From 3840d40d7740f95bbdecb31969b33a4415ab0c9b Mon Sep 17 00:00:00 2001 From: Rub21 Date: Wed, 3 Dec 2025 11:28:55 -0500 Subject: [PATCH 01/12] Update osm website version --- images/web/Dockerfile | 139 ++++++++++++++++++++++-------- images/web/config/production.conf | 9 +- images/web/config/settings.yml | 28 ++++-- images/web/start.sh | 29 +++++-- 4 files changed, 148 insertions(+), 57 deletions(-) diff --git a/images/web/Dockerfile b/images/web/Dockerfile index 0927843b..b94e40c7 100644 --- a/images/web/Dockerfile +++ b/images/web/Dockerfile @@ -1,7 +1,12 @@ FROM ruby:3.3-slim AS builder ENV DEBIAN_FRONTEND=noninteractive \ - workdir=/var/www + workdir=/var/www \ + BUNDLE_PATH=/usr/local/bundle \ + GEM_HOME=/usr/local/bundle \ + GEM_PATH=/usr/local/bundle \ + PATH="/usr/local/bundle/bin:$PATH" \ + RAILS_ENV=production WORKDIR $workdir @@ -10,25 +15,23 @@ RUN apt-get update && \ apt-get install -y --no-install-recommends \ git curl gnupg build-essential \ libarchive-dev zlib1g-dev libcurl4-openssl-dev \ - apache2 apache2-dev libapache2-mod-passenger libapache2-mod-fcgid libapr1-dev libaprutil1-dev \ + apache2 apache2-dev libapache2-mod-fcgid libapr1-dev libaprutil1-dev \ postgresql-client libpq-dev libxml2-dev libyaml-dev \ - pngcrush optipng advancecomp pngquant jhead jpegoptim gifsicle libjpeg-progs \ - && curl -fsSL https://deb.nodesource.com/setup_18.x | bash - \ + pngcrush optipng advancecomp pngquant jhead jpegoptim gifsicle libjpeg-progs unzip\ + && curl -fsSL https://deb.nodesource.com/setup_24.x | bash - \ && apt-get install -y nodejs \ && npm install -g yarn svgo \ && apt-get clean && rm -rf /var/lib/apt/lists/* -RUN a2enmod passenger # Clone OSM Website -ENV OPENSTREETMAP_WEBSITE_GITSHA=ea3760f94d9d74d3aaa8492182b9e1a15ec1effa -RUN rm -rf $workdir/* && \ - git clone https://github.com/openstreetmap/openstreetmap-website.git $workdir && \ - cd $workdir && \ - git checkout $OPENSTREETMAP_WEBSITE_GITSHA && \ - git fetch && rm -rf .git - -# Install Ruby/Node dependencies +ENV OPENSTREETMAP_WEBSITE_GITSHA=acb1e73fa98e6cb7adf67f99e0be5891dcd4f6ea +ENV OSM_WEBSITE_URL=https://github.com/openstreetmap/openstreetmap-website/archive/${OPENSTREETMAP_WEBSITE_GITSHA}.zip +RUN rm -rf $workdir/* && curl -fsSL $OSM_WEBSITE_URL -o /tmp/openstreetmap-website.zip && \ + unzip /tmp/openstreetmap-website.zip -d /tmp && \ + mv /tmp/openstreetmap-website-$OPENSTREETMAP_WEBSITE_GITSHA/* $workdir && \ + rm -rf /tmp/* + RUN gem install bundler && \ bundle install && \ yarn install && \ @@ -45,8 +48,8 @@ RUN rm -f config/credentials.yml.enc && \ export RAILS_MASTER_KEY=$(openssl rand -hex 16) && \ export SECRET_KEY_BASE=$(bundle exec rails secret) && \ echo $RAILS_MASTER_KEY > config/master.key && \ - EDITOR="echo" RAILS_MASTER_KEY=$RAILS_MASTER_KEY rails credentials:edit && \ - RAILS_MASTER_KEY=$RAILS_MASTER_KEY rails runner "\ + EDITOR="echo" RAILS_MASTER_KEY=$RAILS_MASTER_KEY bundle exec rails credentials:edit && \ + RAILS_MASTER_KEY=$RAILS_MASTER_KEY bundle exec rails runner "\ require 'active_support/encrypted_configuration'; \ require 'yaml'; \ creds = ActiveSupport::EncryptedConfiguration.new(\ @@ -59,40 +62,108 @@ RUN rm -f config/credentials.yml.enc && \ creds.write(credentials.to_yaml); \ puts 'Credentials configured correctly.'" -# Precompile assets -RUN bundle exec rake i18n:js:export && \ - bundle exec rake assets:precompile +# Precompiling assets for production without requiring secret RAILS_MASTER_KEY +RUN SECRET_KEY_BASE_DUMMY=1 \ + bundle exec i18n export && \ + bundle exec rails assets:precompile + FROM ruby:3.3-slim ENV DEBIAN_FRONTEND=noninteractive \ - workdir=/var/www - -WORKDIR $workdir - -# Install only runtime dependencies -RUN apt-get update && apt-get install -y --no-install-recommends \ - apache2 libapache2-mod-passenger libapache2-mod-fcgid \ - libpq5 libxml2 libyaml-0-2 libarchive13 file libgd-dev \ - postgresql-client curl \ + workdir=/var/www \ + BUNDLE_PATH=/usr/local/bundle \ + GEM_HOME=/usr/local/bundle \ + GEM_PATH=/usr/local/bundle \ + PATH="/usr/local/bundle/bin:$PATH" \ + RAILS_ENV=production \ + PATH="$PATH:$GEM_HOME/bin" + +# Install base dependencies for Passenger gem compilation and runtime +RUN BUILD_DEPS=" \ + build-essential \ + apache2-dev \ + libcurl4-openssl-dev \ + zlib1g-dev \ + libssl-dev \ + npm \ + " \ + && apt-get update && apt-get install -y --no-install-recommends \ + $BUILD_DEPS \ + libgd-dev \ + apache2 \ + libapache2-mod-fcgid \ + libpq5 \ + libxml2 \ + libyaml-0-2 \ + libarchive13 \ + file \ + pngcrush \ + optipng \ + advancecomp \ + pngquant \ + jhead \ + jpegoptim \ + gifsicle \ + postgresql-client \ + curl \ + libvips \ + nodejs \ + \ + && npm install -g svgo \ + \ + # Install Passenger as a gem and compile the Apache module + \ + && gem install passenger --no-document \ + && yes | passenger-install-apache2-module --auto --languages ruby \ + && passenger-config validate-install --auto \ + \ + # Delete the build dependencies to reduce image size + \ + && apt-get purge -y --auto-remove $BUILD_DEPS \ + \ + # libgd-dev is requiered by the app on run time to process gps files + \ + && apt-get update && apt-get install -y --no-install-recommends libgd3 libgd-dev \ + \ + # Final cleanup + \ && apt-get clean && rm -rf /var/lib/apt/lists/* -COPY --from=builder /var/www /var/www -COPY --from=builder /usr/local/bundle /usr/local/bundle - -# Symlink tmp for Passenger -RUN ln -s /tmp /var/www/tmp # Apache configuration COPY config/production.conf /etc/apache2/sites-available/production.conf + +RUN passenger-install-apache2-module --snippet > /etc/apache2/mods-available/passenger.load && \ + passenger-config build-native-support + RUN a2enmod headers setenvif proxy proxy_http proxy_fcgi fcgid rewrite lbmethod_byrequests passenger && \ a2dissite 000-default && \ a2ensite production && \ echo "ServerName localhost" >> /etc/apache2/apache2.conf && \ apache2ctl configtest +RUN echo '#!