X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/7eb3680b81fdf339e466d9279584805f17a54c0f..677cb67550747f63b59463fecff652cd8d41fdff:/cookbooks/nominatim/recipes/default.rb

diff --git a/cookbooks/nominatim/recipes/default.rb b/cookbooks/nominatim/recipes/default.rb
index 7e32db7e6..571c8fd32 100644
--- a/cookbooks/nominatim/recipes/default.rb
+++ b/cookbooks/nominatim/recipes/default.rb
@@ -20,6 +20,7 @@
 include_recipe "accounts"
 include_recipe "munin"
 include_recipe "php::fpm"
+include_recipe "prometheus"
 
 basedir = data_bag_item("accounts", "nominatim")["home"]
 email_errors = data_bag_item("accounts", "lonvia")["email"]
@@ -52,17 +53,6 @@ file "#{node[:nominatim][:logdir]}/update.log" do
   mode "664"
 end
 
-# exception granted for a limited time so that they can set up their own server
-firewall_rule "increase-limits-gnome-proxy" do
-  action :accept
-  family "inet"
-  source "net:8.43.85.23"
-  dest "fw"
-  proto "tcp:syn"
-  dest_ports "https"
-  rate_limit "s:10/sec:30"
-end
-
 ## Postgresql
 
 include_recipe "postgresql"
@@ -172,9 +162,13 @@ package %w[
   python3-psutil
   python3-jinja2
   python3-icu
+  python3-datrie
   php-pgsql
   php-intl
   php-symfony-dotenv
+  ruby
+  ruby-file-tail
+  ruby-pg
 ]
 
 source_directory = "#{basedir}/nominatim"
@@ -279,7 +273,7 @@ external_data = [
 
 external_data.each do |fname|
   remote_file "#{build_directory}/#{fname}" do
-    action :create_if_missing
+    action :create
     source "https://www.nominatim.org/data/#{fname}"
     owner "nominatim"
     group "nominatim"
@@ -300,7 +294,7 @@ if node[:nominatim][:state] == "off"
     action :delete
   end
 
-  cron_d "nominatim-update-maintenance-trigger" do
+  systemd_timer "nominatim-update-maintenance-trigger" do
     action :delete
   end
 else
@@ -331,12 +325,20 @@ else
     mailto email_errors
   end
 
-  cron_d "nominatim-update-maintenance-trigger" do
-    minute "18"
-    hour "1"
+  systemd_service "nominatim-update-maintenance-trigger" do
+    description "Trigger maintenance tasks for Nominatim DB"
+    exec_start "touch #{basedir}/status/update_maintenance"
     user "nominatim"
-    command "touch #{basedir}/status/update_maintenance"
-    mailto email_errors
+  end
+
+  systemd_timer "nominatim-update-maintenance-trigger" do
+    action :create
+    description "Schedule maintenance tasks for Nominatim DB"
+    on_calendar "*-*-* 02:03:00 UTC"
+  end
+
+  service "nominatim-update-maintenance-trigger" do
+    action [:enable]
   end
 end
 
@@ -415,10 +417,6 @@ ssl_certificate node[:fqdn] do
   notifies :reload, "service[nginx]"
 end
 
-package "apache2" do
-  action :remove
-end
-
 include_recipe "nginx"
 
 nginx_site "default" do
@@ -461,6 +459,15 @@ munin_plugin "nominatim_requests" do
   target "#{source_directory}/munin/nominatim_requests_querylog"
 end
 
+prometheus_exporter "nominatim" do
+  port 8082
+  user "www-data"
+  options [
+    "--nominatim.query-log=#{node[:nominatim][:logdir]}/query.log",
+    "--nominatim.database-name=#{node[:nominatim][:dbname]}"
+  ]
+end
+
 directory "#{basedir}/status" do
   owner "nominatim"
   group "postgres"