spothole

Spothole is a utility to aggregate "spots" from amateur radio DX clusters and xOTA spotting sites, and provide an open JSON API as well as a website to browse the data.

While there are several other web-based interfaces to DX clusters, and sites that aggregate spots from various outdoor activity programmes for amateur radio, Spothole differentiates itself by supporting a large number of data sources, and by being "API first" rather than just providing a web front-end. This allows other software to be built on top of it.

The API is deliberately well-defined with an OpenAPI specification and auto-generated API documentation. The API delivers spots in a consistent format regardless of the data source, freeing developers from needing to know how each individual data source presents its data.

Spothole itself is also open source, Public Domain licenced code that anyone can take and modify.

Supported data sources include DX Clusters, the Reverse Beacon Network (RBN), the APRS Internet Service (APRS-IS), POTA, SOTA, WWFF, GMA, WWBOTA, HEMA, Parks 'n' Peaks, ZLOTA, WOTA, BOTA, the UK Packet Repeater Network, NG3K, and any site based on the xOTA software by nischu.

Accessing the public version

You can access the public version's web interface at https://spothole.app, and see https://spothole.app/apidocs for the API details.

This is a Progressive Web App, so you can also "install" it to your Android or iOS device by accessing it in Chrome or Safari respectively, and following the menu-driven process for installing PWAs.

Embedding Spothole in another website

You can embed Spothole in another website, e.g. for use as part of a ham radio custom dashboard.

URL parameters can be used to trigger an "embedded" mode which hides the headers, footers and settings. In this mode, you provide configuration for the various filter and display options via additional URL parameters. Any settings that the user has set for Spothole are ignored. This is so that the embedding site can select, for example, their choice of dark mode or SIG filters, which will not impact how Spothole appears when the user accesses it directly. Effectively, it becomes separate to their normal Spothole settings.

Setting embedded to true is important for the rest of the settings to be applied; otherwise, the user's defaults will be used in preference to the URL params.

These are supplied with the URL to the page you want to embed, for example for an embedded version of the band map in dark mode, use https://spothole.com/bands?embedded=true&dark-mode=true. For an embedded version of the main spots/home page in the system light/dark mode, use https://spothole.com/?embedded=true. For dark mode showing 70cm TOTA spots only, use https://spothole.com/?embedded=true&dark-mode=true&filter-sigs=TOTA&filter-bands=70cm. Providing no URL params causes the page to be loaded in the normal way it would when accessed directly in the user's browser.

The supported parameters are as follows. Generally these match the equivalent parameters in the real Spothole API, where a mapping exists.

Name	Allowed Values	Default	Example	Description
`embedded`	`true`, `false`	`false`	`?embedded=true`	Enables embedded mode.
`dark-mode`	`true`, `false`	`false`	`?dark-mode=true`	Enables dark mode.
`time-zone`	`UTC`, `local`	`UTC`	`?time-zone=local`	Sets times to be in UTC or local time.
`limit`	10, 25, 50, 100	50	`?limit=50`	Sets the number of spots that will be displayed on the main spots page
`limit`	25, 50, 100, 200, 500	100	`?limit=100`	Sets the number of alerts that will be displayed on the alerts page
`max_age`	300, 600, 1800, 3600	1800	`?max_age=1800`	Sets the maximum age of spots displayed on the map and bands pages, in seconds.
`band`	Comma-separated list	(all)	`?band=20m,40m`	Sets the list of bands that will be shown on the spots, bands and map pages. Available options match the labels of the buttons in the standard web interface.
`sig`	Comma-separated list	(all)	`?sig=POTA,SOTA,NO_SIG`	Sets the list of SIGs that will be shown on the spots, bands and map pages. Available options match the labels of the buttons in the standard web interface.
`source`	Comma-separated list	(all)	`?source=Cluster`	Sets the list of sources that will be shown on any spot or alert pages. Available options match the labels of the buttons in the standard web interface.
`mode_type`	Comma-separated list	(all)	`?mode_type=PHONE,CW`	Sets the list of mode types that will be shown on the spots, bands and map pages. Available options match the labels of the buttons in the standard web interface.
`dx_continent`	Comma-separated list	(all)	`?dx_continent=NA,SA`	Sets the list of DX Continents that will be shown on any spot or alert pages. Available options match the labels of the buttons in the standard web interface.
`de_continent`	Comma-separated list	(all)	`?de_continent=EU`	Sets the list of DE Continents that will be shown on the spots, bands and map pages. Available options match the labels of the buttons in the standard web interface.

More will be added soon to allow customisation of filters and other display properties.