/bin/bash\nexec /usr/local/bin/ruby --yjit --yjit-exec-mem-size=64 "$@"' > /usr/local/bin/ruby_yjit && \ + chmod +x /usr/local/bin/ruby_yjit + +WORKDIR $workdir + +COPY --chown=www-data:www-data --from=builder /var/www /$workdir +COPY --from=builder /usr/local/bundle /usr/local/bundle + COPY config/settings.yml $workdir/config/ COPY start.sh liveness.sh $workdir/ -RUN chmod +x $workdir/*.sh -RUN chown -R www-data:www-data /var/www + +RUN ln -s /tmp /var/www/tmp + +RUN mkdir -p /var/www/log && \ + touch /var/www/log/production.log && \ + chown -R www-data:www-data /var/www/log /var/www/public && \ + chown -R www-data:www-data /var/www + CMD ["./start.sh"] + + + + + diff --git a/images/web/config/production.conf b/images/web/config/production.conf index e3d1f3da..0b533b40 100644 --- a/images/web/config/production.conf +++ b/images/web/config/production.conf @@ -5,18 +5,13 @@ PassengerRuby /usr/local/bin/ruby RewriteEngine On - # Redirect to HTTPS - RewriteCond %{HTTP:X-Forwarded-Proto} =http + # Redirect HTTP to HTTPS for current domain (except localhost) RewriteCond %{HTTP_HOST} !=localhost RewriteCond %{HTTP_HOST} !=127.0.0.1 RewriteCond %{HTTPS} off + RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] - # Redirect to www openstreetmap.org - # RewriteCond %{HTTP_HOST} =openstreetmap.org - # RewriteCond %{HTTP_HOST} !^www\. [NC] - # RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] - CGIPassAuth On SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 diff --git a/images/web/config/settings.yml b/images/web/config/settings.yml index 3e145e09..4164e3aa 100644 --- a/images/web/config/settings.yml +++ b/images/web/config/settings.yml @@ -102,13 +102,13 @@ default_legale: GB # Location of data for attachments attachments_dir: ":rails_root/public/attachments" # Log file to use -#log_path: "" +log_path: "/var/www/log/production.log" # Log file to use for logstash #logstash_path: "" # List of memcache servers to use for caching memcache_servers: [] # URL of Nominatim instance to use for geocoding -nominatim_url: "https://nominatim-api.openstreetmap.org/" +nominatim_url: "https://nominatim.openstreetmap.org/" # Default editor default_editor: "id" # OAuth application for the web site @@ -131,6 +131,11 @@ overpass_credentials: false graphhopper_url: "https://graphhopper.com/api/1/route" fossgis_osrm_url: "https://routing.openstreetmap.de/" fossgis_valhalla_url: "https://valhalla1.openstreetmap.de/route" + +# Endpoints for Wikimedia integration +# wikidata_api_url: "https://www.wikidata.org/w/api.php" +# wikimedia_commons_url: "https://commons.wikimedia.org/wiki/" + # External authentication credentials #google_auth_id: "" #google_auth_secret: "" @@ -141,8 +146,15 @@ fossgis_valhalla_url: "https://valhalla1.openstreetmap.de/route" #github_auth_secret: "" #microsoft_auth_id: "" #microsoft_auth_secret: "" -#wikipedia_auth_id: "" -#wikipedia_auth_secret: "" +# wikipedia_auth_id: "" +# wikipedia_auth_secret: "" +#apple_auth_id: "" +#apple_team_id: "" +#apple_key_id: "" +#apple_private_key: "" +# openstreetmap_auth_id: "" +# openstreetmap_auth_secret: "" +# openstreetmap_auth_scopes: ["read_prefs"] # Thunderforest authentication details #thunderforest_key: "" # Tracestrack authentication details @@ -154,10 +166,10 @@ csp_enforce: false # URL for reporting Content-Security-Policy violations #csp_report_url: "" # Storage services to use in production mode -avatar_storage: "local" -trace_file_storage: "local" -trace_image_storage: "local" -trace_icon_storage: "local" +avatar_storage: "local" # TODO: Change to S3 +trace_file_storage: "local" # TODO: Change to S3 +trace_image_storage: "local" # TODO: Change to S3 +trace_icon_storage: "local" # TODO: Change to S3 # Root URL for storage services # avatar_storage_url: # trace_image_storage_url: diff --git a/images/web/start.sh b/images/web/start.sh index a379fddb..372922f4 100755 --- a/images/web/start.sh +++ b/images/web/start.sh @@ -99,6 +99,17 @@ start_background_jobs() { done } +log_and_tail() { + local file=$1 + if [ -f "$file" ]; then + echo "Logs from: $file" + tail -F "$file" & + else + echo "⚠️ Log file not found: $file" + fi +} + + setup_production() { setup_env_vars @@ -107,11 +118,8 @@ setup_production() { sleep 2 done - # echo "Running asset precompilation..." - # time bundle exec rake i18n:js:export assets:precompile - - echo "Copying static assets..." - cp "$workdir/public/leaflet-ohm-timeslider-v2/assets/"* "$workdir/public/assets/" + # Create the /passenger-instreg directory if it doesn’t exist. This is required in newer versions of Passenger. + mkdir -p /var/run/passenger-instreg echo "Running database migrations..." time bundle exec rails db:migrate @@ -121,12 +129,17 @@ setup_production() { ./cgimap.sh fi + echo "Logging and tailing logs..." + # log_and_tail /var/www/log/production.log + # log_and_tail /var/www/log/jobs_work.log + log_and_tail /var/log/apache2/error.log + log_and_tail /var/log/apache2/access.log + echo "Starting Apache server..." - apachectl -k start -DFOREGROUND & - start_background_jobs + start_background_jobs & + apachectl -k start -DFOREGROUND } - setup_development() { restore_db