]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/planet/recipes/dump.rb
projects / chef.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Drop private_devices for OTRS and planetdump that use exim
[chef.git] / cookbooks / planet / recipes / dump.rb
diff --git a/cookbooks/planet/recipes/dump.rb b/cookbooks/planet/recipes/dump.rb
index 85243f335dd8b27a3d865c05c1cd77b40f1c6d15..c7737bdb84a23576c70dfe1e9069e105409911e2 100644 (file)
--- a/cookbooks/planet/recipes/dump.rb
+++ b/cookbooks/planet/recipes/dump.rb
@@ -61,7 +61,7 @@ end
 git "/opt/planet-dump-ng" do
   action :sync
   repository "https://github.com/zerebubuth/planet-dump-ng.git"
-  revision "v1.2.2"
+  revision "v1.2.6"
   depth 1
   user "root"
   group "root"
@@ -116,11 +116,9 @@ systemd_service "planetdump@" do
   exec_start "/usr/local/bin/planetdump %i"
   memory_max "64G"
   private_tmp true
-  private_devices true
-  private_network true
-  protect_system "full"
+  protect_system "strict"
   protect_home true
-  no_new_privileges true
+  read_write_paths ["/var/log/exim4", "/var/spool/exim4"]
 end
 
 cron_d "planet-dump-mirror" do
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.