From 02bb8593cf0c024ad2181cd5d7b3467b992ec6cf Mon Sep 17 00:00:00 2001
From: Andrew Battat <andrew.battat@dfinity.org>
Date: Mon, 13 Jan 2025 23:18:59 +0000
Subject: [PATCH 1/4] Create check-ntp.sh

---
 ic-os/components/setupos-scripts/check-ntp.sh | 38 +++++++++++++++++++
 ic-os/components/setupos-scripts/setupos.sh   |  1 +
 ic-os/components/setupos.bzl                  |  1 +
 3 files changed, 40 insertions(+)
 create mode 100644 ic-os/components/setupos-scripts/check-ntp.sh

diff --git a/ic-os/components/setupos-scripts/check-ntp.sh b/ic-os/components/setupos-scripts/check-ntp.sh
new file mode 100644
index 00000000000..ebf789c3bca
--- /dev/null
+++ b/ic-os/components/setupos-scripts/check-ntp.sh
@@ -0,0 +1,38 @@
+#!/usr/bin/env bash
+
+set -o nounset
+set -o pipefail
+
+SHELL="/bin/bash"
+PATH="/sbin:/bin:/usr/sbin:/usr/bin"
+
+source /opt/ic/bin/functions.sh
+
+function set_hwclock_utc() {
+    echo "* Setting hardware clock to UTC..."
+    timedatectl set-local-rtc 0
+}
+
+function check_ntp() {
+    echo "* Checking Chrony status..."
+
+    systemctl is-active --quiet chrony
+    log_and_halt_installation_on_error "$?" "Chrony service not running or not active."
+
+    if [ "$(timedatectl show -p NTPSynchronized --value)" != "yes" ]; then
+        local service_logs=$(journalctl -u chrony.service --no-pager)
+        local log_message="System clock is not synchronized. Please check NTP configuration.\n\nChrony service logs:\n${service_logs}"
+        log_and_halt_installation_on_error 1 "${log_message}"
+    fi
+
+    echo "* Chrony is running and time is in sync."
+}
+
+main() {
+    log_start "$(basename $0)"
+    set_hwclock_utc
+    check_ntp
+    log_end "$(basename $0)"
+}
+
+main
diff --git a/ic-os/components/setupos-scripts/setupos.sh b/ic-os/components/setupos-scripts/setupos.sh
index 622dc3973fd..bc4065653ff 100755
--- a/ic-os/components/setupos-scripts/setupos.sh
+++ b/ic-os/components/setupos-scripts/setupos.sh
@@ -42,6 +42,7 @@ main() {
     /opt/ic/bin/check-config.sh
     /opt/ic/bin/check-hardware.sh
     /opt/ic/bin/check-network.sh
+    /opt/ic/bin/check-ntp.sh
     if kernel_cmdline_bool_default_true ic.setupos.perform_installation; then
         true
     else
diff --git a/ic-os/components/setupos.bzl b/ic-os/components/setupos.bzl
index b60e576cd8c..1b5606b6a53 100644
--- a/ic-os/components/setupos.bzl
+++ b/ic-os/components/setupos.bzl
@@ -16,6 +16,7 @@ component_files = {
     Label("//ic-os/components/setupos-scripts:check-hardware.sh"): "/opt/ic/bin/check-hardware.sh",
     Label("//ic-os/components/setupos-scripts:install-hostos.sh"): "/opt/ic/bin/install-hostos.sh",
     Label("//ic-os/components/setupos-scripts:check-network.sh"): "/opt/ic/bin/check-network.sh",
+    Label("//ic-os/components/setupos-scripts:check-ntp.sh"): "/opt/ic/bin/check-ntp.sh",
     Label("//ic-os/components/setupos-scripts:output-wrapper.sh"): "/opt/ic/bin/output-wrapper.sh",
     Label("//ic-os/components/setupos-scripts:setupos.sh"): "/opt/ic/bin/setupos.sh",
     Label("//ic-os/components/setupos-scripts:config.service"): "/etc/systemd/system/config.service",

