X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/026e50458591504810f05d5d0f2fa1d432cdd86a..f3d8422f1c3d8c1e8cf3cc04d9982b8cfb8878c4:/cookbooks/nominatim/recipes/default.rb?ds=sidebyside diff --git a/cookbooks/nominatim/recipes/default.rb b/cookbooks/nominatim/recipes/default.rb index b7d7a803e..09ff3ff95 100644 --- a/cookbooks/nominatim/recipes/default.rb +++ b/cookbooks/nominatim/recipes/default.rb @@ -20,6 +20,7 @@ include_recipe "accounts" include_recipe "munin" include_recipe "php::fpm" +include_recipe "prometheus" basedir = data_bag_item("accounts", "nominatim")["home"] email_errors = data_bag_item("accounts", "lonvia")["email"] @@ -52,17 +53,6 @@ file "#{node[:nominatim][:logdir]}/update.log" do mode "664" end -# exception granted for a limited time so that they can set up their own server -firewall_rule "increase-limits-gnome-proxy" do - action :accept - family "inet" - source "net:8.43.85.23" - dest "fw" - proto "tcp:syn" - dest_ports "https" - rate_limit "s:10/sec:30" -end - ## Postgresql include_recipe "postgresql" @@ -172,9 +162,13 @@ package %w[ python3-psutil python3-jinja2 python3-icu + python3-datrie php-pgsql php-intl php-symfony-dotenv + ruby + ruby-file-tail + ruby-pg ] source_directory = "#{basedir}/nominatim" @@ -221,6 +215,10 @@ execute "compile_nominatim" do command "cmake #{source_directory} && make" end +link "/usr/local/bin/nominatim" do + to "#{build_directory}/nominatim" +end + template "#{source_directory}/.git/hooks/post-merge" do source "git-post-merge-hook.erb" owner "nominatim" @@ -239,7 +237,8 @@ template "#{build_directory}/.env" do variables :base_url => node[:nominatim][:state] == "off" ? node[:fqdn] : "nominatim.openstreetmap.org", :dbname => node[:nominatim][:dbname], :flatnode_file => node[:nominatim][:flatnode_file], - :log_file => "#{node[:nominatim][:logdir]}/query.log" + :log_file => "#{node[:nominatim][:logdir]}/query.log", + :tokenizer => node[:nominatim][:config][:tokenizer] end git ui_directory do @@ -278,7 +277,7 @@ external_data = [ external_data.each do |fname| remote_file "#{build_directory}/#{fname}" do - action :create_if_missing + action :create source "https://www.nominatim.org/data/#{fname}" owner "nominatim" group "nominatim" @@ -299,7 +298,7 @@ if node[:nominatim][:state] == "off" action :delete end - cron_d "nominatim-update-maintenance-trigger" do + systemd_timer "nominatim-update-maintenance-trigger" do action :delete end else @@ -330,12 +329,20 @@ else mailto email_errors end - cron_d "nominatim-update-maintenance-trigger" do - minute "18" - hour "1" + systemd_service "nominatim-update-maintenance-trigger" do + description "Trigger maintenance tasks for Nominatim DB" + exec_start "touch #{basedir}/status/update_maintenance" user "nominatim" - command "touch #{basedir}/status/update_maintenance" - mailto email_errors + end + + systemd_timer "nominatim-update-maintenance-trigger" do + action :create + description "Schedule maintenance tasks for Nominatim DB" + on_calendar "*-*-* 02:03:00 UTC" + end + + service "nominatim-update-maintenance-trigger" do + action [:enable] end end @@ -414,10 +421,6 @@ ssl_certificate node[:fqdn] do notifies :reload, "service[nginx]" end -package "apache2" do - action :remove -end - include_recipe "nginx" nginx_site "default" do @@ -460,6 +463,17 @@ munin_plugin "nominatim_requests" do target "#{source_directory}/munin/nominatim_requests_querylog" end +package "ruby-webrick" + +prometheus_exporter "nominatim" do + port 8082 + user "www-data" + options [ + "--nominatim.query-log=#{node[:nominatim][:logdir]}/query.log", + "--nominatim.database-name=#{node[:nominatim][:dbname]}" + ] +end + directory "#{basedir}/status" do owner "nominatim" group "postgres" @@ -481,6 +495,8 @@ end ### QA tile generation if node[:nominatim][:enable_qa_tiles] + package "python3-geojson" + git qa_bin_directory do repository node[:nominatim][:qa_repository] revision node[:nominatim][:qa_revision] @@ -512,9 +528,15 @@ if node[:nominatim][:enable_qa_tiles] variables :outputdir => "#{qa_data_directory}/new" end - link "#{build_directory}/website/qa-data" do - to "#{qa_data_directory}/current" - owner "nominatim" - group "nominatim" + ssl_certificate "qa-tile.nominatim.openstreetmap.org" do + domains ["qa-tile.nominatim.openstreetmap.org"] + notifies :reload, "service[nginx]" end + + nginx_site "qa-tiles.nominatim" do + template "nginx-qa-tiles.erb" + directory build_directory + variables :qa_data_directory => qa_data_directory + end + end