{"id":28434752,"url":"https://github.com/geosolutions-it/clevmetro-nfd","last_synced_at":"2025-10-10T01:33:33.310Z","repository":{"id":91244433,"uuid":"88965924","full_name":"geosolutions-it/clevmetro-nfd","owner":"geosolutions-it","description":"Cleveland Metroparks - Natural Features Database","archived":false,"fork":false,"pushed_at":"2019-01-21T09:14:24.000Z","size":12153,"stargazers_count":2,"open_issues_count":6,"forks_count":5,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-09-11T08:19:31.557Z","etag":null,"topics":["django","mapstore2","python","species"],"latest_commit_sha":null,"homepage":"https://waffle.io/geosolutions-it/clevmetro-nfd","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/geosolutions-it.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2017-04-21T09:17:21.000Z","updated_at":"2022-07-19T18:34:33.000Z","dependencies_parsed_at":"2023-09-26T10:51:39.419Z","dependency_job_id":null,"html_url":"https://github.com/geosolutions-it/clevmetro-nfd","commit_stats":{"total_commits":343,"total_committers":11,"mean_commits":"31.181818181818183","dds":0.6034985422740524,"last_synced_commit":"6243e96e508a4a55734c73c960f030e3ace5dcce"},"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/geosolutions-it/clevmetro-nfd","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/geosolutions-it%2Fclevmetro-nfd","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/geosolutions-it%2Fclevmetro-nfd/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/geosolutions-it%2Fclevmetro-nfd/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/geosolutions-it%2Fclevmetro-nfd/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/geosolutions-it","download_url":"https://codeload.github.com/geosolutions-it/clevmetro-nfd/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/geosolutions-it%2Fclevmetro-nfd/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279002405,"owners_count":26083374,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-09T02:00:07.460Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["django","mapstore2","python","species"],"created_at":"2025-06-05T19:09:36.785Z","updated_at":"2025-10-10T01:33:33.295Z","avatar_url":"https://github.com/geosolutions-it.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# clevmetro-nfd\nCleveland Metroparks - Natural Features Database\n\n## Overview\n\nThe software is composed of a [client application](nfdclient/README.md) based on MapStore2, React and Redux technologies,\nand a [REST API](nfdapi/README.md) based on Django. Have a look at both subprojects for detailed development and\ndeployment documentation.\n\n## Deployment \n\nClone the repository with the --recursive option to automatically clone submodules:\n\n`git clone --recursive https://github.com/geosolutions-it/clevmetro-nfd.git`\n\nThen configure Apache or Nginx to serve the nfdclient application on the root\n(\"/\") path and the nfdapi Django application on \"nfdapi/\" path.\n\nThe client application is served as static content.\n\nThe nfdapi application should be served using a WSGI compatible web server such as Apache or Nginx.\nA [systemd script is provided](nfdapi/deploy/metroparksnfd.service) for deploying nfdapi as a system service\nusing the uWSGI application container. uWSGI can be integrated\nwith Apache or Nginx [using different approaches](http://uwsgi-docs.readthedocs.io/en/latest/WebServers.html).\nFor the dev server, a simple proxy configuration was used to integrate Apache with uWSGI.\n\nThe following configuration file can be used to configure Apache for\nnfdclient and nfdapi applications:\n\n```\n# /etc/apache2/conf-enabled/nfdapi.conf\nHeader set Access-Control-Allow-Origin \"*\"\nHeader set Access-Control-Allow-Methods \"GET, POST, OPTIONS\"\nAlias /static /opt/clevmetro-nfd/nfdclient\n\u003cDirectory \"/opt/clevmetro-nfd/nfdclient\"\u003e\n      Order allow,deny\n      Allow from all\n      Require all granted\n\u003c/Directory\u003e\n\nAlias /media /var/www/media\n\u003cDirectory \"/var/www/media\"\u003e\n      Order allow,deny\n      Allow from all\n      Require all granted\n\u003c/Directory\u003e\n\nAlias /nfdapi-static /var/www/clevmetronfd-static\n\u003cDirectory \"/var/www/clevmetronfd-static\"\u003e\n      Order allow,deny\n      Allow from all\n      Require all granted\n\u003c/Directory\u003e\n\nProxyPass /nfdapi http://localhost:3001/nfdapi\nProxyPassReverse /nfdapi http://localhost:3001/nfdapi\n```\n\nRedirect http to https (requires mod_rewrite to be enabled):\n\n```\n# /etc/apache2/sites-enabled/000-default.conf\n\u003cVirtualHost *:80\u003e\n\t# The ServerName directive sets the request scheme, hostname and port that\n\t# the server uses to identify itself. This is used when creating\n\t# redirection URLs. In the context of virtual hosts, the ServerName\n\t# specifies what hostname must appear in the request's Host: header to\n\t# match this virtual host. For the default virtual host (this file) this\n\t# value is not decisive as it is used as a last resort host regardless.