diff --git a/pkg/challenge/Dockerfile b/pkg/challenge/Dockerfile
index d3736e7..4b2affa 100644
--- a/pkg/challenge/Dockerfile
+++ b/pkg/challenge/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15 AS mirror
+FROM alpine:edge AS mirror
 
 RUN mkdir -p /out/etc/apk/ && \
     cp /etc/apk/repositories /out/etc/apk/ && \
@@ -16,6 +16,7 @@ RUN apk add --no-cache --initdb -p /out \
     bind-doc \
     bind-tools \
     busybox \
+    busybox-doc \
     ca-certificates \
     curl \
     curl-doc \
@@ -33,12 +34,11 @@ RUN apk add --no-cache --initdb -p /out \
     kbd-bkeymaps \
     kbd-doc \
     kbd-vlock \
+    losetup \
     mandoc \
     man-pages \
     musl \
     nano \
-    openntpd \
-    openntpd-doc \
     openssh-client \
     openssh-doc \
     openssh-keygen \
diff --git a/server.yml b/server.yml
index dadfa80..bf0694d 100644
--- a/server.yml
+++ b/server.yml
@@ -224,19 +224,19 @@ services:
      - /etc/unbound:/etc/unbound:ro
 
   - name: time
-    image: linuxkit/openntpd:d6c36ac367ed26a6eeffd8db78334d9f8041b038
-    command: ["/bin/sh", "-c", "sleep 10; /usr/sbin/ntpd -d -s" ]
+    image: nemunaire/chrony:83fc8904f9c75f83f762685fd85c1dda877a5ad7
+    command: ["/usr/sbin/chronyd", "-d"]
     net: /run/netns/dmz-time
     capabilities:
+     - CAP_CHOWN
+     - CAP_DAC_OVERRIDE
      - CAP_NET_BIND_SERVICE
      - CAP_SYS_TIME
-     - CAP_SYS_CHROOT
-     - CAP_SYS_NICE
      - CAP_SETUID
      - CAP_SETGID
     binds:
      - /etc/resolv.conf:/etc/resolv.conf:ro
-     - /etc/ntpd.conf:/etc/ntpd.conf:ro
+     - /etc/chrony/chrony.conf:/etc/chrony/chrony.conf:ro
 
   - name: postfix
     image: nemunaire/postfix:6c556b4517ddb596ae0d084ec9783de9eba6534d
@@ -758,7 +758,27 @@ files:
     contents: |
       listen on *
       #server 10.224.4.2
-      server pool.ntp.org
+      server 51.15.180.229
+      server 51.75.141.62
+      server 193.200.43.105
+      #servers fr.pool.ntp.org
+    mode: "0440"
+
+  - path: etc/chrony/chrony.conf
+    contents: |
+      server 51.15.180.229 iburst
+      server 51.75.141.62 iburst
+      server 193.200.43.105 iburst
+      pool fr.pool.ntp.org iburst
+
+      # Record the rate at which the system clock gains/losses time.
+      driftfile /var/lib/chrony/drift
+
+      # In first three updates step the system clock instead of slew
+      # if the adjustment is larger than 1 second.
+      makestep 10 3
+
+      allow all
     mode: "0440"
 
   - path: etc/wireguard/wg0.conf