diff --git a/.gitignore b/.gitignore index a884b44..655ca90 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,7 @@ ##Ignore site configuration .gitmodules site-config/* - +.idea ## Ignore site configuration */docker-compose.override.yml diff --git a/ccp/modules/teiler-compose.yml b/ccp/modules/teiler-compose.yml new file mode 100644 index 0000000..b2c2966 --- /dev/null +++ b/ccp/modules/teiler-compose.yml @@ -0,0 +1,42 @@ +version: "3.7" + +services: + teiler: + image: docker.verbis.dkfz.de/dktk/dktk-teiler:latest + container_name: bridgehead-ccp-teiler + environment: + LOG_LEVEL: "INFO" + TEILER_API_KEY: "${TEILER_API_KEY}" + CROSS_ORIGINS: "https://${HOST}/ccp-teiler-root-config" + TEILER_DB_USER: "teiler" + TEILER_DB_PASSWORD: "${TEILER_DB_PASSWORD}" # Set in teiler-setup.sh + TEILER_DB_URL: "jdbc:postgresql://teiler-db:5432/teiler" + CLEAN_TEMP_FILES_CRON_EXPRESSION: "0 0 1 * * *" + TEMP_FILES_LIFETIME_IN_DAYS: "1" + CLEAN_WRITE_FILES_CRON_EXPRESSION: "0 0 2 * * *" + WRITE_FILES_LIFETIME_IN_DAYS: "30" + labels: + - "traefik.enable=true" + - "traefik.http.routers.teiler_ccp.rule=PathPrefix(`/ccp-teiler`)" + - "traefik.http.services.teiler_ccp.loadbalancer.server.port=8092" + - "traefik.http.routers.teiler_ccp.tls=true" + - "traefik.http.routers.teiler_ccp.middlewares=auth" + volumes: + - "teiler:/app/teiler-files" + + teiler-db: + image: postgres:15.1-alpine + container_name: bridgehead-ccp-teiler-db + environment: + POSTGRES_USER: "teiler" + POSTGRES_PASSWORD: "${TEILER_DB_PASSWORD}" # Set in teiler-setup.sh + POSTGRES_DB: "teiler" + volumes: + - "teiler-db:/var/lib/postgresql/data" + + +volumes: + teiler-db: + name: "teiler-db" + teiler: + name: "teiler" diff --git a/ccp/modules/teiler-setup.sh b/ccp/modules/teiler-setup.sh new file mode 100644 index 0000000..d651107 --- /dev/null +++ b/ccp/modules/teiler-setup.sh @@ -0,0 +1,8 @@ +function teilerSetup() { + if [ -n "$ENABLE_TEILER" ];then + log INFO "Teiler setup detected -- will start Teiler service." + OVERRIDE+=" -f ./$PROJECT/modules/teiler-compose.yml" + fi + # TODO: Generate password in another way so that not all passwords are the same? + TEILER_DB_PASSWORD="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" +} diff --git a/ccp/modules/teiler-ui-compose.yml b/ccp/modules/teiler-ui-compose.yml new file mode 100644 index 0000000..5bdc6b2 --- /dev/null +++ b/ccp/modules/teiler-ui-compose.yml @@ -0,0 +1,260 @@ +version: "3.7" + +############################################ Keycloak +login-db: + image: "postgres:15.1" + container_name: bridgehead-login-db + environment: + POSTGRES_USER: "keycloak" + POSTGRES_PASSWORD: "${KEYCLOAK_DB_PASSWORD}" # Set in teiler-setup.sh + POSTGRES_DB: "keycloak" + volumes: + - "login-db:/var/lib/postgresql/data" + +login: + #image: "jboss/keycloak:16.1.1" + image: docker.verbis.dkfz.de/dktk/dktk-keycloak:latest + container_name: bridgehead-login + environment: + KEYCLOAK_USER: "admin" + KEYCLOAK_PASSWORD: "${KEYCLOAK_ADMIN_PASSWORD}" + DB_PASSWORD: "${KEYCLOAK_DB_PASSWORD}" # Set in teiler-setup.sh + labels: + - "traefik.enable=true" + - "traefik.http.routers.login.rule=PathPrefix(`/login`)" + - "traefik.http.services.login.loadbalancer.server.port=8080" + - "traefik.http.routers.login.tls=true" + depends_on: + - login-db + +############################################ Teiler-UI +teiler-root-config: + image: samply/teiler-root-config:developer + container_name: bridgehead-teiler-root-config + labels: + - "traefik.enable=true" + - "traefik.http.routers.teiler_root_config_ccp.rule=PathPrefix(`/ccp-teiler-root-config`)" + - "traefik.http.services.teiler_root_config_ccp.loadbalancer.server.port=9000" + - "traefik.http.routers.teiler_root_config_ccp.tls=true" + environment: + TEILER_CORE_URL: "https://${HOST}/ccp-teiler-core" + TEILER_UI_URL: "https://${HOST}/ccp-teiler-ui" + DEFAULT_LANGUAGE: "de" + +teiler-ui: + image: samply/teiler-ui:developer + container_name: bridgehead-teiler-ui +# ports: +# - 4200:80 + labels: + - "traefik.enable=true" + - "traefik.http.routers.teiler_ui_ccp.rule=PathPrefix(`/ccp-teiler-ui`)" + - "traefik.http.services.teiler_ui_ccp.loadbalancer.server.port=80" + - "traefik.http.routers.teiler_ui_ccp.tls=true" + environment: + DEFAULT_LANGUAGE: "DE" + TEILER_CORE_URL: "https://${HOST}/ccp-teiler-core" + KEYCLOAK_URL: "https://${HOST}/login" + KEYCLOAK_REALM: "teiler-ui" + KEYCLOAK_CLIENT_ID: "teiler-ui" + TEILER_ADMIN_NAME: "${OPERATOR_FIRST_NAME} ${OPERATOR_LAST_NAME}" + TEILER_ADMIN_EMAIL: "${OPERATOR_EMAIL}" + TEILER_ADMIN_PHONE: "${OPERATOR_PHONE}" + TEILER_PROJECT: "${PROJECT}" + +teiler-core: + image: samply/teiler-core:developer + container_name: bridgehead-teiler + volumes: + - "/etc/bridgehead/ccp.conf:/app/ccp.conf" + labels: + - "traefik.enable=true" + - "traefik.http.routers.teiler_core_ccp.rule=PathPrefix(`/ccp-teiler-core`)" + - "traefik.http.services.teiler_core_ccp.loadbalancer.server.port=8085" + - "traefik.http.routers.teiler_core_ccp.tls=true" + environment: + LOG_LEVEL: "INFO" + APPLICATION_PORT: "8085" + DEFAULT_LANGUAGE: "DE" + CONFIG_ENV_VAR_PATH: "/app/ccp.conf" + TEILER_CONFIG_UPDATER_CRON: "0 1 * * * *" + TEILER_ROOT_CONFIG_URL: "https://${HOST}/ccp-teiler-root-config" + TEILER_UI_DE_URL: "https://${HOST}/ccp-teiler-ui/de" + TEILER_UI_EN_URL: "https://${HOST}/ccp-teiler-ui/en" + TEILER_APP1_NAME: "config" +# TEILER_APP2_NAME: "quality-report" + TEILER_APP3_NAME: "keycloak" + TEILER_APP3_TITLE: "Keycloak" + TEILER_APP4_DESCRIPTION_EN: "Authentication site" + TEILER_APP4_DESCRIPTION_DE: "Authentifizierungsseite" + TEILER_APP4_SOURCEURL: "https://${HOST}/login/auth/" + TEILER_APP4_ROLES: "TEILER_ADMIN" + TEILER_APP4_ISACTIVATED: "true" + TEILER_APP4_ICONSOURCEURL: "https://upload.wikimedia.org/wikipedia/commons/2/29/Keycloak_Logo.png" + TEILER_APP4_ORDER: "5" + TEILER_APP4_ISEXTERNALLINK: "true" + TEILER_APP4_ISLOCAL: "true" +# TEILER_APP5_NAME: "pgadmin" +# TEILER_APP5_TITLE: "PgAdmin" +# TEILER_APP5_DESCRIPTION: "Database Management" +# TEILER_APP5_SOURCEURL: "http://localhost:5000" +# TEILER_APP5_ROLES: "TEILER_ADMIN" +# TEILER_APP5_ISACTIVATED: "true" +# TEILER_APP5_ICONSOURCEURL: "https://user-images.githubusercontent.com/24623425/36042969-f87531d4-0d8a-11e8-9dee-e87ab8c6a9e3.png" +# TEILER_APP5_ORDER: "6" +# TEILER_APP5_ISEXTERNALLINK: "true" +# TEILER_APP5_ISLOCAL: "true" + TEILER_APP6_NAME: "ldm" + TEILER_APP6_TITLE_EN: "Local data management" + TEILER_APP6_TITLE_DE: "Lokales Datenmanagement" + TEILER_APP6_DESCRIPTION_EN: "Local Data Management" + TEILER_APP6_DESCRIPTION_DE: "Lokales Datenmanagement" + TEILER_APP6_SOURCEURL: "${CENTRAXX_URL}" + TEILER_APP6_ROLES: "TEILER_PUBLIC" + TEILER_APP6_ISACTIVATED: "${IS_DKTK_SITE}" + TEILER_APP6_ICONCLASS: "bi bi-server" + TEILER_APP6_ORDER: "7" + TEILER_APP6_ISEXTERNALLINK: "true" + TEILER_APP6_ISLOCAL: "true" + TEILER_APP7_NAME: "id-manager" + TEILER_APP7_TITLE: "ID-Manager" + TEILER_APP7_DESCRIPTION: "ID Manager" + TEILER_APP7_SOURCEURL: "https://${HOST}/id-manager/index.html" + TEILER_APP7_ROLES: "TEILER_PUBLIC" + TEILER_APP7_ISACTIVATED: "true" + TEILER_APP7_ICONCLASS: "bi bi-person-bounding-box" + TEILER_APP7_ORDER: "8" + TEILER_APP7_ISEXTERNALLINK: "true" + TEILER_APP7_ISLOCAL: "true" + TEILER_APP8_NAME: "patient-list" + TEILER_APP8_TITLE_EN: "Patient List" + TEILER_APP8_TITLE_DE: "Patientenliste" + TEILER_APP8_DESCRIPTION_EN: "Patient List" + TEILER_APP8_DESCRIPTION_DE: "Patientenliste" + TEILER_APP8_SOURCEURL: "https://${HOST}/patientlist" + TEILER_APP8_ROLES: "TEILER_PUBLIC" + TEILER_APP8_ISACTIVATED: "true" + TEILER_APP8_ICONCLASS: "bi bi-person-rolodex" + TEILER_APP8_ORDER: "9" + TEILER_APP8_ISEXTERNALLINK: "true" + TEILER_APP8_ISLOCAL: "true" + TEILER_APP9_NAME: "project-pseudonymisation" + TEILER_APP9_TITLE_EN: "Project Pseudonymisation" + TEILER_APP9_TITLE_DE: "Projectpseudonymisierung" + TEILER_APP9_DESCRIPTION_EN: "Project Pseudonymisation" + TEILER_APP9_DESCRIPTION_DE: "Projectpseudonymisierung" + TEILER_APP9_SOURCEURL: "https://${HOST}/id-manager/html/projectSelection.html" + TEILER_APP9_ROLES: "TEILER_PUBLIC" + TEILER_APP9_ISACTIVATED: "true" + TEILER_APP9_ICONCLASS: "bi bi-person-lines-fill" + TEILER_APP9_ORDER: "10" + TEILER_APP9_ISEXTERNALLINK: "true" + TEILER_APP9_ISLOCAL: "true" + TEILER_APP10_NAME: "federated-search" + TEILER_APP10_TITLE: "Lens" + TEILER_APP10_DESCRIPTION_EN: "Federated Search" + TEILER_APP10_DESCRIPTION_DE: "Föderierte Suche" + TEILER_APP10_SOURCEURL: "https://demo.lens.samply.de/" + TEILER_APP10_ROLES: "TEILER_PUBLIC" + TEILER_APP10_ISACTIVATED: "true" + TEILER_APP10_ICONCLASS: "bi bi-search" + TEILER_APP10_ORDER: "13" + TEILER_APP10_ISEXTERNALLINK: "true" + TEILER_APP10_ISLOCAL: "false" + TEILER_APP11_NAME: "central-patient-list" + TEILER_APP11_TITLE_EN: "Central Patient List" + TEILER_APP11_TITLE_DE: "Zentrale Patientenliste" + TEILER_APP11_DESCRIPTION_EN: "Central Patient List" + TEILER_APP11_DESCRIPTION_DE: "Zentrale Patientenliste" + TEILER_APP11_SOURCEURL: "https://patientlist.ccp-it.dktk.dkfz.de/" + TEILER_APP11_ROLES: "TEILER_PUBLIC" + TEILER_APP11_ISACTIVATED: "true" + TEILER_APP11_ICONCLASS: "bi bi-person-rolodex" + TEILER_APP11_ORDER: "14" + TEILER_APP11_ISEXTERNALLINK: "true" + TEILER_APP11_ISLOCAL: "false" + TEILER_APP12_NAME: "central id-manager" + TEILER_APP12_TITLE_EN: "Central ID-Manager" + TEILER_APP12_TITLE_DE: "Zentraler ID-Manager" + TEILER_APP12_DESCRIPTION_EN: "Central ID Manager" + TEILER_APP12_DESCRIPTION_DE: "Zentraler ID-Manager" + TEILER_APP12_SOURCEURL: "https://dktk-kne.kgu.de/" + TEILER_APP12_ROLES: "TEILER_PUBLIC" + TEILER_APP12_ISACTIVATED: "true" + TEILER_APP12_ICONCLASS: "bi bi-person-bounding-box" + TEILER_APP12_ORDER: "15" + TEILER_APP12_ISEXTERNALLINK: "true" + TEILER_APP12_ISLOCAL: "false" + # TODO: Icinga to be replaced by Zabbix + TEILER_APP13_NAME: "monitoring" + TEILER_APP13_TITLE: "Icinga" + TEILER_APP13_DESCRIPTION: "Icinga Monitoring" + TEILER_APP13_SOURCEURL: "https://monitor.vmitro.de/icingaweb2/dashboard" + TEILER_APP13_ROLES: "TEILER_ADMIN" + TEILER_APP13_ISACTIVATED: "true" + TEILER_APP13_ICONSOURCEURL: "https://images.ctfassets.net/o7xu9whrs0u9/QmL67mCGdRQ8PBcuKHGnF/858c0aee95762f59d67b25073f9483c2/icinga-logo.png" + TEILER_APP13_ORDER: "16" + TEILER_APP13_ISEXTERNALLINK: "true" + TEILER_APP13_ISLOCAL: "false" +# TEILER_APP14_NAME: "function-tests" +# TEILER_APP15_NAME: "event-log" + TEILER_APP16_NAME: "active-inquiries" + TEILER_APP16_BACKENDURL: "https://${HOST}/ccp-teiler" + TEILER_APP17_NAME: "archived-inquiries" + TEILER_APP17_BACKENDURL: "https://${HOST}/ccp-teiler" + TEILER_APP18_NAME: "failed-inquiries" + TEILER_APP18_BACKENDURL: "https://${HOST}/ccp-teiler" + TEILER_APP19_NAME: "inquiry" + TEILER_APP19_INMENU: "false" +# TEILER_APP20_NAME: "cbioportal" +# TEILER_APP20_TITLE: "cBioportal" +# TEILER_APP20_DESCRIPTION: "Interactive exploration of multidimensional cancer genomics data