├── hosts ├── roles ├── queryat │ ├── files │ │ └── queryat_config.py │ ├── handlers │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── a5a4 │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── templates │ │ └── a5a4_config.j2 │ └── tasks │ │ └── main.yml ├── backup │ ├── files │ │ ├── backup_files │ │ ├── compact_backups │ │ ├── make_backup │ │ └── extract_backup │ ├── templates │ │ └── borg_env.j2 │ ├── defaults │ │ └── main.yml │ └── tasks │ │ ├── home.yml │ │ └── main.yml ├── get_veloroad │ ├── defaults │ │ └── main.yml │ ├── tasks │ │ ├── main.yml │ │ ├── cgi.yml │ │ └── nik4.yml │ ├── handlers │ │ └── main.yml │ ├── vars │ │ └── main.yml │ └── files │ │ ├── nik4wsgi_config.py │ │ ├── findbuildings.py │ │ ├── expandjson.py │ │ └── trim_osc.py ├── matomo │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── files │ │ └── logrotate.conf │ ├── tasks │ │ ├── apache.yml │ │ └── main.yml │ └── templates │ │ ├── domain.j2 │ │ └── config.j2 ├── tile_server │ ├── files │ │ ├── mod_tile.conf │ │ ├── novorzhev.osm.pbf │ │ ├── ne_110m_admin_0_boundary_lines_land.zip │ │ ├── configuration.txt │ │ ├── renderd.conf │ │ ├── site.conf │ │ ├── lonelyplaces.xml │ │ ├── openstreetmap-tiles-update-expire │ │ ├── surface.xml │ │ └── get-shapefiles.py │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ └── tasks │ │ ├── main.yml │ │ ├── sample_pbf.yml │ │ ├── other_styles.yml │ │ ├── replication.yml │ │ ├── veloroad.yml │ │ ├── create_gis_db.yml │ │ ├── mod_tile.yml │ │ └── osm_carto.yml ├── exporters │ ├── handlers │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── firewall │ ├── defaults │ │ └── main.yml │ ├── tasks │ │ ├── main.yml │ │ ├── fail2ban.yml │ │ └── firewall.yml │ ├── handlers │ │ └── main.yml │ └── templates │ │ └── jail.local.j2 ├── icecast │ ├── handlers │ │ └── main.yml │ ├── defaults │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── templates │ │ └── icecast.xml.j2 ├── postgis │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── edpr │ ├── vars │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── defaults │ │ └── main.yml │ ├── templates │ │ ├── backup_edpr.j2 │ │ ├── config.j2 │ │ ├── edpr.service.j2 │ │ └── domain.j2 │ └── tasks │ │ ├── backup.yml │ │ └── main.yml ├── hitrye │ ├── files │ │ ├── icon_e_sad.gif │ │ ├── icon_e_smile.gif │ │ ├── icon_e_wink.gif │ │ ├── icon_e_biggrin.gif │ │ ├── matomo.js │ │ ├── config.php │ │ └── logrotate.conf │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ ├── tags.yml │ │ ├── db.yml │ │ ├── php.yml │ │ ├── main.yml │ │ ├── apache.yml │ │ ├── backup.yml │ │ ├── recent_topics.yml │ │ ├── topicdesc.yml │ │ └── phpbb.yml │ ├── templates │ │ ├── backup_hitrye.j2 │ │ └── hitrye.conf │ └── defaults │ │ └── main.yml ├── teleput │ ├── templates │ │ ├── backup_teleput.j2 │ │ ├── config_local.j2 │ │ └── teleput.conf │ ├── handlers │ │ └── main.yml │ ├── files │ │ └── teleput.service │ └── tasks │ │ ├── backup.yml │ │ └── main.yml ├── mayak_nav_bot │ ├── files │ │ ├── tiles.tar │ │ ├── mayak_nav_bot.service │ │ └── responses.yml │ ├── handlers │ │ └── main.yml │ ├── templates │ │ ├── backup_mayak.j2 │ │ └── config.yml │ └── tasks │ │ ├── backup.yml │ │ └── main.yml ├── schedules │ ├── handlers │ │ └── main.yml │ ├── files │ │ ├── hot2019.ini │ │ ├── oddmsk20.ini │ │ ├── balticgit20.ini │ │ ├── foss4g2022.ini │ │ ├── sotm2019.ini │ │ ├── sotm2020.ini │ │ ├── sotm2021.ini │ │ ├── sotm2022.ini │ │ ├── sotmus2019.ini │ │ ├── tartu2024.ini │ │ ├── index.html │ │ ├── sotm.conf │ │ └── update_schedules.sh │ └── tasks │ │ ├── apache.yml │ │ ├── main.yml │ │ └── updater.yml ├── hitrye_archive │ ├── handlers │ │ └── main.yml │ ├── templates │ │ └── hitrye_archive.conf │ └── tasks │ │ └── main.yml ├── sotm_intro_bot │ ├── templates │ │ ├── backup_intros.j2 │ │ └── config.py │ ├── handlers │ │ └── main.yml │ ├── files │ │ └── sotm_intro_bot.service │ └── tasks │ │ ├── backup.yml │ │ └── main.yml ├── mark_spam_bot │ ├── templates │ │ ├── backup_mark_spam.j2 │ │ └── config.j2 │ ├── handlers │ │ └── main.yml │ ├── files │ │ └── mark_spam_bot.service │ └── tasks │ │ ├── backup.yml │ │ └── main.yml ├── geoscribble │ ├── handlers │ │ └── main.yml │ ├── templates │ │ ├── backup_geoscribble.j2 │ │ ├── config_local.j2 │ │ └── geoscribble.conf │ ├── files │ │ └── geoscribble.service │ └── tasks │ │ ├── backup.yml │ │ └── main.yml ├── integratsioon │ ├── handlers │ │ └── main.yml │ ├── templates │ │ ├── backup_integratsioon.j2 │ │ └── config.j2 │ ├── files │ │ └── integratsioon.service │ └── tasks │ │ ├── backup.yml │ │ └── main.yml ├── apache │ ├── handlers │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── stats │ ├── tasks │ │ ├── main.yml │ │ ├── make_stat.yml │ │ └── munin.yml │ ├── handlers │ │ └── main.yml │ └── files │ │ ├── make_stat.sh │ │ ├── du_layer │ │ └── du_zoom ├── podcast_lengths │ ├── handlers │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── rails_port │ ├── handlers │ │ └── main.yml │ ├── defaults │ │ └── main.yml │ ├── templates │ │ ├── osm.conf.j2 │ │ └── application.yml.j2 │ ├── tasks │ │ ├── passenger.yml │ │ ├── db.yml │ │ ├── db_post.yml │ │ └── main.yml │ └── files │ │ └── database.yml ├── python3 │ └── tasks │ │ └── main.yml ├── changes_counter │ └── tasks │ │ └── main.yml ├── common │ └── tasks │ │ └── main.yml └── osm2008 │ └── tasks │ ├── main.yml │ └── osm_carto.yml ├── run.sh ├── update_sotm.sh ├── requirements.yml ├── .gitignore ├── ansible.cfg ├── upload_pbf.sh ├── Vagrantfile ├── install_roles.yml ├── playbook.yml ├── group_vars └── all │ └── vars.yml ├── upload_pbf.yml └── renew_certs.yml /hosts: -------------------------------------------------------------------------------- 1 | [tile] 2 | tile.osmz.ru 3 | -------------------------------------------------------------------------------- /roles/queryat/files/queryat_config.py: -------------------------------------------------------------------------------- 1 | PYTHON = 'python3.5' 2 | -------------------------------------------------------------------------------- /run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ansible-playbook -i hosts playbook.yml 3 | -------------------------------------------------------------------------------- /update_sotm.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ansible-playbook -i hosts playbook.yml --tags sotm 3 | -------------------------------------------------------------------------------- /roles/a5a4/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | a5a4_password: password 3 | a5a4_secret: whatever 4 | -------------------------------------------------------------------------------- /roles/backup/files/backup_files: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | /root/make_backup Tile /home /var/www/html 3 | -------------------------------------------------------------------------------- /roles/get_veloroad/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | a5a4_password: '' 3 | a5a4_secret: 'whatever' 4 | -------------------------------------------------------------------------------- /roles/matomo/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | matomo_path: /var/www/matomo 3 | matomo_user: www-data 4 | -------------------------------------------------------------------------------- /roles/tile_server/files/mod_tile.conf: -------------------------------------------------------------------------------- 1 | LoadModule tile_module /usr/lib/apache2/modules/mod_tile.so 2 | -------------------------------------------------------------------------------- /roles/backup/files/compact_backups: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -u -e 3 | source /root/borg_env 4 | $BORG compact 5 | -------------------------------------------------------------------------------- /roles/exporters/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart ufw 3 | systemd: name=ufw state=restarted 4 | -------------------------------------------------------------------------------- /roles/firewall/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | timezone: Europe/Moscow 3 | admin_email: nobody@example.com 4 | -------------------------------------------------------------------------------- /roles/tile_server/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | render_user: osm 3 | gisdb: gis 4 | postgresql_version: 14 5 | -------------------------------------------------------------------------------- /roles/icecast/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: reload icecast 3 | systemd: name=icecast2 state=reloaded 4 | -------------------------------------------------------------------------------- /roles/postgis/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | render_user: osm 3 | postgresql_version: 14 4 | postgis_version: 3 5 | -------------------------------------------------------------------------------- /requirements.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - src: geerlingguy.ntp 3 | - src: geerlingguy.mysql 4 | - src: robertdebock.logrotate 5 | -------------------------------------------------------------------------------- /roles/postgis/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart postgresql 3 | systemd: name=postgresql state=restarted 4 | -------------------------------------------------------------------------------- /roles/edpr/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | domain: plugins.every-door.app 3 | edpr_instance: "/opt/src/edpr/var/app-instance" 4 | -------------------------------------------------------------------------------- /roles/hitrye/files/icon_e_sad.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Zverik/ansible-tile/master/roles/hitrye/files/icon_e_sad.gif -------------------------------------------------------------------------------- /roles/teleput/templates/backup_teleput.j2: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | /root/make_backup Teleput /opt/src/teleput/teleput.sqlite 3 | -------------------------------------------------------------------------------- /roles/hitrye/files/icon_e_smile.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Zverik/ansible-tile/master/roles/hitrye/files/icon_e_smile.gif -------------------------------------------------------------------------------- /roles/hitrye/files/icon_e_wink.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Zverik/ansible-tile/master/roles/hitrye/files/icon_e_wink.gif -------------------------------------------------------------------------------- /roles/matomo/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: reload apache 3 | become: yes 4 | systemd: name=apache2 state=reloaded 5 | -------------------------------------------------------------------------------- /roles/mayak_nav_bot/files/tiles.tar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Zverik/ansible-tile/master/roles/mayak_nav_bot/files/tiles.tar -------------------------------------------------------------------------------- /roles/schedules/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: reload apache 3 | become: yes 4 | systemd: name=apache2 state=reloaded 5 | -------------------------------------------------------------------------------- /roles/hitrye/files/icon_e_biggrin.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Zverik/ansible-tile/master/roles/hitrye/files/icon_e_biggrin.gif -------------------------------------------------------------------------------- /roles/hitrye_archive/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: reload apache 3 | become: yes 4 | systemd: name=apache2 state=reloaded 5 | -------------------------------------------------------------------------------- /roles/sotm_intro_bot/templates/backup_intros.j2: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | /root/make_backup SotmIntro /opt/src/sotm_intro_bot/intros.sqlite 3 | -------------------------------------------------------------------------------- /roles/teleput/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart teleput 3 | become: yes 4 | systemd: name=teleput state=restarted 5 | -------------------------------------------------------------------------------- /roles/mark_spam_bot/templates/backup_mark_spam.j2: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | /root/make_backup MarkSpam /opt/src/mark_spam_bot/markspam.sqlite 3 | -------------------------------------------------------------------------------- /roles/edpr/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart edpr 3 | become: yes 4 | systemd: 5 | name: edpr 6 | state: restarted 7 | 8 | -------------------------------------------------------------------------------- /roles/geoscribble/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart geoscribble 3 | become: yes 4 | systemd: name=geoscribble state=restarted 5 | -------------------------------------------------------------------------------- /roles/mark_spam_bot/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart mark_spam 3 | become: yes 4 | systemd: name=mark_spam_bot state=restarted 5 | -------------------------------------------------------------------------------- /roles/mayak_nav_bot/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart mayak_nav 3 | become: yes 4 | systemd: name=mayak_nav_bot state=restarted 5 | -------------------------------------------------------------------------------- /roles/schedules/files/hot2019.ini: -------------------------------------------------------------------------------- 1 | title = HOT Summit 2019 2 | slug = hotosm2019 3 | url = https://summit2019.hotosm.org/ 4 | timezone = +02 5 | -------------------------------------------------------------------------------- /roles/tile_server/files/novorzhev.osm.pbf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Zverik/ansible-tile/master/roles/tile_server/files/novorzhev.osm.pbf -------------------------------------------------------------------------------- /roles/integratsioon/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart integratsioon 3 | become: yes 4 | systemd: name=integratsioon state=restarted 5 | -------------------------------------------------------------------------------- /roles/schedules/files/oddmsk20.ini: -------------------------------------------------------------------------------- 1 | title = Open Data Day Moscow 2020 2 | slug = oddmsk20 3 | url = https://opendataday.ru/msk 4 | timezone = +03 5 | -------------------------------------------------------------------------------- /roles/integratsioon/templates/backup_integratsioon.j2: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | /root/make_backup Integratsioon /opt/src/watch_integratsioon/wi_users.sqlite 3 | -------------------------------------------------------------------------------- /roles/schedules/files/balticgit20.ini: -------------------------------------------------------------------------------- 1 | title = Baltic GIT 2020 2 | slug = balticgit2020 3 | url = https://www.balticgitconf.eu/ 4 | timezone = +02 5 | -------------------------------------------------------------------------------- /roles/schedules/files/foss4g2022.ini: -------------------------------------------------------------------------------- 1 | title = FOSS4G 2022 2 | slug = f2022 3 | url = https://2022.foss4g.org/schedule_general.php 4 | timezone = +02 5 | -------------------------------------------------------------------------------- /roles/schedules/files/sotm2019.ini: -------------------------------------------------------------------------------- 1 | title = State of the Map 2019 2 | slug = sotm2019 3 | url = https://2019.stateofthemap.org/ 4 | timezone = +02 5 | -------------------------------------------------------------------------------- /roles/schedules/files/sotm2020.ini: -------------------------------------------------------------------------------- 1 | title = State of the Map 2020 2 | slug = sotm2020 3 | url = https://2020.stateofthemap.org/ 4 | timezone = +00 5 | -------------------------------------------------------------------------------- /roles/schedules/files/sotm2021.ini: -------------------------------------------------------------------------------- 1 | title = State of the Map 2021 2 | slug = sotm2021 3 | url = https://2021.stateofthemap.org/ 4 | timezone = +00 5 | -------------------------------------------------------------------------------- /roles/schedules/files/sotm2022.ini: -------------------------------------------------------------------------------- 1 | title = State of the Map 2022 2 | slug = sotm2022 3 | url = https://2022.stateofthemap.org/ 4 | timezone = +02 5 | -------------------------------------------------------------------------------- /roles/sotm_intro_bot/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart sotm_intro_bot 3 | become: yes 4 | systemd: name=sotm_intro_bot state=restarted 5 | -------------------------------------------------------------------------------- /roles/schedules/files/sotmus2019.ini: -------------------------------------------------------------------------------- 1 | title = State of the Map US 2019 2 | slug = sotmus2019 3 | url = https://2019.stateofthemap.us/ 4 | timezone = -05 5 | -------------------------------------------------------------------------------- /roles/schedules/files/tartu2024.ini: -------------------------------------------------------------------------------- 1 | title = FOSS4G Europe 2024 2 | slug = taru2024 3 | url = https://2024.europe.foss4g.org/schedule/ 4 | timezone = +03 5 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .vault_pass 2 | .vagrant 3 | playbook.retry 4 | roles.galaxy/ 5 | *.swp 6 | *.retry 7 | .venv/ 8 | ext_backups/ 9 | tile_bounds.geojson 10 | -------------------------------------------------------------------------------- /roles/firewall/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Set up firewall 3 | import_tasks: firewall.yml 4 | 5 | - name: Set up fail2ban 6 | import_tasks: fail2ban.yml 7 | -------------------------------------------------------------------------------- /roles/get_veloroad/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install CGI scripts 3 | import_tasks: cgi.yml 4 | 5 | - name: Install get_veloroad 6 | import_tasks: nik4.yml 7 | -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | pipelining = True 3 | roles_path = roles.galaxy:roles 4 | vault_password_file = .vault_pass 5 | retry_files_enabled = False 6 | inventory = hosts 7 | -------------------------------------------------------------------------------- /roles/mayak_nav_bot/templates/backup_mayak.j2: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | /root/make_backup Mayak \ 3 | /opt/src/mayak_nav/config/photo \ 4 | /opt/src/mayak_nav/config/raybot.sqlite 5 | -------------------------------------------------------------------------------- /roles/apache/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: reload apache 3 | systemd: name=apache2 state=reloaded 4 | 5 | - name: restart apache 6 | systemd: name=apache2 state=restarted 7 | -------------------------------------------------------------------------------- /roles/edpr/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | edpr_port: 3005 3 | edpr_client_id: "" 4 | edpr_client_secret: "" 5 | edpr_secret: "secret" 6 | edpr_database: "postgresql+psycopg2:///edpr" 7 | -------------------------------------------------------------------------------- /roles/firewall/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart ufw 3 | systemd: name=ufw state=restarted 4 | 5 | - name: restart fail2ban 6 | systemd: name=fail2ban state=restarted 7 | -------------------------------------------------------------------------------- /roles/stats/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Prepare html dir and install make_stat 3 | import_tasks: make_stat.yml 4 | 5 | - name: Install munin 6 | import_tasks: munin.yml 7 | -------------------------------------------------------------------------------- /roles/tile_server/files/ne_110m_admin_0_boundary_lines_land.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Zverik/ansible-tile/master/roles/tile_server/files/ne_110m_admin_0_boundary_lines_land.zip -------------------------------------------------------------------------------- /roles/mark_spam_bot/templates/config.j2: -------------------------------------------------------------------------------- 1 | import os 2 | 3 | TOKEN = '{{ mark_spam_token }}' 4 | DATABASE = os.path.join(os.path.dirname(__file__), 'markspam.sqlite') 5 | MAX_ADMINS = 3 6 | -------------------------------------------------------------------------------- /roles/teleput/templates/config_local.j2: -------------------------------------------------------------------------------- 1 | API_TOKEN = '{{ teleput_telegram_token }}' 2 | WEBHOOK_HOST = 'https://teleput.textual.ru' 3 | WEBHOOK_PATH = '/telegram-{{ teleput_path }}' 4 | -------------------------------------------------------------------------------- /roles/mayak_nav_bot/templates/config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | telegram_token: '{{ mayak_nav_telegram_token }}' 3 | admin_id: {{ mayak_nav_admin_id }} 4 | logs: /var/log/mayak_nav_bot 5 | maintenance: false 6 | -------------------------------------------------------------------------------- /roles/sotm_intro_bot/templates/config.py: -------------------------------------------------------------------------------- 1 | import os 2 | 3 | DATABASE = os.path.join(os.path.dirname(__file__), 'intros.sqlite') 4 | API_TOKEN = '{{ sotm_intro_bot_token }}' 5 | ADMIN_ID = {{ sotm_intro_admin_id }} 6 | -------------------------------------------------------------------------------- /roles/edpr/templates/backup_edpr.j2: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -u -e 3 | 4 | DBDUMP=/var/tmp/edpr.pgc 5 | pg_dump -U zverik --format=c --file=$DBDUMP edpr 6 | 7 | /root/make_backup EDPR $DBDUMP 8 | 9 | rm $DBDUMP 10 | -------------------------------------------------------------------------------- /roles/edpr/templates/config.j2: -------------------------------------------------------------------------------- 1 | OAUTH_ID = "{{ edpr_client_id }}" 2 | OAUTH_SECRET = "{{ edpr_client_secret }}" 3 | SECRET_KEY = "{{ edpr_secret }}" 4 | SQLALCHEMY_DATABASE_URI = "{{ edpr_database }}" 5 | PROXY = True 6 | -------------------------------------------------------------------------------- /roles/stats/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart munin 3 | become: yes 4 | systemd: name=munin-node state=restarted 5 | 6 | - name: reload apache 7 | become: yes 8 | systemd: name=apache2 state=reloaded 9 | -------------------------------------------------------------------------------- /roles/hitrye/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: reload apache 3 | become: yes 4 | systemd: name=apache2 state=reloaded 5 | 6 | - name: restart postgresql 7 | become: yes 8 | systemd: name=postgresql state=restarted 9 | -------------------------------------------------------------------------------- /roles/a5a4/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: reload apache 3 | become: yes 4 | systemd: name=apache2 state=reloaded 5 | 6 | - name: touch a5a4 7 | file: 8 | path: /opt/src/a5a4/a5a4.wsgi 9 | state: touch 10 | -------------------------------------------------------------------------------- /roles/a5a4/templates/a5a4_config.j2: -------------------------------------------------------------------------------- 1 | PYTHON = 'python3.5' 2 | MAX_CONTENT_LENGTH = 50*1024*1024 3 | PDFTK_NEW = True 4 | A5A4_TASKS = '/var/lib/a5a4' 5 | A5A4_PASSWORD = '{{ a5a4_password }}' 6 | SECRET_KEY = '{{ a5a4_secret }}' 7 | -------------------------------------------------------------------------------- /roles/backup/templates/borg_env.j2: -------------------------------------------------------------------------------- 1 | export BORG=/usr/local/bin/borg 2 | export BORG_REPO={{ borg_repo }} 3 | export BORG_PASSPHRASE='{{ borg_pass }}' 4 | export BORG_REMOTE_PATH=borg1 5 | export BORG_RSH='ssh -i /root/.ssh/borg -oBatchMode=yes' 6 | -------------------------------------------------------------------------------- /roles/get_veloroad/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: reload apache 3 | become: yes 4 | systemd: name=apache2 state=reloaded 5 | 6 | - name: touch nik4 7 | file: 8 | path: /opt/src/nik4wsgi/nik4.wsgi 9 | state: touch 10 | -------------------------------------------------------------------------------- /roles/queryat/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: reload apache 3 | become: yes 4 | systemd: name=apache2 state=reloaded 5 | 6 | - name: touch queryat 7 | file: 8 | path: /opt/src/queryat/queryat.wsgi 9 | state: touch 10 | -------------------------------------------------------------------------------- /roles/hitrye/tasks/tags.