From 6e2e13eb2a8c36da98b0cf76bdc9268704faf81c Mon Sep 17 00:00:00 2001
From: "p.delpy@dkfz-heidelberg.de"
Date: Mon, 29 Jul 2024 09:59:07 +0200
Subject: [PATCH] add labels kr project
---
kr/docker-compose.yml | 63 +++++++++++++++++++
kr/modules/export-and-qb.curl-templates | 6 ++
kr/modules/exporter-compose.yml | 67 ++++++++++++++++++++
kr/modules/exporter-setup.sh | 8 +++
kr/modules/exporter.md | 15 +++++
kr/modules/lens-compose.yml | 33 ++++++++++
kr/modules/lens-setup.sh | 5 ++
kr/modules/obds2fhir-rest-compose.yml | 20 ++++++
kr/modules/obds2fhir-rest-setup.sh | 13 ++++
kr/modules/teiler-compose.yml | 81 +++++++++++++++++++++++++
kr/modules/teiler-setup.sh | 9 +++
kr/modules/teiler.md | 19 ++++++
kr/root.crt.pem | 20 ++++++
kr/vars | 16 +++++
14 files changed, 375 insertions(+)
create mode 100644 kr/docker-compose.yml
create mode 100644 kr/modules/export-and-qb.curl-templates
create mode 100644 kr/modules/exporter-compose.yml
create mode 100644 kr/modules/exporter-setup.sh
create mode 100644 kr/modules/exporter.md
create mode 100644 kr/modules/lens-compose.yml
create mode 100644 kr/modules/lens-setup.sh
create mode 100644 kr/modules/obds2fhir-rest-compose.yml
create mode 100644 kr/modules/obds2fhir-rest-setup.sh
create mode 100644 kr/modules/teiler-compose.yml
create mode 100644 kr/modules/teiler-setup.sh
create mode 100644 kr/modules/teiler.md
create mode 100644 kr/root.crt.pem
create mode 100644 kr/vars
diff --git a/kr/docker-compose.yml b/kr/docker-compose.yml
new file mode 100644
index 0000000..13c5f38
--- /dev/null
+++ b/kr/docker-compose.yml
@@ -0,0 +1,63 @@
+version: "3.7"
+
+services:
+ blaze:
+ image: docker.verbis.dkfz.de/cache/samply/blaze:0.28
+ container_name: bridgehead-cce-blaze
+ environment:
+ BASE_URL: "http://bridgehead-cce-blaze:8080"
+ JAVA_TOOL_OPTIONS: "-Xmx${BLAZE_MEMORY_CAP:-4096}m"
+ DB_RESOURCE_CACHE_SIZE: ${BLAZE_RESOURCE_CACHE_CAP:-2500000}
+ DB_BLOCK_CACHE_SIZE: $BLAZE_MEMORY_CAP
+ ENFORCE_REFERENTIAL_INTEGRITY: "false"
+ volumes:
+ - "blaze-data:/app/data"
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.routers.blaze_cce.rule=PathPrefix(`/cce-localdatamanagement`)"
+ - "traefik.http.middlewares.cce_b_strip.stripprefix.prefixes=/cce-localdatamanagement"
+ - "traefik.http.services.blaze_cce.loadbalancer.server.port=8080"
+ - "traefik.http.routers.blaze_cce.middlewares=cce_b_strip,auth"
+ - "traefik.http.routers.blaze_cce.tls=true"
+
+ focus:
+ image: docker.verbis.dkfz.de/cache/samply/focus:${FOCUS_TAG}
+ container_name: bridgehead-focus
+ environment:
+ API_KEY: ${FOCUS_BEAM_SECRET_SHORT}
+ BEAM_APP_ID_LONG: focus.${PROXY_ID}
+ PROXY_ID: ${PROXY_ID}
+ BLAZE_URL: "http://bridgehead-cce-blaze:8080/fhir/"
+ BEAM_PROXY_URL: http://beam-proxy:8081
+ RETRY_COUNT: ${FOCUS_RETRY_COUNT}
+ EPSILON: 0.28
+ depends_on:
+ - "beam-proxy"
+ - "blaze"
+
+ beam-proxy:
