From cfa85067f00d946398e9ef93b97f5374197d6fb0 Mon Sep 17 00:00:00 2001
From: "p.delpy@dkfz-heidelberg.de"
Date: Thu, 25 Jul 2024 11:55:51 +0200
Subject: [PATCH] initialize develop; add itcc and cce
---
bridgehead | 6 ++++
cce/docker-compose.yml | 63 +++++++++++++++++++++++++++++++++++
cce/modules/lens-compose.yml | 28 ++++++++++++++++
cce/modules/lens-setup.sh | 6 ++++
cce/root.crt.pem | 20 +++++++++++
cce/vars | 14 ++++++++
itcc/docker-compose.yml | 63 +++++++++++++++++++++++++++++++++++
itcc/modules/lens-compose.yml | 28 ++++++++++++++++
itcc/modules/lens-setup.sh | 5 +++
itcc/root.crt.pem | 20 +++++++++++
itcc/vars | 14 ++++++++
lib/functions.sh | 2 +-
lib/prepare-system.sh | 6 ++++
13 files changed, 274 insertions(+), 1 deletion(-)
create mode 100644 cce/docker-compose.yml
create mode 100644 cce/modules/lens-compose.yml
create mode 100644 cce/modules/lens-setup.sh
create mode 100644 cce/root.crt.pem
create mode 100644 cce/vars
create mode 100644 itcc/docker-compose.yml
create mode 100644 itcc/modules/lens-compose.yml
create mode 100644 itcc/modules/lens-setup.sh
create mode 100644 itcc/root.crt.pem
create mode 100644 itcc/vars
diff --git a/bridgehead b/bridgehead
index 85593b0..702a351 100755
--- a/bridgehead
+++ b/bridgehead
@@ -32,6 +32,12 @@ case "$PROJECT" in
bbmri)
#nothing extra to do
;;
+ cce)
+ #nothing extra to do
+ ;;
+ itcc)
+ #nothing extra to do
+ ;;
minimal)
#nothing extra to do
;;
diff --git a/cce/docker-compose.yml b/cce/docker-compose.yml
new file mode 100644
index 0000000..13c5f38
--- /dev/null
+++ b/cce/docker-compose.yml
@@ -0,0 +1,63 @@
+version: "3.7"
+
+services:
+ blaze:
+ image: docker.verbis.dkfz.de/cache/samply/blaze:0.28
+ container_name: bridgehead-cce-blaze
+ environment:
+ BASE_URL: "http://bridgehead-cce-blaze:8080"
+ JAVA_TOOL_OPTIONS: "-Xmx${BLAZE_MEMORY_CAP:-4096}m"
+ DB_RESOURCE_CACHE_SIZE: ${BLAZE_RESOURCE_CACHE_CAP:-2500000}
+ DB_BLOCK_CACHE_SIZE: $BLAZE_MEMORY_CAP
+ ENFORCE_REFERENTIAL_INTEGRITY: "false"
+ volumes:
+ - "blaze-data:/app/data"
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.routers.blaze_cce.rule=PathPrefix(`/cce-localdatamanagement`)"
+ - "traefik.http.middlewares.cce_b_strip.stripprefix.prefixes=/cce-localdatamanagement"
+ - "traefik.http.services.blaze_cce.loadbalancer.server.port=8080"
+ - "traefik.http.routers.blaze_cce.middlewares=cce_b_strip,auth"
+ - "traefik.http.routers.blaze_cce.tls=true"
+
+ focus:
+ image: docker.verbis.dkfz.de/cache/samply/focus:${FOCUS_TAG}
+ container_name: bridgehead-focus
+ environment:
+ API_KEY: ${FOCUS_BEAM_SECRET_SHORT}
+ BEAM_APP_ID_LONG: focus.${PROXY_ID}
+ PROXY_ID: ${PROXY_ID}
+ BLAZE_URL: "http://bridgehead-cce-blaze:8080/fhir/"
+ BEAM_PROXY_URL: http://beam-proxy:8081
+ RETRY_COUNT: ${FOCUS_RETRY_COUNT}
+ EPSILON: 0.28
