]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/imagery/recipes/tiler.rb
imagery: remove mapserver service restrictions
[chef.git] / cookbooks / imagery / recipes / tiler.rb
index f5eff5c66643f305cfc07561a99e6dd3f48a49da..d56357d62f41ea9f37929c3698dde1bead254a7c 100644 (file)
@@ -37,11 +37,12 @@ container_image = if arm?
 podman_service "titiler" do
   description "Container service for titiler"
   image container_image
-  ports 8080 => 8080
-  volume "/store/imagery" => "/store/imagery"
-  environment :PORT                                => 8080,
+  volume :"/store/imagery"       => "/store/imagery",
+         :"/srv/imagery/sockets" => "/sockets"
+  environment :BIND                                => "unix:/sockets/titiler.sock",
               :WORKERS_PER_CORE                    => 1,
               :GDAL_CACHEMAX                       => 200,
+              :GDAL_BAND_BLOCK_CACHE               => "HASHSET",
               :GDAL_DISABLE_READDIR_ON_OPEN        => "EMPTY_DIR",
               :GDAL_INGESTED_BYTES_AT_OPEN         => 32768,
               :GDAL_HTTP_MERGE_CONSECUTIVE_RANGES  => "YES",
@@ -53,6 +54,23 @@ podman_service "titiler" do
               :FORWARDED_ALLOW_IPS                 => "*" # https://docs.gunicorn.org/en/latest/settings.html#forwarded-allow-ips
 end
 
+systemd_service "titiler-restart" do
+  type "simple"
+  user "root"
+  exec_start "/bin/systemctl try-restart titiler.service"
+  sandbox true
+  restrict_address_families "AF_UNIX"
+end
+
+systemd_timer "titiler-restart" do
+  on_boot_sec "6h"
+  on_unit_inactive_sec "12h"
+end
+
+service "titiler-restart.timer" do
+  action [:enable, :start]
+end
+
 directory "/var/cache/nginx-cache" do
   owner "www-data"
   group "www-data"