From bece71441ce9bf7106bdc96558411a72746af6e3 Mon Sep 17 00:00:00 2001 From: Martin Lablans Date: Tue, 8 Nov 2022 10:39:11 +0100 Subject: [PATCH 01/24] Support DNPM --- ccp/vars | 4 ++ dnpm/dnpm-compose.yml | 104 ++++++++++++++++++++++++++++++++ dnpm/dnpm-setup.sh | 11 ++++ dnpm/origin/Backend.Dockerfile | 66 ++++++++++++++++++++ dnpm/origin/Frontend.Dockerfile | 39 ++++++++++++ dnpm/origin/logback.xml | 37 ++++++++++++ 6 files changed, 261 insertions(+) create mode 100644 dnpm/dnpm-compose.yml create mode 100644 dnpm/dnpm-setup.sh create mode 100644 dnpm/origin/Backend.Dockerfile create mode 100644 dnpm/origin/Frontend.Dockerfile create mode 100644 dnpm/origin/logback.xml diff --git a/ccp/vars b/ccp/vars index f5f734e..c334d4e 100644 --- a/ccp/vars +++ b/ccp/vars @@ -11,3 +11,7 @@ PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem # This will load nngm setup. Effective only if nngm configuration is defined. source $PROJECT/nngm-setup.sh nngmSetup + +# This will load DNPM setup. Effective only if DNPM configuration is defined in /etc/bridgehead/dnpm. +source dnpm/dnpm-setup.sh +dnpmSetup diff --git a/dnpm/dnpm-compose.yml b/dnpm/dnpm-compose.yml new file mode 100644 index 0000000..1904123 --- /dev/null +++ b/dnpm/dnpm-compose.yml @@ -0,0 +1,104 @@ +version: "3.7" + +secrets: + connect_targets.json: + file: /etc/bridgehead/dnpm/local_targets.json + +services: +# traefik: +# command: +# - --entrypoints.dnpm-frontend.address=:3000 +# - --entrypoints.dnpm-backend.address=:9000 +# ports: +# - 3000:3000 +# - 9000:9000 + beam-proxy: + environment: + APP_2_ID: dnpm + APP_2_KEY: ${DNPM_BEAM_SECRET_SHORT} + + dnpm-beam-connect: + depends_on: [ beam-proxy ] + image: samply/beam-connect:sites-without-auth + environment: + PROXY_URL: http://beam-proxy:8081 + PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} + APP_ID: dnpm.${PROXY_ID} + DISCOVERY_URL: ${DNPM_DISCOVERY_URL} + LOCAL_TARGETS_FILE: /run/secrets/connect_targets.json + HTTP_PROXY: http://forward_proxy:3128 + HTTPS_PROXY: http://forward_proxy:3128 + NO_PROXY: proxy,dnpm-backend + RUST_LOG: ${RUST_LOG:-info} + secrets: + - connect_targets.json +# Enable this if you disable the internal DNPM backend/frontend +# ports: +# - 8062:8062 +# or the same via traefik: +# labels: +# - "traefik.enable=true" +# - "traefik.http.routers.connector.rule=PathPrefix(`/dnpm-connector`)" +# - "traefik.http.services.connector.loadbalancer.server.port=8062" +# - "traefik.http.routers.connector.tls=true" + + dnpm-frontend: + depends_on: [ dnpm-backend ] + build: + context: ./dnpm/origin + dockerfile: Frontend.Dockerfile + args: + NUXT_HOST: 0.0.0.0 + NUXT_PORT: 3000 + BACKEND_PROTOCOL: http + BACKEND_HOSTNAME: localhost + BACKEND_PORT: 9000 + DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} + ports: + - 3000:3000 + environment: + BACKEND_PROTOCOL: http + BACKEND_HOSTNAME: localhost + BACKEND_PORT: 9000 + no_proxy: dnpm-backend +# labels: +# - "traefik.enable=true" +# - "traefik.http.routers.dnpm-frontend.entrypoints=dnpm-frontend" +# - "traefik.http.routers.dnpm-frontend.tls=true" +# - "traefik.http.services.dnpm-frontend.loadbalancer.server.port=3000" +## - "traefik.http.routers.dashboard.entrypoints=websecure" +## - "traefik.http.routers.dashboard.service=api@internal" +## - "traefik.http.routers.dashboard.tls=true" +## - "traefik.http.routers.dashboard.middlewares=auth" +## - "traefik.http.routers.dnpm-frontend.service=dnpm-frontend" + + dnpm-backend: + build: + context: ./dnpm/origin + dockerfile: Backend.Dockerfile + args: + BWHC_BASE_DIR: /bwhc-backend + DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP} + ports: + - 9000:9000 + environment: + APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET} + ZPM_SITE: ${ZPM_SITE} + noproxy: dnpm-frontend,connect + # PLAY_HTTP_PORT: 9000 + # PLAY_HTTP_ADDRESS: 0.0.0.0 + volumes: + - ./origin/logback.xml:/bwhc-backend/logback.xml:ro + - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro + - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro + - bwhc_data:/bwhc-backend/data/ + - bwhc_hgnc_data:/bwhc-backend/hgnc_data/ +# labels: +# - "traefik.enable=true" +# - "traefik.http.routers.connector.rule=PathPrefix(`/dnpm-backend`)" +# - "traefik.http.services.connector.loadbalancer.server.port=9000" +# - "traefik.http.routers.connector.tls=true" + +volumes: + bwhc_data: + bwhc_hgnc_data: diff --git a/dnpm/dnpm-setup.sh b/dnpm/dnpm-setup.sh new file mode 100644 index 0000000..f8893a3 --- /dev/null +++ b/dnpm/dnpm-setup.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +function dnpmSetup() { + if [ -e /etc/bridgehead/dnpm/local_targets.json ]; then + log INFO "DNPM setup detected -- will start DNPM Connector." + source /etc/bridgehead/dnpm/shared-but-secret-vars || fail_and_report 1 "Unable to load /etc/bridgehead/dnpm/shared-but-secret-vars" + OVERRIDE+="-f ./dnpm/dnpm-compose.yml" + DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" + DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" + fi +} diff --git a/dnpm/origin/Backend.Dockerfile b/dnpm/origin/Backend.Dockerfile new file mode 100644 index 0000000..e37c008 --- /dev/null +++ b/dnpm/origin/Backend.Dockerfile @@ -0,0 +1,66 @@ +FROM openjdk:11-jre AS builder + +ARG DNPM_BWHC_BACKEND_ZIP + +# Change to latest release +ARG VERSION=broker + +ARG BWHC_BASE_DIR=/bwhc-backend + +ENV BWHC_BASE_DIR=$BWHC_BASE_DIR +ENV BWHC_USER_DB_DIR=$BWHC_BASE_DIR/data/user-db +ENV BWHC_DATA_ENTRY_DIR=$BWHC_BASE_DIR/data/data-entry +ENV BWHC_QUERY_DATA_DIR=$BWHC_BASE_DIR/data/query-data + +ADD ${DNPM_BWHC_BACKEND_ZIP} / +RUN unzip $(basename ${DNPM_BWHC_BACKEND_ZIP}) && rm $(basename ${DNPM_BWHC_BACKEND_ZIP}) + +WORKDIR $BWHC_BASE_DIR + +# Prepare config file to use environment variables from docker +RUN sed -i -r "s/APPLICATION_SECRET(.*)/#APPLICATION_SECRET\1/" ./config +RUN sed -i -r "s/ZPM_SITE(.*)/#ZPM_SITE\1/" ./config + +# Prepare config file to use fix environment variables for this image +RUN sed -i -r "s~BWHC_DATA_ENTRY_DIR.*~BWHC_DATA_ENTRY_DIR=$BWHC_DATA_ENTRY_DIR~" ./config +RUN sed -i -r "s~BWHC_QUERY_DATA_DIR.*~BWHC_QUERY_DATA_DIR=$BWHC_QUERY_DATA_DIR~" ./config +RUN sed -i -r "s~BWHC_USER_DB_DIR.*~BWHC_USER_DB_DIR=$BWHC_USER_DB_DIR~" ./config + +RUN ./install.sh $BWHC_BASE_DIR + +RUN mv bwhc-rest-api-gateway-*/ bwhc-rest-api-gateway/ + +FROM openjdk:11-jre + +ARG BWHC_BASE_DIR=/bwhc-backend + +ENV BWHC_BASE_DIR=$BWHC_BASE_DIR +ENV BWHC_USER_DB_DIR=$BWHC_BASE_DIR/data/user-db +ENV BWHC_DATA_ENTRY_DIR=$BWHC_BASE_DIR/data/data-entry +ENV BWHC_QUERY_DATA_DIR=$BWHC_BASE_DIR/data/query-data +ENV BWHC_CONNECTOR_CONFIG=$BWHC_BASE_DIR/bwhcConnectorConfig.xml + +COPY --from=builder $BWHC_BASE_DIR/config $BWHC_BASE_DIR/ +COPY --from=builder $BWHC_BASE_DIR/bwhcConnectorConfig.xml $BWHC_BASE_DIR/ +COPY --from=builder $BWHC_BASE_DIR/logback.xml $BWHC_BASE_DIR/ +COPY --from=builder $BWHC_BASE_DIR/production.conf $BWHC_BASE_DIR/ +COPY --from=builder $BWHC_BASE_DIR/bwhc-rest-api-gateway/ $BWHC_BASE_DIR/bwhc-rest-api-gateway/ + +VOLUME $BWHC_BASE_DIR/data +VOLUME $BWHC_BASE_DIR/hgnc_data + +EXPOSE ${BWHC_BACKEND_PORT} + +WORKDIR $BWHC_BASE_DIR + +CMD $BWHC_BASE_DIR/bwhc-rest-api-gateway/bin/bwhc-rest-api-gateway \ + -Dplay.http.secret.key=$APPLICATION_SECRET \ + -Dconfig.file=$BWHC_BASE_DIR/production.conf \ + -Dlogger.file=$BWHC_BASE_DIR/logback.xml \ + -Dpidfile.path=/dev/null \ + -Dbwhc.zpm.site=$ZPM_SITE \ + -Dbwhc.data.entry.dir=$BWHC_DATA_ENTRY_DIR \ + -Dbwhc.query.data.dir=$BWHC_QUERY_DATA_DIR \ + -Dbwhc.user.data.dir=$BWHC_USER_DB_DIR \ + -Dbwhc.hgnc.dir=$BWHC_HGNC_DIR \ + -Dbwhc.connector.configFile=$BWHC_CONNECTOR_CONFIG diff --git a/dnpm/origin/Frontend.Dockerfile b/dnpm/origin/Frontend.Dockerfile new file mode 100644 index 0000000..60f7d3d --- /dev/null +++ b/dnpm/origin/Frontend.Dockerfile @@ -0,0 +1,39 @@ +FROM node:10-alpine + +ARG DNPM_BWHC_FRONTEND_ZIP + +# Change to latest release +# Required for image build using local copy of zip file +ARG VERSION=2207 + +# nuxt host and port to be replaced in package.json. (See 2.3 in bwHCPrototypeManual) +# NUXT_HOST should have a value with public available IP address from within container. +# If changing NUXT_PORT, also change exposed port. +ARG NUXT_HOST=0.0.0.0 +ARG NUXT_PORT=3000 + +# Backend access setup. (See 2.4 in bwHCPrototypeManual) +ARG BACKEND_PROTOCOL=http +ARG BACKEND_HOSTNAME=localhost +ARG BACKEND_PORT=8080 + +ADD ${DNPM_BWHC_FRONTEND_ZIP} / +RUN unzip $(basename ${DNPM_BWHC_FRONTEND_ZIP}) && rm $(basename ${DNPM_BWHC_FRONTEND_ZIP}) + +WORKDIR /bwhc-frontend + +RUN npm install + +# Prepare package.json +RUN sed -i -r "s/^(\s*)\"host\"[^,]*(,?)/\1\"host\": \"$NUXT_HOST\"\2/" ./package.json +RUN sed -i -r "s/^(\s*)\"port\"[^,]*(,?)/\1\"port\": \"$NUXT_PORT\"\2/" ./package.json + +# Prepare nuxt.config.js +RUN sed -i -r "s/^(\s*)baseUrl[^,]*(,?)/\1baseUrl: process.env.BASE_URL || '$BACKEND_PROTOCOL:\/\/$BACKEND_HOSTNAME'\2/" ./nuxt.config.js +RUN sed -i -r "s/^(\s*)port[^,]*(,?)/\1port: process.env.port || ':$BACKEND_PORT'\2/" ./nuxt.config.js + +RUN npm run generate + +EXPOSE $NUXT_PORT + +CMD npm start diff --git a/dnpm/origin/logback.xml b/dnpm/origin/logback.xml new file mode 100644 index 0000000..c25cda6 --- /dev/null +++ b/dnpm/origin/logback.xml @@ -0,0 +1,37 @@ + + + + + + + + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n + + + + + + + + + + From 3a5444dec05eeef7fe4cb31d00058c8a5297f501 Mon Sep 17 00:00:00 2001 From: Martin Lablans Date: Tue, 8 Nov 2022 10:55:18 +0100 Subject: [PATCH 02/24] Allow to run DNPM with Connect or with BWHC included --- dnpm/dnpm-compose-beamconnect.yml | 29 +++++++++ dnpm/dnpm-compose-bwhc.yml | 48 ++++++++++++++ dnpm/dnpm-compose.yml | 104 ------------------------------ dnpm/dnpm-setup.sh | 10 ++- 4 files changed, 84 insertions(+), 107 deletions(-) create mode 100644 dnpm/dnpm-compose-beamconnect.yml create mode 100644 dnpm/dnpm-compose-bwhc.yml delete mode 100644 dnpm/dnpm-compose.yml diff --git a/dnpm/dnpm-compose-beamconnect.yml b/dnpm/dnpm-compose-beamconnect.yml new file mode 100644 index 0000000..57c46eb --- /dev/null +++ b/dnpm/dnpm-compose-beamconnect.yml @@ -0,0 +1,29 @@ +version: "3.7" + +services: + beam-proxy: + environment: + APP_2_ID: dnpm + APP_2_KEY: ${DNPM_BEAM_SECRET_SHORT} + + dnpm-beam-connect: + depends_on: [ beam-proxy ] + image: samply/beam-connect:sites-without-auth + environment: + PROXY_URL: http://beam-proxy:8081 + PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} + APP_ID: dnpm.${PROXY_ID} + DISCOVERY_URL: ${DNPM_DISCOVERY_URL} + LOCAL_TARGETS_FILE: /run/secrets/connect_targets.json + HTTP_PROXY: http://forward_proxy:3128 + HTTPS_PROXY: http://forward_proxy:3128 + NO_PROXY: beam-proxy,dnpm-backend + RUST_LOG: ${RUST_LOG:-info} + secrets: + - connect_targets.json + ports: + - 8062:8062 + +secrets: + connect_targets.json: + file: /etc/bridgehead/dnpm/local_targets.json diff --git a/dnpm/dnpm-compose-bwhc.yml b/dnpm/dnpm-compose-bwhc.yml new file mode 100644 index 0000000..1953ca5 --- /dev/null +++ b/dnpm/dnpm-compose-bwhc.yml @@ -0,0 +1,48 @@ +version: "3.7" + +services: + dnpm-frontend: + depends_on: [ dnpm-backend ] + build: + context: ./dnpm/origin + dockerfile: Frontend.Dockerfile + args: + NUXT_HOST: 0.0.0.0 + NUXT_PORT: 3000 + BACKEND_PROTOCOL: http + BACKEND_HOSTNAME: localhost + BACKEND_PORT: 9000 + DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} + ports: + - 3000:3000 + environment: + BACKEND_PROTOCOL: http + BACKEND_HOSTNAME: localhost + BACKEND_PORT: 9000 + no_proxy: dnpm-backend + + dnpm-backend: + build: + context: ./dnpm/origin + dockerfile: Backend.Dockerfile + args: + BWHC_BASE_DIR: /bwhc-backend + DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP} + ports: + - 9000:9000 + environment: + APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET} + ZPM_SITE: ${ZPM_SITE} + noproxy: dnpm-frontend,connect + # PLAY_HTTP_PORT: 9000 + # PLAY_HTTP_ADDRESS: 0.0.0.0 + volumes: + - ./origin/logback.xml:/bwhc-backend/logback.xml:ro + - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro + - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro + - bwhc_data:/bwhc-backend/data/ + - bwhc_hgnc_data:/bwhc-backend/hgnc_data/ + +volumes: + bwhc_data: + bwhc_hgnc_data: diff --git a/dnpm/dnpm-compose.yml b/dnpm/dnpm-compose.yml deleted file mode 100644 index 1904123..0000000 --- a/dnpm/dnpm-compose.yml +++ /dev/null @@ -1,104 +0,0 @@ -version: "3.7" - -secrets: - connect_targets.json: - file: /etc/bridgehead/dnpm/local_targets.json - -services: -# traefik: -# command: -# - --entrypoints.dnpm-frontend.address=:3000 -# - --entrypoints.dnpm-backend.address=:9000 -# ports: -# - 3000:3000 -# - 9000:9000 - beam-proxy: - environment: - APP_2_ID: dnpm - APP_2_KEY: ${DNPM_BEAM_SECRET_SHORT} - - dnpm-beam-connect: - depends_on: [ beam-proxy ] - image: samply/beam-connect:sites-without-auth - environment: - PROXY_URL: http://beam-proxy:8081 - PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} - APP_ID: dnpm.