samply
/
bridgehead
mirror of https://github.com/samply/bridgehead.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Adapt DNPM configuration

This commit is contained in:
Tobias Kussel 2023-05-15 13:43:01 +02:00
parent d87745443e
commit c9806ad874
6 changed files with 29 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
bbmri/modules/dnpm-compose-beamconnect.yml
View File

@ -5,10 +5,10 @@ services:
image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop
container_name: bridgehead-dnpm-beam-proxy container_name: bridgehead-dnpm-beam-proxy
environment: environment:
BROKER_URL: ${BROKER_URL} BROKER_URL: ${DNPM_BROKER_URL}
PROXY_ID: ${PROXY_ID} PROXY_ID: ${DNPM_PROXY_ID}
APP_3_ID: dnpm-connect APP_0_ID: dnpm-connect
APP_3_KEY: ${DNPM_BEAM_SECRET_SHORT} APP_0_KEY: ${DNPM_BEAM_SECRET_SHORT}
PRIVKEY_FILE: /run/secrets/proxy.pem PRIVKEY_FILE: /run/secrets/proxy.pem
ALL_PROXY: http://forward_proxy:3128 ALL_PROXY: http://forward_proxy:3128
TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs
@ -27,15 +27,16 @@ services:
environment: environment:
PROXY_URL: http://dnpm-beam-proxy:8081 PROXY_URL: http://dnpm-beam-proxy:8081
PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT}
APP_ID: dnpm-connect.${PROXY_ID} APP_ID: dnpm-connect.${DNPM_PROXY_ID}
DISCOVERY_URL: ${DNPM_DISCOVERY_URL} DISCOVERY_URL: "./conf/central_targets.json"
LOCAL_TARGETS_FILE: /conf/connect_targets.json LOCAL_TARGETS_FILE: "./conf/connect_targets.json"
HTTP_PROXY: http://forward_proxy:3128 HTTP_PROXY: http://forward_proxy:3128
HTTPS_PROXY: http://forward_proxy:3128 HTTPS_PROXY: http://forward_proxy:3128
NO_PROXY: dnpm-beam-proxy,dnpm-backend NO_PROXY: dnpm-beam-proxy,dnpm-backend
RUST_LOG: ${RUST_LOG:-info} RUST_LOG: ${RUST_LOG:-info}
volumes: volumes:
- /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro - /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro
- /etc/bridgehead/dnpm/central_targets.json:/conf/central_targets.json:ro
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)" - "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)"

4
bbmri/modules/dnpm-setup.sh
View File

@ -7,7 +7,9 @@ if [ -n "${ENABLE_DNPM}" ]; then
# Set variables required for Beam-Connect # Set variables required for Beam-Connect
DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
DNPM_DISCOVERY_URL="https://dnpm.medizin.uni-tuebingen.de/sites" DNPM_BROKER_ID="broker.dev.ccp-it.dktk.dkfz.de"
DNPM_BROKER_URL="https://${DNPM_BROKER_ID}"
DNPM_PROXY_ID="${SITE_ID}.${DNPM_BROKER_ID}"
# Optionally, start bwhc as well. This is currently only experimental # Optionally, start bwhc as well. This is currently only experimental
if [ -n "${ENABLE_DNPM_BWHC}" ]; then if [ -n "${ENABLE_DNPM_BWHC}" ]; then

9
ccp/modules/dnpm-compose-beamconnect.yml
View File

@ -13,14 +13,15 @@ services:
PROXY_URL: http://beam-proxy:8081 PROXY_URL: http://beam-proxy:8081
PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT}
APP_ID: dnpm-connect.${PROXY_ID} APP_ID: dnpm-connect.${PROXY_ID}
DISCOVERY_URL: ${DNPM_DISCOVERY_URL} DISCOVERY_URL: "./conf/central_targets.json"
LOCAL_TARGETS_FILE: /conf/connect_targets.json LOCAL_TARGETS_FILE: "./conf/connect_targets.json"
HTTP_PROXY: http://forward_proxy:3128 HTTP_PROXY: "http://forward_proxy:3128"
HTTPS_PROXY: http://forward_proxy:3128 HTTPS_PROXY: "http://forward_proxy:3128"
NO_PROXY: beam-proxy,dnpm-backend NO_PROXY: beam-proxy,dnpm-backend
RUST_LOG: ${RUST_LOG:-info} RUST_LOG: ${RUST_LOG:-info}
volumes: volumes:
- /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro - /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro
- /etc/bridgehead/dnpm/central_targets.json:/conf/central_targets.json:ro
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)" - "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)"

