X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/6dc624ab40b613b092d8339d77bb669491bd9281..4687a5bf9faa00f2ff3a14545cdd58a65a65ab8d:/cookbooks/nominatim/recipes/base.rb diff --git a/cookbooks/nominatim/recipes/base.rb b/cookbooks/nominatim/recipes/base.rb index c754d10d5..76813c346 100644 --- a/cookbooks/nominatim/recipes/base.rb +++ b/cookbooks/nominatim/recipes/base.rb @@ -19,7 +19,6 @@ include_recipe "apache::ssl" include_recipe "postgresql" -include_recipe "git" package "php5" package "php5-cli" @@ -27,10 +26,13 @@ package "php5-pgsql" package "php5-fpm" package "php-pear" package "php-apc" +package "php-db" apache_module "rewrite" apache_module "proxy" apache_module "proxy_fcgi" +apache_module "proxy_http" +apache_module "headers" home_directory = data_bag_item("accounts", "nominatim")["home"] source_directory = "#{home_directory}/nominatim" @@ -48,22 +50,12 @@ service "php5-fpm" do supports :status => true, :restart => true, :reload => true end -apache_site "nominatim.openstreetmap.org" do - template "apache.erb" - directory source_directory - variables :pools => node[:nominatim][:fpm_pools] -end - -apache_site "default" do - action [:disable] -end - node[:nominatim][:fpm_pools].each do |name, data| template "/etc/php5/fpm/pool.d/#{name}.conf" do source "fpm.conf.erb" owner "root" group "root" - mode 0644 + mode 0o644 variables data.merge(:name => name, :port => data[:port]) notifies :reload, "service[php5-fpm]" end @@ -74,17 +66,45 @@ postgresql_munin "nominatim" do database database_name end -directory "/var/log/nominatim" do +directory node[:nominatim][:logdir] do owner "nominatim" group "nominatim" - mode 0755 + mode 0o755 + recursive true +end + +file "#{node[:nominatim][:logdir]}/query.log" do + action :create_if_missing + owner "www-data" + group "adm" + mode 0o664 +end + +file "#{node[:nominatim][:logdir]}/update.log" do + action :create_if_missing + owner "nominatim" + group "adm" + mode 0o664 +end + +directory "#{home_directory}/status" do + owner "nominatim" + group "postgres" + mode 0o775 end template "/etc/logrotate.d/nominatim" do source "logrotate.nominatim.erb" owner "root" group "root" - mode 0644 + mode 0o644 +end + +template "/etc/logrotate.d/apache2" do + source "logrotate.apache.erb" + owner "root" + group "root" + mode 0o644 end package "osmosis" @@ -95,6 +115,7 @@ package "postgresql-#{database_version}-postgis-#{postgis_version}" package "postgresql-server-dev-#{database_version}" package "build-essential" package "libxml2-dev" +package "libexpat-dev" package "libgeos-dev" package "libgeos++-dev" package "libpq-dev" @@ -110,29 +131,17 @@ package "libboost-system-dev" package "libboost-filesystem-dev" package "libboost-thread-dev" -execute "php-pear-db" do - command "pear install DB" - not_if { File.exist?("/usr/share/php/DB") } -end - execute "compile_nominatim" do action :nothing command "cd #{source_directory} && ./autogen.sh && ./configure && make" user "nominatim" end - -directory "#{source_directory}/log" do - owner "nominatim" - group "nominatim" - mode 0755 -end - template "#{source_directory}/.git/hooks/post-merge" do source "update_source.erb" owner "nominatim" group "nominatim" - mode 0755 + mode 0o755 variables :source_directory => source_directory end @@ -140,7 +149,7 @@ template "#{source_directory}/settings/local.php" do source "nominatim.erb" owner "nominatim" group "nominatim" - mode 0664 + mode 0o664 variables :postgres_version => database_version end @@ -149,28 +158,28 @@ template "#{source_directory}/settings/ip_blocks.conf" do source "ipblocks.erb" owner "nominatim" group "nominatim" - mode 0664 + mode 0o664 end file "#{source_directory}/settings/apache_blocks.conf" do action :create_if_missing owner "nominatim" group "nominatim" - mode 0664 + mode 0o664 end file "#{source_directory}/settings/ip_blocks.map" do action :create_if_missing owner "nominatim" group "nominatim" - mode 0664 + mode 0o664 end -if node[:nominatim][:enabled] - cron_action = :create -else - cron_action = :delete -end +cron_action = if node[:nominatim][:enabled] + :create + else + :delete + end template "/etc/cron.d/nominatim" do action cron_action @@ -185,14 +194,14 @@ template "#{source_directory}/utils/nominatim-update" do source "updater.erb" user "nominatim" group "nominatim" - mode 0755 + mode 0o755 end template "/etc/init.d/nominatim-update" do source "updater.init.erb" user "nominatim" group "nominatim" - mode 0755 + mode 0o755 variables :source_directory => source_directory end @@ -228,37 +237,40 @@ external_data.each do |fname| source "http://www.nominatim.org/data/#{fname}" owner "nominatim" group "nominatim" - mode 0644 + mode 0o644 end end -additional_scripts = %w(backup-nominatim clean-db-nominatim) +additional_scripts = %w(backup-nominatim vacuum-db-nominatim) additional_scripts.each do |fname| template "/usr/local/bin/#{fname}" do source "#{fname}.erb" owner "root" group "root" - mode 0755 + mode 0o755 end end directory File.dirname(node[:nominatim][:flatnode_file]) do owner "nominatim" group "nominatim" - mode 0755 + mode 0o755 recursive true end -directory "/data/postgresql-archive" do - owner "postgres" - group "postgres" - mode 0700 - only_if { node[:postgresql][:settings][:defaults][:archive_mode] == "on" } +apache_site "nominatim.openstreetmap.org" do + template "apache.erb" + directory source_directory + variables :pools => node[:nominatim][:fpm_pools] +end + +apache_site "default" do + action [:disable] end fail2ban_filter "nominatim" do - failregex '^ - - \[[^]]+\] "[^"]+" (403|429) ' + failregex '^ - - \[[^]]+\] "[^"]+" 429 ' end fail2ban_jail "nominatim" do