Writing your own client

One of the key strengths of Spothole is that the API is well-defined and open to anyone to use. This means you can build your own software that uses data from Spothole.

Various approaches exist to writing your own client, but in general:

Refer to the API docs. These are built on an OpenAPI definition file (/webassets/apidocs/openapi.yml), which you can automatically use to generate a client skeleton using various software.
Call the main "spots" or "alerts" API endpoints to get the data you want. Apply filters if necessary.
Call the "options" API to get an idea of which bands, modes etc. the server knows about. You might want to do that first before calling the spots/alerts APIs, to allow you to populate your filters correctly.
Refer to the provided HTML/JS interface for a reference
Let me know if you get stuck, I'm happy to help!

Running your own copy

If you want to run a copy of Spothole with different configuration settings than the main instance, you can download it and run it on your own local machine or server.

To download and set up Spothole on a Debian server, run the following commands. Other operating systems will likely be similar.

git clone ssh://git@git.ianrenton.com/ian/spothole.git
cd spothole
python3 -m venv ./.venv
source .venv/bin/activate
pip install -r requirements.txt
deactivate
cp config-example.yml config.yml

Then edit config.yml in your text editor of choice to set up the software as you like it. Mostly, this will involve enabling or disabling the various providers of spot and alert data.

config.yml has some entries for QRZ.com username & password, and Clublog API keys. If provided, these allow Spothole to retrieve more information about DX spots, such as the country their callsign corresponds to. The software will work just fine without them, but you may find a few country flags etc. are less accurate or missing.

Clublog API keys are free, but you'll need to get your own by submitting a helpdesk ticket and explaining what you'll use it for. The admin team are happy with the rate of requests made by my Spothole server, so unless you change the source code of yours to radically increase the rate of querying Clublog, I'm sure they will be fine with your server too.

Free QRZ.com accounts offer only limited access to the site's data via their API. You'll have to sign up for one of their "XML Data Subscriber" plans to gain access to the full data, but if you're on a free account then the software will get what information it can.

Once you're happy with the content of config.yml, you can proceed to running the software.

To run the software this time and any future times you want to run it directly from the command line:

source .venv/bin/activate
python3 spothole.py

The software can take a few seconds to start up, mostly because it is downloading an updated file to match callsigns to countries. This is normal, don't panic!

If you see some errors on startup, check your configuration, e.g. in case you have specified a port for the web server that is already in use by something else.

systemd configuration

If you want Spothole to run automatically on startup on a Linux distribution that uses systemd, follow the instructions here. For distros that don't use systemd, or Windows/OSX/etc., you can find generic instructions for your OS online.

Create a file at /etc/systemd/system/spothole.service. Give it the following content, adjusting for the user you want to run it as and the directory in which you have installed it:

[Unit]
Description=Spothole
After=syslog.target network.target

[Service]
Type=simple
User=spothole
WorkingDirectory=/home/spothole/spothole
ExecStart=/home/spothole/spothole/.venv/bin/python /home/spothole/spothole/spothole.py --serve-in-foreground
Restart=on-abort

[Install]
WantedBy=multi-user.target

Run the following:

sudo systemctl daemon-reload
sudo systemctl enable spothole
sudo systemctl start spothole

Check the service has started up correctly with sudo journalctl -u spothole -f.

nginx Reverse Proxy configuration

Web servers generally serve their pages from port 80. However, it's best not to serve Spothole's web interface directly on port 80, as that requires root privileges on a Linux system. It also and prevents us using HTTPS to serve a secure site, since Spothole itself doesn't directly support acting as an HTTPS server. The normal solution to this is to use a "reverse proxy" setup, where a general web server handles HTTP and HTTP requests (to port 80 & 443 respectively), then passes on the request to the back-end application (in this case Spothole). nginx is a common choice for this general web server.

To set up nginx as a reverse proxy that sits in front of Spothole, first ensure it's installed e.g. sudo apt install nginx, and enabled e.g. sudo systemd enable nginx.

Create a file at /etc/nginx/sites-available/ called spothole. Give it the following contents, replacing spothole.app with the domain name on which you want to run Spothole. If you changed the port on which Spothole runs, update that on the "proxy_pass" line too.

map $request_uri $xssorigin {
    ~^/api   *;
}

server {
    server_name spothole.app;

    # Wellknown area for Lets Encrypt
    location /.well-known/ {
        alias /var/www/html/.well-known/;
    }
    
    location / {
        add_header Access-Control-Allow-Origin $xssorigin;
        proxy_pass http://127.0.0.1:8080;
    }
}

One further change you might want to make to the file above is the add_header Access-Control-Allow-Origin statement. This is what's used on my own Spothole server to make sure that other third-party web-based software can get the data from my instance, and applies to any endpoint underneath /api. If you want your Spothole instance to be set up the same way, so that others can write software in JavaScript that can access it, leave this intact. But if you want your Spothole instance to only be usable by scripts running on the web server you write, you can remove this block. (Note that this doesn't stop other people writing non-web-based software that accesses your Spothole API—the enforcement of cross-origin headers only happens within the user's browser. If you need to lock your instance down so that no-one else can access it with any software, that's an aspect of nginx config that you will need to find help with elsewhere.)

