Adapt changes in teiler, exporter and reporter for CCP

bbmri/modules/eric-compose.yml

@@ -26,7 +26,6 @@ services:
       ALL_PROXY: http://forward_proxy:3128
       TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs
       ROOTCERT_FILE: /conf/root.crt.pem
-      RUST_LOG: debug
     secrets:
       - proxy.pem
     depends_on:

bridgehead

@@ -117,7 +117,8 @@ case "$ACTION" in
 		hc_send log "Bridgehead $PROJECT startup: Checking requirements ..."
 		checkRequirements
 		# NOTE: for testing only, we will need to properly setup secret sync if we want to use this code
-		# sync_secrets
+		# TODO: Adapt it for BBMRI (sync_secrets)
+		sync_secrets
 		hc_send log "Bridgehead $PROJECT startup: Requirements checked out. Now starting bridgehead ..."
 		exec $COMPOSE -p $PROJECT -f ./minimal/docker-compose.yml -f ./$PROJECT/docker-compose.yml $OVERRIDE up --abort-on-container-exit
 		;;

ccp/modules/exporter-auth-compose.yml

@@ -0,0 +1,30 @@
+version: "3.7"
+
+services:
+  exporter:
+    labels:
+      # Main router
+      - "traefik.http.routers.exporter_${PLATFORM}.priority=20"
+
+      # API router
+      - "traefik.http.routers.exporter_${PLATFORM}_api.middlewares=exporter_${PLATFORM}_strip,exporter_auth"
+      - "traefik.http.routers.exporter_${PLATFORM}_api.rule=PathRegexp(`/${PLATFORM}-exporter/.+`)"
+      - "traefik.http.routers.exporter_${PLATFORM}_api.tls=true"
+      - "traefik.http.routers.exporter_${PLATFORM}_api.priority=25"
+
+      # Shared middlewares
+      - "traefik.http.middlewares.exporter_auth.basicauth.users=${EXPORTER_USER}"
+
+  reporter:
+    labels:
+      - "traefik.http.routers.reporter_${PLATFORM}.priority=20"
+
+      #- "traefik.http.routers.reporter_${PLATFORM}.middlewares=reporter_${PLATFORM}_strip,exporter_auth"
+      - "traefik.http.routers.reporter_${PLATFORM}_api.middlewares=reporter_${PLATFORM}_strip,exporter_auth"
+      - "traefik.http.routers.reporter_${PLATFORM}_api.rule=PathRegexp(`/${PLATFORM}-reporter/.+`)"
+      - "traefik.http.routers.reporter_${PLATFORM}_api.tls=true"
+      - "traefik.http.routers.reporter_${PLATFORM}_api.priority=25"
+      #- "traefik.http.middlewares.reporter_auth.basicauth.users=${EXPORTER_USER}"
+
+
+

ccp/modules/exporter-compose.yml

@@ -22,18 +22,7 @@ services:
       - "traefik.http.services.exporter_${PLATFORM}.loadbalancer.server.port=8092"
       - "traefik.http.routers.exporter_${PLATFORM}.tls=true"
       - "traefik.http.middlewares.exporter_${PLATFORM}_strip.stripprefix.prefixes=/${PLATFORM}-exporter"
-      - "traefik.http.middlewares.exporter_auth.basicauth.users=${EXPORTER_USER}"
-        #- "traefik.http.routers.exporter_${PLATFORM}.middlewares=exporter_${PLATFORM}_strip,exporter_auth"
       - "traefik.http.routers.exporter_${PLATFORM}.middlewares=exporter_${PLATFORM}_strip"
-      - "traefik.http.routers.exporter_${PLATFORM}.priority=20"
-
-      - "traefik.http.routers.exporter_${PLATFORM}_api.rule=PathRegexp(`/${PLATFORM}-exporter/.+`)"
-      - "traefik.http.routers.exporter_${PLATFORM}_api.tls=true"
-        #- "traefik.http.middlewares.exporter_${PLATFORM}_api_strip.stripprefix.prefixes=/${PLATFORM}-exporter"
-        #- "traefik.http.middlewares.exporter_api_auth.basicauth.users=${EXPORTER_USER}"
-      - "traefik.http.routers.exporter_${PLATFORM}_api.middlewares=exporter_${PLATFORM}_strip,exporter_auth"
-        #- "traefik.http.routers.exporter_${PLATFORM}_api.middlewares=exporter_auth"
-      - "traefik.http.routers.exporter_${PLATFORM}_api.priority=25"
     volumes:
       - "/var/cache/bridgehead/${PLATFORM}/exporter-files:/app/exporter-files/output"
 
