samply
/
bridgehead
mirror of https://github.com/samply/bridgehead.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Modularize DNPM components

This commit is contained in:
Tobias Kussel 2023-05-10 10:54:05 +00:00
parent 3a42570ac4
commit 3e1659a38d
18 changed files with 421 additions and 113 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
bbmri/docker-compose.yml
View File

@ -1,58 +1,6 @@
version: "3.7" version: "3.7"
services: services:
traefik:
container_name: bridgehead-traefik
image: docker.verbis.dkfz.de/cache/traefik:latest
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --providers.file.directory=/configuration/
- --api.dashboard=true
- --accesslog=true
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
labels:
- "traefik.enable=true"
- "traefik.http.routers.dashboard.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
- "traefik.http.routers.dashboard.entrypoints=websecure"
- "traefik.http.routers.dashboard.service=api@internal"
- "traefik.http.routers.dashboard.tls=true"
- "traefik.http.routers.dashboard.middlewares=auth"
- "traefik.http.middlewares.auth.basicauth.users=${LDM_LOGIN}"
ports:
- 80:80
- 443:443
volumes:
- /etc/bridgehead/traefik-tls:/certs:ro
- ../lib/traefik-configuration/:/configuration:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
forward_proxy:
container_name: bridgehead-forward-proxy
image: docker.verbis.dkfz.de/cache/samply/bridgehead-forward-proxy:latest
environment:
HTTPS_PROXY: ${HTTPS_PROXY_URL}
USERNAME: ${HTTPS_PROXY_USERNAME}
PASSWORD: ${HTTPS_PROXY_PASSWORD}
volumes:
- /etc/bridgehead/trusted-ca-certs:/docker/custom-certs/:ro
landing:
container_name: bridgehead-landingpage
image: docker.verbis.dkfz.de/cache/samply/bridgehead-landingpage:master
labels:
- "traefik.enable=true"
- "traefik.http.routers.landing.rule=PathPrefix(`/`)"
- "traefik.http.services.landing.loadbalancer.server.port=80"
- "traefik.http.routers.landing.tls=true"
environment:
HOST: ${HOST}
PROJECT: ${PROJECT}
SITE_NAME: ${SITE_NAME}
blaze: blaze:
image: docker.verbis.dkfz.de/cache/samply/blaze:0.19 image: docker.verbis.dkfz.de/cache/samply/blaze:0.19
container_name: bridgehead-bbmri-blaze container_name: bridgehead-bbmri-blaze

47
bbmri/modules/dnpm-compose-beamconnect.yml Normal file
View File

@ -0,0 +1,47 @@
version: "3.7"
services:
dnpm-beam-proxy:
image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop
container_name: bridgehead-dnpm-beam-proxy
environment:
BROKER_URL: ${BROKER_URL}
PROXY_ID: ${PROXY_ID}
APP_3_ID: dnpm-connect
APP_3_KEY: ${DNPM_BEAM_SECRET_SHORT}
PRIVKEY_FILE: /run/secrets/proxy.pem
ALL_PROXY: http://forward_proxy:3128
TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs
ROOTCERT_FILE: /conf/root.crt.pem
secrets:
- proxy.pem
depends_on:
- "forward_proxy"
volumes:
- /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro
- /srv/docker/bridgehead/ccp/root.crt.pem:/conf/root.crt.pem:ro
dnpm-beam-connect:
depends_on: [ dnpm-beam-proxy ]
image: samply/beam-connect:sites-without-auth
environment:
PROXY_URL: http://dnpm-beam-proxy:8081
PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT}
APP_ID: dnpm-connect.${PROXY_ID}
DISCOVERY_URL: ${DNPM_DISCOVERY_URL}
LOCAL_TARGETS_FILE: /conf/connect_targets.json
HTTP_PROXY: http://forward_proxy:3128
HTTPS_PROXY: http://forward_proxy:3128
NO_PROXY: dnpm-beam-proxy,dnpm-backend
RUST_LOG: ${RUST_LOG:-info}
volumes:
- /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)"
- "traefik.http.services.dnpm-connect.loadbalancer.server.port=8062"
- "traefik.http.routers.dnpm-connect.tls=true"
secrets:
proxy.pem:
file: /etc/bridgehead/pki/${SITE_ID}.priv.pem