${PROXY_ID} - DISCOVERY_URL: ${DNPM_DISCOVERY_URL} - LOCAL_TARGETS_FILE: /run/secrets/connect_targets.json - HTTP_PROXY: http://forward_proxy:3128 - HTTPS_PROXY: http://forward_proxy:3128 - NO_PROXY: proxy,dnpm-backend - RUST_LOG: ${RUST_LOG:-info} - secrets: - - connect_targets.json -# Enable this if you disable the internal DNPM backend/frontend -# ports: -# - 8062:8062 -# or the same via traefik: -# labels: -# - "traefik.enable=true" -# - "traefik.http.routers.connector.rule=PathPrefix(`/dnpm-connector`)" -# - "traefik.http.services.connector.loadbalancer.server.port=8062" -# - "traefik.http.routers.connector.tls=true" - - dnpm-frontend: - depends_on: [ dnpm-backend ] - build: - context: ./dnpm/origin - dockerfile: Frontend.Dockerfile - args: - NUXT_HOST: 0.0.0.0 - NUXT_PORT: 3000 - BACKEND_PROTOCOL: http - BACKEND_HOSTNAME: localhost - BACKEND_PORT: 9000 - DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} - ports: - - 3000:3000 - environment: - BACKEND_PROTOCOL: http - BACKEND_HOSTNAME: localhost - BACKEND_PORT: 9000 - no_proxy: dnpm-backend -# labels: -# - "traefik.enable=true" -# - "traefik.http.routers.dnpm-frontend.entrypoints=dnpm-frontend" -# - "traefik.http.routers.dnpm-frontend.tls=true" -# - "traefik.http.services.dnpm-frontend.loadbalancer.server.port=3000" -## - "traefik.http.routers.dashboard.entrypoints=websecure" -## - "traefik.http.routers.dashboard.service=api@internal" -## - "traefik.http.routers.dashboard.tls=true" -## - "traefik.http.routers.dashboard.middlewares=auth" -## - "traefik.http.routers.dnpm-frontend.service=dnpm-frontend" - - dnpm-backend: - build: - context: ./dnpm/origin - dockerfile: Backend.Dockerfile - args: - BWHC_BASE_DIR: /bwhc-backend - DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP} - ports: - - 9000:9000 - environment: - APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET} - ZPM_SITE: ${ZPM_SITE} - noproxy: dnpm-frontend,connect - # PLAY_HTTP_PORT: 9000 - # PLAY_HTTP_ADDRESS: 0.0.0.0 - volumes: - - ./origin/logback.xml:/bwhc-backend/logback.xml:ro - - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro - - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro - - bwhc_data:/bwhc-backend/data/ - - bwhc_hgnc_data:/bwhc-backend/hgnc_data/ -# labels: -# - "traefik.enable=true" -# - "traefik.http.routers.connector.rule=PathPrefix(`/dnpm-backend`)" -# - "traefik.http.services.connector.loadbalancer.server.port=9000" -# - "traefik.http.routers.connector.tls=true" - -volumes: - bwhc_data: - bwhc_hgnc_data: diff --git a/dnpm/dnpm-setup.sh b/dnpm/dnpm-setup.sh index f8893a3..360a7cc 100644 --- a/dnpm/dnpm-setup.sh +++ b/dnpm/dnpm-setup.sh @@ -2,10 +2,14 @@ function dnpmSetup() { if [ -e /etc/bridgehead/dnpm/local_targets.json ]; then - log INFO "DNPM setup detected -- will start DNPM Connector." - source /etc/bridgehead/dnpm/shared-but-secret-vars || fail_and_report 1 "Unable to load /etc/bridgehead/dnpm/shared-but-secret-vars" - OVERRIDE+="-f ./dnpm/dnpm-compose.yml" + log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM." + OVERRIDE+=" -f ./dnpm/dnpm-compose-beamconnect.yml" DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" + if [ -e /etc/bridgehead/dnpm/bwhcConnectorConfig.xml ]; then + log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend." + source /etc/bridgehead/dnpm/shared-but-secret-vars || fail_and_report 1 "Unable to load /etc/bridgehead/dnpm/shared-but-secret-vars" + OVERRIDE+=" -f ./dnpm/dnpm-compose-bwhc.yml" + fi fi } From 6c2d970d01ed07f3cdacf9bc9d607a026c0efba6 Mon Sep 17 00:00:00 2001 From: Martin Lablans Date: Tue, 8 Nov 2022 10:56:45 +0100 Subject: [PATCH 03/24] Support DNPM Discovery URL --- dnpm/dnpm-setup.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/dnpm/dnpm-setup.sh b/dnpm/dnpm-setup.sh index 360a7cc..3b94a86 100644 --- a/dnpm/dnpm-setup.sh +++ b/dnpm/dnpm-setup.sh @@ -6,9 +6,10 @@ function dnpmSetup() { OVERRIDE+=" -f ./dnpm/dnpm-compose-beamconnect.yml" DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" + source /etc/bridgehead/dnpm/shared-but-secret-vars || fail_and_report 1 "Unable to load /etc/bridgehead/dnpm/shared-but-secret-vars" + export DNPM_DISCOVERY_URL if [ -e /etc/bridgehead/dnpm/bwhcConnectorConfig.xml ]; then log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend." - source /etc/bridgehead/dnpm/shared-but-secret-vars || fail_and_report 1 "Unable to load /etc/bridgehead/dnpm/shared-but-secret-vars" OVERRIDE+=" -f ./dnpm/dnpm-compose-bwhc.yml" fi fi From 455d45603c974acca24c79ac61342eae24fcbc96 Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Tue, 8 Nov 2022 12:45:29 +0000 Subject: [PATCH 04/24] Fix dnpm volume mounting path --- dnpm/dnpm-compose-bwhc.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnpm/dnpm-compose-bwhc.yml b/dnpm/dnpm-compose-bwhc.yml index 1953ca5..4e7343c 100644 --- a/dnpm/dnpm-compose-bwhc.yml +++ b/dnpm/dnpm-compose-bwhc.yml @@ -37,7 +37,7 @@ services: # PLAY_HTTP_PORT: 9000 # PLAY_HTTP_ADDRESS: 0.0.0.0 volumes: - - ./origin/logback.xml:/bwhc-backend/logback.xml:ro + - ../dnpm/origin/logback.xml:/bwhc-backend/logback.xml:ro - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro - bwhc_data:/bwhc-backend/data/ From e11b24bf70e9f9883aea5c44792866f56cad9ad0 Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Wed, 9 Nov 2022 09:46:30 +0000 Subject: [PATCH 05/24] Fix dnpm build context --- dnpm/dnpm-compose-bwhc.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dnpm/dnpm-compose-bwhc.yml b/dnpm/dnpm-compose-bwhc.yml index 4e7343c..9ff0f47 100644 --- a/dnpm/dnpm-compose-bwhc.yml +++ b/dnpm/dnpm-compose-bwhc.yml @@ -4,7 +4,7 @@ services: dnpm-frontend: depends_on: [ dnpm-backend ] build: - context: ./dnpm/origin + context: ../dnpm/origin dockerfile: Frontend.Dockerfile args: NUXT_HOST: 0.0.0.0 @@ -23,7 +23,7 @@ services: dnpm-backend: build: - context: ./dnpm/origin + context: ../dnpm/origin dockerfile: Backend.Dockerfile args: BWHC_BASE_DIR: /bwhc-backend From b6f0cd7a135c61ee451bf936a00f45fc70a9e3c4 Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Wed, 9 Nov 2022 10:43:08 +0000 Subject: [PATCH 06/24] Set HTTP(S) Proxy for bwhc frontend build --- dnpm/dnpm-compose-bwhc.yml | 2 ++ dnpm/origin/Frontend.Dockerfile | 3 +++ 2 files changed, 5 insertions(+) diff --git a/dnpm/dnpm-compose-bwhc.yml b/dnpm/dnpm-compose-bwhc.yml index 9ff0f47..c40b4d8 100644 --- a/dnpm/dnpm-compose-bwhc.yml +++ b/dnpm/dnpm-compose-bwhc.yml @@ -13,6 +13,8 @@ services: BACKEND_HOSTNAME: localhost BACKEND_PORT: 9000 DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} + HTTP_PROXY: ${http_proxy} + HTTPS_PROXY: ${https_proxy} ports: - 3000:3000 environment: diff --git a/dnpm/origin/Frontend.Dockerfile b/dnpm/origin/Frontend.Dockerfile index 60f7d3d..1d4bb30 100644 --- a/dnpm/origin/Frontend.Dockerfile +++ b/dnpm/origin/Frontend.Dockerfile @@ -17,6 +17,9 @@ ARG BACKEND_PROTOCOL=http ARG BACKEND_HOSTNAME=localhost ARG BACKEND_PORT=8080 +ARG HTTP_PROXY="" +ARG HTTPS_PROXY="" + ADD ${DNPM_BWHC_FRONTEND_ZIP} / RUN unzip $(basename ${DNPM_BWHC_FRONTEND_ZIP}) && rm $(basename ${DNPM_BWHC_FRONTEND_ZIP}) From bec42764bbd7a740cd6fa170de9605c1da808bf7 Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Wed, 9 Nov 2022 11:39:21 +0000 Subject: [PATCH 07/24] Build the dnpm frontend in host network mode --- dnpm/dnpm-compose-bwhc.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/dnpm/dnpm-compose-bwhc.yml b/dnpm/dnpm-compose-bwhc.yml index c40b4d8..d8f4ebb 100644 --- a/dnpm/dnpm-compose-bwhc.yml +++ b/dnpm/dnpm-compose-bwhc.yml @@ -6,6 +6,7 @@ services: build: context: ../dnpm/origin dockerfile: Frontend.Dockerfile + network: host args: NUXT_HOST: 0.0.0.0 NUXT_PORT: 3000 From 4a53bb3fb269d0ab392d462c120fcf73a183c886 Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Wed, 9 Nov 2022 12:36:58 +0000 Subject: [PATCH 08/24] Expose dnpm backend hostname --- dnpm/dnpm-compose-bwhc.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/dnpm/dnpm-compose-bwhc.yml b/dnpm/dnpm-compose-bwhc.yml index d8f4ebb..60fe3f0 100644 --- a/dnpm/dnpm-compose-bwhc.yml +++ b/dnpm/dnpm-compose-bwhc.yml @@ -10,8 +10,8 @@ services: args: NUXT_HOST: 0.0.0.0 NUXT_PORT: 3000 - BACKEND_PROTOCOL: http - BACKEND_HOSTNAME: localhost + BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} + BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} BACKEND_PORT: 9000 DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} HTTP_PROXY: ${http_proxy} @@ -19,8 +19,8 @@ services: ports: - 3000:3000 environment: - BACKEND_PROTOCOL: http - BACKEND_HOSTNAME: localhost + BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} + BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} BACKEND_PORT: 9000 no_proxy: dnpm-backend From 3a42570ac4c6842986c981ca4ec520b5436c2c8f Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Tue, 4 Apr 2023 13:11:33 +0200 Subject: [PATCH 09/24] Add DNPM discovery URL as public configuration --- dnpm/dnpm-setup.sh | 4 ++-- dnpm/vars | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 dnpm/vars diff --git a/dnpm/dnpm-setup.sh b/dnpm/dnpm-setup.sh index 3b94a86..ff32c68 100644 --- a/dnpm/dnpm-setup.sh +++ b/dnpm/dnpm-setup.sh @@ -6,10 +6,10 @@ function dnpmSetup() { OVERRIDE+=" -f ./dnpm/dnpm-compose-beamconnect.yml" DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" - source /etc/bridgehead/dnpm/shared-but-secret-vars || fail_and_report 1 "Unable to load /etc/bridgehead/dnpm/shared-but-secret-vars" + source /srv/docker/bridgehead/dnpm/vars || fail_and_report 1 "Unable to load /srv/docker/bridgehead/dnpm/vars" export DNPM_DISCOVERY_URL if [ -e /etc/bridgehead/dnpm/bwhcConnectorConfig.xml ]; then - log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend." + log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!" OVERRIDE+=" -f ./dnpm/dnpm-compose-bwhc.yml" fi fi diff --git a/dnpm/vars b/dnpm/vars new file mode 100644 index 0000000..69c2220 --- /dev/null +++ b/dnpm/vars @@ -0,0 +1 @@ +DNPM_DISCOVERY_URL=https://dnpm.medizin.uni-tuebingen.de/sites From 3e1659a38d3c4eb6bc64d960445d124c8a808d14 Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Wed, 10 May 2023 10:54:05 +0000 Subject: [PATCH 10/24] Modularize DNPM components --- bbmri/docker-compose.yml | 52 ------------------ bbmri/modules/dnpm-compose-beamconnect.yml | 47 ++++++++++++++++ bbmri/modules/dnpm-compose-bwhc.yml | 54 +++++++++++++++++++ bbmri/modules/dnpm-setup.sh | 17 ++++++ bbmri/vars | 8 ++- bridgehead | 14 +++-- ccp/docker-compose.yml | 52 ------------------ ccp/modules/dnpm-compose-beamconnect.yml | 28 ++++++++++ ccp/modules/dnpm-compose-bwhc.yml | 54 +++++++++++++++++++ ccp/modules/dnpm-setup.sh | 17 ++++++ ccp/vars | 8 +-- lib/functions.sh | 2 +- lib/update-bridgehead.sh | 2 +- minimal/docker-compose.yml | 56 ++++++++++++++++++++ minimal/modules/dnpm-compose-beamconnect.yml | 47 ++++++++++++++++ minimal/modules/dnpm-compose-bwhc.yml | 54 +++++++++++++++++++ minimal/modules/dnpm-setup.sh | 17 ++++++ minimal/vars | 5 ++ 18 files changed, 421 insertions(+), 113 deletions(-) create mode 100644 bbmri/modules/dnpm-compose-beamconnect.yml create mode 100644 bbmri/modules/dnpm-compose-bwhc.yml create mode 100644 bbmri/modules/dnpm-setup.sh create mode 100644 ccp/modules/dnpm-compose-beamconnect.yml create mode 100644 ccp/modules/dnpm-compose-bwhc.yml create mode 100644 ccp/modules/dnpm-setup.sh create mode 100644 minimal/docker-compose.yml create mode 100644 minimal/modules/dnpm-compose-beamconnect.yml create mode 100644 minimal/modules/dnpm-compose-bwhc.yml create mode 100644 minimal/modules/dnpm-setup.sh create mode 100644 minimal/vars diff --git a/bbmri/docker-compose.yml b/bbmri/docker-compose.yml index d15f694..4255684 100644 --- a/bbmri/docker-compose.yml +++ b/bbmri/docker-compose.yml @@ -1,58 +1,6 @@ version: "3.7" services: - traefik: - container_name: bridgehead-traefik - image: docker.verbis.dkfz.de/cache/traefik:latest - command: - - --entrypoints.web.address=:80 - - --entrypoints.websecure.address=:443 - - --providers.docker=true - - --providers.docker.exposedbydefault=false - - --providers.file.directory=/configuration/ - - --api.dashboard=true - - --accesslog=true - - --entrypoints.web.http.redirections.entrypoint.to=websecure - - --entrypoints.web.http.redirections.entrypoint.scheme=https - labels: - - "traefik.enable=true" - - "traefik.http.routers.dashboard.