]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/planet/recipes/notes.rb
Remove otrs test role from naga
[chef.git] / cookbooks / planet / recipes / notes.rb
index 3f0e2c996afcb5dbd69ad97ee7c336d4ff75e8cd..e6329708190daa8201c81069a73dbbb2eade7f37 100644 (file)
@@ -17,7 +17,9 @@
 # limitations under the License.
 #
 
 # limitations under the License.
 #
 
+include_recipe "accounts"
 include_recipe "git"
 include_recipe "git"
+include_recipe "planet::aws"
 
 db_passwords = data_bag_item("db", "passwords")
 
 
 db_passwords = data_bag_item("db", "passwords")
 
@@ -53,8 +55,10 @@ end
 systemd_service "planet-notes-dump" do
   description "Create notes dump"
   exec_start "/usr/local/bin/planet-notes-dump"
 systemd_service "planet-notes-dump" do
   description "Create notes dump"
   exec_start "/usr/local/bin/planet-notes-dump"
-  user "www-data"
+  user "planet"
   sandbox :enable_network => true
   sandbox :enable_network => true
+  protect_home "tmpfs"
+  bind_paths "/home/planet"
   read_write_paths "/store/planet/notes"
 end
 
   read_write_paths "/store/planet/notes"
 end
 
@@ -77,7 +81,7 @@ end
 systemd_service "planet-notes-cleanup" do
   description "Delete old notes dumps"
   exec_start "/usr/local/bin/planet-notes-cleanup"
 systemd_service "planet-notes-cleanup" do
   description "Delete old notes dumps"
   exec_start "/usr/local/bin/planet-notes-cleanup"
-  user "www-data"
+  user "planet"
   sandbox true
   read_write_paths "/store/planet/notes"
 end
   sandbox true
   read_write_paths "/store/planet/notes"
 end