X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/16f53087287184b75bf502ab7101627a094cc205..571e5982cc82c4fbefff0d463895a029a68921fe:/cookbooks/geoipupdate/recipes/default.rb diff --git a/cookbooks/geoipupdate/recipes/default.rb b/cookbooks/geoipupdate/recipes/default.rb index 27d6478ae..b87f5e822 100644 --- a/cookbooks/geoipupdate/recipes/default.rb +++ b/cookbooks/geoipupdate/recipes/default.rb @@ -17,23 +17,10 @@ # limitations under the License. # -include_recipe "apt" +include_recipe "apt::maxmind" license_keys = data_bag_item("geoipupdate", "license-keys") -package "geoip-database" do - action :purge -end - -package "geoip-database-contrib" do - action :purge -end - -package "geoipupdate" do - action :purge - only_if { ::File.exist?("/etc/cron.d/geoipupdate") } -end - package "geoipupdate" template "/etc/GeoIP.conf" do @@ -48,36 +35,24 @@ execute "geoipupdate" do command "geoipupdate" user "root" group "root" - not_if { ENV.key?("TEST_KITCHEN") || node[:geoipupdate][:editions].all? { |edition| ::File.exist?("/usr/share/GeoIP/#{edition}.mmdb") } } -end - -systemd_service "geoipdate" do - action :delete + not_if { kitchen? || node[:geoipupdate][:editions].all? { |edition| ::File.exist?("#{node[:geoipupdate][:directory]}/#{edition}.mmdb") } } end systemd_service "geoipupdate" do description "Update GeoIP databases" user "root" exec_start "/usr/bin/geoipupdate" - private_tmp true - private_devices true - protect_system "strict" - protect_home true - read_write_paths "/usr/share/GeoIP" + sandbox :enable_network => true + read_write_paths node[:geoipupdate][:directory] end systemd_timer "geoipupdate" do description "Update GeoIP databases" on_boot_sec "15m" on_unit_active_sec "7d" - randomized_delay_sec "4h" + randomized_delay_sec "5d" end service "geoipupdate.timer" do action [:enable, :start] end - -directory "/var/lib/GeoIP" do - action :delete - recursive true -end