X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/76d32f6cdc8674ce5ef610df2b0f5eb54493ce28..18131b23c3379c9bd43356bfa559f3ea7fc92685:/cookbooks/nominatim/recipes/default.rb?ds=inline diff --git a/cookbooks/nominatim/recipes/default.rb b/cookbooks/nominatim/recipes/default.rb index f13b21e1f..14500499f 100644 --- a/cookbooks/nominatim/recipes/default.rb +++ b/cookbooks/nominatim/recipes/default.rb @@ -20,6 +20,7 @@ include_recipe "accounts" include_recipe "munin" include_recipe "php::fpm" +include_recipe "prometheus" basedir = data_bag_item("accounts", "nominatim")["home"] email_errors = data_bag_item("accounts", "lonvia")["email"] @@ -52,17 +53,6 @@ file "#{node[:nominatim][:logdir]}/update.log" do mode "664" end -# exception granted for a limited time so that they can set up their own server -firewall_rule "increase-limits-gnome-proxy" do - action :accept - family "inet" - source "net:8.43.85.23" - dest "fw" - proto "tcp:syn" - dest_ports "https" - rate_limit "s:10/sec:30" -end - ## Postgresql include_recipe "postgresql" @@ -172,9 +162,13 @@ package %w[ python3-psutil python3-jinja2 python3-icu + python3-datrie php-pgsql php-intl php-symfony-dotenv + ruby + ruby-file-tail + ruby-pg ] source_directory = "#{basedir}/nominatim" @@ -239,7 +233,8 @@ template "#{build_directory}/.env" do variables :base_url => node[:nominatim][:state] == "off" ? node[:fqdn] : "nominatim.openstreetmap.org", :dbname => node[:nominatim][:dbname], :flatnode_file => node[:nominatim][:flatnode_file], - :log_file => "#{node[:nominatim][:logdir]}/query.log" + :log_file => "#{node[:nominatim][:logdir]}/query.log", + :tokenizer => node[:nominatim][:config][:tokenizer] end git ui_directory do @@ -278,7 +273,7 @@ external_data = [ external_data.each do |fname| remote_file "#{build_directory}/#{fname}" do - action :create_if_missing + action :create source "https://www.nominatim.org/data/#{fname}" owner "nominatim" group "nominatim" @@ -299,7 +294,7 @@ if node[:nominatim][:state] == "off" action :delete end - cron_d "nominatim-update-maintenance-trigger" do + systemd_timer "nominatim-update-maintenance-trigger" do action :delete end else @@ -330,12 +325,20 @@ else mailto email_errors end - cron_d "nominatim-update-maintenance-trigger" do - minute "18" - hour "1" + systemd_service "nominatim-update-maintenance-trigger" do + description "Trigger maintenance tasks for Nominatim DB" + exec_start "touch #{basedir}/status/update_maintenance" user "nominatim" - command "touch #{basedir}/status/update_maintenance" - mailto email_errors + end + + systemd_timer "nominatim-update-maintenance-trigger" do + action :create + description "Schedule maintenance tasks for Nominatim DB" + on_calendar "*-*-* 02:03:00 UTC" + end + + service "nominatim-update-maintenance-trigger" do + action [:enable] end end @@ -349,7 +352,9 @@ template "#{source_directory}/utils/nominatim-update" do :logfile => "#{node[:nominatim][:logdir]}/update.log", :branch => node[:nominatim][:revision], :update_stop_file => "#{basedir}/status/updates_disabled", - :update_maintenance_trigger => "#{basedir}/status/update_maintenance" + :update_maintenance_trigger => "#{basedir}/status/update_maintenance", + :qabindir => qa_bin_directory, + :qadatadir => qa_data_directory end template "/etc/init.d/nominatim-update" do @@ -412,10 +417,6 @@ ssl_certificate node[:fqdn] do notifies :reload, "service[nginx]" end -package "apache2" do - action :remove -end - include_recipe "nginx" nginx_site "default" do @@ -458,6 +459,15 @@ munin_plugin "nominatim_requests" do target "#{source_directory}/munin/nominatim_requests_querylog" end +prometheus_exporter "nominatim" do + port 8082 + user "www-data" + options [ + "--nominatim.query-log=#{node[:nominatim][:logdir]}/query.log", + "--nominatim.database-name=#{node[:nominatim][:dbname]}" + ] +end + directory "#{basedir}/status" do owner "nominatim" group "postgres" @@ -479,6 +489,8 @@ end ### QA tile generation if node[:nominatim][:enable_qa_tiles] + package "python3-geojson" + git qa_bin_directory do repository node[:nominatim][:qa_repository] revision node[:nominatim][:qa_revision] @@ -510,9 +522,15 @@ if node[:nominatim][:enable_qa_tiles] variables :outputdir => "#{qa_data_directory}/new" end - link "#{build_directory}/website/qa-data" do - to "#{qa_data_directory}/current" - owner "nominatim" - group "nominatim" + ssl_certificate "qa-tile.nominatim.openstreetmap.org" do + domains ["qa-tile.nominatim.openstreetmap.org"] + notifies :reload, "service[nginx]" + end + + nginx_site "qa-tiles.nominatim" do + template "nginx-qa-tiles.erb" + directory build_directory + variables :qa_data_directory => qa_data_directory end + end