\n\t# However, you must set it for any further virtual host explicitly.\n\t#ServerName www.example.com\n\n\tServerAdmin webmaster@localhost\n\tDocumentRoot /opt/clevmetro-nfd/nfdclient\n\n\tServerName dev.nfd.geo-solutions.it\n\tRedirect permanent / https://dev.nfd.geo-solutions.it/\n\n\t# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,\n\t# error, crit, alert, emerg.\n\t# It is also possible to configure the loglevel for particular\n\t# modules, e.g.\n\t#LogLevel info ssl:warn\n\n\tErrorLog ${APACHE_LOG_DIR}/error.log\n\tCustomLog ${APACHE_LOG_DIR}/access.log combined\n\n\t# For most configuration files from conf-available/, which are\n\t# enabled or disabled at a global level, it is possible to\n\t# include a line for only one particular virtual host. For example the\n\t# following line enables the CGI configuration for this host only\n\t# after it has been globally disabled with \"a2disconf\".\n\t#Include conf-available/serve-cgi-bin.conf\n\n\u003c/VirtualHost\u003e\n```\n\nConfigure SSL enpoint (requires a valid SSL certificate):\n\n```\n# /etc/apache2/sites-enabled/default-ssl.conf\n\u003cIfModule mod_ssl.c\u003e\n\t\u003cVirtualHost _default_:443\u003e\n\t\tServerAdmin webmaster@localhost\n\n\t\tDocumentRoot /opt/clevmetro-nfd/nfdclient\n\n\t\t# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,\n\t\t# error, crit, alert, emerg.\n\t\t# It is also possible to configure the loglevel for particular\n\t\t# modules, e.g.\n\t\t#LogLevel info ssl:warn\n\n\t\tErrorLog ${APACHE_LOG_DIR}/error.log\n\t\tCustomLog ${APACHE_LOG_DIR}/access.log combined\n\n\t\t# For most configuration files from conf-available/, which are\n\t\t# enabled or disabled at a global level, it is possible to\n\t\t# include a line for only one particular virtual host. For example the\n\t\t# following line enables the CGI configuration for this host only\n\t\t# after it has been globally disabled with \"a2disconf\".\n\t\t#Include conf-available/serve-cgi-bin.conf\n\n\t\t#   SSL Engine Switch:\n\t\t#   Enable/Disable SSL for this virtual host.\n\t\tSSLEngine on\n\n\t\t#   A self-signed (snakeoil) certificate can be created by installing\n\t\t#   the ssl-cert package. See\n\t\t#   /usr/share/doc/apache2/README.Debian.gz for more info.\n\t\t#   If both key and certificate are stored in the same file, only the\n\t\t#   SSLCertificateFile directive is needed.\n\t\tSSLCertificateFile\t/etc/letsencrypt/live/dev.nfd.geo-solutions.it/fullchain.pem\n\t\tSSLCertificateKeyFile /etc/letsencrypt/live/dev.nfd.geo-solutions.it/privkey.pem\n\n\t\t#   Server Certificate Chain:\n\t\t#   Point SSLCertificateChainFile at a file containing the\n\t\t#   concatenation of PEM encoded CA certificates which form the\n\t\t#   certificate chain for the server certificate. Alternatively\n\t\t#   the referenced file can be the same as SSLCertificateFile\n\t\t#   when the CA certificates are directly appended to the server\n\t\t#   certificate for convinience.\n\t\t#SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt\n\n\t\t#   Certificate Authority (CA):\n\t\t#   Set the CA certificate verification path where to find CA\n\t\t#   certificates for client authentication or alternatively one\n\t\t#   huge file containing all of them (file must be PEM encoded)\n\t\t#   Note: Inside SSLCACertificatePath you need hash symlinks\n\t\t#\t\t to point to the certificate files. Use the provided\n\t\t#\t\t Makefile to update the hash symlinks after changes.\n\t\t#SSLCACertificatePath /etc/ssl/certs/\n\t\t#SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt\n\n\t\t#   Certificate Revocation Lists (CRL):\n\t\t#   Set the CA revocation path where to find CA CRLs for client\n\t\t#   authentication or alternatively one huge file containing all\n\t\t#   of them (file must be PEM encoded)\n\t\t#   Note: Inside SSLCARevocationPath you need hash symlinks\n\t\t#\t\t to point to the certificate files. Use the provided\n\t\t#\t\t Makefile to update the hash symlinks after changes.