X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/d4571d5bf7d5c6335b2b37a448ae10dc13d4247b..b7c12630cb9de017d76fe60ff296534d6d061399:/cookbooks/geoipupdate/recipes/default.rb?ds=sidebyside diff --git a/cookbooks/geoipupdate/recipes/default.rb b/cookbooks/geoipupdate/recipes/default.rb index 2b2c23632..b87f5e822 100644 --- a/cookbooks/geoipupdate/recipes/default.rb +++ b/cookbooks/geoipupdate/recipes/default.rb @@ -17,7 +17,7 @@ # limitations under the License. # -include_recipe "apt" +include_recipe "apt::maxmind" license_keys = data_bag_item("geoipupdate", "license-keys") @@ -35,25 +35,22 @@ execute "geoipupdate" do command "geoipupdate" user "root" group "root" - not_if { kitchen? || node[:geoipupdate][:editions].all? { |edition| ::File.exist?("/usr/share/GeoIP/#{edition}.mmdb") } } + not_if { kitchen? || node[:geoipupdate][:editions].all? { |edition| ::File.exist?("#{node[:geoipupdate][:directory]}/#{edition}.mmdb") } } end systemd_service "geoipupdate" do description "Update GeoIP databases" user "root" exec_start "/usr/bin/geoipupdate" - private_tmp true - private_devices true - protect_system "strict" - protect_home true - read_write_paths %w[/usr/share/GeoIP /var/lib/GeoIP] + sandbox :enable_network => true + read_write_paths node[:geoipupdate][:directory] end systemd_timer "geoipupdate" do description "Update GeoIP databases" on_boot_sec "15m" on_unit_active_sec "7d" - randomized_delay_sec "4h" + randomized_delay_sec "5d" end service "geoipupdate.timer" do