Added user bridgehead and made changes to run bridghead as this user

2022-03-25 10:41:15 +01:00 · 2022-03-25 10:41:15 +01:00 · 5bacdf02fb
parent 03f3f5ed94
commit 5bacdf02fb
7 changed files with 152 additions and 43 deletions
--- a/.gitignore
+++ b/.gitignore
@ -7,4 +7,10 @@ config/**/*
 !config/**/*.default
 docker-compose.override.yml
 site.conf
-
+.bash_logout
 .bash_profile
 .bashrc
 .bash_history
 .rnd
 .pki/*
 .viminfo
--- a/auth/dktk
+++ b/auth/dktk
@ -0,0 +1,2 @@
 patrick:$2y$05$9tYlNuZEfCi1FrSUMYM0iOz8FEsHjg3QiPpr3ZfChL81rZ8IrZ0gK
--- a/dktk-fed/docker-compose.yml
+++ b/dktk-fed/docker-compose.yml
@ -1,5 +1,4 @@
 version: "3.7"
 services:
  traefik:
    container_name: bridgehead_traefik
@ -7,13 +6,19 @@ services:
    command:
      - --api.insecure=true
      - --entrypoints.web.address=:80
-      - --entrypoints.web-secure.address=:443
+      - --entrypoints.websecure.address=:443
      - --providers.docker=true
      - --providers.file.directory=/configuration/
      - --entrypoints.web.http.redirections.entrypoint.to=websecure
      - --entrypoints.web.http.redirections.entrypoint.scheme=https
      - --providers.file.watch=true
    ports:
      - 80:80
      - 443:443
      - 8080:8080
    volumes:
      - ../certs:/tools/certs
      - ../tools/traefik/:/configuration/
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ../auth/:/auth
    extra_hosts:
@ -28,9 +33,10 @@ services:
      - "traefik.enable=true"
      - "traefik.http.routers.landing.rule=PathPrefix(`/`)"
      - "traefik.http.services.landing.loadbalancer.server.port=80"
      - "traefik.http.routers.landing.tls=true"
  blaze:
-    image: "samply/blaze:0.15"
+    image: "samply/blaze:0.16"
    container_name: bridgehead_dktk_blaze
    environment:
      BASE_URL: "http://blaze:8080"
@ -46,7 +52,8 @@ services:
      - "traefik.http.middlewares.dktk_b_strip.stripprefix.prefixes=/dktk-localdatamanagement"
      - "traefik.http.services.blaze_dktk.loadbalancer.server.port=8080"
      - "traefik.http.routers.blaze_dktk.middlewares=dktk_b_strip,test-auth"
-  
+      - "traefik.http.routers.blaze_dktk.tls=true"
  # dktk-fed-search-share:
  #   image: "ghcr.io/samply/dktk-fed-search-share:pr-1"
  #   container_name: bridgehead_dktk_share
--- a/landing/index.html
+++ b/landing/index.html
@ -0,0 +1,64 @@
 <html lang="en">
 <head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <meta name="description" content="">
  <title>Bridgehead Overview</title>
  <!-- Bootstrap core CSS -->
  <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet"
    integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
  <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js"
    integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p"
    crossorigin="anonymous"></script>
 </head>
 <body class="d-flex flex-column min-vh-100">
  <nav class="navbar navbar-light" style="background-color: #aad7f6;">
    <h2 class="pb-2 border-bottom">Bridgehead </h2>
  </nav>
  <div class="container px-4 py-5" id="featured-3">
    <div>
      <h2>Components</h2>
      <h3>Central</h3>
      <table class="table">
        <thead class="thead-dark">
          <tr>
            <th style="width: 50%">Group</th>