54
bbmri/modules/dnpm-compose-bwhc.yml Normal file
View File

@ -0,0 +1,54 @@
version: "3.7"
services:
dnpm-frontend:
depends_on: [ dnpm-backend ]
build:
context: ../../dnpm/origin
dockerfile: Frontend.Dockerfile
network: host
args:
NUXT_HOST: 0.0.0.0
NUXT_PORT: 3000
BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL}
BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME}
BACKEND_PORT: 9000
DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP}
HTTP_PROXY: ${http_proxy}
HTTPS_PROXY: ${https_proxy}
environment:
BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL}
BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME}
BACKEND_PORT: 9000
no_proxy: dnpm-backend
labels:
- "traefik.enable=true"
- "traefik.http.routers.dnpm-frontend.rule=PathPrefix(`/dnpm-frontend`)"
- "traefik.http.services.dnpm-frontend.loadbalancer.server.port=3000"
- "traefik.http.routers.dnpm-frontend.tls=true"
dnpm-backend:
build:
context: ../../dnpm/origin
dockerfile: Backend.Dockerfile
args:
BWHC_BASE_DIR: /bwhc-backend
DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP}
ports:
- 9000:9000
environment:
APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET}
ZPM_SITE: ${ZPM_SITE}
noproxy: dnpm-frontend,dnpm-beam-connect
# PLAY_HTTP_PORT: 9000
# PLAY_HTTP_ADDRESS: 0.0.0.0
volumes:
- ../dnpm/origin/logback.xml:/bwhc-backend/logback.xml:ro
- /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro
- /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro
- bwhc_data:/bwhc-backend/data/
- bwhc_hgnc_data:/bwhc-backend/hgnc_data/
volumes:
bwhc_data:
bwhc_hgnc_data:

17
bbmri/modules/dnpm-setup.sh Normal file
View File

@ -0,0 +1,17 @@
#!/bin/bash
if [ -n "${ENABLE_DNPM}" ]; then
log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM."
OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-beamconnect.yml"
# Set variables required for Beam-Connect
DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
DNPM_DISCOVERY_URL="https://dnpm.medizin.uni-tuebingen.de/sites"
# Optionally, start bwhc as well. This is currently only experimental
if [ -n "${ENABLE_DNPM_BWHC}" ]; then
log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!"
OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-bwhc.yml"
fi
fi

6
bbmri/vars
View File

@ -5,3 +5,9 @@ FOCUS_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | h
FOCUS_RETRY_COUNT=32 FOCUS_RETRY_COUNT=32
SUPPORT_EMAIL=bridgehead@helpdesk.bbmri-eric.eu SUPPORT_EMAIL=bridgehead@helpdesk.bbmri-eric.eu
PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem
for module in $PROJECT/modules/*.sh
do
log INFO "sourcing $module"
source $module
done