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)" - - "traefik.http.routers.dashboard.entrypoints=websecure" - - "traefik.http.routers.dashboard.service=api@internal" - - "traefik.http.routers.dashboard.tls=true" - - "traefik.http.routers.dashboard.middlewares=auth" - - "traefik.http.middlewares.auth.basicauth.users=${LDM_LOGIN}" - ports: - - 80:80 - - 443:443 - volumes: - - /etc/bridgehead/traefik-tls:/certs:ro - - ../lib/traefik-configuration/:/configuration:ro - - /var/run/docker.sock:/var/run/docker.sock:ro - - forward_proxy: - container_name: bridgehead-forward-proxy - image: docker.verbis.dkfz.de/cache/samply/bridgehead-forward-proxy:latest - environment: - HTTPS_PROXY: ${HTTPS_PROXY_URL} - USERNAME: ${HTTPS_PROXY_USERNAME} - PASSWORD: ${HTTPS_PROXY_PASSWORD} - volumes: - - /etc/bridgehead/trusted-ca-certs:/docker/custom-certs/:ro - - landing: - container_name: bridgehead-landingpage - image: docker.verbis.dkfz.de/cache/samply/bridgehead-landingpage:master - labels: - - "traefik.enable=true" - - "traefik.http.routers.landing.rule=PathPrefix(`/`)" - - "traefik.http.services.landing.loadbalancer.server.port=80" - - "traefik.http.routers.landing.tls=true" - environment: - HOST: ${HOST} - PROJECT: ${PROJECT} - SITE_NAME: ${SITE_NAME} - blaze: image: docker.verbis.dkfz.de/cache/samply/blaze:0.19 container_name: bridgehead-bbmri-blaze diff --git a/bbmri/modules/dnpm-compose-beamconnect.yml b/bbmri/modules/dnpm-compose-beamconnect.yml new file mode 100644 index 0000000..9d3be80 --- /dev/null +++ b/bbmri/modules/dnpm-compose-beamconnect.yml @@ -0,0 +1,47 @@ +version: "3.7" + +services: + dnpm-beam-proxy: + image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop + container_name: bridgehead-dnpm-beam-proxy + environment: + BROKER_URL: ${BROKER_URL} + PROXY_ID: ${PROXY_ID} + APP_3_ID: dnpm-connect + APP_3_KEY: ${DNPM_BEAM_SECRET_SHORT} + PRIVKEY_FILE: /run/secrets/proxy.pem + ALL_PROXY: http://forward_proxy:3128 + TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs + ROOTCERT_FILE: /conf/root.crt.pem + secrets: + - proxy.pem + depends_on: + - "forward_proxy" + volumes: + - /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro + - /srv/docker/bridgehead/ccp/root.crt.pem:/conf/root.crt.pem:ro + + dnpm-beam-connect: + depends_on: [ dnpm-beam-proxy ] + image: samply/beam-connect:sites-without-auth + environment: + PROXY_URL: http://dnpm-beam-proxy:8081 + PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} + APP_ID: dnpm-connect.${PROXY_ID} + DISCOVERY_URL: ${DNPM_DISCOVERY_URL} + LOCAL_TARGETS_FILE: /conf/connect_targets.json + HTTP_PROXY: http://forward_proxy:3128 + HTTPS_PROXY: http://forward_proxy:3128 + NO_PROXY: dnpm-beam-proxy,dnpm-backend + RUST_LOG: ${RUST_LOG:-info} + volumes: + - /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro + labels: + - "traefik.enable=true" + - "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)" + - "traefik.http.services.dnpm-connect.loadbalancer.server.port=8062" + - "traefik.http.routers.dnpm-connect.tls=true" + +secrets: + proxy.pem: + file: /etc/bridgehead/pki/${SITE_ID}.priv.pem diff --git a/bbmri/modules/dnpm-compose-bwhc.yml b/bbmri/modules/dnpm-compose-bwhc.yml new file mode 100644 index 0000000..9ba1357 --- /dev/null +++ b/bbmri/modules/dnpm-compose-bwhc.yml @@ -0,0 +1,54 @@ +version: "3.7" + +services: + dnpm-frontend: + depends_on: [ dnpm-backend ] + build: + context: ../../dnpm/origin + dockerfile: Frontend.Dockerfile + network: host + args: + NUXT_HOST: 0.0.0.0 + NUXT_PORT: 3000 + BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} + BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} + BACKEND_PORT: 9000 + DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} + HTTP_PROXY: ${http_proxy} + HTTPS_PROXY: ${https_proxy} + environment: + BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} + BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} + BACKEND_PORT: 9000 + no_proxy: dnpm-backend + labels: + - "traefik.enable=true" + - "traefik.http.routers.dnpm-frontend.rule=PathPrefix(`/dnpm-frontend`)" + - "traefik.http.services.dnpm-frontend.loadbalancer.server.port=3000" + - "traefik.http.routers.dnpm-frontend.tls=true" + + dnpm-backend: + build: + context: ../../dnpm/origin + dockerfile: Backend.Dockerfile + args: + BWHC_BASE_DIR: /bwhc-backend + DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP} + ports: + - 9000:9000 + environment: + APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET} + ZPM_SITE: ${ZPM_SITE} + noproxy: dnpm-frontend,dnpm-beam-connect + # PLAY_HTTP_PORT: 9000 + # PLAY_HTTP_ADDRESS: 0.0.0.0 + volumes: + - ../dnpm/origin/logback.xml:/bwhc-backend/logback.xml:ro + - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro + - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro + - bwhc_data:/bwhc-backend/data/ + - bwhc_hgnc_data:/bwhc-backend/hgnc_data/ + +volumes: + bwhc_data: + bwhc_hgnc_data: diff --git a/bbmri/modules/dnpm-setup.sh b/bbmri/modules/dnpm-setup.sh new file mode 100644 index 0000000..9a3cbf4 --- /dev/null +++ b/bbmri/modules/dnpm-setup.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +if [ -n "${ENABLE_DNPM}" ]; then + log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM." + OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-beamconnect.yml" + + # Set variables required for Beam-Connect + DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" + DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" + DNPM_DISCOVERY_URL="https://dnpm.medizin.uni-tuebingen.de/sites" + + # Optionally, start bwhc as well. This is currently only experimental + if [ -n "${ENABLE_DNPM_BWHC}" ]; then + log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!" + OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-bwhc.yml" + fi +fi diff --git a/bbmri/vars b/bbmri/vars index 434cb4f..be7805a 100644 --- a/bbmri/vars +++ b/bbmri/vars @@ -4,4 +4,10 @@ PROXY_ID_LONG=${SITE_ID}.${BROKER_ID} FOCUS_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" FOCUS_RETRY_COUNT=32 SUPPORT_EMAIL=bridgehead@helpdesk.bbmri-eric.eu -PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem \ No newline at end of file +PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem + +for module in $PROJECT/modules/*.sh +do + log INFO "sourcing $module" + source $module +done diff --git a/bridgehead b/bridgehead index 13cb682..7ca7af1 100755 --- a/bridgehead +++ b/bridgehead @@ -32,6 +32,9 @@ case "$PROJECT" in bbmri) #nothing extra to do ;; + minimal) + #nothing extra to do + ;; *) printUsage exit 1 @@ -51,6 +54,11 @@ loadVars() { set +a OVERRIDE=${OVERRIDE:=""} + # minimal contains shared components, so potential overrides must be applied in every project + if [ -f "minimal/docker-compose.override.yml" ]; then + log INFO "Applying minimal/docker-compose.override.yml" + OVERRIDE+=" -f ./minimal/docker-compose.override.yml" + fi if [ -f "$PROJECT/docker-compose.override.yml" ]; then log INFO "Applying $PROJECT/docker-compose.override.yml" OVERRIDE+=" -f ./$PROJECT/docker-compose.override.yml" @@ -66,13 +74,13 @@ case "$ACTION" in checkRequirements hc_send log "Bridgehead $PROJECT startup: Requirements checked out. Now starting bridgehead ..." export LDM_LOGIN=$(getLdmPassword) - exec $COMPOSE -f ./$PROJECT/docker-compose.yml $OVERRIDE up --abort-on-container-exit + exec $COMPOSE -f ./minimal/docker-compose.yml -f ./$PROJECT/docker-compose.yml $OVERRIDE up --abort-on-container-exit ;; stop) loadVars # HACK: This is tempoarily to properly shut down false bridgehead instances (bridgehead-ccp instead ccp) - $COMPOSE -p bridgehead-$PROJECT -f ./$PROJECT/docker-compose.yml $OVERRIDE down - exec $COMPOSE -f ./$PROJECT/docker-compose.yml $OVERRIDE down + $COMPOSE -p bridgehead-$PROJECT -f ./minimal/docker-compose.yml -f ./$PROJECT/docker-compose.yml $OVERRIDE down + exec $COMPOSE -f ./minimal/docker-compose.yml -f ./$PROJECT/docker-compose.yml $OVERRIDE down ;; is-running) bk_is_running diff --git a/ccp/docker-compose.yml b/ccp/docker-compose.yml index 209ee70..456eef1 100644 --- a/ccp/docker-compose.yml +++ b/ccp/docker-compose.yml @@ -1,58 +1,6 @@ version: "3.7" services: - traefik: - container_name: bridgehead-traefik - image: docker.verbis.dkfz.de/cache/traefik:latest - command: - - --entrypoints.web.address=:80 - - --entrypoints.websecure.address=:443 - - --providers.docker=true - - --providers.docker.exposedbydefault=false - - --providers.file.directory=/configuration/ - - --api.dashboard=true - - --accesslog=true - - --entrypoints.web.http.redirections.entrypoint.to=websecure - - --entrypoints.web.http.redirections.entrypoint.scheme=https - labels: - - "traefik.enable=true" - - "traefik.http.routers.dashboard.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)" - - "traefik.http.routers.dashboard.entrypoints=websecure" - - "traefik.http.routers.dashboard.service=api@internal" - - "traefik.http.routers.dashboard.tls=true" - - "traefik.http.routers.dashboard.middlewares=auth" - - "traefik.http.middlewares.auth.basicauth.users=${LDM_LOGIN}" - ports: - - 80:80 - - 443:443 - volumes: - - /etc/bridgehead/traefik-tls:/certs:ro - - ../lib/traefik-configuration/:/configuration:ro - - /var/run/docker.sock:/var/run/docker.sock:ro - - forward_proxy: - container_name: bridgehead-forward-proxy - image: docker.verbis.dkfz.de/cache/samply/bridgehead-forward-proxy:latest - environment: - HTTPS_PROXY: ${HTTPS_PROXY_URL} - USERNAME: ${HTTPS_PROXY_USERNAME} - PASSWORD: ${HTTPS_PROXY_PASSWORD} - volumes: - - /etc/bridgehead/trusted-ca-certs:/docker/custom-certs/:ro - - landing: - container_name: bridgehead-landingpage - image: docker.verbis.dkfz.de/cache/samply/bridgehead-landingpage:master - labels: - - "traefik.enable=true" - - "traefik.http.routers.landing.rule=PathPrefix(`/`)" - - "traefik.http.services.landing.loadbalancer.server.port=80" - - "traefik.http.routers.landing.tls=true" - environment: - HOST: ${HOST} - PROJECT: ${PROJECT} - SITE_NAME: ${SITE_NAME} - blaze: image: docker.verbis.dkfz.de/cache/samply/blaze:0.19 container_name: bridgehead-ccp-blaze diff --git a/ccp/modules/dnpm-compose-beamconnect.yml b/ccp/modules/dnpm-compose-beamconnect.yml new file mode 100644 index 0000000..8db45ac --- /dev/null +++ b/ccp/modules/dnpm-compose-beamconnect.yml @@ -0,0 +1,28 @@ +version: "3.7" + +services: + beam-proxy: + environment: + APP_3_ID: dnpm-connect + APP_3_KEY: ${DNPM_BEAM_SECRET_SHORT} + + dnpm-beam-connect: + depends_on: [ beam-proxy ] + image: samply/beam-connect:sites-without-auth + environment: + PROXY_URL: http://beam-proxy:8081 + PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} + APP_ID: dnpm-connect.${PROXY_ID} + DISCOVERY_URL: ${DNPM_DISCOVERY_URL} + LOCAL_TARGETS_FILE: /conf/connect_targets.json + HTTP_PROXY: http://forward_proxy:3128 + HTTPS_PROXY: http://forward_proxy:3128 + NO_PROXY: beam-proxy,dnpm-backend + RUST_LOG: ${RUST_LOG:-info} + volumes: + - /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro + labels: + - "traefik.enable=true" + - "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)" + - "traefik.http.services.dnpm-connect.loadbalancer.server.port=8062" + - "traefik.http.routers.dnpm-connect.tls=true" diff --git a/ccp/modules/dnpm-compose-bwhc.yml b/ccp/modules/dnpm-compose-bwhc.yml new file mode 100644 index 0000000..9ba1357 --- /dev/null +++ b/ccp/modules/dnpm-compose-bwhc.yml @@ -0,0 +1,54 @@ +version: "3.7" + +services: + dnpm-frontend: + depends_on: [ dnpm-backend ] + build: + context: ../../dnpm/origin + dockerfile: Frontend.Dockerfile + network: host + args: + NUXT_HOST: 0.0.0.0 + NUXT_PORT: 3000 + BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} + BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} + BACKEND_PORT: 9000 + DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} + HTTP_PROXY: ${http_proxy} + HTTPS_PROXY: ${https_proxy} + environment: + BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} + BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} + BACKEND_PORT: 9000 + no_proxy: dnpm-backend + labels: + - "traefik.enable=true" + - "traefik.http.routers.dnpm-frontend.rule=PathPrefix(`/dnpm-frontend`)" + - "traefik.http.services.dnpm-frontend.loadbalancer.server.port=3000" + - "traefik.http.routers.dnpm-frontend.tls=true" + + dnpm-backend: + build: + context: ../../dnpm/origin + dockerfile: Backend.Dockerfile + args: + BWHC_BASE_DIR: /bwhc-backend + DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP} + ports: + - 9000:9000 + environment: + APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET} + ZPM_SITE: ${ZPM_SITE} + noproxy: dnpm-frontend,dnpm-beam-connect + # PLAY_HTTP_PORT: 9000 + # PLAY_HTTP_ADDRESS: 0.0.0.0 + volumes: + - ../dnpm/origin/logback.xml:/bwhc-backend/logback.xml:ro + - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro + - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro + - bwhc_data:/bwhc-backend/data/ + - bwhc_hgnc_data:/bwhc-backend/hgnc_data/ + +volumes: + bwhc_data: + bwhc_hgnc_data: diff --git a/ccp/modules/dnpm-setup.sh b/ccp/modules/dnpm-setup.sh new file mode 100644 index 0000000..9a3cbf4 --- /dev/null +++ b/ccp/modules/dnpm-setup.