            <th style="width: 50%">Service</th>
          </tr>
        </thead>
        <tbody>
                    <tr>
            <td>CCP-IT</td>
            <td><a href="https://monitor.vmitro.de/icingaweb2/dashboard">Monitoring Service</td>
          </tr>
        </tbody>
      </table>
    </div>
    <div>
      <h3>Local</h3>
      <table class="table">
        <thead class="thead-dark">
          <tr>
            <th style="width: 50%">Project</th>
            <th style="width: 50%">Services</th>
          </tr>
        </thead>
        <tbody>
                    <tr>
            <td>Bridgehead</td>
            <td>Reverse Proxy <a href="http://:8080/">Traefik</a></td>
          </tr>
        </tbody>
      </table>
    </div>
    <footer class="footer mt-auto py-3">
     <a href="https://dktk.dkfz.de/"><img src="https://www.oncoray.de/fileadmin/files/bilder_gruppen/DKTK/Logo_DKTK_neu_2016.jpg" style="max-width: 30%; height: auto;"></a> DKTK 2022<span style="float: right;"><a href="https://github.com/samply/bridgehead"><button type="button" class="btn btn-primary">Documentaion</button></a></span>
    </footer>
 </body>
 </html>
--- a/lib/generate.sh
+++ b/lib/generate.sh
@ -1,6 +1,60 @@
 #!/bin/bash
-cat > ../landing/index.html <<EOL
+if [ ! -d ./landing ]
 then 
  mkdir landing
 fi
 if [ ! -f ./landing/index.html ]
 then
  touch index.html
 fi
 CENTRAL_SERVICES="          <tr>
            <td>CCP-IT</td>
            <td><a href=\"https://monitor.vmitro.de/icingaweb2/dashboard\">Monitoring Service</td>
          </tr>"
 LOCAL_SERVICES="          <tr>
            <td>Bridgehead</td>
            <td>Reverse Proxy <a href=\"http://${HOST}:8080/\">Traefik</a></td>
          </tr>"
 if [ "$project" = "dktk" ] || [ "$project" = "c4" ] || [ "$project" = "dktk-fed" ]
 then
    CENTRAL_SERVICES+="          <tr>
            <td>CCP-IT</td>
            <td><a href=\"https://patientlist.ccp-it.dktk.dkfz.de\">Zentrale Patientenliste</td>
          </tr>
          <tr>
            <td>CCP-IT</td>
            <td><a href=\"https://decentralsearch.ccp-it.dktk.dkfz.de\">Dezentrale Suche</td>
          </tr>
          <tr>
            <td>CCP-IT</td>
            <td><a href=\"https://centralsearch.ccp-it.dktk.dkfz.de\">Zentrale Suche</td>
          </tr>
          <tr>
            <td>CCP-IT</td>
            <td><a href=\"https://deployment.ccp-it.dktk.dkfz.de\">Deployment-Server</td>
          </tr>
          <tr>
            <td>CCP-IT</td>
            <td><a href=\"https://dktk-kne.kgu.de\">Zentraler Kontrollnummernerzeuger</td>
          </tr>
          "
 fi
 if [ "$project" = "dktk-fed" ]
 then 
    LOCAL_SERVICES+="         <tr>
            <td>DKTK</td>
            <td><a href=\"https://${HOST}/dktk-localdatamanagement/fhir/\">Blaze</a></td>
          </tr>
          "
 fi
 cat > ./landing/index.html <<EOL
 <html lang="en">
 <head>
@ -17,7 +71,7 @@ cat > ../landing/index.html <<EOL
 </head>
-<body>
+<body class="d-flex flex-column min-vh-100">
  <nav class="navbar navbar-light" style="background-color: #aad7f6;">
    <h2 class="pb-2 border-bottom">Bridgehead ${site_name}</h2>
@ -34,26 +88,7 @@ cat > ../landing/index.html <<EOL
          </tr>
        </thead>
        <tbody>
