REST API for OSM Notes Analytics and Ingestion. Unified programmatic access to user profiles, country analytics, advanced search capabilities, rankings, comparisons, and real-time metrics. Extends OSM API 0.6 with specialized analytics features.
OSM Notes API provides programmatic access to OpenStreetMap notes analytics data, including:
- User Profiles: Detailed statistics of contributors
- Country Analytics: Aggregated metrics by country
- Advanced Search: Complex filters and dynamic queries
- Rankings: User and country classifications
- Comparisons: Comparative analysis between entities
- Trends: Temporal data analysis
- Notes and Comments: Access to OSM notes and their comments
This API is COMPLEMENTARY to the static JSON system, NOT a replacement.
- β JSON system maintained: The Viewer and other consumers continue using static JSON files
- β API is additional: For use cases requiring dynamic queries or integrations
- β Both coexist: Each system is used according to the specific use case
- Node.js >= 18.0.0
- npm >= 9.0.0
- PostgreSQL 15+ (with access to
osm_notes_dwh) - Redis 7+ (optional but recommended)
# Clone repository
git clone https://github.com/OSM-Notes/OSM-Notes-API.git
cd OSM-Notes-API
# Install dependencies
npm install
# Configure environment variables
cp .env.example .env
# Edit .env with your configurations
# Build TypeScript
npm run build
# Load mock data (optional, for testing)
# Requires OSM-Notes-Ingestion repository cloned
./scripts/load_mock_data.sh
# Start application
npm start# Start services
docker compose -f docker/docker-compose.yml up -d
# View logs
docker compose -f docker/docker-compose.yml logs -f apiSee docs/INSTALLATION.md for detailed instructions.
Health Check:
curl -H "User-Agent: MyApp/1.0 (contact@example.com)" \
http://localhost:3000/healthGet a Note:
curl -H "User-Agent: MyApp/1.0 (contact@example.com)" \
http://localhost:3000/api/v1/notes/12345Search Notes:
curl -H "User-Agent: MyApp/1.0 (contact@example.com)" \
"http://localhost:3000/api/v1/notes?status=open&country=42&limit=10"Get User Profile:
curl -H "User-Agent: MyApp/1.0 (contact@example.com)" \
http://localhost:3000/api/v1/users/12345Get Country Profile:
curl -H "User-Agent: MyApp/1.0 (contact@example.com)" \
http://localhost:3000/api/v1/countries/42Get Global Analytics:
curl -H "User-Agent: MyApp/1.0 (contact@example.com)" \
http://localhost:3000/api/v1/analytics/globalInteractive API Documentation:
- Swagger UI:
http://localhost:3000/docs - OpenAPI JSON:
http://localhost:3000/docs/json
See docs/USAGE.md for complete usage guide.
- Installation - Complete installation guide
- Usage - API usage manual with examples
- API Reference - Complete API reference documentation
- API Reference (OpenAPI) - OpenAPI/Swagger documentation
- Deployment Guide - Production deployment instructions
- Production Deployment (192.168.0.7) - Specific guide for production server
- Operations Runbook - Operational procedures and runbook
- Troubleshooting - Common issues and solutions
- CI/CD Guide - Continuous Integration and Deployment
- Performance Guide - Performance optimization and benchmarking
- SLA/SLOs - Service Level Agreements and Objectives
- Monitoring Guide - Prometheus and Grafana setup
- Disaster Recovery - Disaster recovery procedures
- Backup Strategy - Backup and restore procedures
- Capacity Planning - Capacity planning guide
- Terms of Service - API terms of service
- Privacy Policy - Privacy policy (GDPR compliant)
- Database Schema - Database schema and data requirements
- Database User Setup - Create read-only database user
- Redis Setup (Optional) - Redis configuration (optional but recommended)
- Redis Troubleshooting - Fix Redis connection issues
- Testing Guide - Testing documentation
- Security Testing - OWASP ZAP security testing guide
- Development Guide - Development guidelines
- Contributing - Contributor guide
- Architecture Decision Records - ADRs documenting technical decisions
- Changelog - Change history
- API Versioning - API versioning strategy
OSM-Notes-API/
βββ src/ # Source code
β βββ config/ # Configuration
β βββ routes/ # API routes
β βββ controllers/ # Controllers
β βββ services/ # Business logic
β βββ middleware/ # Custom middleware
β βββ utils/ # Utilities
β βββ types/ # TypeScript types
βββ tests/ # Tests
β βββ unit/ # Unit tests
β βββ integration/ # Integration tests
β βββ load/ # Load tests
βββ docs/ # Documentation
β βββ INSTALLATION.md # Installation manual
β βββ USAGE.md # Usage manual
β βββ api/ # OpenAPI documentation
βββ docker/ # Docker configuration
βββ package.json # Dependencies and scripts
