]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/nominatim/recipes/master.rb
remove date from nominatim fail2ban regex
[chef.git] / cookbooks / nominatim / recipes / master.rb
index 2e0094152c7cfa865420703e3856868f2402b519..6dd15bf962a9cc5a8d7ef2468649f893063cfda0 100644 (file)
 # limitations under the License.
 #
 
-include_recipe "nominatim::base"
+slaves = search(:node, "roles:nominatim-slave") # ~FC010
 
-passwords = data_bag_item("nominatim", "passwords")
-database_cluster = node[:nominatim][:database][:cluster]
-home_directory = data_bag_item("accounts", "nominatim")["home"]
+node.default[:postgresql][:settings][:defaults][:late_authentication_rules] = []
+node.default[:rsyncd][:modules] = { :archive => { :hosts_allow => [] } }
 
-superusers = %w(tomh lonvia twain nominatim)
-
-superusers.each do |user|
-  postgresql_user user do
-    cluster database_cluster
-    superuser true
-  end
-end
-
-postgresql_user "www-data" do
-  cluster database_cluster
-end
-
-postgresql_user "replication" do
-  cluster database_cluster
-  password passwords["replication"]
-  replication true
-end
-
-git "#{home_directory}/nominatim" do
-  action :checkout
-  repository node[:nominatim][:repository]
-  enable_submodules true
-  user "nominatim"
-  group "nominatim"
-  notifies :run, "execute[compile_nominatim]"
+slaves.each do |slave|
+  # set up DB access for each slave
+  node.default[:postgresql][:settings][:defaults][:late_authentication_rules].push(
+    :database => "replication",
+    :user => "replication",
+    :address => "#{slave[:networking][:internal_ipv4][:address]}/32"
+  )
+  # allow slaves access to the WAL logs
+  node.default[:rsyncd][:modules][:archive][:hosts_allow].push(
+    slave[:networking][:internal_ipv4][:address]
+  )
 end