X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/55aef96b13f79515121ce537ce7a9515d7d937f5..f3d8422f1c3d8c1e8cf3cc04d9982b8cfb8878c4:/cookbooks/nominatim/recipes/default.rb?ds=inline diff --git a/cookbooks/nominatim/recipes/default.rb b/cookbooks/nominatim/recipes/default.rb index bb08987c7..09ff3ff95 100644 --- a/cookbooks/nominatim/recipes/default.rb +++ b/cookbooks/nominatim/recipes/default.rb @@ -20,6 +20,7 @@ include_recipe "accounts" include_recipe "munin" include_recipe "php::fpm" +include_recipe "prometheus" basedir = data_bag_item("accounts", "nominatim")["home"] email_errors = data_bag_item("accounts", "lonvia")["email"] @@ -52,17 +53,6 @@ file "#{node[:nominatim][:logdir]}/update.log" do mode "664" end -# exception granted for a limited time so that they can set up their own server -firewall_rule "increase-limits-gnome-proxy" do - action :accept - family "inet" - source "net:8.43.85.23" - dest "fw" - proto "tcp:syn" - dest_ports "https" - rate_limit "s:10/sec:30" -end - ## Postgresql include_recipe "postgresql" @@ -169,14 +159,23 @@ package %w[ pyosmium python3-psycopg2 python3-dotenv + python3-psutil + python3-jinja2 + python3-icu + python3-datrie php-pgsql php-intl php-symfony-dotenv + ruby + ruby-file-tail + ruby-pg ] source_directory = "#{basedir}/nominatim" build_directory = "#{basedir}/bin" ui_directory = "#{basedir}/ui" +qa_bin_directory = "#{basedir}/Nominatim-Data-Analyser" +qa_data_directory = "#{basedir}/qa-data" directory build_directory do owner "nominatim" @@ -216,6 +215,10 @@ execute "compile_nominatim" do command "cmake #{source_directory} && make" end +link "/usr/local/bin/nominatim" do + to "#{build_directory}/nominatim" +end + template "#{source_directory}/.git/hooks/post-merge" do source "git-post-merge-hook.erb" owner "nominatim" @@ -234,7 +237,8 @@ template "#{build_directory}/.env" do variables :base_url => node[:nominatim][:state] == "off" ? node[:fqdn] : "nominatim.openstreetmap.org", :dbname => node[:nominatim][:dbname], :flatnode_file => node[:nominatim][:flatnode_file], - :log_file => "#{node[:nominatim][:logdir]}/query.log" + :log_file => "#{node[:nominatim][:logdir]}/query.log", + :tokenizer => node[:nominatim][:config][:tokenizer] end git ui_directory do @@ -267,13 +271,13 @@ end external_data = [ "wikimedia-importance.sql.gz", - "gb_postcode_data.sql.gz", - "us_postcode_data.sql.gz" + "gb_postcodes.csv.gz", + "us_postcodes.csv.gz" ] external_data.each do |fname| remote_file "#{build_directory}/#{fname}" do - action :create_if_missing + action :create source "https://www.nominatim.org/data/#{fname}" owner "nominatim" group "nominatim" @@ -294,7 +298,7 @@ if node[:nominatim][:state] == "off" action :delete end - cron_d "nominatim-update-maintenance-trigger" do + systemd_timer "nominatim-update-maintenance-trigger" do action :delete end else @@ -325,12 +329,20 @@ else mailto email_errors end - cron_d "nominatim-update-maintenance-trigger" do - minute "18" - hour "1" + systemd_service "nominatim-update-maintenance-trigger" do + description "Trigger maintenance tasks for Nominatim DB" + exec_start "touch #{basedir}/status/update_maintenance" user "nominatim" - command "touch #{basedir}/status/update_maintenance" - mailto email_errors + end + + systemd_timer "nominatim-update-maintenance-trigger" do + action :create + description "Schedule maintenance tasks for Nominatim DB" + on_calendar "*-*-* 02:03:00 UTC" + end + + service "nominatim-update-maintenance-trigger" do + action [:enable] end end @@ -344,7 +356,9 @@ template "#{source_directory}/utils/nominatim-update" do :logfile => "#{node[:nominatim][:logdir]}/update.log", :branch => node[:nominatim][:revision], :update_stop_file => "#{basedir}/status/updates_disabled", - :update_maintenance_trigger => "#{basedir}/status/update_maintenance" + :update_maintenance_trigger => "#{basedir}/status/update_maintenance", + :qabindir => qa_bin_directory, + :qadatadir => qa_data_directory end template "/etc/init.d/nominatim-update" do @@ -407,10 +421,6 @@ ssl_certificate node[:fqdn] do notifies :reload, "service[nginx]" end -package "apache2" do - action :remove -end - include_recipe "nginx" nginx_site "default" do @@ -453,6 +463,17 @@ munin_plugin "nominatim_requests" do target "#{source_directory}/munin/nominatim_requests_querylog" end +package "ruby-webrick" + +prometheus_exporter "nominatim" do + port 8082 + user "www-data" + options [ + "--nominatim.query-log=#{node[:nominatim][:logdir]}/query.log", + "--nominatim.database-name=#{node[:nominatim][:dbname]}" + ] +end + directory "#{basedir}/status" do owner "nominatim" group "postgres" @@ -470,3 +491,52 @@ fail2ban_jail "nominatim_limit_req" do maxretry 20 ignoreips frontend_addresses.flatten.sort end + +### QA tile generation + +if node[:nominatim][:enable_qa_tiles] + package "python3-geojson" + + git qa_bin_directory do + repository node[:nominatim][:qa_repository] + revision node[:nominatim][:qa_revision] + enable_submodules true + user "nominatim" + group "nominatim" + notifies :run, "execute[compile_qa]" + end + + execute "compile_qa" do + action :nothing + user "nominatim" + cwd "#{qa_bin_directory}/clustering-vt" + command "make" + end + + directory qa_data_directory do + owner "nominatim" + group "nominatim" + mode "755" + recursive true + end + + template "#{qa_bin_directory}/analyser/config/config.yaml" do + source "qa_config.erb" + owner "nominatim" + group "nominatim" + mode "755" + variables :outputdir => "#{qa_data_directory}/new" + end + + ssl_certificate "qa-tile.nominatim.openstreetmap.org" do + domains ["qa-tile.nominatim.openstreetmap.org"] + notifies :reload, "service[nginx]" + end + + nginx_site "qa-tiles.nominatim" do + template "nginx-qa-tiles.erb" + directory build_directory + variables :qa_data_directory => qa_data_directory + end + +end