X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/d4154c8e9b823e27b1c387944d50dba6372c653e..226773e8e4b1b7e0141c45e0040fa2cd4141282a:/cookbooks/imagery/recipes/tiler.rb diff --git a/cookbooks/imagery/recipes/tiler.rb b/cookbooks/imagery/recipes/tiler.rb index 3c88d77da..d56357d62 100644 --- a/cookbooks/imagery/recipes/tiler.rb +++ b/cookbooks/imagery/recipes/tiler.rb @@ -20,6 +20,13 @@ include_recipe "imagery" include_recipe "podman" +directory "/store/imagery" do + owner "root" + group "root" + mode "755" + recursive true +end + # FIXME: until upstream supports arm64 images: https://github.com/developmentseed/titiler/pull/740 container_image = if arm? "ghcr.io/firefishy/titiler:latest" @@ -30,10 +37,12 @@ container_image = if arm? podman_service "titiler" do description "Container service for titiler" image container_image - ports 8080 => 8080 - environment :PORT => 8080, - :WORKERS_PER_CORE => 2, + volume :"/store/imagery" => "/store/imagery", + :"/srv/imagery/sockets" => "/sockets" + environment :BIND => "unix:/sockets/titiler.sock", + :WORKERS_PER_CORE => 1, :GDAL_CACHEMAX => 200, + :GDAL_BAND_BLOCK_CACHE => "HASHSET", :GDAL_DISABLE_READDIR_ON_OPEN => "EMPTY_DIR", :GDAL_INGESTED_BYTES_AT_OPEN => 32768, :GDAL_HTTP_MERGE_CONSECUTIVE_RANGES => "YES", @@ -45,6 +54,29 @@ podman_service "titiler" do :FORWARDED_ALLOW_IPS => "*" # https://docs.gunicorn.org/en/latest/settings.html#forwarded-allow-ips end +systemd_service "titiler-restart" do + type "simple" + user "root" + exec_start "/bin/systemctl try-restart titiler.service" + sandbox true + restrict_address_families "AF_UNIX" +end + +systemd_timer "titiler-restart" do + on_boot_sec "6h" + on_unit_inactive_sec "12h" +end + +service "titiler-restart.timer" do + action [:enable, :start] +end + +directory "/var/cache/nginx-cache" do + owner "www-data" + group "www-data" + mode "755" +end + ssl_certificate "tiler.openstreetmap.org" do domains "tiler.openstreetmap.org" notifies :reload, "service[nginx]"