From 3914ff364e16b5ffc55c9b0a127f62b4cb6ae080 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Tue, 6 Jan 2026 18:21:04 -0500 Subject: [PATCH 1/5] Update osm-seed version - add max-changes for minute replication --- ohm/requirements.yaml | 2 +- values.staging.template.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ohm/requirements.yaml b/ohm/requirements.yaml index 6b759eaf..52bbcbb4 100644 --- a/ohm/requirements.yaml +++ b/ohm/requirements.yaml @@ -1,4 +1,4 @@ dependencies: - name: osm-seed - version: '0.1.0-0.dev.git.973.hb03b96b' + version: '0.1.0-0.dev.git.976.h81b6cdf' repository: https://devseed.com/osm-seed-chart/ diff --git a/values.staging.template.yaml b/values.staging.template.yaml index ff24930f..10e51784 100644 --- a/values.staging.template.yaml +++ b/values.staging.template.yaml @@ -330,13 +330,13 @@ osm-seed: # Variables for replication-job, Configuration to create the replication files by, minute, hour, or day # ==================================================================================================== replicationJob: - enabled: false + enabled: true priorityClass: medium-priority serviceAccount: enabled: true name: ohm-s3-bucket-access-staging env: - ENABLE_SEND_SLACK_MESSAGE: "true" + ENABLE_SEND_SLACK_MESSAGE: "false" SLACK_WEBHOOK_URL: {{OHM_SLACK_WEBHOOK_URL}} resources: enabled: false From 32091003a9c6ffe6237f890ec2f8c30146fb90c0 Mon Sep 17 00:00:00 2001 From: Eric Theise Date: Tue, 6 Jan 2026 17:10:31 -0800 Subject: [PATCH 2/5] Release overpass-turbo v2.1.9 --- .github/workflows/frontend-overpass.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frontend-overpass.yaml b/.github/workflows/frontend-overpass.yaml index 20cad412..ccb0aaca 100644 --- a/.github/workflows/frontend-overpass.yaml +++ b/.github/workflows/frontend-overpass.yaml @@ -44,7 +44,7 @@ jobs: uses: actions/checkout@v4 with: repository: OpenHistoricalMap/overpass-turbo - ref: be9b87d55699a00570c1d5fcc8d4323c2d0dd0e3 + ref: efdce1a1979e6c33de9fa459c1b1cf6934acab6a path: overpass-turbo - name: Enable Corepack From 090d99929b5a050ebf604106a7371dfc3c649f06 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Wed, 7 Jan 2026 10:53:36 -0500 Subject: [PATCH 3/5] Disable replication job - staging --- values.staging.template.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values.staging.template.yaml b/values.staging.template.yaml index 10e51784..727426e0 100644 --- a/values.staging.template.yaml +++ b/values.staging.template.yaml @@ -330,7 +330,7 @@ osm-seed: # Variables for replication-job, Configuration to create the replication files by, minute, hour, or day # ==================================================================================================== replicationJob: - enabled: true + enabled: false priorityClass: medium-priority serviceAccount: enabled: true From 7e6056e777b195af7d4d52d71a113e8795c638f7 Mon Sep 17 00:00:00 2001 From: Eric Theise Date: Thu, 8 Jan 2026 10:48:49 -0800 Subject: [PATCH 4/5] Ongoing translations: ohm-website --- images/web/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/images/web/Dockerfile b/images/web/Dockerfile index 4db93d6b..0b80cd3e 100644 --- a/images/web/Dockerfile +++ b/images/web/Dockerfile @@ -24,7 +24,7 @@ RUN apt-get update && \ && apt-get clean && rm -rf /var/lib/apt/lists/* # Download OHM Website using gitsha, faster than cloning -ENV OPENHISTORICALMAP_WEBSITE_GITSHA=b29601a3bdccb4e8667653a16251ec8e94d78544 +ENV OPENHISTORICALMAP_WEBSITE_GITSHA=c37a340e8fc31c0ae6670d0b8a5b9bab24c4236a ENV OHM_WEBSITE_URL=https://github.com/OpenHistoricalMap/ohm-website/archive/${OPENHISTORICALMAP_WEBSITE_GITSHA}.zip RUN rm -rf $workdir/* && curl -fsSL $OHM_WEBSITE_URL -o /tmp/ohm-website.zip && \ unzip /tmp/ohm-website.zip -d /tmp && \ From 813a5abc76e9eba17827e0c016c955ad3b919f49 Mon Sep 17 00:00:00 2001 From: Rub21 Date: Fri, 9 Jan 2026 18:41:26 -0500 Subject: [PATCH 5/5] Update traefik config to allow iframe for vtiles --- hetzner/traefik/traefik.yml | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/hetzner/traefik/traefik.yml b/hetzner/traefik/traefik.yml index 7e7a8312..e2536a24 100644 --- a/hetzner/traefik/traefik.yml +++ b/hetzner/traefik/traefik.yml @@ -37,6 +37,20 @@ http: # # Trust only known proxy headers (adjust based on your infrastructure) # hostsProxyHeaders: ["X-Forwarded-Host"] + secure-headers-allow-iframe: + headers: + # Allows iframe embedding (for comparison tools) + frameDeny: false + # Enables XSS protection in older browsers + browserXssFilter: true + # Prevents browsers from MIME-sniffing (forces declared Content-Type) + contentTypeNosniff: true + # Enforces HTTPS via HSTS + forceSTSHeader: true + stsSeconds: 31536000 # 1 year + stsIncludeSubdomains: true + stsPreload: true + redirect-nominatim: redirectRegex: regex: "^https://(nominatim(?:\\.staging)?\\.openhistoricalmap\\.org)/?$" @@ -53,7 +67,7 @@ http: tls: certResolver: letsencrypt middlewares: - - secure-headers + - secure-headers-allow-iframe tiler_cache-production-router: rule: Host(`tiler-cache.openhistoricalmap.org`) @@ -145,7 +159,7 @@ http: tls: certResolver: letsencrypt middlewares: - - secure-headers + - secure-headers-allow-iframe overpass-api-staging-router: rule: Host(`overpass-api.staging.openhistoricalmap.org`)