X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/5995b6b28fd535cf5e30fe4a469e38ed19860390..50aea11082eaa90bd37593b9c987d38a082f4e1b:/cookbooks/imagery/resources/site.rb?ds=sidebyside

diff --git a/cookbooks/imagery/resources/site.rb b/cookbooks/imagery/resources/site.rb
index ab5f2d96c..5ce7d2b88 100644
--- a/cookbooks/imagery/resources/site.rb
+++ b/cookbooks/imagery/resources/site.rb
@@ -105,15 +105,16 @@ action :create do
     description "Map server for #{new_resource.site} layer"
     environment "MS_DEBUGLEVEL" => "0",
                 "MS_ERRORFILE" => "stderr",
-                "GDAL_CACHEMAX" => "512"
+                "GDAL_CACHEMAX" => "128"
     limit_nofile 16384
-    stop_when_unneeded true
+    memory_max "4G"
     user "imagery"
     group "imagery"
     exec_start "/usr/bin/multiwatch -f 8 --signal=TERM -- /usr/lib/cgi-bin/mapserv"
     standard_input "socket"
     sandbox true
     restrict_address_families "AF_UNIX"
+    timeout_stop_sec 60
     not_if { new_resource.uses_tiler }
   end
 
@@ -140,6 +141,28 @@ action :create do
     not_if { new_resource.uses_tiler }
   end
 
+  # mapserver leaks memory, so restart it regularly. It is activated automatically by socket
+  systemd_service "mapserv-fcgi-#{new_resource.site}-stop" do
+    type "simple"
+    user "root"
+    exec_start "/bin/systemctl --quiet stop mapserv-fcgi-#{new_resource.site}.service"
+    sandbox true
+    restrict_address_families "AF_UNIX"
+    not_if { new_resource.uses_tiler }
+  end
+
+  systemd_timer "mapserv-fcgi-#{new_resource.site}-stop" do
+    on_boot_sec "10m"
+    on_unit_inactive_sec "30m"
+    randomized_delay_sec "20m"
+    not_if { new_resource.uses_tiler }
+  end
+
+  service "mapserv-fcgi-#{new_resource.site}-stop.timer" do
+    action [:enable, :start]
+    not_if { new_resource.uses_tiler }
+  end
+
   ssl_certificate new_resource.site do
     domains tile_domains
   end