@@ -74,15 +63,8 @@ services:
       - "traefik.http.routers.reporter_${PLATFORM}.rule=Path(`/${PLATFORM}-reporter`)"
       - "traefik.http.services.reporter_${PLATFORM}.loadbalancer.server.port=8095"
       - "traefik.http.routers.reporter_${PLATFORM}.tls=true"
-      - "traefik.http.routers.reporter_${PLATFORM}.priority=20"
       - "traefik.http.middlewares.reporter_${PLATFORM}_strip.stripprefix.prefixes=/${PLATFORM}-reporter"
-        #- "traefik.http.middlewares.reporter_auth.basicauth.users=${EXPORTER_USER}"
-      - "traefik.http.routers.reporter_${PLATFORM}.middlewares=reporter_${PLATFORM}_strip,exporter_auth"
-
-      - "traefik.http.routers.reporter_${PLATFORM}_api.rule=PathRegexp(`/${PLATFORM}-reporter/.+`)"
-      - "traefik.http.routers.reporter_${PLATFORM}_api.tls=true"
-      - "traefik.http.routers.reporter_${PLATFORM}_api.middlewares=reporter_${PLATFORM}_strip,exporter_auth"
-      - "traefik.http.routers.reporter_${PLATFORM}_api.priority=25"
+      - "traefik.http.routers.reporter_${PLATFORM}.middlewares=reporter_${PLATFORM}_strip"
 
 
 #  focus:

ccp/modules/exporter-setup.sh

@@ -5,4 +5,7 @@ if [ "$ENABLE_EXPORTER" == true ]; then
   OVERRIDE+=" -f ./ccp/modules/exporter-compose.yml"
   EXPORTER_DB_PASSWORD="$(echo \"This is a salt string to generate one consistent password for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
   EXPORTER_API_KEY="$(echo \"This is a salt string to generate one consistent API KEY for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 64)"
+  if [ "$EXPORTER_USER" == true ]; then
+    OVERRIDE+=" -f ./ccp/modules/exporter-auth-compose.yml"
+  fi
 fi

lib/prerequisites.sh

@@ -69,8 +69,8 @@ log INFO "Checking network access ($BROKER_URL_FOR_PREREQ) ..."
 source "${CONFIG_DIR}${PROJECT}".conf
 source ${PROJECT}/vars
 
-#if [ "${PROJECT}" != "minimal" ]; then
-if false; then
+if [ "${PROJECT}" != "minimal" ]; then
+#if false; then # TODO: Adapt it for BBMRI
   set +e
   SERVERTIME="$(https_proxy=$HTTPS_PROXY_FULL_URL curl -m 5 -s -I $BROKER_URL_FOR_PREREQ 2>&1 | grep -i -e '^Date: ' | sed -e 's/^Date: //i')"
   RET=$?

minimal/docker-compose.yml

@@ -10,7 +10,7 @@ services:
       - --providers.docker=true
       - --providers.docker.exposedbydefault=false
       - --providers.file.directory=/configuration/
-      - --api.dashboard=true
+      - --api.dashboard=true # TODO: Adapt it for CCP
       - --accesslog=true
       - --entrypoints.web.http.redirections.entrypoint.to=websecure
       - --entrypoints.web.http.redirections.entrypoint.scheme=https