Technology¶
The CMS includes tools and functionalities aimed at supporting the NMHSs in their daily website management activities, in providing information and services to their users.
This section seeks to present the choice of technologies, development approach and present the packages that support the functionalities available on the CMS at a high level.
The developed CMS is open-source and hosted on GitHub at https://github.com/wmo-raf/nmhs-cms
Base CMS Framework¶
The website template is built on top of the open-source Wagtail Framework. Wagtail itself is built on of Django , which is a high-level Python web framework that encourages rapid development and clean, pragmatic design
The following was taken into consideration when picking Wagtail as the framework of choice:
Python as the programming language. The weather and climate domain requires a lot of interaction with scientific data. Python is one of the scripting languages that makes it easy to develop procedures for manipulating this kind of data. Developing a website using Python thus allows the flexibility of developing data-based functionalities
Easy to Use: One of the key features of Wagtail is its intuitive, user-friendly interface. This makes it easy for content editors to manage websites without having to learn the complexities and technicalities of the underlying framework.
Flexibility: Wagtail is flexible when it comes to creating and managing websites. It allows for quick development of highly customized websites with complex layouts, content, and features, based on what the content editors need.
Extensibility: Wagtail is designed to be easily extended with a wide variety of plugins, themes, components, and other features. This allows to add new features, customise the look and feel of their website, and extend the functionality of the CMS.
Security: Wagtail is designed with security in mind. It comes with Django’s built-in security features such as user authentication, input validation, and protection against common attack methods.
Scalability: Being based on Django, Wagtail is designed to be highly scalable, making it an ideal choice for websites with large amounts of content and users. It can handle large amounts of data without any performance issues, allowing developers to create websites that can grow as their user base increases.
Enterprise features out of the box: Wagtail includes user and group permissions, content and moderation workflows, reports, content editing history tracking, and other features that website administrators and teams need.
Experience of the development team: The current development team of the NMHSs CMS has extensive experience in developing Wagtail and Django based projects. This makes it quick to implement new features and functionality
Development Approach¶
We use the Django/Wagtail modular approach of developing “Django applications” to provide a set of features and functionality. A Django/Wagtail application is a Python package that provides some set of features. Applications may be reused in various projects.
Applications include some combination of Django models, views, templates, template tags, static files, URLS, middleware etc. These are then wired to the project with INSTALLED_APPS settings. An application thus, in this context, is a set of code that interacts with various parts of the framework.
The NMHS CMS is thus designed with a set of internal applications that provide functionality for different webpages of the functional website. These are organized under the pages directory of the CMS source code. Each sub directory of the pages corresponds to a section on the website that can allows to create one or more related pages of that section
More specialized functionality is developed as external Wagtail applications that can be plugged into the code project. These are then installed as Python packages published on the Python Package Index (PyPI) , which is a repository of software for the Python programming language.
Below is a list of currently developed external applications that add required functionality to the NMHSs CMS
More specialized functionality is developed as external Wagtail applications that can be plugged into the code project. These are then installed as Python packages published on the Python Package Index (PyPI) , which is a repository of software for the Python programming language.
Below is a list of currently developed external applications that add required functionality to the NMHSs CMS
Functionality Packages¶
CAP Composer: Common Alerting Protocol (CAP) composing and publishing tool that provides functionality to create and publish CAP formatted alerts.
Forecast Manager – Interface for managing NMHSs City Forecasts
GeoManager - Provides an interactive interface for managing and publishing Geo-referenced (GIS) datasets
Administrative Boundary Manager: Provides functionality to load, manage and visualize boundaries for a country
WebStories Editor - Provides functionality to create and publish Google Web Stories
Surveys Creator – Provides functionality to create and publish surveys directly in the CMS, visualization and analysis of the results using interactive graphics
Third party tools integration packages¶
Email Marketing¶
Mailchimp Integration: Integrate Mailchimp into Wagtail Projects
Mautic Integration: Integration of Mautic forms in Wagtail Projects.
Online Meetings¶
Zoom Integration: Integrate Zoom Events (meetings or webinars) registration to form pages created with Wagtail
User Interface Frameworks and Libraries¶
Templating - Django based templates
CSS Framework - Bulma
JavaScript Library - JQuery
Web Mapping Library - MapLibre GL JS
SVG Icon Sources - Font Awesome , Ocha Humanitarian Icons
Developing new functionality¶
A modular approach is used when developing new functionality to be included in the CMS. The new functionality should be developed in isolation as a Wagtail Python package and published on PyPi for installation using Pip.
We follow the following steps in general:
Explore existing packages in the Wagtail/Django community that provide similar functionality.
If an existing package exists and cannot be directly integrated into the CMS, we try to customize as much as we can on top of this package, to make it interoperable. Otherwise, we use it directly
If we cannot find existing packages, then we develop the package from scratch. The idea is to avoid reinvention of the wheel where possible.
Production Deployment¶
Docker is used to containerize the different components of the CMS.
Other containers used include
PostgreSQL with PostGIS extension as the database
Nginx as the webserver and web proxy
Memcached as the caching system for web requests
Eclipse Mosquitto as the MQTT message broker. Mainly used for CAP alerts messaging
These are put into a docker compose configuration file, used to deploy the project using Docker Compose.
An initialization repository is provided that brings together all the different components into one project. This can be accessed at https://github.com/wmo-raf/nmhs-cms-init . An installation guide is provided in the README file of the repository.
Managing Updates¶
New releases with bug fixes and feature updates are periodically published on the nmhs-cms repository releases.
When there is a new release, The CMS Admin interface will show a message indicating that there is a new release. The Website administrator can then choose to upgrade to the new version, after going through the release notes that accompany every release.
The upgrade is through a click of a button, that triggers a docker build process with the new versions. Once the new version is built successfully, the container is restarted with the new version effected.
In rare cases where the automatic build trigger fails, the system admins are trained to manually perform the upgrade
Security in Django/Wagtail¶
The CMS, by using Django/Wagtail, out of the box contains the following security features inbuilt. More details on each feature can be found at https://docs.djangoproject.com/en/5.0/topics/security
Cross site scripting (XSS) protection
Cross site request forgery (CSRF) protection
SQL Injection protection
Clickjacking protection
SSL\HTTPS protection settings
Host header validation
Referrer Policy Protection
Cross-origin opener policy
Session Security
User-uploaded content protection
CMS Specific security features:¶
Ability to change admin url periodically
Daily backup mechanisms
Brute force login preventions