14
bridgehead
View File

@ -32,6 +32,9 @@ case "$PROJECT" in
bbmri) bbmri)
#nothing extra to do #nothing extra to do
;; ;;
minimal)
#nothing extra to do
;;
*) *)
printUsage printUsage
exit 1 exit 1
@ -51,6 +54,11 @@ loadVars() {
set +a set +a
OVERRIDE=${OVERRIDE:=""} OVERRIDE=${OVERRIDE:=""}
# minimal contains shared components, so potential overrides must be applied in every project
if [ -f "minimal/docker-compose.override.yml" ]; then
log INFO "Applying minimal/docker-compose.override.yml"
OVERRIDE+=" -f ./minimal/docker-compose.override.yml"
fi
if [ -f "$PROJECT/docker-compose.override.yml" ]; then if [ -f "$PROJECT/docker-compose.override.yml" ]; then
log INFO "Applying $PROJECT/docker-compose.override.yml" log INFO "Applying $PROJECT/docker-compose.override.yml"
OVERRIDE+=" -f ./$PROJECT/docker-compose.override.yml" OVERRIDE+=" -f ./$PROJECT/docker-compose.override.yml"
@ -66,13 +74,13 @@ case "$ACTION" in
checkRequirements checkRequirements
hc_send log "Bridgehead $PROJECT startup: Requirements checked out. Now starting bridgehead ..." hc_send log "Bridgehead $PROJECT startup: Requirements checked out. Now starting bridgehead ..."
export LDM_LOGIN=$(getLdmPassword) export LDM_LOGIN=$(getLdmPassword)
exec $COMPOSE -f ./$PROJECT/docker-compose.yml $OVERRIDE up --abort-on-container-exit exec $COMPOSE -f ./minimal/docker-compose.yml -f ./$PROJECT/docker-compose.yml $OVERRIDE up --abort-on-container-exit
;; ;;
stop) stop)
loadVars loadVars
# HACK: This is tempoarily to properly shut down false bridgehead instances (bridgehead-ccp instead ccp) # HACK: This is tempoarily to properly shut down false bridgehead instances (bridgehead-ccp instead ccp)
$COMPOSE -p bridgehead-$PROJECT -f ./$PROJECT/docker-compose.yml $OVERRIDE down $COMPOSE -p bridgehead-$PROJECT -f ./minimal/docker-compose.yml -f ./$PROJECT/docker-compose.yml $OVERRIDE down
exec $COMPOSE -f ./$PROJECT/docker-compose.yml $OVERRIDE down exec $COMPOSE -f ./minimal/docker-compose.yml -f ./$PROJECT/docker-compose.yml $OVERRIDE down
;; ;;
is-running) is-running)
bk_is_running bk_is_running

52
ccp/docker-compose.yml
View File

@ -1,58 +1,6 @@
version: "3.7" version: "3.7"
services: services:
traefik:
container_name: bridgehead-traefik
image: docker.verbis.dkfz.de/cache/traefik:latest
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --providers.file.directory=/configuration/
- --api.dashboard=true
- --accesslog=true
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
labels:
- "traefik.enable=true"
- "traefik.http.routers.dashboard.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
- "traefik.http.routers.dashboard.entrypoints=websecure"
- "traefik.http.routers.dashboard.service=api@internal"
- "traefik.http.routers.dashboard.tls=true"
- "traefik.http.routers.dashboard.middlewares=auth"
- "traefik.http.middlewares.auth.basicauth.users=${LDM_LOGIN}"
ports:
- 80:80
- 443:443
volumes:
- /etc/bridgehead/traefik-tls:/certs:ro
- ../lib/traefik-configuration/:/configuration:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
forward_proxy:
container_name: bridgehead-forward-proxy
image: docker.verbis.dkfz.de/cache/samply/bridgehead-forward-proxy:latest
environment:
HTTPS_PROXY: ${HTTPS_PROXY_URL}
USERNAME: ${HTTPS_PROXY_USERNAME}
PASSWORD: ${HTTPS_PROXY_PASSWORD}
volumes:
- /etc/bridgehead/trusted-ca-certs:/docker/custom-certs/:ro
landing:
container_name: bridgehead-landingpage
image: docker.verbis.dkfz.de/cache/samply/bridgehead-landingpage:master
labels:
- "traefik.enable=true"
- "traefik.http.routers.landing.rule=PathPrefix(`/`)"
- "traefik.http.services.landing.loadbalancer.server.port=80"
- "traefik.http.routers.landing.tls=true"
environment:
HOST: ${HOST}
PROJECT: ${PROJECT}
SITE_NAME: ${SITE_NAME}
blaze: blaze:
image: docker.verbis.dkfz.de/cache/samply/blaze:0.19 image: docker.verbis.dkfz.de/cache/samply/blaze:0.19
container_name: bridgehead-ccp-blaze container_name: bridgehead-ccp-blaze