cp "$workdir/config/example.storage.yml" "$workdir/config/storage.yml" From 36b28cc749f4581b12111ff5818b5150b9d3ed1c Mon Sep 17 00:00:00 2001 From: Rub21 Date: Wed, 3 Dec 2025 12:01:50 -0500 Subject: [PATCH 02/12] Update OSM website gitsha --- images/web/Dockerfile | 250 +++++++++++++++++++++--------------------- 1 file changed, 125 insertions(+), 125 deletions(-) diff --git a/images/web/Dockerfile b/images/web/Dockerfile index b94e40c7..6f657f66 100644 --- a/images/web/Dockerfile +++ b/images/web/Dockerfile @@ -25,143 +25,143 @@ RUN apt-get update && \ # Clone OSM Website -ENV OPENSTREETMAP_WEBSITE_GITSHA=acb1e73fa98e6cb7adf67f99e0be5891dcd4f6ea +ENV OPENSTREETMAP_WEBSITE_GITSHA=82d70369990fb93627cef5e8b014de63e5222b74 ENV OSM_WEBSITE_URL=https://github.com/openstreetmap/openstreetmap-website/archive/${OPENSTREETMAP_WEBSITE_GITSHA}.zip RUN rm -rf $workdir/* && curl -fsSL $OSM_WEBSITE_URL -o /tmp/openstreetmap-website.zip && \ unzip /tmp/openstreetmap-website.zip -d /tmp && \ mv /tmp/openstreetmap-website-$OPENSTREETMAP_WEBSITE_GITSHA/* $workdir && \ rm -rf /tmp/* -RUN gem install bundler && \ - bundle install && \ - yarn install && \ - bundle exec rake yarn:install - -# Dummy config for precompile -RUN cp config/example.database.yml config/database.yml && \ - cp config/example.storage.yml config/storage.yml && \ - touch config/settings.local.yml && \ - chmod 600 config/database.yml - -# Create dummy credentials -RUN rm -f config/credentials.yml.enc && \ - export RAILS_MASTER_KEY=$(openssl rand -hex 16) && \ - export SECRET_KEY_BASE=$(bundle exec rails secret) && \ - echo $RAILS_MASTER_KEY > config/master.key && \ - EDITOR="echo" RAILS_MASTER_KEY=$RAILS_MASTER_KEY bundle exec rails credentials:edit && \ - RAILS_MASTER_KEY=$RAILS_MASTER_KEY bundle exec rails runner "\ - require 'active_support/encrypted_configuration'; \ - require 'yaml'; \ - creds = ActiveSupport::EncryptedConfiguration.new(\ - config_path: 'config/credentials.yml.enc', \ - key_path: 'config/master.key', \ - env_key: 'RAILS_MASTER_KEY', \ - raise_if_missing_key: true \ - ); \ - credentials = { secret_key_base: '$SECRET_KEY_BASE' }; \ - creds.write(credentials.to_yaml); \ - puts 'Credentials configured correctly.'" - -# Precompiling assets for production without requiring secret RAILS_MASTER_KEY -RUN SECRET_KEY_BASE_DUMMY=1 \ - bundle exec i18n export && \ - bundle exec rails assets:precompile - - -FROM ruby:3.3-slim - -ENV DEBIAN_FRONTEND=noninteractive \ - workdir=/var/www \ - BUNDLE_PATH=/usr/local/bundle \ - GEM_HOME=/usr/local/bundle \ - GEM_PATH=/usr/local/bundle \ - PATH="/usr/local/bundle/bin:$PATH" \ - RAILS_ENV=production \ - PATH="$PATH:$GEM_HOME/bin" - -# Install base dependencies for Passenger gem compilation and runtime -RUN BUILD_DEPS=" \ - build-essential \ - apache2-dev \ - libcurl4-openssl-dev \ - zlib1g-dev \ - libssl-dev \ - npm \ - " \ - && apt-get update && apt-get install -y --no-install-recommends \ - $BUILD_DEPS \ - libgd-dev \ - apache2 \ - libapache2-mod-fcgid \ - libpq5 \ - libxml2 \ - libyaml-0-2 \ - libarchive13 \ - file \ - pngcrush \ - optipng \ - advancecomp \ - pngquant \ - jhead \ - jpegoptim \ - gifsicle \ - postgresql-client \ - curl \ - libvips \ - nodejs \ - \ - && npm install -g svgo \ - \ - # Install Passenger as a gem and compile the Apache module - \ - && gem install passenger --no-document \ - && yes | passenger-install-apache2-module --auto --languages ruby \ - && passenger-config validate-install --auto \ - \ - # Delete the build dependencies to reduce image size - \ - && apt-get purge -y --auto-remove $BUILD_DEPS \ - \ - # libgd-dev is requiered by the app on run time to process gps files - \ - && apt-get update && apt-get install -y --no-install-recommends libgd3 libgd-dev \ - \ - # Final cleanup - \ - && apt-get clean && rm -rf /var/lib/apt/lists/* - - -# Apache configuration -COPY config/production.conf /etc/apache2/sites-available/production.conf - -RUN passenger-install-apache2-module --snippet > /etc/apache2/mods-available/passenger.load && \ - passenger-config build-native-support - -RUN a2enmod headers setenvif proxy proxy_http proxy_fcgi fcgid rewrite lbmethod_byrequests passenger && \ - a2dissite 000-default && \ - a2ensite production && \ - echo "ServerName localhost" >> /etc/apache2/apache2.conf && \ - apache2ctl configtest - -RUN echo '#!/bin/bash\nexec /usr/local/bin/ruby --yjit --yjit-exec-mem-size=64 "$@"' > /usr/local/bin/ruby_yjit && \ - chmod +x /usr/local/bin/ruby_yjit +# RUN gem install bundler && \ +# bundle install && \ +# yarn install && \ +# bundle exec rake yarn:install + +# # Dummy config for precompile +# RUN cp config/example.database.yml config/database.yml && \ +# cp config/example.storage.yml config/storage.yml && \ +# touch config/settings.local.yml && \ +# chmod 600 config/database.yml + +# # Create dummy credentials +# RUN rm -f config/credentials.yml.enc && \ +# export RAILS_MASTER_KEY=$(openssl rand -hex 16) && \ +# export SECRET_KEY_BASE=$(bundle exec rails secret) && \ +# echo $RAILS_MASTER_KEY > config/master.key && \ +# EDITOR="echo" RAILS_MASTER_KEY=$RAILS_MASTER_KEY bundle exec rails credentials:edit && \ +# RAILS_MASTER_KEY=$RAILS_MASTER_KEY bundle exec rails runner "\ +# require 'active_support/encrypted_configuration'; \ +# require 'yaml'; \ +# creds = ActiveSupport::EncryptedConfiguration.new(\ +# config_path: 'config/credentials.yml.enc', \ +# key_path: 'config/master.key', \ +# env_key: 'RAILS_MASTER_KEY', \ +# raise_if_missing_key: true \ +# ); \ +# credentials = { secret_key_base: '$SECRET_KEY_BASE' }; \ +# creds.write(credentials.to_yaml); \ +# puts 'Credentials configured correctly.'" + +# # Precompiling assets for production without requiring secret RAILS_MASTER_KEY +# RUN SECRET_KEY_BASE_DUMMY=1 \ +# bundle exec i18n export && \ +# bundle exec rails assets:precompile + + +# FROM ruby:3.3-slim + +# ENV DEBIAN_FRONTEND=noninteractive \ +# workdir=/var/www \ +# BUNDLE_PATH=/usr/local/bundle \ +# GEM_HOME=/usr/local/bundle \ +# GEM_PATH=/usr/local/bundle \ +# PATH="/usr/local/bundle/bin:$PATH" \ +# RAILS_ENV=production \ +# PATH="$PATH:$GEM_HOME/bin" + +# # Install base dependencies for Passenger gem compilation and runtime +# RUN BUILD_DEPS=" \ +# build-essential \ +# apache2-dev \ +# libcurl4-openssl-dev \ +# zlib1g-dev \ +# libssl-dev \ +# npm \ +# " \ +# && apt-get update && apt-get install -y --no-install-recommends \ +# $BUILD_DEPS \ +# libgd-dev \ +# apache2 \ +# libapache2-mod-fcgid \ +# libpq5 \ +# libxml2 \ +# libyaml-0-2 \ +# libarchive13 \ +# file \ +# pngcrush \ +# optipng \ +# advancecomp \ +# pngquant \ +# jhead \ +# jpegoptim \ +# gifsicle \ +# postgresql-client \ +# curl \ +# libvips \ +# nodejs \ +# \ +# && npm install -g svgo \ +# \ +# # Install Passenger as a gem and compile the Apache module +# \ +# && gem install passenger --no-document \ +# && yes | passenger-install-apache2-module --auto --languages ruby \ +# && passenger-config validate-install --auto \ +# \ +# # Delete the build dependencies to reduce image size +# \ +# && apt-get purge -y --auto-remove $BUILD_DEPS \ +# \ +# # libgd-dev is requiered by the app on run time to process gps files +# \ +# && apt-get update && apt-get install -y --no-install-recommends libgd3 libgd-dev \ +# \ +# # Final cleanup +# \ +# && apt-get clean && rm -rf /var/lib/apt/lists/* + + +# # Apache configuration +# COPY config/production.conf /etc/apache2/sites-available/production.conf + +# RUN passenger-install-apache2-module --snippet > /etc/apache2/mods-available/passenger.load && \ +# passenger-config build-native-support + +# RUN a2enmod headers setenvif proxy proxy_http proxy_fcgi fcgid rewrite lbmethod_byrequests passenger && \ +# a2dissite 000-default && \ +# a2ensite production && \ +# echo "ServerName localhost" >> /etc/apache2/apache2.conf && \ +# apache2ctl configtest + +# RUN echo '#!/bin/bash\nexec /usr/local/bin/ruby --yjit --yjit-exec-mem-size=64 "$@"' > /usr/local/bin/ruby_yjit && \ +# chmod +x /usr/local/bin/ruby_yjit -WORKDIR $workdir +# WORKDIR $workdir -COPY --chown=www-data:www-data --from=builder /var/www /$workdir -COPY --from=builder /usr/local/bundle /usr/local/bundle +# COPY --chown=www-data:www-data --from=builder /var/www /$workdir +# COPY --from=builder /usr/local/bundle /usr/local/bundle -COPY config/settings.yml $workdir/config/ -COPY start.sh liveness.sh $workdir/ +# COPY config/settings.yml $workdir/config/ +# COPY start.sh liveness.sh $workdir/ -RUN ln -s /tmp /var/www/tmp +# RUN ln -s /tmp /var/www/tmp -RUN mkdir -p /var/www/log && \ - touch /var/www/log/production.log && \ - chown -R www-data:www-data /var/www/log /var/www/public && \ - chown -R www-data:www-data /var/www +# RUN mkdir -p /var/www/log && \ +# touch /var/www/log/production.log && \ +# chown -R www-data:www-data /var/www/log /var/www/public && \ +# chown -R www-data:www-data /var/www -CMD ["./start.sh"] +# CMD ["./start.sh"] From 29aa78f9887128f9fa39c0871f04e18a594d2c1c Mon Sep 17 00:00:00 2001 From: Rub21 Date: Wed, 3 Dec 2025 12:10:32 -0500 Subject: [PATCH 03/12] Uncomment the dockerfile --- images/web/Dockerfile | 245 +++++++++++++++++++++--------------------- 1 file changed, 120 insertions(+), 125 deletions(-) diff --git a/images/web/Dockerfile b/images/web/Dockerfile index 6f657f66..7523726e 100644 --- a/images/web/Dockerfile +++ b/images/web/Dockerfile @@ -32,138 +32,133 @@ RUN rm -rf $workdir/* && curl -fsSL $OSM_WEBSITE_URL -o /tmp/openstreetmap-websi mv /tmp/openstreetmap-website-$OPENSTREETMAP_WEBSITE_GITSHA/* $workdir && \ rm -rf /tmp/* -# RUN gem install bundler && \ -# bundle install && \ -# yarn install && \ -# bundle exec rake yarn:install - -# # Dummy config for precompile -# RUN cp config/example.database.yml config/database.yml && \ -# cp config/example.storage.yml config/storage.yml && \ -# touch config/settings.local.yml && \ -# chmod 600 config/database.yml - -# # Create dummy credentials -# RUN rm -f config/credentials.yml.enc && \ -# export RAILS_MASTER_KEY=$(openssl rand -hex 16) && \ -# export SECRET_KEY_BASE=$(bundle exec rails secret) && \ -# echo $RAILS_MASTER_KEY > config/master.key && \ -# EDITOR="echo" RAILS_MASTER_KEY=$RAILS_MASTER_KEY bundle exec rails credentials:edit && \ -# RAILS_MASTER_KEY=$RAILS_MASTER_KEY bundle exec rails runner "\ -# require 'active_support/encrypted_configuration'; \ -# require 'yaml'; \ -# creds = ActiveSupport::EncryptedConfiguration.new(\ -# config_path: 'config/credentials.yml.enc', \ -# key_path: 'config/master.key', \ -# env_key: 'RAILS_MASTER_KEY', \ -# raise_if_missing_key: true \ -# ); \ -# credentials = { secret_key_base: '$SECRET_KEY_BASE' }; \ -# creds.write(credentials.to_yaml); \ -# puts 'Credentials configured correctly.'" - -# # Precompiling assets for production without requiring secret RAILS_MASTER_KEY -# RUN SECRET_KEY_BASE_DUMMY=1 \ -# bundle exec i18n export && \ -# bundle exec rails assets:precompile - - -# FROM ruby:3.3-slim - -# ENV DEBIAN_FRONTEND=noninteractive \ -# workdir=/var/www \ -# BUNDLE_PATH=/usr/local/bundle \ -# GEM_HOME=/usr/local/bundle \ -# GEM_PATH=/usr/local/bundle \ -# PATH="/usr/local/bundle/bin:$PATH" \ -# RAILS_ENV=production \ -# PATH="$PATH:$GEM_HOME/bin" - -# # Install base dependencies for Passenger gem compilation and runtime -# RUN BUILD_DEPS=" \ -# build-essential \ -# apache2-dev \ -# libcurl4-openssl-dev \ -# zlib1g-dev \ -# libssl-dev \ -# npm \ -# " \ -# && apt-get update && apt-get install -y --no-install-recommends \ -# $BUILD_DEPS \ -# libgd-dev \ -# apache2 \ -# libapache2-mod-fcgid \ -# libpq5 \ -# libxml2 \ -# libyaml-0-2 \ -# libarchive13 \ -# file \ -# pngcrush \ -# optipng \ -# advancecomp \ -# pngquant \ -# jhead \ -# jpegoptim \ -# gifsicle \ -# postgresql-client \ -# curl \ -# libvips \ -# nodejs \ -# \ -# && npm install -g svgo \ -# \ -# # Install Passenger as a gem and compile the Apache module -# \ -# && gem install passenger --no-document \ -# && yes | passenger-install-apache2-module --auto --languages ruby \ -# && passenger-config validate-install --auto \ -# \ -# # Delete the build dependencies to reduce image size -# \ -# && apt-get purge -y --auto-remove $BUILD_DEPS \ -# \ -# # libgd-dev is requiered by the app on run time to process gps files -# \ -# && apt-get update && apt-get install -y --no-install-recommends libgd3 libgd-dev \ -# \ -# # Final cleanup -# \ -# && apt-get clean && rm -rf /var/lib/apt/lists/* - - -# # Apache configuration -# COPY config/production.conf /etc/apache2/sites-available/production.conf - -# RUN passenger-install-apache2-module --snippet > /etc/apache2/mods-available/passenger.load && \ -# passenger-config build-native-support - -# RUN a2enmod headers setenvif proxy proxy_http proxy_fcgi fcgid rewrite lbmethod_byrequests passenger && \ -# a2dissite 000-default && \ -# a2ensite production && \ -# echo "ServerName localhost" >> /etc/apache2/apache2.conf && \ -# apache2ctl configtest - -# RUN echo '#!/bin/bash\nexec /usr/local/bin/ruby --yjit --yjit-exec-mem-size=64 "$@"' > /usr/local/bin/ruby_yjit && \ -# chmod +x /usr/local/bin/ruby_yjit - -# WORKDIR $workdir +RUN gem install bundler && \ + bundle install && \ + yarn install && \ + bundle exec rake yarn:install + +# Dummy config for precompile +RUN cp config/example.database.yml config/database.yml && \ + cp config/example.storage.yml config/storage.yml && \ + touch config/settings.local.yml && \ + chmod 600 config/database.yml + +# Create dummy credentials +RUN rm -f config/credentials.yml.enc && \ + export RAILS_MASTER_KEY=$(openssl rand -hex 16) && \ + export SECRET_KEY_BASE=$(bundle exec rails secret) && \ + echo $RAILS_MASTER_KEY > config/master.key && \ + EDITOR="echo" RAILS_MASTER_KEY=$RAILS_MASTER_KEY bundle exec rails credentials:edit && \ + RAILS_MASTER_KEY=$RAILS_MASTER_KEY bundle exec rails runner "\ + require 'active_support/encrypted_configuration'; \ + require 'yaml'; \ + creds = ActiveSupport::EncryptedConfiguration.new(\ + config_path: 'config/credentials.yml.enc', \ + key_path: 'config/master.key', \ + env_key: 'RAILS_MASTER_KEY', \ + raise_if_missing_key: true \ + ); \ + credentials = { secret_key_base: '$SECRET_KEY_BASE' }; \ + creds.write(credentials.to_yaml); \ + puts 'Credentials configured correctly.'" + +# Precompiling assets for production without requiring secret RAILS_MASTER_KEY +RUN SECRET_KEY_BASE_DUMMY=1 \ + bundle exec i18n export && \ + bundle exec rails assets:precompile + + +FROM ruby:3.3-slim + +ENV DEBIAN_FRONTEND=noninteractive \ + workdir=/var/www \ + BUNDLE_PATH=/usr/local/bundle \ + GEM_HOME=/usr/local/bundle \ + GEM_PATH=/usr/local/bundle \ + PATH="/usr/local/bundle/bin:$PATH" \ + RAILS_ENV=production \ + PATH="$PATH:$GEM_HOME/bin" + +# Install base dependencies for Passenger gem compilation and runtime +RUN BUILD_DEPS=" \ + build-essential \ + apache2-dev \ + libcurl4-openssl-dev \ + zlib1g-dev \ + libssl-dev \ + npm \ + " \ + && apt-get update && apt-get install -y --no-install-recommends \ + $BUILD_DEPS \ + libgd-dev \ + apache2 \ + libapache2-mod-fcgid \ + libpq5 \ + libxml2 \ + libyaml-0-2 \ + libarchive13 \ + file \ + pngcrush \ + optipng \ + advancecomp \ + pngquant \ + jhead \ + jpegoptim \ + gifsicle \ + postgresql-client \ + curl \ + libvips \ + nodejs \ + \ + && npm install -g svgo \ + \ + # Install Passenger as a gem and compile the Apache module + \ + && gem install passenger --no-document \ + && yes | passenger-install-apache2-module --auto --languages ruby \ + && passenger-config validate-install --auto \ + \ + # Delete the build dependencies to reduce image size + \ + && apt-get purge -y --auto-remove $BUILD_DEPS \ + \ + # libgd-dev is requiered by the app on run time to process gps files + \ + && apt-get update && apt-get install -y --no-install-recommends libgd3 libgd-dev \ + \ + # Final cleanup + \ + && apt-get clean && rm -rf /var/lib/apt/lists/* -# COPY --chown=www-data:www-data --from=builder /var/www /$workdir -# COPY --from=builder /usr/local/bundle /usr/local/bundle -# COPY config/settings.yml $workdir/config/ -# COPY start.sh liveness.sh $workdir/ +# Apache configuration +COPY config/production.conf /etc/apache2/sites-available/production.conf -# RUN ln -s /tmp /var/www/tmp +RUN passenger-install-apache2-module --snippet > /etc/apache2/mods-available/passenger.load && \ + passenger-config build-native-support -# RUN mkdir -p /var/www/log && \ -# touch /var/www/log/production.log && \ -# chown -R www-data:www-data /var/www/log /var/www/public && \ -# chown -R www-data:www-data /var/www +RUN a2enmod headers setenvif proxy proxy_http proxy_fcgi fcgid rewrite lbmethod_byrequests passenger && \ + a2dissite 000-default && \ + a2ensite production && \ + echo "ServerName localhost" >> /etc/apache2/apache2.conf && \ + apache2ctl configtest -# CMD ["./start.sh"] +RUN echo '#!