X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/368e2b7cbcf7b58ca7ea7d46c420862e628c1f48..a213e1af5fff829417a766e583fd6a5e0f106a78:/cookbooks/planet/recipes/notes.rb

diff --git a/cookbooks/planet/recipes/notes.rb b/cookbooks/planet/recipes/notes.rb
index 3f0e2c996..e63297081 100644
--- a/cookbooks/planet/recipes/notes.rb
+++ b/cookbooks/planet/recipes/notes.rb
@@ -17,7 +17,9 @@
 # limitations under the License.
 #
 
+include_recipe "accounts"
 include_recipe "git"
+include_recipe "planet::aws"
 
 db_passwords = data_bag_item("db", "passwords")
 
@@ -53,8 +55,10 @@ end
 systemd_service "planet-notes-dump" do
   description "Create notes dump"
   exec_start "/usr/local/bin/planet-notes-dump"
-  user "www-data"
+  user "planet"
   sandbox :enable_network => true
+  protect_home "tmpfs"
+  bind_paths "/home/planet"
   read_write_paths "/store/planet/notes"
 end
 
@@ -77,7 +81,7 @@ end
 systemd_service "planet-notes-cleanup" do
   description "Delete old notes dumps"
   exec_start "/usr/local/bin/planet-notes-cleanup"
-  user "www-data"
+  user "planet"
   sandbox true
   read_write_paths "/store/planet/notes"
 end