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Clone Topic Tags extension 3 | git: 4 | repo: https://github.com/mi1eurista/phpbb-ext-topictags 5 | version: patch339 6 | dest: /var/www/hitrye/ext/robertheim/topictags 7 | update: no 8 | -------------------------------------------------------------------------------- /roles/icecast/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | icecast_location: Earth 3 | icecast_admin_email: icemaster@localhost 4 | icecast_source_password: hackme 5 | icecast_relay_password: hackme 6 | icecast_admin_password: hackme 7 | icecast_hostname: example.com 8 | -------------------------------------------------------------------------------- /roles/stats/files/make_stat.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | df -h / 3 | echo 4 | du --max-depth 1 -h /var/lib/mod_tile | grep 'lonely\|dhr\|smoot\|sur\|osm\|old' 5 | du --max-depth 1 -h /var/lib/mod_tile/veloroad/ | sort -k 2 6 | echo 7 | top -n 1 -b |head -n 15 8 | -------------------------------------------------------------------------------- /roles/geoscribble/templates/backup_geoscribble.j2: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -u -e 3 | 4 | DBDUMP=/var/tmp/geoscribble.pgc 5 | pg_dump -U zverik --format=c --file=$DBDUMP geoscribble 6 | 7 | /root/make_backup Geoscribble $DBDUMP 8 | 9 | rm $DBDUMP 10 | -------------------------------------------------------------------------------- /roles/podcast_lengths/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: reload apache 3 | become: yes 4 | systemd: name=apache2 state=reloaded 5 | 6 | - name: touch podcasts 7 | file: 8 | path: /opt/src/podcast_duration/pdur.wsgi 9 | state: touch 10 | -------------------------------------------------------------------------------- /roles/integratsioon/templates/config.j2: -------------------------------------------------------------------------------- 1 | import os 2 | 3 | DATABASE = os.path.join(os.path.dirname(__file__), 'wi_users.sqlite') 4 | BOT_TOKEN = '{{ watch_integratsioon_token }}' 5 | POLLING_INTERVAL = 30 6 | MUNICIPALITY = 'Tallinn' 7 | ADMIN_ID = {{ sotm_intro_admin_id }} 8 | -------------------------------------------------------------------------------- /upload_pbf.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | [ $# -lt 1 ] && echo "Usage: $0 []" && exit 1 3 | ansible-playbook upload_pbf.yml -i hosts -e "pbf=$1" ${2+-e "bounds=$2"} 4 | # ansible-playbook upload_pbf.yml -i hosts -e "pbf=$1" ${2+-e "bounds=$2"} --skip-tags osm2pgsql 5 | -------------------------------------------------------------------------------- /roles/stats/tasks/make_stat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Upload make_stat 3 | copy: 4 | src: make_stat.sh 5 | dest: /opt/src/make_stat.sh 6 | mode: 0755 7 | 8 | - name: Add a line to crontab 9 | cron: 10 | name: make_stat 11 | job: /opt/src/make_stat.sh > /var/www/html/stat.txt 12 | -------------------------------------------------------------------------------- /roles/hitrye/templates/backup_hitrye.j2: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -u -e 3 | 4 | DBDUMP=/var/tmp/hitrye.pgc 5 | pg_dump -U phpbb --format=c --file=$DBDUMP hitrye 6 | 7 | /root/make_backup Hitrye \ 8 | $DBDUMP \ 9 | /var/www/hitrye/files \ 10 | /var/www/hitrye/images/avatars/upload 11 | 12 | rm $DBDUMP 13 | -------------------------------------------------------------------------------- /roles/tile_server/files/configuration.txt: -------------------------------------------------------------------------------- 1 | # The URL of the directory containing change files. 2 | baseUrl=https://planet.openstreetmap.org/replication/minute 3 | 4 | # Defines the maximum time interval in seconds to download in a single invocation. 5 | # Setting to 0 disables this feature. 6 | maxInterval = 3600 7 | -------------------------------------------------------------------------------- /roles/tile_server/files/renderd.conf: -------------------------------------------------------------------------------- 1 | [renderd] 2 | num_threads=1 3 | tile_dir=/var/lib/mod_tile 4 | stats_file=/var/run/renderd/renderd.stats 5 | socketname=/var/run/renderd/renderd.sock 6 | 7 | [mapnik] 8 | plugins_dir=/usr/lib/mapnik/3.1/input 9 | font_dir=/usr/share/fonts/truetype 10 | font_dir_recurse=1 11 | -------------------------------------------------------------------------------- /roles/geoscribble/templates/config_local.j2: -------------------------------------------------------------------------------- 1 | BASE_URL = 'https://geoscribble.osmz.ru' 2 | 3 | PG_HOST = '/var/run/postgresql' 4 | PG_USER = 'zverik' 5 | PG_DATABASE = 'geoscribble' 6 | 7 | EMAIL = 'geoscribble@zverev.info' 8 | OAUTH_ID = '{{ geoscribble_auth_id }}' 9 | OAUTH_SECRET = '{{ geoscribble_auth_secret }}' 10 | -------------------------------------------------------------------------------- /roles/backup/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # borg_version: '1.1.18' 3 | # borg_exec_md5: 30e9a8daa36be9d1d5a8fb0a853dc12c 4 | 5 | borg_version: '1.2.7' 6 | borg_exec_md5: adcaac664aa2c79bb3c94e6469279d36 7 | rsync_key: 'ch-s012.rsync.net,82.197.184.220 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO5lfML3qjBiDXi4yh3xPoXPHqIOeLNp66P3Unrl+8g3' 8 | -------------------------------------------------------------------------------- /roles/rails_port/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart apache 3 | become: yes 4 | systemd: name=apache2 state=restarted 5 | 6 | - name: reload apache 7 | become: yes 8 | systemd: name=apache2 state=reloaded 9 | 10 | - name: restart postgresql 11 | become: yes 12 | systemd: name=postgresql state=restarted 13 | -------------------------------------------------------------------------------- /roles/rails_port/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | rails_secret: a988ac601d9e3d288d501455bfc3bd5170e53d2ebeb0e7686a4244ea3fb2f2bb4e63904e37dd35eab793e93165e16a8c2fc2c8522b030179c8e2088834584b1d 3 | google_auth_id: "" 4 | google_auth_secret: "" 5 | facebook_auth_id: "" 6 | facebook_auth_secret: "" 7 | mapsme_auth_id: "" 8 | mapsme_auth_secret: "" 9 | -------------------------------------------------------------------------------- /roles/firewall/tasks/fail2ban.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install fail2ban package 3 | apt: name=fail2ban state=latest 4 | 5 | - name: Copy fail2ban config 6 | template: 7 | src: jail.local.j2 8 | dest: /etc/fail2ban/jail.local 9 | notify: restart fail2ban 10 | 11 | - name: Start fail2ban service 12 | systemd: name=fail2ban state=started enabled=yes 13 | -------------------------------------------------------------------------------- /roles/teleput/files/teleput.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Teleput Telegram Bot 3 | After=syslog.target 4 | 5 | [Service] 6 | Type=simple 7 | Restart=always 8 | User=zverik 9 | Group=zverik 10 | WorkingDirectory=/opt/src/teleput 11 | ExecStart=/opt/src/teleput/venv/bin/python teleput.py 12 | Environment=PYTHONUNBUFFERED=1 13 | 14 | [Install] 15 | WantedBy=multi-user.target 16 | -------------------------------------------------------------------------------- /roles/mayak_nav_bot/files/mayak_nav_bot.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Mayak Nav Telegram Bot 3 | After=syslog.target 4 | 5 | [Service] 6 | Type=simple 7 | Restart=always 8 | User=zverik 9 | Group=zverik 10 | WorkingDirectory=/opt/src/mayak_nav 11 | ExecStart=/opt/src/mayak_nav/venv/bin/python -m raybot 12 | Environment=PYTHONUNBUFFERED=1 13 | 14 | [Install] 15 | WantedBy=multi-user.target 16 | -------------------------------------------------------------------------------- /roles/schedules/tasks/apache.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Upload apache config 3 | copy: 4 | src: sotm.conf 5 | dest: /etc/apache2/sites-available 6 | notify: reload apache 7 | tags: sotm 8 | 9 | - name: Symlink apache config 10 | file: 11 | src: /etc/apache2/sites-available/sotm.conf 12 | dest: /etc/apache2/sites-enabled/sotm.conf 13 | state: link 14 | notify: reload apache 15 | -------------------------------------------------------------------------------- /roles/mark_spam_bot/files/mark_spam_bot.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Mark Spam Telegram Bot 3 | After=syslog.target 4 | 5 | [Service] 6 | Type=simple 7 | Restart=always 8 | User=zverik 9 | Group=zverik 10 | WorkingDirectory=/opt/src/mark_spam_bot 11 | ExecStart=/opt/src/mark_spam_bot/venv/bin/python markbot.py 12 | Environment=PYTHONUNBUFFERED=1 13 | 14 | [Install] 15 | WantedBy=multi-user.target 16 | -------------------------------------------------------------------------------- /roles/sotm_intro_bot/files/sotm_intro_bot.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=SotM Intro Bot 3 | After=syslog.target 4 | 5 | [Service] 6 | Type=simple 7 | Restart=always 8 | User=zverik 9 | Group=zverik 10 | WorkingDirectory=/opt/src/sotm_intro_bot 11 | ExecStart=/opt/src/sotm_intro_bot/venv/bin/python sotm_intro_bot.py 12 | Environment=PYTHONUNBUFFERED=1 13 | 14 | [Install] 15 | WantedBy=multi-user.target 16 | -------------------------------------------------------------------------------- /roles/tile_server/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart renderd 3 | become: yes 4 | systemd: name=renderd state=restarted 5 | 6 | - name: reload apache 7 | become: yes 8 | systemd: name=apache2 state=reloaded 9 | 10 | - name: restart apache 11 | become: yes 12 | systemd: name=apache2 state=restarted 13 | 14 | - name: restart postgresql 15 | become: yes 16 | systemd: name=postgresql state=restarted 17 | -------------------------------------------------------------------------------- /roles/integratsioon/files/integratsioon.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Watch Integratsioon Telegram Bot 3 | After=syslog.target 4 | 5 | [Service] 6 | Type=simple 7 | Restart=always 8 | User=zverik 9 | Group=zverik 10 | WorkingDirectory=/opt/src/watch_integratsioon 11 | ExecStart=/opt/src/watch_integratsioon/venv/bin/python watch_integratsioon.py 12 | Environment=PYTHONUNBUFFERED=1 13 | 14 | [Install] 15 | WantedBy=multi-user.target 16 | -------------------------------------------------------------------------------- /roles/backup/files/make_backup: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -u -e 3 | [ "$(whoami)" != "root" ] && echo "Please run this script as a root" && exit 1 4 | [ $# -lt 2 ] && echo "Usage: $0 [ ...]" && exit 1 5 | 6 | source /root/borg_env 7 | PREFIX="$1" 8 | shift 9 | 10 | $BORG create --compression zstd,5 ::"${PREFIX}_{now:%Y-%m-%d_%H%M}" $@ 11 | 12 | $BORG prune --glob-archives "${PREFIX}_*" --keep-daily=7 --keep-weekly=2 --keep-monthly=3 13 | -------------------------------------------------------------------------------- /roles/python3/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure py2 wsgi is not installed 3 | apt: name=libapache2-mod-wsgi state=absent 4 | 5 | - name: Install packages 6 | apt: 7 | name: 8 | - python3 9 | - python3-pip 10 | - python3-mapnik 11 | - python3-psycopg2 12 | - libapache2-mod-wsgi-py3 13 | state: present 14 | 15 | - name: Install virtualenv for python3 16 | pip: 17 | name: virtualenv 18 | executable: pip3 19 | -------------------------------------------------------------------------------- /roles/backup/tasks/home.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Upload the home backup script 3 | copy: 4 | src: backup_files 5 | dest: /etc/cron.daily/backup_files 6 | mode: 0700 7 | 8 | - name: Test if we're restoring 9 | set_fact: 10 | restoring: "{{ 'restore' in ansible_run_tags }}" 11 | 12 | - name: Restore home 13 | when: restoring 14 | command: 15 | argv: 16 | - "/root/extract_backup" 17 | - "Tile_" 18 | - '*' 19 | chdir: / 20 | -------------------------------------------------------------------------------- /roles/firewall/templates/jail.local.j2: -------------------------------------------------------------------------------- 1 | [DEFAULT] 2 | destemail = {{ admin_email }} 3 | 4 | [sshd] 5 | enabled = true 6 | maxretry = 3 7 | 8 | [apache-auth] 9 | enabled = true 10 | 11 | [apache-badbots] 12 | enabled = true 13 | 14 | [apache-overflows] 15 | enabled = true 16 | 17 | [apache-fakegooglebot] 18 | enabled = true 19 | 20 | [apache-shellshock] 21 | enabled = true 22 | 23 | [postfix] 24 | enabled = false 25 | 26 | [sendmail-auth] 27 | enabled = false 28 | -------------------------------------------------------------------------------- /Vagrantfile: -------------------------------------------------------------------------------- 1 | Vagrant.configure(2) do |config| 2 | # config.vm.box = "ubuntu/xenial64" 3 | config.vm.box = "nrclark/xenial64-minimal-libvirt" 4 | config.vm.host_name = "tile" 5 | config.vm.network "forwarded_port", guest: 80, host: 8080 6 | 7 | config.ssh.insert_key = false 8 | 9 | config.vm.provision "ansible" do |ansible| 10 | ansible.force_remote_user = false 11 | ansible.verbose = "v" 12 | ansible.playbook = "playbook.yml" 13 | end 14 | end 15 | -------------------------------------------------------------------------------- /roles/backup/files/extract_backup: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -u -e 3 | [ "$(whoami)" != "root" ] && echo "Please run this script as a root" && exit 1 4 | [ $# -lt 2 ] && echo "Usage: $0 ('*' for all)" && exit 1 5 | 6 | source /root/borg_env 7 | 8 | ARCHIVE=$($BORG list --short --glob-archives "$1*" --last 1) 9 | [ -z "$ARCHIVE" ] && exit 0 10 | 11 | if [ "$2" == "*" ]; then 12 | $BORG extract "::$ARCHIVE" 13 | else 14 | $BORG extract "::$ARCHIVE" "$2" 15 | fi 16 | -------------------------------------------------------------------------------- /install_roles.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | vars: 4 | galaxy_path: roles.galaxy 5 | tasks: 6 | - name: Remove old galaxy roles 7 | file: path={{ galaxy_path }} state=absent 8 | - name: Install Ansible Galaxy roles 9 | local_action: command ansible-galaxy install -r requirements.yml --roles-path {{ galaxy_path }} 10 | - name: Install Prometheus collection 11 | local_action: command ansible-galaxy collection install prometheus.prometheus --upgrade 12 | -------------------------------------------------------------------------------- /roles/hitrye/tasks/db.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create phpbb user 3 | postgresql_user: name=phpbb 4 | 5 | - name: Create phpbb database 6 | postgresql_db: 7 | name: hitrye 8 | encoding: UTF-8 9 | owner: phpbb 10 | 11 | - name: Allow logging in as phpbb by anybody 12 | lineinfile: 13 | path: /etc/postgresql/14/main/pg_hba.conf 14 | insertafter: '# TYPE\s*DATABASE' 15 | regexp: '^local hitrye' 16 | line: local hitrye phpbb trust 17 | notify: restart postgresql 18 | -------------------------------------------------------------------------------- /roles/hitrye/tasks/php.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Add repo for old PHP versions 3 | apt_repository: 4 | repo: 'ppa:ondrej/php' 5 | state: present 6 | 7 | - name: Install php 7.4 packages 8 | apt: 9 | name: 10 | - php7.4 11 | - php7.4-gd 12 | - php7.4-imagick 13 | - php7.4-mbstring 14 | - php7.4-json 15 | - php7.4-pgsql 16 | - php7.4-xml 17 | - php7.4-zip 18 | - libapache2-mod-php7.4 19 | - imagemagick 20 | - unzip 21 | state: present 22 | -------------------------------------------------------------------------------- /roles/hitrye/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | hitrye_path: /var/www/hitrye 3 | phpbb: 4 | url: https://download.phpbb.com/pub/release/3.3/3.3.11/phpBB-3.3.11.zip 5 | version: 3.3.11 6 | checksum: sha256:02006f09d71c44de55044497ef8633f95c6103361d175c816015280f3bcfe87b 7 | phpbb_lang: 8 | url: https://www.phpbb.com/customise/db/download/203452 9 | checksum: md5:aed0b10078a1f5a6f51619ea8b30cc5f 10 | dir: russian_2_1_13 11 | 12 | borg_repo: 12345@ch-s001.rsync.net:backup 13 | borg_pass: 'hackme' 14 | borg_key: 'id_rsa' 15 | -------------------------------------------------------------------------------- /roles/get_veloroad/tasks/cgi.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Copy bundled scripts 3 | copy: 4 | src: "{{ item }}" 5 | dest: /opt/src/{{ item }} 6 | mode: 0755 7 | with_items: 8 | - expandjson.py 9 | - findbuildings.py 10 | 11 | - name: Link to cgi scripts 12 | become: yes 13 | file: 14 | path: /usr/lib/cgi-bin/{{ item.dest }}.py 15 | src: /opt/src/{{ item.src }}.py 16 | state: link 17 | with_items: 18 | - { dest: expandjson, src: expandjson } 19 | - { dest: findbuildings, src: findbuildings } 20 | -------------------------------------------------------------------------------- /roles/hitrye/files/matomo.js: -------------------------------------------------------------------------------- 1 | var _paq = window._paq = window._paq || []; 2 | /* tracker methods like "setCustomDimension" should be called before "trackPageView" */ 3 | _paq.push(['trackPageView']); 4 | _paq.push(['enableLinkTracking']); 5 | (function() { 6 | var u="//matomo.tile.osmz.ru/"; 7 | _paq.push(['setTrackerUrl', u+'matomo.php']); 8 | _paq.push(['setSiteId', '1']); 9 | var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; 10 | g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); 11 | })(); 12 | -------------------------------------------------------------------------------- /roles/edpr/templates/edpr.service.j2: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Every Door Plugin Repository 3 | After=syslog.target 4 | 5 | [Service] 6 | Type=simple 7 | Restart=on-failure 8 | User=zverik 9 | Group=zverik 10 | WorkingDirectory=/opt/src/edpr 11 | ExecStart=/opt/src/edpr/bin/gunicorn -w 4 -b 0.0.0.0:{{ edpr_port }} 'app:create_app()' 12 | Environment=PYTHONUNBUFFERED=1 13 | StandardOutput=append:/var/log/apache2/{{ domain }}/py-stdout.log 14 | StandardError=append:/var/log/apache2/{{ domain }}/py-stderr.log 15 | 16 | [Install] 17 | WantedBy=multi-user.target 18 | -------------------------------------------------------------------------------- /roles/rails_port/templates/osm.conf.j2: -------------------------------------------------------------------------------- 1 | 2 | ServerName test.osmz.ru 3 | ServerAlias test2.osmz.ru 4 | 5 | ServerAdmin webmaster@localhost 6 | DocumentRoot /opt/src/openstreetmap-website/public 7 | PassengerRuby /usr/bin/ruby2.3 8 | SetEnv SECRET_KEY_BASE {{ rails_secret }} 9 | 10 | ErrorLog ${APACHE_LOG_DIR}/osm/error.log 11 | CustomLog ${APACHE_LOG_DIR}/osm/access.log combined 12 | 13 | 14 | Require all granted 15 | Options -MultiViews 16 | 17 | 18 | -------------------------------------------------------------------------------- /roles/hitrye/files/config.php: -------------------------------------------------------------------------------- 1 | 2 | ServerName teleput.textual.ru 3 | DocumentRoot /var/www/teleput 4 | 5 | 6 | AllowOverride All 7 | 8 | 9 | 10 | {% if cert_file.stat.exists %} 11 | 12 | ServerName teleput.textual.ru 13 | ProxyPass / http://localhost:3001/ 14 | SSLEngine on 15 | SSLCertificateFile "/etc/letsencrypt/certs/fullchain_teleput.textual.ru.crt" 16 | SSLCertificateKeyFile "/etc/letsencrypt/keys/teleput.textual.ru.key" 17 | 18 | {% endif %} 19 | -------------------------------------------------------------------------------- /roles/geoscribble/files/geoscribble.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Geoscribble 3 | After=syslog.target 4 | 5 | [Service] 6 | Type=simple 7 | Restart=on-failure 8 | User=zverik 9 | Group=zverik 10 | WorkingDirectory=/opt/src/geoscribble 11 | ExecStart=/opt/src/geoscribble/.venv/bin/gunicorn --workers 2 --worker-class proxy_worker.ProxyUvicornWorker --bind 0.0.0.0:3007 --proxy-protocol --forwarded-allow-ips '*' web.main:app 12 | Environment=PYTHONUNBUFFERED=1 13 | StandardOutput=append:/var/log/geoscribble.log 14 | StandardError=append:/var/log/geoscribble.log 15 | 16 | [Install] 17 | WantedBy=multi-user.target 18 | -------------------------------------------------------------------------------- /roles/postgis/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create render user 3 | user: 4 | name: "{{ render_user }}" 5 | createhome: no 6 | 7 | - name: Install PostgreSQL and PostGIS 8 | apt: 9 | name: 10 | - "postgresql-{{ postgresql_version }}-postgis-{{ postgis_version }}" 11 | - "postgresql-contrib-{{ postgresql_version }}" 12 | - python3-psycopg2 13 | state: present 14 | 15 | - name: Create database roles 16 | become: yes 17 | become_user: postgres 18 | postgresql_user: name={{ item }} 19 | with_items: 20 | - "{{ render_user }}" 21 | - zverik 22 | - www-data 23 | -------------------------------------------------------------------------------- /roles/hitrye/files/logrotate.conf: -------------------------------------------------------------------------------- 1 | /var/log/apache2/hitrye/*.log { 2 | daily 3 | missingok 4 | rotate 14 5 | compress 6 | delaycompress 7 | notifempty 8 | create 644 root adm 9 | sharedscripts 10 | postrotate 11 | if /etc/init.d/apache2 status > /dev/null ; then \ 12 | /etc/init.d/apache2 reload > /dev/null; \ 13 | fi; 14 | endscript 15 | prerotate 16 | if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ 17 | run-parts /etc/logrotate.d/httpd-prerotate; \ 18 | fi; \ 19 | endscript 20 | } 21 | -------------------------------------------------------------------------------- /roles/matomo/files/logrotate.conf: -------------------------------------------------------------------------------- 1 | /var/log/apache2/matomo/*.log { 2 | daily 3 | missingok 4 | rotate 14 5 | compress 6 | delaycompress 7 | notifempty 8 | create 644 root adm 9 | sharedscripts 10 | postrotate 11 | if /etc/init.d/apache2 status > /dev/null ; then \ 12 | /etc/init.d/apache2 reload > /dev/null; \ 13 | fi; 14 | endscript 15 | prerotate 16 | if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ 17 | run-parts /etc/logrotate.d/httpd-prerotate; \ 18 | fi; \ 19 | endscript 20 | } 21 | -------------------------------------------------------------------------------- /roles/firewall/tasks/firewall.