X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/9504c62303d2a0f8c831b183f27b7cb072faccab..1bc8da5f3a3bfd6c3f0ba374f12d489d13831460:/cookbooks/supybot/recipes/default.rb?ds=inline diff --git a/cookbooks/supybot/recipes/default.rb b/cookbooks/supybot/recipes/default.rb index 6a14c0085..7545ff331 100644 --- a/cookbooks/supybot/recipes/default.rb +++ b/cookbooks/supybot/recipes/default.rb @@ -22,20 +22,20 @@ include_recipe "accounts" users = data_bag_item("supybot", "users") passwords = data_bag_item("supybot", "passwords") -package "supybot" -package "python-git" +package "limnoria" +package "python3-git" directory "/etc/supybot" do owner "supybot" group "supybot" - mode 0o755 + mode "755" end template "/etc/supybot/supybot.conf" do source "supybot.conf.erb" owner "supybot" group "supybot" - mode 0o644 + mode "644" variables :passwords => passwords end @@ -43,78 +43,78 @@ template "/etc/supybot/channels.conf" do source "channels.conf.erb" owner "supybot" group "supybot" - mode 0o644 + mode "644" end template "/etc/supybot/git.conf" do source "git.conf.erb" owner "supybot" group "supybot" - mode 0o644 + mode "644" end template "/etc/supybot/ignores.conf" do source "ignores.conf.erb" owner "supybot" group "supybot" - mode 0o644 + mode "644" end template "/etc/supybot/userdata.conf" do source "userdata.conf.erb" owner "supybot" group "supybot" - mode 0o644 + mode "644" end template "/etc/supybot/users.conf" do source "users.conf.erb" owner "supybot" group "supybot" - mode 0o644 + mode "644" variables :passwords => users end directory "/var/lib/supybot" do owner "root" group "root" - mode 0o755 + mode "755" end directory "/var/lib/supybot/data" do owner "supybot" group "supybot" - mode 0o755 + mode "755" end directory "/var/lib/supybot/backup" do owner "supybot" group "supybot" - mode 0o755 + mode "755" end directory "/var/lib/supybot/git" do owner "supybot" group "supybot" - mode 0o755 + mode "755" end directory "/var/log/supybot" do owner "supybot" group "supybot" - mode 0o755 + mode "755" end directory "/usr/local/lib/supybot" do owner "root" group "root" - mode 0o755 + mode "755" end directory "/usr/local/lib/supybot/plugins" do owner "root" group "root" - mode 0o755 + mode "755" end git "/usr/local/lib/supybot/plugins/Git" do @@ -131,11 +131,8 @@ systemd_service "supybot" do after "network.target" user "supybot" exec_start "/usr/bin/supybot /etc/supybot/supybot.conf" - private_tmp true - private_devices true - protect_system true - protect_home true - no_new_privileges true + sandbox :enable_network => true + read_write_paths ["/etc/supybot", "/var/lib/supybot", "/var/log/supybot"] restart "on-failure" end