#
include_recipe "accounts"
-include_recipe "munin"
include_recipe "apache"
+include_recipe "prometheus"
+include_recipe "ruby"
username = "overpass"
basedir = data_bag_item("accounts", username)["home"]
+web_passwords = data_bag_item("web", "passwords")
%w[bin site diffs db src].each do |dirname|
directory "#{basedir}/#{dirname}" do
user username
cwd srcdir
command "./configure --enable-lz4 --prefix=#{basedir} && make install"
+ notifies :restart, "service[overpass-dispatcher]"
+ notifies :restart, "service[overpass-area-dispatcher]"
end
## Setup Apache
+gem_package "rotp" do
+ gem_binary node[:ruby][:gem]
+end
+
+directory "#{basedir}/apache" do
+ owner "root"
+ group "root"
+ mode "755"
+end
+
+template "#{basedir}/apache/totp-filter" do
+ source "totp-filter.erb"
+ owner "root"
+ group "root"
+ mode "755"
+ variables :totp_key => web_passwords["totp_key"]
+end
+
ssl_certificate node[:fqdn] do
domains [node[:fqdn],
node[:overpass][:fqdn]]
apache_module "cgi"
apache_module "headers"
+apache_module "rewrite"
apache_site "default" do
action :disable
systemd_service "overpass-dispatcher" do
description "Overpass Main Dispatcher"
+ wants ["overpass-area-dispatcher.service"]
working_directory basedir
exec_start "#{basedir}/bin/dispatcher --osm-base #{meta_map_short[node[:overpass][:meta_mode]]} --db-dir=#{basedir}/db --rate-limit=#{node[:overpass][:rate_limit]} --space=#{node[:overpass][:dispatcher_space]}"
exec_stop "#{basedir}/bin/dispatcher --osm-base --terminate"
systemd_service "overpass-area-dispatcher" do
description "Overpass Area Dispatcher"
- after ["overpass-dispatcher"]
+ after ["overpass-dispatcher.service"]
working_directory basedir
exec_start "#{basedir}/bin/dispatcher --areas #{meta_map_short[node[:overpass][:meta_mode]]} --db-dir=#{basedir}/db"
exec_stop "#{basedir}/bin/dispatcher --areas --terminate"
systemd_service "overpass-update" do
description "Overpass Update Application"
- after ["overpass-dispatcher"]
+ after ["overpass-dispatcher.service"]
+ wants ["overpass-area-processor.service"]
working_directory basedir
exec_start "#{basedir}/bin/overpass-update-db"
standard_output "append:#{logdir}/update.log"
user username
+ restart "on-success"
end
if node[:overpass][:meta_mode] == "attic"
systemd_service "overpass-area-processor" do
description "Overpass Area Processor"
- after ["overpass-area-dispatcher"]
+ after ["overpass-area-dispatcher.service", "overpass-update.service"]
working_directory basedir
exec_start "#{basedir}/bin/overpass-update-areas"
standard_output "append:#{logdir}/area-processor.log"
+ restart "on-success"
nice 19
user username
end
else
systemd_service "overpass-area-processor" do
description "Overpass Area Processor"
- after ["overpass-area-dispatcher"]
+ after ["overpass-area-dispatcher.service", "overpass-update.service"]
working_directory basedir
exec_start "#{basedir}/bin/osm3s_query --progress --rules"
standard_input "file:#{srcdir}/rules/areas.osm3s"
standard_output "append:#{logdir}/area-processor.log"
+ restart "on-success"
nice 19
user username
end
end
systemd_timer "overpass-area-processor" do
- description "Update areas in Overpass"
- on_calendar "*-*-* *:*:00"
+ action :delete
end
service "overpass-area-processor" do
- action [:enable]
+ action [:disable]
+end
+
+template "/etc/logrotate.d/overpass" do
+ source "logrotate.erb"
+ owner "root"
+ group "root"
+ mode "644"
+ variables :logdir => logdir
+end
+
+prometheus_exporter "overpass" do
+ port 9898
+ user username
+ restrict_address_families "AF_UNIX"
+ options [
+ "--overpass.base-directory=#{basedir}"
+ ]
end