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install UFW 3 | apt: name=ufw state=present 4 | 5 | 6 | - name: Configure ufw defaults 7 | ufw: direction={{ item.direction }} policy={{ item.policy }} 8 | with_items: 9 | - { direction: 'incoming', policy: 'deny' } 10 | - { direction: 'outgoing', policy: 'allow' } 11 | notify: restart ufw 12 | 13 | - name: Open Apache and SSH ports 14 | ufw: 15 | port: "{{ item }}" 16 | proto: tcp 17 | rule: allow 18 | with_items: 19 | - ssh 20 | - http 21 | - https 22 | notify: restart ufw 23 | 24 | - name: Enable ufw logging 25 | ufw: logging=on 26 | notify: restart ufw 27 | 28 | - name: Enable ufw 29 | ufw: state=enabled 30 | -------------------------------------------------------------------------------- /roles/icecast/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install icecast 3 | apt: name=icecast2 4 | 5 | - name: Upload configuration file 6 | template: 7 | src: icecast.xml.j2 8 | dest: /etc/icecast2/icecast.xml 9 | owner: icecast2 10 | group: icecast 11 | mode: 0644 12 | notify: 13 | - reload icecast 14 | 15 | - name: Enable Icecast in the config 16 | lineinfile: 17 | path: /etc/default/icecast2 18 | regexp: '^\s*ENABLE' 19 | line: 'ENABLE=true' 20 | state: present 21 | 22 | - name: Enable Icecast service 23 | systemd: name=icecast2 enabled=yes state=started 24 | 25 | - name: Open port 8000 26 | ufw: 27 | rule: allow 28 | port: 8000 29 | notify: restart ufw 30 | -------------------------------------------------------------------------------- /roles/hitrye/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install PHP 3 | become: yes 4 | import_tasks: php.yml 5 | 6 | - name: Install phpBB {{ phpbb_version }} 7 | import_tasks: phpbb.yml 8 | 9 | - name: Install Topic Descriptions extension 10 | import_tasks: topicdesc.yml 11 | 12 | - name: Install Recent Topics extension 13 | import_tasks: recent_topics.yml 14 | 15 | - name: Install Topic Tags extension 16 | import_tasks: tags.yml 17 | 18 | - name: Create database 19 | become: yes 20 | become_user: postgres 21 | import_tasks: db.yml 22 | 23 | - name: Set up apache config 24 | become: yes 25 | import_tasks: apache.yml 26 | 27 | - name: Set up backups 28 | become: yes 29 | import_tasks: backup.yml 30 | -------------------------------------------------------------------------------- /roles/get_veloroad/vars/main.yml: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 36653763623935326163386636666336653166613833643562323561646335636263653232363262 3 | 3534386236396661313063363033626364633138633461650a653064386538363739393339343537 4 | 61306338363131383534353138626437353336383266386538373235633338656536373063333438 5 | 3561393565393831620a613432373063353362653163326132623932633330626234316138323732 6 | 32616639636362643737663766616633316539343362346264663465356539306265336636313563 7 | 37336164643638373366663337653061666137643037323136643266316662303865316139333933 8 | 33363336626534616563396263643834613832393634643731363136663431653564666638643262 9 | 34323330343366643831353066316138386362626632643366656233653531633639363038663138 10 | 3733 11 | -------------------------------------------------------------------------------- /roles/geoscribble/templates/geoscribble.conf: -------------------------------------------------------------------------------- 1 | 2 | ServerName geoscribble.osmz.ru 3 | DocumentRoot /var/www/geoscribble 4 | 5 | 6 | AllowOverride All 7 | 8 | 9 | 10 | {% if gs_cert_file.stat.exists %} 11 | 12 | ServerName geoscribble.osmz.ru 13 | ProxyPass / http://localhost:3007/ 14 | ProxyPassReverse / http://localhost:3007/ 15 | ProxyPreserveHost On 16 | RequestHeader setifempty X-Forwarded-Proto "https" 17 | SSLEngine on 18 | SSLCertificateFile "/etc/letsencrypt/certs/fullchain_geoscribble.osmz.ru.crt" 19 | SSLCertificateKeyFile "/etc/letsencrypt/keys/geoscribble.osmz.ru.key" 20 | 21 | {% endif %} 22 | -------------------------------------------------------------------------------- /roles/get_veloroad/files/nik4wsgi_config.py: -------------------------------------------------------------------------------- 1 | PYTHON = 'python3' 2 | NIK4 = '/opt/src/Nik4/nik4.py' 3 | 4 | STYLES = [ 5 | ['veloroad', 'Veloroad Ru', '/opt/styles/veloroad/veloroad-r.xml', True], 6 | ['veloroaden', 'Veloroad', '/opt/styles/veloroad/veloroad-en.xml', True], 7 | ['osm', 'OSM-Carto', '/opt/styles/osm-carto/osm-r.xml', False], 8 | ] 9 | TILES = { 10 | 'veloroad': ['http://tile.osmz.ru/veloroad/{z}/{x}/{y}.png', 11 | 'Map © OpenStreetMap | Tiles © Ilya Zverev'], 12 | 'veloroaden': ['http://tile.osmz.ru/veloroad/{z}/{x}/{y}.png', 13 | 'Map © OpenStreetMap | Tiles © Ilya Zverev'], 14 | 'osm': ['https://tile.openstreetmap.org/{z}/{x}/{y}.png', 15 | 'Map © OpenStreetMap'], 16 | } 17 | -------------------------------------------------------------------------------- /roles/hitrye/tasks/apache.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check that certificates exist 3 | stat: 4 | path: /etc/letsencrypt/certs/fullchain_hitrye.ru.crt 5 | register: cert_file 6 | 7 | - name: Upload apache config 8 | template: 9 | src: hitrye.conf 10 | dest: /etc/apache2/sites-available 11 | notify: reload apache 12 | 13 | - name: Create apache log dir 14 | file: 15 | path: /var/log/apache2/hitrye 16 | state: directory 17 | 18 | - name: Upload logrotate config 19 | copy: 20 | src: logrotate.conf 21 | dest: /etc/logrotate.d/apache2-hitrye 22 | 23 | - name: Symlink apache config 24 | file: 25 | src: /etc/apache2/sites-available/hitrye.conf 26 | dest: /etc/apache2/sites-enabled/hitrye.conf 27 | state: link 28 | notify: reload apache 29 | -------------------------------------------------------------------------------- /roles/schedules/files/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | State of the Map XML Schedules 6 | 7 | 13 | 14 | 15 |
16 |

Schedules

17 |

Please head on to the conference you're planning to visit:

18 |
FOSS4G Europe 2024
19 |
20 | 21 | 22 | -------------------------------------------------------------------------------- /roles/apache/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install Apache 3 | apt: name=apache2 4 | 5 | - name: Enable cgi for apache 6 | apache2_module: 7 | name: "{{ item }}" 8 | state: present 9 | loop: 10 | - ssl 11 | - cgid 12 | notify: restart apache 13 | 14 | - name: Chown /var/www/html to zverik 15 | file: 16 | path: /var/www/html 17 | owner: zverik 18 | group: zverik 19 | 20 | - name: Add robots.txt 21 | copy: 22 | content: | 23 | User-agent: * 24 | Disallow: / 25 | dest: /var/www/html/robots.txt 26 | 27 | - name: Allow symlinks for cgi scripts 28 | lineinfile: 29 | path: /etc/apache2/conf-available/serve-cgi-bin.conf 30 | regexp: '^\s*Options.*\+ExecCGI' 31 | line: 'Options +ExecCGI -MultiViews' 32 | notify: restart apache 33 | -------------------------------------------------------------------------------- /roles/matomo/tasks/apache.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check that certificates exist 3 | stat: 4 | path: /etc/letsencrypt/certs/fullchain_matomo.tile.osmz.ru.crt 5 | register: cert_file 6 | 7 | - name: Upload apache config 8 | template: 9 | src: domain.j2 10 | dest: /etc/apache2/sites-available/matomo.conf 11 | notify: reload apache 12 | 13 | - name: Create apache log dir 14 | file: 15 | path: /var/log/apache2/matomo 16 | state: directory 17 | 18 | - name: Upload logrotate config 19 | copy: 20 | src: logrotate.conf 21 | dest: /etc/logrotate.d/apache2-matomo 22 | 23 | - name: Symlink apache config 24 | file: 25 | src: /etc/apache2/sites-available/matomo.conf 26 | dest: /etc/apache2/sites-enabled/matomo.conf 27 | state: link 28 | notify: reload apache 29 | -------------------------------------------------------------------------------- /roles/mayak_nav_bot/tasks/backup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install backup script for mayak 3 | template: 4 | src: backup_mayak.j2 5 | dest: /etc/cron.daily/backup_mayak 6 | mode: 0700 7 | 8 | - name: Test if we're restoring 9 | set_fact: 10 | restoring: "{{ 'restore' in ansible_run_tags }}" 11 | 12 | - name: Stop mayak service if we're restoring 13 | when: restoring 14 | service: 15 | name: mayak_nav_bot 16 | state: stopped 17 | 18 | - name: Restore mayak database 19 | when: restoring 20 | command: 21 | argv: 22 | - "/root/extract_backup" 23 | - "Mayak_" 24 | - opt/src/mayak_nav/config 25 | chdir: / 26 | 27 | - name: Start mayak service if we're restoring 28 | when: restoring 29 | service: 30 | name: mayak_nav_bot 31 | state: started 32 | -------------------------------------------------------------------------------- /roles/teleput/tasks/backup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install backup script for teleput 3 | become: yes 4 | template: 5 | src: backup_teleput.j2 6 | dest: /etc/cron.daily/backup_teleput 7 | mode: 0700 8 | 9 | - name: Test if we're restoring 10 | set_fact: 11 | restoring: "{{ 'restore' in ansible_run_tags }}" 12 | 13 | - name: Stop teleput service if we're restoring 14 | when: restoring 15 | service: 16 | name: teleput 17 | state: stopped 18 | 19 | - name: Restore teleput database 20 | when: restoring 21 | command: 22 | argv: 23 | - "/root/extract_backup" 24 | - "Teleput_" 25 | - opt/src/teleput/teleput.sqlite 26 | chdir: / 27 | 28 | - name: Start teleput service if we're restoring 29 | when: restoring 30 | service: 31 | name: teleput 32 | state: started 33 | -------------------------------------------------------------------------------- /roles/mark_spam_bot/tasks/backup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install backup script for mark_spam 3 | template: 4 | src: backup_mark_spam.j2 5 | dest: /etc/cron.daily/backup_mark_spam 6 | mode: 0700 7 | 8 | - name: Test if we're restoring 9 | set_fact: 10 | restoring: "{{ 'restore' in ansible_run_tags }}" 11 | 12 | - name: Stop mark_spam service if we're restoring 13 | when: restoring 14 | service: 15 | name: mark_spam_bot 16 | state: stopped 17 | 18 | - name: Restore mark_spam database 19 | when: restoring 20 | command: 21 | argv: 22 | - "/root/extract_backup" 23 | - "MarkSpam_" 24 | - opt/src/mark_spam_bot/markspam.sqlite 25 | chdir: / 26 | 27 | - name: Start mark_spam service if we're restoring 28 | when: restoring 29 | service: 30 | name: mark_spam_bot 31 | state: started 32 | -------------------------------------------------------------------------------- /roles/edpr/templates/domain.j2: -------------------------------------------------------------------------------- 1 | 2 | ServerName {{ domain }} 3 | DocumentRoot /var/www/edpr 4 | 5 | 6 | AllowOverride All 7 | 8 | 9 | 10 | {% if edpr_cert.stat.exists %} 11 | 12 | ServerName {{ domain }} 13 | 14 | ProxyPass / http://localhost:{{ edpr_port }}/ 15 | ProxyPassReverse / http://localhost:{{ edpr_port }}/ 16 | RequestHeader set X-Forwarded-Proto https 17 | RequestHeader set X-Forwarded-Prefix / 18 | 19 | CustomLog /var/log/apache2/{{ domain }}/access_log combined 20 | ErrorLog /var/log/apache2/{{ domain }}/error_log 21 | 22 | SSLEngine on 23 | SSLCertificateFile "/etc/letsencrypt/certs/fullchain_{{ domain }}.crt" 24 | SSLCertificateKeyFile "/etc/letsencrypt/keys/{{ domain }}.key" 25 | 26 | {% endif %} 27 | -------------------------------------------------------------------------------- /roles/sotm_intro_bot/tasks/backup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install backup script for sotm_intro_bot 3 | template: 4 | src: backup_intros.j2 5 | dest: /etc/cron.daily/backup_intros 6 | mode: 0700 7 | 8 | - name: Test if we're restoring 9 | set_fact: 10 | restoring: "{{ 'restore' in ansible_run_tags }}" 11 | 12 | - name: Stop sotm_intro service if we're restoring 13 | when: restoring 14 | service: 15 | name: sotm_intro_bot 16 | state: stopped 17 | 18 | - name: Restore sotm_intro database 19 | when: restoring 20 | command: 21 | argv: 22 | - "/root/extract_backup" 23 | - "SotmIntro_" 24 | - opt/src/sotm_intro_bot/intros.sqlite 25 | chdir: / 26 | 27 | - name: Start sotm_intro service if we're restoring 28 | when: restoring 29 | service: 30 | name: sotm_intro_bot 31 | state: started 32 | -------------------------------------------------------------------------------- /roles/rails_port/tasks/passenger.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install mod_passenger 3 | apt: name=libapache2-mod-passenger 4 | 5 | - name: Enable mod_env 6 | apache2_module: 7 | name: env 8 | state: present 9 | notify: restart apache 10 | 11 | - name: Enable passenger 12 | apache2_module: 13 | name: passenger 14 | state: present 15 | notify: restart apache 16 | 17 | - name: Upload apache config 18 | template: 19 | src: osm.conf.j2 20 | dest: /etc/apache2/sites-available/osm.conf 21 | notify: reload apache 22 | 23 | - name: Create apache log dir 24 | file: 25 | path: /var/log/apache2/osm 26 | state: directory 27 | 28 | - name: Symlink apache config 29 | file: 30 | src: /etc/apache2/sites-available/osm.conf 31 | dest: /etc/apache2/sites-enabled/osm.conf 32 | state: link 33 | notify: reload apache 34 | -------------------------------------------------------------------------------- /roles/stats/files/du_layer: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Plugin to monitor the rendering throughput of Renderd 4 | # 5 | # Parameters: 6 | # 7 | # config (required) 8 | # autoconf (optional - used by munin-config) 9 | # 10 | 11 | if [ "$1" = "config" ]; then 12 | 13 | echo 'graph_title Tile disk usage by layer' 14 | echo 'graph_args --base 1024' 15 | echo 'graph_vlabel Tile layer disk usage' 16 | echo 'graph_category renderd' 17 | echo 'v.label veloroad' 18 | echo 'v.info Veloroad' 19 | echo 'r.label veloroad hr' 20 | echo 'r.info Veloroad HiDPI' 21 | 22 | exit 0 23 | fi 24 | 25 | du --max-depth 1 /var/lib/mod_tile > /tmp/du-layers.txt 26 | veloroad=`grep \/veloroad /tmp/du-layers.txt | cut -f1` 27 | veloroadhr=`grep \/veloroadhr /tmp/du-layers.txt | cut -f1` 28 | rm /tmp/du-layers.txt 29 | 30 | echo "v.value $veloroad" 31 | echo "r.value $veloroadhr" 32 | -------------------------------------------------------------------------------- /roles/changes_counter/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Checkout osm-counter repo 3 | git: 4 | repo: https://github.com/Zverik/osm-changes-counter.git 5 | dest: /opt/src/osm-changes-counter 6 | tags: changes 7 | 8 | - name: Create virtualenv 9 | pip: 10 | state: latest 11 | requirements: /opt/src/osm-changes-counter/requirements.txt 12 | virtualenv: /opt/src/osm-changes-counter/venv 13 | tags: changes 14 | 15 | - name: Initialize osm-counter log file 16 | become: yes 17 | copy: 18 | content: "" 19 | dest: /var/log/osm_counter.log 20 | force: no 21 | owner: zverik 22 | mode: 0644 23 | 24 | #- name: Add osm-counter to crontab 25 | # cron: 26 | # name: osm_counter 27 | # job: "run-one /opt/src/osm-changes-counter/run.sh gis /opt/src/osm-changes-counter/cities.csv > /var/log/osm_counter.log" 28 | # minute: "3,33" 29 | -------------------------------------------------------------------------------- /roles/integratsioon/tasks/backup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install backup script for integratsioon 3 | template: 4 | src: backup_integratsioon.j2 5 | dest: /etc/cron.daily/backup_integratsioon 6 | mode: 0700 7 | 8 | - name: Test if we're restoring 9 | set_fact: 10 | restoring: "{{ 'restore' in ansible_run_tags }}" 11 | 12 | - name: Stop integratsioon service if we're restoring 13 | when: restoring 14 | service: 15 | name: integratsioon 16 | state: stopped 17 | 18 | - name: Restore integratsioon database 19 | when: restoring 20 | command: 21 | argv: 22 | - "/root/extract_backup" 23 | - "Integratsioon_" 24 | - opt/src/watch_integratsioon/wi_users.sqlite 25 | chdir: / 26 | 27 | - name: Start integratsioon service if we're restoring 28 | when: restoring 29 | service: 30 | name: integratsioon 31 | state: started 32 | -------------------------------------------------------------------------------- /roles/hitrye/tasks/backup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install backup script 3 | template: 4 | src: backup_hitrye.j2 5 | dest: /etc/cron.daily/backup_hitrye 6 | mode: 0700 7 | 8 | - name: Test if we're restoring 9 | set_fact: 10 | restoring: "{{ 'restore' in ansible_run_tags }}" 11 | 12 | - name: Restore hitrye files 13 | when: restoring 14 | command: 15 | argv: 16 | - "/root/extract_backup" 17 | - "Hitrye_" 18 | - '*' 19 | chdir: / 20 | 21 | - name: Restore hitrye database from the dump 22 | when: restoring 23 | become: yes 24 | become_user: postgres 25 | community.postgresql.postgresql_db: 26 | name: hitrye 27 | state: restore 28 | target: /var/tmp/hitrye.pgc 29 | target_opts: "--clean --if-exists" 30 | 31 | - name: Delete the temporary db dump 32 | when: restoring 33 | file: 34 | path: /var/tmp/hitrye.pgc 35 | state: absent 36 | -------------------------------------------------------------------------------- /roles/tile_server/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create gis database 3 | import_tasks: create_gis_db.yml 4 | 5 | - name: Install tile packages 6 | become: yes 7 | apt: 8 | name: 9 | - osm2pgsql 10 | - osmosis 11 | - libmapnik3.1 12 | - gdal-bin 13 | state: present 14 | 15 | - name: Install mod_tile 16 | import_tasks: mod_tile.yml 17 | 18 | - name: Install osm-carto v3 style 19 | import_tasks: osm_carto.yml 20 | vars: 21 | branch: v3.3.1 22 | dir: osm-carto 23 | 24 | - name: Install veloroad style 25 | import_tasks: veloroad.yml 26 | 27 | - name: Install small testing styles 28 | import_tasks: other_styles.yml 29 | 30 | - name: Install sample pbf file 31 | import_tasks: sample_pbf.yml 32 | 33 | - name: Set up replication 34 | import_tasks: replication.yml 35 | 36 | - name: Start renderd 37 | become: yes 38 | systemd: name=renderd state=started 39 | -------------------------------------------------------------------------------- /roles/mark_spam_bot/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check out mark_spam code 3 | git: 4 | repo: https://github.com/Zverik/mark_spam_bot.git 5 | dest: /opt/src/mark_spam_bot 6 | notify: restart mark_spam 7 | 8 | - name: Create virtualenv for mark_spam 9 | pip: 10 | requirements: /opt/src/mark_spam_bot/requirements.txt 11 | virtualenv: /opt/src/mark_spam_bot/venv 12 | 13 | - name: Upload mark_spam config 14 | template: 15 | src: config.j2 16 | dest: /opt/src/mark_spam_bot/config.py 17 | notify: restart mark_spam 18 | 19 | - name: Create systemd service 20 | become: yes 21 | copy: 22 | src: mark_spam_bot.service 23 | dest: /etc/systemd/system/ 24 | notify: restart mark_spam 25 | 26 | - name: Enable mark_spam systemd module 27 | become: yes 28 | systemd: 29 | name: mark_spam_bot 30 | enabled: yes 31 | 32 | - name: Set up backups 33 | become: yes 34 | import_tasks: backup.yml 35 | -------------------------------------------------------------------------------- /roles/hitrye/tasks/recent_topics.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check that recent topics is installed 3 | stat: 4 | path: /var/www/hitrye/ext/paybas/recenttopics/ext.php 5 | register: rt 6 | 7 | - name: Download Recent Topics extension 8 | when: not rt.stat.exists 9 | get_url: 10 | url: https://www.phpbb.com/customise/db/download/180056 11 | dest: /var/tmp/recent.zip 12 | checksum: md5:21d1bf2cee0e0085a55b032d0f1526cd 13 | 14 | - name: Unpack recent topics 15 | when: not rt.stat.exists 16 | unarchive: 17 | remote_src: yes 18 | src: /var/tmp/recent.zip 19 | dest: /var/tmp 20 | 21 | - name: Move recent topics to phpbb 22 | shell: mv /var/tmp/paybas /var/www/hitrye/ext/ 23 | args: 24 | creates: /var/www/hitrye/ext/paybas/recenttopics/ext.php 25 | 26 | - name: Cleanup recent topics 27 | file: 28 | path: /var/tmp/{{ item }} 29 | state: absent 30 | with_items: 31 | - recent.zip 32 | - paybas 33 | -------------------------------------------------------------------------------- /roles/rails_port/tasks/db.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create rails user 3 | postgresql_user: name=rails 4 | 5 | - name: Create rails database 6 | postgresql_db: 7 | name: "{{ item }}" 8 | encoding: UTF-8 9 | owner: rails 10 | with_items: 11 | - osm_test 12 | - osm_dev 13 | - openstreetmap 14 | 15 | - name: Allow logging in as rails by anybody 16 | lineinfile: 17 | path: /etc/postgresql/14/main/pg_hba.conf 18 | insertafter: '# TYPE\s*DATABASE' 19 | regexp: '^local openstreetmap' 20 | line: local openstreetmap,osm_dev,osm_test rails trust 21 | register: pgmod 22 | 23 | - name: Restart postgresql if needed 24 | when: pgmod.changed 25 | become: yes 26 | become_user: root 27 | systemd: name=postgresql state=restarted 28 | 29 | - name: Add btree extension to db 30 | postgresql_ext: db={{ item }} name=btree_gist 31 | with_items: 32 | - osm_test 33 | - osm_dev 34 | - openstreetmap 35 | -------------------------------------------------------------------------------- /roles/schedules/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Checkout schedules repo 3 | git: 4 | repo: https://github.com/Zverik/schedule-convert.git 5 | dest: /opt/src/schedule-convert 6 | register: git_updated 7 | tags: sotm 8 | 9 | - name: Install lxml 10 | apt: name=python3-lxml 11 | 12 | - name: Create virtualenv 13 | pip: 14 | name: /opt/src/schedule-convert 15 | state: latest 16 | virtualenv: /opt/src/sc_venv 17 | virtualenv_site_packages: yes 18 | tags: sotm 19 | 20 | - name: Create www/sotm directory 21 | become: yes 22 | file: 23 | path: /var/www/sotm 24 | state: directory 25 | owner: zverik 26 | 27 | - name: Upload static files to www 28 | copy: 29 | src: index.html 30 | dest: /var/www/sotm/ 31 | tags: sotm 32 | 33 | - name: Set up schedule updater 34 | import_tasks: updater.yml 35 | 36 | - name: Set up apache config 37 | become: yes 38 | import_tasks: apache.yml 39 | 40 | -------------------------------------------------------------------------------- /roles/tile_server/tasks/sample_pbf.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ensure the database is empty 3 | become: yes 4 | become_user: postgres 5 | command: psql -A -t -d {{ gisdb }} -c "SELECT tablename FROM pg_tables WHERE schemaname = 'public' AND tablename = 'planet_osm_point'" 6 | register: table 7 | changed_when: False 8 | 9 | - name: Upload sample pbf file 10 | when: not table.stdout 11 | copy: 12 | src: novorzhev.osm.pbf 13 | dest: /var/tmp/novorzhev.osm.pbf 14 | force: no 15 | 16 | - name: Load sample pbf file 17 | when: not table.stdout 18 | become_user: "{{ render_user }}" 19 | become: yes 20 | command: osm2pgsql -C {{ ansible_memtotal_mb - 100 }} --slim -S /opt/styles/veloroad/veloroad.style -d {{ gisdb }} --number-processes {{ ansible_processor_cores}} /var/tmp/novorzhev.osm.pbf 21 | 22 | - name: Remove sample pbf 23 | when: not table.stdout 24 | file: 25 | path: /var/tmp/novorzhev.osm.pbf 26 | state: absent 27 | -------------------------------------------------------------------------------- /roles/hitrye/tasks/topicdesc.