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +if [ -n "${ENABLE_DNPM}" ]; then + log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM." + OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-beamconnect.yml" + + # Set variables required for Beam-Connect + DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" + DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" + DNPM_DISCOVERY_URL="https://dnpm.medizin.uni-tuebingen.de/sites" + + # Optionally, start bwhc as well. This is currently only experimental + if [ -n "${ENABLE_DNPM_BWHC}" ]; then + log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!" + OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-bwhc.yml" + fi +fi diff --git a/ccp/vars b/ccp/vars index 456dda9..2a295f4 100644 --- a/ccp/vars +++ b/ccp/vars @@ -19,6 +19,8 @@ source $PROJECT/exliquid-setup.sh exliquidSetup mtbaSetup -# This will load DNPM setup. Effective only if DNPM configuration is defined in /etc/bridgehead/dnpm. -source dnpm/dnpm-setup.sh -dnpmSetup +for module in $PROJECT/modules/*.sh +do + log INFO "sourcing $module" + source $module +done diff --git a/lib/functions.sh b/lib/functions.sh index ac5ae6b..a243842 100644 --- a/lib/functions.sh +++ b/lib/functions.sh @@ -171,7 +171,7 @@ function retry { function bk_is_running { detectCompose - RUNNING="$($COMPOSE -p $PROJECT -f ./$PROJECT/docker-compose.yml $OVERRIDE ps -q)" + RUNNING="$($COMPOSE -p $PROJECT -f minimal/docker-compose.yml -f ./$PROJECT/docker-compose.yml $OVERRIDE ps -q)" NUMBEROFRUNNING=$(echo "$RUNNING" | wc -l) if [ $NUMBEROFRUNNING -ge 2 ]; then return 0 diff --git a/lib/update-bridgehead.sh b/lib/update-bridgehead.sh index bce720d..89db369 100755 --- a/lib/update-bridgehead.sh +++ b/lib/update-bridgehead.sh @@ -86,7 +86,7 @@ done # Check docker updates log "INFO" "Checking for updates to running docker images ..." docker_updated="false" -for IMAGE in $(cat $PROJECT/docker-compose.yml ${OVERRIDE//-f/} | grep -v "^#" | grep "image:" | sed -e 's_^.*image: \(.*\).*$_\1_g; s_\"__g'); do +for IMAGE in $(cat $PROJECT/docker-compose.yml ${OVERRIDE//-f/} minimal/docker-compose.yml | grep -v "^#" | grep "image:" | sed -e 's_^.*image: \(.*\).*$_\1_g; s_\"__g'); do log "INFO" "Checking for Updates of Image: $IMAGE" if docker pull $IMAGE | grep "Downloaded newer image"; then CHANGE="Image $IMAGE updated." diff --git a/minimal/docker-compose.yml b/minimal/docker-compose.yml new file mode 100644 index 0000000..cd4c2e5 --- /dev/null +++ b/minimal/docker-compose.yml @@ -0,0 +1,56 @@ +version: "3.7" + +services: + traefik: + container_name: bridgehead-traefik + image: docker.verbis.dkfz.de/cache/traefik:latest + command: + - --entrypoints.web.address=:80 + - --entrypoints.websecure.address=:443 + - --providers.docker=true + - --providers.docker.exposedbydefault=false + - --providers.file.directory=/configuration/ + - --api.dashboard=true + - --accesslog=true + - --entrypoints.web.http.redirections.entrypoint.to=websecure + - --entrypoints.web.http.redirections.entrypoint.scheme=https + labels: + - "traefik.enable=true" + - "traefik.http.routers.dashboard.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)" + - "traefik.http.routers.dashboard.entrypoints=websecure" + - "traefik.http.routers.dashboard.service=api@internal" + - "traefik.http.routers.dashboard.tls=true" + - "traefik.http.routers.dashboard.middlewares=auth" + - "traefik.http.middlewares.auth.basicauth.users=${LDM_LOGIN}" + ports: + - 80:80 + - 443:443 + volumes: + - /etc/bridgehead/traefik-tls:/certs:ro + - ../lib/traefik-configuration/:/configuration:ro + - /var/run/docker.sock:/var/run/docker.sock:ro + + forward_proxy: + container_name: bridgehead-forward-proxy + image: docker.verbis.dkfz.de/cache/samply/bridgehead-forward-proxy:latest + environment: + HTTPS_PROXY: ${HTTPS_PROXY_URL} + USERNAME: ${HTTPS_PROXY_USERNAME} + PASSWORD: ${HTTPS_PROXY_PASSWORD} + volumes: + - /etc/bridgehead/trusted-ca-certs:/docker/custom-certs/:ro + + landing: + container_name: bridgehead-landingpage + image: docker.verbis.dkfz.de/cache/samply/bridgehead-landingpage:master + labels: + - "traefik.enable=true" + - "traefik.http.routers.landing.rule=PathPrefix(`/`)" + - "traefik.http.services.landing.loadbalancer.server.port=80" + - "traefik.http.routers.landing.tls=true" + environment: + HOST: ${HOST} + PROJECT: ${PROJECT} + SITE_NAME: ${SITE_NAME} + + diff --git a/minimal/modules/dnpm-compose-beamconnect.yml b/minimal/modules/dnpm-compose-beamconnect.yml new file mode 100644 index 0000000..9d3be80 --- /dev/null +++ b/minimal/modules/dnpm-compose-beamconnect.yml @@ -0,0 +1,47 @@ +version: "3.7" + +services: + dnpm-beam-proxy: + image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop + container_name: bridgehead-dnpm-beam-proxy + environment: + BROKER_URL: ${BROKER_URL} + PROXY_ID: ${PROXY_ID} + APP_3_ID: dnpm-connect + APP_3_KEY: ${DNPM_BEAM_SECRET_SHORT} + PRIVKEY_FILE: /run/secrets/proxy.pem + ALL_PROXY: http://forward_proxy:3128 + TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs + ROOTCERT_FILE: /conf/root.crt.pem + secrets: + - proxy.pem + depends_on: + - "forward_proxy" + volumes: + - /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro + - /srv/docker/bridgehead/ccp/root.crt.pem:/conf/root.crt.pem:ro + + dnpm-beam-connect: + depends_on: [ dnpm-beam-proxy ] + image: samply/beam-connect:sites-without-auth + environment: + PROXY_URL: http://dnpm-beam-proxy:8081 + PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} + APP_ID: dnpm-connect.${PROXY_ID} + DISCOVERY_URL: ${DNPM_DISCOVERY_URL} + LOCAL_TARGETS_FILE: /conf/connect_targets.json + HTTP_PROXY: http://forward_proxy:3128 + HTTPS_PROXY: http://forward_proxy:3128 + NO_PROXY: dnpm-beam-proxy,dnpm-backend + RUST_LOG: ${RUST_LOG:-info} + volumes: + - /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro + labels: + - "traefik.enable=true" + - "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)" + - "traefik.http.services.dnpm-connect.loadbalancer.server.port=8062" + - "traefik.http.routers.dnpm-connect.tls=true" + +secrets: + proxy.pem: + file: /etc/bridgehead/pki/${SITE_ID}.priv.pem diff --git a/minimal/modules/dnpm-compose-bwhc.yml b/minimal/modules/dnpm-compose-bwhc.yml new file mode 100644 index 0000000..9ba1357 --- /dev/null +++ b/minimal/modules/dnpm-compose-bwhc.yml @@ -0,0 +1,54 @@ +version: "3.7" + +services: + dnpm-frontend: + depends_on: [ dnpm-backend ] + build: + context: ../../dnpm/origin + dockerfile: Frontend.Dockerfile + network: host + args: + NUXT_HOST: 0.0.0.0 + NUXT_PORT: 3000 + BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} + BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} + BACKEND_PORT: 9000 + DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} + HTTP_PROXY: ${http_proxy} + HTTPS_PROXY: ${https_proxy} + environment: + BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} + BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} + BACKEND_PORT: 9000 + no_proxy: dnpm-backend + labels: + - "traefik.enable=true" + - "traefik.http.routers.dnpm-frontend.rule=PathPrefix(`/dnpm-frontend`)" + - "traefik.http.services.dnpm-frontend.loadbalancer.server.port=3000" + - "traefik.http.routers.dnpm-frontend.tls=true" + + dnpm-backend: + build: + context: ../../dnpm/origin + dockerfile: Backend.Dockerfile + args: + BWHC_BASE_DIR: /bwhc-backend + DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP} + ports: + - 9000:9000 + environment: + APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET} + ZPM_SITE: ${ZPM_SITE} + noproxy: dnpm-frontend,dnpm-beam-connect + # PLAY_HTTP_PORT: 9000 + # PLAY_HTTP_ADDRESS: 0.0.0.0 + volumes: + - ../dnpm/origin/logback.xml:/bwhc-backend/logback.xml:ro + - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro + - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro + - bwhc_data:/bwhc-backend/data/ + - bwhc_hgnc_data:/bwhc-backend/hgnc_data/ + +volumes: + bwhc_data: + bwhc_hgnc_data: diff --git a/minimal/modules/dnpm-setup.sh b/minimal/modules/dnpm-setup.sh new file mode 100644 index 0000000..9a3cbf4 --- /dev/null +++ b/minimal/modules/dnpm-setup.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +if [ -n "${ENABLE_DNPM}" ]; then + log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM." + OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-beamconnect.yml" + + # Set variables required for Beam-Connect + DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" + DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" + DNPM_DISCOVERY_URL="https://dnpm.medizin.uni-tuebingen.de/sites" + + # Optionally, start bwhc as well. This is currently only experimental + if [ -n "${ENABLE_DNPM_BWHC}" ]; then + log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!" + OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-bwhc.yml" + fi +fi diff --git a/minimal/vars b/minimal/vars new file mode 100644 index 0000000..acca503 --- /dev/null +++ b/minimal/vars @@ -0,0 +1,5 @@ +for module in $PROJECT/modules/*.sh +do + log INFO "sourcing $module" + source $module +done From d87745443e3f7958f606903d78942583ca970d8c Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Wed, 10 May 2023 20:15:14 +0200 Subject: [PATCH 11/24] support minimal project in system preparation --- lib/prepare-system.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/prepare-system.sh b/lib/prepare-system.sh index c0caa79..1bddf3e 100755 --- a/lib/prepare-system.sh +++ b/lib/prepare-system.sh @@ -52,6 +52,9 @@ case "$PROJECT" in bbmri) site_configuration_repository_middle="git.verbis.dkfz.de/bbmri-bridgehead-configs/" ;; + minimal) + site_configuration_repository_middle="git.verbis.dkfz.de/minimal-bridgehead-configs/" + ;; *) log ERROR "Internal error, this should not happen." exit 1 From c9806ad874530d7da25c24d871392cecdb6e2e99 Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Mon, 15 May 2023 13:43:01 +0200 Subject: [PATCH 12/24] Adapt DNPM configuration --- bbmri/modules/dnpm-compose-beamconnect.yml | 15 ++++++++------- bbmri/modules/dnpm-setup.sh | 4 +++- ccp/modules/dnpm-compose-beamconnect.yml | 9 +++++---- ccp/modules/dnpm-setup.sh | 1 - minimal/modules/dnpm-compose-beamconnect.yml | 19 ++++++++++--------- minimal/modules/dnpm-setup.sh | 4 +++- 6 files changed, 29 insertions(+), 23 deletions(-) diff --git a/bbmri/modules/dnpm-compose-beamconnect.yml b/bbmri/modules/dnpm-compose-beamconnect.yml index 9d3be80..90f6cf1 100644 --- a/bbmri/modules/dnpm-compose-beamconnect.yml +++ b/bbmri/modules/dnpm-compose-beamconnect.yml @@ -5,10 +5,10 @@ services: image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop container_name: bridgehead-dnpm-beam-proxy environment: - BROKER_URL: ${BROKER_URL} - PROXY_ID: ${PROXY_ID} - APP_3_ID: dnpm-connect - APP_3_KEY: ${DNPM_BEAM_SECRET_SHORT} + BROKER_URL: ${DNPM_BROKER_URL} + PROXY_ID: ${DNPM_PROXY_ID} + APP_0_ID: dnpm-connect + APP_0_KEY: ${DNPM_BEAM_SECRET_SHORT} PRIVKEY_FILE: /run/secrets/proxy.pem ALL_PROXY: http://forward_proxy:3128 TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs @@ -27,15 +27,16 @@ services: environment: PROXY_URL: http://dnpm-beam-proxy:8081 PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} - APP_ID: dnpm-connect.${PROXY_ID} - DISCOVERY_URL: ${DNPM_DISCOVERY_URL} - LOCAL_TARGETS_FILE: /conf/connect_targets.json + APP_ID: dnpm-connect.${DNPM_PROXY_ID} + DISCOVERY_URL: "./conf/central_targets.json" + LOCAL_TARGETS_FILE: "./conf/connect_targets.json" HTTP_PROXY: http://forward_proxy:3128 HTTPS_PROXY: http://forward_proxy:3128 NO_PROXY: dnpm-beam-proxy,dnpm-backend RUST_LOG: ${RUST_LOG:-info} volumes: - /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro + - /etc/bridgehead/dnpm/central_targets.json:/conf/central_targets.json:ro labels: - "traefik.enable=true" - "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)" diff --git a/bbmri/modules/dnpm-setup.sh b/bbmri/modules/dnpm-setup.sh index 9a3cbf4..db1969a 100644 --- a/bbmri/modules/dnpm-setup.sh +++ b/bbmri/modules/dnpm-setup.sh @@ -7,7 +7,9 @@ if [ -n "${ENABLE_DNPM}" ]; then # Set variables required for Beam-Connect DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" - DNPM_DISCOVERY_URL="https://dnpm.medizin.uni-tuebingen.de/sites" + DNPM_BROKER_ID="broker.dev.ccp-it.dktk.dkfz.de" + DNPM_BROKER_URL="https://${DNPM_BROKER_ID}" + DNPM_PROXY_ID="${SITE_ID}.