X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/5995b6b28fd535cf5e30fe4a469e38ed19860390..9340a696f8e648e784b30f84a0a00ddd5987b7f3:/cookbooks/imagery/resources/site.rb

diff --git a/cookbooks/imagery/resources/site.rb b/cookbooks/imagery/resources/site.rb
index ab5f2d96c..adbd8e857 100644
--- a/cookbooks/imagery/resources/site.rb
+++ b/cookbooks/imagery/resources/site.rb
@@ -107,13 +107,14 @@ action :create do
                 "MS_ERRORFILE" => "stderr",
                 "GDAL_CACHEMAX" => "512"
     limit_nofile 16384
-    stop_when_unneeded true
+    memory_max "8G"
     user "imagery"
     group "imagery"
     exec_start "/usr/bin/multiwatch -f 8 --signal=TERM -- /usr/lib/cgi-bin/mapserv"
     standard_input "socket"
     sandbox true
     restrict_address_families "AF_UNIX"
+    timeout_stop_sec 60
     not_if { new_resource.uses_tiler }
   end
 
@@ -140,6 +141,28 @@ action :create do
     not_if { new_resource.uses_tiler }
   end
 
+  # mapserver leaks memory, so restart it regularly. It is activated automatically by socket
+  systemd_service "mapserv-fcgi-#{new_resource.site}-stop" do
+    type "simple"
+    user "root"
+    exec_start "/bin/systemctl --quiet stop mapserv-fcgi-#{new_resource.site}.service"
+    sandbox true
+    restrict_address_families "AF_UNIX"
+    not_if { new_resource.uses_tiler }
+  end
+
+  systemd_timer "mapserv-fcgi-#{new_resource.site}-stop" do
+    on_boot_sec "10m"
+    on_unit_inactive_sec "1h"
+    randomized_delay_sec "30m"
+    not_if { new_resource.uses_tiler }
+  end
+
+  service "mapserv-fcgi-#{new_resource.site}-stop.timer" do
+    action [:enable, :start]
+    not_if { new_resource.uses_tiler }
+  end
+
   ssl_certificate new_resource.site do
     domains tile_domains
   end