Operations/Minutes/2025-07-10

OpenStreetMap Foundation, Operations Meeting - Draft minutes

These minutes do not go through a formal acceptance process.
This is not strictly an Operations Working Group (OWG) meeting.

Thursday 10 July 2025, 19:00 London time
Location: Video room at https://osmvideo.cloud68.co

Participants

Minutes by Dorothea Kazazi, including some notes from Grant.

Tom to review the security announcement draft.** [Topic: Security announcement]
Minh to publish the security announcement today.** [Topic: Security announcement]

Topic proposed by Minh.

Grant spoke to Minh earlier in the week and they plan to publish an announcement, as the security update affects some people.

The reports makes it sound more serious than it really is.
Thanks to Sam Jose for reporting the security vulnerability. TOm mentioned him in the commit.
One of the downstream libraries needs to be updated.

Action items

OpenTofu now fully manages Fastly tile.openstreetmap.org config.
Balancing: There are a few balancing issues. Grant has some questions for Paul on how the North American balancing works: we are balancing everything evenly over the two servers, while Grant thinks we shouldn't, for performance,
Staging environment:
- We now have a staging environment.
- Staging deployments are by default, Grant will add option to override and deploy straight to production.
- If you override your DNS you can then point to the staging environment and then test anything you want and then remove your DNS override and it gives you those IP addresses when it does.

Postponed or follow up with Paul via IRC.

Some points have been redacted from the public minutes.

There is a repo for reporting and tracking sites which are using tile.openstreetmap.org tiles but without attributing OpenStreetMap: https://github.com/openstreetmap/tile-attribution

Suggestion: Include apps in that repo for public visibility of what we're blocking, as we now manage app blocks.

On blocking

OWG members are not the adjudicators of when things get blocked, as was initially proposed.
Blocking and communications are managed by a small team.

Current stats

On processing

The repository creates a CSV file of the current blocks, which is accessed by OpenTofu twice per day.
Seems to run reliably.

2025-06-12 Tom to look into plausibility of OSM.org Postgres upgrade: Tom will do a dry-run on a disconnected promoted slave to test upgrade. Secondary will need to be re-synced after the upgrade. Need to confirm the downstream affect on (planet-dump-ng). [Topic: OSM.org Postgres database]
2025-06-12 OPS to plan a maintenance window for the OSM.org Postgres database update. [Topic: OSM.org Postgres database]
2025-05-01 Grant to follow-up with Australian hosting again. [Topic: OSUOSL funding / issues]
2025-05-01 Grant to see if other University offers are still available and what hardware would be required. [Topic: OSUOSL funding / issues
2025-03-20 Grant to negotiate with HE.net if we can get better cost from them as a fallback link (which he had proposed), to allow budget spend elsewhere. [Topic: HE.net]
2025-03-20 Grant to run an SQL query to identify more email providers used by spammers. [Topic: Spam]
2025-03-06 Grant to present a draft budget at the next meeting.
2024-09-19 Grant to create an IP blocklist script. [Topic: Cloudflare keep enabled Reportage] - Discussion during 2024-07-25 OPS to make a reasonable evaluation whether to go with Cloudflare, Fastly or none.

Action items that have been stricken-through are completed, removed, or have been moved to GitHub tickets.