]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/planet/recipes/notes.rb
projects / chef.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix access to AWS credentials for planet services
[chef.git] / cookbooks / planet / recipes / notes.rb
diff --git a/cookbooks/planet/recipes/notes.rb b/cookbooks/planet/recipes/notes.rb
index f3c91a3e021280db19705cd4091f1ba835b74925..e6329708190daa8201c81069a73dbbb2eade7f37 100644 (file)
--- a/cookbooks/planet/recipes/notes.rb
+++ b/cookbooks/planet/recipes/notes.rb
@@ -57,7 +57,9 @@ systemd_service "planet-notes-dump" do
   exec_start "/usr/local/bin/planet-notes-dump"
   user "planet"
   sandbox :enable_network => true
-  read_write_paths ["/store/planet/notes", "/home/planet/.aws"]
+  protect_home "tmpfs"
+  bind_paths "/home/planet"
+  read_write_paths "/store/planet/notes"
 end
 
 systemd_timer "planet-notes-dump" do
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.