From 0ab898a9e72deabe5e9547716b725f8adcff7fd1 Mon Sep 17 00:00:00 2001 From: juarez Date: Thu, 23 Nov 2023 17:28:39 +0100 Subject: [PATCH] Add R-Studio Admin Password --- ccp/modules/datashield-compose.yml | 4 ++-- ccp/modules/datashield-setup.sh | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ccp/modules/datashield-compose.yml b/ccp/modules/datashield-compose.yml index a126b1a..78ff12f 100644 --- a/ccp/modules/datashield-compose.yml +++ b/ccp/modules/datashield-compose.yml @@ -6,7 +6,7 @@ services: image: docker.verbis.dkfz.de/ccp/dktk-rstudio:latest environment: #DEFAULT_USER: "rstudio" # This line is kept for informational purposes - #PASSWORD: "${LDM_AUTH}" + PASSWORD: "${RSTUDIO_ADMIN_PASSWORD}" DISABLE_AUTH: "true" # TODO: Connect R-Studio with central Keycloak. Currently using Traefik authentication. HTTP_RELATIVE_PATH: "/rstudio" labels: @@ -15,7 +15,7 @@ services: - "traefik.http.services.rstudio_ccp.loadbalancer.server.port=8787" - "traefik.http.routers.rstudio_ccp.tls=true" - "traefik.http.middlewares.rstudio_ccp_strip.stripprefix.prefixes=/rstudio" - - "traefik.http.routers.rstudio_ccp.middlewares=rstudio_ccp_strip,auth" + - "traefik.http.routers.rstudio_ccp.middlewares=rstudio_ccp_strip" opal: container_name: bridgehead-opal diff --git a/ccp/modules/datashield-setup.sh b/ccp/modules/datashield-setup.sh index 3a964cd..e77e4c9 100644 --- a/ccp/modules/datashield-setup.sh +++ b/ccp/modules/datashield-setup.sh @@ -7,6 +7,7 @@ if [ "$ENABLE_DATASHIELD" == true ]; then TOKEN_MANAGER_OPAL_PASSWORD="$(generate_password \"Token Manager in Opal\")" OPAL_DB_PASSWORD="$(echo \"This is a salt string to generate one consistent password for Opal. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" OPAL_ADMIN_PASSWORD="$(generate_password \"admin password for Opal\")" + RSTUDIO_ADMIN_PASSWORD="$(generate_password \"admin password for R-Studio\")" DATASHIELD_CONNECT_SECRET="$(echo \"This is a salt string to generate one consistent password as the DataShield Connect secret. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" if [ ! -e /tmp/bridgehead/opal-cert.pem ]; then mkdir -p /tmp/bridgehead/