tilecache: chef code for token support

[chef.git] / cookbooks / tilecache / recipes / default.rb

diff --git a/cookbooks/tilecache/recipes/default.rb b/cookbooks/tilecache/recipes/default.rb
index b97ce12c80d917f4310669967945678d1ded2655..87b27bc018e319ffd757b7578a3fa811b7f35e1a 100644 (file)
--- a/cookbooks/tilecache/recipes/default.rb
+++ b/cookbooks/tilecache/recipes/default.rb
@@ -33,9 +33,14 @@ end
 package "xz-utils"
 package "openssl"
 
+# oathtool for QoS token
+package "oathtool"
+
 tilecaches = search(:node, "roles:tilecache").sort_by { |n| n[:hostname] }
 tilerenders = search(:node, "roles:tile").sort_by { |n| n[:hostname] }
 
+tilecache_tokens = data_bag_item("tilecache", "tokens")
+
 tilecaches.each do |cache|
   cache.ipaddresses(:family => :inet, :role => :external).sort.each do |address|
     firewall_rule "accept-squid" do
@@ -93,6 +98,27 @@ nginx_site "tile-ssl" do
   variables :certificate => certificate, :resolvers => resolvers, :caches => tilecaches
 end
 
+template "/usr/local/bin/nginx_generate_tilecache_qos_map" do
+  source "nginx_generate_tilecache_qos_map.erb"
+  owner "root"
+  group "root"
+  mode 0o750
+  variables tokens: => tilecache_tokens
+end
+
+template "/etc/cron.d/tilecache" do
+  source "cron.erb"
+  owner "root"
+  group "root"
+  mode 0o644
+end
+
+execute 'execute_nginx_generate_tilecache_qos_map' do
+  command '/usr/local/bin/nginx_generate_tilecache_qos_map'
+  creates '/etc/nginx/conf.d/tile_qos_rates.map'
+  action :run
+end
+
 service "nginx-certificate-restart" do
   service_name "nginx"
   action :nothing