+ image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop
+ container_name: bridgehead-beam-proxy
+ environment:
+ BROKER_URL: ${BROKER_URL}
+ PROXY_ID: ${PROXY_ID}
+ APP_focus_KEY: ${FOCUS_BEAM_SECRET_SHORT}
+ PRIVKEY_FILE: /run/secrets/proxy.pem
+ ALL_PROXY: http://forward_proxy:3128
+ TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs
+ ROOTCERT_FILE: /conf/root.crt.pem
+ secrets:
+ - proxy.pem
+ depends_on:
+ - "forward_proxy"
+ volumes:
+ - /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro
+ - /srv/docker/bridgehead/cce/root.crt.pem:/conf/root.crt.pem:ro
+
+
+volumes:
+ blaze-data:
+
+secrets:
+ proxy.pem:
+ file: /etc/bridgehead/pki/${SITE_ID}.priv.pem
diff --git a/kr/modules/export-and-qb.curl-templates b/kr/modules/export-and-qb.curl-templates
new file mode 100644
index 0000000..739c5af
--- /dev/null
+++ b/kr/modules/export-and-qb.curl-templates
@@ -0,0 +1,6 @@
+# Full Excel Export
+curl --location --request POST 'https://${HOST}/ccp-exporter/request?query=Patient&query-format=FHIR_PATH&template-id=ccp&output-format=EXCEL' \
+--header 'x-api-key: ${EXPORT_API_KEY}'
+
+# QB
+curl --location --request POST 'https://${HOST}/ccp-reporter/generate?template-id=ccp'
diff --git a/kr/modules/exporter-compose.yml b/kr/modules/exporter-compose.yml
new file mode 100644
index 0000000..d5eb227
--- /dev/null
+++ b/kr/modules/exporter-compose.yml
@@ -0,0 +1,67 @@
+version: "3.7"
+
+services:
+ exporter:
+ image: docker.verbis.dkfz.de/ccp/dktk-exporter:latest
+ container_name: bridgehead-ccp-exporter
+ environment:
+ JAVA_OPTS: "-Xms1G -Xmx8G -XX:+UseG1GC"
+ LOG_LEVEL: "INFO"
+ EXPORTER_API_KEY: "${EXPORTER_API_KEY}" # Set in exporter-setup.sh
+ CROSS_ORIGINS: "https://${HOST}"
+ EXPORTER_DB_USER: "exporter"
+ EXPORTER_DB_PASSWORD: "${EXPORTER_DB_PASSWORD}" # Set in exporter-setup.sh
+ EXPORTER_DB_URL: "jdbc:postgresql://exporter-db:5432/exporter"
+ HTTP_RELATIVE_PATH: "/ccp-exporter"
+ SITE: "${SITE_ID}"
+ HTTP_SERVLET_REQUEST_SCHEME: "https"
+ OPAL_PASSWORD: "${EXPORTER_OPAL_PASSWORD}"
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.routers.exporter_ccp.rule=PathPrefix(`/ccp-exporter`)"
+ - "traefik.http.services.exporter_ccp.loadbalancer.server.port=8092"
+ - "traefik.http.routers.exporter_ccp.tls=true"
+ - "traefik.http.middlewares.exporter_ccp_strip.stripprefix.prefixes=/ccp-exporter"
+ - "traefik.http.routers.exporter_ccp.middlewares=exporter_ccp_strip"
+ volumes:
+ - "/var/cache/bridgehead/ccp/exporter-files:/app/exporter-files/output"
+
+ exporter-db:
+ image: docker.verbis.dkfz.de/cache/postgres:${POSTGRES_TAG}
+ container_name: bridgehead-ccp-exporter-db
+ environment:
+ POSTGRES_USER: "exporter"
+ POSTGRES_PASSWORD: "${EXPORTER_DB_PASSWORD}" # Set in exporter-setup.sh
+ POSTGRES_DB: "exporter"
+ volumes:
+ # Consider removing this volume once we find a solution to save Lens-queries to be executed in the explorer.
