cookbooks/imagery/recipes/tiler.rb

   1 #
   2 # Cookbook:: imagery
   3 # Recipe:: tiler
   4 #
   5 # Copyright:: 2023, OpenStreetMap Foundation
   6 #
   7 # Licensed under the Apache License, Version 2.0 (the "License");
   8 # you may not use this file except in compliance with the License.
   9 # You may obtain a copy of the License at
  10 #
  11 #     https://www.apache.org/licenses/LICENSE-2.0
  12 #
  13 # Unless required by applicable law or agreed to in writing, software
  14 # distributed under the License is distributed on an "AS IS" BASIS,
  15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16 # See the License for the specific language governing permissions and
  17 # limitations under the License.
  18 #
  19
  20 include_recipe "imagery"
  21 include_recipe "podman"
  22
  23 directory "/store/imagery" do
  24   owner "root"
  25   group "root"
  26   mode "755"
  27   recursive true
  28 end
  29
  30 # FIXME: until upstream supports arm64 images: https://github.com/developmentseed/titiler/pull/740
  31 container_image = if arm?
  32                     "ghcr.io/firefishy/titiler:latest"
  33                   else
  34                     "ghcr.io/developmentseed/titiler:latest"
  35                   end
  36
  37 podman_service "titiler" do
  38   description "Container service for titiler"
  39   image container_image
  40   volume :"/store/imagery"       => "/store/imagery",
  41          :"/srv/imagery/sockets" => "/sockets"
  42   environment :BIND                                => "unix:/sockets/titiler.sock",
  43               :WORKERS_PER_CORE                    => 1,
  44               :GDAL_CACHEMAX                       => 200,
  45               :GDAL_BAND_BLOCK_CACHE               => "HASHSET",
  46               :GDAL_DISABLE_READDIR_ON_OPEN        => "EMPTY_DIR",
  47               :GDAL_INGESTED_BYTES_AT_OPEN         => 32768,
  48               :GDAL_HTTP_MERGE_CONSECUTIVE_RANGES  => "YES",
  49               :GDAL_HTTP_MULTIPLEX                 => "YES",
  50               :GDAL_HTTP_VERSION                   => 2,
  51               :VSI_CACHE                           => "TRUE",
  52               :VSI_CACHE_SIZE                      => 5000000,
  53               :TITILER_API_ROOT_PATH               => "/api/v1/titiler",
  54               :FORWARDED_ALLOW_IPS                 => "*" # https://docs.gunicorn.org/en/latest/settings.html#forwarded-allow-ips
  55 end
  56
  57 systemd_service "titiler-restart" do
  58   type "simple"
  59   user "root"
  60   exec_start "/bin/systemctl try-restart titiler.service"
  61   sandbox true
  62   restrict_address_families "AF_UNIX"
  63 end
  64
  65 systemd_timer "titiler-restart" do
  66   on_boot_sec "6h"
  67   on_unit_inactive_sec "12h"
  68 end
  69
  70 service "titiler-restart.timer" do
  71   action [:enable, :start]
  72 end
  73
  74 directory "/var/cache/nginx-cache" do
  75   owner "www-data"
  76   group "www-data"
  77   mode "755"
  78 end
  79
  80 ssl_certificate "tiler.openstreetmap.org" do
  81   domains "tiler.openstreetmap.org"
  82   notifies :reload, "service[nginx]"
  83 end
  84
  85 nginx_site "tiler.openstreetmap.org" do
  86   template "nginx_titiler.conf.erb"
  87   variables :aliases => ["tiler.osm.org"]
  88 end