diff --git a/.github/workflows/chartpress.yaml b/.github/workflows/chartpress.yaml
index a5e77290..e48421a6 100644
--- a/.github/workflows/chartpress.yaml
+++ b/.github/workflows/chartpress.yaml
@@ -15,14 +15,14 @@ jobs:
- name: Setup python
uses: actions/setup-python@v2
with:
- python-version: '3.6'
+ python-version: '3.7'
- name: Setup git
run: git config --global user.email "noreply@developmentseed.org" && git config --global user.name "Github Action"
- name: Install Chartpress
run: |
- pip install -v chartpress && pip install six
+ pip install chartpress six ruamel.yaml
- name: Run Chartpress
run: chartpress --push
env:
diff --git a/images/db/Dockerfile b/images/db/Dockerfile
index 2086796d..c17d1038 100644
--- a/images/db/Dockerfile
+++ b/images/db/Dockerfile
@@ -1,5 +1,8 @@
FROM postgres:11
RUN rm /etc/apt/sources.list.d/pgdg.list
+RUN sed -i s/deb.debian.org/archive.debian.org/g /etc/apt/sources.list
+RUN sed -i 's|security.debian.org|archive.debian.org|g' /etc/apt/sources.list
+RUN sed -i '/stretch-updates/d' /etc/apt/sources.list
RUN apt-get update && apt-get -y install apt-transport-https
RUN echo "deb [ signed-by=/usr/local/share/keyrings/postgres.gpg.asc ] https://apt-archive.postgresql.org/pub/repos/apt/ stretch-pgdg main 11" >/etc/apt/sources.list.d/pgdg.list
RUN apt-get update && apt-get install -y \
diff --git a/images/tasking-manager-api/Dockerfile b/images/tasking-manager-api/Dockerfile
index 990aac64..e716288c 100644
--- a/images/tasking-manager-api/Dockerfile
+++ b/images/tasking-manager-api/Dockerfile
@@ -1,7 +1,7 @@
-FROM python:3.7-alpine
+FROM python:3.7-slim
-RUN apk update && \
- apk add git
+RUN apt update && \
+ apt install -y git
ENV workdir /usr/src/app
@@ -11,21 +11,21 @@ RUN cd $workdir && git checkout -f f0df07174f4014365220af09187b5f941f9770b0
WORKDIR $workdir
# Setup backend dependencies
-RUN apk update && \
- apk add \
- gcc \
- g++ \
- make \
- musl-dev \
- libffi-dev \
- python3-dev \
- postgresql-dev \
- geos-dev \
- proj-util \
- proj-dev
+RUN apt update && apt install -y \
+ gcc \
+ g++ \
+ make \
+ libffi-dev \
+ python3-dev \
+ libpq-dev \
+ proj-bin && \
+ apt clean && \
+ rm -rf /var/lib/apt/lists/*
+RUN pip install --upgrade pip
RUN pip install -r requirements.txt
RUN pip install apscheduler==3.7.0
+RUN pip install --upgrade markdown
## INITIALIZATION
EXPOSE 5000
diff --git a/images/web/config/production.conf b/images/web/config/production.conf
index 730ffe30..7108bb17 100644
--- a/images/web/config/production.conf
+++ b/images/web/config/production.conf
@@ -19,7 +19,10 @@
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
- CGIPassAuth Off
+ # For TM, do not use cgimap auth.
+
+ CGIPassAuth On
+
# ======Proxying traffic to CGImap====
@@ -32,7 +35,11 @@
RewriteRule ^/api/0\.6/node/[0-9]+/ways(\.json|\.xml)?$ fcgi://127.0.0.1:8000$0 [P]
RewriteRule ^/api/0\.6/(way|relation)/[0-9]+/full(\.json|\.xml)?$ fcgi://127.0.0.1:8000$0 [P]
RewriteRule ^/api/0\.6/(nodes|ways|relations)(\.json|\.xml)?$ fcgi://127.0.0.1:8000$0 [P]
- # RewriteRule ^/api/0\.6/changeset/[0-9]+/(upload|download)(\.json|\.xml)?$ fcgi://127.0.0.1:8000$0 [P]
+
+ # For changeset requests originating from TM, do not use cgimap.