${DNPM_BROKER_ID}" # Optionally, start bwhc as well. This is currently only experimental if [ -n "${ENABLE_DNPM_BWHC}" ]; then diff --git a/ccp/modules/dnpm-compose-beamconnect.yml b/ccp/modules/dnpm-compose-beamconnect.yml index 8db45ac..2dce251 100644 --- a/ccp/modules/dnpm-compose-beamconnect.yml +++ b/ccp/modules/dnpm-compose-beamconnect.yml @@ -13,14 +13,15 @@ services: PROXY_URL: http://beam-proxy:8081 PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} APP_ID: dnpm-connect.${PROXY_ID} - DISCOVERY_URL: ${DNPM_DISCOVERY_URL} - LOCAL_TARGETS_FILE: /conf/connect_targets.json - HTTP_PROXY: http://forward_proxy:3128 - HTTPS_PROXY: http://forward_proxy:3128 + DISCOVERY_URL: "./conf/central_targets.json" + LOCAL_TARGETS_FILE: "./conf/connect_targets.json" + HTTP_PROXY: "http://forward_proxy:3128" + HTTPS_PROXY: "http://forward_proxy:3128" NO_PROXY: beam-proxy,dnpm-backend RUST_LOG: ${RUST_LOG:-info} volumes: - /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro + - /etc/bridgehead/dnpm/central_targets.json:/conf/central_targets.json:ro labels: - "traefik.enable=true" - "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)" diff --git a/ccp/modules/dnpm-setup.sh b/ccp/modules/dnpm-setup.sh index 9a3cbf4..ce39731 100644 --- a/ccp/modules/dnpm-setup.sh +++ b/ccp/modules/dnpm-setup.sh @@ -7,7 +7,6 @@ if [ -n "${ENABLE_DNPM}" ]; then # Set variables required for Beam-Connect DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" - DNPM_DISCOVERY_URL="https://dnpm.medizin.uni-tuebingen.de/sites" # Optionally, start bwhc as well. This is currently only experimental if [ -n "${ENABLE_DNPM_BWHC}" ]; then diff --git a/minimal/modules/dnpm-compose-beamconnect.yml b/minimal/modules/dnpm-compose-beamconnect.yml index 9d3be80..16cfdb9 100644 --- a/minimal/modules/dnpm-compose-beamconnect.yml +++ b/minimal/modules/dnpm-compose-beamconnect.yml @@ -5,14 +5,14 @@ services: image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop container_name: bridgehead-dnpm-beam-proxy environment: - BROKER_URL: ${BROKER_URL} - PROXY_ID: ${PROXY_ID} - APP_3_ID: dnpm-connect - APP_3_KEY: ${DNPM_BEAM_SECRET_SHORT} + BROKER_URL: ${DNPM_BROKER_URL} + PROXY_ID: ${DNPM_PROXY_ID} + APP_0_ID: dnpm-connect + APP_0_KEY: ${DNPM_BEAM_SECRET_SHORT} PRIVKEY_FILE: /run/secrets/proxy.pem ALL_PROXY: http://forward_proxy:3128 - TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs - ROOTCERT_FILE: /conf/root.crt.pem + TLS_CA_CERTIFICATES_DIR: ./conf/trusted-ca-certs + ROOTCERT_FILE: ./conf/root.crt.pem secrets: - proxy.pem depends_on: @@ -27,15 +27,16 @@ services: environment: PROXY_URL: http://dnpm-beam-proxy:8081 PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} - APP_ID: dnpm-connect.${PROXY_ID} - DISCOVERY_URL: ${DNPM_DISCOVERY_URL} - LOCAL_TARGETS_FILE: /conf/connect_targets.json + APP_ID: dnpm-connect.${DNPM_PROXY_ID} + DISCOVERY_URL: "./conf/central_targets.json" + LOCAL_TARGETS_FILE: "./conf/connect_targets.json" HTTP_PROXY: http://forward_proxy:3128 HTTPS_PROXY: http://forward_proxy:3128 NO_PROXY: dnpm-beam-proxy,dnpm-backend RUST_LOG: ${RUST_LOG:-info} volumes: - /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro + - /etc/bridgehead/dnpm/central_targets.json:/conf/central_targets.json:ro labels: - "traefik.enable=true" - "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)" diff --git a/minimal/modules/dnpm-setup.sh b/minimal/modules/dnpm-setup.sh index 9a3cbf4..db1969a 100644 --- a/minimal/modules/dnpm-setup.sh +++ b/minimal/modules/dnpm-setup.sh @@ -7,7 +7,9 @@ if [ -n "${ENABLE_DNPM}" ]; then # Set variables required for Beam-Connect DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" - DNPM_DISCOVERY_URL="https://dnpm.medizin.uni-tuebingen.de/sites" + DNPM_BROKER_ID="broker.dev.ccp-it.dktk.dkfz.de" + DNPM_BROKER_URL="https://${DNPM_BROKER_ID}" + DNPM_PROXY_ID="${SITE_ID}.${DNPM_BROKER_ID}" # Optionally, start bwhc as well. This is currently only experimental if [ -n "${ENABLE_DNPM_BWHC}" ]; then From 7b753c03c008a4946ea43f40cc2532e4767fa3aa Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Tue, 16 May 2023 10:46:17 +0200 Subject: [PATCH 13/24] Add minimal project to readme --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 5acb5f0..9d95d32 100644 --- a/README.md +++ b/README.md @@ -87,7 +87,7 @@ To request a new repository, please contact your research network administration - For the ccp project: support-ccp@dkfz-heidelberg.de Mention: -- which project you belong to, i.e. "bbmri" or "ccp" +- which project you belong to, i.e. "bbmri", "ccp", or "minimal" - site name (According to conventions listed above) - operator name and email @@ -248,7 +248,7 @@ Your Bridgehead's actual data is not stored in the above directories, but in nam Your Bridgehead will automatically and regularly check for updates. Whenever something has been updates (e.g., one of the git repositories or one of the docker images), your Bridgehead is automatically restarted. This should happen automatically and does not need any configuration. -If you would like to understand what happens exactly and when, please check the systemd units deployed during the [installation](#base-installation) via `systemctl cat bridgehead-update@.service` and `systemctl cat bridgehead-update@.service` and `systemctl cat bridgehead-update@.timer`. ### Auto-Backups From 2de6504832f677f23481a875cdd8b52551ae9719 Mon Sep 17 00:00:00 2001 From: Patrick Skowronek Date: Tue, 16 May 2023 11:57:27 +0200 Subject: [PATCH 14/24] Change blaze tag to latest --- bbmri/docker-compose.yml | 2 +- ccp/docker-compose.yml | 2 +- ccp/exliquid-compose.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/bbmri/docker-compose.yml b/bbmri/docker-compose.yml index 07658f4..c32d8f3 100644 --- a/bbmri/docker-compose.yml +++ b/bbmri/docker-compose.yml @@ -54,7 +54,7 @@ services: SITE_NAME: ${SITE_NAME} blaze: - image: docker.verbis.dkfz.de/cache/samply/blaze:0.19 + image: docker.verbis.dkfz.de/cache/samply/blaze:latest container_name: bridgehead-bbmri-blaze environment: BASE_URL: "http://bridgehead-bbmri-blaze:8080" diff --git a/ccp/docker-compose.yml b/ccp/docker-compose.yml index 209ee70..38ba27e 100644 --- a/ccp/docker-compose.yml +++ b/ccp/docker-compose.yml @@ -54,7 +54,7 @@ services: SITE_NAME: ${SITE_NAME} blaze: - image: docker.verbis.dkfz.de/cache/samply/blaze:0.19 + image: docker.verbis.dkfz.de/cache/samply/blaze:latest container_name: bridgehead-ccp-blaze environment: BASE_URL: "http://bridgehead-ccp-blaze:8080" diff --git a/ccp/exliquid-compose.yml b/ccp/exliquid-compose.yml index d5bb351..becf99a 100644 --- a/ccp/exliquid-compose.yml +++ b/ccp/exliquid-compose.yml @@ -2,7 +2,7 @@ version: "3.7" services: exliquid-task-store: - image: docker.verbis.dkfz.de/cache/samply/blaze:0.19 + image: docker.verbis.dkfz.de/cache/samply/blaze:0.20 container_name: bridgehead-exliquid-task-store environment: BASE_URL: "http://bridgehead-exliquid-task-store:8080" From 4e7f023b8a3e050c9c591145510e3ee36a2bf939 Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Tue, 16 May 2023 10:56:28 +0000 Subject: [PATCH 15/24] Clean up bwhc startup --- bbmri/modules/dnpm-compose-bwhc.yml | 20 +++----- bbmri/modules/dnpm-setup.sh | 10 ++++ ccp/modules/dnpm-compose-bwhc.yml | 20 +++----- ccp/modules/dnpm-setup.sh | 10 ++++ dnpm/dnpm-compose-beamconnect.yml | 29 ----------- dnpm/dnpm-compose-bwhc.yml | 51 ------------------- dnpm/dnpm-setup.sh | 16 ------ dnpm/origin/logback.xml | 37 -------------- dnpm/vars | 1 - .../modules/dnpm-backend.Dockerfile | 0 minimal/modules/dnpm-compose-bwhc.yml | 20 +++----- .../modules/dnpm-frontend.Dockerfile | 0 minimal/modules/dnpm-setup.sh | 10 ++++ 13 files changed, 54 insertions(+), 170 deletions(-) delete mode 100644 dnpm/dnpm-compose-beamconnect.yml delete mode 100644 dnpm/dnpm-compose-bwhc.yml delete mode 100644 dnpm/dnpm-setup.sh delete mode 100644 dnpm/origin/logback.xml delete mode 100644 dnpm/vars rename dnpm/origin/Backend.Dockerfile => minimal/modules/dnpm-backend.Dockerfile (100%) rename dnpm/origin/Frontend.Dockerfile => minimal/modules/dnpm-frontend.Dockerfile (100%) diff --git a/bbmri/modules/dnpm-compose-bwhc.yml b/bbmri/modules/dnpm-compose-bwhc.yml index 9ba1357..a264728 100644 --- a/bbmri/modules/dnpm-compose-bwhc.yml +++ b/bbmri/modules/dnpm-compose-bwhc.yml @@ -4,21 +4,20 @@ services: dnpm-frontend: depends_on: [ dnpm-backend ] build: - context: ../../dnpm/origin - dockerfile: Frontend.Dockerfile - network: host + context: ../../minimal/modules + dockerfile: dnpm-frontend.Dockerfile args: NUXT_HOST: 0.0.0.0 NUXT_PORT: 3000 - BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} - BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} + BACKEND_PROTOCOL: http + BACKEND_HOSTNAME: dnpm-backend BACKEND_PORT: 9000 DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} HTTP_PROXY: ${http_proxy} HTTPS_PROXY: ${https_proxy} environment: - BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} - BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} + BACKEND_PROTOCOL: http + BACKEND_HOSTNAME: dnpm-backend BACKEND_PORT: 9000 no_proxy: dnpm-backend labels: @@ -29,13 +28,11 @@ services: dnpm-backend: build: - context: ../../dnpm/origin - dockerfile: Backend.Dockerfile + context: ../../minimal/modules + dockerfile: dnpm-backend.Dockerfile args: BWHC_BASE_DIR: /bwhc-backend DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP} - ports: - - 9000:9000 environment: APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET} ZPM_SITE: ${ZPM_SITE} @@ -43,7 +40,6 @@ services: # PLAY_HTTP_PORT: 9000 # PLAY_HTTP_ADDRESS: 0.0.0.0 volumes: - - ../dnpm/origin/logback.xml:/bwhc-backend/logback.xml:ro - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro - bwhc_data:/bwhc-backend/data/ diff --git a/bbmri/modules/dnpm-setup.sh b/bbmri/modules/dnpm-setup.sh index db1969a..ca98542 100644 --- a/bbmri/modules/dnpm-setup.sh +++ b/bbmri/modules/dnpm-setup.sh @@ -15,5 +15,15 @@ if [ -n "${ENABLE_DNPM}" ]; then if [ -n "${ENABLE_DNPM_BWHC}" ]; then log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!" OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-bwhc.yml" + + if [ -z "${DNPM_BWHC_FRONTEND_ZIP}" ]; then + fail_and_report 1 "Variable DNPM_BWHC_FRONTEND_ZIP is not set." + fi + if [ -z "${DNPM_BWHC_BACKEND_ZIP}" ]; then + fail_and_report 1 "Variable DNPM_BWHC_BACKEND_ZIP is not set." + fi + if [ -z "${ZPM_SITE}" ]; then + fail_and_report 1 "Variable ZPM_SITE is not set." + fi fi fi diff --git a/ccp/modules/dnpm-compose-bwhc.yml b/ccp/modules/dnpm-compose-bwhc.yml index 9ba1357..a264728 100644 --- a/ccp/modules/dnpm-compose-bwhc.yml +++ b/ccp/modules/dnpm-compose-bwhc.yml @@ -4,21 +4,20 @@ services: dnpm-frontend: depends_on: [ dnpm-backend ] build: - context: ../../dnpm/origin - dockerfile: Frontend.Dockerfile - network: host + context: ../../minimal/modules + dockerfile: dnpm-frontend.Dockerfile args: NUXT_HOST: 0.0.0.0 NUXT_PORT: 3000 - BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} - BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} + BACKEND_PROTOCOL: http + BACKEND_HOSTNAME: dnpm-backend BACKEND_PORT: 9000 DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} HTTP_PROXY: ${http_proxy} HTTPS_PROXY: ${https_proxy} environment: - BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} - BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} + BACKEND_PROTOCOL: http + BACKEND_HOSTNAME: dnpm-backend BACKEND_PORT: 9000 no_proxy: dnpm-backend labels: @@ -29,13 +28,11 @@ services: dnpm-backend: build: - context: ../../dnpm/origin - dockerfile: Backend.Dockerfile + context: ../../minimal/modules + dockerfile: dnpm-backend.Dockerfile args: BWHC_BASE_DIR: /bwhc-backend DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP} - ports: - - 9000:9000 environment: APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET} ZPM_SITE: ${ZPM_SITE} @@ -43,7 +40,6 @@ services: # PLAY_HTTP_PORT: 9000 # PLAY_HTTP_ADDRESS: 0.0.0.0 volumes: - - ../dnpm/origin/logback.xml:/bwhc-backend/logback.xml:ro - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro - bwhc_data:/bwhc-backend/data/ diff --git a/ccp/modules/dnpm-setup.sh b/ccp/modules/dnpm-setup.sh index ce39731..c6c2b29 100644 --- a/ccp/modules/dnpm-setup.sh +++ b/ccp/modules/dnpm-setup.sh @@ -12,5 +12,15 @@ if [ -n "${ENABLE_DNPM}" ]; then if [ -n "${ENABLE_DNPM_BWHC}" ]; then log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!" OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-bwhc.yml" + + if [ -z "${DNPM_BWHC_FRONTEND_ZIP}" ]; then + fail_and_report 1 "Variable DNPM_BWHC_FRONTEND_ZIP is not set." + fi + if [ -z "${DNPM_BWHC_BACKEND_ZIP}" ]; then + fail_and_report 1 "Variable DNPM_BWHC_BACKEND_ZIP is not set." + fi + if [ -z "${ZPM_SITE}" ]; then + fail_and_report 1 "Variable ZPM_SITE is not set." + fi fi fi diff --git a/dnpm/dnpm-compose-beamconnect.yml b/dnpm/dnpm-compose-beamconnect.yml deleted file mode 100644 index 57c46eb..0000000 --- a/dnpm/dnpm-compose-beamconnect.yml +++ /dev/null @@ -1,29 +0,0 @@ -version: "3.7" - -services: - beam-proxy: - environment: - APP_2_ID: dnpm - APP_2_KEY: ${DNPM_BEAM_SECRET_SHORT} - - dnpm-beam-connect: - depends_on: [ beam-proxy ] - image: samply/beam-connect:sites-without-auth - environment: - PROXY_URL: http://beam-proxy:8081 - PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} - APP_ID: dnpm.