\n\t\t#SSLCARevocationPath /etc/apache2/ssl.crl/\n\t\t#SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl\n\n\t\t#   Client Authentication (Type):\n\t\t#   Client certificate verification type and depth.  Types are\n\t\t#   none, optional, require and optional_no_ca.  Depth is a\n\t\t#   number which specifies how deeply to verify the certificate\n\t\t#   issuer chain before deciding the certificate is not valid.\n\t\t#SSLVerifyClient require\n\t\t#SSLVerifyDepth  10\n\n\t\t#   SSL Engine Options:\n\t\t#   Set various options for the SSL engine.\n\t\t#   o FakeBasicAuth:\n\t\t#\t Translate the client X.509 into a Basic Authorisation.  This means that\n\t\t#\t the standard Auth/DBMAuth methods can be used for access control.  The\n\t\t#\t user name is the `one line' version of the client's X.509 certificate.\n\t\t#\t Note that no password is obtained from the user. Every entry in the user\n\t\t#\t file needs this password: `xxj31ZMTZzkVA'.\n\t\t#   o ExportCertData:\n\t\t#\t This exports two additional environment variables: SSL_CLIENT_CERT and\n\t\t#\t SSL_SERVER_CERT. These contain the PEM-encoded certificates of the\n\t\t#\t server (always existing) and the client (only existing when client\n\t\t#\t authentication is used). This can be used to import the certificates\n\t\t#\t into CGI scripts.\n\t\t#   o StdEnvVars:\n\t\t#\t This exports the standard SSL/TLS related `SSL_*' environment variables.\n\t\t#\t Per default this exportation is switched off for performance reasons,\n\t\t#\t because the extraction step is an expensive operation and is usually\n\t\t#\t useless for serving static content. So one usually enables the\n\t\t#\t exportation for CGI and SSI requests only.\n\t\t#   o OptRenegotiate:\n\t\t#\t This enables optimized SSL connection renegotiation handling when SSL\n\t\t#\t directives are used in per-directory context.\n\t\t#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire\n\t\t\u003cFilesMatch \"\\.(cgi|shtml|phtml|php)$\"\u003e\n\t\t\t\tSSLOptions +StdEnvVars\n\t\t\u003c/FilesMatch\u003e\n\t\t\u003cDirectory /usr/lib/cgi-bin\u003e\n\t\t\t\tSSLOptions +StdEnvVars\n\t\t\u003c/Directory\u003e\n\n\t\t#   SSL Protocol Adjustments:\n\t\t#   The safe and default but still SSL/TLS standard compliant shutdown\n\t\t#   approach is that mod_ssl sends the close notify alert but doesn't wait for\n\t\t#   the close notify alert from client. When you need a different shutdown\n\t\t#   approach you can use one of the following variables:\n\t\t#   o ssl-unclean-shutdown:\n\t\t#\t This forces an unclean shutdown when the connection is closed, i.e. no\n\t\t#\t SSL close notify alert is send or allowed to received.  This violates\n\t\t#\t the SSL/TLS standard but is needed for some brain-dead browsers. Use\n\t\t#\t this when you receive I/O errors because of the standard approach where\n\t\t#\t mod_ssl sends the close notify alert.\n\t\t#   o ssl-accurate-shutdown:\n\t\t#\t This forces an accurate shutdown when the connection is closed, i.e. a\n\t\t#\t SSL close notify alert is send and mod_ssl waits for the close notify\n\t\t#\t alert of the client. This is 100% SSL/TLS standard compliant, but in\n\t\t#\t practice often causes hanging connections with brain-dead browsers. Use\n\t\t#\t this only for browsers where you know that their SSL implementation\n\t\t#\t works correctly.\n\t\t#   Notice: Most problems of broken clients are also related to the HTTP\n\t\t#   keep-alive facility, so you usually additionally want to disable\n\t\t#   keep-alive for those clients, too. Use variable \"nokeepalive\" for this.\n\t\t#   Similarly, one has to force some clients to use HTTP/1.0 to workaround\n\t\t#   their broken HTTP/1.1 implementation. Use variables \"downgrade-1.0\" and\n\t\t#   \"force-response-1.0\" for this.\n\t\t# BrowserMatch \"MSIE [2-6]\" \\\n\t\t#\t\tnokeepalive ssl-unclean-shutdown \\\n\t\t#\t\tdowngrade-1.0 force-response-1.0\n\nServerName dev.nfd.geo-solutions.it\n\t\u003c/VirtualHost\u003e\n\u003c/IfModule\u003e\n\n```\nImages are stored on /var/www/media/images. Ensure the folder exists and is writable by the www-data user.\n\nHave a look to the specific [nfdapi readme file](nfdapi/README.md) for\nadditional configuration steps (required for develoment and deployment\nenvs).\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgeosolutions-it%2Fclevmetro-nfd","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgeosolutions-it%2Fclevmetro-nfd","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgeosolutions-it%2Fclevmetro-nfd/lists"}