supybot: update switch2osm url

[chef.git] / cookbooks / oxidized / recipes / default.rb

diff --git a/cookbooks/oxidized/recipes/default.rb b/cookbooks/oxidized/recipes/default.rb
index 4d1da0343e17997a33c2996afe08bcacd3e57973..66c919908c8b01bf04341256621b5078747f3fec 100644 (file)
--- a/cookbooks/oxidized/recipes/default.rb
+++ b/cookbooks/oxidized/recipes/default.rb
@@ -29,6 +29,7 @@ package %w[
   libssh2-1-dev
   zlib1g-dev
   pkg-config
+  libyaml-dev
 ]
 
 keys = data_bag_item("oxidized", "keys")
@@ -147,11 +148,8 @@ systemd_service "oxidized" do
   environment "OXIDIZED_HOME" => "/etc/oxidized",
               "OXIDIZED_LOGS" => "/var/log/oxidized"
   nice 10
-  private_tmp true
-  private_devices true
-  protect_system "full"
-  protect_home true
-  no_new_privileges true
+  sandbox :enable_network => true
+  read_write_paths ["/run/oxidized", "/var/lib/oxidized", "/var/log/oxidized"]
   restart "on-failure"
   notifies :restart, "service[oxidized]"
 end