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check that topic desc is installed 3 | stat: 4 | path: /var/www/hitrye/ext/rmcgirr83/topicdescription/composer.json 5 | register: td 6 | 7 | - name: Download Topic Descriptions extension 8 | when: not td.stat.exists 9 | get_url: 10 | url: https://www.phpbb.com/customise/db/download/154261 11 | dest: /var/tmp/topicdesc.zip 12 | checksum: md5:de98d7780af1e2f4abdc181cd75f4411 13 | 14 | - name: Unpack topic desc 15 | when: not td.stat.exists 16 | unarchive: 17 | remote_src: yes 18 | src: /var/tmp/topicdesc.zip 19 | dest: /var/tmp 20 | 21 | - name: Move topic desc to phpbb 22 | shell: mv /var/tmp/rmcgirr83 /var/www/hitrye/ext/ 23 | args: 24 | creates: /var/www/hitrye/ext/rmcgirr83/topicdescription/composer.json 25 | 26 | - name: Cleanup topic desc 27 | file: 28 | path: /var/tmp/{{ item }} 29 | state: absent 30 | with_items: 31 | - topicdesc.zip 32 | - rmcgirr83 33 | -------------------------------------------------------------------------------- /roles/sotm_intro_bot/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check out sotm_intro_bot code 3 | git: 4 | repo: https://github.com/Zverik/sotm_intro_bot.git 5 | dest: /opt/src/sotm_intro_bot 6 | notify: restart sotm_intro_bot 7 | 8 | - name: Create virtualenv for sotm_intro_bot 9 | pip: 10 | requirements: /opt/src/sotm_intro_bot/requirements.txt 11 | virtualenv: /opt/src/sotm_intro_bot/venv 12 | 13 | - name: Upload sotm_intro_bot config 14 | template: 15 | src: config.py 16 | dest: /opt/src/sotm_intro_bot/config.py 17 | notify: restart sotm_intro_bot 18 | 19 | - name: Create systemd service 20 | become: yes 21 | copy: 22 | src: sotm_intro_bot.service 23 | dest: /etc/systemd/system/ 24 | notify: restart sotm_intro_bot 25 | 26 | - name: Enable sotm_intro_bot systemd module 27 | become: yes 28 | systemd: 29 | name: sotm_intro_bot 30 | enabled: yes 31 | 32 | - name: Set up backups 33 | become: yes 34 | import_tasks: backup.yml 35 | -------------------------------------------------------------------------------- /roles/matomo/templates/domain.j2: -------------------------------------------------------------------------------- 1 | 2 | ServerName matomo.tile.osmz.ru 3 | DocumentRoot /var/www/matomo/matomo 4 | ErrorLog ${APACHE_LOG_DIR}/matomo/error.log 5 | CustomLog ${APACHE_LOG_DIR}/matomo/access.log combined 6 | 7 | 8 | Options FollowSymLinks Includes MultiViews 9 | AllowOverride All 10 | 11 | 12 | 13 | {% if cert_file.stat.exists %} 14 | 15 | ServerName matomo.tile.osmz.ru 16 | DocumentRoot /var/www/matomo/matomo 17 | ErrorLog ${APACHE_LOG_DIR}/matomo/error.log 18 | CustomLog ${APACHE_LOG_DIR}/matomo/access.log combined 19 | 20 | 21 | Options FollowSymLinks Includes MultiViews 22 | AllowOverride All 23 | 24 | 25 | SSLEngine on 26 | SSLCertificateFile "/etc/letsencrypt/certs/fullchain_matomo.tile.osmz.ru.crt" 27 | SSLCertificateKeyFile "/etc/letsencrypt/keys/matomo.tile.osmz.ru.key" 28 | 29 | {% endif %} 30 | -------------------------------------------------------------------------------- /roles/integratsioon/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check out watch_integratsioon code 3 | git: 4 | repo: https://github.com/Zverik/watch_integratsioon.git 5 | dest: /opt/src/watch_integratsioon 6 | notify: restart integratsioon 7 | 8 | - name: Create virtualenv for watch_integratsioon 9 | pip: 10 | requirements: /opt/src/watch_integratsioon/requirements.txt 11 | virtualenv: /opt/src/watch_integratsioon/venv 12 | 13 | - name: Upload watch_integratsioon config 14 | template: 15 | src: config.j2 16 | dest: /opt/src/watch_integratsioon/config.py 17 | notify: restart integratsioon 18 | 19 | - name: Create systemd service 20 | become: yes 21 | copy: 22 | src: integratsioon.service 23 | dest: /etc/systemd/system/ 24 | notify: restart integratsioon 25 | 26 | - name: Enable integratsioon systemd module 27 | become: yes 28 | systemd: 29 | name: integratsioon 30 | enabled: yes 31 | 32 | - name: Set up backups 33 | become: yes 34 | import_tasks: backup.yml 35 | -------------------------------------------------------------------------------- /roles/hitrye_archive/templates/hitrye_archive.conf: -------------------------------------------------------------------------------- 1 | 2 | ServerName archive.hitrye.ru 3 | DocumentRoot /var/www/hitrye_archive 4 | ErrorLog ${APACHE_LOG_DIR}/hitrye/error.log 5 | CustomLog ${APACHE_LOG_DIR}/hitrye/access.log combined 6 | 7 | 8 | Options FollowSymLinks Includes MultiViews 9 | AllowOverride All 10 | 11 | 12 | 13 | {% if ah_cert_file.stat.exists %} 14 | 15 | ServerName archive.hitrye.ru 16 | DocumentRoot /var/www/hitrye_archive 17 | ErrorLog ${APACHE_LOG_DIR}/hitrye/error.log 18 | CustomLog ${APACHE_LOG_DIR}/hitrye/access.log combined 19 | 20 | 21 | Options FollowSymLinks Includes MultiViews 22 | AllowOverride All 23 | 24 | 25 | SSLEngine on 26 | SSLCertificateFile "/etc/letsencrypt/certs/fullchain_archive.hitrye.ru.crt" 27 | SSLCertificateKeyFile "/etc/letsencrypt/keys/archive.hitrye.ru.key" 28 | 29 | {% endif %} 30 | -------------------------------------------------------------------------------- /roles/rails_port/files/database.yml: -------------------------------------------------------------------------------- 1 | # Using a recent release (9.1 or higher) of PostgreSQL (http://postgresql.org/) is recommended. 2 | # See https://github.com/openstreetmap/openstreetmap-website/blob/master/INSTALL.md#database-setup for detailed setup instructions. 3 | # 4 | development: 5 | adapter: postgresql 6 | database: osm_dev 7 | username: rails 8 | # username: openstreetmap 9 | # password: openstreetmap 10 | # host: localhost 11 | encoding: utf8 12 | 13 | # Warning: The database defined as 'test' will be erased and 14 | # re-generated from your development database when you run 'rake'. 15 | # Do not set this db to the same as development or production. 16 | test: 17 | adapter: postgresql 18 | database: osm_test 19 | username: rails 20 | # username: osm_test 21 | # password: osm_test 22 | # host: localhost 23 | encoding: utf8 24 | 25 | production: 26 | adapter: postgresql 27 | database: openstreetmap 28 | username: rails 29 | # password: osm 30 | # host: localhost 31 | encoding: utf8 32 | -------------------------------------------------------------------------------- /roles/schedules/files/sotm.conf: -------------------------------------------------------------------------------- 1 | 2 | ServerName sotm.osmz.ru 3 | ServerAlias www.sotm.osmz.ru 4 | DocumentRoot /var/www/sotm 5 | 6 | 7 | Options FollowSymLinks Includes MultiViews 8 | AllowOverride All 9 | 10 | Redirect / https://sotm.osmz.ru/ 11 | 12 | 13 | 14 | ServerName sotm.osmz.ru 15 | ServerAlias www.sotm.osmz.ru 16 | DocumentRoot /var/www/sotm 17 | SSLEngine on 18 | # SSLCertificateFile "/etc/apache2/sotm.osmz.ru/fullchain.pem" 19 | # SSLCertificateKeyFile "/etc/apache2/sotm.osmz.ru/privkey.pem" 20 | SSLCertificateFile "/etc/letsencrypt/certs/fullchain_sotm.osmz.ru.crt" 21 | SSLCertificateKeyFile "/etc/letsencrypt/keys/sotm.osmz.ru.key" 22 | 23 | 24 | Options FollowSymLinks Includes MultiViews 25 | AllowOverride All 26 | 27 | 28 | -------------------------------------------------------------------------------- /roles/edpr/tasks/backup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install edpr backup script 3 | template: 4 | src: backup_edpr.j2 5 | dest: /etc/cron.daily/backup_edpr 6 | mode: 0700 7 | 8 | - name: Test if we're restoring 9 | set_fact: 10 | restoring: "{{ 'restore' in ansible_run_tags }}" 11 | 12 | - name: Restore edpr database dump 13 | when: restoring 14 | command: 15 | argv: 16 | - "/root/extract_backup" 17 | - "EDPR_" 18 | - var/tmp/edpr.pgc 19 | chdir: / 20 | 21 | - name: Restore edpr database from the dump 22 | when: restoring 23 | become: yes 24 | become_user: postgres 25 | community.postgresql.postgresql_db: 26 | name: edpr 27 | state: restore 28 | target: /var/tmp/edpr.pgc 29 | target_opts: "--clean --if-exists" 30 | 31 | - name: Delete the temporary db dump 32 | when: restoring 33 | file: 34 | path: /var/tmp/edpr.pgc 35 | state: absent 36 | 37 | - name: Restart edpr service if we're restoring 38 | when: restoring 39 | service: 40 | name: edpr 41 | state: restarted 42 | -------------------------------------------------------------------------------- /roles/backup/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Download borg 3 | get_url: 4 | url: "https://github.com/borgbackup/borg/releases/download/{{ borg_version }}/borg-linux64" 5 | dest: /usr/local/bin/borg 6 | mode: 0755 7 | checksum: "md5:{{ borg_exec_md5 }}" 8 | 9 | - name: Create a private key 10 | copy: 11 | content: "{{ borg_key }}" 12 | dest: /root/.ssh/borg 13 | mode: 0600 14 | 15 | - name: Add rsync.net to authorized keys 16 | known_hosts: 17 | host: ch-s012.rsync.net 18 | key: "{{ rsync_key }}" 19 | 20 | - name: Upload borg_env 21 | template: 22 | src: borg_env.j2 23 | dest: /root/borg_env 24 | mode: 0700 25 | 26 | - name: Add compacting job once a week 27 | copy: 28 | src: compact_backups 29 | dest: /etc/cron.weekly/compact_backups 30 | mode: 0700 31 | 32 | - name: Upload the backup script 33 | copy: 34 | src: "{{ item }}" 35 | dest: "/root/{{ item }}" 36 | mode: 0700 37 | loop: 38 | - make_backup 39 | - extract_backup 40 | 41 | - name: Set up home backups 42 | import_tasks: home.yml 43 | -------------------------------------------------------------------------------- /roles/hitrye/templates/hitrye.conf: -------------------------------------------------------------------------------- 1 | 2 | ServerName hitrye.ru 3 | ServerAlias test.hitrye.ru 4 | DocumentRoot /var/www/hitrye 5 | ErrorLog ${APACHE_LOG_DIR}/hitrye/error.log 6 | CustomLog ${APACHE_LOG_DIR}/hitrye/access.log combined 7 | 8 | 9 | Options FollowSymLinks Includes MultiViews 10 | AllowOverride All 11 | 12 | 13 | 14 | 15 | ServerName www.hitrye.ru 16 | Redirect permanent / http://hitrye.ru/ 17 | 18 | 19 | {% if cert_file.stat.exists %} 20 | 21 | ServerName hitrye.ru 22 | DocumentRoot /var/www/hitrye 23 | ErrorLog ${APACHE_LOG_DIR}/hitrye/error.log 24 | CustomLog ${APACHE_LOG_DIR}/hitrye/access.log combined 25 | 26 | 27 | Options FollowSymLinks Includes MultiViews 28 | AllowOverride All 29 | 30 | 31 | SSLEngine on 32 | SSLCertificateFile "/etc/letsencrypt/certs/fullchain_hitrye.ru.crt" 33 | SSLCertificateKeyFile "/etc/letsencrypt/keys/hitrye.ru.key" 34 | 35 | {% endif %} 36 | -------------------------------------------------------------------------------- /roles/tile_server/tasks/other_styles.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Upload small styles 3 | copy: 4 | src: "{{ item }}" 5 | dest: /opt/styles/{{ item }} 6 | with_items: 7 | - lonelyplaces.xml 8 | - smoothness.xml 9 | - surface.xml 10 | 11 | - name: Add renderd sections for these styles 12 | become: yes 13 | blockinfile: 14 | path: /etc/renderd.conf 15 | insertafter: EOF 16 | marker: '# {mark} small styles' 17 | block: | 18 | [smoothness] 19 | URI=/smoothness/ 20 | TILEDIR=/var/lib/mod_tile 21 | XML=/opt/styles/smoothness.xml 22 | HOST={{ render_host }} 23 | TILESIZE=256 24 | MINZOOM=10 25 | MAXZOOM=16 26 | 27 | [surface] 28 | URI=/surface/ 29 | TILEDIR=/var/lib/mod_tile 30 | XML=/opt/styles/surface.xml 31 | HOST={{ render_host }} 32 | TILESIZE=256 33 | MINZOOM=6 34 | MAXZOOM=15 35 | 36 | [lonely] 37 | URI=/lonely/ 38 | TILEDIR=/var/lib/mod_tile 39 | XML=/opt/styles/lonelyplaces.xml 40 | HOST={{ render_host }} 41 | TILESIZE=256 42 | MINZOOM=6 43 | MAXZOOM=15 44 | 45 | -------------------------------------------------------------------------------- /roles/geoscribble/tasks/backup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install geoscribble backup script 3 | template: 4 | src: backup_geoscribble.j2 5 | dest: /etc/cron.daily/backup_geoscribble 6 | mode: 0700 7 | 8 | - name: Test if we're restoring 9 | set_fact: 10 | restoring: "{{ 'restore' in ansible_run_tags }}" 11 | 12 | - name: Restore geoscribble database dump 13 | when: restoring 14 | command: 15 | argv: 16 | - "/root/extract_backup" 17 | - "Geoscribble_" 18 | - var/tmp/geoscribble.pgc 19 | chdir: / 20 | 21 | - name: Restore geoscribble database from the dump 22 | when: restoring 23 | become: yes 24 | become_user: postgres 25 | community.postgresql.postgresql_db: 26 | name: geoscribble 27 | state: restore 28 | target: /var/tmp/geoscribble.pgc 29 | target_opts: "--clean --if-exists" 30 | 31 | - name: Delete the temporary db dump 32 | when: restoring 33 | file: 34 | path: /var/tmp/geoscribble.pgc 35 | state: absent 36 | 37 | - name: Restart geoscribble service if we're restoring 38 | when: restoring 39 | service: 40 | name: geoscribble 41 | state: restarted 42 | -------------------------------------------------------------------------------- /roles/a5a4/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install pdftk and pdfjam 3 | become: yes 4 | apt: 5 | name: 6 | - imagemagick 7 | - pdftk 8 | - texlive-extra-utils 9 | state: present 10 | 11 | - name: Checkout a5a4 12 | git: 13 | repo: https://github.com/Zverik/a5a4.git 14 | dest: /opt/src/a5a4 15 | notify: touch a5a4 16 | 17 | - name: Upload a5a4 config 18 | template: 19 | src: a5a4_config.j2 20 | dest: /opt/src/a5a4/config_local.py 21 | 22 | - name: Create virtualenv for a5a4 23 | pip: 24 | requirements: /opt/src/a5a4/requirements.txt 25 | virtualenv: /opt/src/a5a4/venv 26 | 27 | - name: Create /var/lib/a5a4 28 | become: yes 29 | file: 30 | path: /var/lib/a5a4 31 | state: directory 32 | owner: www-data 33 | 34 | - name: Set up mod_wsgi for a5a4 35 | become: yes 36 | blockinfile: 37 | path: /etc/apache2/sites-available/get_veloroad.conf 38 | create: yes 39 | marker: '# {mark} a5a4' 40 | block: | 41 | WSGIScriptAlias /a5a4 /opt/src/a5a4/a5a4.wsgi 42 | 43 | Require all granted 44 | 45 | notify: reload apache 46 | -------------------------------------------------------------------------------- /roles/get_veloroad/files/findbuildings.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # Script for converting coordinates to enclosing buildings, for visgeocode.html 3 | import sys, os, cgi, json 4 | import psycopg2 5 | 6 | conn = psycopg2.connect('dbname=gis user=osm') 7 | cur = conn.cursor() 8 | 9 | form = cgi.FieldStorage() 10 | if 'json' in form and len(form.getfirst('json')): 11 | data = json.loads(form.getfirst('json')) 12 | else: 13 | data = [] 14 | 15 | ids = set() 16 | if data and len(data) > 0: 17 | for f in data: 18 | if 'lat' in f and 'lon' in f: 19 | cur.execute('SELECT osm_id, ST_AsGeoJSON(ST_Transform(way, 4326)), ST_Area(way) as area FROM planet_osm_polygon WHERE building is not null AND ST_Contains(way, ST_Transform(ST_SetSRID(ST_Point(%s, %s), 4326), 900913)) ORDER BY area LIMIT 1', (f['lon'], f['lat'])) 20 | result = cur.fetchone() 21 | if result and not result[0] in ids: 22 | ids.add(result[0]) 23 | f['geometry'] = json.loads(result[1]) 24 | 25 | cur.close() 26 | conn.close() 27 | 28 | print 'Content-Type: application/json' 29 | print 'Access-Control-Allow-Origin: *' 30 | print 31 | print json.dumps(data) 32 | -------------------------------------------------------------------------------- /roles/schedules/tasks/updater.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Upload updating script 3 | copy: 4 | src: update_schedules.sh 5 | dest: /opt/src/update_schedules.sh 6 | mode: 0755 7 | register: updater_changed 8 | tags: sotm 9 | 10 | - name: Initialize log file 11 | become: yes 12 | copy: 13 | content: "" 14 | dest: /var/log/sotm_schedules.log 15 | force: no 16 | owner: zverik 17 | mode: 0644 18 | 19 | - name: Create schedules data directory 20 | file: 21 | path: /opt/src/sotm_schedules 22 | state: directory 23 | 24 | - name: Upload data files for the schedules 25 | copy: 26 | src: "{{ item }}" 27 | dest: /opt/src/sotm_schedules 28 | with_fileglob: 29 | - "*.ini" 30 | tags: sotm 31 | 32 | - name: Set up crontab for the updated 33 | cron: 34 | name: sotm_schedules 35 | minute: "5" 36 | hour: "*" 37 | job: /opt/src/update_schedules.sh 2> /var/log/sotm_schedules.log 38 | tags: sotm 39 | 40 | - name: Update schedules 41 | when: git_updated.changed or updater_changed.changed 42 | command: /bin/bash /opt/src/update_schedules.sh 43 | 44 | - name: Update schedules unconditionally 45 | command: /bin/bash /opt/src/update_schedules.sh 46 | tags: [never, sotm] 47 | -------------------------------------------------------------------------------- /roles/tile_server/files/site.conf: -------------------------------------------------------------------------------- 1 | 2 | ServerName tile.osmz.ru 3 | DocumentRoot /var/www/html 4 | 5 | LoadTileConfigFile /etc/renderd.conf 6 | ModTileRenderdSocketName /var/run/renderd/renderd.sock 7 | # Timeout before giving up for a tile to be rendered 8 | ModTileRequestTimeout 0 9 | # Timeout before giving up for a tile to be rendered that is otherwise missing 10 | ModTileMissingRequestTimeout 30 11 | 12 | ErrorLog ${APACHE_LOG_DIR}/error.log 13 | CustomLog ${APACHE_LOG_DIR}/access.log combined 14 | 15 | 16 | 17 | ServerName tile.osmz.ru 18 | DocumentRoot /var/www/html 19 | 20 | SSLEngine on 21 | SSLCertificateFile "/etc/letsencrypt/certs/fullchain_tile.osmz.ru.crt" 22 | SSLCertificateKeyFile "/etc/letsencrypt/keys/tile.osmz.ru.key" 23 | 24 | LoadTileConfigFile /etc/renderd.conf 25 | ModTileRenderdSocketName /var/run/renderd/renderd.sock 26 | # Timeout before giving up for a tile to be rendered 27 | ModTileRequestTimeout 0 28 | # Timeout before giving up for a tile to be rendered that is otherwise missing 29 | ModTileMissingRequestTimeout 30 30 | 31 | ErrorLog ${APACHE_LOG_DIR}/error.log 32 | CustomLog ${APACHE_LOG_DIR}/access.log combined 33 | 34 | -------------------------------------------------------------------------------- /roles/exporters/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Open exporter ports 3 | ufw: 4 | port: "{{ item }}" 5 | proto: tcp 6 | rule: allow 7 | with_items: 8 | - 9100 9 | - 9187 10 | notify: restart ufw 11 | 12 | - name: Add postgresql superuser for the exporter 13 | become: yes 14 | become_user: postgres 15 | postgresql_user: 16 | name: "{{ postgres_exporter_username }}" 17 | password: "{{ postgres_exporter_password }}" 18 | role_attr_flags: NOSUPERUSER 19 | 20 | - name: Grant read to exporter psql user 21 | become: yes 22 | become_user: postgres 23 | postgresql_privs: 24 | role: "{{ postgres_exporter_username }}" 25 | database: postgres 26 | type: database 27 | privs: CONNECT 28 | 29 | - name: Grant pg_monitor to exporter psql user 30 | become: yes 31 | become_user: postgres 32 | postgresql_query: 33 | query: 34 | - "ALTER USER {{ postgres_exporter_username }} SET SEARCH_PATH TO {{ postgres_exporter_username }},pg_catalog;" 35 | - "grant pg_monitor to {{ postgres_exporter_username }}" 36 | db: postgres 37 | 38 | - name: Add mysql user for the exporter 39 | mysql_user: 40 | name: "{{ mysqld_exporter_username }}" 41 | password: "{{ mysqld_exporter_password }}" 42 | priv: '*.*:ALL' 43 | -------------------------------------------------------------------------------- /roles/schedules/files/update_schedules.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e -u -x 3 | 4 | WWW=/var/www/sotm 5 | HERE="$(cd "$(dirname "$0")"; pwd)" 6 | DATA="$HERE/sotm_schedules" 7 | VENV="$HERE/sc_venv" 8 | BASEURL="https://sotm.osmz.ru" 9 | 10 | mkdir -p "$DATA" 11 | # wget -q -r -O "$DATA/f2022.xml" "https://talks.osgeo.org/foss4g-2022/schedule/export/schedule.xml" 12 | # wget -q -r -O "$DATA/f2022-at.xml" "https://talks.osgeo.org/foss4g-2022-academic-track/schedule/export/schedule.xml" 13 | # wget -q -r -O "$DATA/sotm2020-add.csv" 'https://docs.google.com/spreadsheets/d/1EO3aC3vF9dvb1wopT_cUHaDXqdGIrid_Kj59PZyzR_g/export?format=csv&id=0' 14 | # sed -i -e 's/Academic Track | Track 2 - Sunday, July 5/Track 2/' "$DATA/sotm2020-at.xml" 15 | wget -q -r -O "$DATA/tartu2024.json" "https://talks.osgeo.org/foss4g-europe-2024/schedule/export/schedule.json" 16 | wget -q -r -O "$DATA/tartu2024w.json" "https://talks.osgeo.org/foss4g-europe-2024-workshops/schedule/export/schedule.json" 17 | wget -q -r -O "$DATA/tartu2024a.csv" 'https://docs.google.com/spreadsheets/d/1Jp88ifOSrYb2T93YTQt9YV0bk7MEZWO6eMtOvKKwdQ4/gviz/tq?tqx=out:csv' 18 | 19 | SC="$VENV/bin/schedule_convert" 20 | $SC $DATA/tartu2024.ini $DATA/tartu2024.json $DATA/tartu2024w.json $DATA/tartu2024a.csv -l "$WWW" "$BASEURL/tartu2024" 21 | -------------------------------------------------------------------------------- /roles/podcast_lengths/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Checkout podcasts 3 | git: 4 | repo: https://github.com/Zverik/podcast_duration.git 5 | dest: /opt/src/podcast_duration 6 | notify: touch podcasts 7 | 8 | - name: Create virtualenv for podcasts 9 | pip: 10 | name: flask 11 | virtualenv: /opt/src/podcast_duration/venv 12 | 13 | - name: Set up mod_wsgi for podcasts 14 | become: yes 15 | blockinfile: 16 | path: /etc/apache2/sites-available/get_veloroad.conf 17 | marker: '# {mark} podcasts' 18 | block: | 19 | WSGIScriptAlias /pdur /opt/src/podcast_duration/podcast_duration_web.wsgi 20 | 21 | Require all granted 22 | 23 | notify: reload apache 24 | 25 | - name: Initialize log file 26 | become: yes 27 | copy: 28 | content: "" 29 | dest: /var/log/podcast_duration.log 30 | force: no 31 | owner: zverik 32 | mode: 0644 33 | 34 | - name: Permissions for uploading the data file 35 | file: 36 | path: /opt/src/podcast_duration 37 | state: directory 38 | mode: 0777 39 | 40 | - name: Set up crontab for the updated 41 | cron: 42 | name: podcast_updater 43 | job: /opt/src/podcast_duration/poll_update.sh 2>> /var/log/podcast_duration.log 44 | -------------------------------------------------------------------------------- /roles/common/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install python for Ansible 3 | raw: test -e /usr/bin/python3 || (apt -qy update && apt install -y python3-minimal) 4 | register: output 5 | changed_when: output.stdout 6 | 7 | - name: Ensure apt cache is up to date 8 | apt: update_cache=yes cache_valid_time=3600 upgrade=dist 9 | changed_when: False 10 | 11 | - name: install setfacl support 12 | apt: name=acl 13 | 14 | - name: Create zverik user 15 | user: name=zverik shell=/bin/bash 16 | 17 | - name: Add a ssh key to zverik 18 | authorized_key: 19 | user: zverik 20 | state: present 21 | key: ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBP2SWls1C24jvQ9F3MVFQ2Lyl0zgWheBqellShhlF5d8RWP61/C8pr/ejiowEDxtTrvrd0iJum6amOvFp9I5eAXJGIoVxQiD0Y5ae+TaaVfsu/5XlwedQin31OmkdnRyrA== zverik@fedora 22 | 23 | - name: Add zverik to sudoers 24 | copy: 25 | content: "zverik ALL=(ALL) NOPASSWD:ALL" 26 | dest: /etc/sudoers.d/zverik 27 | 28 | - name: Install useful packages 29 | apt: 30 | name: 31 | - tmux 32 | - htop 33 | - jq 34 | - ncdu 35 | - vim 36 | - sqlite3 37 | state: present 38 | 39 | - name: Create /opt/src directory 40 | file: 41 | path: /opt/src 42 | state: directory 43 | owner: zverik 44 | mode: 0755 45 | -------------------------------------------------------------------------------- /playbook.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | gather_facts: no 4 | become: yes 5 | remote_user: root 6 | roles: 7 | - common 8 | 9 | - hosts: all 10 | become: yes 11 | remote_user: root 12 | roles: 13 | - geerlingguy.ntp 14 | - { role: geerlingguy.mysql, tags: mysql } 15 | - apache 16 | - firewall 17 | - postgis 18 | - python3 19 | - { role: backup, tags: backup } 20 | - { role: robertdebock.logrotate, tags: logrotate } 21 | 22 | - hosts: all 23 | become: yes 24 | roles: 25 | - exporters 26 | - prometheus.prometheus.node_exporter 27 | - prometheus.prometheus.postgres_exporter 28 | - prometheus.prometheus.mysqld_exporter 29 | tags: [exporters] 30 | 31 | - hosts: all 32 | remote_user: zverik 33 | roles: 34 | - { role: tile_server, tags: tiles } 35 | - { role: osm2008, tags: osm2008 } 36 | - { role: get_veloroad, tags: get_veloroad } 37 | - { role: a5a4, tags: a5a4 } 38 | - { role: stats, tags: stats } 39 | - { role: hitrye, tags: hitrye } 40 | - { role: matomo, tags: matomo } 41 | - { role: hitrye_archive, tags: hitrye_archive } 42 | - { role: mayak_nav_bot, tags: mayak_nav_bot } 43 | - { role: mark_spam_bot, tags: mark_spam_bot } 44 | - { role: teleput, tags: teleput } 45 | - { role: geoscribble, tags: geoscribble } 46 | - { role: edpr, tags: edpr } 47 | -------------------------------------------------------------------------------- /roles/hitrye_archive/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create hitrye archive directory 3 | become: yes 4 | file: 5 | path: /var/www/hitrye_archive 6 | state: directory 7 | owner: zverik 8 | 9 | - name: Add hitrye archive to backup 10 | become: yes 11 | cron: 12 | name: backup hitrye archive 13 | minute: 0 14 | hour: 4 15 | job: /root/make_backup HArchive /var/www/hitrye_archive 16 | 17 | - name: Restore hitrye archive 18 | become: yes 19 | when: "'restore' in ansible_run_tags" 20 | command: 21 | argv: 22 | - /root/extract_backup 23 | - HArchive_ 24 | - '*' 25 | chdir: / 26 | 27 | - name: Check that certificates exist 28 | stat: 29 | path: /etc/letsencrypt/certs/fullchain_archive.hitrye.ru.crt 30 | register: ah_cert_file 31 | 32 | - name: Upload apache config 33 | become: yes 34 | template: 35 | src: hitrye_archive.conf 36 | dest: /etc/apache2/sites-available 37 | notify: reload apache 38 | 39 | - name: Create apache log dir 40 | become: yes 41 | file: 42 | path: /var/log/apache2/hitrye 43 | state: directory 44 | owner: www-data 45 | mode: 0755 46 | 47 | - name: Symlink apache config 48 | become: yes 49 | file: 50 | src: /etc/apache2/sites-available/hitrye_archive.conf 51 | dest: /etc/apache2/sites-enabled/hitrye_archive.conf 52 | state: link 53 | notify: reload apache 54 | -------------------------------------------------------------------------------- /roles/stats/tasks/munin.