X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/a68415b8f2bf106b6ea5948b0605c897b516ef4f..9f0765287dea0835730db9f46c11b457a2efa165:/cookbooks/web/recipes/cgimap.rb diff --git a/cookbooks/web/recipes/cgimap.rb b/cookbooks/web/recipes/cgimap.rb index 2adb9d099..72e41b3e2 100644 --- a/cookbooks/web/recipes/cgimap.rb +++ b/cookbooks/web/recipes/cgimap.rb @@ -1,14 +1,14 @@ # -# Cookbook Name:: web +# Cookbook:: web # Recipe:: cgimap # -# Copyright 2011, OpenStreetMap Foundation +# Copyright:: 2011, OpenStreetMap Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, @@ -17,106 +17,70 @@ # limitations under the License. # +include_recipe "apt" include_recipe "tools" include_recipe "web::base" db_passwords = data_bag_item("db", "passwords") -package "g++" -package "gcc" -package "make" -package "autoconf" -package "automake" -package "libtool" -package "libfcgi-dev" -package "libxml2-dev" -package "libmemcached-dev" -package "libboost-regex-dev" -package "libboost-system-dev" -package "libboost-program-options-dev" -package "libboost-date-time-dev" -package "libboost-filesystem-dev" -package "libpqxx-dev" -package "zlib1g-dev" - -cgimap_directory = "#{node[:web][:base_directory]}/cgimap" -pid_directory = node[:web][:pid_directory] -log_directory = node[:web][:log_directory] - -execute "cgimap-build" do - action :nothing - command "make" - cwd cgimap_directory - user "rails" - group "rails" +package "openstreetmap-cgimap-bin" do + action :purge end -execute "cgimap-configure" do - action :nothing - command "./configure --with-fcgi=/usr --with-boost-libdir=/usr/lib/x86_64-linux-gnu" - cwd cgimap_directory - user "rails" - group "rails" - notifies :run, "execute[cgimap-build]", :immediate +package "openstreetmap-cgimap" do + action :install end -execute "cgimap-autogen" do - action :nothing - command "./autogen.sh" - cwd cgimap_directory - user "rails" - group "rails" - notifies :run, "execute[cgimap-configure]", :immediate +database_host = node[:web][:readonly_database_host] || node[:web][:database_host] + +memcached_servers = node[:web][:memcached_servers] || [] + +cgimap_options = { + "CGIMAP_SOCKET" => "/run/cgimap/socket", + "CGIMAP_HOST" => database_host, + "CGIMAP_DBNAME" => "openstreetmap", + "CGIMAP_USERNAME" => "cgimap", + "CGIMAP_PASSWORD" => db_passwords["cgimap"], + "CGIMAP_UPDATE_HOST" => node[:web][:database_host], + "CGIMAP_PIDFILE" => "#{node[:web][:pid_directory]}/cgimap.pid", + "CGIMAP_LOGFILE" => "#{node[:web][:log_directory]}/cgimap.log", + "CGIMAP_MEMCACHE" => memcached_servers.join(","), + "CGIMAP_RATELIMIT" => "204800", + "CGIMAP_MAXDEBT" => "250", + "CGIMAP_MODERATOR_RATELIMIT" => "1048576", + "CGIMAP_MODERATOR_MAXDEBT" => "1280", + "CGIMAP_MAP_AREA" => node[:web][:max_request_area], + "CGIMAP_MAP_NODES" => node[:web][:max_number_of_nodes], + "CGIMAP_MAX_WAY_NODES" => node[:web][:max_number_of_way_nodes], + "CGIMAP_MAX_RELATION_MEMBERS" => node[:web][:max_number_of_relation_members], + "CGIMAP_RATELIMIT_UPLOAD" => "true", + "CGIMAP_BBOX_SIZE_LIMIT_UPLOAD" => "true" +} + +if %w[database_readonly api_readonly].include?(node[:web][:status]) + cgimap_options["CGIMAP_DISABLE_API_WRITE"] = "true" end -git cgimap_directory do - action :sync - repository "git://git.openstreetmap.org/cgimap.git" - revision "live" +systemd_service "cgimap" do + description "OpenStreetMap API Server" + type "forking" + environment_file cgimap_options user "rails" - group "rails" - notifies :run, "execute[cgimap-autogen]", :immediate -end - -if node[:web][:readonly_database_host] - database_host = node[:web][:readonly_database_host] - database_readonly = true -else - database_host = node[:web][:database_host] - database_readonly = node[:web][:status] == "database_readonly" -end - -memcached_servers = node[:web][:memcached_servers] - -cgimap_init = edit_file "#{cgimap_directory}/scripts/cgimap.init" do |line| - line.gsub!(/^CGIMAP_HOST=.*;/, "CGIMAP_HOST=#{database_host};") - line.gsub!(/^CGIMAP_DBNAME=.*;/, "CGIMAP_DBNAME=openstreetmap;") - line.gsub!(/^CGIMAP_USERNAME=.*;/, "CGIMAP_USERNAME=rails;") - line.gsub!(/^CGIMAP_PASSWORD=.*;/, "CGIMAP_PASSWORD=#{db_passwords['rails']};") - line.gsub!(/^CGIMAP_PIDFILE=.*;/, "CGIMAP_PIDFILE=#{pid_directory}/cgimap.pid;") - line.gsub!(/^CGIMAP_LOGFILE=.*;/, "CGIMAP_LOGFILE=#{log_directory}/cgimap.log;") - line.gsub!(/^CGIMAP_MEMCACHE=.*;/, "CGIMAP_MEMCACHE=#{memcached_servers.join(',')};") - line.gsub!(/^CGIMAP_RATELIMIT=.*;/, "CGIMAP_RATELIMIT=204800;") - - line.gsub!(%r{--pidfile \$CGIMAP_PIDFILE --exec /home/rails/bin/openstreetmap-cgimap}, "--pidfile $CGIMAP_PIDFILE") - - line.gsub!(%r{/home/rails/bin/openstreetmap-cgimap}, "#{cgimap_directory}/openstreetmap-cgimap") - - if database_readonly - line.gsub!(/--daemon/, "--daemon --readonly") - end - - line -end - -file "/etc/init.d/cgimap" do - owner "root" - group "root" - mode 0o755 - content cgimap_init + group "www-data" + umask "0002" + exec_start "/usr/bin/openstreetmap-cgimap --daemon --instances 30" + exec_reload "/bin/kill -HUP $MAINPID" + runtime_directory "cgimap" + private_tmp true + private_devices true + protect_system "full" + protect_home true + no_new_privileges true + restart "on-failure" + pid_file "#{node[:web][:pid_directory]}/cgimap.pid" end -if %w(database_offline api_offline).include?(node[:web][:status]) +if %w[database_offline api_offline].include?(node[:web][:status]) service "cgimap" do action :stop end @@ -124,7 +88,7 @@ else service "cgimap" do action [:enable, :start] supports :restart => true, :reload => true - subscribes :restart, "execute[cgimap-build]" - subscribes :restart, "file[/etc/init.d/cgimap]" + subscribes :restart, "package[openstreetmap-cgimap-bin]" + subscribes :restart, "systemd_service[cgimap]" end end