X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/e4a0595002f1f428a98776070ad4677b6433b46f..f5c510d65c4dd4e530731b927425d2b81286edc5:/cookbooks/supybot/recipes/default.rb diff --git a/cookbooks/supybot/recipes/default.rb b/cookbooks/supybot/recipes/default.rb index 87343c100..7545ff331 100644 --- a/cookbooks/supybot/recipes/default.rb +++ b/cookbooks/supybot/recipes/default.rb @@ -22,20 +22,20 @@ include_recipe "accounts" users = data_bag_item("supybot", "users") passwords = data_bag_item("supybot", "passwords") -package "supybot" -package "python-git" +package "limnoria" +package "python3-git" directory "/etc/supybot" do owner "supybot" group "supybot" - mode 0o755 + mode "755" end template "/etc/supybot/supybot.conf" do source "supybot.conf.erb" owner "supybot" group "supybot" - mode 0o644 + mode "644" variables :passwords => passwords end @@ -43,84 +43,85 @@ template "/etc/supybot/channels.conf" do source "channels.conf.erb" owner "supybot" group "supybot" - mode 0o644 + mode "644" end template "/etc/supybot/git.conf" do source "git.conf.erb" owner "supybot" group "supybot" - mode 0o644 + mode "644" end template "/etc/supybot/ignores.conf" do source "ignores.conf.erb" owner "supybot" group "supybot" - mode 0o644 + mode "644" end template "/etc/supybot/userdata.conf" do source "userdata.conf.erb" owner "supybot" group "supybot" - mode 0o644 + mode "644" end template "/etc/supybot/users.conf" do source "users.conf.erb" owner "supybot" group "supybot" - mode 0o644 + mode "644" variables :passwords => users end directory "/var/lib/supybot" do owner "root" group "root" - mode 0o755 + mode "755" end directory "/var/lib/supybot/data" do owner "supybot" group "supybot" - mode 0o755 + mode "755" end directory "/var/lib/supybot/backup" do owner "supybot" group "supybot" - mode 0o755 + mode "755" end directory "/var/lib/supybot/git" do owner "supybot" group "supybot" - mode 0o755 + mode "755" end directory "/var/log/supybot" do owner "supybot" group "supybot" - mode 0o755 + mode "755" end directory "/usr/local/lib/supybot" do owner "root" group "root" - mode 0o755 + mode "755" end directory "/usr/local/lib/supybot/plugins" do owner "root" group "root" - mode 0o755 + mode "755" end git "/usr/local/lib/supybot/plugins/Git" do action :sync repository "https://github.com/openstreetmap/supybot-git" revision "master" + depth 1 user "root" group "root" end @@ -130,11 +131,8 @@ systemd_service "supybot" do after "network.target" user "supybot" exec_start "/usr/bin/supybot /etc/supybot/supybot.conf" - private_tmp true - private_devices true - protect_system true - protect_home true - no_new_privileges true + sandbox :enable_network => true + read_write_paths ["/etc/supybot", "/var/lib/supybot", "/var/log/supybot"] restart "on-failure" end