X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/8aa57233f9034b901d7a652bd6276d0d7c3ea4f0..ac790280ac053c8654285f490e9f916c99a05095:/cookbooks/nominatim/recipes/master.rb

diff --git a/cookbooks/nominatim/recipes/master.rb b/cookbooks/nominatim/recipes/master.rb
index a3200312b..6dd15bf96 100644
--- a/cookbooks/nominatim/recipes/master.rb
+++ b/cookbooks/nominatim/recipes/master.rb
@@ -17,61 +17,20 @@
 # limitations under the License.
 #
 
-include_recipe "git"
-
-passwords = data_bag_item("nominatim", "passwords")
-database_cluster = node[:nominatim][:database][:cluster]
-home_directory = data_bag_item("accounts", "nominatim")["home"]
-
-wal_archives = node[:rsyncd][:modules][:archive][:path]
-slaves = search(:node, 'role:nominatim-slave').map{ |result| result[:fqdn] }.join(' ')
-
-git "#{home_directory}/nominatim" do
-  action :checkout
-  repository node[:nominatim][:repository]
-  enable_submodules true
-  user "nominatim"
-  group "nominatim"
-  notifies :run, "execute[compile_nominatim]"
-end
-
-include_recipe "nominatim::base"
-
-superusers = %w(tomh lonvia twain nominatim)
-
-superusers.each do |user|
-  postgresql_user user do
-    cluster database_cluster
-    superuser true
-  end
-end
-
-postgresql_user "www-data" do
-  cluster database_cluster
+slaves = search(:node, "roles:nominatim-slave") # ~FC010
+
+node.default[:postgresql][:settings][:defaults][:late_authentication_rules] = []
+node.default[:rsyncd][:modules] = { :archive => { :hosts_allow => [] } }
+
+slaves.each do |slave|
+  # set up DB access for each slave
+  node.default[:postgresql][:settings][:defaults][:late_authentication_rules].push(
+    :database => "replication",
+    :user => "replication",
+    :address => "#{slave[:networking][:internal_ipv4][:address]}/32"
+  )
+  # allow slaves access to the WAL logs
+  node.default[:rsyncd][:modules][:archive][:hosts_allow].push(
+    slave[:networking][:internal_ipv4][:address]
+  )
 end
-
-postgresql_user "replication" do
-  cluster database_cluster
-  password passwords["replication"]
-  replication true
-end
-
-directory wal_archives do
-  owner "postgres"
-  group "postgres"
-  mode 0700
-  only_if { node[:postgresql][:settings][:defaults][:archive_mode] == "on" }
-end
-
-template "/usr/local/bin/clean-db-nominatim" do
-  source "clean-db-nominatim.erb"
-  owner "root"
-  group "root"
-  mode 0755
-  variables :archive_dir => wal_archives,
-            :update_stop_file => "{home_directory}/status/updates_disabled",
-            :streaming_clients => slaves
-  only_if { node[:postgresql][:settings][:defaults][:archive_mode] == "on" }
-end
-
-