samply/bridgehead
1
0
Fork 0
mirror of https://github.com/samply/bridgehead.git synced 2025-06-16 20:40:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Adapt changes in teiler, exporter and reporter for CCP

Browse Source
This commit is contained in:
David Juarez
2025-05-26 12:55:18 +02:00
parent 923faaea85
commit 775a459e58
7 changed files with 39 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
bbmri/modules/eric-compose.yml
View File

@ -26,7 +26,6 @@ services:
ALL_PROXY: http://forward_proxy:3128 ALL_PROXY: http://forward_proxy:3128
TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs
ROOTCERT_FILE: /conf/root.crt.pem ROOTCERT_FILE: /conf/root.crt.pem
RUST_LOG: debug
secrets: secrets:
- proxy.pem - proxy.pem
depends_on: depends_on:

3
bridgehead
View File

@ -117,7 +117,8 @@ case "$ACTION" in
hc_send log "Bridgehead $PROJECT startup: Checking requirements ..." hc_send log "Bridgehead $PROJECT startup: Checking requirements ..."
checkRequirements checkRequirements
# NOTE: for testing only, we will need to properly setup secret sync if we want to use this code # NOTE: for testing only, we will need to properly setup secret sync if we want to use this code
# sync_secrets # TODO: Adapt it for BBMRI (sync_secrets)
sync_secrets
hc_send log "Bridgehead $PROJECT startup: Requirements checked out. Now starting bridgehead ..." hc_send log "Bridgehead $PROJECT startup: Requirements checked out. Now starting bridgehead ..."
exec $COMPOSE -p $PROJECT -f ./minimal/docker-compose.yml -f ./$PROJECT/docker-compose.yml $OVERRIDE up --abort-on-container-exit exec $COMPOSE -p $PROJECT -f ./minimal/docker-compose.yml -f ./$PROJECT/docker-compose.yml $OVERRIDE up --abort-on-container-exit
;; ;;

30
ccp/modules/exporter-auth-compose.yml Normal file
View File

@ -0,0 +1,30 @@
version: "3.7"
services:
exporter:
labels:
# Main router
- "traefik.http.routers.exporter_${PLATFORM}.priority=20"
# API router
- "traefik.http.routers.exporter_${PLATFORM}_api.middlewares=exporter_${PLATFORM}_strip,exporter_auth"
- "traefik.http.routers.exporter_${PLATFORM}_api.rule=PathRegexp(`/${PLATFORM}-exporter/.+`)"
- "traefik.http.routers.exporter_${PLATFORM}_api.tls=true"
- "traefik.http.routers.exporter_${PLATFORM}_api.priority=25"
# Shared middlewares
- "traefik.http.middlewares.exporter_auth.basicauth.users=${EXPORTER_USER}"
reporter:
labels:
- "traefik.http.routers.reporter_${PLATFORM}.priority=20"
#- "traefik.http.routers.reporter_${PLATFORM}.middlewares=reporter_${PLATFORM}_strip,exporter_auth"
- "traefik.http.routers.reporter_${PLATFORM}_api.middlewares=reporter_${PLATFORM}_strip,exporter_auth"
- "traefik.http.routers.reporter_${PLATFORM}_api.rule=PathRegexp(`/${PLATFORM}-reporter/.+`)"
- "traefik.http.routers.reporter_${PLATFORM}_api.tls=true"
- "traefik.http.routers.reporter_${PLATFORM}_api.priority=25"
#- "traefik.http.middlewares.reporter_auth.basicauth.users=${EXPORTER_USER}"

