X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/cf3730fdb4d1f5d5e5738cf7e5b27ccade78e488..f3d8422f1c3d8c1e8cf3cc04d9982b8cfb8878c4:/cookbooks/planet/recipes/replication.rb diff --git a/cookbooks/planet/recipes/replication.rb b/cookbooks/planet/recipes/replication.rb index ddf278a2d..a31f98288 100644 --- a/cookbooks/planet/recipes/replication.rb +++ b/cookbooks/planet/recipes/replication.rb @@ -22,6 +22,8 @@ require "yaml" include_recipe "accounts" include_recipe "apt" include_recipe "osmosis" +include_recipe "ruby" +include_recipe "tools" db_passwords = data_bag_item("db", "passwords") @@ -29,8 +31,6 @@ db_passwords = data_bag_item("db", "passwords") package %w[ postgresql-client - ruby - ruby-dev ruby-libxml make gcc @@ -39,7 +39,9 @@ package %w[ osmdbt ] -gem_package "pg" +gem_package "pg" do + gem_binary node[:ruby][:gem] +end ## Build preload library to flush files @@ -74,13 +76,6 @@ remote_directory "/usr/local/bin" do files_mode "755" end -template "/usr/local/bin/replicate-minute" do - source "replicate-minute.erb" - owner "root" - group "root" - mode "755" -end - template "/usr/local/bin/users-agreed" do source "users-agreed.erb" owner "root" @@ -162,6 +157,40 @@ template "/etc/replication/users-agreed.conf" do variables :password => db_passwords["planetdiff"] end +systemd_service "users-agreed" do + description "Update list of users accepting CTs" + user "planet" + exec_start "/usr/local/bin/users-agreed" + private_tmp true + private_devices true + protect_system "full" + protect_home true + restrict_address_families %w[AF_INET AF_INET6] + no_new_privileges true +end + +systemd_timer "users-agreed" do + description "Update list of users accepting CTs" + on_calendar "7:00" +end + +systemd_service "users-deleted" do + description "Update list of deleted users" + user "planet" + exec_start "/usr/local/bin/users-deleted" + private_tmp true + private_devices true + protect_system "full" + protect_home true + restrict_address_families %w[AF_INET AF_INET6] + no_new_privileges true +end + +systemd_timer "users-deleted" do + description "Update list of deleted users" + on_calendar "17:00" +end + ## Changeset replication directory "/store/planet/replication/changesets" do @@ -178,6 +207,25 @@ template "/etc/replication/changesets.conf" do variables :password => db_passwords["planetdiff"] end +systemd_service "replication-changesets" do + description "Changesets replication" + user "planet" + exec_start "/usr/local/bin/replicate-changesets /etc/replication/changesets.conf" + private_tmp true + private_devices true + protect_system "full" + protect_home true + restrict_address_families %w[AF_INET AF_INET6] + no_new_privileges true +end + +systemd_timer "replication-changesets" do + description "Changesets replication" + on_boot_sec 60 + on_unit_active_sec 60 + accuracy_sec 5 +end + ## Minutely replication directory "/store/planet/replication/minute" do @@ -239,10 +287,6 @@ systemd_timer "replication-minutely" do accuracy_sec 5 end -file "/etc/replication/auth.conf" do - action :delete -end - ## Hourly replication directory "/store/planet/replication/hour" do @@ -273,6 +317,7 @@ systemd_service "replication-hourly" do description "Hourly replication" user "planet" exec_start "/usr/local/bin/osmosis -q --merge-replication-files workingDirectory=/var/lib/replication/hour" + environment "LD_PRELOAD" => "/opt/flush/flush.so" private_tmp true private_devices true protect_system "full" @@ -316,6 +361,7 @@ systemd_service "replication-daily" do description "Daily replication" user "planet" exec_start "/usr/local/bin/osmosis -q --merge-replication-files workingDirectory=/var/lib/replication/day" + environment "LD_PRELOAD" => "/opt/flush/flush.so" private_tmp true private_devices true protect_system "full" @@ -329,29 +375,40 @@ systemd_timer "replication-daily" do on_calendar "*-*-* *:02/15:00" end +## Replication cleanup + +systemd_service "replication-cleanup" do + description "Cleanup replication" + user "planet" + exec_start "/usr/local/bin/replicate-cleanup" + private_tmp true + private_devices true + private_network true + protect_system "full" + protect_home true + no_new_privileges true +end + +systemd_timer "replication-cleanup" do + description "Cleanup replication" + on_boot_sec 60 + on_unit_active_sec 86400 + accuracy_sec 1800 +end + ## Enable/disable feeds if node[:planet][:replication] == "enabled" - cron_d "users-agreed" do - minute "0" - hour "7" - user "planet" - command "/usr/local/bin/users-agreed" - mailto "zerebubuth@gmail.com" + service "users-agreed.timer" do + action [:enable, :start] end - cron_d "users-deleted" do - minute "0" - hour "17" - user "planet" - command "/usr/local/bin/users-deleted" - mailto "zerebubuth@gmail.com" + service "users-deleted.timer" do + action [:enable, :start] end - cron_d "replication-changesets" do - user "planet" - command "/usr/local/bin/replicate-changesets /etc/replication/changesets.conf" - mailto "zerebubuth@gmail.com" + service "replication-changesets.timer" do + action [:enable, :start] end service "replication-minutely.timer" do @@ -365,17 +422,21 @@ if node[:planet][:replication] == "enabled" service "replication-daily.timer" do action [:enable, :start] end + + service "replication-cleanup.timer" do + action [:enable, :start] + end else - cron_d "users-agreed" do - action :delete + service "users-agreed.timer" do + action [:stop, :disable] end - cron_d "users-deleted" do - action :delete + service "users-deleted.timer" do + action [:stop, :disable] end - cron_d "replication-changesets" do - action :delete + service "replication-changesets.timer" do + action [:stop, :disable] end service "replication-minutely.timer" do @@ -389,4 +450,8 @@ else service "replication-daily.timer" do action [:stop, :disable] end + + service "replication-cleanup.timer" do + action [:stop, :disable] + end end