+ depends_on:
+ - "beam-proxy"
+ - "blaze"
+
+ beam-proxy:
+ image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop
+ container_name: bridgehead-beam-proxy
+ environment:
+ BROKER_URL: ${BROKER_URL}
+ PROXY_ID: ${PROXY_ID}
+ APP_focus_KEY: ${FOCUS_BEAM_SECRET_SHORT}
+ PRIVKEY_FILE: /run/secrets/proxy.pem
+ ALL_PROXY: http://forward_proxy:3128
+ TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs
+ ROOTCERT_FILE: /conf/root.crt.pem
+ secrets:
+ - proxy.pem
+ depends_on:
+ - "forward_proxy"
+ volumes:
+ - /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro
+ - /srv/docker/bridgehead/cce/root.crt.pem:/conf/root.crt.pem:ro
+
+
+volumes:
+ blaze-data:
+
+secrets:
+ proxy.pem:
+ file: /etc/bridgehead/pki/${SITE_ID}.priv.pem
diff --git a/cce/modules/lens-compose.yml b/cce/modules/lens-compose.yml
new file mode 100644
index 0000000..6575578
--- /dev/null
+++ b/cce/modules/lens-compose.yml
@@ -0,0 +1,28 @@
+version: "3.7"
+services:
+ landing:
+ container_name: lens_federated-search
+ image: docker.verbis.dkfz.de/ccp/lens:${SITE_ID}
+
+ spot:
+ image: docker.verbis.dkfz.de/ccp-private/central-spot
+ environment:
+ BEAM_SECRET: "${FOCUS_BEAM_SECRET_SHORT}"
+ BEAM_URL: http://beam-proxy:8081
+ BEAM_PROXY_ID: ${SITE_ID}
+ BEAM_BROKER_ID: ${BROKER_ID}
+ BEAM_APP_ID: "focus"
+ PROJECT_METADATA: "cce_supervisors"
+ depends_on:
+ - "beam-proxy"
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.services.spot.loadbalancer.server.port=8080"
+ - "traefik.http.middlewares.corsheaders2.headers.accesscontrolallowmethods=GET,OPTIONS,POST"
+ - "traefik.http.middlewares.corsheaders2.headers.accesscontrolalloworiginlist=https://${HOST}"
+ - "traefik.http.middlewares.corsheaders2.headers.accesscontrolallowcredentials=true"
+ - "traefik.http.middlewares.corsheaders2.headers.accesscontrolmaxage=-1"
+ - "traefik.http.routers.spot.rule=Host(`${HOST}`) && PathPrefix(`/backend`)"
+ - "traefik.http.middlewares.stripprefix_spot.stripprefix.prefixes=/backend"
+ - "traefik.http.routers.spot.tls=true"
+ - "traefik.http.routers.spot.middlewares=corsheaders2,stripprefix_spot"
diff --git a/cce/modules/lens-setup.sh b/cce/modules/lens-setup.sh
new file mode 100644
index 0000000..eb511b5
--- /dev/null
+++ b/cce/modules/lens-setup.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+if [ -n "$ENABLE_LENS" ];then
+ OVERRIDE+=" -f ./$PROJECT/modules/lens-compose.yml"
+fi
+}
\ No newline at end of file
diff --git a/cce/root.crt.pem b/cce/root.crt.pem
new file mode 100644
index 0000000..1f1265a
--- /dev/null
+++ b/cce/root.crt.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDNTCCAh2gAwIBAgIUW34NEb7bl0+Ywx+I1VKtY5vpAOowDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAxMLQnJva2VyLVJvb3QwHhcNMjQwMTIyMTMzNzEzWhcNMzQw
