# # Cookbook:: kosmos_garage # Recipe:: default # remote_file 'garage' do source "https://garagehq.deuxfleurs.fr/_releases/v#{node['garage']['version']}/x86_64-unknown-linux-musl/garage" checksum node['garage']['checksum']['amd64'] path '/usr/local/bin/garage' mode '0755' ssl_verify_mode :verify_none if node.chef_environment == 'testing' notifies :restart, 'service[garage]', :delayed end credentials = Chef::EncryptedDataBagItem.load('credentials', 'garage') template '/etc/garage.toml' do source 'garage.toml.erb' mode '0744' variables metadata_dir: node['garage']['metadata_dir'] || '/var/lib/garage/meta', data_dir: node['garage']['data_dir'] || '/var/lib/garage/data', db_engine: node['garage']['db_engine'] || 'lmdb', rpc_port: node['garage']['rpc_port'], rpc_public_addr: "#{node.dig('knife_zero', 'host') || '127.0.0.1'}:#{node['garage']['rpc_port']}", rpc_secret: credentials['rpc_secret'], s3_region: node['garage']['s3_region'] || 'garage', s3_api_port: node['garage']['s3_api_port'], s3_api_root_domain: node['garage']['s3_api_root_domain'] || '.s3.garage.localhost', s3_web_port: node['garage']['s3_web_port'], s3_web_root_domain: node['garage']['s3_web_root_domain'] || '.web.garage.localhost', k2v_api_port: node['garage']['k2v_api_port'], admin_port: node['garage']['admin_port'], admin_token: credentials['admin_token'] notifies :restart, 'service[garage]', :delayed end systemd_unit 'garage.service' do content({ Unit: { Description: 'Garage Data Store', Documentation: ['https://garagehq.deuxfleurs.fr/documentation/quick-start/'], After: 'network-online.target', Wants: 'network-online.target' }, Service: { Environment: 'RUST_LOG=garage=info RUST_BACKTRACE=1', ExecStart: '/usr/local/bin/garage server', StateDirectory: 'garage', DynamicUser: true, ProtectHome: true, NoNewPrivileges: true }, Install: { WantedBy: 'multi-user.target' } }) verify false triggers_reload true action [:create] end service 'garage' do action [:enable, :start] end