User:Kannix/tile-server-next-level

old setup: User:Kannix/tilestache

aim

• restart of tileserver (done)
• no more apache mod_python (depreciated)
• nginx as caching proxy (done)
  • restrict to referer (done)
  • throttling (to-do)
• serving vector tiles
  • https://github.com/mapbox/awesome-vector-tiles
• tileStache
  • nginx > uwsgi_pass > tilestache (done)
  • systemd service (to-do)

TileStache using uWSGI

• https://github.com/TileStache/TileStache
• https://github.com/openpolis/tilestache
• https://davidjb.com/blog/2012/06/serving-tilestache-or-another-app-using-uwsgi-against-a-web-sub-directory/

plesk setup

https://www.digitalocean.com/community/tutorials/how-to-serve-flask-applications-with-uswgi-and-nginx-on-ubuntu-18-04

prerequisite (python2 required):

apt install python2-dev
apt install python-pip
pip2 install virtualenv

switch to your home:

cd /var/www/vhosts/servername.de/tiles.servername.de/cgi-bin
mkdir tilestache_app
cd tilestache_app

create virtual enviroment (python2):

virtualenv -p /usr/bin/python2 tilestache_app_venv

activate virtual enviroment:

source tilestache_app_venv/bin/activate

set up tilestache and uwsgi in virtual enviroment:

pip install uwsgi
pip install -U pillow modestmaps simplejson werkzeug uuid mapbox-vector-tile
git clone https://github.com/migurski/TileStache.git
python setup.py install
cd ..

create tilestache_app.py

import TileStache
application = TileStache.WSGITileServer('tilestache.cfg')

create tilestache.cfg (cache 'Test' does nothing):

{
 "cache":
 {
   "name": "Test",
   "path": "/tmp/stache",
   "umask": "0000",
   "dirs": "portable"
 },
 "layers": 
 {
   "cemt":
   {
       "provider": {"name": "mbtiles", "tileset": "/var/www/vhosts/servername.de/tiles.servername.de/cemt.mbtiles"}
   },
   "cemt-vector-2020": {
       "provider": {"name": "mbtiles", "tileset": "/var/www/vhosts/servername.de/tiles.servername.de/cemt_EU_2020_uc.mbtiles"}
   },
   "cemt-json-tiled-uc": {
        "provider": {"name": "mbtiles", "tileset": "/var/www/vhosts/servername.de/tiles.servername.de/cemt_EU_2019_uc.mbtiles"}
   }
 }
}

first test:

uwsgi --socket 0.0.0.0:8080 --protocol=http -w wsgi
lynx http://localhost:8080

create tilestache_app.ini

[uwsgi]
module = tilestache_app:application
master = true
processes = 5
socket = /var/www/vhosts/servername.de/tiles.servername.de/cgi-bin/tilestache_app/tilestache_app.sock
# chmod-socket = 777 (testing)
chmod-socket = 660 (production)
vacuum = true
die-on-term = true
# protocol = http (only needed for 2nd curl test)

second test:

uwsgi --ini tilestache_app.ini
curl --unix-socket /var/www/vhosts/servername.de/tiles.servername.de/cgi-bin/tilestache_app/tilestache_app.sock http://localhost/tilestache/preview.html

pre production:

uwsgi --ini tilestache_app.ini

close virtual enviroment:

deactivate

create /etc/systemd/system/tilestache.service

[Unit]
Description=uWSGI instance to serve tilestache
After=network.target

[Service]
User=www1008
Group=psaserv
WorkingDirectory=/var/www/vhosts/servername.de/tiles.servername.de/cgi-bin/tilestache_app
Environment="PATH=/var/www/vhosts/servername.de/tiles.servername.de/cgi-bin/tilestache_app/tilestache_app_venv/bin"
ExecStart=/var/www/vhosts/servername.de/tiles.servername.de/cgi-bin/tilestache_app//tilestache_app_venv/bin/uwsgi --ini tilestache_app.ini

