include_recipe "imagery"
include_recipe "podman"
+directory "/store/imagery" do
+ owner "root"
+ group "root"
+ mode "755"
+ recursive true
+end
+
# FIXME: until upstream supports arm64 images: https://github.com/developmentseed/titiler/pull/740
container_image = if arm?
"ghcr.io/firefishy/titiler:latest"
podman_service "titiler" do
description "Container service for titiler"
image container_image
- ports 8080 => 8080
- environment :PORT => 8080, :WORKERS_PER_CORE => 1, :GDAL_INGESTED_BYTES_AT_OPEN => 32768, :GDAL_DISABLE_READDIR_ON_OPEN => "EMPTY_DIR", :GDAL_HTTP_MERGE_CONSECUTIVE_RANGES => "YES", :GDAL_HTTP_MULTIPLEX => "YES", :GDAL_HTTP_VERSION => 2, :TITILER_API_ROOT_PATH => "/api/v1/titiler"
+ volume :"/store/imagery" => "/store/imagery",
+ :"/srv/imagery/sockets" => "/sockets"
+ environment :BIND => "unix:/sockets/titiler.sock",
+ :WORKERS_PER_CORE => 1,
+ :GDAL_CACHEMAX => 200,
+ :GDAL_BAND_BLOCK_CACHE => "HASHSET",
+ :GDAL_DISABLE_READDIR_ON_OPEN => "EMPTY_DIR",
+ :GDAL_INGESTED_BYTES_AT_OPEN => 32768,
+ :GDAL_HTTP_MERGE_CONSECUTIVE_RANGES => "YES",
+ :GDAL_HTTP_MULTIPLEX => "YES",
+ :GDAL_HTTP_VERSION => 2,
+ :VSI_CACHE => "TRUE",
+ :VSI_CACHE_SIZE => 5000000,
+ :TITILER_API_ROOT_PATH => "/api/v1/titiler",
+ :FORWARDED_ALLOW_IPS => "*" # https://docs.gunicorn.org/en/latest/settings.html#forwarded-allow-ips
+end
+
+systemd_service "titiler-restart" do
+ type "simple"
+ user "root"
+ exec_start "/bin/systemctl try-restart titiler.service"
+ sandbox true
+ restrict_address_families "AF_UNIX"
+end
+
+systemd_timer "titiler-restart" do
+ on_boot_sec "10m"
+ on_unit_inactive_sec "30m"
+ randomized_delay_sec "20m"
+end
+
+service "titiler-restart.timer" do
+ action [:enable, :start]
+end
+
+directory "/var/cache/nginx-cache" do
+ owner "www-data"
+ group "www-data"
+ mode "755"
end
ssl_certificate "tiler.openstreetmap.org" do