20
ccp/modules/exporter-compose.yml
View File

@ -22,18 +22,7 @@ services:
- "traefik.http.services.exporter_${PLATFORM}.loadbalancer.server.port=8092" - "traefik.http.services.exporter_${PLATFORM}.loadbalancer.server.port=8092"
- "traefik.http.routers.exporter_${PLATFORM}.tls=true" - "traefik.http.routers.exporter_${PLATFORM}.tls=true"
- "traefik.http.middlewares.exporter_${PLATFORM}_strip.stripprefix.prefixes=/${PLATFORM}-exporter" - "traefik.http.middlewares.exporter_${PLATFORM}_strip.stripprefix.prefixes=/${PLATFORM}-exporter"
- "traefik.http.middlewares.exporter_auth.basicauth.users=${EXPORTER_USER}"
#- "traefik.http.routers.exporter_${PLATFORM}.middlewares=exporter_${PLATFORM}_strip,exporter_auth"
- "traefik.http.routers.exporter_${PLATFORM}.middlewares=exporter_${PLATFORM}_strip" - "traefik.http.routers.exporter_${PLATFORM}.middlewares=exporter_${PLATFORM}_strip"
- "traefik.http.routers.exporter_${PLATFORM}.priority=20"
- "traefik.http.routers.exporter_${PLATFORM}_api.rule=PathRegexp(`/${PLATFORM}-exporter/.+`)"
- "traefik.http.routers.exporter_${PLATFORM}_api.tls=true"
#- "traefik.http.middlewares.exporter_${PLATFORM}_api_strip.stripprefix.prefixes=/${PLATFORM}-exporter"
#- "traefik.http.middlewares.exporter_api_auth.basicauth.users=${EXPORTER_USER}"
- "traefik.http.routers.exporter_${PLATFORM}_api.middlewares=exporter_${PLATFORM}_strip,exporter_auth"
#- "traefik.http.routers.exporter_${PLATFORM}_api.middlewares=exporter_auth"
- "traefik.http.routers.exporter_${PLATFORM}_api.priority=25"
volumes: volumes:
- "/var/cache/bridgehead/${PLATFORM}/exporter-files:/app/exporter-files/output" - "/var/cache/bridgehead/${PLATFORM}/exporter-files:/app/exporter-files/output"
@ -74,15 +63,8 @@ services:
- "traefik.http.routers.reporter_${PLATFORM}.rule=Path(`/${PLATFORM}-reporter`)" - "traefik.http.routers.reporter_${PLATFORM}.rule=Path(`/${PLATFORM}-reporter`)"
- "traefik.http.services.reporter_${PLATFORM}.loadbalancer.server.port=8095" - "traefik.http.services.reporter_${PLATFORM}.loadbalancer.server.port=8095"
- "traefik.http.routers.reporter_${PLATFORM}.tls=true" - "traefik.http.routers.reporter_${PLATFORM}.tls=true"
- "traefik.http.routers.reporter_${PLATFORM}.priority=20"
- "traefik.http.middlewares.reporter_${PLATFORM}_strip.stripprefix.prefixes=/${PLATFORM}-reporter" - "traefik.http.middlewares.reporter_${PLATFORM}_strip.stripprefix.prefixes=/${PLATFORM}-reporter"
#- "traefik.http.middlewares.reporter_auth.basicauth.users=${EXPORTER_USER}" - "traefik.http.routers.reporter_${PLATFORM}.middlewares=reporter_${PLATFORM}_strip"
- "traefik.http.routers.reporter_${PLATFORM}.middlewares=reporter_${PLATFORM}_strip,exporter_auth"
- "traefik.http.routers.reporter_${PLATFORM}_api.rule=PathRegexp(`/${PLATFORM}-reporter/.+`)"
- "traefik.http.routers.reporter_${PLATFORM}_api.tls=true"
- "traefik.http.routers.reporter_${PLATFORM}_api.middlewares=reporter_${PLATFORM}_strip,exporter_auth"
- "traefik.http.routers.reporter_${PLATFORM}_api.priority=25"
# focus: # focus:

3
ccp/modules/exporter-setup.sh
View File

@ -5,4 +5,7 @@ if [ "$ENABLE_EXPORTER" == true ]; then
OVERRIDE+=" -f ./ccp/modules/exporter-compose.yml" OVERRIDE+=" -f ./ccp/modules/exporter-compose.yml"
EXPORTER_DB_PASSWORD="$(echo \"This is a salt string to generate one consistent password for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" EXPORTER_DB_PASSWORD="$(echo \"This is a salt string to generate one consistent password for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
EXPORTER_API_KEY="$(echo \"This is a salt string to generate one consistent API KEY for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 64)" EXPORTER_API_KEY="$(echo \"This is a salt string to generate one consistent API KEY for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 64)"
if [ "$EXPORTER_USER" == true ]; then
OVERRIDE+=" -f ./ccp/modules/exporter-auth-compose.yml"
fi
fi fi

4
lib/prerequisites.sh
View File

@ -69,8 +69,8 @@ log INFO "Checking network access ($BROKER_URL_FOR_PREREQ) ..."
source "${CONFIG_DIR}${PROJECT}".conf source "${CONFIG_DIR}${PROJECT}".conf
source ${PROJECT}/vars source ${PROJECT}/vars
#if [ "${PROJECT}" != "minimal" ]; then if [ "${PROJECT}" != "minimal" ]; then
if false; then #if false; then # TODO: Adapt it for BBMRI
set +e set +e
SERVERTIME="$(https_proxy=$HTTPS_PROXY_FULL_URL curl -m 5 -s -I $BROKER_URL_FOR_PREREQ 2>&1 | grep -i -e '^Date: ' | sed -e 's/^Date: //i')" SERVERTIME="$(https_proxy=$HTTPS_PROXY_FULL_URL curl -m 5 -s -I $BROKER_URL_FOR_PREREQ 2>&1 | grep -i -e '^Date: ' | sed -e 's/^Date: //i')"
RET=$? RET=$?

2
minimal/docker-compose.yml
View File

@ -10,7 +10,7 @@ services:
- --providers.docker=true - --providers.docker=true
- --providers.docker.exposedbydefault=false - --providers.docker.exposedbydefault=false
- --providers.file.directory=/configuration/ - --providers.file.directory=/configuration/
- --api.dashboard=true - --api.dashboard=true # TODO: Adapt it for CCP
- --accesslog=true - --accesslog=true
- --entrypoints.web.http.redirections.entrypoint.to=websecure - --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https - --entrypoints.web.http.redirections.entrypoint.scheme=https