28
ccp/modules/dnpm-compose-beamconnect.yml Normal file
View File

@ -0,0 +1,28 @@
version: "3.7"
services:
beam-proxy:
environment:
APP_3_ID: dnpm-connect
APP_3_KEY: ${DNPM_BEAM_SECRET_SHORT}
dnpm-beam-connect:
depends_on: [ beam-proxy ]
image: samply/beam-connect:sites-without-auth
environment:
PROXY_URL: http://beam-proxy:8081
PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT}
APP_ID: dnpm-connect.${PROXY_ID}
DISCOVERY_URL: ${DNPM_DISCOVERY_URL}
LOCAL_TARGETS_FILE: /conf/connect_targets.json
HTTP_PROXY: http://forward_proxy:3128
HTTPS_PROXY: http://forward_proxy:3128
NO_PROXY: beam-proxy,dnpm-backend
RUST_LOG: ${RUST_LOG:-info}
volumes:
- /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)"
- "traefik.http.services.dnpm-connect.loadbalancer.server.port=8062"
- "traefik.http.routers.dnpm-connect.tls=true"

54
ccp/modules/dnpm-compose-bwhc.yml Normal file
View File

@ -0,0 +1,54 @@
version: "3.7"
services:
dnpm-frontend:
depends_on: [ dnpm-backend ]
build:
context: ../../dnpm/origin
dockerfile: Frontend.Dockerfile
network: host
args:
NUXT_HOST: 0.0.0.0
NUXT_PORT: 3000
BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL}
BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME}
BACKEND_PORT: 9000
DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP}
HTTP_PROXY: ${http_proxy}
HTTPS_PROXY: ${https_proxy}
environment:
BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL}
BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME}
BACKEND_PORT: 9000
no_proxy: dnpm-backend
labels:
- "traefik.enable=true"
- "traefik.http.routers.dnpm-frontend.rule=PathPrefix(`/dnpm-frontend`)"
- "traefik.http.services.dnpm-frontend.loadbalancer.server.port=3000"
- "traefik.http.routers.dnpm-frontend.tls=true"
dnpm-backend:
build:
context: ../../dnpm/origin
dockerfile: Backend.Dockerfile
args:
BWHC_BASE_DIR: /bwhc-backend
DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP}
ports:
- 9000:9000
environment:
APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET}
ZPM_SITE: ${ZPM_SITE}
noproxy: dnpm-frontend,dnpm-beam-connect
# PLAY_HTTP_PORT: 9000
# PLAY_HTTP_ADDRESS: 0.0.0.0
volumes:
- ../dnpm/origin/logback.xml:/bwhc-backend/logback.xml:ro
- /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro
- /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro
- bwhc_data:/bwhc-backend/data/
- bwhc_hgnc_data:/bwhc-backend/hgnc_data/
volumes:
bwhc_data:
bwhc_hgnc_data:

17
ccp/modules/dnpm-setup.sh Normal file
View File

@ -0,0 +1,17 @@
#!/bin/bash
if [ -n "${ENABLE_DNPM}" ]; then
log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM."
OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-beamconnect.yml"
# Set variables required for Beam-Connect
DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
DNPM_DISCOVERY_URL="https://dnpm.medizin.uni-tuebingen.de/sites"
# Optionally, start bwhc as well. This is currently only experimental
if [ -n "${ENABLE_DNPM_BWHC}" ]; then
log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!"
OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-bwhc.yml"
fi
fi

8
ccp/vars
View File

@ -19,6 +19,8 @@ source $PROJECT/exliquid-setup.sh
exliquidSetup exliquidSetup
mtbaSetup mtbaSetup
# This will load DNPM setup. Effective only if DNPM configuration is defined in /etc/bridgehead/dnpm. for module in $PROJECT/modules/*.sh
source dnpm/dnpm-setup.sh do
dnpmSetup log INFO "sourcing $module"
source $module
done

