.. _integrator_backend_qgis: ========================================= Specific configuration for QGIS mapserver ========================================= Apache configuration ==================== In the file ``apache/mapserv.conf.mako``, do the following changes: .. code:: - ScriptAlias /mapserv /usr/lib/cgi-bin/mapserv + ScriptAlias /mapserv /usr/lib/cgi-bin/qgis_mapserv.fcgi - SetEnv MS_MAPFILE ${directory}/mapserver/mapserver.map + SetEnv QGIS_PROJECT_FILE ${directory}/qgisserver.qgs Cleanup ======= Remove the MapServer folder: .. prompt:: bash git rm mapserver QGIS Desktop configuration ========================== Create a tunnel on the database server ************************************** If you cannot connect directly to the database, you can create a tunnel to be able to connect: .. prompt:: bash ssh -L 5432:localhost:5432 If you run QGIS in Docker, you should bind to a specific IP: .. prompt:: bash IP=$(ip addr show dev $(route | grep default | awk '{print $(NF)}' | head -1) | awk '$1 ~ /^inet/ { sub("/.*", "", $2); print $2 }' | head -1) ssh -L ${IP}:5432:localhost:5432 Run the client with Docker ************************** In a Docker mode, QGIS is configured in the ``qgisserver/`` directory. To edit the configuration, run this target and open the ``/etc/project/project.qgs`` file: .. prompt:: bash make edit-qgis-project OWS configuration ***************** You should setup your OWS service in the QGIS project properties in the OWS tab. You should **check** *Service Capabilities* and **fill** *Online resource* to correctly generate the URLs in the capabilities. In the *WMS capabilities* section, you should take care to **uncheck** the checkbox *User layer ids as names*. If this checkbox is enabled, you will have unreliable layer names. In the *WMS capabilities* section, you should **check** the checkbox *Add geometry to feature response* in order to make the WMS GetFeatureInfo work correctly. In the *WFS capabilities* section, you should check the layers that need to be available in the WFS service. Also take care on the Update Insert delete column to make the layer available through the WFS transactional API. Finally, your QGIS project layers' CRS should all be in the same CSR. This is subject to change. Connect to Postgres database **************************** If you want to add PostGIS layers on the main DB, create/edit your ``$HOME/.pg_service.conf`` file and add a section for the DB you want to access: .. code:: [] host= # Localhost address of the Docker network interface (=> ${IP}) dbname= user= password= port=5432 `` can be: * If you use the tunnel with QGIS on your host: ``localhost``. * If you use the tunnel with QGIS on Docker: localhost address of the Docker network interface (=> `${IP}`, e.-g.: `172.17.0.1`). * If you know the host you should use, use it. Note that if you can connect directly to the database, you don't need this tunnel. Ask your database administrator for the correct parameters. You probably just need to change the host parameter. Then, in QGIS, fill only the ``name`` and ``service`` fields when you create the DB connection. In the project repository, you should have a ``qgisserver/pg_service.conf.tmpl`` file with a section looking like that: .. code:: [] host=${PGHOST} dbname=${PGDATABASE} user=${PGUSER} password=${PGPASSWORD} port=${PGPORT} If you do not use Docker, you also should add this in the Apache QGIS configuration: .. code:: SetEnv QGIS_PROJECT_FILE ${directory}/qgisserver.qgs + SetEnv PGSERVICEFILE ${directory}/pg_service.conf Do not forget to gracefully restart Apache. Extra PostGIS connexion *********************** If you need to add another database connection, add a new section in the ``$HOME/.pg_service.conf``. In the ``qgisserver/pg_service.conf.tmpl`` files, add a new section: .. code:: [] host=${EXTRA_PGHOST} dbname=${EXTRA_PGDATABASE} user=${EXTRA_PGUSER} password=${EXTRA_PGPASSWORD} port=${EXTRA_PGPORT} And in your ``vars.yaml`` file: .. code:: yaml vars: docker_services: qgisserver: environment: EXTRA_PGHOST: EXTRA_PGDATABASE: EXTRA_PGUSER: EXTRA_PGPASSWORD: EXTRA_PGPORT: With this configuration, the connection will be passed through the environment variables, so that you can change the database connection without rebuilding your application. OGC server ========== In the project file, you should set the online resource URL (Project/Properties.../QGIS Server/General information/Online resource) to ``https:////mapservproxy?ogcserver=``, e.-g. ``https://geomapfish-demo.camptocamp.com/mapservproxy?ogcserver=QGIS%20server``. To use the QGIS server in authenticated mode through the mapserv proxy, it is required to be in docker mode, and the configuration should be as follows: * Name: ````, e.-g. ``QGIS server`` * Base URL: ``http://qgisserver:8080/`` * WFS URL: empty * Server type: ``qgisserver`` * Image type: recommended to be ``image/png`` * Authentication type: ``Standard auth`` * WFS support: recommended to be ``[X]`` * Is single tile: recommended to be ``[ ]`` Access Restriction ****************** The access restriction is available only for Docker projects. We provide an Docker image named ``camptocamp/geomapfish-qgisserver`` with tag pattern: ``gmf: ogc_server: ```` should have exactly the same value as the ``MAP`` parameter in the ``Base URL`` value of the OGC server. Finally, you should provide the ``GEOMAPFISH_ACCESSCONTROL_CONFIG`` to point to a config file e.-g. ``/etc/qgisserver/accesscontrol_config.yaml``, and ``QGIS_PROJECT_FILE`` to be empty.