+ - "/var/cache/bridgehead/ccp/exporter-db:/var/lib/postgresql/data"
+
+ reporter:
+ image: docker.verbis.dkfz.de/ccp/dktk-reporter:latest
+ container_name: bridgehead-ccp-reporter
+ environment:
+ JAVA_OPTS: "-Xms1G -Xmx8G -XX:+UseG1GC"
+ LOG_LEVEL: "INFO"
+ CROSS_ORIGINS: "https://${HOST}"
+ HTTP_RELATIVE_PATH: "/ccp-reporter"
+ SITE: "${SITE_ID}"
+ EXPORTER_API_KEY: "${EXPORTER_API_KEY}" # Set in exporter-setup.sh
+ EXPORTER_URL: "http://exporter:8092"
+ LOG_FHIR_VALIDATION: "false"
+ HTTP_SERVLET_REQUEST_SCHEME: "https"
+
+ # In this initial development state of the bridgehead, we are trying to have so many volumes as possible.
+ # However, in the first executions in the CCP sites, this volume seems to be very important. A report is
+ # a process that can take several hours, because it depends on the exporter.
+ # There is a risk that the bridgehead restarts, losing the already created export.
+
+ volumes:
+ - "/var/cache/bridgehead/ccp/reporter-files:/app/reports"
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.routers.reporter_ccp.rule=PathPrefix(`/ccp-reporter`)"
+ - "traefik.http.services.reporter_ccp.loadbalancer.server.port=8095"
+ - "traefik.http.routers.reporter_ccp.tls=true"
+ - "traefik.http.middlewares.reporter_ccp_strip.stripprefix.prefixes=/ccp-reporter"
+ - "traefik.http.routers.reporter_ccp.middlewares=reporter_ccp_strip"
diff --git a/kr/modules/exporter-setup.sh b/kr/modules/exporter-setup.sh
new file mode 100644
index 0000000..9b947a6
--- /dev/null
+++ b/kr/modules/exporter-setup.sh
@@ -0,0 +1,8 @@
+#!/bin/bash -e
+
+if [ "$ENABLE_EXPORTER" == true ]; then
+ log INFO "Exporter setup detected -- will start Exporter service."
+ OVERRIDE+=" -f ./$PROJECT/modules/exporter-compose.yml"
+ EXPORTER_DB_PASSWORD="$(echo \"This is a salt string to generate one consistent password for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
+ EXPORTER_API_KEY="$(echo \"This is a salt string to generate one consistent API KEY for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 64)"
+fi
diff --git a/kr/modules/exporter.md b/kr/modules/exporter.md
new file mode 100644
index 0000000..24e81b0
--- /dev/null
+++ b/kr/modules/exporter.md
@@ -0,0 +1,15 @@
+# Exporter and Reporter
+
+
+## Exporter
+The exporter is a REST API that exports the data of the different databases of the bridgehead in a set of tables.
+It can accept different output formats as CSV, Excel, JSON or XML. It can also export data into Opal.
+
+## Exporter-DB
+It is a database to save queries for its execution in the exporter.
+The exporter manages also the different executions of the same query in through the database.
+
+## Reporter
+This component is a plugin of the exporter that allows to create more complex Excel reports described in templates.
+It is compatible with different template engines as Groovy, Thymeleaf,...
