From 752ca6a15c1f95330a1594a371019384692b4b24 Mon Sep 17 00:00:00 2001 From: Pierre Delpy Date: Fri, 4 Apr 2025 09:58:25 +0200 Subject: [PATCH 1/5] feat: add pscc project --- pscc/docker-compose.yml | 65 +++++++++++++++++++++++++++++++++++++++++ pscc/root.crt.pem | 20 +++++++++++++ pscc/vars | 14 +++++++++ 3 files changed, 99 insertions(+) create mode 100644 pscc/docker-compose.yml create mode 100644 pscc/root.crt.pem create mode 100644 pscc/vars diff --git a/pscc/docker-compose.yml b/pscc/docker-compose.yml new file mode 100644 index 0000000..19fcf39 --- /dev/null +++ b/pscc/docker-compose.yml @@ -0,0 +1,65 @@ +version: "3.7" + +services: + blaze: + image: docker.verbis.dkfz.de/cache/samply/blaze:${BLAZE_TAG} + container_name: bridgehead-pscc-blaze + environment: + BASE_URL: "http://bridgehead-pscc-blaze:8080" + JAVA_TOOL_OPTIONS: "-Xmx${BLAZE_MEMORY_CAP:-4096}m" + DB_RESOURCE_CACHE_SIZE: ${BLAZE_RESOURCE_CACHE_CAP:-2500000} + DB_BLOCK_CACHE_SIZE: ${BLAZE_MEMORY_CAP} + CQL_EXPR_CACHE_SIZE: ${BLAZE_CQL_CACHE_CAP:-32} + ENFORCE_REFERENTIAL_INTEGRITY: "false" + volumes: + - "blaze-data:/app/data" + labels: + - "traefik.enable=true" + - "traefik.http.routers.blaze_pscc.rule=PathPrefix(`/pscc-localdatamanagement`)" + - "traefik.http.middlewares.pscc_b_strip.stripprefix.prefixes=/pscc-localdatamanagement" + - "traefik.http.services.blaze_pscc.loadbalancer.server.port=8080" + - "traefik.http.routers.blaze_pscc.middlewares=pscc_b_strip,auth" + - "traefik.http.routers.blaze_pscc.tls=true" + + focus: + image: docker.verbis.dkfz.de/cache/samply/focus:${FOCUS_TAG} + container_name: bridgehead-focus + environment: + API_KEY: ${FOCUS_BEAM_SECRET_SHORT} + BEAM_APP_ID_LONG: focus.${PROXY_ID} + PROXY_ID: ${PROXY_ID} + BLAZE_URL: "http://bridgehead-pscc-blaze:8080/fhir/" + BEAM_PROXY_URL: http://beam-proxy:8081 + RETRY_COUNT: ${FOCUS_RETRY_COUNT} + EPSILON: 0.28 + ENDPOINT_TYPE: ${FOCUS_ENDPOINT_TYPE:-blaze} + depends_on: + - "beam-proxy" + - "blaze" + + beam-proxy: + image: docker.verbis.dkfz.de/cache/samply/beam-proxy:${BEAM_TAG} + container_name: bridgehead-beam-proxy + environment: + BROKER_URL: ${BROKER_URL} + PROXY_ID: ${PROXY_ID} + APP_focus_KEY: ${FOCUS_BEAM_SECRET_SHORT} + PRIVKEY_FILE: /run/secrets/proxy.pem + ALL_PROXY: http://forward_proxy:3128 + TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs + ROOTCERT_FILE: /conf/root.crt.pem + secrets: + - proxy.pem + depends_on: + - "forward_proxy" + volumes: + - /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro + - /srv/docker/bridgehead/pscc/root.crt.pem:/conf/root.crt.pem:ro + + +volumes: + blaze-data: + +secrets: + proxy.pem: + file: /etc/bridgehead/pki/${SITE_ID}.priv.pem diff --git a/pscc/root.crt.pem b/pscc/root.crt.pem new file mode 100644 index 0000000..1f1265a --- /dev/null +++ b/pscc/root.crt.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAh2gAwIBAgIUW34NEb7bl0+Ywx+I1VKtY5vpAOowDQYJKoZIhvcNAQEL +BQAwFjEUMBIGA1UEAxMLQnJva2VyLVJvb3QwHhcNMjQwMTIyMTMzNzEzWhcNMzQw +MTE5MTMzNzQzWjAWMRQwEgYDVQQDEwtCcm9rZXItUm9vdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAL5UegLXTlq3XRRj8LyFs3aF0tpRPVoW9RXp5kFI +TnBvyO6qjNbMDT/xK+4iDtEX4QQUvsxAKxfXbe9i1jpdwjgH7JHaSGm2IjAiKLqO +OXQQtguWwfNmmp96Ql13ArLj458YH08xMO/w2NFWGwB/hfARa4z/T0afFuc/tKJf +XbGCG9xzJ9tmcG45QN8NChGhVvaTweNdVxGWlpHxmi0Mn8OM9CEuB7nPtTTiBuiu +pRC2zVVmNjVp4ktkAqL7IHOz+/F5nhiz6tOika9oD3376Xj055lPznLcTQn2+4d7 +K7ZrBopCFxIQPjkgmYRLfPejbpdUjK1UVJw7hbWkqWqH7JMCAwEAAaN7MHkwDgYD +VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFGjvRcaIP4HM +poIguUAK9YL2n7fbMB8GA1UdIwQYMBaAFGjvRcaIP4HMpoIguUAK9YL2n7fbMBYG +A1UdEQQPMA2CC0Jyb2tlci1Sb290MA0GCSqGSIb3DQEBCwUAA4IBAQCbzycJSaDm +AXXNJqQ88djrKs5MDXS8RIjS/cu2ayuLaYDe+BzVmUXNA0Vt9nZGdaz63SLLcjpU +fNSxBfKbwmf7s30AK8Cnfj9q4W/BlBeVizUHQsg1+RQpDIdMrRQrwkXv8mfLw+w5 +3oaXNW6W/8KpBp/H8TBZ6myl6jCbeR3T8EMXBwipMGop/1zkbF01i98Xpqmhx2+l +n+80ofPsSspOo5XmgCZym8CD/m/oFHmjcvOfpOCvDh4PZ+i37pmbSlCYoMpla3u/ +7MJMP5lugfLBYNDN2p+V4KbHP/cApCDT5UWLOeAWjgiZQtHH5ilDeYqEc1oPjyJt +Rtup0MTxSJtN +-----END CERTIFICATE----- \ No newline at end of file diff --git a/pscc/vars b/pscc/vars new file mode 100644 index 0000000..7849cbe --- /dev/null +++ b/pscc/vars @@ -0,0 +1,14 @@ +BROKER_ID=test-no-real-data.broker.samply.de +BROKER_URL=https://${BROKER_ID} +PROXY_ID=${SITE_ID}.${BROKER_ID} +FOCUS_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" +FOCUS_RETRY_COUNT=${FOCUS_RETRY_COUNT:-64} +SUPPORT_EMAIL=denis.koether@dkfz-heidelberg.de +PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem +BROKER_URL_FOR_PREREQ=$BROKER_URL + +for module in $PROJECT/modules/*.sh +do + log DEBUG "sourcing $module" + source $module +done From 7b4206680859aa012fc359f8073ba5d1d7f82025 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Denis=20K=C3=B6ther?= Date: Wed, 30 Apr 2025 16:06:28 +0200 Subject: [PATCH 2/5] fix: added pscc in prepare-system,lens-compose and bridgehead --- bridgehead | 3 +++ lib/prepare-system.sh | 3 +++ pscc/modules/lens-compose.yml | 34 ++++++++++++++++++++++++++++++++++ pscc/modules/lens-setup.sh | 5 +++++ 4 files changed, 45 insertions(+) create mode 100644 pscc/modules/lens-compose.yml create mode 100644 pscc/modules/lens-setup.sh diff --git a/bridgehead b/bridgehead index cbe7527..c97dfc6 100755 --- a/bridgehead +++ b/bridgehead @@ -35,6 +35,9 @@ case "$PROJECT" in cce) #nothing extra to do ;; + pscc) + #nothing extra to do + ;; itcc) #nothing extra to do ;; diff --git a/lib/prepare-system.sh b/lib/prepare-system.sh index b6aba52..a4f68d2 100755 --- a/lib/prepare-system.sh +++ b/lib/prepare-system.sh @@ -55,6 +55,9 @@ case "$PROJECT" in cce) site_configuration_repository_middle="git.verbis.dkfz.de/cce-sites/" ;; + pscc) + site_configuration_repository_middle="git.verbis.dkfz.de/pscc-sites/" + ;; itcc) site_configuration_repository_middle="git.verbis.dkfz.de/itcc-sites/" ;; diff --git a/pscc/modules/lens-compose.yml b/pscc/modules/lens-compose.yml new file mode 100644 index 0000000..cf56658 --- /dev/null +++ b/pscc/modules/lens-compose.yml @@ -0,0 +1,34 @@ +version: "3.7" +services: + landing: + container_name: lens_federated-search + image: docker.verbis.dkfz.de/ccp/lens:${SITE_ID} + labels: + - "traefik.enable=true" + - "traefik.http.routers.landing.rule=PathPrefix(`/`)" + - "traefik.http.services.landing.loadbalancer.server.port=5173" + - "traefik.http.routers.landing.middlewares=auth" + - "traefik.http.routers.landing.tls=true" + +# spot: +# image: docker.verbis.dkfz.de/ccp-private/central-spot +# environment: +# BEAM_SECRET: "${FOCUS_BEAM_SECRET_SHORT}" +# BEAM_URL: http://beam-proxy:8081 +# BEAM_PROXY_ID: ${SITE_ID} +# BEAM_BROKER_ID: ${BROKER_ID} +# BEAM_APP_ID: "focus" +# PROJECT_METADATA: "cce_supervisors" +# depends_on: +# - "beam-proxy" +# labels: +# - "traefik.enable=true" +# - "traefik.http.services.spot.loadbalancer.server.port=8080" +# - "traefik.http.middlewares.corsheaders2.headers.accesscontrolallowmethods=GET,OPTIONS,POST" +# - "traefik.http.middlewares.corsheaders2.headers.accesscontrolalloworiginlist=https://${HOST}" +# - "traefik.http.middlewares.corsheaders2.headers.accesscontrolallowcredentials=true" +# - "traefik.http.middlewares.corsheaders2.headers.accesscontrolmaxage=-1" +# - "traefik.http.routers.spot.rule=Host(`${HOST}`) && PathPrefix(`/backend`)" +# - "traefik.http.middlewares.stripprefix_spot.stripprefix.prefixes=/backend" +# - "traefik.http.routers.spot.tls=true" +# - "traefik.http.routers.spot.middlewares=corsheaders2,stripprefix_spot" diff --git a/pscc/modules/lens-setup.sh b/pscc/modules/lens-setup.sh new file mode 100644 index 0000000..c19dc4b --- /dev/null +++ b/pscc/modules/lens-setup.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +if [ -n "$ENABLE_LENS" ];then + OVERRIDE+=" -f ./$PROJECT/modules/lens-compose.yml" +fi \ No newline at end of file From 72565eb3944a3028f867110882fd9e3668a24869 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Denis=20K=C3=B6ther?= Date: Mon, 5 May 2025 13:51:57 +0200 Subject: [PATCH 3/5] fix: docker image --- pscc/modules/lens-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pscc/modules/lens-compose.yml b/pscc/modules/lens-compose.yml index cf56658..50c3ca3 100644 --- a/pscc/modules/lens-compose.yml +++ b/pscc/modules/lens-compose.yml @@ -2,7 +2,7 @@ version: "3.7" services: landing: container_name: lens_federated-search - image: docker.verbis.dkfz.de/ccp/lens:${SITE_ID} + image: docker.verbis.dkfz.de/pscc/pscc-explorer labels: - "traefik.enable=true" - "traefik.http.routers.landing.rule=PathPrefix(`/`)" From 8ec28adbd2853660b6cc2c50d32e9ff958429749 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Denis=20K=C3=B6ther?= Date: Thu, 8 May 2025 15:13:45 +0200 Subject: [PATCH 4/5] fix: fixed lens image path --- pscc/modules/lens-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pscc/modules/lens-compose.yml b/pscc/modules/lens-compose.yml index 50c3ca3..79559ae 100644 --- a/pscc/modules/lens-compose.yml +++ b/pscc/modules/lens-compose.yml @@ -2,7 +2,7 @@ version: "3.7" services: landing: container_name: lens_federated-search - image: docker.verbis.dkfz.de/pscc/pscc-explorer + image: docker.verbis.dkfz.de/dashboard/pscc-explorer labels: - "traefik.enable=true" - "traefik.http.routers.landing.rule=PathPrefix(`/`)" From 59bdafbb529f8d410a2794f5ede078aec4c99877 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Denis=20K=C3=B6ther?= Date: Thu, 8 May 2025 15:47:28 +0200 Subject: [PATCH 5/5] chore: temp disable blaze-auth --- pscc/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pscc/docker-compose.yml b/pscc/docker-compose.yml index 19fcf39..eef9911 100644 --- a/pscc/docker-compose.yml +++ b/pscc/docker-compose.yml @@ -18,7 +18,7 @@ services: - "traefik.http.routers.blaze_pscc.rule=PathPrefix(`/pscc-localdatamanagement`)" - "traefik.http.middlewares.pscc_b_strip.stripprefix.prefixes=/pscc-localdatamanagement" - "traefik.http.services.blaze_pscc.loadbalancer.server.port=8080" - - "traefik.http.routers.blaze_pscc.middlewares=pscc_b_strip,auth" + - "traefik.http.routers.blaze_pscc.middlewares=pscc_b_strip" - "traefik.http.routers.blaze_pscc.tls=true" focus: