X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/7dd781ed384d94e46418d766059db351e76fd348..16c9e170f6e1df8c3618615410367f2fe89c41b1:/cookbooks/imagery/recipes/tiler.rb diff --git a/cookbooks/imagery/recipes/tiler.rb b/cookbooks/imagery/recipes/tiler.rb index 12c6999d1..d56357d62 100644 --- a/cookbooks/imagery/recipes/tiler.rb +++ b/cookbooks/imagery/recipes/tiler.rb @@ -20,6 +20,13 @@ include_recipe "imagery" include_recipe "podman" +directory "/store/imagery" do + owner "root" + group "root" + mode "755" + recursive true +end + # FIXME: until upstream supports arm64 images: https://github.com/developmentseed/titiler/pull/740 container_image = if arm? "ghcr.io/firefishy/titiler:latest" @@ -30,8 +37,44 @@ container_image = if arm? podman_service "titiler" do description "Container service for titiler" image container_image - ports 8080 => 8080 - environment :PORT => 8080, :WORKERS_PER_CORE => 1, :GDAL_INGESTED_BYTES_AT_OPEN => 32768, :GDAL_DISABLE_READDIR_ON_OPEN => "EMPTY_DIR", :GDAL_HTTP_MERGE_CONSECUTIVE_RANGES => "YES", :GDAL_HTTP_MULTIPLEX => "YES", :GDAL_HTTP_VERSION => 2 + volume :"/store/imagery" => "/store/imagery", + :"/srv/imagery/sockets" => "/sockets" + environment :BIND => "unix:/sockets/titiler.sock", + :WORKERS_PER_CORE => 1, + :GDAL_CACHEMAX => 200, + :GDAL_BAND_BLOCK_CACHE => "HASHSET", + :GDAL_DISABLE_READDIR_ON_OPEN => "EMPTY_DIR", + :GDAL_INGESTED_BYTES_AT_OPEN => 32768, + :GDAL_HTTP_MERGE_CONSECUTIVE_RANGES => "YES", + :GDAL_HTTP_MULTIPLEX => "YES", + :GDAL_HTTP_VERSION => 2, + :VSI_CACHE => "TRUE", + :VSI_CACHE_SIZE => 5000000, + :TITILER_API_ROOT_PATH => "/api/v1/titiler", + :FORWARDED_ALLOW_IPS => "*" # https://docs.gunicorn.org/en/latest/settings.html#forwarded-allow-ips +end + +systemd_service "titiler-restart" do + type "simple" + user "root" + exec_start "/bin/systemctl try-restart titiler.service" + sandbox true + restrict_address_families "AF_UNIX" +end + +systemd_timer "titiler-restart" do + on_boot_sec "6h" + on_unit_inactive_sec "12h" +end + +service "titiler-restart.timer" do + action [:enable, :start] +end + +directory "/var/cache/nginx-cache" do + owner "www-data" + group "www-data" + mode "755" end ssl_certificate "tiler.openstreetmap.org" do