X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/98ecb8199d04234e3db39ec751aa7b342fcc93c1..a709a7e459401578a1fab28d89ba644841c8a661:/cookbooks/imagery/resources/layer.rb diff --git a/cookbooks/imagery/resources/layer.rb b/cookbooks/imagery/resources/layer.rb index 46b584e1d..957e46b47 100644 --- a/cookbooks/imagery/resources/layer.rb +++ b/cookbooks/imagery/resources/layer.rb @@ -34,37 +34,24 @@ property :background_colour, String property :resample, String, :default => "average" property :imagemode, String property :extension, String, :default => "png" -property :max_zoom, Fixnum, :default => 23 +property :max_zoom, Integer, :default => 18 property :url_aliases, [String, Array], :default => [] -property :revision, Fixnum, :default => 1 +property :revision, Integer, :default => 0 property :overlay, [TrueClass, FalseClass], :default => false property :default_layer, [TrueClass, FalseClass], :default => false action :create do - file "create layer yaml definition" do + file "/srv/imagery/layers/#{site}/#{layer}.yml" do owner "root" group "root" - mode 0644 - if new_resource.overlay - path "/srv/imagery/overlays/#{site}/#{layer}.yml" - else - path "/srv/imagery/layers/#{site}/#{layer}.yml" - end + mode 0o644 content YAML.dump(:name => layer, :title => title || layer, - :url => "http://{s}.#{site}/layer/#{layer}/{z}/{x}/{y}.png", + :url => "//{s}.#{site}/layer/#{layer}/{z}/{x}/{y}.png", :attribution => copyright, :default => default_layer, - :maxZoom => max_zoom) - end - - file "remove old layer yaml" do - if new_resource.overlay - path "/srv/imagery/layers/#{site}/#{layer}.yml" # remove layer if overlay - else - path "/srv/imagery/overlays/#{site}/#{layer}.yml" # remove overlay if layer - end - action :delete + :maxZoom => max_zoom, + :overlay => overlay) end template "/srv/imagery/mapserver/layer-#{layer}.map" do @@ -72,34 +59,43 @@ action :create do source "mapserver.map.erb" owner "root" group "root" - mode 0644 + mode 0o644 variables new_resource.to_hash end systemd_service "mapserv-fcgi-#{layer}" do description "Map server for #{layer} layer" - limit_nofile 16384 environment "MS_MAPFILE" => "/srv/imagery/mapserver/layer-#{layer}.map", - "MS_MAP_PATTERN" => "^/srv/imagery/mapserver/" + "MS_MAP_PATTERN" => "^/srv/imagery/mapserver/", + "MS_DEBUGLEVEL" => "0", + "MS_ERRORFILE" => "stderr" + limit_nofile 16384 user "imagery" group "imagery" exec_start_pre "/bin/rm -f /run/mapserver-fastcgi/layer-#{layer}.socket" - exec_start "/usr/bin/spawn-fcgi -s /run/mapserver-fastcgi/layer-#{layer}.socket -M 0666 -P /run/mapserver-fastcgi/layer-#{layer}.pid -- /usr/bin/multiwatch -f 4 --signal=TERM -- /usr/lib/cgi-bin/mapserv" - pid_file "/run/mapserver-fastcgi/layer-#{layer}.pid" - type "forking" + exec_start "/usr/bin/spawn-fcgi -n -s /run/mapserver-fastcgi/layer-#{layer}.socket -M 0666 -P /run/mapserver-fastcgi/layer-#{layer}.pid -- /usr/bin/multiwatch -f 6 --signal=TERM -- /usr/lib/cgi-bin/mapserv" + private_tmp true + private_devices true + private_network true + protect_system "full" + protect_home true + no_new_privileges true restart "always" + pid_file "/run/mapserver-fastcgi/layer-#{layer}.pid" end service "mapserv-fcgi-#{layer}" do + provider Chef::Provider::Service::Systemd action [:enable, :start] + supports :status => true, :restart => true, :reload => false subscribes :restart, "template[/srv/imagery/mapserver/layer-#{layer}.map]" - subscribes :restart, "systemd_service[mapserv-fcgi]" + subscribes :restart, "systemd_service[mapserv-fcgi-#{layer}]" end directory "/srv/imagery/nginx/#{site}" do owner "root" group "root" - mode 0755 + mode 0o755 recursive true end @@ -108,12 +104,16 @@ action :create do source "nginx_imagery_layer_fragment.conf.erb" owner "root" group "root" - mode 0644 + mode 0o644 variables new_resource.to_hash end end action :delete do + file "/srv/imagery/layers/#{site}/#{layer}.yml" do + action :delete + end + service "mapserv-fcgi-layer-#{layer}" do action [:stop, :disable] end @@ -133,5 +133,5 @@ end def after_created notifies :create, "imagery_site[#{site}]" - notifies :restart, "service[nginx]" + notifies :reload, "service[nginx]" end