# limitations under the License.
#
-include_recipe "apt"
+include_recipe "apt::maxmind"
license_keys = data_bag_item("geoipupdate", "license-keys")
source "GeoIP.conf.erb"
owner "root"
group "root"
- mode 0o644
+ mode "644"
variables :license_keys => license_keys
end
-execute "geoipdate" do
+execute "geoipupdate" do
command "geoipupdate"
user "root"
group "root"
- not_if { ENV.key?("TEST_KITCHEN") || node[:geoipupdate][:editions].all? { |edition| ::File.exist?("/usr/share/GeoIP/#{edition}.mmdb") } }
+ not_if { kitchen? || node[:geoipupdate][:editions].all? { |edition| ::File.exist?("#{node[:geoipupdate][:directory]}/#{edition}.mmdb") } }
end
-directory "/var/lib/GeoIP" do
- action :delete
- recursive true
+systemd_service "geoipupdate" do
+ description "Update GeoIP databases"
+ user "root"
+ exec_start "/usr/bin/geoipupdate"
+ private_tmp true
+ private_devices true
+ protect_system "strict"
+ protect_home true
+ read_write_paths node[:geoipupdate][:directory]
+ no_new_privileges true
+end
+
+systemd_timer "geoipupdate" do
+ description "Update GeoIP databases"
+ on_boot_sec "15m"
+ on_unit_active_sec "7d"
+ randomized_delay_sec "4h"
+end
+
+service "geoipupdate.timer" do
+ action [:enable, :start]
end