X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/d3f42f2199bf8098ffaf3ca2a858bc2e417ca33f..50aea11082eaa90bd37593b9c987d38a082f4e1b:/cookbooks/planet/recipes/default.rb diff --git a/cookbooks/planet/recipes/default.rb b/cookbooks/planet/recipes/default.rb index 706e766e8..ad532f93e 100644 --- a/cookbooks/planet/recipes/default.rb +++ b/cookbooks/planet/recipes/default.rb @@ -1,14 +1,14 @@ # -# Cookbook Name:: planet +# Cookbook:: planet # Recipe:: default # -# Copyright 2011, OpenStreetMap Foundation +# Copyright:: 2011, OpenStreetMap Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, @@ -17,70 +17,114 @@ # limitations under the License. # -include_recipe "apache::ssl" +include_recipe "accounts" +include_recipe "apache" +include_recipe "geoipupdate" +include_recipe "planet::aws" -package "perl" -package "php5-cli" -package "pbzip2" -package "osmosis" +package %w[ + python3 + python3-geoip2 +] -remote_directory "/usr/local/bin" do - source "bin" +remote_directory "/store/planet#html" do + path "/store/planet" + source "html" owner "root" group "root" - mode 0755 + mode "0755" files_owner "root" files_group "root" - files_mode 0755 + files_mode "644" end -template "/etc/cron.d/planet" do - source "cron.erb" +remote_directory "/store/planet#cgi" do + path "/store/planet" + source "cgi" owner "root" group "root" - mode 0644 + mode "755" + files_owner "root" + files_group "root" + files_mode "755" end -remote_directory "/store/planet" do - source "html" - owner "root" - group "root" - mode "0755" +remote_directory node[:planet][:dump][:xml_history_directory] do + source "history_cgi" + owner "planet" + group "planet" + mode "775" files_owner "root" files_group "root" - files_mode 0644 + files_mode "755" end -remote_directory "/store/planet" do - source "cgi" - owner "root" - group "root" - mode 0755 +remote_directory "/store/planet/cc-by-sa" do + source "ccbysa_cgi" + owner "planet" + group "planet" + mode "775" files_owner "root" files_group "root" - files_mode 0755 + files_mode "755" end -directory "/store/planet/planet" do - owner "www-data" +remote_directory "/store/planet/cc-by-sa/full-experimental" do + source "ccbysa_history_cgi" + owner "planet" group "planet" - mode 0775 + mode "775" + files_owner "root" + files_group "root" + files_mode "755" end -directory "/store/planet/pbf" do - owner "www-data" - group "planet" - mode 0775 +[:xml_directory, :xml_history_directory, + :pbf_directory, :pbf_history_directory].each do |dir| + directory node[:planet][:dump][dir] do + owner "planet" + group "planet" + mode "775" + end end directory "/store/planet/notes" do - owner "www-data" + owner "planet" + group "planet" + mode "775" +end + +directory "/store/planet/statistics" do + owner "planet" group "planet" - mode 0775 + mode "775" end +template "/usr/local/bin/apache-latest-planet-filename" do + source "apache-latest-planet-filename.erb" + owner "root" + group "root" + mode "755" + notifies :restart, "service[apache2]" +end + +template "/usr/local/bin/apache-s3-ip2region" do + source "apache-s3-ip2region.erb" + owner "root" + group "root" + mode "755" + notifies :restart, "service[apache2]" +end + +apache_module "cgid" apache_module "rewrite" apache_module "proxy_http" +apache_module "ratelimit" + +ssl_certificate "planet.openstreetmap.org" do + domains ["planet.openstreetmap.org", "planet.osm.org"] + notifies :reload, "service[apache2]" +end apache_site "planet.openstreetmap.org" do template "apache.erb" @@ -90,5 +134,32 @@ template "/etc/logrotate.d/apache2" do source "logrotate.apache.erb" owner "root" group "root" - mode 0644 + mode "644" +end + +template "/usr/local/bin/planet-file-cleanup" do + source "planet-file-cleanup.erb" + owner "root" + group "root" + mode "755" +end + +systemd_service "planet-file-cleanup" do + description "Cleanup old planet files" + exec_start "/usr/local/bin/planet-file-cleanup --debug" + user "planet" + sandbox true + read_write_paths [ + node[:planet][:dump][:xml_directory], + node[:planet][:dump][:pbf_directory] + ] +end + +systemd_timer "planet-file-cleanup" do + description "Cleanup old planet files" + on_calendar "Mon *-*-1..7 03:44" +end + +service "planet-file-cleanup.timer" do + action [:enable, :start] end