]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/imagery/recipes/tiler.rb
Merge remote-tracking branch 'github/pull/670'
[chef.git] / cookbooks / imagery / recipes / tiler.rb
index 3c88d77da9545a630e977b0075728cccd85fe700..7358089acef027e8d8f8809ee91751938471b3e1 100644 (file)
 include_recipe "imagery"
 include_recipe "podman"
 
+directory "/store/imagery" do
+  owner "root"
+  group "root"
+  mode "755"
+  recursive true
+end
+
 # FIXME: until upstream supports arm64 images: https://github.com/developmentseed/titiler/pull/740
 container_image = if arm?
                     "ghcr.io/firefishy/titiler:latest"
@@ -31,8 +38,9 @@ podman_service "titiler" do
   description "Container service for titiler"
   image container_image
   ports 8080 => 8080
+  volume "/store/imagery" => "/store/imagery"
   environment :PORT                                => 8080,
-              :WORKERS_PER_CORE                    => 2,
+              :WORKERS_PER_CORE                    => 1,
               :GDAL_CACHEMAX                       => 200,
               :GDAL_DISABLE_READDIR_ON_OPEN        => "EMPTY_DIR",
               :GDAL_INGESTED_BYTES_AT_OPEN         => 32768,
@@ -45,6 +53,29 @@ podman_service "titiler" do
               :FORWARDED_ALLOW_IPS                 => "*" # https://docs.gunicorn.org/en/latest/settings.html#forwarded-allow-ips
 end
 
+systemd_service "titiler-restart" do
+  type "simple"
+  user "root"
+  exec_start "/bin/systemctl try-restart titiler.service"
+  sandbox true
+  restrict_address_families "AF_UNIX"
+end
+
+systemd_timer "titiler-restart" do
+  on_boot_sec "6h"
+  on_unit_inactive_sec "12h"
+end
+
+service "titiler-restart.timer" do
+  action [:enable, :start]
+end
+
+directory "/var/cache/nginx-cache" do
+  owner "www-data"
+  group "www-data"
+  mode "755"
+end
+
 ssl_certificate "tiler.openstreetmap.org" do
   domains "tiler.openstreetmap.org"
   notifies :reload, "service[nginx]"