2
lib/functions.sh
View File

@ -171,7 +171,7 @@ function retry {
function bk_is_running { function bk_is_running {
detectCompose detectCompose
RUNNING="$($COMPOSE -p $PROJECT -f ./$PROJECT/docker-compose.yml $OVERRIDE ps -q)" RUNNING="$($COMPOSE -p $PROJECT -f minimal/docker-compose.yml -f ./$PROJECT/docker-compose.yml $OVERRIDE ps -q)"
NUMBEROFRUNNING=$(echo "$RUNNING" | wc -l) NUMBEROFRUNNING=$(echo "$RUNNING" | wc -l)
if [ $NUMBEROFRUNNING -ge 2 ]; then if [ $NUMBEROFRUNNING -ge 2 ]; then
return 0 return 0

2
lib/update-bridgehead.sh
View File

@ -86,7 +86,7 @@ done
# Check docker updates # Check docker updates
log "INFO" "Checking for updates to running docker images ..." log "INFO" "Checking for updates to running docker images ..."
docker_updated="false" docker_updated="false"
for IMAGE in $(cat $PROJECT/docker-compose.yml ${OVERRIDE//-f/} | grep -v "^#" | grep "image:" | sed -e 's_^.*image: \(.*\).*$_\1_g; s_\"__g'); do for IMAGE in $(cat $PROJECT/docker-compose.yml ${OVERRIDE//-f/} minimal/docker-compose.yml | grep -v "^#" | grep "image:" | sed -e 's_^.*image: \(.*\).*$_\1_g; s_\"__g'); do
log "INFO" "Checking for Updates of Image: $IMAGE" log "INFO" "Checking for Updates of Image: $IMAGE"
if docker pull $IMAGE | grep "Downloaded newer image"; then if docker pull $IMAGE | grep "Downloaded newer image"; then
CHANGE="Image $IMAGE updated." CHANGE="Image $IMAGE updated."

56
minimal/docker-compose.yml Normal file
View File

@ -0,0 +1,56 @@
version: "3.7"
services:
traefik:
container_name: bridgehead-traefik
image: docker.verbis.dkfz.de/cache/traefik:latest
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --providers.file.directory=/configuration/
- --api.dashboard=true
- --accesslog=true
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
labels:
- "traefik.enable=true"
- "traefik.http.routers.dashboard.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
- "traefik.http.routers.dashboard.entrypoints=websecure"
- "traefik.http.routers.dashboard.service=api@internal"
- "traefik.http.routers.dashboard.tls=true"
- "traefik.http.routers.dashboard.middlewares=auth"
- "traefik.http.middlewares.auth.basicauth.users=${LDM_LOGIN}"
ports:
- 80:80
- 443:443
volumes:
- /etc/bridgehead/traefik-tls:/certs:ro
- ../lib/traefik-configuration/:/configuration:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
forward_proxy:
container_name: bridgehead-forward-proxy
image: docker.verbis.dkfz.de/cache/samply/bridgehead-forward-proxy:latest
environment:
HTTPS_PROXY: ${HTTPS_PROXY_URL}
USERNAME: ${HTTPS_PROXY_USERNAME}
PASSWORD: ${HTTPS_PROXY_PASSWORD}
volumes:
- /etc/bridgehead/trusted-ca-certs:/docker/custom-certs/:ro
landing:
container_name: bridgehead-landingpage
image: docker.verbis.dkfz.de/cache/samply/bridgehead-landingpage:master
labels:
- "traefik.enable=true"
- "traefik.http.routers.landing.rule=PathPrefix(`/`)"
- "traefik.http.services.landing.loadbalancer.server.port=80"
- "traefik.http.routers.landing.tls=true"
environment:
HOST: ${HOST}
PROJECT: ${PROJECT}
SITE_NAME: ${SITE_NAME}

