]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/nominatim/recipes/default.rb
Use fail2ban to block bogus note searches
[chef.git] / cookbooks / nominatim / recipes / default.rb
index ffab40914d34be9304ca607ea2c3685aafbb2576..4b96e544d8a1b9f980ea08f2fcef45ca44b0c1d9 100644 (file)
@@ -140,6 +140,7 @@ package %w[
   liblua5.3-dev
   libluajit-5.1-dev
   libicu-dev
   liblua5.3-dev
   libluajit-5.1-dev
   libicu-dev
+  nlohmann-json3-dev
   lua5.3
   python3-pyosmium
   python3-psycopg2
   lua5.3
   python3-pyosmium
   python3-psycopg2
@@ -173,22 +174,22 @@ elsif node[:nominatim][:api_flavour] == "python"
 
   python_package "SQLAlchemy" do
     python_virtualenv python_directory
 
   python_package "SQLAlchemy" do
     python_virtualenv python_directory
-    version "2.0.19"
+    version "2.0.23"
   end
 
   python_package "PyICU" do
     python_virtualenv python_directory
   end
 
   python_package "PyICU" do
     python_virtualenv python_directory
-    version "2.10.2"
+    version "2.12"
   end
 
   python_package "psycopg[binary]" do
     python_virtualenv python_directory
   end
 
   python_package "psycopg[binary]" do
     python_virtualenv python_directory
-    version "3.1.10"
+    version "3.1.13"
   end
 
   python_package "psycopg2-binary" do
     python_virtualenv python_directory
   end
 
   python_package "psycopg2-binary" do
     python_virtualenv python_directory
-    version "2.9.7"
+    version "2.9.9"
   end
 
   python_package "python-dotenv" do
   end
 
   python_package "python-dotenv" do
@@ -196,6 +197,11 @@ elsif node[:nominatim][:api_flavour] == "python"
     version "0.21.0"
   end
 
     version "0.21.0"
   end
 
+  python_package "pygments" do
+    python_virtualenv python_directory
+    version "2.17.2"
+  end
+
   python_package "PyYAML" do
     python_virtualenv python_directory
     version "6.0.1"
   python_package "PyYAML" do
     python_virtualenv python_directory
     version "6.0.1"
@@ -208,7 +214,7 @@ elsif node[:nominatim][:api_flavour] == "python"
 
   python_package "uvicorn" do
     python_virtualenv python_directory
 
   python_package "uvicorn" do
     python_virtualenv python_directory
-    version "0.23.2"
+    version "0.24.0.post1"
   end
 
   python_package "gunicorn" do
   end
 
   python_package "gunicorn" do
@@ -309,7 +315,9 @@ template "#{project_directory}/.env" do
             :log_file => "#{node[:nominatim][:logdir]}/query.log",
             :tokenizer => node[:nominatim][:config][:tokenizer],
             :forward_dependencies => node[:nominatim][:config][:forward_dependencies],
             :log_file => "#{node[:nominatim][:logdir]}/query.log",
             :tokenizer => node[:nominatim][:config][:tokenizer],
             :forward_dependencies => node[:nominatim][:config][:forward_dependencies],
-            :pool_size => node[:nominatim][:api_pool_size]
+            :pool_size => node[:nominatim][:api_pool_size],
+            :query_timeout => node[:nominatim][:api_query_timeout],
+            :request_timeout => node[:nominatim][:api_request_timeout]
 end
 
 remote_file "#{project_directory}/wikimedia-importance.sql.gz" do
 end
 
 remote_file "#{project_directory}/wikimedia-importance.sql.gz" do
@@ -362,7 +370,7 @@ elsif node[:nominatim][:api_flavour] == "python"
     working_directory project_directory
     standard_output "append:#{node[:nominatim][:logdir]}/gunicorn.log"
     standard_error "inherit"
     working_directory project_directory
     standard_output "append:#{node[:nominatim][:logdir]}/gunicorn.log"
     standard_error "inherit"
-    exec_start "#{python_directory}/bin/gunicorn -b unix:/run/gunicorn-nominatim.openstreetmap.org.sock -w #{node[:nominatim][:api_workers]} -k uvicorn.workers.UvicornWorker nominatim.server.falcon.server:run_wsgi"
+    exec_start "#{python_directory}/bin/gunicorn --max-requests 200000 -b unix:/run/gunicorn-nominatim.openstreetmap.org.sock -w #{node[:nominatim][:api_workers]} -k uvicorn.workers.UvicornWorker nominatim.server.falcon.server:run_wsgi"
     exec_reload "/bin/kill -s HUP $MAINPID"
     environment :PYTHONPATH => "/usr/local/lib/nominatim/lib-python/"
     kill_mode "mixed"
     exec_reload "/bin/kill -s HUP $MAINPID"
     environment :PYTHONPATH => "/usr/local/lib/nominatim/lib-python/"
     kill_mode "mixed"