-          <tr>
+          ${CENTRAL_SERVICES}
            <td>CCP-IT</td>
            <td><a href="https://patientlist.ccp-it.dktk.dkfz.de">Zentrale Patientenliste</td>
          </tr>
          <tr>
            <td>CCP-IT</td>
            <td><a href="https://decentralsearch.ccp-it.dktk.dkfz.de">Dezentrale Suche</td>
          </tr>
          <tr>
            <td>CCP-IT</td>
            <td><a href="https://centralsearch.ccp-it.dktk.dkfz.de">Zentrale Suche</td>
          </tr>
          <tr>
            <td>CCP-IT</td>
            <td><a href="https://deployment.ccp-it.dktk.dkfz.de">Deployment-Server</td>
          </tr>
          <tr>
            <td>CCP-IT</td>
            <td><a href="https://dktk-kne.kgu.de">Zentraler Kontrollnummernerzeuger</td>
          </tr>
        </tbody>
      </table>
    </div>
@ -68,19 +103,12 @@ cat > ../landing/index.html <<EOL
          </tr>
        </thead>
        <tbody>
-          <tr>
+          ${LOCAL_SERVICES}
            <td>Bridgehead</td>
            <td>Reverse Proxy <a href="http://e260-serv-05:8080/">Traefik</a></td>
          </tr>
          <tr>
            <td>DKTK</td>
            <td><a href="http://e260-serv-05/dktk-localdatamanagement/fhir/">Blaze</a></td>
          </tr>
        </tbody>
      </table>
    </div>
-    <footer class="footer mt-auto py-3 ">
+    <footer class="footer mt-auto py-3">
-     <a href="https://dktk.dkfz.de/"><img src="https://www.oncoray.de/fileadmin/files/bilder_gruppen/DKTK/Logo_DKTK_neu_2016.jpg" height="10%" width="30%"></a> DKTK 2022
+     <a href="https://dktk.dkfz.de/"><img src="https://www.oncoray.de/fileadmin/files/bilder_gruppen/DKTK/Logo_DKTK_neu_2016.jpg" style="max-width: 30%; height: auto;"></a> DKTK 2022<span style="float: right;"><a href="https://github.com/samply/bridgehead"><button type="button" class="btn btn-primary">Documentaion</button></a></span>
    </footer>
 </body>
--- a/lib/setup-bridgehead-units.sh
+++ b/lib/setup-bridgehead-units.sh
@ -3,9 +3,7 @@
 source lib/functions.sh
-exitIfNotRoot
+if ! su bridgehead ./lib/prerequisites.sh; then
 if ! ./lib/prerequisites.sh; then
    log "Prerequisites failed, exiting"
    exit 1
 fi
@ -20,6 +18,8 @@ cp -v \
 systemctl daemon-reload
 su bridgehead source ./lib/generate.sh
 echo
 if ! systemctl is-active --quiet bridgehead@"${project}"; then
--- a/lib/systemd/bridgehead@.service
+++ b/lib/systemd/bridgehead@.service
@ -2,14 +2,16 @@
 Description=Bridgehead (%i) Service
 [Service]
 User=bridgehead
 Restart=always
 RestartSec=30
 WorkingDirectory=/srv/docker/bridgehead/
-ExecStartPre=/bin/bash -c '`which docker-compose` -f %i/docker-compose.yml --env-file site-config/%i.env down'
+ExecStartPre=/srv/docker/bridgehead/stop-bridgehead.sh %i
-ExecStart=/bin/bash -c '`which docker-compose` -f %i/docker-compose.yml --env-file site-config/%i.env up'
+ExecStart=/srv/docker/bridgehead/start-bridgehead.sh %i
-ExecStop=/bin/bash -c '`which docker-compose` -f %i/docker-compose.yml --env-file site-config/%i.env down'
+RemainAfterExit=true
 ExecStop=/srv/docker/bridgehead/stop-bridgehead.sh %i
 [Install]
 WantedBy=multi-user.target
		`@ -0,0 +1,2 @@`
							`patrick:$2y$05$9tYlNuZEfCi1FrSUMYM0iOz8FEsHjg3QiPpr3ZfChL81rZ8IrZ0gK`