sets" +# TEILER_APP20_SOURCEURL: "http://localhost:8082" +# TEILER_APP20_ROLES: "TEILER_USER" +# TEILER_APP20_ISACTIVATED: "true" +# TEILER_APP20_ICONSOURCEURL: "https://docs.cbioportal.org/images/cbio-logo.png" +# TEILER_APP20_ORDER: "17" +# TEILER_APP20_ISEXTERNALLINK: "true" +# TEILER_APP20_ISLOCAL: "true" +# TEILER_APP21_NAME: "mtba-bp" +# TEILER_APP21_TITLE: "MTBA-BP" +# TEILER_APP21_DESCRIPTION: "MTBA Camunda Business Process" +# TEILER_APP21_SOURCEURL: "http://localhost:8480" +# TEILER_APP21_ROLES: "TEILER_ADMIN" +# TEILER_APP21_ISACTIVATED: "true" +# TEILER_APP21_ICONSOURCEURL: "https://camunda.com/wp-content/uploads/2020/05/logo-camunda-black.svg" +# TEILER_APP21_ORDER: "18" +# TEILER_APP21_ISEXTERNALLINK: "true" +# TEILER_APP21_ISLOCAL: "true" + TEILER_APP22_NAME: "dialog-quali" + TEILER_APP22_INMENU: "false" + TEILER_APP23_NAME: "dialog-uploads" + TEILER_APP23_INMENU: "false" + TEILER_APP24_NAME: "inquiry-dialog" + TEILER_APP24_INMENU: "false" + TEILER_APP25_NAME: "dialog-tests" + TEILER_APP25_INMENU: "false" +# TEILER_APP26_NAME: "opal" +# TEILER_APP26_TITLE: "Opal" +# TEILER_APP26_DESCRIPTION: "Opal is OBiBa’s core database application for biobanks." +# TEILER_APP26_SOURCEURL: "http://localhost:8880" +# TEILER_APP26_ROLES: "TEILER_USER" +# TEILER_APP26_ISACTIVATED: "true" +# TEILER_APP26_ICONSOURCEURL: "https://www.obiba.org/assets/themes/bootstrap/img/obiba-logo-small.png" +# TEILER_APP26_ORDER: "19" +# TEILER_APP26_ISEXTERNALLINK: "true" +# TEILER_APP26_ISLOCAL: "true" +# TEILER_APP27_NAME: "rstudio" +# TEILER_APP27_TITLE: "R Studio" +# TEILER_APP27_DESCRIPTION: "RStudio is an integrated development environment (IDE) for R and Python." +# TEILER_APP27_SOURCEURL: "http://localhost:8787" +# TEILER_APP27_ROLES: "TEILER_USER" +# TEILER_APP27_ISACTIVATED: "true" +# TEILER_APP27_ICONSOURCEURL: "https://rstudio.com/wp-content/uploads/2018/10/RStudio-Logo-Flat.png" +# TEILER_APP27_ORDER: "20" +# TEILER_APP27_ISEXTERNALLINK: "true" +# TEILER_APP27_ISLOCAL: "true" + +volumes: + login-db: + name: "login-db" diff --git a/ccp/modules/teiler-ui-setup.sh b/ccp/modules/teiler-ui-setup.sh new file mode 100644 index 0000000..c1f3933 --- /dev/null +++ b/ccp/modules/teiler-ui-setup.sh @@ -0,0 +1,7 @@ +function teilerUiSetup() { + if [ -n "$ENABLE_TEILER" ];then + log INFO "Teiler-UI setup detected -- will start Teiler-UI services." + OVERRIDE+=" -f ./$PROJECT/modules/teiler-ui-compose.yml" + fi + KEYCLOAK_DB_PASSWORD="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" +} diff --git a/ccp/vars b/ccp/vars index 7cfb7db..b58710d 100644 --- a/ccp/vars +++ b/ccp/vars @@ -16,5 +16,6 @@ do done idManagementSetup +nngmSetup mtbaSetup -adt2fhirRestSetup \ No newline at end of file +adt2fhirRestSetup