47
minimal/modules/dnpm-compose-beamconnect.yml Normal file
View File

@ -0,0 +1,47 @@
version: "3.7"
services:
dnpm-beam-proxy:
image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop
container_name: bridgehead-dnpm-beam-proxy
environment:
BROKER_URL: ${BROKER_URL}
PROXY_ID: ${PROXY_ID}
APP_3_ID: dnpm-connect
APP_3_KEY: ${DNPM_BEAM_SECRET_SHORT}
PRIVKEY_FILE: /run/secrets/proxy.pem
ALL_PROXY: http://forward_proxy:3128
TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs
ROOTCERT_FILE: /conf/root.crt.pem
secrets:
- proxy.pem
depends_on:
- "forward_proxy"
volumes:
- /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro
- /srv/docker/bridgehead/ccp/root.crt.pem:/conf/root.crt.pem:ro
dnpm-beam-connect:
depends_on: [ dnpm-beam-proxy ]
image: samply/beam-connect:sites-without-auth
environment:
PROXY_URL: http://dnpm-beam-proxy:8081
PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT}
APP_ID: dnpm-connect.${PROXY_ID}
DISCOVERY_URL: ${DNPM_DISCOVERY_URL}
LOCAL_TARGETS_FILE: /conf/connect_targets.json
HTTP_PROXY: http://forward_proxy:3128
HTTPS_PROXY: http://forward_proxy:3128
NO_PROXY: dnpm-beam-proxy,dnpm-backend
RUST_LOG: ${RUST_LOG:-info}
volumes:
- /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)"
- "traefik.http.services.dnpm-connect.loadbalancer.server.port=8062"
- "traefik.http.routers.dnpm-connect.tls=true"
secrets:
proxy.pem:
file: /etc/bridgehead/pki/${SITE_ID}.priv.pem

54
minimal/modules/dnpm-compose-bwhc.yml Normal file
View File

@ -0,0 +1,54 @@
version: "3.7"
services:
dnpm-frontend:
depends_on: [ dnpm-backend ]
build:
context: ../../dnpm/origin
dockerfile: Frontend.Dockerfile
network: host
args:
NUXT_HOST: 0.0.0.0
NUXT_PORT: 3000
BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL}
BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME}
BACKEND_PORT: 9000
DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP}
HTTP_PROXY: ${http_proxy}
HTTPS_PROXY: ${https_proxy}
environment:
BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL}
BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME}
BACKEND_PORT: 9000
no_proxy: dnpm-backend
labels:
- "traefik.enable=true"
- "traefik.http.routers.dnpm-frontend.rule=PathPrefix(`/dnpm-frontend`)"
- "traefik.http.services.dnpm-frontend.loadbalancer.server.port=3000"
- "traefik.http.routers.dnpm-frontend.tls=true"
dnpm-backend:
build:
context: ../../dnpm/origin
dockerfile: Backend.Dockerfile
args:
BWHC_BASE_DIR: /bwhc-backend
DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP}
ports:
- 9000:9000
environment:
APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET}
ZPM_SITE: ${ZPM_SITE}
noproxy: dnpm-frontend,dnpm-beam-connect
# PLAY_HTTP_PORT: 9000
# PLAY_HTTP_ADDRESS: 0.0.0.0
volumes:
- ../dnpm/origin/logback.xml:/bwhc-backend/logback.xml:ro
- /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro
- /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro
- bwhc_data:/bwhc-backend/data/
- bwhc_hgnc_data:/bwhc-backend/hgnc_data/
volumes:
bwhc_data:
bwhc_hgnc_data:

17
minimal/modules/dnpm-setup.sh Normal file
View File

@ -0,0 +1,17 @@
#!/bin/bash
if [ -n "${ENABLE_DNPM}" ]; then
log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM."
OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-beamconnect.yml"
# Set variables required for Beam-Connect
DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
DNPM_DISCOVERY_URL="https://dnpm.medizin.uni-tuebingen.de/sites"
# Optionally, start bwhc as well. This is currently only experimental
if [ -n "${ENABLE_DNPM_BWHC}" ]; then
log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!"
OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-bwhc.yml"
fi
fi

5
minimal/vars Normal file
View File

@ -0,0 +1,5 @@
for module in $PROJECT/modules/*.sh
do
log INFO "sourcing $module"
source $module
done