diff --git a/itcc/modules/id-management-compose.yml b/itcc/modules/id-management-compose.yml new file mode 100644 index 00000000..6bd481c6 --- /dev/null +++ b/itcc/modules/id-management-compose.yml @@ -0,0 +1,37 @@ +version: "3.7" + +services: + patientlist: + image: docker.verbis.dkfz.de/bridgehead/mainzelliste + container_name: bridgehead-patientlist + environment: + - TOMCAT_REVERSEPROXY_FQDN=${HOST} + - TOMCAT_REVERSEPROXY_SSL=true + - ML_SITE=${IDMANAGEMENT_FRIENDLY_ID} + - ML_DB_PASS=${PATIENTLIST_POSTGRES_PASSWORD} + - ML_API_KEY=${IDMANAGER_LOCAL_PATIENTLIST_APIKEY} + - ML_UPLOAD_API_KEY=${IDMANAGER_UPLOAD_APIKEY} + # Add Variables from /etc/patientlist-id-generators.env + - PATIENTLIST_SEEDS_TRANSFORMED + labels: + - "traefik.enable=true" + - "traefik.http.routers.patientlist.rule=PathPrefix(`/patientlist`)" + - "traefik.http.services.patientlist.loadbalancer.server.port=8080" + - "traefik.http.routers.patientlist.tls=true" + depends_on: + - patientlist-db + + patientlist-db: + image: docker.verbis.dkfz.de/cache/postgres:${POSTGRES_TAG} + container_name: bridgehead-patientlist-db + environment: + POSTGRES_USER: "mainzelliste" + POSTGRES_DB: "mainzelliste" + POSTGRES_PASSWORD: ${PATIENTLIST_POSTGRES_PASSWORD} + volumes: + - "patientlist-db-data:/var/lib/postgresql/data" + # NOTE: Add backups here. This is only imported if /var/lib/bridgehead/data/patientlist/ is empty!!! + - "/tmp/bridgehead/patientlist/:/docker-entrypoint-initdb.d/" + +volumes: + patientlist-db-data: diff --git a/itcc/modules/id-management-setup.sh b/itcc/modules/id-management-setup.sh new file mode 100644 index 00000000..ed770a42 --- /dev/null +++ b/itcc/modules/id-management-setup.sh @@ -0,0 +1,54 @@ +#!/bin/bash -e + +function idManagementSetup() { + if [ -n "$IDMANAGER_UPLOAD_APIKEY" ]; then + log INFO "id-management setup detected -- will start id-management (mainzelliste)." + OVERRIDE+=" -f ./itcc/modules/id-management-compose.yml" + + # Auto Generate local Passwords + PATIENTLIST_POSTGRES_PASSWORD="$(echo \"id-management-module-db-password-salt\" | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" + IDMANAGER_LOCAL_PATIENTLIST_APIKEY="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" + + # Transform Seeds Configuration to pass it to the Mainzelliste Container + PATIENTLIST_SEEDS_TRANSFORMED="$(declare -p PATIENTLIST_SEEDS | tr -d '\"' | sed 's/\[/\[\"/g' | sed 's/\]/\"\]/g')" + + # Ensure old ids are working !!! + export IDMANAGEMENT_FRIENDLY_ID=$(legacyIdMapping "$SITE_ID") + + fi +} + +# Transform into single string array, e.g. 'dktk-test' to 'dktk test' +# Usage: transformToSingleStringArray 'dktk-test' -> 'dktk test' +function transformToSingleStringArray() { + echo "${1//-/ }"; +} + +# Ensure all Words are Uppercase +# Usage: transformToUppercase 'dktk test' -> 'Dktk Test' +function transformToUppercase() { + result=""; + for word in $1; do + result+=" ${word^}"; + done + echo "$result"; +} + +# Handle all execeptions from the norm (e.g LMU, TUM) +# Usage: applySpecialCases 'Muenchen Lmu Test' -> 'Muenchen LMU Test' +function applySpecialCases() { + result="$1"; + result="${result/Lmu/LMU}"; + result="${result/Tum/TUM}"; + result="${result/Dktk Test/Teststandort}"; + echo "$result"; +} + +# Transform current siteids to legacy version +# Usage: legacyIdMapping "dktk-test" -> "DktkTest" +function legacyIdMapping() { + single_string_array=$(transformToSingleStringArray "$1"); + uppercase_string=$(transformToUppercase "$single_string_array"); + normalized_string=$(applySpecialCases "$uppercase_string"); + echo "$normalized_string" | tr -d ' ' +}