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install munin packages 3 | become: yes 4 | apt: 5 | name: 6 | - munin 7 | - munin-node 8 | - munin-plugins-extra 9 | - libdbd-pg-perl 10 | state: present 11 | 12 | - name: Allow outside access to munin 13 | become: yes 14 | replace: 15 | path: /etc/munin/apache24.conf 16 | regexp: '^(\s*)Require local.*$' 17 | replace: '\1Require all granted' 18 | notify: reload apache 19 | 20 | - name: Find mod_tile plugins 21 | find: 22 | path: /opt/src/mod_tile/munin 23 | register: mt_munin 24 | 25 | - name: Add mod_tile plugins to munin 26 | become: yes 27 | file: 28 | path: /etc/munin/plugins/{{ item.path | basename }} 29 | src: "{{ item.path }}" 30 | state: link 31 | with_items: 32 | - "{{ mt_munin.files }}" 33 | 34 | - name: Upload our munin plugins 35 | copy: 36 | src: "{{ item }}" 37 | dest: /opt/src/ 38 | mode: 0755 39 | with_items: 40 | - du_layer 41 | - du_zoom 42 | 43 | - name: Add our own munin plugins 44 | become: yes 45 | file: 46 | path: /etc/munin/plugins/{{ item }} 47 | src: /opt/src/{{ item }} 48 | state: link 49 | with_items: 50 | - du_layer 51 | - du_zoom 52 | 53 | - name: Reload munin plugins 54 | become: yes 55 | # TODO: get rid of shell 56 | shell: munin-node-configure --sh | sh 57 | notify: restart munin 58 | -------------------------------------------------------------------------------- /roles/tile_server/tasks/replication.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install packages for trim_osc 3 | become: yes 4 | apt: 5 | name: 6 | - python3-shapely 7 | - python3-lxml 8 | state: present 9 | 10 | - name: Get trim_osc 11 | git: 12 | repo: https://github.com/Zverik/regional.git 13 | dest: /opt/src/regional 14 | 15 | - name: Upload update script 16 | copy: 17 | src: openstreetmap-tiles-update-expire 18 | dest: /opt/src/openstreetmap-tiles-update-expire 19 | mode: 0755 20 | 21 | - name: Create tiles log dir 22 | become: yes 23 | file: 24 | path: /var/log/tiles 25 | state: directory 26 | owner: "{{ render_user }}" 27 | 28 | - name: Initialize osmosis state 29 | become: yes 30 | become_user: "{{ render_user }}" 31 | command: /opt/src/openstreetmap-tiles-update-expire 2018-04-01 32 | args: 33 | chdir: /opt/src 34 | creates: /var/lib/mod_tile/.osmosis/state.txt 35 | 36 | - name: Replace replication configuration 37 | become: yes 38 | become_user: "{{ render_user }}" 39 | copy: 40 | src: configuration.txt 41 | dest: /var/lib/mod_tile/.osmosis/configuration.txt 42 | force: no 43 | 44 | - name: Add replication to crontab 45 | when: false 46 | become: yes 47 | become_user: "{{ render_user }}" 48 | cron: 49 | name: replication 50 | job: /opt/src/openstreetmap-tiles-update-expire 51 | minute: '*/5' 52 | state: present 53 | -------------------------------------------------------------------------------- /roles/rails_port/tasks/db_post.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Compile db function 3 | command: make libpgosm.so 4 | args: 5 | chdir: /opt/src/openstreetmap-website/db/functions 6 | creates: libpgosm.so 7 | 8 | - name: Check that db functions are not installed 9 | command: psql -A -t -U rails -d openstreetmap -c "SELECT 'xid_to_int4'::regproc" 10 | register: func 11 | changed_when: False 12 | failed_when: False 13 | 14 | - name: Install db functions 15 | when: func.stderr 16 | become: yes 17 | become_user: postgres 18 | command: psql -d openstreetmap -c "CREATE FUNCTION {{ item.name }}({{ item.args }}) RETURNS {{ item.ret }} AS '/opt/src/openstreetmap-website/db/functions/libpgosm', '{{ item.name }}' LANGUAGE C STRICT" 19 | with_items: 20 | - {name: maptile_for_point, args: 'int8, int8, int4', ret: int4} 21 | - {name: tile_for_point, args: 'int4, int4', ret: in8} 22 | - {name: xid_to_int4, args: 'xid', ret: int4} 23 | 24 | - name: Migrate db 25 | command: bundle exec rake db:migrate 26 | args: 27 | chdir: /opt/src/openstreetmap-website 28 | 29 | - name: Check that structure.sql needs reverting 30 | command: git status -s db/structure.sql 31 | args: 32 | chdir: /opt/src/openstreetmap-website 33 | changed_when: False 34 | register: structure 35 | 36 | - name: Revert db/structure.sql if needed 37 | when: structure.stdout 38 | command: git checkout -- db/structure.sql 39 | args: 40 | chdir: /opt/src/openstreetmap-website 41 | -------------------------------------------------------------------------------- /roles/tile_server/tasks/veloroad.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Download veloroad style 3 | git: 4 | repo: https://github.com/Zverik/veloroad.git 5 | dest: /opt/styles/veloroad 6 | 7 | - name: Download shapefiles 8 | command: ./get-shapefiles.sh 9 | args: 10 | chdir: /opt/styles/veloroad 11 | creates: /opt/styles/veloroad/data/ptsans/DroidSansFallback.ttf 12 | 13 | - name: Find temporary archives 14 | find: 15 | path: /opt/styles/veloroad/data 16 | patterns: '*.zip,*.xz' 17 | register: zips 18 | 19 | - name: Delete temporary archives 20 | file: 21 | path: "{{ item.path }}" 22 | state: absent 23 | with_items: 24 | - "{{ zips.files }}" 25 | 26 | - name: Create xml for veloroad 27 | command: carto -a 3.0.9 -q project.mml -f veloroad.xml 28 | args: 29 | chdir: /opt/styles/veloroad 30 | creates: /opt/styles/veloroad/veloroad.xml 31 | 32 | - name: Add renderd section for veloroad 33 | become: yes 34 | blockinfile: 35 | path: /etc/renderd.conf 36 | insertafter: EOF 37 | marker: '# {mark} veloroad' 38 | block: | 39 | [veloroad] 40 | URI=/veloroad/ 41 | TILEDIR=/var/lib/mod_tile 42 | XML=/opt/styles/veloroad/veloroad.xml 43 | HOST={{ render_host }} 44 | TILESIZE=256 45 | MINZOOM=6 46 | MAXZOOM=15 47 | 48 | [veloroadhr] 49 | URI=/veloroadhr/ 50 | TILEDIR=/var/lib/mod_tile 51 | XML=/opt/styles/veloroad/veloroad.xml 52 | HOST={{ render_host }} 53 | TILESIZE=512 54 | SCALE=2 55 | MINZOOM=6 56 | MAXZOOM=15 57 | -------------------------------------------------------------------------------- /roles/matomo/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install PHP packages 3 | become: yes 4 | apt: 5 | name: 6 | - php7.4-curl 7 | - php7.4-gd 8 | - php7.4-cli 9 | - php7.4-mysql 10 | - php7.4-xml 11 | - php7.4-mbstring 12 | state: present 13 | 14 | - name: Set up Matomo database 15 | mysql_db: 16 | name: "{{ matomo_mysql_database }}" 17 | 18 | - name: Add Matomo MySQL user 19 | mysql_user: 20 | name: "{{ matomo_mysql_user }}" 21 | password: "{{ matomo_mysql_password }}" 22 | priv: "*.*:FILE/{{ matomo_mysql_database}}.*:ALL" 23 | 24 | - name: Create target dir 25 | become: yes 26 | file: 27 | path: "{{ matomo_path }}" 28 | state: directory 29 | owner: zverik 30 | group: zverik 31 | 32 | - name: Check that Matomo is installed 33 | stat: 34 | path: "{{ matomo_path }}/matomo/matomo.php" 35 | register: matomo_file 36 | 37 | - name: Download Matomo 38 | when: not matomo_file.stat.exists 39 | get_url: 40 | url: "https://builds.matomo.org/matomo.zip" 41 | dest: /var/tmp/matomo.zip 42 | 43 | - name: Unpack Matomo 44 | when: not matomo_file.stat.exists 45 | unarchive: 46 | remote_src: yes 47 | src: /var/tmp/matomo.zip 48 | dest: "{{ matomo_path }}" 49 | 50 | - name: Set owner to matomo 51 | become: yes 52 | file: 53 | path: "{{ matomo_path }}" 54 | state: directory 55 | owner: "{{ matomo_user }}" 56 | group: "{{ matomo_user }}" 57 | recurse: true 58 | 59 | - name: Upload the config 60 | become: yes 61 | template: 62 | src: config.js 63 | dest: "{{ matomo_path }}/config/config.ini.php" 64 | owner: "{{ matomo_user }}" 65 | group: "{{ matomo_user }}" 66 | 67 | - name: Install the domain 68 | become: yes 69 | import_tasks: apache.yml 70 | -------------------------------------------------------------------------------- /roles/tile_server/tasks/create_gis_db.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create render user 3 | become: yes 4 | user: 5 | name: "{{ render_user }}" 6 | password: '!' 7 | state: present 8 | 9 | - name: Create {{ gisdb }} database 10 | become: yes 11 | become_user: postgres 12 | postgresql_db: 13 | name: "{{ gisdb }}" 14 | encoding: UTF-8 15 | owner: "{{ render_user }}" 16 | 17 | - name: Add extensions to the new database {{ gisdb }} 18 | become: yes 19 | become_user: postgres 20 | postgresql_ext: db={{ gisdb }} name={{ item }} 21 | with_items: 22 | - postgis 23 | - hstore 24 | 25 | - name: Check owner of the {{ gisdb }} spatial tables 26 | become: yes 27 | become_user: postgres 28 | command: psql -A -t -d {{ gisdb }} -c "SELECT tableowner FROM pg_tables WHERE schemaname = 'public' AND tablename = 'spatial_ref_sys'" 29 | register: dbowner 30 | changed_when: False 31 | 32 | - name: Grant permissions on postgis tables to render_user 33 | become: yes 34 | become_user: postgres 35 | when: dbowner.stdout.strip() != render_user 36 | command: psql -d {{ gisdb }} -c "ALTER TABLE {{ item }} OWNER TO {{ render_user }}" 37 | with_items: 38 | - geometry_columns 39 | - spatial_ref_sys 40 | 41 | - name: Grant read permissions on {{ gisdb }} to zverik 42 | become: yes 43 | become_user: postgres 44 | postgresql_privs: 45 | database: "{{ gisdb }}" 46 | role: zverik 47 | type: database 48 | privs: ALL 49 | 50 | - name: Grant www-data user access to postgresql/osm 51 | become: yes 52 | lineinfile: 53 | path: "/etc/postgresql/{{ postgresql_version }}/main/pg_hba.conf" 54 | insertafter: '# TYPE\s*DATABASE' 55 | regexp: '^local gis' 56 | line: local {{ gisdb }} {{ render_user }} trust 57 | notify: restart postgresql 58 | -------------------------------------------------------------------------------- /roles/osm2008/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install osm-carto v4 style 3 | import_tasks: osm_carto.yml 4 | vars: 5 | branch: master 6 | dir: osm-carto-4 7 | 8 | - name: Check that the old table exists 9 | become: yes 10 | become_user: "{{ render_user }}" 11 | command: psql -A -t -d {{ gisdb }} -c "SELECT tablename FROM pg_tables WHERE schemaname = 'public' AND tablename = 'old_polygon'" 12 | register: has_2008 13 | changed_when: False 14 | 15 | - name: Download old data 16 | when: not has_2008.stdout 17 | get_url: 18 | url: https://zverik.dev.openstreetmap.org/planet-080102.osm.pbf 19 | dest: /var/tmp/planet-2008.osm.pbf 20 | checksum: md5:04d9f31bf75e37017d2ce50508a0e567 21 | 22 | - name: Run osm2pgsql on old data 23 | when: not has_2008.stdout 24 | become_user: "{{ render_user }}" 25 | become: yes 26 | command: osm2pgsql -C {{ ansible_memtotal_mb - 100 }} --slim --drop --hstore -G --prefix old -S /opt/styles/osm-carto-4/openstreetmap-carto.style --tag-transform-script /opt/styles/osm-carto-4/openstreetmap-carto.lua -d {{ gisdb }} --number-processes {{ ansible_processor_cores}} /var/tmp/planet-2008.osm.pbf 27 | async: 7200 28 | poll: 0 29 | register: osm2pgsql_job 30 | environment: 31 | ANSIBLE_ASYNC_DIR: /tmp/ansible_async 32 | 33 | - name: Wait for osm2pgsql to finish 34 | when: not has_2008.stdout 35 | become_user: "{{ render_user }}" 36 | become: yes 37 | async_status: 38 | jid: "{{ osm2pgsql_job.ansible_job_id }}" 39 | register: osm2pgsql_status 40 | until: osm2pgsql_status.finished 41 | retries: 120 42 | delay: 60 43 | environment: 44 | ANSIBLE_ASYNC_DIR: /tmp/ansible_async 45 | 46 | - name: Remove old osm pbf 47 | when: not has_2008.stdout 48 | file: 49 | path: /var/tmp/planet-2008.osm.pbf 50 | state: absent 51 | -------------------------------------------------------------------------------- /roles/tile_server/tasks/mod_tile.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install packages for mod_tile 3 | become: yes 4 | apt: 5 | name: 6 | - apache2-dev 7 | - git 8 | - autoconf 9 | - automake 10 | - m4 11 | - libtool 12 | - libmapnik-dev 13 | - libapache2-mod-tile 14 | state: present 15 | 16 | - name: Create mod_tile dirs 17 | become: yes 18 | file: 19 | path: "{{ item }}" 20 | owner: "{{ render_user }}" 21 | state: directory 22 | with_items: 23 | - /var/lib/mod_tile 24 | - /var/run/renderd 25 | 26 | - name: Copy empty renderd.conf 27 | become: yes 28 | copy: 29 | src: renderd.conf 30 | dest: /etc/renderd.conf 31 | force: no 32 | 33 | - name: Copy apache module config 34 | become: yes 35 | copy: 36 | src: mod_tile.conf 37 | dest: /etc/apache2/conf-available/mod_tile.conf 38 | 39 | - name: Enable mod_tile apache module 40 | become: yes 41 | command: a2enconf mod_tile 42 | register: output 43 | changed_when: "'Enabling conf mod_tile' in output.stdout" 44 | notify: restart apache 45 | 46 | - name: Add renderd section to apache 47 | become: yes 48 | copy: 49 | src: site.conf 50 | dest: /etc/apache2/sites-available/renderd.conf 51 | notify: restart apache 52 | 53 | - name: Enable the renderd site 54 | become: yes 55 | command: a2ensite renderd 56 | notify: restart apache 57 | 58 | - name: Disable the default site 59 | become: yes 60 | command: a2dissite 000-default 61 | notify: restart apache 62 | 63 | - name: Edit renderd service to replace the user account 64 | become: yes 65 | lineinfile: 66 | path: /lib/systemd/system/renderd.service 67 | regexp: '^User=' 68 | line: User={{ render_user }} 69 | 70 | - name: Enable renderd systemd module 71 | become: yes 72 | systemd: name=renderd enabled=yes 73 | -------------------------------------------------------------------------------- /roles/teleput/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check out teleput code 3 | git: 4 | repo: https://github.com/Zverik/teleput-server.git 5 | dest: /opt/src/teleput 6 | notify: restart teleput 7 | tags: update-teleput 8 | 9 | - name: Create virtualenv for teleput 10 | pip: 11 | requirements: /opt/src/teleput/requirements.txt 12 | virtualenv: /opt/src/teleput/venv 13 | tags: update-teleput 14 | 15 | - name: Upload teleput config 16 | template: 17 | src: config_local.j2 18 | dest: /opt/src/teleput/config_local.py 19 | notify: restart teleput 20 | tags: update-teleput 21 | 22 | - name: Create teleput systemd service 23 | become: yes 24 | copy: 25 | src: teleput.service 26 | dest: /etc/systemd/system/ 27 | notify: restart teleput 28 | 29 | - name: Enable teleput systemd module 30 | become: yes 31 | systemd: 32 | name: teleput 33 | enabled: yes 34 | 35 | - name: Ensure http_proxy is enabled 36 | become: yes 37 | apache2_module: 38 | name: proxy_http 39 | state: present 40 | 41 | - name: Check that certificates exist 42 | stat: 43 | path: /etc/letsencrypt/certs/fullchain_teleput.textual.ru.crt 44 | register: cert_file 45 | 46 | - name: Upload teleput apache config 47 | when: cert_file.stat.exists 48 | become: yes 49 | template: 50 | src: teleput.conf 51 | dest: /etc/apache2/sites-available/teleput.conf 52 | notify: reload apache 53 | 54 | - name: Create teleput document root 55 | become: yes 56 | file: 57 | path: /var/www/teleput 58 | state: directory 59 | owner: zverik 60 | 61 | - name: Enable teleput config if not yet 62 | become: yes 63 | file: 64 | src: /etc/apache2/sites-available/teleput.conf 65 | path: /etc/apache2/sites-enabled/teleput.conf 66 | state: link 67 | notify: reload apache 68 | 69 | - name: Set up backups 70 | become: yes 71 | import_tasks: backup.yml 72 | -------------------------------------------------------------------------------- /roles/rails_port/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install all required packages 3 | become: yes 4 | apt: 5 | name: 6 | - ruby2.3 7 | - libruby2.3 8 | - ruby2.3-dev 9 | - imagemagick 10 | - libmagickwand-dev 11 | - libxml2-dev 12 | - libxslt1-dev 13 | - libapache2-mod-passenger 14 | - postgresql-server-dev-all 15 | state: present 16 | 17 | #- name: Install bundler - does not work! 18 | # become: yes 19 | # gem: 20 | # name: bundler 21 | # state: present 22 | # user_install: no 23 | 24 | - name: Check that bundler is not installed 25 | command: which bundle 26 | register: bundle 27 | changed_when: False 28 | ignore_errors: yes 29 | 30 | - name: Install bundler 31 | when: bundle.failed 32 | become: yes 33 | command: gem2.3 install bundler 34 | 35 | - name: Clone osm-website 36 | git: 37 | repo: https://github.com/zverik/openstreetmap-website.git 38 | version: mapsme 39 | dest: /opt/src/openstreetmap-website 40 | 41 | - name: Install gems 42 | bundler: 43 | chdir: /opt/src/openstreetmap-website 44 | state: present 45 | deployment_mode: yes 46 | 47 | - name: Copy application config 48 | template: 49 | src: application.yml.j2 50 | dest: /opt/src/openstreetmap-website/config/application.yml 51 | 52 | - name: Copy database config 53 | copy: 54 | src: database.yml 55 | dest: /opt/src/openstreetmap-website/config/database.yml 56 | 57 | - name: Create db 58 | become: yes 59 | become_user: postgres 60 | import_tasks: db.yml 61 | 62 | - name: Create tables and functions 63 | import_tasks: db_post.yml 64 | 65 | - name: Precompile assets 66 | shell: RAILS_ENV=production bundle exec rake assets:precompile 67 | args: 68 | chdir: /opt/src/openstreetmap-website 69 | creates: /opt/src/openstreetmap-website/public/assets/images 70 | notify: restart apache 71 | 72 | - name: Publish website 73 | become: yes 74 | import_tasks: passenger.yml 75 | -------------------------------------------------------------------------------- /roles/get_veloroad/tasks/nik4.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Checkout nik4 apps 3 | git: 4 | repo: https://github.com/Zverik/{{ item }}.git 5 | dest: /opt/src/{{ item }} 6 | with_items: 7 | - nik4wsgi 8 | - Nik4 9 | notify: touch nik4 10 | tags: nik4 11 | 12 | - name: Upload nik4wsgi config 13 | copy: 14 | src: nik4wsgi_config.py 15 | dest: /opt/src/nik4wsgi/config_local.py 16 | notify: touch nik4 17 | 18 | - name: Create virtualenv for nik4wsgi 19 | pip: 20 | requirements: /opt/src/nik4wsgi/requirements.txt 21 | virtualenv: /opt/src/nik4wsgi/venv 22 | 23 | - name: Set up mod_wsgi for nik4wsgi 24 | become: yes 25 | blockinfile: 26 | path: /etc/apache2/sites-available/get_veloroad.conf 27 | create: yes 28 | marker: '# {mark} nik4wsgi' 29 | block: | 30 | WSGIScriptAlias /get /opt/src/nik4wsgi/nik4.wsgi 31 | 32 | Require all granted 33 | 34 | notify: reload apache 35 | 36 | - name: Enable get_veloroad config if not yet 37 | become: yes 38 | file: 39 | src: /etc/apache2/sites-available/get_veloroad.conf 40 | path: /etc/apache2/sites-enabled/get_veloroad.conf 41 | state: link 42 | notify: reload apache 43 | 44 | - name: Prepare veloroad style for get_veloroad 45 | command: /opt/src/nik4wsgi/prepare_style/prepare_style.py /opt/styles/veloroad/veloroad.xml /opt/styles/veloroad/veloroad-r.xml 46 | args: 47 | creates: /opt/styles/veloroad/veloroad-r.xml 48 | 49 | - name: Make native language version of the veloroad style for get_veloroad 50 | shell: sed -e 's/"name:ru"/name/g' /opt/styles/veloroad/veloroad-r.xml > /opt/styles/veloroad/veloroad-en.xml 51 | args: 52 | creates: /opt/styles/veloroad/veloroad-en.xml 53 | 54 | - name: Prepare osm-carto style for get_veloroad 55 | command: /opt/src/nik4wsgi/prepare_style/prepare_style.py /opt/styles/osm-carto/osm.xml /opt/styles/osm-carto/osm-r.xml 56 | args: 57 | creates: /opt/styles/osm-carto/osm-r.xml 58 | -------------------------------------------------------------------------------- /roles/stats/files/du_zoom: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Plugin to monitor the rendering throughput of Renderd 4 | # 5 | # Parameters: 6 | # 7 | # config (required) 8 | # autoconf (optional - used by munin-config) 9 | # 10 | 11 | if [ "$1" = "config" ]; then 12 | 13 | echo 'graph_title Tile disk usage by zoom' 14 | echo 'graph_args --base 1024 -l 0' 15 | echo 'graph_vlabel Tile disk usage' 16 | echo 'graph_category renderd' 17 | echo 'z1.label zoom 6-8' 18 | echo 'z1.draw AREASTACK' 19 | echo 'z1.info Disk usage for z6-z8' 20 | echo 'z2.label zoom 9' 21 | echo 'z2.draw AREASTACK' 22 | echo 'z2.info Disk usage for z9' 23 | echo 'z3.label zoom 10' 24 | echo 'z3.draw AREASTACK' 25 | echo 'z3.info Disk usage for z10' 26 | echo 'z4.label zoom 11' 27 | echo 'z4.draw AREASTACK' 28 | echo 'z4.info Disk usage for z11' 29 | echo 'z5.label zoom 12' 30 | echo 'z5.draw AREASTACK' 31 | echo 'z5.info Disk usage for z12' 32 | echo 'z6.label zoom 13-15' 33 | echo 'z6.draw AREASTACK' 34 | echo 'z6.info Disk usage for z13-15' 35 | 36 | exit 0 37 | fi 38 | 39 | du --max-depth 1 /var/lib/mod_tile/veloroad > /tmp/du-veloroad.txt 40 | zoom6=`(grep \/6 /tmp/du-veloroad.txt || echo 0) | cut -f1` 41 | zoom7=`(grep \/7 /tmp/du-veloroad.txt || echo 0) | cut -f1` 42 | zoom8=`(grep \/8 /tmp/du-veloroad.txt || echo 0) | cut -f1` 43 | zoom9=`(grep \/9 /tmp/du-veloroad.txt || echo 0) | cut -f1` 44 | zoom10=`(grep \/10 /tmp/du-veloroad.txt || echo 0) | cut -f1` 45 | zoom11=`(grep \/11 /tmp/du-veloroad.txt || echo 0) | cut -f1` 46 | zoom12=`(grep \/12 /tmp/du-veloroad.txt || echo 0) | cut -f1` 47 | zoom13=`(grep \/13 /tmp/du-veloroad.txt || echo 0) | cut -f1` 48 | zoom14=`(grep \/14 /tmp/du-veloroad.txt || echo 0) | cut -f1` 49 | zoom15=`(grep \/15 /tmp/du-veloroad.txt || echo 0) | cut -f1` 50 | rm /tmp/du-veloroad.txt 51 | 52 | echo "z1.value" `expr $zoom6 + $zoom7 + $zoom8` 53 | echo "z2.value $zoom9" 54 | echo "z3.value $zoom10" 55 | echo "z4.value $zoom11" 56 | echo "z5.value $zoom12" 57 | echo "z6.value" `expr $zoom13 + $zoom14 + $zoom15` 58 | -------------------------------------------------------------------------------- /roles/tile_server/files/lonelyplaces.