HAME regional land use planning database and QGIS project compatible with national Ryhti data model - Ryhti-yhteensopiva tietokanta ja QGIS-projekti maakuntakaavoitukseen.
The database and functions can be run on AWS (Amazon Web Services) cloud platform.
HAME-Ryhti consists of
- a PostGIS database,
- various AWS Lambda functions to manage the database and import or export planning data,
- X-Road security server sidecar container to connect to Ryhti through Finnish X-Road, and
- QGIS project to connect to the database and create regional land use plans.
To manage Hame-Ryhti AWS resources, check the infra README in the infra directory.
To look closer at our data model, check the autogenerated data model documentation in the dbdoc directory.
- Python 3.12
- Docker (Install Docker based on your platform's instructions.)
- Create a Python virtual environment and activate it.
pip install pip-tools
pip-sync requirements.txt requirements-dev.txt
pre-commit install
- Copy
.env.dev
to.env
. This file contains example environment variables used in development.
If you also want to test Ryhti API client, you have to
- Register to SYKE API portal and subscribe to their Ryhti product. Your subscription details will contain your Ryhti API key.
- Insert your Ryhti API key at SYKE_APIKEY line in
.env
file. Do not modify.env.dev
, it is committed in github and should only contain public example data, not your actual api key.
- Run tests with
make pytest
. (If you have not specified a Ryhti API key, sometest_services
will fail, because some Ryhti client tests try out calling the SYKE Ryhti API.) - Build and start the development containers with
docker-compose -f docker-compose.dev.yml up -d
(ormake rebuild
). - Fill the database with current data model by
make test-create-db
. - Populate national code tables from koodistot.suomi.fi by
make test-koodistot
. - Edit the lambda functions under database, run tests and rebuild again.
If test using pytest-docker get stuck, you can remove the dangling containers with:
docker ps --format '{{.Names}}' |grep pytest | awk '{print $1}' | xargs -I {} docker stop {}
docker ps --format '{{.Names}}' |grep pytest | awk '{print $1}' | xargs -I {} docker rm {}
docker network ls --format {{.Name}} |grep pytest | awk '{print $1}' | xargs -I {} docker network rm {}
- Database is defined using SQLAlchemy, so familiarize yourself with SQLAlchemy declarative style.
- Database is divided into two schemas:
codes
contains all the Ryhti specific national code lists, whilehame
contains all the data tables (plans, plan objects, plan regulations etc.). - If you want to change all tables in a schema (i.e. edit all the code tables, or add a field to all the data tables), the abstract base classes are in base.py.
- If you only want to change/add one code table or one data table, please edit/add the right table in codes.py or models.py.
- To get the changes tested and usable in your functions, create a new database revision with
make revision name="describe_your_changes"
, e.g.make revision name="add_plan_object_table"
. This creates a new random id (uuid
) for your migration, and a revision fileYYYY-MM-DD-HHMM-uuid-add_plan_object_table
in the alembic versions dir. Please check that the autogenerated revision file seems to do approximately sensible things.- Specifically, when adding geometry fields, please note GeoAlchemy2 bug with Alembic, which means you will have to manually remove
op.create_index
andop.drop_index
in the revision file. This is because GeoAlchemy2 already automatically creates geometry index whenever adding a geometry column.
- Specifically, when adding geometry fields, please note GeoAlchemy2 bug with Alembic, which means you will have to manually remove
- Run tests with
make pytest
to check that the revision file runs correctly. At minimum, you may have to change the tested table counts (codes_count and hame_count) in database test setup to reflect the correct number of tables in the database. - Run
make rebuild
andmake test-create-db
to start development instance with the new model.
- Commit your changes and the new revision file in alembic versions dir.
To add new requirements:
- Add the Python library in requirements.in (if used in production) or requirements-dev.in (if used in development/CI/CD).
pip-compile requirements.in
orpip-compile requirements-dev.in
pip-sync requirements.txt requirements-dev.txt
To update requirements to latest versions:
pip-compile requirements.in --upgrade
andpip-compile requirements-dev.in --upgrade
pip-sync requirements.txt requirements-dev.txt
Connecting to the database is done with the secure shell protocol (SSH). To be able to connect to the database, you will have to
- Create a SSH key pair on your computer (this has to be done only once)
- Have db admin add the public key to the server (this has to be done only once)
- Open a SSH tunnel on your computer (this has to be done each time)
Detailed instructions to these steps are provided below.
