X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/d4571d5bf7d5c6335b2b37a448ae10dc13d4247b..41b4f8ccdff661e5463961da893ef91866e9f74c:/cookbooks/geoipupdate/recipes/default.rb?ds=inline diff --git a/cookbooks/geoipupdate/recipes/default.rb b/cookbooks/geoipupdate/recipes/default.rb index 2b2c23632..17fcc0850 100644 --- a/cookbooks/geoipupdate/recipes/default.rb +++ b/cookbooks/geoipupdate/recipes/default.rb @@ -17,7 +17,7 @@ # limitations under the License. # -include_recipe "apt" +include_recipe "apt::maxmind" license_keys = data_bag_item("geoipupdate", "license-keys") @@ -35,18 +35,15 @@ execute "geoipupdate" do command "geoipupdate" user "root" group "root" - not_if { kitchen? || node[:geoipupdate][:editions].all? { |edition| ::File.exist?("/usr/share/GeoIP/#{edition}.mmdb") } } + not_if { kitchen? || node[:geoipupdate][:editions].all? { |edition| ::File.exist?("#{node[:geoipupdate][:directory]}/#{edition}.mmdb") } } end systemd_service "geoipupdate" do description "Update GeoIP databases" user "root" exec_start "/usr/bin/geoipupdate" - private_tmp true - private_devices true - protect_system "strict" - protect_home true - read_write_paths %w[/usr/share/GeoIP /var/lib/GeoIP] + sandbox :enable_network => true + read_write_paths node[:geoipupdate][:directory] end systemd_timer "geoipupdate" do