+It is perfect to generate a document as our traditional CCP quality report.
diff --git a/kr/modules/lens-compose.yml b/kr/modules/lens-compose.yml
new file mode 100644
index 0000000..12b95ce
--- /dev/null
+++ b/kr/modules/lens-compose.yml
@@ -0,0 +1,33 @@
+version: "3.7"
+services:
+ landing:
+ container_name: lens_federated-search
+ image: docker.verbis.dkfz.de/ccp/lens:${SITE_ID}
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.routers.landing.rule=PathPrefix(`/`)"
+ - "traefik.http.services.landing.loadbalancer.server.port=80"
+ - "traefik.http.routers.landing.tls=true"
+
+ spot:
+ image: docker.verbis.dkfz.de/ccp-private/central-spot
+ environment:
+ BEAM_SECRET: "${FOCUS_BEAM_SECRET_SHORT}"
+ BEAM_URL: http://beam-proxy:8081
+ BEAM_PROXY_ID: ${SITE_ID}
+ BEAM_BROKER_ID: ${BROKER_ID}
+ BEAM_APP_ID: "focus"
+ PROJECT_METADATA: "cce_supervisors"
+ depends_on:
+ - "beam-proxy"
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.services.spot.loadbalancer.server.port=8080"
+ - "traefik.http.middlewares.corsheaders2.headers.accesscontrolallowmethods=GET,OPTIONS,POST"
+ - "traefik.http.middlewares.corsheaders2.headers.accesscontrolalloworiginlist=https://${HOST}"
+ - "traefik.http.middlewares.corsheaders2.headers.accesscontrolallowcredentials=true"
+ - "traefik.http.middlewares.corsheaders2.headers.accesscontrolmaxage=-1"
+ - "traefik.http.routers.spot.rule=Host(`${HOST}`) && PathPrefix(`/backend`)"
+ - "traefik.http.middlewares.stripprefix_spot.stripprefix.prefixes=/backend"
+ - "traefik.http.routers.spot.tls=true"
+ - "traefik.http.routers.spot.middlewares=corsheaders2,stripprefix_spot"
diff --git a/kr/modules/lens-setup.sh b/kr/modules/lens-setup.sh
new file mode 100644
index 0000000..c19dc4b
--- /dev/null
+++ b/kr/modules/lens-setup.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+if [ -n "$ENABLE_LENS" ];then
+ OVERRIDE+=" -f ./$PROJECT/modules/lens-compose.yml"
+fi
\ No newline at end of file
diff --git a/kr/modules/obds2fhir-rest-compose.yml b/kr/modules/obds2fhir-rest-compose.yml
new file mode 100644
index 0000000..f201e23
--- /dev/null
+++ b/kr/modules/obds2fhir-rest-compose.yml
@@ -0,0 +1,20 @@
+version: "3.7"
+
+services:
+ obds2fhir-rest:
+ container_name: bridgehead-obds2fhir-rest
+ image: docker.verbis.dkfz.de/ccp/obds2fhir-rest:main
+ environment:
+ IDTYPE: BK_${IDMANAGEMENT_FRIENDLY_ID}_L-ID
+ MAINZELLISTE_APIKEY: ${IDMANAGER_LOCAL_PATIENTLIST_APIKEY}
+ SALT: ${LOCAL_SALT}
+ KEEP_INTERNAL_ID: ${KEEP_INTERNAL_ID:-false}
+ MAINZELLISTE_URL: ${PATIENTLIST_URL:-http://patientlist:8080/patientlist}
+ restart: always
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.routers.obds2fhir-rest.rule=PathPrefix(`/obds2fhir-rest`) || PathPrefix(`/adt2fhir-rest`)"
+ - "traefik.http.middlewares.obds2fhir-rest_strip.stripprefix.prefixes=/obds2fhir-rest,/adt2fhir-rest"
+ - "traefik.http.services.obds2fhir-rest.loadbalancer.server.port=8080"
+ - "traefik.http.routers.obds2fhir-rest.tls=true"
+ - "traefik.http.routers.obds2fhir-rest.middlewares=obds2fhir-rest_strip,auth"
diff --git a/kr/modules/obds2fhir-rest-setup.sh b/kr/modules/obds2fhir-rest-setup.sh
new file mode 100644
index 0000000..677ea63
--- /dev/null
+++ b/kr/modules/obds2fhir-rest-setup.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+function obds2fhirRestSetup() {
+ if [ -n "$ENABLE_OBDS2FHIR_REST" ]; then
+ log INFO "oBDS2FHIR-REST setup detected -- will start obds2fhir-rest module."
