From 180337b36894830831cd75d053af4bd3c9bc9288 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Thu, 20 Aug 2020 08:40:09 +0100
Subject: [PATCH] Configure a timer to run geoipupdate weekly

---
 cookbooks/geoipupdate/metadata.rb        |  1 +
 cookbooks/geoipupdate/recipes/default.rb | 26 ++++++++++++++++++++++++
 2 files changed, 27 insertions(+)

diff --git a/cookbooks/geoipupdate/metadata.rb b/cookbooks/geoipupdate/metadata.rb
index 78d65c5fa..ccc09f626 100644
--- a/cookbooks/geoipupdate/metadata.rb
+++ b/cookbooks/geoipupdate/metadata.rb
@@ -7,3 +7,4 @@ description       "Installs and configures geoipupdate"
 version           "1.0.0"
 supports          "ubuntu"
 depends           "apt"
+depends           "systemd"
diff --git a/cookbooks/geoipupdate/recipes/default.rb b/cookbooks/geoipupdate/recipes/default.rb
index 3b116c869..27d6478ae 100644
--- a/cookbooks/geoipupdate/recipes/default.rb
+++ b/cookbooks/geoipupdate/recipes/default.rb
@@ -51,6 +51,32 @@ execute "geoipupdate" do
   not_if { ENV.key?("TEST_KITCHEN") || node[:geoipupdate][:editions].all? { |edition| ::File.exist?("/usr/share/GeoIP/#{edition}.mmdb") } }
 end
 
+systemd_service "geoipdate" do
+  action :delete
+end
+
+systemd_service "geoipupdate" do
+  description "Update GeoIP databases"
+  user "root"
+  exec_start "/usr/bin/geoipupdate"
+  private_tmp true
+  private_devices true
+  protect_system "strict"
+  protect_home true
+  read_write_paths "/usr/share/GeoIP"
+end
+
+systemd_timer "geoipupdate" do
+  description "Update GeoIP databases"
+  on_boot_sec "15m"
+  on_unit_active_sec "7d"
+  randomized_delay_sec "4h"
+end
+
+service "geoipupdate.timer" do
+  action [:enable, :start]
+end
+
 directory "/var/lib/GeoIP" do
   action :delete
   recursive true
-- 
2.43.2