+ RewriteCond %{REQUEST_METHOD} ^POST$
+ RewriteCond %{HTTP_REFERER} !^https://tasks(-\w+)?\.openhistoricalmap\.org/ [NC]
+ RewriteRule ^/api/0\.6/changeset/[0-9]+/(upload|download)(\.json|\.xml)?$ fcgi://127.0.0.1:8000$0 [P]
# Relax Apache security settings
diff --git a/ohm/requirements.yaml b/ohm/requirements.yaml
index aa2f8bc0..2af4f30c 100644
--- a/ohm/requirements.yaml
+++ b/ohm/requirements.yaml
@@ -1,4 +1,4 @@
dependencies:
- name: osm-seed
- version: '0.1.0-n794.h5b6149a'
+ version: '0.1.0-n806.h6f59175'
repository: https://devseed.com/osm-seed-chart/
diff --git a/values.production.template.yaml b/values.production.template.yaml
index 866f3616..a0a2b96e 100644
--- a/values.production.template.yaml
+++ b/values.production.template.yaml
@@ -262,25 +262,47 @@ osm-seed:
# ====================================================================================================
dbBackupRestore:
- enabled: true
- schedule: '0 0 * * *'
- nodeSelector:
+ cronjobs:
+ - name: web-db
enabled: true
- label_key: nodegroup_type
- label_value: job
- env:
- DB_ACTION: backup
- RESTORE_URL_FILE: https://osmseed-production-db.s3.us-east-1.amazonaws.com/database/osmseed-db-220803_1606.sql.gz?response-content-disposition=inline&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEDcaCXNhLWVhc3QtMSJIMEYCIQC6oYShK01LFCHNNOP0%2Bch5uKeAcpSmfRLxnaaygUYd5QIhAKt0OtxclFyJrX1qqdOfOgcylfVGBi%2FizMIIISenxD%2FbKoQDCJD%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEQAhoMNjE4MzgwMjQyMjQ3IgzdtXrtIBspySZIJ0Yq2AJ0RovZahua04PQ%2FBWVGLhmQPxRiN6Pe5evt2FUuVFdrSMGaqfxo3YAGTezOmviYoqtrHf7NZHRcHQx9RTB4Nk2rmeZfQ9xepB7semK0G3VbzDqsVTzglFDxk52xqpESYYf6vVbORyBDJvjvlCjUAXLH1PqOlj%2FFDd5A3UK3%2FCSJc9JfYh1LVkz4md6ug3mh0KYpUL0%2FipBVpQTcN0PCkVJTTPWOBXmn9qnYMUJg2LNRVMkgIr7AA2MmmSVzPhj%2FfnaHIXCCbHlJ5RA9IgpftC%2FEvTrP2cvgcV03YOWSq9sSMg%2B%2B0xDWn7stI9PsKoakHX%2B%2BtsxHimJ4uGTY8I7DsV915Kzgx1aRlJ5MYjOtbSuMOfhZP6FSwLGRTPw7qvS0kLFKHAwCYLsd7GF6%2FHadTbLSJ0Zx0EqPYVjyIKfwZ5fu204xUkGhCqBlHuQBQhoG%2FMxcnYf53NoSTChm6qXBjqyAkr7doHwSC9HTJYlIq7gixhkZ29BfaHp8jq0gIBW7aAEC3idFdN2ZQd9pHQAgN4fKYrOmC%2Bbf9njZH91%2BEvzwpEHXyho8E8lPSQJGJZnAquRzJkzJ23%2F4zF51Rf2WMSpmYMHyWXodLLP4yYj%2Bgk%2Bg%2FbUsDYhkq4%2B%2F5%2Bf7YLCmvi%2BdO%2B5GEZEa%2B1iPghxd%2BH8eQk9jUlebsI3fh01f%2Bv6TbzgGieM7eqXYeH0JTZDZGEJlPdbUzMHKcj6G6kuTX4nvD9YDPQzUYAoVwu2gwjvrjaHRaK8NKMlEC7JCIlsWrVzjVR%2FtXlBybrZ5rSdZNeTIDDof5lS8O%2F9qqyhTel4pObDPNosj6jCOVPe3geM5ZNZVbL4ATUdJ5oU3BcTm%2FMcerATv%2FysoVrskKNuDMjHoT3fkA%3D%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20220803T172639Z&X-Amz-SignedHeaders=host&X-Amz-Expires=2400&X-Amz-Credential=ASIAY76SVVVDSEAYVNUG%2F20220803%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=6ed260d9d775bbc6b0d4f5e08575552270c970a81afa2254f87b62c3b97730c2