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 5 | ]> 6 | 7 | 8 | 18 | 19 | s62 20 | 21 | 22 | ( 23 | select p.name,p.place,ST_Buffer(p.way,&distance;) as way 24 | from (select way,name,place from planet_osm_point where way && st_expand(!bbox!,&distance;) and place in ('hamlet', 'village', 'town', 'suburb', 'allotments')) p 25 | LEFT OUTER JOIN planet_osm_line l on ((l.highway in ('residential', 'unclassified', 'tertiary', 'secondary', 'primary', 'trunk') or l.railway in ('rail', 'narrow_gauge')) and ST_DWithin(p.way,l.way,&distance;)) 26 | where l.highway is NULL and l.railway is NULL 27 | ) as text 28 | 29 | 900913 30 | way 31 | planet_osm_point 32 | postgis 33 | 34 | 35 | -20037508,-19929239,20037508,19929239 36 | 37 | 38 | 39 | 40 | -------------------------------------------------------------------------------- /roles/mayak_nav_bot/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check out na_rayone code 3 | git: 4 | repo: https://github.com/Zverik/bot_na_rayone.git 5 | dest: /opt/src/mayak_nav 6 | notify: restart mayak_nav 7 | tags: [mayak_nav, mayak_update] 8 | 9 | - name: Create virtualenv for na_rayone 10 | pip: 11 | requirements: /opt/src/mayak_nav/requirements.txt 12 | virtualenv: /opt/src/mayak_nav/venv 13 | tags: mayak_nav 14 | 15 | - name: Make log directory 16 | become: yes 17 | file: 18 | path: /var/log/mayak_nav_bot 19 | state: directory 20 | owner: zverik 21 | group: zverik 22 | tags: mayak_nav 23 | 24 | - name: Make config directory 25 | file: 26 | path: /opt/src/mayak_nav/config 27 | state: directory 28 | tags: mayak_nav 29 | 30 | - name: Upload mayak_nav config 31 | template: 32 | src: config.yml 33 | dest: /opt/src/mayak_nav/config/config.yml 34 | notify: restart mayak_nav 35 | tags: [mayak_nav, mayak_update] 36 | 37 | - name: Upload responses yml 38 | copy: 39 | src: responses.yml 40 | dest: /opt/src/mayak_nav/config/responses.yml 41 | notify: restart mayak_nav 42 | tags: [mayak_nav, mayak_update] 43 | 44 | - name: Decrypt addr yml 45 | copy: 46 | src: addr.yml 47 | dest: /opt/src/mayak_nav/config/addr.yml 48 | notify: restart mayak_nav 49 | tags: [mayak_nav, mayak_update] 50 | 51 | - name: Create empty photo directory 52 | file: 53 | path: /opt/src/mayak_nav/config/photo 54 | state: directory 55 | tags: mayak_nav 56 | 57 | - name: Upload tiles 58 | unarchive: 59 | src: tiles.tar 60 | dest: /opt/src/mayak_nav/config 61 | owner: zverik 62 | group: zverik 63 | tags: mayak_nav 64 | 65 | - name: Create systemd service 66 | become: yes 67 | copy: 68 | src: mayak_nav_bot.service 69 | dest: /etc/systemd/system/ 70 | notify: restart mayak_nav 71 | tags: mayak_nav 72 | 73 | - name: Enable mayak systemd module 74 | become: yes 75 | systemd: 76 | name: mayak_nav_bot 77 | enabled: yes 78 | tags: mayak_nav 79 | 80 | - name: Set up backups 81 | become: yes 82 | import_tasks: backup.yml 83 | -------------------------------------------------------------------------------- /roles/get_veloroad/files/expandjson.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | import sys, os, cgi, json 3 | import psycopg2 4 | import cgitb 5 | 6 | 7 | def query_geometry(osm_type, osm_id, coord, by_coord=False): 8 | if (not by_coord or not coord) and osm_id and (osm_type == 'way' or osm_type == 'relation'): 9 | # query db for an enclosing object for way/rel 10 | cur.execute('SELECT ST_AsGeoJSON(ST_Transform(way, 4326)) FROM planet_osm_polygon WHERE osm_id = %s', (osm_id if osm_type == 'way' else '-{}'.format(osm_id),)) 11 | result = cur.fetchone() 12 | return json.loads(result[0]) if result else None 13 | elif len(coord) >= 2: 14 | # query by smallest building enclosing coord 15 | cur.execute('SELECT ST_AsGeoJSON(ST_Transform(way, 4326)), ST_Area(way) as area FROM planet_osm_polygon WHERE ST_Transform(ST_SetSRID(ST_Point(%s, %s), 4326), 900913) && way ORDER BY area', (coord[0], coord[1])) 16 | result = cur.fetchone() 17 | return json.loads(result[0]) if result else None 18 | 19 | 20 | cgitb.enable() 21 | 22 | conn = psycopg2.connect('dbname=gis user=osm') 23 | cur = conn.cursor() 24 | 25 | form = cgi.FieldStorage() 26 | if 'jsont' in form and len(form.getfirst('jsont')): 27 | data = json.loads(form.getfirst('jsont')) 28 | elif 'json' in form and form['json'].file: 29 | data = json.load(form['json'].file) 30 | else: 31 | sys.exit(1) 32 | 33 | by_coord = form.getfirst('bycoord') == '1' 34 | 35 | if 'type' in data and data['type'] == 'FeatureCollection': 36 | for f in data['features']: 37 | osm_type = None 38 | osm_id = None 39 | coord = None 40 | if 'osm_type' in f['properties'] and 'osm_id' in f['properties']: 41 | osm_type = f['properties']['osm_type'] 42 | osm_id = f['properties']['osm_id'] 43 | if f['geometry']['type'] == 'Point': 44 | coord = f['geometry']['coordinates'] 45 | geom = query_geometry(osm_type, osm_id, coord, by_coord) 46 | if geom: 47 | f['geometry'] = geom 48 | 49 | cur.close() 50 | conn.close() 51 | 52 | print 'Content-Type: application/json\n' 53 | print json.dumps(data) 54 | -------------------------------------------------------------------------------- /roles/mayak_nav_bot/files/responses.yml: -------------------------------------------------------------------------------- 1 | --- 2 | responses: 3 | - name: Карта Маяка Минска 4 | photo: map_mayak.jpg 5 | keywords: [карта, карта маяка, map] 6 | - name: Жыве Беларусь! 7 | keywords: [живе, жыве, бчб, беларусь] 8 | 9 | buttons: 10 | - [Мстиславца, Туровского, Скорины 5] 11 | - [🗺️, 🍽️, 🛒, 💊, 💐, 🐈] 12 | - [☕, 🍺, 💅, ✂️, 💳, ✉️] 13 | 14 | synonims: 15 | еда: [🍽️] 16 | карта: [🗺️] 17 | аптека: [⚕️, 💊] 18 | банк: [💳] 19 | почта: [📯, ✉️] 20 | зоо: [🐈] 21 | цветы: [💐] 22 | пиво: [🍺] 23 | продукты: [🛒] 24 | парикмахерская: [✂️] 25 | кофейня: [☕] 26 | фонтан: [⛲] 27 | вино: [🍷] 28 | маникюр: [💅] 29 | '/random': [🎲] 30 | 31 | skip: [а, и, к, в, по, из, от, во, ко, ул, улица, где, как, что, чем, чём, для, пройти, найти, находится] 32 | 33 | start: > 34 | Привет! Это навигатор по Маяку Минска. Здесь есть все заведения и подъезды нашего района. Для поиска введите ключевое слово или слова. Например, «суши» или «аптека». 35 | 36 | Заведения можно поправить, в том числе добавить новые. Также, по слову «карта» вы получите карту района, а по адресу (например, «мст 4 144») — подъезд и этаж. Отмечайте заведения звёздочками, чтобы помочь другим. И нажмите «/», чтобы посмотреть список команд. 37 | 38 | Другой похожий бот — каталог Маяка: @mayak_minska_bot. 39 | 40 | help: | 41 | Это бот для поиска заведений и квартир Маяка Минска. Он умеет находить всё — только напишите ему одно-два ключевых слова. Например, «танцы». Для удобства внизу есть кнопки с улицами и некоторыми видами заведений. Немного статистики: 42 | 43 | — В базе {entrances} подъездов в {buildings} домах. 44 | — И {pois} магазинов, заведений и огранизаций. 45 | — Люди поставили {stars} звёзд заведениям. 46 | 47 | Здесь не получится покопаться в каталоге и найти интересненькое (за этим подпишитесь на каталог Маяка @mayak_minska_bot). Но попробуйте посмотреть на несколько случайных заведений из базы: /random. И нажимайте на кнопку «Похожее» в карточках заведений: это точнее, чем вводить слова. Например, от карточки языковой школы можно найти все остальные языковые школы. 48 | 49 | Чтобы списки показывали ближайшие заведения, пришлите свои координаты (скрепка → «Геопозиция»). Все ваши данные бот забудет через 5-10 минут, а логи пишутся обезличенно, так что не волнуйтесь за приватность. 50 | 51 | Если в данных что-то не так (отсутствует заведение, опечатка в телефоне и т.п.) — нажмите /msg и напишите модераторам, они поправят. Или поправьте сами. Бота написал Илья Зверев @ilyazver, исходный код на гитхабе. 52 | -------------------------------------------------------------------------------- /roles/queryat/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Checkout queryat 3 | git: 4 | repo: https://github.com/Zverik/queryat.git 5 | dest: /opt/src/queryat 6 | notify: touch queryat 7 | 8 | - name: Upload queryat config 9 | copy: 10 | src: queryat_config.py 11 | dest: /opt/src/queryat/config_local.py 12 | 13 | - name: Create virtualenv for queryat 14 | pip: 15 | requirements: /opt/src/queryat/requirements.txt 16 | virtualenv: /opt/src/queryat/venv 17 | 18 | - name: Set up mod_wsgi for queryat 19 | become: yes 20 | blockinfile: 21 | path: /etc/apache2/sites-available/get_veloroad.conf 22 | marker: '# {mark} queryat' 23 | block: | 24 | WSGIScriptAlias /queryat /opt/src/queryat/queryat.wsgi 25 | 26 | Require all granted 27 | 28 | notify: reload apache 29 | 30 | - name: Check that the at_polygon table exists 31 | become: yes 32 | become_user: "{{ render_user }}" 33 | command: psql -A -t -d {{ gisdb }} -c "SELECT tablename FROM pg_tables WHERE schemaname = 'public' AND tablename = 'at_polygon'" 34 | register: has_polygon 35 | changed_when: False 36 | 37 | - name: Download administrative borders 38 | when: not has_polygon.stdout 39 | get_url: 40 | url: http://zverik.openstreetmap.ru/at-180416.osm.pbf 41 | dest: /var/tmp/at.osm.pbf 42 | checksum: md5:b57689bc8b561aab30cd75c0b9dfa96e 43 | 44 | - name: Run osm2pgsql on borders 45 | when: not has_polygon.stdout 46 | become_user: "{{ render_user }}" 47 | become: yes 48 | command: osm2pgsql -C {{ ansible_memtotal_mb - 100 }} --slim --drop --prefix at --latlong -S /opt/src/queryat/at.style -d {{ gisdb }} --number-processes {{ ansible_processor_cores}} /var/tmp/at.osm.pbf 49 | async: 7200 50 | poll: 0 51 | register: osm2pgsql_job 52 | environment: 53 | ANSIBLE_ASYNC_DIR: /tmp/ansible_async 54 | 55 | - name: Wait for osm2pgsql to finish 56 | when: not has_polygon.stdout 57 | become_user: "{{ render_user }}" 58 | become: yes 59 | async_status: 60 | jid: "{{ osm2pgsql_job.ansible_job_id }}" 61 | register: osm2pgsql_status 62 | until: osm2pgsql_status.finished 63 | retries: 120 64 | delay: 60 65 | environment: 66 | ANSIBLE_ASYNC_DIR: /tmp/ansible_async 67 | 68 | - name: Remove admin borders pbf 69 | when: not has_polygon.stdout 70 | file: 71 | path: /var/tmp/at.osm.pbf 72 | state: absent 73 | 74 | - name: Delete extra tables 75 | when: not has_polygon.stdout 76 | become: yes 77 | become_user: "{{ render_user }}" 78 | command: psql -A -t -d {{ gisdb }} -c "DROP TABLE {{ item }}" 79 | with_items: 80 | - at_point 81 | - at_line 82 | - at_roads 83 | -------------------------------------------------------------------------------- /roles/osm2008/tasks/osm_carto.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install packages for osm-carto 3 | become: yes 4 | apt: 5 | name: 6 | - npm 7 | - nodejs 8 | - mapnik-utils 9 | - curl 10 | state: present 11 | 12 | - name: Install carto 13 | become: yes 14 | npm: name=carto global=yes 15 | 16 | - name: Download osm-carto {{ branch }} style 17 | git: 18 | repo: https://github.com/gravitystorm/openstreetmap-carto.git 19 | version: "{{ branch }}" 20 | dest: /opt/styles/{{ dir }} 21 | update: no 22 | 23 | - name: Download shapefiles 24 | command: scripts/get-external-data.py 25 | args: 26 | chdir: /opt/styles/{{ dir }} 27 | creates: /opt/styles/{{ dir }}/data/antarctica-icesheet-polygons-3857/icesheet_polygons.index 28 | when: branch != 'master' 29 | 30 | - name: Download fonts 31 | command: scripts/get-fonts.sh 32 | args: 33 | chdir: /opt/styles/{{ dir }} 34 | creates: /opt/styles/{{ dir }}/fonts/NotoEmoji-Bold.ttf 35 | when: branch != 'master' 36 | 37 | - name: Find temporary archives 38 | find: 39 | path: /opt/styles/{{ dir }}/data 40 | patterns: '*.zip,*.tgz' 41 | register: zips 42 | 43 | - name: Delete temporary archives 44 | file: 45 | path: "{{ item.path }}" 46 | state: absent 47 | with_items: 48 | - "{{ zips.files }}" 49 | 50 | - name: Symlink shapefile directory to ../osm-carto 51 | file: 52 | path: /opt/styles/{{ dir }}/data 53 | src: /opt/styles/osm-carto/data 54 | state: link 55 | when: branch == 'master' 56 | 57 | - name: Create xml for osm-carto 58 | command: carto -q project.mml -f osm.xml 59 | args: 60 | chdir: /opt/styles/{{ dir }} 61 | creates: /opt/styles/{{ dir }}/osm.xml 62 | 63 | - name: Replace tables names in osm-carto 64 | replace: 65 | path: /opt/styles/{{ dir }}/osm.xml 66 | regexp: 'planet_osm_' 67 | replace: 'old_' 68 | 69 | - name: Add renderd section for osm-carto 70 | become: yes 71 | blockinfile: 72 | path: /etc/renderd.conf 73 | insertafter: EOF 74 | marker: '# {mark} osm-carto' 75 | block: | 76 | [osm] 77 | URI=/osm/ 78 | TILEDIR=/var/lib/mod_tile 79 | XML=/opt/styles/{{ dir }}/osm.xml 80 | HOST={{ render_host }} 81 | TILESIZE=512 82 | SCALE=2 83 | MINZOOM=4 84 | MAXZOOM=18 85 | when: branch != 'master' 86 | 87 | - name: Add renderd section for osm-carto-4 88 | become: yes 89 | blockinfile: 90 | path: /etc/renderd.conf 91 | insertafter: EOF 92 | marker: '# {mark} osm-carto 4' 93 | block: | 94 | [old] 95 | URI=/old/ 96 | TILEDIR=/var/lib/mod_tile 97 | XML=/opt/styles/{{ dir }}/osm.xml 98 | HOST={{ render_host }} 99 | TILESIZE=256 100 | MINZOOM=4 101 | MAXZOOM=18 102 | when: branch == 'master' 103 | -------------------------------------------------------------------------------- /group_vars/all/vars.yml: -------------------------------------------------------------------------------- 1 | --- 2 | gisdb: gis 3 | render_user: osm 4 | render_host: tile.osmz.ru 5 | ntp_timezone: Europe/Moscow 6 | admin_email: ilya@zverev.info 7 | 8 | icecast_location: Amsterdam 9 | icecast_admin_email: ilya@zverev.info 10 | icecast_hostname: tile.osmz.ru 11 | icecast_admin_password: "{{ v_icecast_admin_password }}" 12 | icecast_relay_password: "{{ v_icecast_source_password }}" 13 | icecast_source_password: "{{ v_icecast_source_password }}" 14 | 15 | a5a4_password: "{{ v_a5a4_password }}" 16 | a5a4_secret: "{{ v_a5a4_secret }}" 17 | 18 | rails_secret: "{{ v_rails_secret }}" 19 | google_auth_id: "{{ v_google_auth_id }}" 20 | google_auth_secret: "{{ v_google_auth_secret }}" 21 | facebook_auth_id: "{{ v_facebook_auth_id }}" 22 | facebook_auth_secret: "{{ v_facebook_auth_secret }}" 23 | mapsme_auth_id: "{{ v_mapsme_auth_id }}" 24 | mapsme_auth_secret: "{{ v_mapsme_auth_secret }}" 25 | geoscribble_auth_id: "{{ v_geoscribble_auth_id }}" 26 | geoscribble_auth_secret: "{{ v_geoscribble_auth_secret }}" 27 | edpr_client_id: "{{ v_edpr_client_id }}" 28 | edpr_client_secret: "{{ v_edpr_client_secret }}" 29 | edpr_secret: "{{ v_edpr_secret }}" 30 | 31 | 32 | mayak_nav_admin_id: "{{v_mayak_nav_admin_id}}" 33 | mayak_nav_telegram_token: "{{ v_mayak_nav_telegram_token }}" 34 | mark_spam_token: "{{ v_mark_spam_token }}" 35 | sotm_intro_bot_token: "{{ v_sotm_intro_bot_token }}" 36 | sotm_intro_admin_id: "{{ v_sotm_intro_admin_id }}" 37 | watch_integratsioon_token: "{{ v_watch_integratsioon_token }}" 38 | watch_integratsioon_admin_id: "{{ v_watch_integratsioon_admin_id }}" 39 | 40 | borg_repo: "{{ v_borg_repo }}" 41 | borg_pass: "{{ v_borg_pass }}" 42 | borg_key: "{{ v_borg_key }}" 43 | 44 | letsencrypt_account_key: "{{ v_letsencrypt_account_key }}" 45 | 46 | teleput_telegram_token: "{{ v_teleput_telegram_token }}" 47 | teleput_path: "{{ v_teleput_path }}" 48 | 49 | postgres_exporter_name: "" 50 | postgres_exporter_uri: "localhost:5432/postgres?sslmode=disable" 51 | postgres_exporter_username: exporter 52 | postgres_exporter_password: "{{ v_postgres_exporter_password }}" 53 | mysqld_exporter_username: exporter 54 | mysqld_exporter_password: "{{ v_mysqld_exporter_password }}" 55 | 56 | mysql_root_password: "{{ v_mysql_root_password }}" 57 | mysql_user_home: /home/zverik 58 | mysql_user_name: zverik 59 | mysql_user_password: "{{ v_mysql_user_password }}" 60 | mysql_packages: [mariadb-client, mariadb-server, python3-mysqldb] 61 | 62 | logrotate_frequency: weekly 63 | logrotate_keep: 4 64 | logrotate_compress: true 65 | logrotate_entries: 66 | - name: geoscribble 67 | path: /var/log/geoscribble.log 68 | 69 | matomo_mysql_database: matomo 70 | matomo_mysql_user: matomo 71 | matomo_mysql_password: "{{ v_matomo_mysql_password }}" 72 | matomo_superuser_login: zverik 73 | matomo_superuser_password: "{{ v_matomo_superuser_password }}" 74 | matomo_superuser_email: "{{ admin_email }}" 75 | matomo_salt: "{{ v_matomo_salt }}" 76 | -------------------------------------------------------------------------------- /roles/geoscribble/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create geoscribble database 3 | become: yes 4 | become_user: postgres 5 | postgresql_db: 6 | name: geoscribble 7 | encoding: UTF-8 8 | owner: zverik 9 | 10 | - name: Add postgis extension 11 | become: yes 12 | become_user: postgres 13 | postgresql_ext: 14 | db: geoscribble 15 | name: postgis 16 | 17 | - name: Allow local no password access to the database 18 | become: yes 19 | become_user: postgres 20 | lineinfile: 21 | path: /etc/postgresql/14/main/pg_hba.conf 22 | insertafter: '# TYPE\s*DATABASE' 23 | regexp: '^local geoscribble' 24 | line: local geoscribble zverik trust 25 | notify: restart postgresql 26 | 27 | - name: Check out geoscribble code 28 | git: 29 | repo: https://github.com/Zverik/geoscribble.git 30 | dest: /opt/src/geoscribble 31 | notify: restart geoscribble 32 | 33 | - name: Create virtualenv for geoscribble 34 | pip: 35 | requirements: /opt/src/geoscribble/requirements.txt 36 | virtualenv: /opt/src/geoscribble/.venv 37 | 38 | - name: Upload geoscribble config 39 | template: 40 | src: config_local.j2 41 | dest: /opt/src/geoscribble/web/config_local.py 42 | notify: restart geoscribble 43 | 44 | - name: Initialize log 45 | become: yes 46 | file: 47 | path: /var/log/geoscribble.log 48 | owner: zverik 49 | state: touch 50 | 51 | - name: Create systemd service 52 | become: yes 53 | copy: 54 | src: geoscribble.service 55 | dest: /etc/systemd/system/ 56 | notify: restart geoscribble 57 | 58 | - name: Enable geoscribble systemd module 59 | become: yes 60 | systemd: 61 | name: geoscribble 62 | enabled: yes 63 | 64 | - name: Ensure http_proxy and headers mods is enabled 65 | become: yes 66 | apache2_module: 67 | name: "{{ item }}" 68 | state: present 69 | loop: 70 | - proxy_http 71 | - headers 72 | 73 | - name: Check that certificates exist 74 | stat: 75 | path: /etc/letsencrypt/certs/fullchain_geoscribble.osmz.ru.crt 76 | register: gs_cert_file 77 | 78 | - name: Upload geoscribble apache config 79 | become: yes 80 | template: 81 | src: geoscribble.conf 82 | dest: /etc/apache2/sites-available/geoscribble.conf 83 | notify: reload apache 84 | 85 | - name: Create geoscribble document root 86 | become: yes 87 | file: 88 | path: /var/www/geoscribble 89 | state: directory 90 | owner: zverik 91 | 92 | - name: Enable geoscribble config if not yet 93 | become: yes 94 | file: 95 | src: /etc/apache2/sites-available/geoscribble.conf 96 | path: /etc/apache2/sites-enabled/geoscribble.conf 97 | state: link 98 | notify: reload apache 99 | 100 | - name: Set up backups 101 | become: yes 102 | import_tasks: backup.yml 103 | 104 | - name: Regular task updates 105 | cron: 106 | name: geoscribble_tasks 107 | minute: "2,22,42" 108 | hour: "*" 109 | job: "cd /opt/src/geoscribble && .venv/bin/python -m web.update_tasks" 110 | -------------------------------------------------------------------------------- /roles/edpr/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create edpr database 3 | become: yes 4 | become_user: postgres 5 | postgresql_db: 6 | name: edpr 7 | encoding: UTF-8 8 | owner: zverik 9 | register: new_edpr_db 10 | 11 | - name: Allow local no password access to the database 12 | become: yes 13 | become_user: postgres 14 | lineinfile: 15 | path: /etc/postgresql/14/main/pg_hba.conf 16 | insertafter: '# TYPE\s*DATABASE' 17 | regexp: '^local edpr' 18 | line: local edpr zverik trust 19 | notify: restart postgresql 20 | 21 | - name: Create virtualenv for edpr 22 | pip: 23 | virtualenv: "/opt/src/edpr" 24 | name: git+https://github.com/Zverik/everydoor-plugin-repo 25 | state: latest 26 | notify: restart edpr 27 | 28 | - name: Install psycopg2 29 | pip: 30 | virtualenv: "/opt/src/edpr" 31 | name: psycopg2 32 | state: present 33 | 34 | - name: Create var directory 35 | file: 36 | path: "{{ edpr_instance }}" 37 | state: directory 38 | 39 | - name: Upload config 40 | template: 41 | src: config.j2 42 | dest: "{{ edpr_instance }}/config.py" 43 | notify: restart edpr 44 | 45 | - name: Initialise the db 46 | when: new_edpr_db is changed 47 | command: 48 | argv: 49 | - /opt/src/edpr/bin/flask 50 | - db 51 | - upgrade 52 | - --directory 53 | - /opt/src/edpr/lib/python3.10/site-packages/migrations 54 | 55 | - name: Create apache log directory 56 | become: yes 57 | file: 58 | path: "/var/log/apache2/{{ domain }}" 59 | state: directory 60 | mode: 0775 61 | owner: zverik 62 | group: www-data 63 | 64 | - name: Create systemd service 65 | become: yes 66 | template: 67 | src: edpr.service.j2 68 | dest: /etc/systemd/system/edpr.service 69 | register: new_edpr_service 70 | notify: restart edpr 71 | 72 | - name: Enable and start edpr systemd module 73 | when: new_edpr_service is changed 74 | become: yes 75 | systemd: 76 | name: edpr 77 | enabled: yes 78 | daemon_reload: true 79 | state: started 80 | 81 | - name: Ensure http_proxy is enabled 82 | become: yes 83 | apache2_module: 84 | name: proxy_http 85 | state: present 86 | 87 | - name: Create edpr document root 88 | become: yes 89 | file: 90 | path: /var/www/edpr 91 | state: directory 92 | owner: zverik 93 | 94 | - name: Check that certificates exist 95 | stat: 96 | path: /etc/letsencrypt/certs/fullchain_plugins.every-door.app.crt 97 | register: edpr_cert 98 | 99 | - name: Add apache domain 100 | become: yes 101 | template: 102 | src: domain.j2 103 | dest: /etc/apache2/sites-available/{{ domain }}.conf 104 | notify: reload apache 105 | 106 | - name: Enable apache domain 107 | become: yes 108 | file: 109 | src: /etc/apache2/sites-available/{{ domain }}.conf 110 | dest: /etc/apache2/sites-enabled/{{ domain }}.conf 111 | state: link 112 | notify: reload apache 113 | 114 | - name: Set up backups 115 | become: yes 116 | import_tasks: backup.yml 117 | -------------------------------------------------------------------------------- /roles/matomo/templates/config.j2: -------------------------------------------------------------------------------- 1 | ; DO NOT REMOVE THIS LINE 2 | ; file automatically generated or modified by Matomo; you can manually override the default values in global.ini.php by redefining them in this file. 3 | [database] 4 | host = "127.0.0.1" 5 | username = "{{ matomo_mysql_user }}" 6 | password = "{{ matomo_mysql_password|e }}" 7 | dbname = "{{ matomo_mysql_database }}" 8 | tables_prefix = "matomo_" 9 | charset = "utf8mb4" 10 | collation = "utf8mb4_general_ci" 11 | 12 | [General] 13 | salt = "{{ matomo_salt }}" 14 | trusted_hosts[] = "matomo.tile.osmz.ru" 15 | 16 | [PluginsInstalled] 17 | PluginsInstalled[] = "Diagnostics" 18 | PluginsInstalled[] = "Login" 19 | PluginsInstalled[] = "CoreAdminHome" 20 | PluginsInstalled[] = "UsersManager" 21 | PluginsInstalled[] = "SitesManager" 22 | PluginsInstalled[] = "Installation" 23 | PluginsInstalled[] = "Monolog" 24 | PluginsInstalled[] = "Intl" 25 | PluginsInstalled[] = "JsTrackerInstallCheck" 26 | PluginsInstalled[] = "CoreVue" 27 | PluginsInstalled[] = "CorePluginsAdmin" 28 | PluginsInstalled[] = "CoreHome" 29 | PluginsInstalled[] = "WebsiteMeasurable" 30 | PluginsInstalled[] = "IntranetMeasurable" 31 | PluginsInstalled[] = "CoreVisualizations" 32 | PluginsInstalled[] = "Proxy" 33 | PluginsInstalled[] = "API" 34 | PluginsInstalled[] = "Widgetize" 35 | PluginsInstalled[] = "Transitions" 36 | PluginsInstalled[] = "LanguagesManager" 37 | PluginsInstalled[] = "Actions" 38 | PluginsInstalled[] = "Dashboard" 39 | PluginsInstalled[] = "MultiSites" 40 | PluginsInstalled[] = "Referrers" 41 | PluginsInstalled[] = "UserLanguage" 42 | PluginsInstalled[] = "DevicesDetection" 43 | PluginsInstalled[] = "Goals" 44 | PluginsInstalled[] = "Ecommerce" 45 | PluginsInstalled[] = "SEO" 46 | PluginsInstalled[] = "Events" 47 | PluginsInstalled[] = "UserCountry" 48 | PluginsInstalled[] = "GeoIp2" 49 | PluginsInstalled[] = "VisitsSummary" 50 | PluginsInstalled[] = "VisitFrequency" 51 | PluginsInstalled[] = "VisitTime" 52 | PluginsInstalled[] = "VisitorInterest" 53 | PluginsInstalled[] = "RssWidget" 54 | PluginsInstalled[] = "Feedback" 55 | PluginsInstalled[] = "TwoFactorAuth" 56 | PluginsInstalled[] = "CoreUpdater" 57 | PluginsInstalled[] = "CoreConsole" 58 | PluginsInstalled[] = "ScheduledReports" 59 | PluginsInstalled[] = "UserCountryMap" 60 | PluginsInstalled[] = "Live" 61 | PluginsInstalled[] = "PrivacyManager" 62 | PluginsInstalled[] = "ImageGraph" 63 | PluginsInstalled[] = "Annotations" 64 | PluginsInstalled[] = "MobileMessaging" 65 | PluginsInstalled[] = "Overlay" 66 | PluginsInstalled[] = "SegmentEditor" 67 | PluginsInstalled[] = "Insights" 68 | PluginsInstalled[] = "Morpheus" 69 | PluginsInstalled[] = "Contents" 70 | PluginsInstalled[] = "BulkTracking" 71 | PluginsInstalled[] = "Resolution" 72 | PluginsInstalled[] = "DevicePlugins" 73 | PluginsInstalled[] = "Heartbeat" 74 | PluginsInstalled[] = "Marketplace" 75 | PluginsInstalled[] = "ProfessionalServices" 76 | PluginsInstalled[] = "UserId" 77 | PluginsInstalled[] = "CustomJsTracker" 78 | PluginsInstalled[] = "Tour" 79 | PluginsInstalled[] = "PagePerformance" 80 | PluginsInstalled[] = "CustomDimensions" 81 | PluginsInstalled[] = "FeatureFlags" 82 | 83 | -------------------------------------------------------------------------------- /roles/tile_server/tasks/osm_carto.