X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/84cfea597ff6d2b2320cf2f164730da1f5eefd8b..d18cd92a98384aebf371376383a4408485f12374:/cookbooks/geoipupdate/recipes/default.rb?ds=sidebyside diff --git a/cookbooks/geoipupdate/recipes/default.rb b/cookbooks/geoipupdate/recipes/default.rb index 6d8e5b6e5..b87f5e822 100644 --- a/cookbooks/geoipupdate/recipes/default.rb +++ b/cookbooks/geoipupdate/recipes/default.rb @@ -17,7 +17,7 @@ # limitations under the License. # -include_recipe "apt" +include_recipe "apt::maxmind" license_keys = data_bag_item("geoipupdate", "license-keys") @@ -35,25 +35,22 @@ execute "geoipupdate" do command "geoipupdate" user "root" group "root" - not_if { kitchen? || node[:geoipupdate][:editions].all? { |edition| ::File.exist?("/usr/share/GeoIP/#{edition}.mmdb") } } + not_if { kitchen? || node[:geoipupdate][:editions].all? { |edition| ::File.exist?("#{node[:geoipupdate][:directory]}/#{edition}.mmdb") } } end systemd_service "geoipupdate" do description "Update GeoIP databases" user "root" exec_start "/usr/bin/geoipupdate" - private_tmp true - private_devices true - protect_system "strict" - protect_home true - read_write_paths "/usr/share/GeoIP" + sandbox :enable_network => true + read_write_paths node[:geoipupdate][:directory] end systemd_timer "geoipupdate" do description "Update GeoIP databases" on_boot_sec "15m" on_unit_active_sec "7d" - randomized_delay_sec "4h" + randomized_delay_sec "5d" end service "geoipupdate.timer" do