+MTE5MTMzNzQzWjAWMRQwEgYDVQQDEwtCcm9rZXItUm9vdDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAL5UegLXTlq3XRRj8LyFs3aF0tpRPVoW9RXp5kFI
+TnBvyO6qjNbMDT/xK+4iDtEX4QQUvsxAKxfXbe9i1jpdwjgH7JHaSGm2IjAiKLqO
+OXQQtguWwfNmmp96Ql13ArLj458YH08xMO/w2NFWGwB/hfARa4z/T0afFuc/tKJf
+XbGCG9xzJ9tmcG45QN8NChGhVvaTweNdVxGWlpHxmi0Mn8OM9CEuB7nPtTTiBuiu
+pRC2zVVmNjVp4ktkAqL7IHOz+/F5nhiz6tOika9oD3376Xj055lPznLcTQn2+4d7
+K7ZrBopCFxIQPjkgmYRLfPejbpdUjK1UVJw7hbWkqWqH7JMCAwEAAaN7MHkwDgYD
+VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFGjvRcaIP4HM
+poIguUAK9YL2n7fbMB8GA1UdIwQYMBaAFGjvRcaIP4HMpoIguUAK9YL2n7fbMBYG
+A1UdEQQPMA2CC0Jyb2tlci1Sb290MA0GCSqGSIb3DQEBCwUAA4IBAQCbzycJSaDm
+AXXNJqQ88djrKs5MDXS8RIjS/cu2ayuLaYDe+BzVmUXNA0Vt9nZGdaz63SLLcjpU
+fNSxBfKbwmf7s30AK8Cnfj9q4W/BlBeVizUHQsg1+RQpDIdMrRQrwkXv8mfLw+w5
+3oaXNW6W/8KpBp/H8TBZ6myl6jCbeR3T8EMXBwipMGop/1zkbF01i98Xpqmhx2+l
+n+80ofPsSspOo5XmgCZym8CD/m/oFHmjcvOfpOCvDh4PZ+i37pmbSlCYoMpla3u/
+7MJMP5lugfLBYNDN2p+V4KbHP/cApCDT5UWLOeAWjgiZQtHH5ilDeYqEc1oPjyJt
+Rtup0MTxSJtN
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/cce/vars b/cce/vars
new file mode 100644
index 0000000..b03403b
--- /dev/null
+++ b/cce/vars
@@ -0,0 +1,14 @@
+BROKER_ID=test-no-real-data.broker.samply.de
+BROKER_URL=https://${BROKER_ID}
+PROXY_ID=${SITE_ID}.${BROKER_ID}
+FOCUS_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
+FOCUS_RETRY_COUNT=${FOCUS_RETRY_COUNT:-64}
+SUPPORT_EMAIL=arturo.macias@dkfz-heidelberg.de
+PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem
+BROKER_URL_FOR_PREREQ=$BROKER_URL
+
+for module in $PROJECT/modules/*.sh
+do
+ log DEBUG "sourcing $module"
+ source $module
+done
diff --git a/itcc/docker-compose.yml b/itcc/docker-compose.yml
new file mode 100644
index 0000000..197f4c5
--- /dev/null
+++ b/itcc/docker-compose.yml
@@ -0,0 +1,63 @@
+version: "3.7"
+
+services:
+ blaze:
+ image: docker.verbis.dkfz.de/cache/samply/blaze:0.28
+ container_name: bridgehead-itcc-blaze
+ environment:
+ BASE_URL: "http://bridgehead-itcc-blaze:8080"
+ JAVA_TOOL_OPTIONS: "-Xmx${BLAZE_MEMORY_CAP:-4096}m"
+ DB_RESOURCE_CACHE_SIZE: ${BLAZE_RESOURCE_CACHE_CAP:-2500000}
+ DB_BLOCK_CACHE_SIZE: $BLAZE_MEMORY_CAP
+ ENFORCE_REFERENTIAL_INTEGRITY: "false"
+ volumes:
+ - "blaze-data:/app/data"
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.routers.blaze_itcc.rule=PathPrefix(`/itcc-localdatamanagement`)"
+ - "traefik.http.middlewares.itcc_b_strip.stripprefix.prefixes=/itcc-localdatamanagement"
+ - "traefik.http.services.blaze_itcc.loadbalancer.server.port=8080"
+ - "traefik.http.routers.blaze_itcc.middlewares=itcc_b_strip,auth"
+ - "traefik.http.routers.blaze_itcc.tls=true"
+
+ focus:
+ image: docker.verbis.dkfz.de/cache/samply/focus:${FOCUS_TAG}
+ container_name: bridgehead-focus
+ environment:
+ API_KEY: ${FOCUS_BEAM_SECRET_SHORT}
