X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/d5e6ae801dfff473efe2701e560442d21289c549..3944d4a4eb4d96ca5e747739f4967f590672d4e4:/cookbooks/imagery/resources/layer.rb diff --git a/cookbooks/imagery/resources/layer.rb b/cookbooks/imagery/resources/layer.rb index 88e26cf2e..957e46b47 100644 --- a/cookbooks/imagery/resources/layer.rb +++ b/cookbooks/imagery/resources/layer.rb @@ -34,9 +34,9 @@ property :background_colour, String property :resample, String, :default => "average" property :imagemode, String property :extension, String, :default => "png" -property :max_zoom, Fixnum, :default => 18 +property :max_zoom, Integer, :default => 18 property :url_aliases, [String, Array], :default => [] -property :revision, Fixnum, :default => 0 +property :revision, Integer, :default => 0 property :overlay, [TrueClass, FalseClass], :default => false property :default_layer, [TrueClass, FalseClass], :default => false @@ -44,10 +44,10 @@ action :create do file "/srv/imagery/layers/#{site}/#{layer}.yml" do owner "root" group "root" - mode 0644 + mode 0o644 content YAML.dump(:name => layer, :title => title || layer, - :url => "http://{s}.#{site}/layer/#{layer}/{z}/{x}/{y}.png", + :url => "//{s}.#{site}/layer/#{layer}/{z}/{x}/{y}.png", :attribution => copyright, :default => default_layer, :maxZoom => max_zoom, @@ -59,34 +59,43 @@ action :create do source "mapserver.map.erb" owner "root" group "root" - mode 0644 + mode 0o644 variables new_resource.to_hash end systemd_service "mapserv-fcgi-#{layer}" do description "Map server for #{layer} layer" - limit_nofile 16384 environment "MS_MAPFILE" => "/srv/imagery/mapserver/layer-#{layer}.map", - "MS_MAP_PATTERN" => "^/srv/imagery/mapserver/" + "MS_MAP_PATTERN" => "^/srv/imagery/mapserver/", + "MS_DEBUGLEVEL" => "0", + "MS_ERRORFILE" => "stderr" + limit_nofile 16384 user "imagery" group "imagery" exec_start_pre "/bin/rm -f /run/mapserver-fastcgi/layer-#{layer}.socket" - exec_start "/usr/bin/spawn-fcgi -s /run/mapserver-fastcgi/layer-#{layer}.socket -M 0666 -P /run/mapserver-fastcgi/layer-#{layer}.pid -- /usr/bin/multiwatch -f 4 --signal=TERM -- /usr/lib/cgi-bin/mapserv" - pid_file "/run/mapserver-fastcgi/layer-#{layer}.pid" - type "forking" + exec_start "/usr/bin/spawn-fcgi -n -s /run/mapserver-fastcgi/layer-#{layer}.socket -M 0666 -P /run/mapserver-fastcgi/layer-#{layer}.pid -- /usr/bin/multiwatch -f 6 --signal=TERM -- /usr/lib/cgi-bin/mapserv" + private_tmp true + private_devices true + private_network true + protect_system "full" + protect_home true + no_new_privileges true restart "always" + pid_file "/run/mapserver-fastcgi/layer-#{layer}.pid" end service "mapserv-fcgi-#{layer}" do + provider Chef::Provider::Service::Systemd action [:enable, :start] + supports :status => true, :restart => true, :reload => false subscribes :restart, "template[/srv/imagery/mapserver/layer-#{layer}.map]" - subscribes :restart, "systemd_service[mapserv-fcgi]" + subscribes :restart, "systemd_service[mapserv-fcgi-#{layer}]" end directory "/srv/imagery/nginx/#{site}" do owner "root" group "root" - mode 0755 + mode 0o755 recursive true end @@ -95,12 +104,16 @@ action :create do source "nginx_imagery_layer_fragment.conf.erb" owner "root" group "root" - mode 0644 + mode 0o644 variables new_resource.to_hash end end action :delete do + file "/srv/imagery/layers/#{site}/#{layer}.yml" do + action :delete + end + service "mapserv-fcgi-layer-#{layer}" do action [:stop, :disable] end @@ -120,5 +133,5 @@ end def after_created notifies :create, "imagery_site[#{site}]" - notifies :restart, "service[nginx]" + notifies :reload, "service[nginx]" end