]> git.openstreetmap.org Git - chef.git/blob - cookbooks/planet/recipes/replication.rb
projects / chef.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add new SSH key for Matt
[chef.git] / cookbooks / planet / recipes / replication.rb
1 #
2 # Cookbook:: planet
3 # Recipe:: dump
4 #
5 # Copyright:: 2013, OpenStreetMap Foundation
6 #
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
10 #
11 #     https://www.apache.org/licenses/LICENSE-2.0
12 #
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
18 #
19
20 require "yaml"
21
22 include_recipe "accounts"
23 include_recipe "apt"
24 include_recipe "osmosis"
25
26 db_passwords = data_bag_item("db", "passwords")
27
28 ## Install required packages
29
30 package %w[
31   postgresql-client
32   ruby
33   ruby-dev
34   ruby-libxml
35   make
36   gcc
37   libc6-dev
38   libpq-dev
39   osmdbt
40 ]
41
42 gem_package "pg"
43
44 ## Build preload library to flush files
45
46 remote_directory "/opt/flush" do
47   source "flush"
48   owner "root"
49   group "root"
50   mode "755"
51   files_owner "root"
52   files_group "root"
53   files_mode "755"
54 end
55
56 execute "/opt/flush/Makefile" do
57   action :nothing
58   command "make"
59   cwd "/opt/flush"
60   user "root"
61   group "root"
62   subscribes :run, "remote_directory[/opt/flush]"
63 end
64
65 ## Install scripts
66
67 remote_directory "/usr/local/bin" do
68   source "replication-bin"
69   owner "root"
70   group "root"
71   mode "755"
72   files_owner "root"
73   files_group "root"
74   files_mode "755"
75 end
76
77 template "/usr/local/bin/users-agreed" do
78   source "users-agreed.erb"
79   owner "root"
80   group "root"
81   mode "755"
82 end
83
84 template "/usr/local/bin/users-deleted" do
85   source "users-deleted.erb"
86   owner "root"
87   group "root"
88   mode "755"
89 end
90
91 ## Published deleted users directory
92
93 remote_directory "/store/planet/users_deleted" do
94   source "users_deleted"
95   owner "planet"
96   group "planet"
97   mode "755"
98   files_owner "root"
99   files_group "root"
100   files_mode "644"
101 end
102
103 ## Published replication directory
104
105 remote_directory "/store/planet/replication" do
106   source "replication-cgi"
107   owner "root"
108   group "root"
109   mode "755"
110   files_owner "root"
111   files_group "root"
112   files_mode "755"
113 end
114
115 ## Configuration directory
116
117 directory "/etc/replication" do
118   owner "root"
119   group "root"
120   mode "755"
121 end
122
123 ## Transient state directory
124
125 systemd_tmpfile "/run/replication" do
126   type "d"
127   owner "planet"
128   group "planet"
129   mode "755"
130 end
131
132 ## Persistent state directory
133
134 directory "/var/lib/replication" do
135   owner "planet"
136   group "planet"
137   mode "755"
138 end
139
140 ## Temporary directory
141
142 directory "/store/replication" do
143   owner "planet"
144   group "planet"
145   mode "755"
146 end
147
148 ## Users replication
149
150 template "/etc/replication/users-agreed.conf" do
151   source "users-agreed.conf.erb"
152   user "planet"
153   group "planet"
154   mode "600"
155   variables :password => db_passwords["planetdiff"]
156 end
157
158 ## Changeset replication
159
160 directory "/store/planet/replication/changesets" do
161   owner "planet"
162   group "planet"
163   mode "755"
164 end
165
166 template "/etc/replication/changesets.conf" do
167   source "changesets.conf.erb"
168   user "root"
169   group "planet"
170   mode "640"
171   variables :password => db_passwords["planetdiff"]
172 end
173
174 ## Minutely replication
175
176 directory "/store/planet/replication/minute" do
177   owner "planet"
178   group "planet"
179   mode "755"
180 end
181
182 directory "/var/lib/replication/minute" do
183   owner "planet"
184   group "planet"
185   mode "755"
186 end
187
188 directory "/store/replication/minute" do
189   owner "planet"
190   group "planet"
191   mode "755"
192 end
193
194 osmdbt_config = {
195   "database" => {
196     "host" => node[:web][:database_host],
197     "dbname" => "openstreetmap",
198     "user" => "planetdiff",
199     "password" => db_passwords["planetdiff"],
200     "replication_slot" => "osmdbt"
201   },
202   "log_dir" => "/var/lib/replication/minute",
203   "changes_dir" => "/store/planet/replication/minute",
204   "tmp_dir" => "/store/replication/minute",
205   "run_dir" => "/run/replication"
206 }
207
208 file "/etc/replication/osmdbt-config.yaml" do
209   user "root"
210   group "planet"
211   mode "640"
212   content YAML.dump(osmdbt_config)
213 end
214
215 systemd_service "replication-minutely" do
216   description "Minutely replication"
217   user "planet"
218   working_directory "/etc/replication"
219   exec_start "/usr/local/bin/replicate-minute"
220   private_tmp true
