoid clash with the go time package, I'd go for something else, like timesync.

I wanted to have the same prefix for the DBus interfaces controlling other time-related features in the future, and so far we've got it synchronized with package naming. In the end the only clash is in the main file, where it can be simply aliased.

To me this is mostly about filling the gap of missing D-Bus interfaces in systemd. Ideally, we would extend systemd, but this is much more time consuming, so I am fine doing our thing now here.

But, with that in mind, I think it make sense to align with the systemd D-Bus naming: Systemd has two time/date related D-Bus services: org.freedesktop.timesync1 and org.freedesktop.timedate1. What we currently miss is setting the system NTP server, which most likely should be part of the org.freedesktop.timesync1 service.

Rather than the Systemd D-Bus naming, consider naming of our D-Bus interfaces - now it's io.hass.os.Time.Timesyncd, which is implemented in time/timesyncd.go. If we added e.g. interface for timezone setting (leave aside the fact there's some method in org.freedesktop.timedate1 that might be used instead), a logical path would be io.hass.os.Time.Timezone and the implementation would go to time/timezone.go. If the package should be renamed, then we should also adjust D-Bus paths and interfaces.

With the other discussion in mind, it kinda seems what we need to build here is mostly a systemd config file manager. So aligning the naming to the config file names probably make sense 🤔

Hm, did you consider using something existing? There is for instance this library: https://github.com/sergeymakinen/go-systemdconf. Not sure if works for the daemon config files, the systemd.syntax man page says it has the same syntax so might work actually.

Yeah, I did some research there, most of them seemed too bloated, complex and/or unmaintained, so I didn't want to get trapped in the future by introducing such dependency (e.g. this one depends on 5 years old release of a CSS processing library). In the end I went with the "lineinfile" concept, which is powerful enough it's able to drive configuration changes by many Ansible roles in the real world, and it's easy to understand and troubleshoot.

Hm, yeah unmaintained lib is worse, I agree.

I guess this could be a bit racy, depending on when OS Agent/NetworkManager hook gets called 🤔

The current implementation only touches the persistent configuration file, so NetworkManager hook doesn't affect it in any way. If we want to read the dynamically obtained NTPs written by the NM hook, maybe using a different method/property would be better.

Why do we even need these getters? There is FallbackNTPServers and SystemNTPServers available on the /org/freedesktop/timesync1 object of the org.freedesktop.timesync1 service.

In a way, this interface to me is mainly a stopgap until systemd-timesyncd has a similar functionality.

Those can be amalgamation of multiple configuration files as described in man timesyncd.conf. This interface exposes what is statically configured in the file we'd like to be the source of truth for the configuration. I can imagine the "native" Systemd attributes could be used for sanity checking, raising an issue if the configured value doesn't match what's in the config (which e.g. means user has created extra configuration files). But it would be confusing if you had only the setters, and under some circumstances the getters would return different value than what you have set.

I also doubt that Systemd will ever get similar functionality. There are the runtime NTP servers but those we can't use because we need to apply the configuration before our "configuration daemon" (Supervisor) is started. AFAIK Systemd doesn't have a way to edit configuration files through D-Bus API anywhere, and some things can be only configured only through config files.

Those can be amalgamation of multiple configuration files as described in man timesyncd.conf. This interface exposes what is statically configured in the file we'd like to be the source of truth for the configuration. I can imagine the "native" Systemd attributes could be used for sanity checking, raising an issue if the configured value doesn't match what's in the config (which e.g. means user has created extra configuration files). But it would be confusing if you had only the setters, and under some circumstances the getters would return different value than what you have set.

Right, I definitely would not forward the getter here to D-Bus, that would indeed be confusing.

I am just wonder, if we cannot get away with a more minimal D-Bus interface. Sure, we already have it implemented (with this PR), but there is always maintenance cost.

I also doubt that Systemd will ever get similar functionality. There are the runtime NTP servers but those we can't use because we need to apply the configuration before our "configuration daemon" (Supervisor) is started. AFAIK Systemd doesn't have a way to edit configuration files through D-Bus API anywhere, and some things can be only configured only through config files.

Yeah you probably be right on that there won't be a timesync1 setter. But there is already a systemd-networkd API to set NTP servers:
https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.network1.html#The%20Manager%20Object

I think systemd sees NTP server configuration a network manager thing, just like DNS. And it should be handled and stored by the network manager, and transferred at the appropriate time (the appropriate link is actually ready). I mean, you can imagine a system where you have two network links, each have their own local NTP servers.. You can't simply mix and match in that scenario. Ofc, this won't be the typical HAOS scenario, but it helps to understand how things develop. On the other hand, the system/fallback NTP's will always be global.

Researching a bit more, I came accross this Cockpit issue: cockpit-project/cockpit#7987 (comment)

And the linked systemd issue: systemd/systemd#7593 (comment) and related systemd/systemd#27469. The gist is that systemd-networkd (and I guess with that systemd-timesyncd) lacks a configuration management API. It is all meant to go through files, and that is what it is currently.

Maybe a generic systemd configuration file management API would be better? 🤔 On the other hand, maybe it is better to have OS Agent as a bit of a firewall for this 😅

I think systemd sees NTP server configuration a network manager thing, just like DNS. And it should be handled and stored by the network manager, and transferred at the appropriate time (the appropriate link is actually ready). I mean, you can imagine a system where you have two network links, each have their own local NTP servers.

Yes, but I think this is not achievable without using systemd-networkd at the same time. Currently we store the network config in NetworkManager's config files, where we lack any mechanism to save per-link user-configured NTP servers, so we'd have to introduce one (i.e. have our own config files/attributes of individual NM connections that'd somehow propagate to timesyncd config). But the complexity of such implementation would heavily outweigh any maintenance cost of the current approach to this problem.

Anyway, if we shall consider multihomed setups which even require different NTP servers on individual links, then I think this discussion turns academic. AFAIK most of the multihomed setups are not what HA considers anywhere, leave aside the fact that even just the NTP config alone seems too advanced for some 😅 We really should think about the real use case, and the way we want to handle NTP configuration on user's side.

I agree though that we can take a different approach on this problem and instead of exposing "time subsystem" APIs, we could have "system configuration" instead, if that makes more sense to you.