feat: init first version of sanboxed osm

README.md

@@ -0,0 +1,34 @@
+# OSM Sandbox
+
+Edit a map collaboratively, in an isolated environment.
+
+This repository does the following:
+
+- Builds a custom lightweight container image for OpenStreetMap.
+- Automatically configures an admin user, OAuth application, and working ID Editor.
+- Starts a sandboxed / isolated instance of OpenStreetMap from the main instance at
+  openstreetmap.org.
+
+![empty-osm](./empty-osm.png)
+
+## Usage (Development)
+
+```bash
+docker compose up -d
+```
+
+Access OpenStreetMap on: http://localhost:4433
+Access ID Editor on: http://localhost:4433/edit?editor=id
+
+Credentials:
+- User [email protected]
+- Password: Password1234
+
+## Usage (Production)
+
+- Buy a domain and allocated a server.
+- ...
+
+## Importing Existing OSM Data
+
+Check out [osm_to_sandbox](https://github.com/Zverik/osm_to_sandbox/tree/main)

docker-compose.yml

@@ -0,0 +1,68 @@
+version: "3"
+
+networks:
+  osm-net: 
+    name: osm-net
+
+volumes:
+  osm-tmp:
+  osm-storage:
+  osm-db-data:
+
+services:
+  osm:
+    image: ghcr.io/hotosm/osm-sandbox:2024-04-27
+    build:
+      dockerfile: openstreetmap.dockerfile
+    environment:
+      PROTOCOL: http${DOMAIN:+s}
+      DOMAIN: ${DOMAIN:-127.0.0.1:4433}
+      ADMIN_EMAIL: ${ADMIN_PASS:[email protected]}
+      ADMIN_PASS: ${ADMIN_PASS:-Password1234}
+      ID_EDITOR_REDIRECT_URI: http${DOMAIN:+s}://${DOMAIN:-127.0.0.1:4433}
+    volumes:
+      # Mount a tmp directory that will persist between runs
+      - osm-tmp:/app/tmp
+      # Mount a storage directory that will persist between runs
+      - osm-storage:/app/storage
+      # Mount local setting overrides
+      # - ./settings.local.yml:/app/config/settings.local.yml:ro
+    tmpfs:
+      /tmp/pids/
+    ports:
+      - "${PORT:-4433}:3000"
+    networks:
+      - osm-net
+    depends_on:
+      osm-db:
+        condition: service_healthy
+    restart: unless-stopped
+
+  osm-db:
+    image: docker.io/postgres:14
+    environment:
+      POSTGRES_DB: openstreetmap
+      POSTGRES_PASSWORD: openstreetmap
+      POSTGRES_USER: openstreetmap
+    volumes:
+      - osm-db-data:/var/lib/postgresql/data
+    networks:
+      - osm-net
+    restart: unless-stopped
+    healthcheck:
+      test: pg_isready -U openstreetmap -d openstreetmap
+      start_period: 5s
+      interval: 10s
+      timeout: 5s
+      retries: 3
+
+  mail:
+    image: "ixdotai/smtp:v0.5.2"
+    volumes:
+      - ./rsa.private:/etc/exim4/dkim.key.temp:ro
+    environment:
+      - MAILNAME=${DOMAIN:-hotosm.org}
+      - DKIM_KEY_PATH=/etc/exim4/dkim.key.temp
+    networks:
+      - osm-net
+    restart: unless-stopped

