From d6901fe86d88bb71438571945ca0886fae925e7e Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Mon, 12 Sep 2016 21:53:25 +0100 Subject: [PATCH] Make renderd run as a native systemd service --- cookbooks/systemd/resources/service.rb | 12 +++++++++ .../systemd/templates/default/service.erb | 27 +++++++++++++++++++ cookbooks/tile/metadata.rb | 1 + cookbooks/tile/recipes/default.rb | 16 ++++++++++- 4 files changed, 55 insertions(+), 1 deletion(-) diff --git a/cookbooks/systemd/resources/service.rb b/cookbooks/systemd/resources/service.rb index 5488cc2bf..622144101 100644 --- a/cookbooks/systemd/resources/service.rb +++ b/cookbooks/systemd/resources/service.rb @@ -22,6 +22,7 @@ default_action :create property :name, String property :description, String, :required => true property :after, [String, Array] +property :wants, [String, Array] property :type, String, :default => "simple", :is => %w(simple forking oneshot dbus notify idle) @@ -35,8 +36,19 @@ property :exec_start, String, :required => true property :exec_start_post, String property :exec_stop, String property :exec_reload, String +property :standard_input, String, + :is => %w(null tty tty-force tty-fail socket) +property :standard_output, String, + :is => %w(inherit null tty journal syslog kmsg journal+console syslog+console kmsg+console socket) +property :standard_error, String, + :is => %w(inherit null tty journal syslog kmsg journal+console syslog+console kmsg+console socket) property :restart, String, :is => %w(on-success on-failure on-abnormal on-watchdog on-abort always) +property :private_tmp, [TrueClass, FalseClass] +property :private_devices, [TrueClass, FalseClass] +property :private_network, [TrueClass, FalseClass] +property :protect_system, [TrueClass, FalseClass, String] +property :protect_home, [TrueClass, FalseClass, String] property :timeout_sec, Fixnum property :pid_file, String diff --git a/cookbooks/systemd/templates/default/service.erb b/cookbooks/systemd/templates/default/service.erb index 57f6a61e7..6d2b85e81 100644 --- a/cookbooks/systemd/templates/default/service.erb +++ b/cookbooks/systemd/templates/default/service.erb @@ -5,6 +5,9 @@ Description=<%= @description %> <% if @after -%> After=<%= Array(@after).join(" ") %> <% end -%> +<% if @wants -%> +Wants=<%= Array(@wants).join(" ") %> +<% end -%> [Service] Type=<%= @type %> @@ -36,6 +39,30 @@ ExecStop=<%= @exec_stop %> <% if @exec_reload -%> ExecReload=<%= @exec_reload %> <% end -%> +<% if @standard_input -%> +StandardInput=<%= @standard_input %> +<% end -%> +<% if @standard_output -%> +StandardOutput=<%= @standard_output %> +<% end -%> +<% if @standard_error -%> +StandardError=<%= @standard_error %> +<% end -%> +<% if @private_tmp -%> +PrivateTmp=<%= @private_tmp %> +<% end -%> +<% if @private_devices -%> +PrivateDevices=<%= @private_devices %> +<% end -%> +<% if @private_network -%> +PrivateNetwork=<%= @private_network %> +<% end -%> +<% if @protect_system -%> +ProtectSystem=<%= @protect_system %> +<% end -%> +<% if @protect_home -%> +ProtectHome=<%= @protect_home %> +<% end -%> <% if @restart -%> Restart=<%= @restart %> <% end -%> diff --git a/cookbooks/tile/metadata.rb b/cookbooks/tile/metadata.rb index 666f9d812..cba80c648 100644 --- a/cookbooks/tile/metadata.rb +++ b/cookbooks/tile/metadata.rb @@ -9,4 +9,5 @@ depends "apache" depends "git" depends "nodejs" depends "postgresql" +depends "systemd" depends "tools" diff --git a/cookbooks/tile/recipes/default.rb b/cookbooks/tile/recipes/default.rb index 0a703017c..f8a808d73 100644 --- a/cookbooks/tile/recipes/default.rb +++ b/cookbooks/tile/recipes/default.rb @@ -62,9 +62,23 @@ end package "renderd" +systemd_service "renderd" do + description "Mapnik rendering daemon" + after "postgresql.service" + wants "postgresql.service" + user "www-data" + exec_start "/usr/bin/renderd -f" + standard_error "null" + private_tmp true + private_devices true + private_network true + protect_system "full" + protect_home true + restart "on-failure" +end + service "renderd" do action [:enable, :start] - supports :status => false, :restart => true, :reload => false end directory "/srv/tile.openstreetmap.org/tiles" do -- 2.43.2