X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/23849d4121fad99040976f7093e5ab4799b51726..44166d054d076ce26743c466ce002d7bc2e3c4dd:/cookbooks/imagery/recipes/tiler.rb diff --git a/cookbooks/imagery/recipes/tiler.rb b/cookbooks/imagery/recipes/tiler.rb index 5e36acfa5..ec7daa835 100644 --- a/cookbooks/imagery/recipes/tiler.rb +++ b/cookbooks/imagery/recipes/tiler.rb @@ -20,6 +20,13 @@ include_recipe "imagery" include_recipe "podman" +directory "/store/imagery" do + owner "root" + group "root" + mode "755" + recursive true +end + # FIXME: until upstream supports arm64 images: https://github.com/developmentseed/titiler/pull/740 container_image = if arm? "ghcr.io/firefishy/titiler:latest" @@ -30,8 +37,45 @@ container_image = if arm? podman_service "titiler" do description "Container service for titiler" image container_image - ports 8080 => 8080 - environment :PORT => 8080, :WORKERS_PER_CORE => "1.5", :GDAL_INGESTED_BYTES_AT_OPEN => 32768, :GDAL_DISABLE_READDIR_ON_OPEN => "EMPTY_DIR", :GDAL_HTTP_MERGE_CONSECUTIVE_RANGES => "YES", :GDAL_HTTP_MULTIPLEX => "YES", :GDAL_HTTP_VERSION => 2, :TITILER_API_ROOT_PATH => "/api/v1/titiler", :FORWARDED_ALLOW_IPS => "*" + volume :"/store/imagery" => "/store/imagery", + :"/srv/imagery/sockets" => "/sockets" + environment :BIND => "unix:/sockets/titiler.sock", + :WORKERS_PER_CORE => 1, + :GDAL_CACHEMAX => 200, + :GDAL_BAND_BLOCK_CACHE => "HASHSET", + :GDAL_DISABLE_READDIR_ON_OPEN => "EMPTY_DIR", + :GDAL_INGESTED_BYTES_AT_OPEN => 32768, + :GDAL_HTTP_MERGE_CONSECUTIVE_RANGES => "YES", + :GDAL_HTTP_MULTIPLEX => "YES", + :GDAL_HTTP_VERSION => 2, + :VSI_CACHE => "TRUE", + :VSI_CACHE_SIZE => 5000000, + :TITILER_API_ROOT_PATH => "/api/v1/titiler", + :FORWARDED_ALLOW_IPS => "*" # https://docs.gunicorn.org/en/latest/settings.html#forwarded-allow-ips +end + +systemd_service "titiler-restart" do + type "simple" + user "root" + exec_start "/bin/systemctl try-restart titiler.service" + sandbox true + restrict_address_families "AF_UNIX" +end + +systemd_timer "titiler-restart" do + on_boot_sec "10m" + on_unit_inactive_sec "30m" + randomized_delay_sec "20m" +end + +service "titiler-restart.timer" do + action [:enable, :start] +end + +directory "/var/cache/nginx-cache" do + owner "www-data" + group "www-data" + mode "755" end ssl_certificate "tiler.openstreetmap.org" do