/bin/bash\nexec /usr/local/bin/ruby --yjit --yjit-exec-mem-size=64 "$@"' > /usr/local/bin/ruby_yjit && \ + chmod +x /usr/local/bin/ruby_yjit + +WORKDIR $workdir +COPY --chown=www-data:www-data --from=builder /var/www /$workdir +COPY --from=builder /usr/local/bundle /usr/local/bundle +COPY config/settings.yml $workdir/config/ +COPY start.sh liveness.sh $workdir/ +RUN ln -s /tmp /var/www/tmp +RUN mkdir -p /var/www/log && \ + touch /var/www/log/production.log && \ + chown -R www-data:www-data /var/www/log /var/www/public && \ + chown -R www-data:www-data /var/www +CMD ["./start.sh"] From ca474c9c67210b3a53515e30ba0dc726bb65535e Mon Sep 17 00:00:00 2001 From: Rub21 Date: Wed, 3 Dec 2025 12:22:57 -0500 Subject: [PATCH 04/12] Istall missing libs - libgd-dev --- images/web/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/images/web/Dockerfile b/images/web/Dockerfile index 7523726e..0e86bcf7 100644 --- a/images/web/Dockerfile +++ b/images/web/Dockerfile @@ -17,6 +17,7 @@ RUN apt-get update && \ libarchive-dev zlib1g-dev libcurl4-openssl-dev \ apache2 apache2-dev libapache2-mod-fcgid libapr1-dev libaprutil1-dev \ postgresql-client libpq-dev libxml2-dev libyaml-dev \ + libgd-dev \ pngcrush optipng advancecomp pngquant jhead jpegoptim gifsicle libjpeg-progs unzip\ && curl -fsSL https://deb.nodesource.com/setup_24.x | bash - \ && apt-get install -y nodejs \ From 1449596b82176ee71a94fa1f30887f608e2c6afa Mon Sep 17 00:00:00 2001 From: Rub21 Date: Fri, 5 Dec 2025 16:00:15 -0500 Subject: [PATCH 05/12] Updte web gitsha --- images/web/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/images/web/Dockerfile b/images/web/Dockerfile index 0e86bcf7..c039b3dc 100644 --- a/images/web/Dockerfile +++ b/images/web/Dockerfile @@ -26,7 +26,7 @@ RUN apt-get update && \ # Clone OSM Website -ENV OPENSTREETMAP_WEBSITE_GITSHA=82d70369990fb93627cef5e8b014de63e5222b74 +ENV OPENSTREETMAP_WEBSITE_GITSHA=a244e419719ded592fb87e7ffd360f6e462a0d67 ENV OSM_WEBSITE_URL=https://github.com/openstreetmap/openstreetmap-website/archive/${OPENSTREETMAP_WEBSITE_GITSHA}.zip RUN rm -rf $workdir/* && curl -fsSL $OSM_WEBSITE_URL -o /tmp/openstreetmap-website.zip && \ unzip /tmp/openstreetmap-website.zip -d /tmp && \ From 3ceb7eaae1a0fa7736c7e0a82d64c7b4cc4726f0 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Fri, 5 Dec 2025 16:08:54 -0500 Subject: [PATCH 06/12] Replace arabic key for better to chekc beter logs --- images/web/start.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/images/web/start.sh b/images/web/start.sh index 372922f4..0208751b 100755 --- a/images/web/start.sh +++ b/images/web/start.sh @@ -30,6 +30,11 @@ EOF echo "S3 storage configuration set successfully." fi + #### Fix translation files: replace {مجتمع} with {community} to prevent KeyError + # This fixes the KeyError when template has Arabic placeholder but hash only has :community + find "$workdir/node_modules/osm-community-index/i18n" -name "*.yaml" -type f -exec sed -i 's/{مجتمع}/{community}/g' {} \; + + #### Initializing an empty $workdir/config/settings.local.yml file, typically used for development settings echo "" > $workdir/config/settings.local.yml @@ -76,6 +81,7 @@ EOF chmod 400 /var/www/private.pem export DOORKEEPER_SIGNING_KEY=$(cat /var/www/private.pem | sed -e '1d;$d' | tr -d '\n') sed -i "s#PRIVATE_KEY#${DOORKEEPER_SIGNING_KEY}#" $workdir/config/settings.yml + } restore_db() { From 56ded2d059307456093b7b009731efa26857b107 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Fri, 5 Dec 2025 16:30:35 -0500 Subject: [PATCH 07/12] Update settings --- images/web/config/settings.yml | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/images/web/config/settings.yml b/images/web/config/settings.yml index 4164e3aa..8f62fb19 100644 --- a/images/web/config/settings.yml +++ b/images/web/config/settings.yml @@ -1,6 +1,7 @@ # The server protocol and host server_protocol: "http" -server_url: "openstreetmap.example.com" +server_url: "openstreetmap.example.com" +embed_server_url: "https://embed.openstreetmap.org/" # Publisher #publisher_url: "" # The generator @@ -8,6 +9,8 @@ generator: "OpenStreetMap server" copyright_owner: "OpenStreetMap and contributors" attribution_url: "http://www.openstreetmap.org/copyright" license_url: "http://opendatacommons.org/licenses/odbl/1-0/" +# Legal email address +legal_email: "legal@openstreetmap.org" # Support email address support_email: "openstreetmap@example.com" # Sender addresses for emails @@ -133,8 +136,8 @@ fossgis_osrm_url: "https://routing.openstreetmap.de/" fossgis_valhalla_url: "https://valhalla1.openstreetmap.de/route" # Endpoints for Wikimedia integration -# wikidata_api_url: "https://www.wikidata.org/w/api.php" -# wikimedia_commons_url: "https://commons.wikimedia.org/wiki/" +wikidata_api_url: "https://www.wikidata.org/w/api.php" +wikimedia_commons_url: "https://commons.wikimedia.org/wiki/" # External authentication credentials #google_auth_id: "" @@ -146,15 +149,15 @@ fossgis_valhalla_url: "https://valhalla1.openstreetmap.de/route" #github_auth_secret: "" #microsoft_auth_id: "" #microsoft_auth_secret: "" -# wikipedia_auth_id: "" -# wikipedia_auth_secret: "" +wikipedia_auth_id: "" +wikipedia_auth_secret: "" #apple_auth_id: "" #apple_team_id: "" #apple_key_id: "" #apple_private_key: "" -# openstreetmap_auth_id: "" -# openstreetmap_auth_secret: "" -# openstreetmap_auth_scopes: ["read_prefs"] +openstreetmap_auth_id: "" +openstreetmap_auth_secret: "" +openstreetmap_auth_scopes: ["read_prefs"] # Thunderforest authentication details #thunderforest_key: "" # Tracestrack authentication details @@ -197,3 +200,5 @@ doorkeeper_signing_key: | -----BEGIN PRIVATE KEY----- PRIVATE_KEY -----END PRIVATE KEY----- + +mastodon_url: "https://mapstodon.space/@osm" From b189d32139ad47798771915a0211dd8255201770 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Mon, 8 Dec 2025 10:06:35 -0500 Subject: [PATCH 08/12] Print logs --- images/web/config/settings.yml | 1 - images/web/start.sh | 2 ++ 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/images/web/config/settings.yml b/images/web/config/settings.yml index 8f62fb19..03c96292 100644 --- a/images/web/config/settings.yml +++ b/images/web/config/settings.yml @@ -1,7 +1,6 @@ # The server protocol and host server_protocol: "http" server_url: "openstreetmap.example.com" -embed_server_url: "https://embed.openstreetmap.org/" # Publisher #publisher_url: "" # The generator diff --git a/images/web/start.sh b/images/web/start.sh index 0208751b..2e43e9c1 100755 --- a/images/web/start.sh +++ b/images/web/start.sh @@ -82,6 +82,8 @@ EOF export DOORKEEPER_SIGNING_KEY=$(cat /var/www/private.pem | sed -e '1d;$d' | tr -d '\n') sed -i "s#PRIVATE_KEY#${DOORKEEPER_SIGNING_KEY}#" $workdir/config/settings.yml + sed -i '252s/\(\[\)/&.compact/' "$workdir/app/controllers/application_controller.rb" + } restore_db() { From c7bc31cdaba92ced9020e0502734297ddbd1c704 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Mon, 8 Dec 2025 12:42:27 -0500 Subject: [PATCH 09/12] Update configs for the website --- images/web/config/production.conf | 22 +++++++++++++++++----- images/web/config/settings.yml | 18 +++++++++--------- images/web/start.sh | 6 +++++- 3 files changed, 31 insertions(+), 15 deletions(-) diff --git a/images/web/config/production.conf b/images/web/config/production.conf index 0b533b40..4994c53c 100644 --- a/images/web/config/production.conf +++ b/images/web/config/production.conf @@ -2,27 +2,31 @@ # ServerName localhost # Tell Apache and Passenger where your app's 'public' directory is DocumentRoot /var/www/public + PassengerAppEnv production PassengerRuby /usr/local/bin/ruby RewriteEngine On - # Redirect HTTP to HTTPS for current domain (except localhost) + # Redirect to HTTPS + RewriteCond %{HTTP:X-Forwarded-Proto} =http RewriteCond %{HTTP_HOST} !=localhost RewriteCond %{HTTP_HOST} !=127.0.0.1 RewriteCond %{HTTPS} off - RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] + # Redirect to www + RewriteCond %{HTTP_HOST} =SERVER_DOMAIN_PLACEHOLDER + RewriteCond %{HTTP_HOST} !^www\. [NC] + RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] + CGIPassAuth On SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 - # Proxying traffic to CGImap + #Proxying traffic to CGImap ProxyTimeout 1200 RewriteCond %{REQUEST_URI} ^/api/0\.6/map RewriteRule ^/api/0\.6/map(\.json|\.xml)?$ fcgi://${CGIMAP_URL}:${CGIMAP_PORT}$0 [P] - - RewriteCond %{REQUEST_METHOD} ^(HEAD|GET)$ RewriteRule ^/api/0\.6/(node|way|relation|changeset)/[0-9]+(\.json|\.xml)?$ fcgi://${CGIMAP_URL}:${CGIMAP_PORT}$0 [P] RewriteRule ^/api/0\.6/(node|way|relation)/[0-9]+/history(\.json|\.xml)?$ fcgi://${CGIMAP_URL}:${CGIMAP_PORT}$0 [P] RewriteRule ^/api/0\.6/(node|way|relation)/[0-9]+/relations(\.json|\.xml)?$ fcgi://${CGIMAP_URL}:${CGIMAP_PORT}$0 [P] @@ -48,4 +52,12 @@ FcgidIOTimeout 1200 FcgidConnectTimeout 1200 + + # Allow CORS for JSON, PBF, and PNG files for map-style + + Header set Access-Control-Allow-Origin "*" + Header set Access-Control-Allow-Methods "GET, OPTIONS" + Header set Access-Control-Allow-Headers "Content-Type" + + diff --git a/images/web/config/settings.yml b/images/web/config/settings.yml index 03c96292..d6150b79 100644 --- a/images/web/config/settings.yml +++ b/images/web/config/settings.yml @@ -148,15 +148,15 @@ wikimedia_commons_url: "https://commons.wikimedia.org/wiki/" #github_auth_secret: "" #microsoft_auth_id: "" #microsoft_auth_secret: "" -wikipedia_auth_id: "" -wikipedia_auth_secret: "" +# wikipedia_auth_id: "" +# wikipedia_auth_secret: "" #apple_auth_id: "" #apple_team_id: "" #apple_key_id: "" #apple_private_key: "" -openstreetmap_auth_id: "" -openstreetmap_auth_secret: "" -openstreetmap_auth_scopes: ["read_prefs"] +# openstreetmap_auth_id: "" +# openstreetmap_auth_secret: "" +# openstreetmap_auth_scopes: ["read_prefs"] # Thunderforest authentication details #thunderforest_key: "" # Tracestrack authentication details @@ -168,10 +168,10 @@ csp_enforce: false # URL for reporting Content-Security-Policy violations #csp_report_url: "" # Storage services to use in production mode -avatar_storage: "local" # TODO: Change to S3 -trace_file_storage: "local" # TODO: Change to S3 -trace_image_storage: "local" # TODO: Change to S3 -trace_icon_storage: "local" # TODO: Change to S3 +avatar_storage: "s3" # TODO: Change to S3 +trace_file_storage: "s3" # TODO: Change to S3 +trace_image_storage: "s3" # TODO: Change to S3 +trace_icon_storage: "s3" # TODO: Change to S3 # Root URL for storage services # avatar_storage_url: # trace_image_storage_url: diff --git a/images/web/start.sh b/images/web/start.sh index 2e43e9c1..126dbe00 100755 --- a/images/web/start.sh +++ b/images/web/start.sh @@ -42,6 +42,10 @@ EOF sed -i -e 's/^server_protocol: ".*"/server_protocol: "'$SERVER_PROTOCOL'"/g' $workdir/config/settings.yml sed -i -e 's/^server_url: ".