- CLEAN_BACKUPS: false
- AWS_S3_BUCKET: {{PRODUCTION_DB_BACKUP_S3_BUCKET}}
- resources:
+ schedule: '0 0 * * *'
+ env:
+ # backup/restore
+ DB_ACTION: backup
+ # Naming backup files
+ SET_DATE_AT_NAME: true
+ BACKUP_CLOUD_FOLDER: database/web-api-db
+ BACKUP_CLOUD_FILE: ohm-api-web-db
+ AWS_S3_BUCKET: {{PRODUCTION_DB_BACKUP_S3_BUCKET}}
+ # Clean up backups options
+ CLEANUP_BACKUPS: true
+ RETENTION_DAYS: '30'
+ resources:
+ enabled: false
+ nodeSelector:
+ enabled: true
+ label_key: nodegroup_type
+ label_value: job
+ - name: osmcha-db
enabled: false
- requests:
- memory: "10Gi"
- cpu: "3"
- limits:
- memory: "10Gi"
- cpu: "3"
+ schedule: '0 0 * * *'
+ env:
+ # backup/restore
+ DB_ACTION: backup
+ # Naming backup files
+ SET_DATE_AT_NAME: 'true'
+ BACKUP_CLOUD_FOLDER: database/osmcha-db
+ BACKUP_CLOUD_FILE: osmseed-osmcha-db
+ AWS_S3_BUCKET: {{PRODUCTION_DB_BACKUP_S3_BUCKET}}
+ # Clean up backups options
+ CLEANUP_BACKUPS: true
+ RETENTION_DAYS: '30'
+ resources:
+ enabled: false
+ nodeSelector:
+ enabled: true
+ label_key: nodegroup_type
+ label_value: job
# ====================================================================================================
# Variables for tiler-db
diff --git a/values.staging.template.yaml b/values.staging.template.yaml
index d79ef483..922ee173 100644
--- a/values.staging.template.yaml
+++ b/values.staging.template.yaml
@@ -278,28 +278,61 @@ osm-seed:
# ====================================================================================================
# Variables for restoring the DB
# ====================================================================================================
-
dbBackupRestore:
- enabled: true
- schedule: '0 0 * * *'
- nodeSelector:
+ cronjobs:
+ - name: web-db
enabled: true
- label_key: nodegroup_type
- label_value: job
- env:
- RESTORE_URL_FILE: https://osmseed-production-db.s3.us-east-1.amazonaws.com/database/osmseed-db-220802_0000.sql.gz?response-content-disposition=inline&X-Amz-Security-Token=IQoJb3JpZ2luX2VjECUaCXNhLWVhc3QtMSJIMEYCIQDaL%2BYJE0LIZ8dHisSghlpKYtIbqPM3r7OnlXYySl34FAIhAOYcyVdY7WxoWN9n3z%2Fkh6JkJkkHFV91PJ6qS4ZEloizKvsCCH4QAhoMNjE4MzgwMjQyMjQ3Igy6Fd%2BxFomzH%2F38Evwq2ALJG0LvPhoMjgxOeGv0uZQPjzMewvy0IzjExaMcMruXQkSxgCjLZzb2xJTmfPHqcT1iAN%2FYPcm87CuLMU6TZ7QdKQTbhPUIgIXsdQ1oscp8095EgaQr0pY%2F7gDfDlxrUjGnEN3FOUCYucFNn9ORlL%2BlNXCkOsaIIg0ByUyLHFfus7%2B8plA0GfAHwkXdJRyx4hmSXFzAhnDT0mqH0YjuiS5DevP0ykCLmF3hT3Xbwd81t%2FZ07mm8hwzAxLibIc5YqjrxxnLAuZR9AXHCH%2F4Q0HosKMVWpry%2BsjRuebUbNgKsb8M4e73xjN18b40feIFazI6Ypo2yTfsMhNM2t1swa%2FpMq%2B2qg5NlDM%2FP1KzwT2yvZ3cZnZ2o3wFTxCYRcVG0nz%2FYA6iirYwezO2JK37aaeqUaMzTSAwM46S9S2qtcyuz5qrP2%2FULcrILtxw8FHVk5uMbqcXpBOQxMDCkpKaXBjqyAsdeRIzom8r6pAwrr7yzldM3bEpDdpfah38i%2BVGoq4Vg1EfrTTrRJ1zM481yAK9VZ%2Bm8pH52NRXsf3KBvawHxfKWRS5RiY4lhU%2BcX0WxtgCicxSILzoD9xmU6PoiuCy4DUojES6CznkY1LXe10ccQn4URFYgSpx04JSvO6RW82BWXardXPtZXuaxw4bPD%2FNnp3UxXMpv8fTS9shlA98xaS4m7XYTbpNl5uere0HkGy4vi5IZYRY%2B%2B909WU9ALsvSHBE%2BZLiIND8r0V1y9zBL8jD9pgtZghVpc%2FyeQ4XPxxtxEDSvJi0m3Vr7IQC7kOxB%2BuHSafbTKH4oGCDD5con4b7GCImy7N0T5EbVEAkmmKvW9hAMDYhF0A3NOR8fEvNtPKZve0bEl0gmMJ07quqmOsd56A%3D%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20220802T223259Z&X-Amz-SignedHeaders=host&X-Amz-Expires=1200&X-Amz-Credential=ASIAY76SVVVDZNYKO7KN%2F20220802%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=2a60ec3375c1abffc83a9067732a76ee02be3611bbe0e3e297987dd37fc58365
- DB_ACTION: backup
- CLEAN_BACKUPS: false
- AWS_S3_BUCKET: s3://osmseed-staging
- resources:
- enabled: false
- requests:
- memory: "10Gi"
- cpu: "3"
- limits:
- memory: "10Gi"
- cpu: "3"
-
+ schedule: '0 0 * * *'
+ env:
+ # backup/restore
+ DB_ACTION: backup
+ # Naming backup files
+ SET_DATE_AT_NAME: true
+ BACKUP_CLOUD_FOLDER: database/web-api-db
+ BACKUP_CLOUD_FILE: ohm-api-web-db
+ AWS_S3_BUCKET: osmseed-staging
+ # Clean up backups options
+ CLEANUP_BACKUPS: true
+ RETENTION_DAYS: '30'
+ resources:
+ enabled: false
+ requests:
+ memory: '300Mi'
+ cpu: '0.5'
+ limits:
+ memory: '400Mi'
+ cpu: '0.6'
+ nodeSelector:
+ enabled: true
+ label_key: nodegroup_type
+ label_value: job
+ - name: osmcha-db
+ enabled: true
+ schedule: '0 0 * * *'
+ env:
+ # backup/restore
+ DB_ACTION: backup
+ # Naming backup files
+ SET_DATE_AT_NAME: 'true'
+ BACKUP_CLOUD_FOLDER: database/osmcha-db
+ BACKUP_CLOUD_FILE: osmseed-osmcha-db
+ AWS_S3_BUCKET: osmseed-staging
+ # Clean up backups options
+ CLEANUP_BACKUPS: true
+ RETENTION_DAYS: '30'
+ resources:
+ enabled: false
+ requests:
+ memory: '300Mi'
+ cpu: '0.5'
+ limits:
+ memory: '400Mi'
+ cpu: '0.6'
+ nodeSelector:
+ enabled: true
+ label_key: nodegroup_type
+ label_value: job
+
# ====================================================================================================
# Variables for tiler-db
# ====================================================================================================