221   private_devices true
222   protect_system "full"
223   protect_home true
224   restrict_address_families %w[AF_INET AF_INET6]
225   no_new_privileges true
226 end
227
228 systemd_timer "replication-minutely" do
229   description "Minutely replication"
230   on_boot_sec 60
231   on_unit_active_sec 60
232   accuracy_sec 5
233 end
234
235 ## Hourly replication
236
237 directory "/store/planet/replication/hour" do
238   owner "planet"
239   group "planet"
240   mode "755"
241 end
242
243 directory "/var/lib/replication/hour" do
244   owner "planet"
245   group "planet"
246   mode "755"
247 end
248
249 link "/var/lib/replication/hour/data" do
250   to "/store/planet/replication/hour"
251 end
252
253 template "/var/lib/replication/hour/configuration.txt" do
254   source "replication.config.erb"
255   owner "planet"
256   group "planet"
257   mode "644"
258   variables :base => "minute", :interval => 3600
259 end
260
261 systemd_service "replication-hourly" do
262   description "Hourly replication"
263   user "planet"
264   exec_start "/usr/local/bin/osmosis -q --merge-replication-files workingDirectory=/var/lib/replication/hour"
265   private_tmp true
266   private_devices true
267   protect_system "full"
268   protect_home true
269   restrict_address_families %w[AF_INET AF_INET6]
270   no_new_privileges true
271 end
272
273 systemd_timer "replication-hourly" do
274   description "Daily replication"
275   on_calendar "*-*-* *:02/15:00"
276 end
277
278 ## Daily replication
279
280 directory "/store/planet/replication/day" do
281   owner "planet"
282   group "planet"
283   mode "755"
284 end
285
286 directory "/var/lib/replication/day" do
287   owner "planet"
288   group "planet"
289   mode "755"
290 end
291
292 link "/var/lib/replication/day/data" do
293   to "/store/planet/replication/day"
294 end
295
296 template "/var/lib/replication/day/configuration.txt" do
297   source "replication.config.erb"
298   owner "planet"
299   group "planet"
300   mode "644"
301   variables :base => "hour", :interval => 86400
302 end
303
304 systemd_service "replication-daily" do
305   description "Daily replication"
306   user "planet"
307   exec_start "/usr/local/bin/osmosis -q --merge-replication-files workingDirectory=/var/lib/replication/day"
308   private_tmp true
309   private_devices true
310   protect_system "full"
311   protect_home true
312   restrict_address_families %w[AF_INET AF_INET6]
313   no_new_privileges true
314 end
315
316 systemd_timer "replication-daily" do
317   description "Daily replication"
318   on_calendar "*-*-* *:02/15:00"
319 end
320
321 ## Replication cleanup
322
323 systemd_service "replication-cleanup" do
324   description "Cleanup replication"
325   user "planet"
326   exec_start "/usr/local/bin/replicate-cleanup"
327   private_tmp true
328   private_devices true
329   private_network true
330   protect_system "full"
331   protect_home true
332   no_new_privileges true
333 end
334
335 systemd_timer "replication-cleanup" do
336   description "Cleanup replication"
337   on_boot_sec 60
338   on_unit_active_sec 86400
339   accuracy_sec 1800
340 end
341
342 ## Enable/disable feeds
343
344 if node[:planet][:replication] == "enabled"
345   cron_d "users-agreed" do
346     minute "0"
347     hour "7"
348     user "planet"
349     command "/usr/local/bin/users-agreed"
350     mailto "zerebubuth@gmail.com"
351   end
352
353   cron_d "users-deleted" do
354     minute "0"
355     hour "17"
356     user "planet"
357     command "/usr/local/bin/users-deleted"
358     mailto "zerebubuth@gmail.com"
359   end
360
361   cron_d "replication-changesets" do
362     user "planet"
363     command "/usr/local/bin/replicate-changesets /etc/replication/changesets.conf"
364     mailto "zerebubuth@gmail.com"
365   end
366
367   service "replication-minutely.timer" do
368     action [:enable, :start]
369   end
370
371   service "replication-hourly.timer" do
372     action [:enable, :start]
373   end
374
375   service "replication-daily.timer" do
376     action [:enable, :start]
377   end
378
379   service "replication-cleanup.timer" do
380     action [:enable, :start]
381   end
382 else
383   cron_d "users-agreed" do
384     action :delete
385   end
386
387   cron_d "users-deleted" do
388     action :delete
389   end
390
391   cron_d "replication-changesets" do
392     action :delete
393   end
394
395   service "replication-minutely.timer" do
396     action [:stop, :disable]
397   end
398
399   service "replication-hourly.timer" do
400     action [:stop, :disable]
401   end
402
403   service "replication-daily.timer" do
404     action [:stop, :disable]
405   end
406
407   service "replication-cleanup.timer" do
408     action [:stop, :disable]
409   end
410 end
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.