1
ccp/modules/dnpm-setup.sh
View File

@ -7,7 +7,6 @@ if [ -n "${ENABLE_DNPM}" ]; then
# Set variables required for Beam-Connect # Set variables required for Beam-Connect
DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
DNPM_DISCOVERY_URL="https://dnpm.medizin.uni-tuebingen.de/sites"
# Optionally, start bwhc as well. This is currently only experimental # Optionally, start bwhc as well. This is currently only experimental
if [ -n "${ENABLE_DNPM_BWHC}" ]; then if [ -n "${ENABLE_DNPM_BWHC}" ]; then

19
minimal/modules/dnpm-compose-beamconnect.yml
View File

@ -5,14 +5,14 @@ services:
image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop
container_name: bridgehead-dnpm-beam-proxy container_name: bridgehead-dnpm-beam-proxy
environment: environment:
BROKER_URL: ${BROKER_URL} BROKER_URL: ${DNPM_BROKER_URL}
PROXY_ID: ${PROXY_ID} PROXY_ID: ${DNPM_PROXY_ID}
APP_3_ID: dnpm-connect APP_0_ID: dnpm-connect
APP_3_KEY: ${DNPM_BEAM_SECRET_SHORT} APP_0_KEY: ${DNPM_BEAM_SECRET_SHORT}
PRIVKEY_FILE: /run/secrets/proxy.pem PRIVKEY_FILE: /run/secrets/proxy.pem
ALL_PROXY: http://forward_proxy:3128 ALL_PROXY: http://forward_proxy:3128
TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs TLS_CA_CERTIFICATES_DIR: ./conf/trusted-ca-certs
ROOTCERT_FILE: /conf/root.crt.pem ROOTCERT_FILE: ./conf/root.crt.pem
secrets: secrets:
- proxy.pem - proxy.pem
depends_on: depends_on:
@ -27,15 +27,16 @@ services:
environment: environment:
PROXY_URL: http://dnpm-beam-proxy:8081 PROXY_URL: http://dnpm-beam-proxy:8081
PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT} PROXY_APIKEY: ${DNPM_BEAM_SECRET_SHORT}
APP_ID: dnpm-connect.${PROXY_ID} APP_ID: dnpm-connect.${DNPM_PROXY_ID}
DISCOVERY_URL: ${DNPM_DISCOVERY_URL} DISCOVERY_URL: "./conf/central_targets.json"
LOCAL_TARGETS_FILE: /conf/connect_targets.json LOCAL_TARGETS_FILE: "./conf/connect_targets.json"
HTTP_PROXY: http://forward_proxy:3128 HTTP_PROXY: http://forward_proxy:3128
HTTPS_PROXY: http://forward_proxy:3128 HTTPS_PROXY: http://forward_proxy:3128
NO_PROXY: dnpm-beam-proxy,dnpm-backend NO_PROXY: dnpm-beam-proxy,dnpm-backend
RUST_LOG: ${RUST_LOG:-info} RUST_LOG: ${RUST_LOG:-info}
volumes: volumes:
- /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro - /etc/bridgehead/dnpm/local_targets.json:/conf/connect_targets.json:ro
- /etc/bridgehead/dnpm/central_targets.json:/conf/central_targets.json:ro
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)" - "traefik.http.routers.dnpm-connect.rule=PathPrefix(`/dnpm-connect`)"

4
minimal/modules/dnpm-setup.sh
View File

@ -7,7 +7,9 @@ if [ -n "${ENABLE_DNPM}" ]; then
# Set variables required for Beam-Connect # Set variables required for Beam-Connect
DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" DNPM_APPLICATION_SECRET="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" DNPM_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
DNPM_DISCOVERY_URL="https://dnpm.medizin.uni-tuebingen.de/sites" DNPM_BROKER_ID="broker.dev.ccp-it.dktk.dkfz.de"
DNPM_BROKER_URL="https://${DNPM_BROKER_ID}"
DNPM_PROXY_ID="${SITE_ID}.${DNPM_BROKER_ID}"
# Optionally, start bwhc as well. This is currently only experimental # Optionally, start bwhc as well. This is currently only experimental
if [ -n "${ENABLE_DNPM_BWHC}" ]; then if [ -n "${ENABLE_DNPM_BWHC}" ]; then