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create directory for mapnik styles 3 | become: yes 4 | file: 5 | path: /opt/styles 6 | state: directory 7 | owner: zverik 8 | mode: 0755 9 | 10 | - name: Install packages for osm-carto 11 | become: yes 12 | apt: 13 | name: 14 | - fonts-noto-cjk 15 | - fonts-noto-hinted 16 | - fonts-noto-unhinted 17 | - fonts-unifont 18 | - npm 19 | - nodejs 20 | - mapnik-utils 21 | - curl 22 | state: present 23 | 24 | - name: Install carto and millstone 25 | become: yes 26 | npm: name=carto global=yes 27 | 28 | - name: Download osm-carto {{ branch }} style 29 | git: 30 | repo: https://github.com/gravitystorm/openstreetmap-carto.git 31 | version: "{{ branch }}" 32 | dest: /opt/styles/{{ dir }} 33 | update: no 34 | 35 | - name: Replace get-shapefiles with the new one 36 | copy: 37 | src: get-shapefiles.py 38 | dest: /opt/styles/{{ dir }}/scripts/get-shapefiles.py 39 | when: branch != 'master' 40 | 41 | - name: Upload failing boundary lines 42 | copy: 43 | src: ne_110m_admin_0_boundary_lines_land.zip 44 | dest: /var/www/html/ 45 | 46 | - name: Download shapefiles 47 | command: python3 scripts/get-shapefiles.py 48 | args: 49 | chdir: /opt/styles/{{ dir }} 50 | creates: /opt/styles/{{ dir }}/data/antarctica-icesheet-polygons-3857/icesheet_polygons.index 51 | when: branch != 'master' 52 | 53 | - name: Find temporary archives 54 | find: 55 | path: /opt/styles/{{ dir }}/data 56 | patterns: '*.zip,*.tgz' 57 | register: zips 58 | 59 | - name: Delete temporary archives 60 | file: 61 | path: "{{ item.path }}" 62 | state: absent 63 | with_items: 64 | - "{{ zips.files }}" 65 | 66 | - name: Symlink shapefile directory to ../osm-carto 67 | file: 68 | path: /opt/styles/{{ dir }}/data 69 | src: /opt/styles/osm-carto/data 70 | state: link 71 | when: branch == 'master' 72 | 73 | - name: Create xml for osm-carto 74 | command: carto -a 3.0.9 -q project.mml -f osm.xml 75 | args: 76 | chdir: /opt/styles/{{ dir }} 77 | creates: /opt/styles/{{ dir }}/osm.xml 78 | 79 | - name: Add renderd section for osm-carto 80 | become: yes 81 | blockinfile: 82 | path: /etc/renderd.conf 83 | insertafter: EOF 84 | marker: '# {mark} osm-carto' 85 | block: | 86 | [osm] 87 | URI=/osm/ 88 | TILEDIR=/var/lib/mod_tile 89 | XML=/opt/styles/{{ dir }}/osm.xml 90 | HOST={{ render_host }} 91 | TILESIZE=512 92 | SCALE=2 93 | MINZOOM=4 94 | MAXZOOM=18 95 | when: branch != 'master' 96 | 97 | - name: Add renderd section for osm-carto-4 98 | become: yes 99 | blockinfile: 100 | path: /etc/renderd.conf 101 | insertafter: EOF 102 | marker: '# {mark} osm-carto 4' 103 | block: | 104 | [old] 105 | URI=/old/ 106 | TILEDIR=/var/lib/mod_tile 107 | XML=/opt/styles/{{ dir }}/osm.xml 108 | HOST={{ render_host }} 109 | TILESIZE=256 110 | MINZOOM=4 111 | MAXZOOM=18 112 | when: branch == 'master' 113 | -------------------------------------------------------------------------------- /upload_pbf.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Uploads a fresh osm.pbf to a tile server. 3 | # 4 | # Parameters: 5 | # - pbf: name of a pbf file to upload 6 | # - state: optional, number of the last minutely diff applied to that pbf 7 | # - bounds: optional, geojson file with trim bounds 8 | # 9 | - hosts: all 10 | remote_user: zverik 11 | vars: 12 | style: '/opt/styles/veloroad/veloroad.style' 13 | planet: /var/tmp/planet.osm.pbf 14 | render_user: osm 15 | ansible_async_dir: /tmp/ansible_async 16 | tasks: 17 | - name: Upload pbf 18 | copy: 19 | src: "{{ pbf }}" 20 | dest: "{{ planet }}" 21 | 22 | - name: Stop db updates 23 | become: yes 24 | become_user: "{{ render_user }}" 25 | cron: 26 | name: replication 27 | disabled: yes 28 | job: /opt/src/openstreetmap-tiles-update-expire 29 | minute: '*/5' 30 | 31 | - name: Stop renderd 32 | become: yes 33 | systemd: name=renderd state=stopped 34 | 35 | - name: Install osmium-tool 36 | when: state is not defined 37 | become: yes 38 | apt: pkg=osmium-tool state=present 39 | 40 | - name: Get timestamp of the last change in the file 41 | when: state is not defined 42 | local_action: command osmium fileinfo -e -g data.timestamp.last "{{ pbf }}" 43 | # command: osmium fileinfo -e -g data.timestamp.last "{{ planet }}" 44 | register: lastdate 45 | changed_when: False 46 | 47 | - name: Import pbf 48 | become_user: "{{ render_user }}" 49 | become: yes 50 | command: osm2pgsql -C {{ ansible_memfree_mb - 500 }} --slim -S "{{ style }}" -d {{ gisdb }} --number-processes 2 "{{ planet }}" 51 | async: 30000 # ~8 hours 52 | poll: 30 53 | tags: osm2pgsql 54 | 55 | - name: Remove pbf 56 | file: 57 | name: "{{ planet }}" 58 | state: absent 59 | 60 | - name: Update replication state 61 | when: state is defined 62 | become_user: "{{ render_user }}" 63 | become: yes 64 | lineinfile: 65 | name: /var/lib/mod_tile/.osmosis/state.txt 66 | regexp: '^sequenceNumber' 67 | line: "sequenceNumber={{ state }}" 68 | 69 | - name: Download relevant state 70 | when: state is not defined 71 | become: yes 72 | get_url: 73 | url: "https://replicate-sequences.osm.mazdermind.de/?{{ lastdate.stdout }}" 74 | dest: /var/lib/mod_tile/.osmosis/state.txt 75 | force: yes 76 | owner: "{{ render_user }}" 77 | group: "{{ render_user }}" 78 | 79 | - name: Update bounds for trim_osc 80 | when: bounds is defined 81 | copy: 82 | src: "{{ bounds }}" 83 | dest: /opt/styles/bounds.json 84 | force: yes 85 | 86 | - name: Check that nik4wsgi is installed 87 | stat: 88 | path: /opt/src/nik4wsgi 89 | register: nik4w 90 | 91 | - name: Update bounds for nik4wsgi 92 | when: bounds is defined and nik4w.stat.exists 93 | copy: 94 | src: "{{ bounds }}" 95 | dest: /opt/src/nik4wsgi/www/static/bounds.geojson 96 | force: yes 97 | 98 | - name: Delete old tiles from veloroad 99 | become: yes 100 | file: 101 | state: absent 102 | path: "/var/lib/mod_tile/veloroad/{{ item }}" 103 | loop: 104 | - 7 105 | - 8 106 | - 9 107 | - 10 108 | - 11 109 | - 12 110 | - 13 111 | - 14 112 | - 15 113 | 114 | - name: Delete old tiles from veloroadhr 115 | become: yes 116 | file: 117 | state: absent 118 | path: "/var/lib/mod_tile/veloroadhr/{{ item }}" 119 | loop: 120 | - 7 121 | - 8 122 | - 9 123 | - 10 124 | - 11 125 | - 12 126 | - 13 127 | - 14 128 | - 15 129 | 130 | - name: Start db updates 131 | become: yes 132 | become_user: "{{ render_user }}" 133 | cron: 134 | name: replication 135 | disabled: no 136 | job: /opt/src/openstreetmap-tiles-update-expire 137 | minute: '*/5' 138 | 139 | - name: Start renderd 140 | become: yes 141 | systemd: name=renderd state=started 142 | -------------------------------------------------------------------------------- /roles/tile_server/files/openstreetmap-tiles-update-expire: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -e 4 | 5 | #************************************************************************* 6 | #************************************************************************* 7 | OSMOSIS_BIN=osmosis 8 | OSM2PGSQL_BIN=osm2pgsql 9 | OSM2PGSQL_OPTIONS="-S /opt/styles/veloroad/veloroad.style -d gis" 10 | #OSM2PGSQL_OPTIONS="--flat-nodes /path/to/flatnodes --hstore" 11 | 12 | REPLAG=/opt/src/mod_tile/osmosis-db_replag 13 | TRIM_OSC=/opt/src/regional/trim_osc.py 14 | BOUNDS_POLY=/opt/styles/bounds.json 15 | 16 | BASE_DIR=/var/lib/mod_tile 17 | LOG_DIR=/var/log/tiles 18 | WORKOSM_DIR=$BASE_DIR/.osmosis 19 | 20 | LOCK_FILE=/tmp/openstreetmap-update-expire-lock.txt 21 | CHANGE_FILE=$BASE_DIR/changes.osc.gz 22 | EXPIRY_FILE=$BASE_DIR/dirty_tiles 23 | STOP_FILE=$BASE_DIR/stop.txt 24 | 25 | OSMOSISLOG=$LOG_DIR/osmosis.log 26 | PGSQLLOG=$LOG_DIR/osm2pgsql.log 27 | EXPIRYLOG=$LOG_DIR/expiry.log 28 | RUNLOG=$LOG_DIR/run.log 29 | 30 | EXPIRY_MINZOOM=10 31 | EXPIRY_MAXZOOM=15 32 | 33 | MIN_DISK_SPACE_MB=500 34 | 35 | #************************************************************************* 36 | #************************************************************************* 37 | 38 | m_info() 39 | { 40 | echo "[`date +"%Y-%m-%d %H:%M:%S"`] $$ $1" >> "$RUNLOG" 41 | } 42 | 43 | m_error() 44 | { 45 | echo "[`date +"%Y-%m-%d %H:%M:%S"`] $$ [error] $1" >> "$RUNLOG" 46 | 47 | m_info "resetting state" 48 | /bin/cp $WORKOSM_DIR/last.state.txt $WORKOSM_DIR/state.txt || true 49 | 50 | rm "$CHANGE_FILE" || true 51 | rm "$EXPIRY_FILE.$$" || true 52 | rm "$LOCK_FILE" 53 | exit 54 | } 55 | 56 | m_ok() 57 | { 58 | echo "[`date +"%Y-%m-%d %H:%M:%S"`] $$ $1" >> "$RUNLOG" 59 | } 60 | 61 | getlock() 62 | { 63 | if [ -s $1 ]; then 64 | if [ "$(ps -p `cat $1` | wc -l)" -gt 1 ]; then 65 | return 1 #false 66 | fi 67 | fi 68 | 69 | echo $$ >"$1" 70 | return 0 #true 71 | } 72 | 73 | freelock() 74 | { 75 | rm "$1" 76 | rm "$CHANGE_FILE" 77 | } 78 | 79 | 80 | if [ $# -eq 1 ] ; then 81 | m_info "Initialising Osmosis replication system to $1" 82 | mkdir $WORKOSM_DIR 83 | $OSMOSIS_BIN --read-replication-interval-init workingDirectory=$WORKOSM_DIR 1>&2 2> "$OSMOSISLOG" 84 | wget "http://osm.personalwerk.de/replicate-sequences/?"$1"T00:00:00Z" -O $WORKOSM_DIR/state.txt 85 | else 86 | # make sure the lockfile is removed when we exit and then claim it 87 | 88 | if ! getlock "$LOCK_FILE"; then 89 | m_info "pid `cat $LOCK_FILE` still running" 90 | exit 3 91 | fi 92 | 93 | if [ -e $STOP_FILE ]; then 94 | m_info "stopped" 95 | exit 2 96 | fi 97 | 98 | #if (( `stat -f --format="%a*%S" $BASE_DIR` < 1024*1024*$MIN_DISK_SPACE_MB )); then 99 | if which python > /dev/null; then 100 | if python -c "import os, sys; st=os.statvfs('$BASE_DIR'); sys.exit(1 if st.f_bavail*st.f_frsize/1024/1024 > $MIN_DISK_SPACE_MB else 0)"; then 101 | m_info "there is less than $MIN_DISK_SPACE_MB MB left" 102 | exit 4 103 | fi 104 | fi 105 | 106 | seq=`cat $WORKOSM_DIR/state.txt | grep sequenceNumber | cut -d= -f2` 107 | 108 | m_ok "start import from seq-nr $seq, replag is `$REPLAG -h`" 109 | 110 | /bin/cp $WORKOSM_DIR/state.txt $WORKOSM_DIR/last.state.txt 111 | m_ok "downloading diff" 112 | 113 | if ! $OSMOSIS_BIN --read-replication-interval workingDirectory=$WORKOSM_DIR --simplify-change --write-xml-change $CHANGE_FILE 1>&2 2> "$OSMOSISLOG"; then 114 | m_error "Osmosis error" 115 | fi 116 | 117 | if [ -e "$BOUNDS_POLY" ]; then 118 | m_ok "filtering diff" 119 | if ! python3 "$TRIM_OSC" -v -d gis -p "$BOUNDS_POLY" -z $CHANGE_FILE $CHANGE_FILE 1>&2 2>> "$RUNLOG"; then 120 | m_error "Trim_osc error" 121 | fi 122 | fi 123 | 124 | m_ok "importing diff" 125 | EXPIRY_METAZOOM=`expr $EXPIRY_MAXZOOM - 3` 126 | if ! $OSM2PGSQL_BIN -a --slim -e$EXPIRY_MINZOOM-$EXPIRY_METAZOOM $OSM2PGSQL_OPTIONS -o "$EXPIRY_FILE.$$" $CHANGE_FILE 1>&2 2> "$PGSQLLOG"; then 127 | m_error "osm2pgsql error" 128 | fi 129 | 130 | freelock "$LOCK_FILE" 131 | 132 | m_ok "expiring tiles" 133 | if ! render_expired --min-zoom=$EXPIRY_MINZOOM --max-zoom=$EXPIRY_MAXZOOM --touch-from=$EXPIRY_MINZOOM -s /var/run/renderd.sock < "$EXPIRY_FILE.$$" 2>&1 | tail -8 >> "$EXPIRYLOG"; then 134 | m_info "Expiry failed" 135 | fi 136 | 137 | rm "$EXPIRY_FILE.$$" 138 | 139 | m_ok "Done with import" 140 | fi 141 | -------------------------------------------------------------------------------- /roles/hitrye/tasks/phpbb.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check that phpbb is installed 3 | stat: 4 | path: "{{ hitrye_path }}/index.php" 5 | register: phpbbf 6 | 7 | - name: Check that language is installed 8 | stat: 9 | path: "{{ hitrye_path }}/language/ru/common.php" 10 | register: phpbbl 11 | 12 | - name: Read the installed version 13 | when: phpbbf.stat.exists 14 | slurp: 15 | src: /opt/phpbb.version 16 | register: version64 17 | 18 | - name: Parse the installed version 19 | when: version64.content is defined 20 | set_fact: 21 | phpbb_server_version: "{{ version64.content | b64decode | trim }}" 22 | 23 | - name: Alternatively, set installed version to a dummy 24 | when: phpbb_server_version is not defined 25 | set_fact: 26 | phpbb_server_version: old 27 | 28 | - name: Download phpbb 29 | when: phpbb_server_version != phpbb.version 30 | get_url: 31 | url: "{{ phpbb.url }}" 32 | dest: /var/tmp/phpbb.zip 33 | checksum: "{{ phpbb.checksum }}" 34 | 35 | - name: Download Russian language pack 36 | when: phpbb_server_version != phpbb.version 37 | get_url: 38 | url: "{{ phpbb_lang.url }}" 39 | dest: /var/tmp/phpbb-ru.zip 40 | checksum: "{{ phpbb_lang.checksum }}" 41 | 42 | - name: Create target dir 43 | become: yes 44 | file: 45 | path: "{{ hitrye_path }}" 46 | owner: zverik 47 | group: zverik 48 | state: directory 49 | 50 | - name: Unpack phpbb 51 | when: phpbb_server_version != phpbb.version 52 | unarchive: 53 | remote_src: yes 54 | src: /var/tmp/phpbb.zip 55 | dest: /var/tmp 56 | 57 | - name: Unpack langpack 58 | when: phpbb_server_version != phpbb.version 59 | unarchive: 60 | remote_src: yes 61 | src: /var/tmp/phpbb-ru.zip 62 | dest: /var/tmp 63 | 64 | - name: Move phpbb to /var/www 65 | when: not phpbbf.stat.exists 66 | shell: "mv /var/tmp/phpBB3/* {{ hitrye_path }}/" 67 | args: 68 | creates: "{{ hitrye_path }}/index.php" 69 | 70 | - name: Find phpbb files to update 71 | when: 72 | - phpbbf.stat.exists 73 | - phpbb_server_version != phpbb.version 74 | find: 75 | path: /var/tmp/phpBB3 76 | file_type: any 77 | recurse: no 78 | excludes: 79 | - config.php 80 | - images 81 | - files 82 | - store 83 | - ext 84 | register: hitrye_files 85 | 86 | - name: Update phpbb files 87 | when: hitrye_files.files is defined 88 | shell: cp -r "{{ item.path }}" {{ hitrye_path }}/ 89 | with_items: "{{ hitrye_files.files }}" 90 | 91 | - name: Copy language to phpbb installation 92 | when: phpbb_server_version != phpbb.version 93 | shell: "cp -r /var/tmp/{{ phpbb_lang.dir }}/* {{ hitrye_path }}/" 94 | 95 | - name: Delete phpbb.zip 96 | file: 97 | path: /var/tmp/{{ item }} 98 | state: absent 99 | with_items: 100 | - phpbb.zip 101 | - phpbb-ru.zip 102 | - phpBB3 103 | - "{{ phpbb_lang.dir }}" 104 | 105 | - name: Upload config.php 106 | copy: 107 | src: config.php 108 | dest: "{{ hitrye_path }}/config.php" 109 | 110 | - name: Chmod user directories 111 | file: 112 | path: "{{ hitrye_path }}/{{ item }}" 113 | mode: 0777 114 | state: directory 115 | with_items: 116 | - store 117 | - cache 118 | - files 119 | - images/avatars/upload 120 | 121 | - name: Upgrade the database 122 | when: 123 | - phpbbf.stat.exists 124 | - phpbb_server_version != phpbb.version 125 | shell: php bin/phpbbcli.php --safe-mode db:migrate 126 | args: 127 | chdir: "{{ hitrye_path }}" 128 | 129 | - name: Delete install directory 130 | file: 131 | path: "{{ hitrye_path }}/install" 132 | state: absent 133 | 134 | - name: Clear cache 135 | when: 136 | - phpbbf.stat.exists 137 | - phpbb_server_version != phpbb.version 138 | become: yes 139 | file: 140 | path: "{{ hitrye_path }}/cache/production" 141 | state: absent 142 | 143 | - name: Copy old smilies 144 | copy: 145 | src: "{{ item }}" 146 | dest: "{{ hitrye_path }}/images/smilies/{{ item }}" 147 | with_items: 148 | - icon_e_biggrin.gif 149 | - icon_e_sad.gif 150 | - icon_e_smile.gif 151 | - icon_e_wink.gif 152 | 153 | - name: Upload matomo script 154 | copy: 155 | src: matomo.js 156 | dest: "{{ hitrye_path }}/styles/prosilver/template/matomo.js" 157 | 158 | - name: Add include matomo 159 | lineinfile: 160 | path: "{{ hitrye_path }}/styles/prosilver/template/overall_footer.html" 161 | insertbefore: '^\{\$SCRIPTS\}' 162 | line: "" 163 | 164 | - name: Write installed version 165 | become: yes 166 | copy: 167 | content: "{{ phpbb.version }}" 168 | dest: /opt/phpbb.version 169 | force: yes 170 | -------------------------------------------------------------------------------- /renew_certs.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | become: yes 4 | vars: 5 | acme_challenge_type: http-01 6 | acme_directory: https://acme-v02.api.letsencrypt.org/directory 7 | acme_version: 2 8 | domains: [] 9 | base_domains: 10 | - tile.osmz.ru 11 | - teleput.textual.ru 12 | - hitrye.ru 13 | - archive.hitrye.ru 14 | - geoscribble.osmz.ru 15 | - matomo.tile.osmz.ru 16 | - plugins.every-door.app 17 | http_roots: 18 | "tile.osmz.ru": /var/www/html 19 | "teleput.textual.ru": /var/www/teleput 20 | "hitrye.ru": /var/www/hitrye 21 | "archive.hitrye.ru": /var/www/hitrye_archive 22 | "geoscribble.osmz.ru": /var/www/geoscribble 23 | "matomo.tile.osmz.ru": /var/www/matomo/matomo 24 | "plugins.every-door.app": /var/www/edpr 25 | tasks: 26 | - name: Test certificate ages 27 | stat: 28 | path: "/etc/letsencrypt/certs/fullchain_{{ item }}.crt" 29 | loop: "{{ base_domains }}" 30 | register: cert_ages 31 | 32 | - name: Make a list of certificates more than 70 days old 33 | when: "not cert_ages.results[item_idx].stat.exists or cert_ages.results[item_idx].stat.mtime < ansible_date_time.epoch|int - 70*24*3600" 34 | set_fact: 35 | domains: "{{ domains + [item] }}" 36 | loop: "{{ base_domains }}" 37 | loop_control: 38 | index_var: item_idx 39 | 40 | - name: Create letsencrypt directories 41 | file: 42 | path: "/etc/letsencrypt/{{ item }}" 43 | state: directory 44 | mode: u=rwx,g=x,o=x 45 | with_items: 46 | - keys 47 | - csrs 48 | - certs 49 | 50 | - name: Create wwwroot directories, just in case 51 | file: 52 | path: "{{ http_roots[item] }}" 53 | state: directory 54 | owner: zverik 55 | loop: "{{ domains }}" 56 | 57 | - name: Generate private keys 58 | shell: 59 | cmd: "openssl genrsa 4096 > /etc/letsencrypt/keys/{{ item }}.key" 60 | creates: /etc/letsencrypt/keys/{{ item }}.key 61 | loop: "{{ domains }}" 62 | 63 | - name: Generate CSRs 64 | shell: "openssl req -new -sha256 -key /etc/letsencrypt/keys/{{ item }}.key -subj \"/CN={{ item }}\" > /etc/letsencrypt/csrs/{{ item }}.csr" 65 | loop: "{{ domains }}" 66 | 67 | - name: Let's Encrypt challenge 68 | acme_certificate: 69 | acme_directory: "{{ acme_directory }}" 70 | acme_version: "{{ acme_version }}" 71 | account_key_content: "{{ letsencrypt_account_key }}" 72 | account_email: "{{ admin_email }}" 73 | terms_agreed: 1 74 | challenge: http-01 75 | csr: "/etc/letsencrypt/csrs/{{ item }}.csr" 76 | dest: "/etc/letsencrypt/certs/{{ item }}.crt" 77 | fullchain_dest: "/etc/letsencrypt/certs/fullchain_{{ item }}.crt" 78 | force: yes 79 | loop: "{{ domains }}" 80 | # Results are registered into acme_challenge_domains.results[0], [1], etc 81 | register: acme_challenge_domains 82 | 83 | - name: Create .well-known directories 84 | file: 85 | path: "{{ http_roots[item] }}/.well-known/acme-challenge" 86 | state: directory 87 | loop: "{{ domains }}" 88 | 89 | - name: Implement http-01 challenge files 90 | copy: 91 | content: "{{ acme_challenge_domains.results[item_idx]['challenge_data'][item]['http-01']['resource_value'] }}" 92 | dest: "{{ http_roots[item] }}/{{ acme_challenge_domains.results[item_idx]['challenge_data'][item]['http-01']['resource'] }}" 93 | loop: "{{ domains }}" 94 | loop_control: 95 | index_var: item_idx 96 | 97 | - name: Complete Let's Encrypt challenges 98 | acme_certificate: 99 | acme_directory: "{{ acme_directory }}" 100 | acme_version: "{{ acme_version }}" 101 | account_key_content: "{{ letsencrypt_account_key }}" 102 | account_email: "{{ admin_email }}" 103 | challenge: http-01 104 | csr: "/etc/letsencrypt/csrs/{{ item }}.csr" 105 | dest: "/etc/letsencrypt/certs/{{ item }}.crt" 106 | chain_dest: "/etc/letsencrypt/certs/chain_{{ item }}.crt" 107 | fullchain_dest: "/etc/letsencrypt/certs/fullchain_{{ item }}.crt" 108 | data: "{{ acme_challenge_domains.results[item_idx] }}" 109 | force: yes 110 | loop: "{{ domains }}" 111 | loop_control: 112 | index_var: item_idx 113 | 114 | - name: Delete .well-known directories 115 | file: 116 | path: "{{ http_roots[item] }}/.well-known/acme-challenge" 117 | state: absent 118 | loop: "{{ domains }}" 119 | 120 | - name: Reload apache2 configuration 121 | systemd: 122 | name: apache2 123 | state: reloaded 124 | -------------------------------------------------------------------------------- /roles/rails_port/templates/application.yml.j2: -------------------------------------------------------------------------------- 1 | defaults: &defaults 2 | # The server protocol and host 3 | server_protocol: "http" 4 | server_url: "test.osmz.ru" 5 | # Publisher 6 | #publisher_url: "" 7 | # The generator 8 | generator: "Test OpenStreetMap server" 9 | copyright_owner: "OpenStreetMap and contributors" 10 | attribution_url: "http://www.openstreetmap.org/copyright" 11 | license_url: "http://opendatacommons.org/licenses/odbl/1-0/" 12 | # Support email address 13 | support_email: "openstreetmap@example.com" 14 | # Sender addresses for emails 15 | email_from: "OpenStreetMap " 16 | email_return_path: "bounces@openstreetmap.org" 17 | # API version 18 | api_version: "0.6" 19 | # Application status - possible values are: 20 | # :online - online and operating normally 21 | # :api_readonly - site online but API in read-only mode 22 | # :api_offline - site online but API offline 23 | # :database_readonly - database and site in read-only mode 24 | # :database_offline - database offline with site in emergency mode 25 | # :gpx_offline - gpx storage offline 26 | status: :online 27 | # The maximum area you're allowed to request, in square degrees 28 | max_request_area: 0.25 29 | # Number of GPS trace/trackpoints returned per-page 30 | tracepoints_per_page: 5000 31 | # Maximum number of nodes that will be returned by the api in a map request 32 | max_number_of_nodes: 50000 33 | # Maximum number of nodes that can be in a way (checked on save) 34 | max_number_of_way_nodes: 2000 35 | # The maximum area you're allowed to request notes from, in square degrees 36 | max_note_request_area: 25 37 | # Zoom level to use for postcode results from the geocoder 38 | postcode_zoom: 15 39 | # Zoom level to use for geonames results from the geocoder 40 | geonames_zoom: 12 41 | # Timeout for API calls in seconds 42 | api_timeout: 300 43 | # Timeout for web pages in seconds 44 | web_timeout: 30 45 | # Periods (in hours) which are allowed for user blocks 46 | user_block_periods: [0, 1, 3, 6, 12, 24, 48, 96] 47 | # Rate limit for message sending 48 | max_messages_per_hour: 60 49 | # Domain for handling message replies 50 | #messages_domain: "messages.openstreetmap.org" 51 | # Geonames authentication details 52 | #geonames_username: "" 53 | # Quova authentication details 54 | #quova_username: "" 55 | #quova_password: "" 56 | # Users to show as being nearby 57 | nearby_users: 30 58 | # Max radius, in km, for nearby users 59 | nearby_radius: 50 60 | # Spam threshold 61 | spam_threshold: 50 62 | # Default legale (jurisdiction location) for contributor terms 63 | default_legale: GB 64 | # Location of GPX traces and images 65 | gpx_trace_dir: "/home/osm/traces" 66 | gpx_image_dir: "/home/osm/images" 67 | # Location of data for attachments 68 | attachments_dir: ":rails_root/public/attachments" 69 | # Log file to use 70 | #log_path: "" 71 | # Log file to use for logstash 72 | #logstash_path: "" 73 | # List of memcache servers to use for caching 74 | #memcache_servers: [] 75 | # Enable legacy OAuth 1.0 support 76 | oauth_10_support: true 77 | # URL of Nominatim instance to use for geocoding 78 | nominatim_url: "//nominatim.openstreetmap.org/" 79 | # Default editor 80 | default_editor: "id" 81 | # OAuth consumer key for Potlatch 2 82 | #potlatch2_key: "" 83 | # OAuth consumer key for the web site 84 | #oauth_key: "" 85 | # OAuth consumer key for iD 86 | #id_key: "" 87 | # Whether to require users to view the CTs before continuing to edit... 88 | require_terms_seen: false 89 | # Whether to require users to agree to the CTs before editing 90 | require_terms_agreed: false 91 | # Imagery to return in capabilities as blacklisted 92 | imagery_blacklist: 93 | # Current Google imagery URLs have google or googleapis in the domain 94 | # with a vt or kh endpoint, and x, y and z query parameters 95 | - ".