+ if [ ! -n "$IDMANAGER_UPLOAD_APIKEY" ]; then
+ log ERROR "Missing ID-Management Module! Fix this by setting up ID Management:"
+ PATIENTLIST_URL=" "
+ fi
+ OVERRIDE+=" -f ./$PROJECT/modules/obds2fhir-rest-compose.yml"
+ LOCAL_SALT="$(echo \"local-random-salt\" | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
+ fi
+}
diff --git a/kr/modules/teiler-compose.yml b/kr/modules/teiler-compose.yml
new file mode 100644
index 0000000..f415ee9
--- /dev/null
+++ b/kr/modules/teiler-compose.yml
@@ -0,0 +1,81 @@
+version: "3.7"
+
+services:
+
+ teiler-orchestrator:
+ image: docker.verbis.dkfz.de/cache/samply/teiler-orchestrator:latest
+ container_name: bridgehead-teiler-orchestrator
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.routers.teiler_orchestrator_ccp.rule=PathPrefix(`/ccp-teiler`)"
+ - "traefik.http.services.teiler_orchestrator_ccp.loadbalancer.server.port=9000"
+ - "traefik.http.routers.teiler_orchestrator_ccp.tls=true"
+ - "traefik.http.middlewares.teiler_orchestrator_ccp_strip.stripprefix.prefixes=/ccp-teiler"
+ - "traefik.http.routers.teiler_orchestrator_ccp.middlewares=teiler_orchestrator_ccp_strip"
+ environment:
+ TEILER_BACKEND_URL: "https://${HOST}/ccp-teiler-backend"
+ TEILER_DASHBOARD_URL: "https://${HOST}/ccp-teiler-dashboard"
+ DEFAULT_LANGUAGE: "${TEILER_DEFAULT_LANGUAGE_LOWER_CASE}"
+ HTTP_RELATIVE_PATH: "/ccp-teiler"
+
+ teiler-dashboard:
+ image: docker.verbis.dkfz.de/cache/samply/teiler-dashboard:develop
+ container_name: bridgehead-teiler-dashboard
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.routers.teiler_dashboard_ccp.rule=PathPrefix(`/ccp-teiler-dashboard`)"
+ - "traefik.http.services.teiler_dashboard_ccp.loadbalancer.server.port=80"
+ - "traefik.http.routers.teiler_dashboard_ccp.tls=true"
+ - "traefik.http.middlewares.teiler_dashboard_ccp_strip.stripprefix.prefixes=/ccp-teiler-dashboard"
+ - "traefik.http.routers.teiler_dashboard_ccp.middlewares=teiler_dashboard_ccp_strip"
+ environment:
+ DEFAULT_LANGUAGE: "${TEILER_DEFAULT_LANGUAGE}"
+ TEILER_BACKEND_URL: "https://${HOST}/ccp-teiler-backend"
+ OIDC_URL: "${OIDC_URL}"
+ OIDC_REALM: "${OIDC_REALM}"
+ OIDC_CLIENT_ID: "${OIDC_PUBLIC_CLIENT_ID}"
+ OIDC_TOKEN_GROUP: "${OIDC_GROUP_CLAIM}"
+ TEILER_ADMIN_NAME: "${OPERATOR_FIRST_NAME} ${OPERATOR_LAST_NAME}"
+ TEILER_ADMIN_EMAIL: "${OPERATOR_EMAIL}"
+ TEILER_ADMIN_PHONE: "${OPERATOR_PHONE}"
+ TEILER_PROJECT: "${PROJECT}"
+ EXPORTER_API_KEY: "${EXPORTER_API_KEY}"
+ TEILER_ORCHESTRATOR_URL: "https://${HOST}/ccp-teiler"
+ TEILER_DASHBOARD_HTTP_RELATIVE_PATH: "/ccp-teiler-dashboard"