+ BEAM_APP_ID_LONG: focus.${PROXY_ID}
+ PROXY_ID: ${PROXY_ID}
+ BLAZE_URL: "http://bridgehead-itcc-blaze:8080/fhir/"
+ BEAM_PROXY_URL: http://beam-proxy:8081
+ RETRY_COUNT: ${FOCUS_RETRY_COUNT}
+ EPSILON: 0.28
+ depends_on:
+ - "beam-proxy"
+ - "blaze"
+
+ beam-proxy:
+ image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop
+ container_name: bridgehead-beam-proxy
+ environment:
+ BROKER_URL: ${BROKER_URL}
+ PROXY_ID: ${PROXY_ID}
+ APP_focus_KEY: ${FOCUS_BEAM_SECRET_SHORT}
+ PRIVKEY_FILE: /run/secrets/proxy.pem
+ ALL_PROXY: http://forward_proxy:3128
+ TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs
+ ROOTCERT_FILE: /conf/root.crt.pem
+ secrets:
+ - proxy.pem
+ depends_on:
+ - "forward_proxy"
+ volumes:
+ - /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro
+ - /srv/docker/bridgehead/itcc/root.crt.pem:/conf/root.crt.pem:ro
+
+
+volumes:
+ blaze-data:
+
+secrets:
+ proxy.pem:
+ file: /etc/bridgehead/pki/${SITE_ID}.priv.pem
diff --git a/itcc/modules/lens-compose.yml b/itcc/modules/lens-compose.yml
new file mode 100644
index 0000000..8593106
--- /dev/null
+++ b/itcc/modules/lens-compose.yml
@@ -0,0 +1,28 @@
+version: "3.7"
+services:
+ landing:
+ container_name: lens_federated-search
+ image: docker.verbis.dkfz.de/ccp/lens:${SITE_ID}
+
+ spot:
+ image: docker.verbis.dkfz.de/ccp-private/central-spot
+ environment:
+ BEAM_SECRET: "${FOCUS_BEAM_SECRET_SHORT}"
+ BEAM_URL: http://beam-proxy:8081
+ BEAM_PROXY_ID: ${SITE_ID}
+ BEAM_BROKER_ID: ${BROKER_ID}
+ BEAM_APP_ID: "focus"
+ PROJECT_METADATA: "dktk_supervisors"
+ depends_on:
+ - "beam-proxy"
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.services.spot.loadbalancer.server.port=8080"
+ - "traefik.http.middlewares.corsheaders2.headers.accesscontrolallowmethods=GET,OPTIONS,POST"
+ - "traefik.http.middlewares.corsheaders2.headers.accesscontrolalloworiginlist=https://${HOST}"
+ - "traefik.http.middlewares.corsheaders2.headers.accesscontrolallowcredentials=true"
+ - "traefik.http.middlewares.corsheaders2.headers.accesscontrolmaxage=-1"
+ - "traefik.http.routers.spot.rule=Host(`${HOST}`) && PathPrefix(`/backend`)"
+ - "traefik.http.middlewares.stripprefix_spot.stripprefix.prefixes=/backend"
+ - "traefik.http.routers.spot.tls=true"
+ - "traefik.http.routers.spot.middlewares=corsheaders2,stripprefix_spot"
diff --git a/itcc/modules/lens-setup.sh b/itcc/modules/lens-setup.sh
new file mode 100644
index 0000000..c19dc4b
--- /dev/null
+++ b/itcc/modules/lens-setup.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+if [ -n "$ENABLE_LENS" ];then
+ OVERRIDE+=" -f ./$PROJECT/modules/lens-compose.yml"
+fi
\ No newline at end of file
diff --git a/itcc/root.crt.pem b/itcc/root.crt.pem
new file mode 100644
index 0000000..1f1265a
--- /dev/null