Generation of the key pair can be done, for example, with a program called ssh-keygen (available on Windows 10 and 11, Linux and Mac OS):
- Open a command prompt (for example, open start menu and type 'cmd' and hit enter)
- Type in the command prompt
ssh-keygen -t ed25519
and press enter. This will generate a key pair (using ed25519 algorithm). Here you could also spesify the name of the key file and passphrase to protect the key (see Fig.). If you accept the defaults, just press enter.
By default the key pair is saved to <your home folder>/.ssh/
: it contains your public key (id25519.pub), a text file which
you have to provide to the database administrator, and the private key in file id25519
(without the .pub suffix) which you MUST KEEP PRIVATE AND NOT SHARE IT WITH ANYONE!
Once the administrator has added your public key to the server, you can connect to the database using ssh:
- On Windows, the easiest way to open the SSH tunnel to the server is by using a batch script named
create_tunnel.bat
found here in this repository. Save the file to your computer in a convenient location. After this you can open the tunnel by executing this script by double clicking the file. On Linux/Mac OS (or if you want to use a command prompt), just copy-paste the command
ssh -N -L 5433:hame-devdb.ctcspesmxrh1.eu-central-1.rds.amazonaws.com:5432 -i "~/.ssh/id_ed25519" ec2-tunnel@hame-dev.bastion.gispocoding.fi
- Enter the passphrase for the key (if set) and hit enter. If no error messages appear, the tunnel is connected. Do not close the command prompt window, otherwise the SSH tunnel is disconnected.
- Now you can connect to the database using
localhost
as the host and5433
as the port. The details how to do this with different software are given in the following sections. - Additional tips: the connection can automatically terminate, for example, due to server rebooting or network issues (this is usually accompanied by a message, such as
client_loop: send disconnect: Connection reset
). If this happens, simply double click the file again to reopen the tunnel. In case you want to close an open SSH tunnel, pressCtrl+C
and answer the confirmation by pressingY
.
The data is read from a PostgreSQL service named postgres
with a QGIS authentication which id is ryhtirw
. Here is a way to set up database connection in QGIS:
- Create a PostgreSQL service file for each environment (at the moment, there is only development environment). The file can be created, for example, with a text editor. Add the following with correct values for each environment:
[postgres]
host=localhost
port=5433
dbname=hame-dev
Save the file to some folder, an example location could be <your home folder>/hameconfig/
. Name the saved file for example pg_service_hame_dev.conf
(yes, the suffix '.conf' is part of the file name). Do not save this file as a text file (with a suffix .txt), but instead choose 'All types' from the 'Save as type' dropdown menu.
NOTE: the Postgres service file for the dev environment is also included in in this repository under the docs folder, so alternatively you can copy the file from the into a convenient location on your computer.
- Create a QGIS-profile for each environment. Name the profile for example
ryhti-hame-dev
. A new QGIS window will open to this profile, use that in the following.
- In QGIS settings add a
PGSERVICEFILE
environment variable and fill the file path of corresponding service file as a value.
-
Restart QGIS to make the environment variable to take effect.
-
Create a authentication key to QGIS which ID is
ryhtirw
.
NOTE: you may be prompted for setting a master password in QGIS, if not set earlier. If so, set master password and make sure to save it to a secure place for yourself. The master password is used to manage and access the saved authentication configurations in QGIS (for more information, see the QGIS Documentation).
Now you can proceed with the database authentication details. As in step 3, open Settings > Options
in QGIS and choose Authentication
on the left panel. Click the green plus sign to add a new authentication configuration and fill in details as in the following image. It is important to use the authentication Id ryhtirw
and database username and password here.
- Create a new PostgreSQL connection
Add the necessary parameters as follows. You can also test the connection at this point and when done, press OK.