[Install]
WantedBy=multi-user.target

• systemctl start tilestache
• systemctl enable tilestache
• systemctl status tilestache
• systemctl stop tilestache

nginx reverse proxy

• https://coderwall.com/p/--wgba/nginx-reverse-proxy-cache-for-openstreetmap
• https://www.nginx.com/blog/nginx-caching-guide/

plesk setup

create /etc/nginx/conf.d/tiles_servername_de_cache.conf (loads at nginx start)

proxy_cache_path /var/cache/nginx/tiles.servername.de_proxy levels=1:2 keys_zone=tiles.servername.de_proxy:5m max_size=5g inactive=30d use_temp_path=off;
uwsgi_cache_path /var/cache/nginx/tiles.servername.de_uwsgi levels=1:2 keys_zone=tiles.servername.de_uwsgi:5m max_size=5g inactive=30d;

edit /var/www/vhosts/system/tiles.servername.de/conf/vhost_nginx.conf

valid_referers none server_names
*.servername.de *.skipperguide.de;
if ($invalid_referer){
	return 403;
}

# reverse
location ^~ /seamark {
	add_header X-Cache-Status $upstream_cache_status;
	proxy_cache tiles.servername.de_proxy;
	proxy_cache_valid  200 302  10d;
	proxy_cache_valid  404      1m;
	proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
	proxy_pass https://t1.openseamap.org;
}

location ^~ /osm/ {
	add_header X-Cache-Status $upstream_cache_status;
	add_header x-cached-by "tiles.servername.de";
	proxy_cache tiles.servername.de_proxy;
	proxy_cache_valid  200 302  10d;
	proxy_cache_valid  404      1m;
	proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
	proxy_pass https://tile.openstreetmap.org/;
}

location ^~ /openriverboatmap/ {
	add_header X-Cache-Status $upstream_cache_status;
	add_header x-cached-by "tiles.servername.de";
	proxy_cache tiles.servername.de_proxy;
	proxy_cache_valid  200 302  10d;
	proxy_cache_valid  404      1m;
	proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
	proxy_pass http://a.tile.openstreetmap.fr/openriverboatmap/;
}

# static
location ^~ /tiles.py/cemt/ {
	alias /var/www/vhosts/servername.de/tiles.servername.de/stache/cemt/;
	add_header x-cached-by "tiles.servername.de";
	try_files $uri =404;
}

# tilestache
location ^~ /cemt {
	add_header X-Cache-Status $upstream_cache_status;
	add_header x-cached-by "tilestache@tiles.servername.de";
	uwsgi_cache tiles.servername.de_uwsgi;
	uwsgi_cache_key $request_uri;
	uwsgi_cache_valid  200 302  10d;
	uwsgi_cache_valid  404      1m;
	uwsgi_cache_use_stale error timeout http_500 http_503 http_403 http_404 http_429;
	include uwsgi_params;
	uwsgi_pass unix:///var/www/vhostsservername.de/tiles.servername.de/cgi-bin/tilestache_app/tilestache_app.sock;
}
location ^~ /cemt-vector-2020 {
	add_header Access-Control-Allow-Origin *;
	add_header X-Cache-Status $upstream_cache_status;
	add_header x-cached-by "tilestache@tiles.servername.de";
	uwsgi_cache tiles.servername.de_uwsgi;
	uwsgi_cache_key $request_uri;
	uwsgi_cache_valid  200 302  10d;
	uwsgi_cache_valid  404      1m;
	uwsgi_cache_use_stale error timeout http_500 http_503 http_403 http_404 http_429;
	include uwsgi_params;
	uwsgi_pass unix:///var/www/vhosts/servername.de/tiles.servername.de/cgi-bin/tilestache_app/tilestache_app.sock;
}
location ^~ /cemt-json-tiled-uc {
	add_header Access-Control-Allow-Origin *;
	add_header X-Cache-Status $upstream_cache_status;
	add_header x-cached-by "tilestache@tiles.servername.de";
	uwsgi_cache tilesservername.de_uwsgi;
	uwsgi_cache_key $request_uri;
	uwsgi_cache_valid  200 302  10d;
	uwsgi_cache_valid  404      1m;
	uwsgi_cache_use_stale error timeout http_500 http_503 http_403 http_404 http_429;
	include uwsgi_params;
	uwsgi_pass unix:///var/www/vhosts/servername.de/tiles.servername.de/cgi-bin/tilestache_app/tilestache_app.sock;
}

error logs:

/var/www/vhosts/servername.de/logs/tiles.servername.de

t-rex

• https://github.com/t-rex-tileserver/t-rex/
• https://github.com/t-rex-tileserver/t-rex/issues/113

mapproxy

• https://mapproxy.org/docs/nightly/deployment.html