X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/6869cec20eadb62187933b0fd50788d3307d3320..82228d29879117f6211e8ef85eb50bb407c08b97:/cookbooks/planet/recipes/dump.rb diff --git a/cookbooks/planet/recipes/dump.rb b/cookbooks/planet/recipes/dump.rb index b7482b93c..aa69f9318 100644 --- a/cookbooks/planet/recipes/dump.rb +++ b/cookbooks/planet/recipes/dump.rb @@ -17,15 +17,8 @@ # limitations under the License. # -node.default[:incron][:planetdump] = { - :user => "www-data", - :path => "/store/backup", - :events => %w[IN_CREATE IN_MOVED_TO], - :command => "/usr/local/bin/planetdump $#" -} - +include_recipe "accounts" include_recipe "git" -include_recipe "incron" package %w[ gcc @@ -47,18 +40,22 @@ package %w[ pbzip2 php-cli php-curl + mktorrent + xmlstarlet + libxml2-utils + inotify-tools ] directory "/opt/planet-dump-ng" do owner "root" group "root" - mode 0o755 + mode "755" end git "/opt/planet-dump-ng" do action :sync repository "https://github.com/zerebubuth/planet-dump-ng.git" - revision "v1.1.7" + revision "v1.2.7" depth 1 user "root" group "root" @@ -92,24 +89,66 @@ execute "/opt/planet-dump-ng/Makefile" do end directory "/store/planetdump" do - owner "www-data" - group "www-data" - mode 0o755 + owner "planet" + group "planet" + mode "755" recursive true end -%w[planetdump planet-mirror-redirect-update].each do |program| +%w[planetdump planetdump-trigger planet-mirror-redirect-update].each do |program| template "/usr/local/bin/#{program}" do source "#{program}.erb" owner "root" group "root" - mode 0o755 + mode "755" end end -template "/etc/cron.d/planet-dump-mirror" do - source "planet-dump-mirror-cron.erb" - owner "root" - group "root" - mode 0o644 +systemd_service "planetdump@" do + description "Planet dump for %i" + user "planet" + exec_start "/usr/local/bin/planetdump %i" + memory_max "64G" + sandbox true + protect_home "tmpfs" + bind_paths "/home/planet" + read_write_paths [ + "/store/planetdump", + "/store/planet/pbf", + "/store/planet/planet", + "/var/log/exim4", + "/var/spool/exim4" + ] +end + +systemd_service "planetdump-trigger" do + description "Planet dump trigger" + user "root" + exec_start "/usr/local/bin/planetdump-trigger" + sandbox true + restrict_address_families "AF_UNIX" +end + +service "planetdump-trigger" do + action [:enable, :start] + subscribes :restart, "template[/usr/local/bin/planetdump-trigger]" +end + +systemd_service "planet-dump-mirror" do + description "Update planet dump mirrors" + exec_start "/usr/local/bin/planet-mirror-redirect-update" + user "planet" + sandbox :enable_network => true + memory_deny_write_execute false + read_write_paths "/store/planet/.htaccess" +end + +systemd_timer "planet-dump-mirror" do + description "Update planet dump mirrors" + on_boot_sec "10min" + on_unit_inactive_sec "10min" +end + +service "planet-dump-mirror.timer" do + action [:enable, :start] end