npm run build # Build TypeScript
npm start # Run compiled application
npm run dev # Development with hot reload
npm run type-check # Verify TypeScript typesnpm test # Run all tests
npm run test:unit # Unit tests only
npm run test:integration # Integration tests only
npm run test:coverage # Tests with coverage report
npm run test:watch # Run tests in watch mode
npm run test:light # Run unit tests with 1 worker (for performance)
npm run test:integration:single # Run integration tests sequentiallynpm run lint # Run ESLint
npm run lint:fix # Fix ESLint errors automatically
npm run format # Format code with Prettier
npm run format:check # Check code formatting# Run performance benchmarks
./scripts/run_benchmarks.sh
# Create database indexes
psql -h $DB_HOST -U $DB_USER -d $DB_NAME -f scripts/create_indexes.sql
# Analyze query performance
psql -h $DB_HOST -U $DB_USER -d $DB_NAME -f scripts/analyze_queries.sql# Install k6 first (see tests/load/README.md)
k6 run tests/load/users.js
k6 run tests/load/notes.js
k6 run tests/load/analytics.js
k6 run tests/load/all-endpoints.js- User-Agent required: All requests must include a valid User-Agent with format
AppName/Version (Contact) - Rate Limiting: 50 requests/15min for anonymous users, 1000 req/hour for authenticated
- Anti-abuse protection: Automatic blocking of known AIs and bots without OAuth
- Security headers: Helmet.js configured with security best practices
- Input validation: All inputs validated with Joi schemas
- Optional OAuth: Available for advanced features (Phase 5)
See docs/USAGE.md and docs/security/ for more security details.
- Prometheus Metrics: Available at
/metricsendpoint - Grafana Dashboards: Pre-configured dashboards for:
- Request rate and latency (P50, P95, P99)
- Error rates by endpoint
- Rate limiting events
- User-Agent statistics
- Health Checks:
/healthendpoint with database and Redis status - Structured Logging: JSON logs with Winston
- Alerting: Prometheus alerts configured for:
- High error rates
- High latency
- Frequent rate limiting
- Service downtime
See docs/MONITORING.md for monitoring setup.
- Response Times:
- Simple endpoints (datamarts): P95 < 500ms
- Complex analytics: P95 < 2000ms
- Caching: Redis-based response caching with configurable TTL
- Database Optimization:
- Indexes created via
scripts/create_indexes.sql - Query analysis via
scripts/analyze_queries.sql
- Indexes created via
- Benchmarks: Performance benchmarks script available (
scripts/run_benchmarks.sh)
See docs/PERFORMANCE.md for performance optimization guide.
Version: 0.1.0 (Production Ready - Phases 1-4 Complete)
Test Coverage: 87.54% statements, 93.93% branches, 87.56% functions
- β 224+ tests passing (100% pass rate)
- β 25+ test suites passing
- β Unit tests: 100% pass rate
- β Integration tests: 100% pass rate
- β CI/CD pipeline configured with GitHub Actions
- β Load testing scripts (k6) available
Implementation Phases:
-
β Phase 1: MVP (Core endpoints, basic features, documentation)
- β Notes endpoints (get, search, comments)
- β User profiles endpoint
- β Country profiles endpoint
- β Global analytics endpoint
- β User-Agent validation
- β Rate limiting
- β Anti-abuse protection
- β OpenAPI/Swagger documentation
- β Comprehensive integration tests
- β Test database configuration
-
β Phase 2: Basic Features (Rankings, search, caching)
- β User and country rankings
- β Basic search functionality
- β Pagination support
- β Redis caching implementation
- β Prometheus metrics
-
β Phase 3: Advanced Features (Advanced search, monitoring)
- β Advanced search with multiple filters
- β Hashtags endpoints
- β Analytics comparisons
- β Trends analysis
- β Grafana dashboards
- β Prometheus alerts
- β Load testing scripts (k6)
-
β Phase 4: Production (Documentation, operations, compliance)
- β CI/CD pipeline configured
- β Complete documentation (installation, usage, API reference)
- β Operations runbook
- β Disaster recovery plan
- β Backup strategy
- β Capacity planning
- β SLA/SLOs defined
- β Legal documentation (Terms of Service, Privacy Policy)
- β Performance benchmarks
- β Performance optimization scripts
-
β³ Phase 5: Webhooks and Notifications (Future - if needed)
- β³ Webhook system
- β³ Event subscriptions
- β³ OAuth integration
Contributions are welcome. Please read CONTRIBUTING.md for details on our code of conduct and pull request process.
This project is licensed under the MIT License - see LICENSE for details.
For questions or support, please open an issue on GitHub.
Note: This project is part of the OSM Notes ecosystem and is designed to work together with the other projects in the ecosystem.