${PROXY_ID} - DISCOVERY_URL: ${DNPM_DISCOVERY_URL} - LOCAL_TARGETS_FILE: /run/secrets/connect_targets.json - HTTP_PROXY: http://forward_proxy:3128 - HTTPS_PROXY: http://forward_proxy:3128 - NO_PROXY: beam-proxy,dnpm-backend - RUST_LOG: ${RUST_LOG:-info} - secrets: - - connect_targets.json - ports: - - 8062:8062 - -secrets: - connect_targets.json: - file: /etc/bridgehead/dnpm/local_targets.json diff --git a/dnpm/dnpm-compose-bwhc.yml b/dnpm/dnpm-compose-bwhc.yml deleted file mode 100644 index 60fe3f0..0000000 --- a/dnpm/dnpm-compose-bwhc.yml +++ /dev/null @@ -1,51 +0,0 @@ -version: "3.7" - -services: - dnpm-frontend: - depends_on: [ dnpm-backend ] - build: - context: ../dnpm/origin - dockerfile: Frontend.Dockerfile - network: host - args: - NUXT_HOST: 0.0.0.0 - NUXT_PORT: 3000 - BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} - BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} - BACKEND_PORT: 9000 - DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} - HTTP_PROXY: ${http_proxy} - HTTPS_PROXY: ${https_proxy} - ports: - - 3000:3000 - environment: - BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} - BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} - BACKEND_PORT: 9000 - no_proxy: dnpm-backend - - dnpm-backend: - build: - context: ../dnpm/origin - dockerfile: Backend.Dockerfile - args: - BWHC_BASE_DIR: /bwhc-backend - DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP} - ports: - - 9000:9000 - environment: - APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET} - ZPM_SITE: ${ZPM_SITE} - noproxy: dnpm-frontend,connect - # PLAY_HTTP_PORT: 9000 - # PLAY_HTTP_ADDRESS: 0.0.0.0 - volumes: - - ../dnpm/origin/logback.xml:/bwhc-backend/logback.xml:ro - - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro - - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro - - bwhc_data:/bwhc-backend/data/ - - bwhc_hgnc_data:/bwhc-backend/hgnc_data/ - -volumes: - bwhc_data: - bwhc_hgnc_data: diff --git a/dnpm/dnpm-setup.sh b/dnpm/dnpm-setup.sh deleted file mode 100644 index ff32c68..0000000 --- a/dnpm/dnpm-setup.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -function dnpmSetup() { - if [ -e /etc/bridgehead/dnpm/local_targets.json ]; then - log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM." - OVERRIDE+=" -f ./dnpm/dnpm-compose-beamconnect.yml" - DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" - DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" - source /srv/docker/bridgehead/dnpm/vars || fail_and_report 1 "Unable to load /srv/docker/bridgehead/dnpm/vars" - export DNPM_DISCOVERY_URL - if [ -e /etc/bridgehead/dnpm/bwhcConnectorConfig.xml ]; then - log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!" - OVERRIDE+=" -f ./dnpm/dnpm-compose-bwhc.yml" - fi - fi -} diff --git a/dnpm/origin/logback.xml b/dnpm/origin/logback.xml deleted file mode 100644 index c25cda6..0000000 --- a/dnpm/origin/logback.xml +++ /dev/null @@ -1,37 +0,0 @@ - - - - - - - - - - %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n - - - - - - - - - - diff --git a/dnpm/vars b/dnpm/vars deleted file mode 100644 index 69c2220..0000000 --- a/dnpm/vars +++ /dev/null @@ -1 +0,0 @@ -DNPM_DISCOVERY_URL=https://dnpm.medizin.uni-tuebingen.de/sites diff --git a/dnpm/origin/Backend.Dockerfile b/minimal/modules/dnpm-backend.Dockerfile similarity index 100% rename from dnpm/origin/Backend.Dockerfile rename to minimal/modules/dnpm-backend.Dockerfile diff --git a/minimal/modules/dnpm-compose-bwhc.yml b/minimal/modules/dnpm-compose-bwhc.yml index 9ba1357..a264728 100644 --- a/minimal/modules/dnpm-compose-bwhc.yml +++ b/minimal/modules/dnpm-compose-bwhc.yml @@ -4,21 +4,20 @@ services: dnpm-frontend: depends_on: [ dnpm-backend ] build: - context: ../../dnpm/origin - dockerfile: Frontend.Dockerfile - network: host + context: ../../minimal/modules + dockerfile: dnpm-frontend.Dockerfile args: NUXT_HOST: 0.0.0.0 NUXT_PORT: 3000 - BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} - BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} + BACKEND_PROTOCOL: http + BACKEND_HOSTNAME: dnpm-backend BACKEND_PORT: 9000 DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} HTTP_PROXY: ${http_proxy} HTTPS_PROXY: ${https_proxy} environment: - BACKEND_PROTOCOL: ${DNPM_BMHC_BACKEND_PROTOCOL} - BACKEND_HOSTNAME: ${DNPM_BWHC_BACKEND_HOSTNAME} + BACKEND_PROTOCOL: http + BACKEND_HOSTNAME: dnpm-backend BACKEND_PORT: 9000 no_proxy: dnpm-backend labels: @@ -29,13 +28,11 @@ services: dnpm-backend: build: - context: ../../dnpm/origin - dockerfile: Backend.Dockerfile + context: ../../minimal/modules + dockerfile: dnpm-backend.Dockerfile args: BWHC_BASE_DIR: /bwhc-backend DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP} - ports: - - 9000:9000 environment: APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET} ZPM_SITE: ${ZPM_SITE} @@ -43,7 +40,6 @@ services: # PLAY_HTTP_PORT: 9000 # PLAY_HTTP_ADDRESS: 0.0.0.0 volumes: - - ../dnpm/origin/logback.xml:/bwhc-backend/logback.xml:ro - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro - bwhc_data:/bwhc-backend/data/ diff --git a/dnpm/origin/Frontend.Dockerfile b/minimal/modules/dnpm-frontend.Dockerfile similarity index 100% rename from dnpm/origin/Frontend.Dockerfile rename to minimal/modules/dnpm-frontend.Dockerfile diff --git a/minimal/modules/dnpm-setup.sh b/minimal/modules/dnpm-setup.sh index db1969a..ca98542 100644 --- a/minimal/modules/dnpm-setup.sh +++ b/minimal/modules/dnpm-setup.sh @@ -15,5 +15,15 @@ if [ -n "${ENABLE_DNPM}" ]; then if [ -n "${ENABLE_DNPM_BWHC}" ]; then log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!" OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-bwhc.yml" + + if [ -z "${DNPM_BWHC_FRONTEND_ZIP}" ]; then + fail_and_report 1 "Variable DNPM_BWHC_FRONTEND_ZIP is not set." + fi + if [ -z "${DNPM_BWHC_BACKEND_ZIP}" ]; then + fail_and_report 1 "Variable DNPM_BWHC_BACKEND_ZIP is not set." + fi + if [ -z "${ZPM_SITE}" ]; then + fail_and_report 1 "Variable ZPM_SITE is not set." + fi fi fi From f4134bcfca5f3f96974568c57ad5c2651990cf1a Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Wed, 17 May 2023 09:26:55 +0000 Subject: [PATCH 16/24] Remove DNPM-BwHC experiment --- bbmri/modules/dnpm-compose-bwhc.yml | 50 -------------- ...mpose-beamconnect.yml => dnpm-compose.yml} | 0 bbmri/modules/dnpm-setup.sh | 18 +---- ccp/modules/dnpm-compose-bwhc.yml | 50 -------------- ...mpose-beamconnect.yml => dnpm-compose.yml} | 0 ccp/modules/dnpm-setup.sh | 18 +---- minimal/modules/dnpm-backend.Dockerfile | 66 ------------------- minimal/modules/dnpm-compose-bwhc.yml | 50 -------------- ...mpose-beamconnect.yml => dnpm-compose.yml} | 0 minimal/modules/dnpm-frontend.Dockerfile | 42 ------------ minimal/modules/dnpm-setup.sh | 18 +---- 11 files changed, 3 insertions(+), 309 deletions(-) delete mode 100644 bbmri/modules/dnpm-compose-bwhc.yml rename bbmri/modules/{dnpm-compose-beamconnect.yml => dnpm-compose.yml} (100%) delete mode 100644 ccp/modules/dnpm-compose-bwhc.yml rename ccp/modules/{dnpm-compose-beamconnect.yml => dnpm-compose.yml} (100%) delete mode 100644 minimal/modules/dnpm-backend.Dockerfile delete mode 100644 minimal/modules/dnpm-compose-bwhc.yml rename minimal/modules/{dnpm-compose-beamconnect.yml => dnpm-compose.yml} (100%) delete mode 100644 minimal/modules/dnpm-frontend.Dockerfile diff --git a/bbmri/modules/dnpm-compose-bwhc.yml b/bbmri/modules/dnpm-compose-bwhc.yml deleted file mode 100644 index a264728..0000000 --- a/bbmri/modules/dnpm-compose-bwhc.yml +++ /dev/null @@ -1,50 +0,0 @@ -version: "3.7" - -services: - dnpm-frontend: - depends_on: [ dnpm-backend ] - build: - context: ../../minimal/modules - dockerfile: dnpm-frontend.Dockerfile - args: - NUXT_HOST: 0.0.0.0 - NUXT_PORT: 3000 - BACKEND_PROTOCOL: http - BACKEND_HOSTNAME: dnpm-backend - BACKEND_PORT: 9000 - DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} - HTTP_PROXY: ${http_proxy} - HTTPS_PROXY: ${https_proxy} - environment: - BACKEND_PROTOCOL: http - BACKEND_HOSTNAME: dnpm-backend - BACKEND_PORT: 9000 - no_proxy: dnpm-backend - labels: - - "traefik.enable=true" - - "traefik.http.routers.dnpm-frontend.rule=PathPrefix(`/dnpm-frontend`)" - - "traefik.http.services.dnpm-frontend.loadbalancer.server.port=3000" - - "traefik.http.routers.dnpm-frontend.tls=true" - - dnpm-backend: - build: - context: ../../minimal/modules - dockerfile: dnpm-backend.Dockerfile - args: - BWHC_BASE_DIR: /bwhc-backend - DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP} - environment: - APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET} - ZPM_SITE: ${ZPM_SITE} - noproxy: dnpm-frontend,dnpm-beam-connect - # PLAY_HTTP_PORT: 9000 - # PLAY_HTTP_ADDRESS: 0.0.0.0 - volumes: - - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro - - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro - - bwhc_data:/bwhc-backend/data/ - - bwhc_hgnc_data:/bwhc-backend/hgnc_data/ - -volumes: - bwhc_data: - bwhc_hgnc_data: diff --git a/bbmri/modules/dnpm-compose-beamconnect.yml b/bbmri/modules/dnpm-compose.yml similarity index 100% rename from bbmri/modules/dnpm-compose-beamconnect.yml rename to bbmri/modules/dnpm-compose.yml diff --git a/bbmri/modules/dnpm-setup.sh b/bbmri/modules/dnpm-setup.sh index ca98542..4ece115 100644 --- a/bbmri/modules/dnpm-setup.sh +++ b/bbmri/modules/dnpm-setup.sh @@ -2,7 +2,7 @@ if [ -n "${ENABLE_DNPM}" ]; then log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM." - OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-beamconnect.yml" + OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose.yml" # Set variables required for Beam-Connect DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" @@ -10,20 +10,4 @@ if [ -n "${ENABLE_DNPM}" ]; then DNPM_BROKER_ID="broker.dev.ccp-it.dktk.dkfz.de" DNPM_BROKER_URL="https://${DNPM_BROKER_ID}" DNPM_PROXY_ID="${SITE_ID}.