include_recipe "postgresql"
include_recipe "prometheus"
include_recipe "python"
+include_recipe "ruby"
include_recipe "tools"
blocks = data_bag_item("tile", "blocks")
package "renderd"
systemd_service "renderd" do
- description "Mapnik rendering daemon"
+ dropin "chef"
after "postgresql.service"
wants "postgresql.service"
- user "www-data"
- exec_start "/usr/bin/renderd -f"
- runtime_directory "renderd"
- standard_error "null"
limit_nofile 4096
private_tmp true
private_devices true
restart "on-failure"
end
+systemd_service "renderd" do
+ action :delete
+end
+
service "renderd" do
action [:enable, :start]
subscribes :restart, "systemd_service[renderd]"
python_version "3"
end
-package %w[
+unifont = if node[:lsb][:release].to_f < 22.04
+ "ttf-unifont"
+ else
+ "fonts-unifont"
+ end
+
+package %W[
fonts-noto-cjk
fonts-noto-hinted
fonts-noto-unhinted
fonts-hanazono
- ttf-unifont
+ #{unifont}
]
["NotoSansArabicUI-Regular.ttf", "NotoSansArabicUI-Bold.ttf"].each do |font|
details[:tile_directories].each do |directory|
directory directory[:name] do
- owner "www-data"
- group "www-data"
+ owner "_renderd"
+ group "_renderd"
mode "755"
end
directory[:min_zoom].upto(directory[:max_zoom]) do |zoom|
directory "#{directory[:name]}/#{zoom}" do
- owner "www-data"
- group "www-data"
+ owner "_renderd"
+ group "_renderd"
mode "755"
end
cluster node[:tile][:database][:cluster]
end
+postgresql_user "_renderd" do
+ cluster node[:tile][:database][:cluster]
+end
+
postgresql_database "gis" do
cluster node[:tile][:database][:cluster]
owner "tile"
cluster node[:tile][:database][:cluster]
database "gis"
owner "tile"
- permissions "tile" => :all, "www-data" => :select
+ permissions "tile" => :all, "www-data" => :select, "_renderd" => :select
end
end
if node[:tile][:database][:external_data_script]
execute node[:tile][:database][:external_data_script] do
- command "#{node[:tile][:database][:external_data_script]} -R www-data"
+ command "#{node[:tile][:database][:external_data_script]} -R _renderd"
cwd "/srv/tile.openstreetmap.org"
user "tile"
group "tile"
ignore_failure true
end
+
+ Array(node[:tile][:database][:external_data_tables]).each do |table|
+ postgresql_table table do
+ cluster node[:tile][:database][:cluster]
+ database "gis"
+ owner "tile"
+ permissions "tile" => :all, "www-data" => :select, "_renderd" => :select
+ end
+ end
end
postgresql_munin "gis" do
file node[:tile][:database][:node_file] do
owner "tile"
- group "www-data"
+ group "_renderd"
mode "660"
end
package %w[
osm2pgsql
- ruby
osmium-tool
pyosmium
python3-pyproj
]
-gem_package "apachelogregex"
-gem_package "file-tail"
-gem_package "lru_redux"
+gem_package "apachelogregex" do
+ gem_binary node[:ruby][:gem]
+end
+
+gem_package "file-tail" do
+ gem_binary node[:ruby][:gem]
+end
+
+gem_package "lru_redux" do
+ gem_binary node[:ruby][:gem]
+end
remote_directory "/usr/local/bin" do
source "bin"
directory "/var/lib/replicate/expire-queue" do
owner "tile"
- group "www-data"
+ group "_renderd"
mode "775"
end
systemd_service "expire-tiles" do
description "Tile dirtying service"
type "simple"
- user "www-data"
+ user "_renderd"
exec_start "/usr/local/bin/expire-tiles"
standard_output "null"
private_tmp true
cron_d "cleanup-tiles#{label}" do
minute "0"
- user "www-data"
+ user "_renderd"
command "ionice -c 3 /usr/local/bin/cleanup-tiles #{directory}"
mailto "admins@openstreetmap.org"
end
munin_plugin "replication_delay"
+package "ruby-webrick"
+
prometheus_exporter "modtile" do
port 9494
end