*\\.google(apis)?\\..*/(vt|kh)[\\?/].*([xyz]=.*){3}.*" 96 | # Blacklist VWorld 97 | - "http://xdworld\\.vworld\\.kr:8080/.*" 98 | # URL of Overpass instance to use for feature queries 99 | overpass_url: "//overpass-api.de/api/interpreter" 100 | # Routing endpoints 101 | graphhopper_url: "//graphhopper.com/api/1/route" 102 | mapquest_directions_url: "//open.mapquestapi.com/directions/v2/route" 103 | mapzen_valhalla_url: "//valhalla.mapzen.com/route" 104 | osrm_url: "//router.project-osrm.org/route/v1/driving/" 105 | # External authentication credentials 106 | google_auth_id: "{{ google_auth_id }}" 107 | google_auth_secret: "{{ google_auth_secret }}" 108 | #google_openid_realm: "" 109 | facebook_auth_id: "{{ facebook_auth_id }}" 110 | facebook_auth_secret: "{{ facebook_auth_secret }}" 111 | #windowslive_auth_id: "" 112 | #windowslive_auth_secret: "" 113 | #github_auth_id: "" 114 | #github_auth_secret: "" 115 | #wikipedia_auth_id: "" 116 | #wikipedia_auth_secret: "" 117 | mapsme_auth_id: "{{ mapsme_auth_id }}" 118 | mapsme_auth_secret: "{{ mapsme_auth_secret }}" 119 | # MapQuest authentication details 120 | #mapquest_key: "" 121 | # Mapzen authentication details 122 | #mapzen_valhalla_key: "" 123 | # Thunderforest authentication details 124 | #thunderforest_key: "" 125 | # Key for generating TOTP tokens 126 | #totp_key: "" 127 | # URL for reporting Content-Security-Policy violations 128 | #csp_report_url: "" 129 | 130 | development: 131 | <<: *defaults 132 | 133 | production: 134 | <<: *defaults 135 | 136 | test: 137 | <<: *defaults 138 | # Geonames credentials for testing 139 | geonames_username: "dummy" 140 | # External authentication credentials for testing 141 | google_auth_id: "dummy" 142 | google_auth_secret: "dummy" 143 | google_openid_realm: "https://www.openstreetmap.org" 144 | facebook_auth_id: "dummy" 145 | facebook_auth_secret: "dummy" 146 | windowslive_auth_id: "dummy" 147 | windowslive_auth_secret: "dummy" 148 | github_auth_id: "dummy" 149 | github_auth_secret: "dummy" 150 | wikipedia_auth_id: "dummy" 151 | wikipedia_auth_secret: "dummy" 152 | mapsme_auth_id: "dummy" 153 | mapsme_auth_secret: "dummy" 154 | -------------------------------------------------------------------------------- /roles/get_veloroad/files/trim_osc.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # Trim osmChange file to a bounding polygon and database contents 3 | # Written by Ilya Zverev, licensed WTFPL 4 | 5 | import sys, os, argparse, getpass, gzip 6 | import psycopg2 7 | from lxml import etree 8 | from shapely.geometry import Polygon, Point 9 | 10 | def poly_parse(fp): 11 | result = None 12 | poly = [] 13 | data = False 14 | for l in fp: 15 | l = l.strip() 16 | if l == 'END' and data: 17 | if len(poly) > 0: 18 | if hole and result: 19 | result = result.difference(Polygon(poly)) 20 | elif not hole and result: 21 | result = result.union(Polygon(poly)) 22 | elif not hole: 23 | result = Polygon(poly) 24 | poly = [] 25 | data = False 26 | elif l == 'END' and not data: 27 | break 28 | elif len(l) > 0 and ' ' not in l and '\t' not in l: 29 | data = True 30 | hole = l[0] == '!' 31 | elif l and data: 32 | poly.append(map(lambda x: float(x.strip()), l.split()[:2])) 33 | return result 34 | 35 | def box(x1,y1,x2,y2): 36 | return Polygon([(x1,y1), (x2,y1), (x2,y2), (x1,y2)]) 37 | 38 | default_user = getpass.getuser() 39 | 40 | parser = argparse.ArgumentParser(description='Trim osmChange file to a polygon and a database data') 41 | parser.add_argument('osc', type=argparse.FileType('r'), help='input osc file, "-" for stdin') 42 | parser.add_argument('output', help='output osc file, "-" for stdout') 43 | parser.add_argument('-d', dest='dbname', help='database name') 44 | parser.add_argument('--host', help='database host') 45 | parser.add_argument('--port', type=int, help='database port') 46 | parser.add_argument('--user', help='user name for db (default: {0})'.format(default_user), default=default_user) 47 | parser.add_argument('--password', action='store_true', help='ask for password', default=False) 48 | parser.add_argument('-p', '--poly', type=argparse.FileType('r'), help='osmosis polygon file') 49 | parser.add_argument('-b', '--bbox', nargs=4, type=float, metavar=('Xmin', 'Ymin', 'Xmax', 'Ymax'), help='Bounding box') 50 | parser.add_argument('-z', '--gzip', action='store_true', help='source and output files are gzipped') 51 | parser.add_argument('-v', dest='verbose', action='store_true', help='display debug information') 52 | options = parser.parse_args() 53 | 54 | # read poly 55 | poly = None 56 | if options.bbox: 57 | b = options.bbox 58 | poly = box(b[0], b[1], b[2], b[3]) 59 | if options.poly: 60 | tpoly = poly_parse(options.poly) 61 | poly = tpoly if not poly else poly.intersection(tpoly) 62 | 63 | if poly == None or not options.dbname: 64 | parser.print_help() 65 | sys.exit() 66 | 67 | # connect to database 68 | passwd = "" 69 | if options.password: 70 | passwd = getpass.getpass("Please enter your password: ") 71 | 72 | try: 73 | db = psycopg2.connect(database=options.dbname, user=options.user, password=passwd, host=options.host, port=options.port) 74 | except Exception, e: 75 | print "Error connecting to database: ", e 76 | sys.exit(1) 77 | cur = db.cursor() 78 | 79 | # read the entire osc into memory 80 | tree = etree.parse(options.osc if not options.gzip else gzip.GzipFile(fileobj=options.osc)) 81 | options.osc.close() 82 | root = tree.getroot() 83 | 84 | # NODES 85 | 86 | nodes = {} # True for nodes inside poly or referenced by good ways 87 | nodesM = [] # List of modified nodes outside poly (temporary) 88 | for node in root.iter('node'): 89 | if node.getparent().tag not in ['modify', 'create']: 90 | continue 91 | if 'lat' in node.keys() and 'lon' in node.keys(): 92 | inside = poly.intersects(Point(float(node.get('lon')), float(node.get('lat')))) 93 | nodes[node.get('id')] = inside 94 | if node.getparent().tag == 'modify' and not inside: 95 | nodesM.append(long(node.get('id'))) 96 | 97 | # Save modified nodes that are already in the database 98 | cur.execute('select id from planet_osm_nodes where id = ANY(%s);', (nodesM,)) 99 | for row in cur: 100 | nodes[str(row[0])] = True 101 | 102 | # WAYS 103 | 104 | ways = [] # List of ways (int id) with nodes inside poly or no known nodes 105 | waysM = [] # List of modified ways with no nodes inside poly (temporary) 106 | for way in root.iter('way'): 107 | if way.getparent().tag not in ['modify', 'create']: 108 | continue 109 | foundInside = False 110 | foundKnown = False 111 | for nd in way.iterchildren('nd'): 112 | if nd.get('ref') in nodes: 113 | foundKnown = True 114 | if nodes[nd.get('ref')] == True: 115 | foundInside = True 116 | break 117 | if foundInside: 118 | for nd in way.iterchildren('nd'): 119 | nodes[nd.get('ref')] = True 120 | else: 121 | wayId = int(way.get('id')) 122 | if foundKnown: 123 | ways.append(wayId) 124 | if way.getparent().tag == 'modify': 125 | waysM.append(wayId) 126 | 127 | cur.execute('select id from planet_osm_ways where id = ANY(%s);', (waysM,)) 128 | for row in cur: 129 | ways.remove(row[0]) 130 | # iterate over osmChange//way[id=]/nd and set nodes[ref] to True 131 | for nd in root.xpath('//way[@id={}]/nd'.format(row[0])): 132 | nodes[nd.get('ref')] = True 133 | 134 | # RELATIONS 135 | 136 | relations = [] # List of modified relations that are not in the database 137 | for rel in root.iter('relation'): 138 | if rel.getparent().tag == 'modify': 139 | relations.append(int(rel.get('id'))) 140 | 141 | cur.execute('select id from planet_osm_rels where id = ANY(%s);', (relations,)) 142 | for row in cur: 143 | relations.remove(row[0]) 144 | 145 | cur.close() 146 | db.close() 147 | 148 | # filter tree 149 | # 1. remove objects out of bounds 150 | cnt = [0, 0, 0] 151 | total = [0, 0, 0] 152 | types = ['node', 'way', 'relation'] 153 | for obj in root.iter('node', 'way', 'relation'): 154 | idx = types.index(obj.tag) 155 | ident = obj.get('id') 156 | if obj.getparent().tag in ['modify', 'create']: 157 | total[idx] = total[idx] + 1 158 | if (obj.tag == 'node' and ident in nodes and not nodes[ident]) or (obj.tag == 'way' and int(ident) in ways) or (obj.tag == 'relation' and int(ident) in relations): 159 | obj.getparent().remove(obj) 160 | else: 161 | cnt[idx] = cnt[idx] + 1 162 | 163 | if options.verbose: 164 | print '{} -> {}'.format('+'.join(map(str, total)), '+'.join(map(str, cnt))) 165 | 166 | # 2. remove empty sections 167 | for sec in root: 168 | if len(sec) == 0: 169 | root.remove(sec) 170 | 171 | # save modified osc 172 | of = sys.stdout if options.output == '-' else open(options.output, 'wb') 173 | if options.gzip: 174 | of = gzip.GzipFile(fileobj=of) 175 | of.write(etree.tostring(tree)) 176 | -------------------------------------------------------------------------------- /roles/tile_server/files/surface.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | -180,-85.05112877980659,180,85.05112877980659 7 | 0,0,2 8 | png8 9 | 0 10 | 22 11 | 1 12 | 2 13 | 14 | 15 | 16 | 17 | 109 | 111 | roads 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | -------------------------------------------------------------------------------- /roles/icecast/templates/icecast.xml.j2: -------------------------------------------------------------------------------- 1 | 2 | 5 | {{ icecast_location }} 6 | {{ icecast_admin_email }} 7 | 8 | 14 | 15 | 16 | 100 17 | 2 18 | 524288 19 | 30 20 | 15 21 | 10 22 | 28 | 1 29 | 32 | 65535 33 | 34 | 35 | 36 | 37 | {{ icecast_source_password }} 38 | 39 | {{ icecast_relay_password }} 40 | 41 | 42 | admin 43 | {{ icecast_admin_password }} 44 | 45 | 46 | 51 | 52 | 53 | 59 | 60 | 64 | {{ icecast_hostname }} 65 | 66 | 67 | 68 | 8000 69 | 70 | 71 | 72 | 77 | 83 | 84 | 85 | 93 | 94 |
95 | 96 | 97 | 98 | 102 | 103 | 104 | 105 | 106 | 107 | 110 | 111 | 112 | 123 | 124 | 125 | 129 | 130 | 132 | 145 | 146 | 147 | 175 | 176 | 189 | 190 | 1 191 | 192 | 193 | 194 | /usr/share/icecast2 195 | 196 | 198 | /var/log/icecast2 199 | /usr/share/icecast2/web 200 | /usr/share/icecast2/admin 201 | 202 | 203 | 207 | 210 | 214 | 215 | 219 | 220 | 221 | 222 | access.log 223 | error.log 224 | 225 | 3 226 | 10000 227 | 232 | 233 | 234 | 235 | 236 | 0 237 | 243 | 244 | 245 | -------------------------------------------------------------------------------- /roles/tile_server/files/get-shapefiles.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | # This script generates and populates the 'data' directory with all needed 4 | # shapefiles. 5 | 6 | from __future__ import ( 7 | division, 8 | absolute_import, 9 | print_function, 10 | unicode_literals) 11 | import os 12 | import errno 13 | import tarfile 14 | import zipfile 15 | import subprocess 16 | import distutils.spawn 17 | import argparse 18 | import sys 19 | import tempfile 20 | import logging 21 | import time 22 | import email.utils 23 | 24 | if sys.version_info >= (3,): 25 | import urllib.request as urllib2 26 | import urllib.parse as urlparse 27 | else: 28 | import urllib2 29 | import urlparse 30 | 31 | data_dir = 'data' 32 | settings = { 33 | # Keys 1, 2, 3, ... set the arg short-options and the related process 34 | # ordering. Use > 0 to allow processing. 35 | 1: { 36 | 'directory': 'world_boundaries', 37 | 'url': 'https://planet.openstreetmap.org/historical-shapefiles/world_boundaries-spherical.tgz', # noqa 38 | 'type': 'tgz', 39 | 'index': [ 40 | 'world_bnd_m.shp', 41 | 'builtup_area.shp', 42 | 'places.shp', 43 | 'world_boundaries_m.shp'], 44 | 'long_opt': '--world-boundaries' 45 | }, 46 | 47 | 2: { 48 | 'directory': 'simplified-land-polygons-complete-3857', 49 | 'url': 'https://osmdata.openstreetmap.de/download/simplified-land-polygons-complete-3857.zip', # noqa 50 | 'type': 'zip', 51 | 'index': ['simplified_land_polygons.shp'], 52 | 'long_opt': '--simplified-land' 53 | }, 54 | 55 | 3: { 56 | 'directory': 'ne_110m_admin_0_boundary_lines_land', 57 | 'url': 'http://localhost/ne_110m_admin_0_boundary_lines_land.zip', # noqa 58 | 'type': 'zip_dir', 59 | 'index': ['ne_110m_admin_0_boundary_lines_land.shp'], 60 | 'long_opt': '--ne-admin' 61 | }, 62 | 63 | 4: { 64 | 'directory': 'land-polygons-split-3857', 65 | 'url': 'https://osmdata.openstreetmap.de/download/land-polygons-split-3857.zip', # noqa 66 | 'type': 'zip', 67 | 'index': ['land_polygons.shp'], 68 | 'long_opt': '--land-polygons' 69 | }, 70 | 71 | 5: { 72 | 'directory': 'antarctica-icesheet-polygons-3857', 73 | 'url': 'https://osmdata.openstreetmap.de/download/antarctica-icesheet-polygons-3857.zip', # noqa 74 | 'type': 'zip', 75 | 'index': ['icesheet_polygons.shp'], 76 | 'long_opt': '--icesheet-polygons' 77 | }, 78 | 79 | 6: { 80 | 'directory': 'antarctica-icesheet-outlines-3857', 81 | 'url': 'https://osmdata.openstreetmap.de/download/antarctica-icesheet-outlines-3857.zip', # noqa 82 | 'type': 'zip', 83 | 'index': ['icesheet_outlines.shp'], 84 | 'long_opt': '--icesheet-outlines' 85 | } 86 | } 87 | 88 | u_prompt = True 89 | 90 | 91 | def download_file( 92 | url, 93 | desc=None, 94 | option_force_update=False, 95 | option_no_curl=False): 96 | global u_prompt 97 | try: 98 | scheme, netloc, path, query, fragment = urlparse.urlsplit(url) 99 | file_name = os.path.basename(path) 100 | if not file_name: 101 | file_name = 'downloaded.file' 102 | if desc: 103 | file_name = os.path.join(desc, file_name) 104 | 105 | curl_used = 0 106 | if not option_no_curl and distutils.spawn.find_executable("curl"): 107 | curl_used = 1 108 | sys.stdout.flush() 109 | if os.path.exists(file_name) and not option_force_update: 110 | if subprocess.call( 111 | ["curl", "-z", file_name, "-L", "-o", file_name, url], 112 | stderr=subprocess.STDOUT) != 0: 113 | sys.exit("\n\n 'curl' error: download failed.\n") 114 | curl_used = 2 115 | else: 116 | if subprocess.call( 117 | ["curl", "-L", "-o", file_name, url], 118 | stderr=subprocess.STDOUT) != 0: 119 | sys.exit("\n\n 'curl' error: download failed.\n") 120 | sys.stdout.flush() 121 | 122 | u = urllib2.urlopen(url) 123 | meta = u.info() 124 | 125 | # Compare dates and sizes 126 | local_file_modified = None 127 | local_file_size = None 128 | if os.path.exists(file_name): 129 | local_file_modified = time.localtime((os.path.getmtime(file_name))) 130 | local_file_size = int(os.path.getsize(file_name)) 131 | meta_func = meta.getheaders if hasattr( 132 | meta, 'getheaders') else meta.get_all 133 | host_file_modified = email.utils.parsedate( 134 | meta_func("last-modified")[0]) 135 | meta_length = meta_func("Content-Length") 136 | host_file_size = None 137 | if meta_length: 138 | host_file_size = int(meta_length[0]) 139 | 140 | # Do a file check control after using curl (which looks like not 141 | # including it internally) 142 | if curl_used == 2 and (host_file_size != local_file_size): 143 | print( 144 | " Warning: file size differs. Downloading the file again.") 145 | curl_used = 0 146 | if curl_used > 0: 147 | u.close() 148 | return file_name 149 | 150 | if (not option_force_update and os.path.exists(file_name) and 151 | (host_file_modified <= local_file_modified) and 152 | (host_file_size == local_file_size)): 153 | print(" No newer file to download.", end="") 154 | if u_prompt: 155 | print(" (Use -u to force downloading file)", end="") 156 | u_prompt = False 157 | print() 158 | u.close() 159 | return file_name 160 | 161 | with open(file_name, 'wb') as f: 162 | print(" Bytes: {0:10}".format(host_file_size)) 163 | 164 | file_size_dl = 0 165 | block_sz = 65536 166 | while True: 167 | buffer = u.read(block_sz) 168 | if not buffer: 169 | if file_size_dl != host_file_size: 170 | sys.exit("\n\n Error: download with invalid size.\n") 171 | break 172 | 173 | file_size_dl += len(buffer) 174 | f.write(buffer) 175 | 176 | status = "{0:18}".format(file_size_dl) 177 | if host_file_size: 178 | status += " [{0:3.0f}%]".format( 179 | file_size_dl * 180 | 100 / 181 | host_file_size) 182 | status += chr(13) 183 | print(status, end="") 184 | f.close() 185 | u.close() 186 | os.utime( 187 | file_name, 188 | (time.mktime(host_file_modified), 189 | time.mktime(host_file_modified))) 190 | print() 191 | 192 | return file_name 193 | except urllib2.HTTPError as e: 194 | sys.stderr.write( 195 | "\n\n Error: download failed. (error code: " + 196 | str(e.code) + 197 | ", error reason: " + e.reason + ")\n") 198 | raise e 199 | except Exception as e: 200 | sys.exit("\n\n Error: download failed.\n" + str(e) + "\n") 201 | 202 | 203 | def main(): 204 | 205 | # Option handling 206 | 207 | parser = argparse.ArgumentParser( 208 | epilog="This script generates and populates the '" + data_dir + 209 | "' directory with all needed shapefiles, including indexing " + 210 | " them through shapeindex.") 211 | parser.add_argument( 212 | '-c', "--check", dest='option_check_mode', action='store_true', 213 | help="check whether the '" + data_dir + "' directory already exists") 214 | parser.add_argument( 215 | "-d", "--directory", dest="data_dir", 216 | help="set the name of the data directory (default: '" + 217 | data_dir + "')", 218 | default=data_dir, metavar="") 219 | parser.add_argument( 220 | '-e', "--no-extract", dest='option_no_extract', action='store_true', 221 | help="do not populate target directories with the expansion " + 222 | "of downloaded data") 223 | parser.add_argument( 224 | '-f', "--force", dest='option_force', action='store_true', 225 | help="force continuing even if project.mml does not exist") 226 | parser.add_argument( 227 | '-l', "--no-curl", dest='option_no_curl', action='store_true', 228 | help="do not use 'curl' even if available") 229 | parser.add_argument( 230 | '-n', "--no-download", dest='option_no_download', action='store_true', 231 | help="do not download archive if already existing locally") 232 | parser.add_argument( 233 | '-p', "--pause", dest='option_pause_mode', action='store_true', 234 | help="pause before starting") 235 | parser.add_argument( 236 | '-r', "--remove", dest='option_remove', action='store_true', 237 | help="remove each downloaded archive after its expansion") 238 | parser.add_argument( 239 | '-s', "--no-shape", dest='option_no_shape', action='store_true', 240 | help="do not run shapeindex") 241 | parser.add_argument( 242 | '-u', "--update", dest='option_force_update', action='store_true', 243 | help="force downloading files even if not newer than the locally " + 244 | "existing ones") 245 | for element in sorted(settings): 246 | parser.add_argument( 247 | settings[element]['long_opt'], 248 | dest='option_filter', action='append_const', const=element, 249 | help="only process " + settings[element]['directory']) 250 | 251 | args = parser.parse_args() 252 | 253 | # Initial checks 254 | 255 | if not args.option_no_shape and ( 256 | not distutils.spawn.find_executable("shapeindex")): 257 | sys.exit( 258 | """\n Error: you need shapeindex (or shapeindex is not in the 259 | PATH). Otherwise, use '-s' option to skip shapeindex 260 | (indexing shapes is suggested for performance improvement).\n""") 261 | 262 | if args.option_force: 263 | os.chdir(os.path.dirname(__file__)) 264 | else: 265 | os.chdir(os.path.join(os.path.dirname(__file__), '..')) 266 | if not os.path.isfile("project.mml"): 267 | sys.exit( 268 | """\n Error: project.mml not found. 269 | Are you sure you are in the correct folder? 270 | Otherwise, use '-f' option to go on creating or updating the '""" + 271 | args.data_dir + """' directory 272 | placed in the same path of this script.\n""") 273 | 274 | if args.option_check_mode: 275 | if os.path.isdir("data"): 276 | sys.exit( 277 | """\n A directory named '""" + args.data_dir + 278 | """' already exists. 279 | Please consider renaming it. 280 | Otherwise, remove '-c' option to allow updating.\n""") 281 | 282 | if args.option_pause_mode: 283 | print( 284 | "\nThis script generates and populates the '" + args.data_dir + 285 | "' directory with all needed shapefiles.\n") 286 | try: 287 | input( 288 | "Press Enter to continue " + 289 | "(remove '-p' option to avoid this message)...") 290 | except Exception: 291 | pass 292 | 293 | print() 294 | # Processing 295 | 296 | for element in sorted(settings): 297 | 298 | if (not args.option_filter or 299 | (args.option_filter and 300 | element in args.option_filter)) and element > 0: 301 | 302 | dir_name = settings[element]['directory'] 303 | dir_path = os.path.join(args.data_dir, dir_name) 304 | path_name = os.path.join( 305 | args.data_dir, 306 | settings[element]['url'].rsplit('/', 1)[-1]) 307 | 308 | # Creating directory 309 | if not os.path.exists(dir_path): 310 | os.makedirs(dir_path) 311 | 312 | # Downloading 313 | if not args.option_no_download or not os.path.isfile(path_name): 314 | print(str(element) + "-1. Downloading '" + dir_name + "'...") 315 | file_name = download_file( 316 | settings[element]['url'], args.data_dir, 317 | args.option_force_update, args.option_no_curl) 318 | 319 | # Expanding 320 | if not args.option_no_extract: 321 | sys.stdout.flush() 322 | print() 323 | print( 324 | str(element) + "-2. Expanding '" + dir_name + "'...", 325 | end="") 326 | sys.stdout.flush() 327 | if settings[element]['type'] == 'tgz': 328 | tar = tarfile.open(path_name) 329 | try: 330 | tar.extractall(args.data_dir) 331 | except Exception: 332 | sys.exit(" Failed (try with -u option).\n") 333 | tar.close() 334 | elif settings[element]['type'] == 'zip': 335 | zip = zipfile.ZipFile(path_name) 336 | try: 337 | zip.extractall(args.data_dir) 338 | except Exception: 339 | sys.exit(" Failed (try with -u option).\n") 340 | zip.close() 341 | elif settings[element]['type'] == 'zip_dir': 342 | zip = zipfile.ZipFile(path_name) 343 | try: 344 | zip.extractall(dir_path) 345 | except Exception: 346 | sys.exit(" Failed (try with -u option).\n") 347 | zip.close() 348 | else: 349 | sys.exit( 350 | "\n\nInternal error: unmanaged 'type'='" + 351 | settings[element]['type'] + "'.\n") 352 | sys.stdout.flush() 353 | print(" Done.\n") 354 | 355 | # Removing archive 356 | if args.option_remove: 357 | try: 358 | os.remove(path_name) 359 | except OSError: 360 | pass 361 | 362 | # Indexing 363 | if not args.option_no_shape: 364 | for item, index in enumerate(settings[element]['index']): 365 | if len(settings[element]['index']) == 1: 366 | print(str(element) + "-3" + ". Indexing '" + 367 | index + "'...") 368 | else: 369 | print(str(element) + "-3-" + str( 370 | item + 1) + ". Indexing '" + index + "'...") 371 | sys.stdout.flush() 372 | if (subprocess.call(["shapeindex", "--shape_files", 373 | os.path.join(dir_path, index)], 374 | stderr=subprocess.STDOUT) != 0): 375 | sys.exit("\n Indexing error: shapeindex failed.\n") 376 | sys.stdout.flush() 377 | print() 378 | 379 | # Finishing 380 | print("...script completed.\n") 381 | 382 | if __name__ == '__main__': 383 | try: 384 | main() 385 | except KeyboardInterrupt: 386 | sys.exit("\n\n\nYou pressed Ctrl+C!\n") 387 | except Exception as e: 388 | raise e 389 | --------------------------------------------------------------------------------