From 044e190be39556d1a585b38547735a9692bfda65 Mon Sep 17 00:00:00 2001
From: Enola Knezevic <enola.knezevic@dkfz-heidelberg.com>
Date: Thu, 12 Dec 2024 14:09:29 +0100
Subject: [PATCH] QR basic auth; teiler, exporter, reporter -> min

---
 bbmri/vars                                    | 8 ++++----
 ccp/modules/export-and-qb.curl-templates      | 6 ------
 lib/install-bridgehead.sh                     | 6 ++++++
 minimal/docker-compose.yml                    | 1 +
 minimal/modules/export-and-qb.curl-templates  | 6 ++++++
 {ccp => minimal}/modules/exporter-compose.yml | 3 +++
 {ccp => minimal}/modules/exporter-setup.sh    | 2 +-
 {ccp => minimal}/modules/exporter.md          | 0
 {ccp => minimal}/modules/teiler-compose.yml   | 0
 {ccp => minimal}/modules/teiler-setup.sh      | 4 ++--
 {ccp => minimal}/modules/teiler.md            | 0
 11 files changed, 23 insertions(+), 13 deletions(-)
 delete mode 100644 ccp/modules/export-and-qb.curl-templates
 create mode 100644 minimal/modules/export-and-qb.curl-templates
 rename {ccp => minimal}/modules/exporter-compose.yml (93%)
 rename {ccp => minimal}/modules/exporter-setup.sh (91%)
 rename {ccp => minimal}/modules/exporter.md (100%)
 rename {ccp => minimal}/modules/teiler-compose.yml (100%)
 rename {ccp => minimal}/modules/teiler-setup.sh (66%)
 rename {ccp => minimal}/modules/teiler.md (100%)

diff --git a/bbmri/vars b/bbmri/vars
index 5f5c73b..eb938a5 100644
--- a/bbmri/vars
+++ b/bbmri/vars
@@ -32,11 +32,11 @@ do
     source $module
 done
 
-log DEBUG "sourcing ccp/modules/exporter-setup.sh"
-source ccp/modules/exporter-setup.sh
+log DEBUG "sourcing minimal/modules/exporter-setup.sh"
+source minimal/modules/exporter-setup.sh
 
-log DEBUG "sourcing ccp/modules/teiler-setup.sh"
-source ccp/modules/teiler-setup.sh
+log DEBUG "sourcing minimal/modules/teiler-setup.sh"
+source minimal/modules/teiler-setup.sh
 
 
 SUPPORT_EMAIL=$ERIC_SUPPORT_EMAIL
diff --git a/ccp/modules/export-and-qb.curl-templates b/ccp/modules/export-and-qb.curl-templates
deleted file mode 100644
index 739c5af..0000000
--- a/ccp/modules/export-and-qb.curl-templates
+++ /dev/null
@@ -1,6 +0,0 @@
-# Full Excel Export
-curl --location --request POST 'https://${HOST}/ccp-exporter/request?query=Patient&query-format=FHIR_PATH&template-id=ccp&output-format=EXCEL' \
---header 'x-api-key: ${EXPORT_API_KEY}'
-
-# QB
-curl --location --request POST 'https://${HOST}/ccp-reporter/generate?template-id=ccp'
diff --git a/lib/install-bridgehead.sh b/lib/install-bridgehead.sh
index 38c3874..16480d8 100755
--- a/lib/install-bridgehead.sh
+++ b/lib/install-bridgehead.sh
@@ -35,6 +35,12 @@ if [ -z "$LDM_AUTH" ]; then
   add_basic_auth_user $PROJECT $generated_passwd "LDM_AUTH" $PROJECT
 fi
 
