X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/1198cc96af6115a360c08e95ecb7654c83f944ef..394939caa3abe09f83e24070499fbcca34fc81d7:/cookbooks/planet/recipes/notes.rb

diff --git a/cookbooks/planet/recipes/notes.rb b/cookbooks/planet/recipes/notes.rb
index 662abe770..e63297081 100644
--- a/cookbooks/planet/recipes/notes.rb
+++ b/cookbooks/planet/recipes/notes.rb
@@ -17,7 +17,9 @@
 # limitations under the License.
 #
 
+include_recipe "accounts"
 include_recipe "git"
+include_recipe "planet::aws"
 
 db_passwords = data_bag_item("db", "passwords")
 
@@ -31,7 +33,7 @@ package %w[
 directory "/opt/planet-notes-dump" do
   owner "root"
   group "root"
-  mode 0o755
+  mode "755"
 end
 
 git "/opt/planet-notes-dump" do
@@ -46,23 +48,49 @@ template "/usr/local/bin/planet-notes-dump" do
   source "planet-notes-dump.erb"
   owner "root"
   group "root"
-  mode 0o755
+  mode "755"
   variables :password => db_passwords["planetdump"]
 end
 
-cron_d "planet-notes-dump" do
-  minute "0"
-  hour "3"
-  user "www-data"
-  command "/usr/local/bin/planet-notes-dump"
-  mailto "grant-smaug@firefishy.com"
+systemd_service "planet-notes-dump" do
+  description "Create notes dump"
+  exec_start "/usr/local/bin/planet-notes-dump"
+  user "planet"
+  sandbox :enable_network => true
+  protect_home "tmpfs"
+  bind_paths "/home/planet"
+  read_write_paths "/store/planet/notes"
 end
 
-cron_d "planet-notes-cleanup" do
-  comment "Delete Planet Notes dump files older than 8 days"
-  minute "10"
-  hour "8"
-  user "www-data"
-  command "find /store/planet/notes/20??/ -maxdepth 1 -type f -iname 'planet-notes-??????.osn*' -printf '\%T@ \%p\n' | sort -k 1nr | sed 's/^[^ ]* //' | tail -n +17 | xargs -r rm -f"
-  mailto "grant-smaug@firefishy.com"
+systemd_timer "planet-notes-dump" do
+  description "Create notes dump"
+  on_calendar "03:00"
+end
+
+service "planet-notes-dump.timer" do
+  action [:enable, :start]
+end
+
+template "/usr/local/bin/planet-notes-cleanup" do
+  source "planet-notes-cleanup.erb"
+  owner "root"
+  group "root"
+  mode "755"
+end
+
+systemd_service "planet-notes-cleanup" do
+  description "Delete old notes dumps"
+  exec_start "/usr/local/bin/planet-notes-cleanup"
+  user "planet"
+  sandbox true
+  read_write_paths "/store/planet/notes"
+end
+
+systemd_timer "planet-notes-cleanup" do
+  description "Delete old notes dumps"
+  on_calendar "08:10"
+end
+
+service "planet-notes-cleanup.timer" do
+  action [:enable, :start]
 end