${DNPM_BROKER_ID}" - - # Optionally, start bwhc as well. This is currently only experimental - if [ -n "${ENABLE_DNPM_BWHC}" ]; then - log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!" - OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-bwhc.yml" - - if [ -z "${DNPM_BWHC_FRONTEND_ZIP}" ]; then - fail_and_report 1 "Variable DNPM_BWHC_FRONTEND_ZIP is not set." - fi - if [ -z "${DNPM_BWHC_BACKEND_ZIP}" ]; then - fail_and_report 1 "Variable DNPM_BWHC_BACKEND_ZIP is not set." - fi - if [ -z "${ZPM_SITE}" ]; then - fail_and_report 1 "Variable ZPM_SITE is not set." - fi - fi fi diff --git a/ccp/modules/dnpm-compose-bwhc.yml b/ccp/modules/dnpm-compose-bwhc.yml deleted file mode 100644 index a264728..0000000 --- a/ccp/modules/dnpm-compose-bwhc.yml +++ /dev/null @@ -1,50 +0,0 @@ -version: "3.7" - -services: - dnpm-frontend: - depends_on: [ dnpm-backend ] - build: - context: ../../minimal/modules - dockerfile: dnpm-frontend.Dockerfile - args: - NUXT_HOST: 0.0.0.0 - NUXT_PORT: 3000 - BACKEND_PROTOCOL: http - BACKEND_HOSTNAME: dnpm-backend - BACKEND_PORT: 9000 - DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} - HTTP_PROXY: ${http_proxy} - HTTPS_PROXY: ${https_proxy} - environment: - BACKEND_PROTOCOL: http - BACKEND_HOSTNAME: dnpm-backend - BACKEND_PORT: 9000 - no_proxy: dnpm-backend - labels: - - "traefik.enable=true" - - "traefik.http.routers.dnpm-frontend.rule=PathPrefix(`/dnpm-frontend`)" - - "traefik.http.services.dnpm-frontend.loadbalancer.server.port=3000" - - "traefik.http.routers.dnpm-frontend.tls=true" - - dnpm-backend: - build: - context: ../../minimal/modules - dockerfile: dnpm-backend.Dockerfile - args: - BWHC_BASE_DIR: /bwhc-backend - DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP} - environment: - APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET} - ZPM_SITE: ${ZPM_SITE} - noproxy: dnpm-frontend,dnpm-beam-connect - # PLAY_HTTP_PORT: 9000 - # PLAY_HTTP_ADDRESS: 0.0.0.0 - volumes: - - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro - - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro - - bwhc_data:/bwhc-backend/data/ - - bwhc_hgnc_data:/bwhc-backend/hgnc_data/ - -volumes: - bwhc_data: - bwhc_hgnc_data: diff --git a/ccp/modules/dnpm-compose-beamconnect.yml b/ccp/modules/dnpm-compose.yml similarity index 100% rename from ccp/modules/dnpm-compose-beamconnect.yml rename to ccp/modules/dnpm-compose.yml diff --git a/ccp/modules/dnpm-setup.sh b/ccp/modules/dnpm-setup.sh index c6c2b29..c9250cb 100644 --- a/ccp/modules/dnpm-setup.sh +++ b/ccp/modules/dnpm-setup.sh @@ -2,25 +2,9 @@ if [ -n "${ENABLE_DNPM}" ]; then log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM." - OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-beamconnect.yml" + OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose.yml" # Set variables required for Beam-Connect DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" - - # Optionally, start bwhc as well. This is currently only experimental - if [ -n "${ENABLE_DNPM_BWHC}" ]; then - log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!" - OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-bwhc.yml" - - if [ -z "${DNPM_BWHC_FRONTEND_ZIP}" ]; then - fail_and_report 1 "Variable DNPM_BWHC_FRONTEND_ZIP is not set." - fi - if [ -z "${DNPM_BWHC_BACKEND_ZIP}" ]; then - fail_and_report 1 "Variable DNPM_BWHC_BACKEND_ZIP is not set." - fi - if [ -z "${ZPM_SITE}" ]; then - fail_and_report 1 "Variable ZPM_SITE is not set." - fi - fi fi diff --git a/minimal/modules/dnpm-backend.Dockerfile b/minimal/modules/dnpm-backend.Dockerfile deleted file mode 100644 index e37c008..0000000 --- a/minimal/modules/dnpm-backend.Dockerfile +++ /dev/null @@ -1,66 +0,0 @@ -FROM openjdk:11-jre AS builder - -ARG DNPM_BWHC_BACKEND_ZIP - -# Change to latest release -ARG VERSION=broker - -ARG BWHC_BASE_DIR=/bwhc-backend - -ENV BWHC_BASE_DIR=$BWHC_BASE_DIR -ENV BWHC_USER_DB_DIR=$BWHC_BASE_DIR/data/user-db -ENV BWHC_DATA_ENTRY_DIR=$BWHC_BASE_DIR/data/data-entry -ENV BWHC_QUERY_DATA_DIR=$BWHC_BASE_DIR/data/query-data - -ADD ${DNPM_BWHC_BACKEND_ZIP} / -RUN unzip $(basename ${DNPM_BWHC_BACKEND_ZIP}) && rm $(basename ${DNPM_BWHC_BACKEND_ZIP}) - -WORKDIR $BWHC_BASE_DIR - -# Prepare config file to use environment variables from docker -RUN sed -i -r "s/APPLICATION_SECRET(.*)/#APPLICATION_SECRET\1/" ./config -RUN sed -i -r "s/ZPM_SITE(.*)/#ZPM_SITE\1/" ./config - -# Prepare config file to use fix environment variables for this image -RUN sed -i -r "s~BWHC_DATA_ENTRY_DIR.*~BWHC_DATA_ENTRY_DIR=$BWHC_DATA_ENTRY_DIR~" ./config -RUN sed -i -r "s~BWHC_QUERY_DATA_DIR.*~BWHC_QUERY_DATA_DIR=$BWHC_QUERY_DATA_DIR~" ./config -RUN sed -i -r "s~BWHC_USER_DB_DIR.*~BWHC_USER_DB_DIR=$BWHC_USER_DB_DIR~" ./config - -RUN ./install.sh $BWHC_BASE_DIR - -RUN mv bwhc-rest-api-gateway-*/ bwhc-rest-api-gateway/ - -FROM openjdk:11-jre - -ARG BWHC_BASE_DIR=/bwhc-backend - -ENV BWHC_BASE_DIR=$BWHC_BASE_DIR -ENV BWHC_USER_DB_DIR=$BWHC_BASE_DIR/data/user-db -ENV BWHC_DATA_ENTRY_DIR=$BWHC_BASE_DIR/data/data-entry -ENV BWHC_QUERY_DATA_DIR=$BWHC_BASE_DIR/data/query-data -ENV BWHC_CONNECTOR_CONFIG=$BWHC_BASE_DIR/bwhcConnectorConfig.xml - -COPY --from=builder $BWHC_BASE_DIR/config $BWHC_BASE_DIR/ -COPY --from=builder $BWHC_BASE_DIR/bwhcConnectorConfig.xml $BWHC_BASE_DIR/ -COPY --from=builder $BWHC_BASE_DIR/logback.xml $BWHC_BASE_DIR/ -COPY --from=builder $BWHC_BASE_DIR/production.conf $BWHC_BASE_DIR/ -COPY --from=builder $BWHC_BASE_DIR/bwhc-rest-api-gateway/ $BWHC_BASE_DIR/bwhc-rest-api-gateway/ - -VOLUME $BWHC_BASE_DIR/data -VOLUME $BWHC_BASE_DIR/hgnc_data - -EXPOSE ${BWHC_BACKEND_PORT} - -WORKDIR $BWHC_BASE_DIR - -CMD $BWHC_BASE_DIR/bwhc-rest-api-gateway/bin/bwhc-rest-api-gateway \ - -Dplay.http.secret.key=$APPLICATION_SECRET \ - -Dconfig.file=$BWHC_BASE_DIR/production.conf \ - -Dlogger.file=$BWHC_BASE_DIR/logback.xml \ - -Dpidfile.path=/dev/null \ - -Dbwhc.zpm.site=$ZPM_SITE \ - -Dbwhc.data.entry.dir=$BWHC_DATA_ENTRY_DIR \ - -Dbwhc.query.data.dir=$BWHC_QUERY_DATA_DIR \ - -Dbwhc.user.data.dir=$BWHC_USER_DB_DIR \ - -Dbwhc.hgnc.dir=$BWHC_HGNC_DIR \ - -Dbwhc.connector.configFile=$BWHC_CONNECTOR_CONFIG diff --git a/minimal/modules/dnpm-compose-bwhc.yml b/minimal/modules/dnpm-compose-bwhc.yml deleted file mode 100644 index a264728..0000000 --- a/minimal/modules/dnpm-compose-bwhc.yml +++ /dev/null @@ -1,50 +0,0 @@ -version: "3.7" - -services: - dnpm-frontend: - depends_on: [ dnpm-backend ] - build: - context: ../../minimal/modules - dockerfile: dnpm-frontend.Dockerfile - args: - NUXT_HOST: 0.0.0.0 - NUXT_PORT: 3000 - BACKEND_PROTOCOL: http - BACKEND_HOSTNAME: dnpm-backend - BACKEND_PORT: 9000 - DNPM_BWHC_FRONTEND_ZIP: ${DNPM_BWHC_FRONTEND_ZIP} - HTTP_PROXY: ${http_proxy} - HTTPS_PROXY: ${https_proxy} - environment: - BACKEND_PROTOCOL: http - BACKEND_HOSTNAME: dnpm-backend - BACKEND_PORT: 9000 - no_proxy: dnpm-backend - labels: - - "traefik.enable=true" - - "traefik.http.routers.dnpm-frontend.rule=PathPrefix(`/dnpm-frontend`)" - - "traefik.http.services.dnpm-frontend.loadbalancer.server.port=3000" - - "traefik.http.routers.dnpm-frontend.tls=true" - - dnpm-backend: - build: - context: ../../minimal/modules - dockerfile: dnpm-backend.Dockerfile - args: - BWHC_BASE_DIR: /bwhc-backend - DNPM_BWHC_BACKEND_ZIP: ${DNPM_BWHC_BACKEND_ZIP} - environment: - APPLICATION_SECRET: ${DNPM_APPLICATION_SECRET} - ZPM_SITE: ${ZPM_SITE} - noproxy: dnpm-frontend,dnpm-beam-connect - # PLAY_HTTP_PORT: 9000 - # PLAY_HTTP_ADDRESS: 0.0.0.0 - volumes: - - /etc/bridgehead/dnpm/bwhcConnectorConfig.xml:/bwhc-backend/bwhcConnectorConfig.xml:ro - - /etc/bridgehead/dnpm/production.conf:/bwhc-backend/production.conf:ro - - bwhc_data:/bwhc-backend/data/ - - bwhc_hgnc_data:/bwhc-backend/hgnc_data/ - -volumes: - bwhc_data: - bwhc_hgnc_data: diff --git a/minimal/modules/dnpm-compose-beamconnect.yml b/minimal/modules/dnpm-compose.yml similarity index 100% rename from minimal/modules/dnpm-compose-beamconnect.yml rename to minimal/modules/dnpm-compose.yml diff --git a/minimal/modules/dnpm-frontend.Dockerfile b/minimal/modules/dnpm-frontend.Dockerfile deleted file mode 100644 index 1d4bb30..0000000 --- a/minimal/modules/dnpm-frontend.Dockerfile +++ /dev/null @@ -1,42 +0,0 @@ -FROM node:10-alpine - -ARG DNPM_BWHC_FRONTEND_ZIP - -# Change to latest release -# Required for image build using local copy of zip file -ARG VERSION=2207 - -# nuxt host and port to be replaced in package.json. (See 2.3 in bwHCPrototypeManual) -# NUXT_HOST should have a value with public available IP address from within container. -# If changing NUXT_PORT, also change exposed port. -ARG NUXT_HOST=0.0.0.0 -ARG NUXT_PORT=3000 - -# Backend access setup. (See 2.4 in bwHCPrototypeManual) -ARG BACKEND_PROTOCOL=http -ARG BACKEND_HOSTNAME=localhost -ARG BACKEND_PORT=8080 - -ARG HTTP_PROXY="" -ARG HTTPS_PROXY="" - -ADD ${DNPM_BWHC_FRONTEND_ZIP} / -RUN unzip $(basename ${DNPM_BWHC_FRONTEND_ZIP}) && rm $(basename ${DNPM_BWHC_FRONTEND_ZIP}) - -WORKDIR /bwhc-frontend - -RUN npm install - -# Prepare package.json -RUN sed -i -r "s/^(\s*)\"host\"[^,]*(,?)/\1\"host\": \"$NUXT_HOST\"\2/" ./package.json -RUN sed -i -r "s/^(\s*)\"port\"[^,]*(,?)/\1\"port\": \"$NUXT_PORT\"\2/" ./package.json - -# Prepare nuxt.config.js -RUN sed -i -r "s/^(\s*)baseUrl[^,]*(,?)/\1baseUrl: process.env.BASE_URL || '$BACKEND_PROTOCOL:\/\/$BACKEND_HOSTNAME'\2/" ./nuxt.config.js -RUN sed -i -r "s/^(\s*)port[^,]*(,?)/\1port: process.env.port || ':$BACKEND_PORT'\2/" ./nuxt.config.js - -RUN npm run generate - -EXPOSE $NUXT_PORT - -CMD npm start diff --git a/minimal/modules/dnpm-setup.sh b/minimal/modules/dnpm-setup.sh index ca98542..4ece115 100644 --- a/minimal/modules/dnpm-setup.sh +++ b/minimal/modules/dnpm-setup.sh @@ -2,7 +2,7 @@ if [ -n "${ENABLE_DNPM}" ]; then log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM." - OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-beamconnect.yml" + OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose.yml" # Set variables required for Beam-Connect DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" @@ -10,20 +10,4 @@ if [ -n "${ENABLE_DNPM}" ]; then DNPM_BROKER_ID="broker.dev.ccp-it.dktk.dkfz.de" DNPM_BROKER_URL="https://${DNPM_BROKER_ID}" DNPM_PROXY_ID="${SITE_ID}.${DNPM_BROKER_ID}" - - # Optionally, start bwhc as well. This is currently only experimental - if [ -n "${ENABLE_DNPM_BWHC}" ]; then - log INFO "DNPM setup detected (with Frontend/Backend) -- will start BWHC Frontend/Backend. This is highly experimental!" - OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose-bwhc.yml" - - if [ -z "${DNPM_BWHC_FRONTEND_ZIP}" ]; then - fail_and_report 1 "Variable DNPM_BWHC_FRONTEND_ZIP is not set." - fi - if [ -z "${DNPM_BWHC_BACKEND_ZIP}" ]; then - fail_and_report 1 "Variable DNPM_BWHC_BACKEND_ZIP is not set." - fi - if [ -z "${ZPM_SITE}" ]; then - fail_and_report 1 "Variable ZPM_SITE is not set." - fi - fi fi From a18b63e190a2ec26c5a666d8038e430f547e6d12 Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Wed, 17 May 2023 10:04:35 +0000 Subject: [PATCH 17/24] Use cached beam-connect image for dnpm --- bbmri/modules/dnpm-compose.yml | 3 ++- ccp/modules/dnpm-compose.yml | 3 ++- minimal/modules/dnpm-compose.yml | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/bbmri/modules/dnpm-compose.yml b/bbmri/modules/dnpm-compose.yml index 90f6cf1..0175bf5 100644 --- a/bbmri/modules/dnpm-compose.yml +++ b/bbmri/modules/dnpm-compose.yml @@ -23,7 +23,8 @@ services: dnpm-beam-connect: depends_on: [ dnpm-beam-proxy ] - image: samply/beam-connect:sites-without-auth + image: docker.verbis.dkfz.de/cache/samply/beam-connect:sites-without-auth + container_name: bridgehead-dnpm-beam-connect environment: PROXY_URL: http://dnpm-beam-proxy:8081 PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} diff --git a/ccp/modules/dnpm-compose.yml b/ccp/modules/dnpm-compose.yml index 2dce251..2f523b9 100644 --- a/ccp/modules/dnpm-compose.yml +++ b/ccp/modules/dnpm-compose.yml @@ -8,7 +8,8 @@ services: dnpm-beam-connect: depends_on: [ beam-proxy ] - image: samply/beam-connect:sites-without-auth + image: docker.verbis.dkfz.de/cache/samply/beam-connect:sites-without-auth + container_name: bridgehead-dnpm-beam-connect environment: PROXY_URL: http://beam-proxy:8081 PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} diff --git a/minimal/modules/dnpm-compose.yml b/minimal/modules/dnpm-compose.yml index 16cfdb9..a2eb0b0 100644 --- a/minimal/modules/dnpm-compose.yml +++ b/minimal/modules/dnpm-compose.yml @@ -23,7 +23,8 @@ services: dnpm-beam-connect: depends_on: [ dnpm-beam-proxy ] - image: samply/beam-connect:sites-without-auth + image: docker.verbis.dkfz.de/cache/samply/beam-connect:sites-without-auth + container_name: bridgehead-dnpm-beam-connect environment: PROXY_URL: http://dnpm-beam-proxy:8081 PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} From ff4fb06ad158c6ac86bee8461834f77f1e9f9105 Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Fri, 19 May 2023 11:53:03 +0000 Subject: [PATCH 18/24] Address review comments --- README.md | 2 +- bbmri/modules/dnpm-compose.yml | 2 +- bbmri/modules/dnpm-setup.sh | 4 ++-- bbmri/vars | 2 +- bridgehead | 4 ++-- ccp/modules/dnpm-compose.yml | 2 +- ccp/modules/dnpm-setup.sh | 4 ++-- ccp/vars | 2 +- minimal/modules/dnpm-compose.yml | 2 +- minimal/modules/dnpm-setup.sh | 4 ++-- minimal/vars | 2 +- 11 files changed, 15 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index 550f563..8daab1f 100644 --- a/README.md +++ b/README.md @@ -85,7 +85,7 @@ To request a new repository, please contact your research network administration - For the ccp project: support-ccp@dkfz-heidelberg.de Mention: -- which project you belong to, i.e. "bbmri", "ccp", or "minimal" +- which project you belong to, i.e. "bbmri" or "ccp" - site name (According to conventions listed above) - operator name and email diff --git a/bbmri/modules/dnpm-compose.yml b/bbmri/modules/dnpm-compose.yml index 0175bf5..48d58de 100644 --- a/bbmri/modules/dnpm-compose.yml +++ b/bbmri/modules/dnpm-compose.yml @@ -23,7 +23,7 @@ services: dnpm-beam-connect: depends_on: [ dnpm-beam-proxy ] - image: docker.verbis.dkfz.de/cache/samply/beam-connect:sites-without-auth + image: docker.verbis.dkfz.de/cache/samply/beam-connect:dnpm container_name: bridgehead-dnpm-beam-connect environment: PROXY_URL: http://dnpm-beam-proxy:8081 diff --git a/bbmri/modules/dnpm-setup.sh b/bbmri/modules/dnpm-setup.sh index 4ece115..c8b003e 100644 --- a/bbmri/modules/dnpm-setup.sh +++ b/bbmri/modules/dnpm-setup.sh @@ -1,11 +1,11 @@ #!