*"/server_url: "'$SERVER_URL'"/g' $workdir/config/settings.yml + #### Extract domain from SERVER_URL and replace in production.conf + SERVER_DOMAIN=$(echo "$SERVER_URL" | sed -e 's|^[^/]*//||' -e 's|^www\.||' -e 's|/.*$||') + sed -i -e "s/SERVER_DOMAIN_PLACEHOLDER/$SERVER_DOMAIN/g" /etc/apache2/sites-available/production.conf + ### Setting up website status sed -i -e 's/^status: ".*"/status: "'$WEBSITE_STATUS'"/g' $workdir/config/settings.yml @@ -82,7 +86,7 @@ EOF export DOORKEEPER_SIGNING_KEY=$(cat /var/www/private.pem | sed -e '1d;$d' | tr -d '\n') sed -i "s#PRIVATE_KEY#${DOORKEEPER_SIGNING_KEY}#" $workdir/config/settings.yml - sed -i '252s/\(\[\)/&.compact/' "$workdir/app/controllers/application_controller.rb" + # sed -i '252s/\(\[\)/&.compact/' "$workdir/app/controllers/application_controller.rb" } From 1c31cd35d99cc05aebbcc4aa6795e51cb5cc38ff Mon Sep 17 00:00:00 2001 From: Rub21 Date: Mon, 8 Dec 2025 18:48:11 -0500 Subject: [PATCH 10/12] Update config --- images/web/config/production.conf | 1 - images/web/start.sh | 10 ++++++---- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/images/web/config/production.conf b/images/web/config/production.conf index 4994c53c..7b6e0909 100644 --- a/images/web/config/production.conf +++ b/images/web/config/production.conf @@ -13,7 +13,6 @@ RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] - # Redirect to www RewriteCond %{HTTP_HOST} =SERVER_DOMAIN_PLACEHOLDER RewriteCond %{HTTP_HOST} !^www\. [NC] RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] diff --git a/images/web/start.sh b/images/web/start.sh index 126dbe00..7b3a3ed9 100755 --- a/images/web/start.sh +++ b/images/web/start.sh @@ -39,11 +39,13 @@ EOF echo "" > $workdir/config/settings.local.yml #### Setting up server_url and server_protocol + # Remove trailing slash from SERVER_URL to prevent double slashes in generated URLs + SERVER_URL_CLEAN=$(echo "$SERVER_URL" | sed 's|/$||') sed -i -e 's/^server_protocol: ".*"/server_protocol: "'$SERVER_PROTOCOL'"/g' $workdir/config/settings.yml - sed -i -e 's/^server_url: ".*"/server_url: "'$SERVER_URL'"/g' $workdir/config/settings.yml + sed -i -e 's/^server_url: ".*"/server_url: "'$SERVER_URL_CLEAN'"/g' $workdir/config/settings.yml #### Extract domain from SERVER_URL and replace in production.conf - SERVER_DOMAIN=$(echo "$SERVER_URL" | sed -e 's|^[^/]*//||' -e 's|^www\.||' -e 's|/.*$||') + SERVER_DOMAIN=$(echo "$SERVER_URL_CLEAN" | sed -e 's|^[^/]*//||' -e 's|^www\.||' -e 's|/.*$||') sed -i -e "s/SERVER_DOMAIN_PLACEHOLDER/$SERVER_DOMAIN/g" /etc/apache2/sites-available/production.conf ### Setting up website status @@ -142,8 +144,8 @@ setup_production() { fi echo "Logging and tailing logs..." - # log_and_tail /var/www/log/production.log - # log_and_tail /var/www/log/jobs_work.log + log_and_tail /var/www/log/production.log + log_and_tail /var/www/log/jobs_work.log log_and_tail /var/log/apache2/error.log log_and_tail /var/log/apache2/access.log From 7976938b01af945b39b2c0dd6bb582db347d309d Mon Sep 17 00:00:00 2001 From: Rub21 Date: Tue, 9 Dec 2025 07:44:14 -0500 Subject: [PATCH 11/12] Update script to start --- images/web/start.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/images/web/start.sh b/images/web/start.sh index 7b3a3ed9..83104976 100755 --- a/images/web/start.sh +++ b/images/web/start.sh @@ -39,7 +39,6 @@ EOF echo "" > $workdir/config/settings.local.yml #### Setting up server_url and server_protocol - # Remove trailing slash from SERVER_URL to prevent double slashes in generated URLs SERVER_URL_CLEAN=$(echo "$SERVER_URL" | sed 's|/$||') sed -i -e 's/^server_protocol: ".*"/server_protocol: "'$SERVER_PROTOCOL'"/g' $workdir/config/settings.yml sed -i -e 's/^server_url: ".*"/server_url: "'$SERVER_URL_CLEAN'"/g' $workdir/config/settings.yml @@ -88,8 +87,6 @@ EOF export DOORKEEPER_SIGNING_KEY=$(cat /var/www/private.pem | sed -e '1d;$d' | tr -d '\n') sed -i "s#PRIVATE_KEY#${DOORKEEPER_SIGNING_KEY}#" $workdir/config/settings.yml - # sed -i '252s/\(\[\)/&.compact/' "$workdir/app/controllers/application_controller.rb" - } restore_db() { From f2614fadf8e004eeaa02546ac2e3df53b233cf3f Mon Sep 17 00:00:00 2001 From: Rub21 Date: Tue, 9 Dec 2025 11:08:34 -0500 Subject: [PATCH 12/12] Update replication script --- images/replication-job/start.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/images/replication-job/start.sh b/images/replication-job/start.sh index 2e193768..df6df5bc 100755 --- a/images/replication-job/start.sh +++ b/images/replication-job/start.sh @@ -100,10 +100,16 @@ function enable_osmdbt_replication() { # Use osmdbt-enable-replication to set up replication properly echo "$(date +%F_%H:%M:%S): Running osmdbt-enable-replication..." - if /osmdbt/build/src/osmdbt-enable-replication -c "$osmdbtConfig" 2>&1 | tee -a "${logDirectory}/osmdbt-enable-replication.log"; then + local log_file="${logDirectory}/osmdbt-enable-replication.log" + if /osmdbt/build/src/osmdbt-enable-replication -c "$osmdbtConfig" 2>&1 | tee -a "$log_file"; then echo "$(date +%F_%H:%M:%S): Successfully enabled osmdbt replication." return 0 else + # Check if error is "already exists" - this is acceptable + if grep -qi "already exists" "$log_file" 2>/dev/null; then + echo "$(date +%F_%H:%M:%S): Replication slot '$REPLICATION_SLOT' already exists. Replication should be enabled." + return 0 + fi local error_msg="ERROR: Failed to enable osmdbt replication. Check PostgreSQL configuration (wal_level=logical, max_replication_slots >= 1, user with REPLICATION attribute)." echo "$(date +%F_%H:%M:%S): $error_msg" send_slack_message "🚨 ${ENVIROMENT:-production}: $error_msg"