+++ b/itcc/root.crt.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDNTCCAh2gAwIBAgIUW34NEb7bl0+Ywx+I1VKtY5vpAOowDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAxMLQnJva2VyLVJvb3QwHhcNMjQwMTIyMTMzNzEzWhcNMzQw
+MTE5MTMzNzQzWjAWMRQwEgYDVQQDEwtCcm9rZXItUm9vdDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAL5UegLXTlq3XRRj8LyFs3aF0tpRPVoW9RXp5kFI
+TnBvyO6qjNbMDT/xK+4iDtEX4QQUvsxAKxfXbe9i1jpdwjgH7JHaSGm2IjAiKLqO
+OXQQtguWwfNmmp96Ql13ArLj458YH08xMO/w2NFWGwB/hfARa4z/T0afFuc/tKJf
+XbGCG9xzJ9tmcG45QN8NChGhVvaTweNdVxGWlpHxmi0Mn8OM9CEuB7nPtTTiBuiu
+pRC2zVVmNjVp4ktkAqL7IHOz+/F5nhiz6tOika9oD3376Xj055lPznLcTQn2+4d7
+K7ZrBopCFxIQPjkgmYRLfPejbpdUjK1UVJw7hbWkqWqH7JMCAwEAAaN7MHkwDgYD
+VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFGjvRcaIP4HM
+poIguUAK9YL2n7fbMB8GA1UdIwQYMBaAFGjvRcaIP4HMpoIguUAK9YL2n7fbMBYG
+A1UdEQQPMA2CC0Jyb2tlci1Sb290MA0GCSqGSIb3DQEBCwUAA4IBAQCbzycJSaDm
+AXXNJqQ88djrKs5MDXS8RIjS/cu2ayuLaYDe+BzVmUXNA0Vt9nZGdaz63SLLcjpU
+fNSxBfKbwmf7s30AK8Cnfj9q4W/BlBeVizUHQsg1+RQpDIdMrRQrwkXv8mfLw+w5
+3oaXNW6W/8KpBp/H8TBZ6myl6jCbeR3T8EMXBwipMGop/1zkbF01i98Xpqmhx2+l
+n+80ofPsSspOo5XmgCZym8CD/m/oFHmjcvOfpOCvDh4PZ+i37pmbSlCYoMpla3u/
+7MJMP5lugfLBYNDN2p+V4KbHP/cApCDT5UWLOeAWjgiZQtHH5ilDeYqEc1oPjyJt
+Rtup0MTxSJtN
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/itcc/vars b/itcc/vars
new file mode 100644
index 0000000..7d0c1a3
--- /dev/null
+++ b/itcc/vars
@@ -0,0 +1,14 @@
+BROKER_ID=test-no-real-data.broker.samply.de
+BROKER_URL=https://${BROKER_ID}
+PROXY_ID=${SITE_ID}.${BROKER_ID}
+FOCUS_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
+FOCUS_RETRY_COUNT=${FOCUS_RETRY_COUNT:-64}
+SUPPORT_EMAIL=manoj.waikar@dkfz-heidelberg.de
+PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem
+BROKER_URL_FOR_PREREQ=$BROKER_URL
+
+for module in $PROJECT/modules/*.sh
+do
+ log DEBUG "sourcing $module"
+ source $module
+done
diff --git a/lib/functions.sh b/lib/functions.sh
index 5e69a04..dc5ec25 100644
--- a/lib/functions.sh
+++ b/lib/functions.sh
@@ -54,7 +54,7 @@ checkOwner(){
printUsage() {
echo "Usage: bridgehead start|stop|logs|docker-logs|is-running|update|install|uninstall|adduser|enroll PROJECTNAME"
- echo "PROJECTNAME should be one of ccp|bbmri"
+ echo "PROJECTNAME should be one of ccp|bbmri|cce|itcc"
}
checkRequirements() {
diff --git a/lib/prepare-system.sh b/lib/prepare-system.sh
index 156f7c8..f93b6f0 100755
--- a/lib/prepare-system.sh
+++ b/lib/prepare-system.sh
@@ -52,6 +52,12 @@ case "$PROJECT" in
bbmri)
site_configuration_repository_middle="git.verbis.dkfz.de/bbmri-bridgehead-configs/"
;;
+ cce)
+ site_configuration_repository_middle="git.verbis.dkfz.de/cce-sites/"
+ ;;
+ itcc)
+ site_configuration_repository_middle="git.verbis.dkfz.de/itcc-sites/"
+ ;;
minimal)
site_configuration_repository_middle="git.verbis.dkfz.de/minimal-bridgehead-configs/"
;;