]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/web/recipes/cleanup.rb
Merge remote-tracking branch 'github/pull/711'
[chef.git] / cookbooks / web / recipes / cleanup.rb
index bd042de03529720b136efd98a596cffbec165e4d..c1c47a0c4b88dbbed1e370efdaaafbe2c2a9cf44 100644 (file)
@@ -1,8 +1,8 @@
 #
-# Cookbook Name:: web
+# Cookbook:: web
 # Recipe:: cleanup
 #
-# Copyright 2013, OpenStreetMap Foundation
+# Copyright:: 2013, OpenStreetMap Foundation
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 
 include_recipe "web::base"
 
-ruby = "ruby#{node[:passenger][:ruby_version]}"
+web_passwords = data_bag_item("web", "passwords")
+
 rails_directory = "#{node[:web][:base_directory]}/rails"
 
-template "/etc/cron.daily/web-cleanup" do
-  source "cleanup.cron.erb"
-  owner "root"
-  group "root"
-  mode 0o755
-  variables :ruby => ruby, :directory => rails_directory
+file "/etc/cron.daily/web-cleanup" do
+  action :delete
+end
+
+systemd_service "rails-cleanup" do
+  description "Rails cleanup"
+  type "simple"
+  environment "RAILS_ENV" => "production",
+              "SECRET_KEY_BASE" => web_passwords["secret_key_base"]
+  user "rails"
+  working_directory rails_directory
+  exec_start "#{node[:ruby][:bundle]} exec rails db:expire_tokens"
+  sandbox :enable_network => true
+  memory_deny_write_execute false
+  read_write_paths "/var/log/web"
+end
+
+systemd_timer "rails-cleanup" do
+  description "Rails cleanup"
+  on_calendar "02:00"
+end
+
+service "rails-cleanup.timer" do
+  action [:enable, :start]
 end