+ TEILER_ORCHESTRATOR_HTTP_RELATIVE_PATH: "/ccp-teiler"
+ TEILER_USER: "${OIDC_USER_GROUP}"
+ TEILER_ADMIN: "${OIDC_ADMIN_GROUP}"
+ REPORTER_DEFAULT_TEMPLATE_ID: "ccp-qb"
+ EXPORTER_DEFAULT_TEMPLATE_ID: "ccp"
+
+
+ teiler-backend:
+ image: docker.verbis.dkfz.de/ccp/dktk-teiler-backend:latest
+ container_name: bridgehead-teiler-backend
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.routers.teiler_backend_ccp.rule=PathPrefix(`/ccp-teiler-backend`)"
+ - "traefik.http.services.teiler_backend_ccp.loadbalancer.server.port=8085"
+ - "traefik.http.routers.teiler_backend_ccp.tls=true"
+ - "traefik.http.middlewares.teiler_backend_ccp_strip.stripprefix.prefixes=/ccp-teiler-backend"
+ - "traefik.http.routers.teiler_backend_ccp.middlewares=teiler_backend_ccp_strip"
+ environment:
+ LOG_LEVEL: "INFO"
+ APPLICATION_PORT: "8085"
+ APPLICATION_ADDRESS: "${HOST}"
+ DEFAULT_LANGUAGE: "${TEILER_DEFAULT_LANGUAGE}"
+ CONFIG_ENV_VAR_PATH: "/run/secrets/ccp.conf"
+ TEILER_ORCHESTRATOR_HTTP_RELATIVE_PATH: "/ccp-teiler"
+ TEILER_ORCHESTRATOR_URL: "https://${HOST}/ccp-teiler"
+ TEILER_DASHBOARD_DE_URL: "https://${HOST}/ccp-teiler-dashboard/de"
+ TEILER_DASHBOARD_EN_URL: "https://${HOST}/ccp-teiler-dashboard/en"
+ CENTRAX_URL: "${CENTRAXX_URL}"
+ HTTP_PROXY: "http://forward_proxy:3128"
+ ENABLE_MTBA: "${ENABLE_MTBA}"
+ ENABLE_DATASHIELD: "${ENABLE_DATASHIELD}"
+ secrets:
+ - ccp.conf
+
+secrets:
+ ccp.conf:
+ file: /etc/bridgehead/ccp.conf
diff --git a/kr/modules/teiler-setup.sh b/kr/modules/teiler-setup.sh
new file mode 100644
index 0000000..eed3f81
--- /dev/null
+++ b/kr/modules/teiler-setup.sh
@@ -0,0 +1,9 @@
+#!/bin/bash -e
+
+if [ "$ENABLE_TEILER" == true ];then
+ log INFO "Teiler setup detected -- will start Teiler services."
+ OVERRIDE+=" -f ./$PROJECT/modules/teiler-compose.yml"
+ TEILER_DEFAULT_LANGUAGE=DE
+ TEILER_DEFAULT_LANGUAGE_LOWER_CASE=${TEILER_DEFAULT_LANGUAGE,,}
+ add_public_oidc_redirect_url "/ccp-teiler/*"
+fi
diff --git a/kr/modules/teiler.md b/kr/modules/teiler.md
new file mode 100644
index 0000000..51e94e4
--- /dev/null
+++ b/kr/modules/teiler.md
@@ -0,0 +1,19 @@
+# Teiler
+This module orchestrates the different microfrontends of the bridgehead as a single page application.
+
+## Teiler Orchestrator
+Single SPA component that consists on the root HTML site of the single page application and a javascript code that
+gets the information about the microfrontend calling the teiler backend and is responsible for registering them. With the
+resulting mapping, it can initialize, mount and unmount the required microfrontends on the fly.