openstreetmap.dockerfile

@@ -0,0 +1,114 @@
+FROM ubuntu:22.04 as openstreetmap-repo
+RUN apt-get update \
+ && apt-get install --no-install-recommends -y \
+      git \
+      ca-certificates \
+ && rm -rf /var/lib/apt/lists/*
+WORKDIR /repo
+RUN update-ca-certificates
+RUN git clone --depth 1 --no-checkout \
+     https://github.com/openstreetmap/openstreetmap-website.git \
+     && cd openstreetmap-website \
+     && git checkout a5f72216395fb490a984dd86575f855c94a6a02f
+
+
+
+# Modified from https://github.com/openstreetmap/openstreetmap-website
+FROM ubuntu:22.04 as build
+ENV DEBIAN_FRONTEND=noninteractive
+# Install system packages then clean up to minimize image size
+RUN apt-get update \
+ && apt-get install --no-install-recommends -y \
+      build-essential \
+      curl \
+      default-jre-headless \
+      file \
+      git-core \
+      gpg-agent \
+      libarchive-dev \
+      libffi-dev \
+      libgd-dev \
+      libpq-dev \
+      libsasl2-dev \
+      libvips-dev \
+      libxml2-dev \
+      libxslt1-dev \
+      libyaml-dev \
+      locales \
+      postgresql-client \
+      ruby \
+      ruby-dev \
+      ruby-bundler \
+      software-properties-common \
+      tzdata \
+      unzip \
+      nodejs \
+      npm \
+ && npm install --global yarn \
+ # We can't use snap packages for firefox inside a container, so we need to get firefox+geckodriver elsewhere
+ && add-apt-repository -y ppa:mozillateam/ppa \
+ && echo "Package: *\nPin: release o=LP-PPA-mozillateam\nPin-Priority: 1001" > /etc/apt/preferences.d/mozilla-firefox \
+ && apt-get install --no-install-recommends -y \
+      firefox-geckodriver \
+ && apt-get clean \
+ && rm -rf /var/lib/apt/lists/*
+ENV DEBIAN_FRONTEND=dialog
+# Setup app location
+WORKDIR /app
+# Copy the app, as normally expected to be mounted
+COPY --from=openstreetmap-repo \
+    /repo/openstreetmap-website/ /app/
+# Install Ruby packages
+RUN bundle config set --global path /usr/local/bundle \
+    && bundle install \
+    # Install NodeJS packages using yarn
+    && bundle exec bin/yarn install
+
+
+
+FROM ubuntu:22.04 as runtime
+ENV DEBIAN_FRONTEND=noninteractive \
+    PIDFILE=/tmp/pids/server.pid
+RUN apt-get update \
+ && apt-get install --no-install-recommends -y \
+      libarchive-dev \
+      libffi-dev \
+      libgd-dev \
+      libpq-dev \
+      libsasl2-dev \
+      libvips-dev \
+      libxml2-dev \
+      libxslt1-dev \
+      libyaml-dev \
+      locales \
+      tzdata \
+      postgresql-client \
+      ruby \
+      ruby-bundler \
+ && rm -rf /var/lib/apt/lists/*
+WORKDIR /app
+# COPY --from=build /app /app
+COPY --from=build /app/Gemfile* /app/Rakefile /app/config.ru /app/
+COPY --from=build /app/node_modules /app/node_modules
+COPY --from=build /usr/local/bundle /usr/local/bundle
+COPY --from=build /app/app /app/app
+COPY --from=build /app/bin /app/bin
+COPY --from=build /app/config /app/config
+COPY --from=build /app/db /app/db
+COPY --from=build /app/lib /app/lib
+COPY --from=build /app/public /app/public
+COPY --from=build /app/script /app/script
+COPY --from=build /app/vendor /app/vendor
+COPY osm-entrypoint.sh /
+RUN bundle config set --global path /usr/local/bundle \
+     # Copy the required config to correct location
+     # https://github.com/openstreetmap/openstreetmap-website/blob/master/DOCKER.md#initial-setup
+     && cp config/example.storage.yml config/storage.yml \
+     && cp config/docker.database.yml config/database.yml \
+     # Replace db --> osm-db compose service
+     && sed -i 's/host: db/host: osm-db/' config/database.yml \
+     && touch config/settings.local.yml \
+     && chmod +x /osm-entrypoint.sh
+
+CMD ["bundle", "exec", "rails", "s", "-p", "3000", "-b", "0.0.0.0"]
+ENTRYPOINT ["/osm-entrypoint.sh"]

osm-entrypoint.sh

@@ -0,0 +1,68 @@
+#!/bin/bash
+
+# Start web server
+bundle exec rails s -d -p 3000 -b '0.0.0.0'
+
+# Run migrations
+bundle exec rails db:migrate
+
+# Ruby script to create admin (to file)
+# NOTE ID_EDITOR_REDIRECT_URI env var is injected
+cat << EOF > create_admin_user.rb
+unless User.exists?(email: "#{ENV['ADMIN_PASS']}")
+  pass_crypt, pass_salt = PasswordHash.create("#{ENV['ADMIN_PASS']}")
+  admin_user = User.create!(
+      display_name: "HOTOSM",
+      email: "#{ENV['ADMIN_PASS']}",
+      pass_crypt: pass_crypt,
+      pass_salt: pass_salt,
+      email_valid: true,
+      data_public: true,
+      terms_seen: true,
+      terms_agreed: Time.now,
+      tou_agreed: Time.now,
+  )
+  admin_user.confirm!
+  admin_user.roles.create(role: "administrator", granter_id: admin_user.id)
+  admin_user.roles.create(role: "moderator", granter_id: admin_user.id)
+end
+
+unless Oauth2Application.exists?(name: 'ID Dev')
+  admin_user = User.find_by(email: "#{ENV['ADMIN_PASS']}")
+  id_app = Oauth2Application.create!(
+      owner: admin_user,
+      name: 'ID Dev',
+      redirect_uri: "#{ENV['ID_EDITOR_REDIRECT_URI']}",
+      scopes: ['read_prefs', 'write_api'],
+      confidential: false,
+  )
+  puts id_app.uid
+  # puts id_app.secret
+end
+EOF
+
+# Run script in Rails console
+ID_EDITOR_CLIENT_ID=$(bundle exec rails runner create_admin_user.rb)
+echo ""
+echo "ID Editor Client ID:"
+echo "${ID_EDITOR_CLIENT_ID}"
+echo ""
+
+# Stop web server gracefully
+kill -TERM $(cat /tmp/pids/server.pid)
+
+# Update the OpenStreetMap settings
+# Further overrides can be made in a mounted settings.local.yml file
+# The oauth_application var is for OSM Notes / changeset comments
+# The id_application var is for ID editor
+sed -i "s/#id_application: \"\"/id_application: \"${ID_EDITOR_CLIENT_ID}\"/" /app/config/settings.yml
+sed -i "s/server_protocol: \"http\"/server_protocol: \"${PROTOCOL}\"/" /app/config/settings.yml
+sed -i "s/server_url: \"https:\/\/www.openstreetmap.org\"/server_url: \"${DOMAIN}\"/" /app/config/settings.yml
+# SMTP settings
+sed -i "s/smtp_address: \"localhost\"/smtp_address: \"mail\"/" /app/config/settings.yml
+sed -i "s/smtp_domain: \"localhost\"/smtp_domain: \"${DOMAIN}\"/" /app/config/settings.yml
+sed -i "s/email_from: \"OpenStreetMap <[email protected]>\"/email_from: \"OSM Dev <admin@${DOMAIN}>\"/" /app/config/settings.yml
+sed -i "s/email_return_path: \"[email protected]\"/email_return_path: \"admin@${DOMAIN}\"/" /app/config/settings.yml
+
+# Set exec to replace shell with the command passed as arguments
+exec "$@"