/bin/bash if [ -n "${ENABLE_DNPM}" ]; then - log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM." + log DEBUG "DNPM setup detected (Beam.Connect) -- will start Beam and Beam.Connect for DNPM." OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose.yml" # Set variables required for Beam-Connect - DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" + DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password for DNPM. It is not required to be secret.\" | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" DNPM_BROKER_ID="broker.dev.ccp-it.dktk.dkfz.de" DNPM_BROKER_URL="https://${DNPM_BROKER_ID}" diff --git a/bbmri/vars b/bbmri/vars index b5be616..21aeaec 100644 --- a/bbmri/vars +++ b/bbmri/vars @@ -8,7 +8,7 @@ PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem for module in $PROJECT/modules/*.sh do - log INFO "sourcing $module" + log DEBUG "sourcing $module" source $module done diff --git a/bridgehead b/bridgehead index 8d35708..b14d1d3 100755 --- a/bridgehead +++ b/bridgehead @@ -56,7 +56,7 @@ loadVars() { OVERRIDE=${OVERRIDE:=""} # minimal contains shared components, so potential overrides must be applied in every project if [ -f "minimal/docker-compose.override.yml" ]; then - log INFO "Applying minimal/docker-compose.override.yml" + log INFO "Applying Bridgehead common components override (minimal/docker-compose.override.yml)" OVERRIDE+=" -f ./minimal/docker-compose.override.yml" fi if [ -f "$PROJECT/docker-compose.override.yml" ]; then @@ -78,7 +78,7 @@ case "$ACTION" in ;; stop) loadVars - # HACK: This is tempoarily to properly shut down false bridgehead instances (bridgehead-ccp instead ccp) + # HACK: This is temporarily to properly shut down false bridgehead instances (bridgehead-ccp instead ccp) $COMPOSE -p bridgehead-$PROJECT -f ./minimal/docker-compose.yml -f ./$PROJECT/docker-compose.yml $OVERRIDE down exec $COMPOSE -f ./minimal/docker-compose.yml -f ./$PROJECT/docker-compose.yml $OVERRIDE down ;; diff --git a/ccp/modules/dnpm-compose.yml b/ccp/modules/dnpm-compose.yml index 2f523b9..a4ef1aa 100644 --- a/ccp/modules/dnpm-compose.yml +++ b/ccp/modules/dnpm-compose.yml @@ -8,7 +8,7 @@ services: dnpm-beam-connect: depends_on: [ beam-proxy ] - image: docker.verbis.dkfz.de/cache/samply/beam-connect:sites-without-auth + image: docker.verbis.dkfz.de/cache/samply/beam-connect:dnpm container_name: bridgehead-dnpm-beam-connect environment: PROXY_URL: http://beam-proxy:8081 diff --git a/ccp/modules/dnpm-setup.sh b/ccp/modules/dnpm-setup.sh index c9250cb..04659eb 100644 --- a/ccp/modules/dnpm-setup.sh +++ b/ccp/modules/dnpm-setup.sh @@ -1,10 +1,10 @@ #!/bin/bash if [ -n "${ENABLE_DNPM}" ]; then - log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM." + log DEBUG "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM." OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose.yml" # Set variables required for Beam-Connect - DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" + DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password for DNPM. It is not required to be secret.\" | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" fi diff --git a/ccp/vars b/ccp/vars index 2a295f4..a180d82 100644 --- a/ccp/vars +++ b/ccp/vars @@ -21,6 +21,6 @@ mtbaSetup for module in $PROJECT/modules/*.sh do - log INFO "sourcing $module" + log DEBUG "sourcing $module" source $module done diff --git a/minimal/modules/dnpm-compose.yml b/minimal/modules/dnpm-compose.yml index a2eb0b0..f320ead 100644 --- a/minimal/modules/dnpm-compose.yml +++ b/minimal/modules/dnpm-compose.yml @@ -23,7 +23,7 @@ services: dnpm-beam-connect: depends_on: [ dnpm-beam-proxy ] - image: docker.verbis.dkfz.de/cache/samply/beam-connect:sites-without-auth + image: docker.verbis.dkfz.de/cache/samply/beam-connect:dnpm container_name: bridgehead-dnpm-beam-connect environment: PROXY_URL: http://dnpm-beam-proxy:8081 diff --git a/minimal/modules/dnpm-setup.sh b/minimal/modules/dnpm-setup.sh index 4ece115..c8b003e 100644 --- a/minimal/modules/dnpm-setup.sh +++ b/minimal/modules/dnpm-setup.sh @@ -1,11 +1,11 @@ #!/bin/bash if [ -n "${ENABLE_DNPM}" ]; then - log INFO "DNPM setup detected (Beam.Connect) -- will start Beam.Connect for DNPM." + log DEBUG "DNPM setup detected (Beam.Connect) -- will start Beam and Beam.Connect for DNPM." OVERRIDE+=" -f ./$PROJECT/modules/dnpm-compose.yml" # Set variables required for Beam-Connect - DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" + DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password for DNPM. It is not required to be secret.\" | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" DNPM_BROKER_ID="broker.dev.ccp-it.dktk.dkfz.de" DNPM_BROKER_URL="https://${DNPM_BROKER_ID}" diff --git a/minimal/vars b/minimal/vars index acca503..fe661ed 100644 --- a/minimal/vars +++ b/minimal/vars @@ -1,5 +1,5 @@ for module in $PROJECT/modules/*.sh do - log INFO "sourcing $module" + log DEBUG "sourcing $module" source $module done From f02587d9fadb6e7349aacbaf64343022624e2dc3 Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Thu, 25 May 2023 11:20:18 +0000 Subject: [PATCH 19/24] Change DNPM broker id --- bbmri/modules/dnpm-setup.sh | 2 +- minimal/modules/dnpm-setup.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bbmri/modules/dnpm-setup.sh b/bbmri/modules/dnpm-setup.sh index c8b003e..7b3be9a 100644 --- a/bbmri/modules/dnpm-setup.sh +++ b/bbmri/modules/dnpm-setup.sh @@ -7,7 +7,7 @@ if [ -n "${ENABLE_DNPM}" ]; then # Set variables required for Beam-Connect DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password for DNPM. It is not required to be secret.\" | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" - DNPM_BROKER_ID="broker.dev.ccp-it.dktk.dkfz.de" + DNPM_BROKER_ID="broker.ccp-it.dktk.dkfz.de" DNPM_BROKER_URL="https://${DNPM_BROKER_ID}" DNPM_PROXY_ID="${SITE_ID}.${DNPM_BROKER_ID}" fi diff --git a/minimal/modules/dnpm-setup.sh b/minimal/modules/dnpm-setup.sh index c8b003e..7b3be9a 100644 --- a/minimal/modules/dnpm-setup.sh +++ b/minimal/modules/dnpm-setup.sh @@ -7,7 +7,7 @@ if [ -n "${ENABLE_DNPM}" ]; then # Set variables required for Beam-Connect DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password for DNPM. It is not required to be secret.\" | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" - DNPM_BROKER_ID="broker.dev.ccp-it.dktk.dkfz.de" + DNPM_BROKER_ID="broker.ccp-it.dktk.dkfz.de" DNPM_BROKER_URL="https://${DNPM_BROKER_ID}" DNPM_PROXY_ID="${SITE_ID}.${DNPM_BROKER_ID}" fi From b1ee2fa5f42b13e7b47eba837ca9d69cf23ccbdd Mon Sep 17 00:00:00 2001 From: Martin Lablans Date: Mon, 19 Jun 2023 13:25:22 +0200 Subject: [PATCH 20/24] New beam-proxy api key syntax --- bbmri/docker-compose.yml | 3 +-- ccp/docker-compose.yml | 6 ++---- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/bbmri/docker-compose.yml b/bbmri/docker-compose.yml index 07658f4..c37ff71 100644 --- a/bbmri/docker-compose.yml +++ b/bbmri/docker-compose.yml @@ -91,8 +91,7 @@ services: environment: BROKER_URL: ${BROKER_URL} PROXY_ID: ${PROXY_ID} - APP_0_ID: focus - APP_0_KEY: ${FOCUS_BEAM_SECRET_SHORT} + APP_focus_KEY: ${FOCUS_BEAM_SECRET_SHORT} PRIVKEY_FILE: /run/secrets/proxy.pem ALL_PROXY: http://forward_proxy:3128 TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs diff --git a/ccp/docker-compose.yml b/ccp/docker-compose.yml index bc462f7..ac104f8 100644 --- a/ccp/docker-compose.yml +++ b/ccp/docker-compose.yml @@ -92,10 +92,8 @@ services: environment: BROKER_URL: ${BROKER_URL} PROXY_ID: ${PROXY_ID} - APP_0_ID: focus - APP_0_KEY: ${FOCUS_BEAM_SECRET_SHORT} - APP_1_ID: report-hub - APP_1_KEY: ${REPORTHUB_BEAM_SECRET_SHORT} + APP_focus_KEY: ${FOCUS_BEAM_SECRET_SHORT} + APP_report-hub_KEY: ${REPORTHUB_BEAM_SECRET_SHORT} PRIVKEY_FILE: /run/secrets/proxy.pem ALL_PROXY: http://forward_proxy:3128 TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs From 2f20082d4c3a97efda7661023d93e3c3a48023f1 Mon Sep 17 00:00:00 2001 From: Martin Lablans Date: Mon, 19 Jun 2023 13:32:47 +0200 Subject: [PATCH 21/24] Change focus tag to main --- bbmri/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bbmri/docker-compose.yml b/bbmri/docker-compose.yml index 07658f4..e00ed67 100644 --- a/bbmri/docker-compose.yml +++ b/bbmri/docker-compose.yml @@ -72,7 +72,7 @@ services: - "traefik.http.routers.blaze_ccp.tls=true" focus: - image: docker.verbis.dkfz.de/cache/samply/focus:develop + image: docker.verbis.dkfz.de/cache/samply/focus:main container_name: bridgehead-focus environment: API_KEY: ${FOCUS_BEAM_SECRET_SHORT} From 23a500aae948bae2802dd9d55b8a28265aac3410 Mon Sep 17 00:00:00 2001 From: Martin Lablans Date: Mon, 19 Jun 2023 13:33:26 +0200 Subject: [PATCH 22/24] focus: Rename SECRET to API_KEY --- ccp/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ccp/docker-compose.yml b/ccp/docker-compose.yml index bc462f7..624766d 100644 --- a/ccp/docker-compose.yml +++ b/ccp/docker-compose.yml @@ -75,7 +75,7 @@ services: image: docker.verbis.dkfz.de/cache/samply/focus:main container_name: bridgehead-focus environment: - SECRET: ${FOCUS_BEAM_SECRET_SHORT} + API_KEY: ${FOCUS_BEAM_SECRET_SHORT} BEAM_APP_ID_LONG: focus.${PROXY_ID} PROXY_ID: ${PROXY_ID} BLAZE_URL: "http://bridgehead-ccp-blaze:8080/fhir/" From 12991e4796320e127833ae319c54467273ac4c63 Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Wed, 28 Jun 2023 11:16:15 +0200 Subject: [PATCH 23/24] Fix enrollment for minimal bh --- bridgehead | 17 ++++++++++++++++- minimal/vars | 1 + 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/bridgehead b/bridgehead index b14d1d3..9824e3b 100755 --- a/bridgehead +++ b/bridgehead @@ -105,7 +105,22 @@ case "$ACTION" in ;; enroll) loadVars - docker run --rm -ti -v /etc/bridgehead/pki:/etc/bridgehead/pki samply/beam-enroll:latest --output-file $PRIVATEKEYFILENAME --proxy-id $PROXY_ID --admin-email $SUPPORT_EMAIL + + MANUAL_PROXY_ID="${3:-$PROXY_ID}" + if [ -z "$MANUAL_PROXY_ID" ]; then + log ERROR "No Proxy ID set" + exit 1 + else + log INFO "Enrolling Beam Proxy Id $MANUAL_PROXY_ID" + fi + + if [ -z "$SUPPORT_EMAIL" ]; then + EMAIL_PARAM="" + else + EMAIL_PARAM="--admin-email $SUPPORT_EMAIL" + fi + + docker run --rm -ti -v /etc/bridgehead/pki:/etc/bridgehead/pki samply/beam-enroll:latest --output-file $PRIVATEKEYFILENAME --proxy-id $MANUAL_PROXY_ID $EMAIL_PARAM chmod 600 $PRIVATEKEYFILENAME ;; preRun | preUpdate) diff --git a/minimal/vars b/minimal/vars index fe661ed..11d07ff 100644 --- a/minimal/vars +++ b/minimal/vars @@ -3,3 +3,4 @@ do log DEBUG "sourcing $module" source $module done +PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem From f0d423fcf7944525566460c49cf0ba1e27ce9392 Mon Sep 17 00:00:00 2001 From: Tobias Kussel Date: Wed, 28 Jun 2023 11:48:47 +0200 Subject: [PATCH 24/24] Adapt to new beam app syntax --- bbmri/modules/dnpm-compose.yml | 3 +-- ccp/modules/dnpm-compose.yml | 4 +--- minimal/modules/dnpm-compose.yml | 3 +-- 3 files changed, 3 insertions(+), 7 deletions(-) diff --git a/bbmri/modules/dnpm-compose.yml b/bbmri/modules/dnpm-compose.yml index 48d58de..0cbc45f 100644 --- a/bbmri/modules/dnpm-compose.yml +++ b/bbmri/modules/dnpm-compose.yml @@ -7,8 +7,7 @@ services: environment: BROKER_URL: ${DNPM_BROKER_URL} PROXY_ID: ${DNPM_PROXY_ID} - APP_0_ID: dnpm-connect - APP_0_KEY: ${DNPM_BEAM_SECRET_SHORT} + APP_dnpm-connect_KEY: ${DNPM_BEAM_SECRET_SHORT} PRIVKEY_FILE: /run/secrets/proxy.pem ALL_PROXY: http://forward_proxy:3128 TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs diff --git a/ccp/modules/dnpm-compose.yml b/ccp/modules/dnpm-compose.yml index a4ef1aa..9286d32 100644 --- a/ccp/modules/dnpm-compose.yml +++ b/ccp/modules/dnpm-compose.yml @@ -3,9 +3,7 @@ version: "3.7" services: beam-proxy: environment: - APP_3_ID: dnpm-connect - APP_3_KEY: ${DNPM_BEAM_SECRET_SHORT} - + APP_dnpm-connect_KEY: ${DNPM_BEAM_SECRET_SHORT} dnpm-beam-connect: depends_on: [ beam-proxy ] image: docker.verbis.dkfz.de/cache/samply/beam-connect:dnpm diff --git a/minimal/modules/dnpm-compose.yml b/minimal/modules/dnpm-compose.yml index f320ead..276f5ff 100644 --- a/minimal/modules/dnpm-compose.yml +++ b/minimal/modules/dnpm-compose.yml @@ -7,8 +7,7 @@ services: environment: BROKER_URL: ${DNPM_BROKER_URL} PROXY_ID: ${DNPM_PROXY_ID} - APP_0_ID: dnpm-connect - APP_0_KEY: ${DNPM_BEAM_SECRET_SHORT} + APP_dnpm-connect_KEY: ${DNPM_BEAM_SECRET_SHORT} PRIVKEY_FILE: /run/secrets/proxy.pem ALL_PROXY: http://forward_proxy:3128 TLS_CA_CERTIFICATES_DIR: ./conf/trusted-ca-certs