Copy planet dumps to S3

[chef.git] / cookbooks / planet / recipes / dump.rb

diff --git a/cookbooks/planet/recipes/dump.rb b/cookbooks/planet/recipes/dump.rb
index f7a1431818e28b5defb38b745d7c320a88d7891a..aa69f9318922fb75b57d075261bfc14e5ac5ac8d 100644 (file)
--- a/cookbooks/planet/recipes/dump.rb
+++ b/cookbooks/planet/recipes/dump.rb
@@ -17,6 +17,7 @@
 # limitations under the License.
 #
 
+include_recipe "accounts"
 include_recipe "git"
 
 package %w[
@@ -88,8 +89,8 @@ execute "/opt/planet-dump-ng/Makefile" do
 end
 
 directory "/store/planetdump" do
-  owner "www-data"
-  group "www-data"
+  owner "planet"
+  group "planet"
   mode "755"
   recursive true
 end
@@ -105,10 +106,12 @@ end
 
 systemd_service "planetdump@" do
   description "Planet dump for %i"
-  user "www-data"
+  user "planet"
   exec_start "/usr/local/bin/planetdump %i"
   memory_max "64G"
   sandbox true
+  protect_home "tmpfs"
+  bind_paths "/home/planet"
   read_write_paths [
     "/store/planetdump",
     "/store/planet/pbf",
@@ -134,7 +137,7 @@ end
 systemd_service "planet-dump-mirror" do
   description "Update planet dump mirrors"
   exec_start "/usr/local/bin/planet-mirror-redirect-update"
-  user "www-data"
+  user "planet"
   sandbox :enable_network => true
   memory_deny_write_execute false
   read_write_paths "/store/planet/.htaccess"