X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/84cfea597ff6d2b2320cf2f164730da1f5eefd8b..1f7f5f735a865ae93fdcc1e8c9fd9526ad0efd01:/cookbooks/geoipupdate/recipes/default.rb diff --git a/cookbooks/geoipupdate/recipes/default.rb b/cookbooks/geoipupdate/recipes/default.rb index 6d8e5b6e5..17fcc0850 100644 --- a/cookbooks/geoipupdate/recipes/default.rb +++ b/cookbooks/geoipupdate/recipes/default.rb @@ -17,7 +17,7 @@ # limitations under the License. # -include_recipe "apt" +include_recipe "apt::maxmind" license_keys = data_bag_item("geoipupdate", "license-keys") @@ -35,18 +35,15 @@ execute "geoipupdate" do command "geoipupdate" user "root" group "root" - not_if { kitchen? || node[:geoipupdate][:editions].all? { |edition| ::File.exist?("/usr/share/GeoIP/#{edition}.mmdb") } } + not_if { kitchen? || node[:geoipupdate][:editions].all? { |edition| ::File.exist?("#{node[:geoipupdate][:directory]}/#{edition}.mmdb") } } end systemd_service "geoipupdate" do description "Update GeoIP databases" user "root" exec_start "/usr/bin/geoipupdate" - private_tmp true - private_devices true - protect_system "strict" - protect_home true - read_write_paths "/usr/share/GeoIP" + sandbox :enable_network => true + read_write_paths node[:geoipupdate][:directory] end systemd_timer "geoipupdate" do