From d345bcf0aecb0dc3fec5c14998cf5589b8f20c14 Mon Sep 17 00:00:00 2001
From: Andrew Battat <andrew.battat@dfinity.org>
Date: Mon, 13 Jan 2025 23:27:04 +0000
Subject: [PATCH 2/4] Fix check_ntp failure logs

---
 ic-os/components/setupos-scripts/check-ntp.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ic-os/components/setupos-scripts/check-ntp.sh b/ic-os/components/setupos-scripts/check-ntp.sh
index ebf789c3bca..540cfb13271 100644
--- a/ic-os/components/setupos-scripts/check-ntp.sh
+++ b/ic-os/components/setupos-scripts/check-ntp.sh
@@ -21,7 +21,7 @@ function check_ntp() {
 
     if [ "$(timedatectl show -p NTPSynchronized --value)" != "yes" ]; then
         local service_logs=$(journalctl -u chrony.service --no-pager)
-        local log_message="System clock is not synchronized. Please check NTP configuration.\n\nChrony service logs:\n${service_logs}"
+        local log_message="System clock is not synchronized.\n\nChrony service logs:\n${service_logs}"
         log_and_halt_installation_on_error 1 "${log_message}"
     fi
 

From d132278487ced0bd7c245bbd0860131c19291f2a Mon Sep 17 00:00:00 2001
From: Andrew Battat <andrew.battat@dfinity.org>
Date: Tue, 14 Jan 2025 16:33:06 +0000
Subject: [PATCH 3/4] Add loop to timedatectl check

---
 ic-os/components/setupos-scripts/check-ntp.sh | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/ic-os/components/setupos-scripts/check-ntp.sh b/ic-os/components/setupos-scripts/check-ntp.sh
index 540cfb13271..4792fad6020 100644
--- a/ic-os/components/setupos-scripts/check-ntp.sh
+++ b/ic-os/components/setupos-scripts/check-ntp.sh
@@ -19,11 +19,19 @@ function check_ntp() {
     systemctl is-active --quiet chrony
     log_and_halt_installation_on_error "$?" "Chrony service not running or not active."
 
-    if [ "$(timedatectl show -p NTPSynchronized --value)" != "yes" ]; then
-        local service_logs=$(journalctl -u chrony.service --no-pager)
-        local log_message="System clock is not synchronized.\n\nChrony service logs:\n${service_logs}"
-        log_and_halt_installation_on_error 1 "${log_message}"
-    fi
+    retries=0
+    max_retries=5
+    while [ "$(timedatectl show -p NTPSynchronized --value)" != "yes" ]; do
+        if [ $retries -ge $max_retries ]; then
+            local service_logs=$(journalctl -u chrony.service --no-pager)
+            local log_message="System clock is not synchronized.\n\nChrony service logs:\n${service_logs}"
+            log_and_halt_installation_on_error 1 "${log_message}"
+        fi
+
+        echo "* Chrony not yet synchronized. Waiting 2 seconds before retry..."
+        sleep 2
+        ((retries++))
+    done
 
     echo "* Chrony is running and time is in sync."
 }

From 25a080f085dc3f970873bc5083c5638be2a4c298 Mon Sep 17 00:00:00 2001
From: Andrew Battat <andrew.battat@dfinity.org>
Date: Tue, 14 Jan 2025 19:51:12 +0000
Subject: [PATCH 4/4] Update max_retries

---
 ic-os/components/setupos-scripts/check-ntp.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ic-os/components/setupos-scripts/check-ntp.sh b/ic-os/components/setupos-scripts/check-ntp.sh
index 4792fad6020..15d0b370217 100644
--- a/ic-os/components/setupos-scripts/check-ntp.sh
+++ b/ic-os/components/setupos-scripts/check-ntp.sh
@@ -20,7 +20,7 @@ function check_ntp() {
     log_and_halt_installation_on_error "$?" "Chrony service not running or not active."
 
     retries=0
-    max_retries=5
+    max_retries=30
     while [ "$(timedatectl show -p NTPSynchronized --value)" != "yes" ]; do
         if [ $retries -ge $max_retries ]; then
             local service_logs=$(journalctl -u chrony.service --no-pager)