+if [ "$ENABLE_EXPORTER" == true ]; then
+  log "INFO" "Now generating basic auth for the quality reports. "
+  generated_passwd="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 32)"
+  add_basic_auth_user $PROJECT $generated_passwd "QR_AUTH" $PROJECT
+fi
+
 if [ ! -z "$NNGM_CTS_APIKEY" ] && [ -z "$NNGM_AUTH" ]; then
   log "INFO" "Now generating basic auth for nNGM upload API (see adduser in bridgehead for more information). "
   generated_passwd="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 32)"
diff --git a/minimal/docker-compose.yml b/minimal/docker-compose.yml
index dc76331..6c0c3ba 100644
--- a/minimal/docker-compose.yml
+++ b/minimal/docker-compose.yml
@@ -22,6 +22,7 @@ services:
       - "traefik.http.routers.dashboard.tls=true"
       - "traefik.http.routers.dashboard.middlewares=auth"
       - "traefik.http.middlewares.auth.basicauth.users=${LDM_AUTH}"
+      - "traefik.http.middlewares.auth.basicauth.users=${QR_AUTH}"
     ports:
       - 80:80
       - 443:443
diff --git a/minimal/modules/export-and-qb.curl-templates b/minimal/modules/export-and-qb.curl-templates
new file mode 100644
index 0000000..ae19fe0
--- /dev/null
+++ b/minimal/modules/export-and-qb.curl-templates
@@ -0,0 +1,6 @@
+# Full Excel Export
+curl --location --request POST 'https://${HOST}/${PLATFORM}-exporter/request?query=Patient&query-format=FHIR_PATH&template-id=${PLATFORM}&output-format=EXCEL' \
+--header 'x-api-key: ${EXPORT_API_KEY}'
+
+# QB
+curl --location --request POST 'https://${HOST}/${PLATFORM}-reporter/generate?template-id=${PLATFORM}'
diff --git a/ccp/modules/exporter-compose.yml b/minimal/modules/exporter-compose.yml
similarity index 93%
rename from ccp/modules/exporter-compose.yml
rename to minimal/modules/exporter-compose.yml
index 34f38b2..bb938d7 100644
--- a/ccp/modules/exporter-compose.yml
+++ b/minimal/modules/exporter-compose.yml
@@ -23,8 +23,11 @@ services:
       - "traefik.http.routers.exporter_${PLATFORM}.tls=true"
       - "traefik.http.middlewares.exporter_${PLATFORM}_strip.stripprefix.prefixes=/${PLATFORM}-exporter"
       - "traefik.http.routers.exporter_${PLATFORM}.middlewares=exporter_${PLATFORM}_strip"
+      - "traefik.http.routers.connector.middlewares=connector_strip,auth-qr"
+      - "traefik.http.middlewares.auth.basicauth.users=${QR_AUTH}"
     volumes:
       - "/var/cache/bridgehead/${PLATFORM}/exporter-files:/app/exporter-files/output"
+      - "traefik.http.middlewares.auth-qr.basicauth.users=${QR_AUTH}"
 
   exporter-db:
     image: docker.verbis.dkfz.de/cache/postgres:${POSTGRES_TAG}
diff --git a/ccp/modules/exporter-setup.sh b/minimal/modules/exporter-setup.sh
similarity index 91%
rename from ccp/modules/exporter-setup.sh
rename to minimal/modules/exporter-setup.sh
index 93c55ad..9b947a6 100644
--- a/ccp/modules/exporter-setup.sh
+++ b/minimal/modules/exporter-setup.sh
@@ -2,7 +2,7 @@
 
 if [ "$ENABLE_EXPORTER" == true ]; then
   log INFO "Exporter setup detected -- will start Exporter service."
-  OVERRIDE+=" -f ./ccp/modules/exporter-compose.yml"
+  OVERRIDE+=" -f ./$PROJECT/modules/exporter-compose.yml"
   EXPORTER_DB_PASSWORD="$(echo \"This is a salt string to generate one consistent password for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
   EXPORTER_API_KEY="$(echo \"This is a salt string to generate one consistent API KEY for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 64)"
 fi
diff --git a/ccp/modules/exporter.md b/minimal/modules/exporter.md
similarity index 100%
rename from ccp/modules/exporter.md
rename to minimal/modules/exporter.md
diff --git a/ccp/modules/teiler-compose.yml b/minimal/modules/teiler-compose.yml
similarity index 100%
rename from ccp/modules/teiler-compose.yml
rename to minimal/modules/teiler-compose.yml
diff --git a/ccp/modules/teiler-setup.sh b/minimal/modules/teiler-setup.sh
similarity index 66%
rename from ccp/modules/teiler-setup.sh
rename to minimal/modules/teiler-setup.sh
index dbf4efe..665ced8 100644
--- a/ccp/modules/teiler-setup.sh
+++ b/minimal/modules/teiler-setup.sh
@@ -2,8 +2,8 @@
 
 if [ "$ENABLE_TEILER" == true ];then
   log INFO "Teiler setup detected -- will start Teiler services."
-  OVERRIDE+=" -f ./ccp/modules/teiler-compose.yml"
+  OVERRIDE+=" -f ./$PROJECT/modules/teiler-compose.yml"
   TEILER_DEFAULT_LANGUAGE=DE
   TEILER_DEFAULT_LANGUAGE_LOWER_CASE=${TEILER_DEFAULT_LANGUAGE,,}
-  add_public_oidc_redirect_url "/ccp-teiler/*"
+  add_public_oidc_redirect_url "/${PLATFORM}-teiler/*"
 fi
diff --git a/ccp/modules/teiler.md b/minimal/modules/teiler.md
similarity index 100%
rename from ccp/modules/teiler.md
rename to minimal/modules/teiler.md