X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/a74c4fad37f95e6a1f575d1ba452a4c501a0a03e..80f80217d53cb28acacdb9dcae525d8bffbc89e9:/cookbooks/planet/recipes/notes.rb diff --git a/cookbooks/planet/recipes/notes.rb b/cookbooks/planet/recipes/notes.rb index 68a548b15..e63297081 100644 --- a/cookbooks/planet/recipes/notes.rb +++ b/cookbooks/planet/recipes/notes.rb @@ -17,7 +17,9 @@ # limitations under the License. # +include_recipe "accounts" include_recipe "git" +include_recipe "planet::aws" db_passwords = data_bag_item("db", "passwords") @@ -31,7 +33,7 @@ package %w[ directory "/opt/planet-notes-dump" do owner "root" group "root" - mode 0o755 + mode "755" end git "/opt/planet-notes-dump" do @@ -46,13 +48,49 @@ template "/usr/local/bin/planet-notes-dump" do source "planet-notes-dump.erb" owner "root" group "root" - mode 0o755 + mode "755" variables :password => db_passwords["planetdump"] end -template "/etc/cron.d/planet-notes-dump" do - source "planet-notes-dump.cron.erb" +systemd_service "planet-notes-dump" do + description "Create notes dump" + exec_start "/usr/local/bin/planet-notes-dump" + user "planet" + sandbox :enable_network => true + protect_home "tmpfs" + bind_paths "/home/planet" + read_write_paths "/store/planet/notes" +end + +systemd_timer "planet-notes-dump" do + description "Create notes dump" + on_calendar "03:00" +end + +service "planet-notes-dump.timer" do + action [:enable, :start] +end + +template "/usr/local/bin/planet-notes-cleanup" do + source "planet-notes-cleanup.erb" owner "root" group "root" - mode 0o644 + mode "755" +end + +systemd_service "planet-notes-cleanup" do + description "Delete old notes dumps" + exec_start "/usr/local/bin/planet-notes-cleanup" + user "planet" + sandbox true + read_write_paths "/store/planet/notes" +end + +systemd_timer "planet-notes-cleanup" do + description "Delete old notes dumps" + on_calendar "08:10" +end + +service "planet-notes-cleanup.timer" do + action [:enable, :start] end