+
+The microfrontends run independently in different containers and can be based on different frameworks (Angular, Vue, React,...)
+This microfrontends can run as single alone but need an extension with Single-SPA (https://single-spa.js.org/docs/ecosystem).
+There are also available three templates (Angular, Vue, React) to be directly extended to be used directly in the teiler.
+
+## Teiler Dashboard
+It consists on the main dashboard and a set of embedded services.
+### Login
+user and password in ccp.local.conf
+
+## Teiler Backend
+In this component, the microfrontends are configured.
diff --git a/kr/root.crt.pem b/kr/root.crt.pem
new file mode 100644
index 0000000..1f1265a
--- /dev/null
+++ b/kr/root.crt.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDNTCCAh2gAwIBAgIUW34NEb7bl0+Ywx+I1VKtY5vpAOowDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAxMLQnJva2VyLVJvb3QwHhcNMjQwMTIyMTMzNzEzWhcNMzQw
+MTE5MTMzNzQzWjAWMRQwEgYDVQQDEwtCcm9rZXItUm9vdDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAL5UegLXTlq3XRRj8LyFs3aF0tpRPVoW9RXp5kFI
+TnBvyO6qjNbMDT/xK+4iDtEX4QQUvsxAKxfXbe9i1jpdwjgH7JHaSGm2IjAiKLqO
+OXQQtguWwfNmmp96Ql13ArLj458YH08xMO/w2NFWGwB/hfARa4z/T0afFuc/tKJf
+XbGCG9xzJ9tmcG45QN8NChGhVvaTweNdVxGWlpHxmi0Mn8OM9CEuB7nPtTTiBuiu
+pRC2zVVmNjVp4ktkAqL7IHOz+/F5nhiz6tOika9oD3376Xj055lPznLcTQn2+4d7
+K7ZrBopCFxIQPjkgmYRLfPejbpdUjK1UVJw7hbWkqWqH7JMCAwEAAaN7MHkwDgYD
+VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFGjvRcaIP4HM
+poIguUAK9YL2n7fbMB8GA1UdIwQYMBaAFGjvRcaIP4HMpoIguUAK9YL2n7fbMBYG
+A1UdEQQPMA2CC0Jyb2tlci1Sb290MA0GCSqGSIb3DQEBCwUAA4IBAQCbzycJSaDm
+AXXNJqQ88djrKs5MDXS8RIjS/cu2ayuLaYDe+BzVmUXNA0Vt9nZGdaz63SLLcjpU
+fNSxBfKbwmf7s30AK8Cnfj9q4W/BlBeVizUHQsg1+RQpDIdMrRQrwkXv8mfLw+w5
+3oaXNW6W/8KpBp/H8TBZ6myl6jCbeR3T8EMXBwipMGop/1zkbF01i98Xpqmhx2+l
+n+80ofPsSspOo5XmgCZym8CD/m/oFHmjcvOfpOCvDh4PZ+i37pmbSlCYoMpla3u/
+7MJMP5lugfLBYNDN2p+V4KbHP/cApCDT5UWLOeAWjgiZQtHH5ilDeYqEc1oPjyJt
+Rtup0MTxSJtN
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/kr/vars b/kr/vars
new file mode 100644
index 0000000..d4e5a27
--- /dev/null
+++ b/kr/vars
@@ -0,0 +1,16 @@
+BROKER_ID=test-no-real-data.broker.samply.de
+BROKER_URL=https://${BROKER_ID}
+PROXY_ID=${SITE_ID}.${BROKER_ID}
+FOCUS_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
+FOCUS_RETRY_COUNT=${FOCUS_RETRY_COUNT:-64}
+SUPPORT_EMAIL=arturo.macias@dkfz-heidelberg.de
+PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem
+BROKER_URL_FOR_PREREQ=$BROKER_URL
+
+for module in $PROJECT/modules/*.sh
+do
+ log DEBUG "sourcing $module"
+ source $module
+done
+
+obds2fhirRestSetup
\ No newline at end of file