X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/ef37f307a2b225c01e9d5d140ffa54e1423e9e3e..a8930abf977175e1034465cb4e93d4d3673e366c:/cookbooks/planet/recipes/replication.rb?ds=sidebyside diff --git a/cookbooks/planet/recipes/replication.rb b/cookbooks/planet/recipes/replication.rb index c3893834d..d719d11ae 100644 --- a/cookbooks/planet/recipes/replication.rb +++ b/cookbooks/planet/recipes/replication.rb @@ -22,6 +22,7 @@ require "yaml" include_recipe "accounts" include_recipe "apt" include_recipe "osmosis" +include_recipe "planet::aws" include_recipe "ruby" include_recipe "tools" @@ -206,6 +207,8 @@ systemd_service "replication-changesets" do user "planet" exec_start "/usr/local/bin/replicate-changesets /etc/replication/changesets.conf" sandbox :enable_network => true + protect_home "tmpfs" + bind_paths "/home/planet" read_write_paths [ "/run/replication", "/store/planet/replication/changesets" @@ -266,6 +269,8 @@ systemd_service "replication-minutely" do working_directory "/etc/replication" exec_start "/usr/local/bin/replicate-minute" sandbox :enable_network => true + protect_home "tmpfs" + bind_paths "/home/planet" read_write_paths [ "/run/replication", "/store", @@ -309,10 +314,12 @@ end systemd_service "replication-hourly" do description "Hourly replication" user "planet" - exec_start "/usr/local/bin/osmosis -q --merge-replication-files workingDirectory=/var/lib/replication/hour" + exec_start "/usr/local/bin/replicate-hour" environment "LD_PRELOAD" => "/opt/flush/flush.so" sandbox :enable_network => true memory_deny_write_execute false + protect_home "tmpfs" + bind_paths "/home/planet" read_write_paths [ "/store/planet/replication/hour", "/var/lib/replication/hour" @@ -353,10 +360,12 @@ end systemd_service "replication-daily" do description "Daily replication" user "planet" - exec_start "/usr/local/bin/osmosis -q --merge-replication-files workingDirectory=/var/lib/replication/day" + exec_start "/usr/local/bin/replicate-day" environment "LD_PRELOAD" => "/opt/flush/flush.so" sandbox :enable_network => true memory_deny_write_execute false + protect_home "tmpfs" + bind_paths "/home/planet" read_write_paths [ "/store/planet/replication/day", "/var/lib/replication/day"