Now, make a symbolic link to enable the site:

cd /etc/nginx/sites-enabled
sudo ln -sf ../sites-available/spothole

Test that your nginx config isn't broken using nginx -t. If it works, restart nginx with sudo systemctl restart nginx.

If you haven't already done so, set up a DNS entry to make sure requests for your domain name end up at the server that's running Spothole.

You should now be able to access the web interface by going to the domain from your browser.

Once that's working, install certbot onto your server. Run it as root, and when prompted pick your domain name from the list. After a few seconds, it should successfully provision a certificate and modify your nginx config files automatically. You should then be able to access the site via HTTPS.

Modifying the source code

Spothole is Public Domain licenced, so you can grab the source code and start modifying it for your own needs. Contributions of code back to the main repository are encouraged, but completely optional.

Code structure

To navigate your way around the source code, this list may help.

Python back-end code

/core - Core classes and scripts
/data - Data storage classes
/spotproviders - Classes providing spots by accessing the APIs of other services
/alertproviders - Classes providing alerts by accessing the APIs of other services
/server - Classes for running Spothole's own web server

Templates

/views - Templates used for constructing Spothole's user-targeted HTML pages

HTML/JS/CSS front-end code

/webassets - Root for static files served by the web server
/webassets/apidocs - Contains the OpenAPI spec (openapi.yml)
/webassets/css - CSS files used by the web front-end
/webassets/fa - a copy of the FontAwesome library
/webassets/img - image files used by the web front-end
/webassets/js - JavaScript used by the web front-end

Miscellaneous

/ - Main script (spothole.py), pip requirements.txt, config, README, etc.
/images - Image sources
/cache - Directory where static-ish data downloaded from the internet is cached to avoid rapid re-requests, and where spot/alert data is cached so that it survives a software restart. Created on first run.

Extending the server

Spothole is designed to be easily extensible. If you want to write your own spot provider, for example, simply add a module to the spotproviders package containing your class. (Currently, in order to be loaded correctly, the module (file) name should be the same as the class name, but lower case.)

Your class should extend "SpotProvider"; if it operates by polling an HTTP Server on a timer, it can instead extend "HTTPSpotProvider" where some of the work is done for you.

The class will need to implement a constructor that takes in the provider_config and provides it to the superclass constructor, while also taking any other config parameters it needs.

If you're extending the base SpotProvider class, you will need to implement start() and stop() methods that start and stop a separate thread which handles the provider's processing needs. The thread should call submit() or submit_batch() when it has one or more spots to report.

If you're extending the HTTPSpotProvider class, you will need to provide a URI to query and an interval to the superclass constructor. You'll then need to implement the http_response_to_spots() method which is called when new data is retrieved. Your implementation should then call submit() or submit_batch() when it has one or more spots to report.

When constructing spots, use the comments in the Spot class and the existing implementations as an example. All parameters are optional, but you will at least want to provide a time (which must be timezone-aware) and a dx_call.

Finally, simply add the appropriate config to the spot_providers section of config.yml, and your provider should be instantiated on startup.

The same approach as above is also used for alert providers.

Thanks

As well as being my work, I have also gratefully received feature patches from Steven, M1SDH.

The project contains a self-hosted copy of Font Awesome's free library, in the /webassets/fa/ directory. This is subject to Font Awesome's licence and is not covered by the overall licence declared in the LICENSE file. This approach was taken in preference to using their hosted kits due to the popularity of this project exceeding the page view limit for their free hosted offering.

The project contains a set of flag icons generated using the "Noto Color Emoji" font on a Debian system, in the /webassets/img/flags/ directory.

The software uses a number of Python libraries as listed in requirements.txt, and a number of JavaScript libraries such as jQuery, Leaflet and Bootstrap. This project would not have been possible without these libraries, so many thanks to their developers.

Particular thanks go to country-files.com for providing country lookup data for amateur radio, to K0SWE for this JSON-formatted DXCC data, and to the developers of pyhamtools for making it easy to use country-files.com data as well as QRZ.com and Clublog lookup.

The project's name was suggested by Harm, DK4HAA. Thanks!