]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/tile/recipes/default.rb
projects / chef.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add a role for the blog aggregator
[chef.git] / cookbooks / tile / recipes / default.rb
diff --git a/cookbooks/tile/recipes/default.rb b/cookbooks/tile/recipes/default.rb
index 02833254be291781adcf209fcf17dd2987da2906..9d1be80208c4f5c503877db8e0baca5c9bbeec2e 100644 (file)
--- a/cookbooks/tile/recipes/default.rb
+++ b/cookbooks/tile/recipes/default.rb
@@ -97,6 +97,10 @@ file "/srv/tile.openstreetmap.org/conf/ip.map" do
   mode "644"
 end
 
+tile_directories = node[:tile][:styles].collect do |_, style|
+  style[:tile_directories].collect { |directory| directory[:name] }
+end.flatten.sort.uniq
+
 package "renderd"
 
 systemd_service "renderd" do
@@ -106,6 +110,7 @@ systemd_service "renderd" do
   limit_nofile 4096
   sandbox true
   restrict_address_families "AF_UNIX"
+  read_write_paths tile_directories
   restart "on-failure"
 end
 
@@ -182,11 +187,26 @@ template "/srv/tile.openstreetmap.org/cgi-bin/debug" do
   mode "755"
 end
 
-template "/etc/cron.hourly/export" do
-  source "export.cron.erb"
-  owner "root"
-  group "root"
-  mode "755"
+systemd_service "export-cleanup" do
+  description "Cleanup stale export temporary files"
+  joins_namespace_of "apache2.service"
+  exec_start "find /tmp -ignore_readdir_race -name 'export??????' -mmin +60 -delete"
+  user "www-data"
+  sandbox true
+end
+
+systemd_timer "export-cleanup" do
+  description "Cleanup stale export temporary files"
+  on_boot_sec "60m"
+  on_unit_inactive_sec "60m"
+end
+
+service "export-cleanup.timer" do
+  action [:enable, :start]
+end
+
+file "/etc/cron.hourly/export" do
+  action :delete
 end
 
 directory "/srv/tile.openstreetmap.org/data" do
@@ -583,9 +603,8 @@ systemd_service "expire-tiles" do
   nice 10
   standard_output "null"
   sandbox true
-  read_write_paths [
+  read_write_paths tile_directories + [
     "/store/database/nodes",
-    "/store/tiles/%i",
     "/var/lib/replicate/expire-queue",
     "/var/log/tile"
   ]
@@ -608,6 +627,7 @@ systemd_service "replicate" do
   user "tile"
   exec_start "/usr/local/bin/replicate"
   sandbox :enable_network => true
+  restrict_address_families "AF_UNIX"
   read_write_paths [
     "/store/database/nodes",
     "/var/lib/replicate",
@@ -665,18 +685,27 @@ template "/usr/local/bin/cleanup-tiles" do
   mode "755"
 end
 
-tile_directories = node[:tile][:styles].collect do |_, style|
-  style[:tile_directories].collect { |directory| directory[:name] }
-end.flatten.sort.uniq
+systemd_service "cleanup-tiles@" do
+  description "Cleanup old tiles for /%I"
+  exec_start "/usr/local/bin/cleanup-tiles /%I"
+  user "_renderd"
+  io_scheduling_class "idle"
+  sandbox true
+  read_write_paths "/%I"
+end
+
+systemd_timer "cleanup-tiles@" do
+  description "Cleanup old tiles for /%I"
+  on_boot_sec "30m"
+  on_unit_inactive_sec "60m"
+  randomized_delay_sec "10m"
+end
 
 tile_directories.each do |directory|
-  label = directory.gsub("/", "-")
+  label = directory[1..].gsub("/", "-")
 
-  cron_d "cleanup-tiles#{label}" do
-    minute "0"
-    user "_renderd"
-    command "ionice -c 3 /usr/local/bin/cleanup-tiles #{directory}"
-    mailto "admins@openstreetmap.org"
+  service "cleanup-tiles@#{label}.timer" do
+    action [:enable, :start]
   end
 end
 
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.