X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/238a31cadd90bb63a5dbdc7f4406aa51d786cc9d..HEAD:/cookbooks/planet/recipes/notes.rb?ds=sidebyside

diff --git a/cookbooks/planet/recipes/notes.rb b/cookbooks/planet/recipes/notes.rb
index ffb86243c..e63297081 100644
--- a/cookbooks/planet/recipes/notes.rb
+++ b/cookbooks/planet/recipes/notes.rb
@@ -17,8 +17,9 @@
 # limitations under the License.
 #
 
+include_recipe "accounts"
 include_recipe "git"
-include_recipe "awscli"
+include_recipe "planet::aws"
 
 db_passwords = data_bag_item("db", "passwords")
 
@@ -54,8 +55,10 @@ end
 systemd_service "planet-notes-dump" do
   description "Create notes dump"
   exec_start "/usr/local/bin/planet-notes-dump"
-  user "www-data"
+  user "planet"
   sandbox :enable_network => true
+  protect_home "tmpfs"
+  bind_paths "/home/planet"
   read_write_paths "/store/planet/notes"
 end
 
@@ -78,7 +81,7 @@ end
 systemd_service "planet-notes-cleanup" do
   description "Delete old notes dumps"
   exec_start "/usr/local/bin/planet-notes-cleanup"
-  user "www-data"
+  user "planet"
   sandbox true
   read_write_paths "/store/planet/notes"
 end