refactor: Resorted environment and prepared special images for dktk

This commit is contained in:
Torben Brenner 2022-02-23 19:31:57 +01:00
parent 87f345ca31
commit ee61ac3a03
13 changed files with 138 additions and 985 deletions

View File

@ -7,21 +7,10 @@ volumes:
idmanager_logs: idmanager_logs:
store_db_data: store_db_data:
store_logs: store_logs:
secrets:
mainzelliste.docker.conf:
file: ../internal-configuration/mainzelliste.conf
magicpl.docker.xml:
file: ../internal-configuration/magicpl.xml
dktk_bridgehead_info.docker.xml:
file: ../internal-configuration/bridgehead-common.xml
centralSearchPublicKey:
file: ../internal-configuration/centralSearchPublicKey.der
proxy.docker.xml:
file: ../internal-configuration/proxy.xml
services: services:
traefik: traefik:
container_name: bridgehead_traefik container_name: traefik
image: traefik:2.4 image: traefik:2.4
command: command:
- --api.insecure=true - --api.insecure=true
@ -41,7 +30,7 @@ services:
- /var/run/docker.sock:/var/run/docker.sock:ro - /var/run/docker.sock:/var/run/docker.sock:ro
landing: landing:
container_name: bridgehead_landingpage container_name: landingpage
image: nginx:stable image: nginx:stable
volumes: volumes:
- ../landing/:/usr/share/nginx/html - ../landing/:/usr/share/nginx/html
@ -51,15 +40,12 @@ services:
- "traefik.http.services.landing.loadbalancer.server.port=80" - "traefik.http.services.landing.loadbalancer.server.port=80"
connector: connector:
container_name: bridgehead_c4_connector container_name: c4-connector
image: docker.verbis.dkfz.de/ccp/connector:3 image: "samply/share-client:c4-feature-environmentPreconfigurationTorben"
environment: environment:
STORE_URL: http://bridgehead_c4_store:8080 STORE_URL: http://store:8080
LDM_URL: http://bridgehead_c4_store:8080 LDM_URL: http://store:8080
POSTGRES_HOST: ${CONNECTOR_DB_HOST}
POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS} POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS}
NNGM_PASSWORD: ${NNGM_PASSWORD}
NNGM_MAINZELLISTE_APIKEY: ${NNGM_MAINZELLISTE_APIKEY}
volumes: volumes:
- "connector_logs:/usr/local/tomcat/logs" - "connector_logs:/usr/local/tomcat/logs"
labels: labels:
@ -67,53 +53,69 @@ services:
- "traefik.http.routers.c4_connector.rule=PathPrefix(`/c4-connector`)" - "traefik.http.routers.c4_connector.rule=PathPrefix(`/c4-connector`)"
- "traefik.http.services.c4_connector.loadbalancer.server.port=8080" - "traefik.http.services.c4_connector.loadbalancer.server.port=8080"
depends_on: depends_on:
- connector_db - connector-db
restart: always restart: always
env_file:
###TODO: Move into Image
- internal.env
connector_db: connector-db:
container_name: bridgehead_c4_connector_db container_name: connector-db
image: postgres:10.17 image: postgres:10.17
environment: environment:
POSTGRES_HOST: ${CONNECTOR_DB_HOST} POSTGRES_DB: "share_v2"
POSTGRES_USER: "samplyweb"
POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS} POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS}
volumes: volumes:
- "connector_db_data:/var/lib/postgresql/data" - "connector_db_data:/var/lib/postgresql/data"
restart: always restart: always
env_file:
###TODO: Move into Image
- internal.env
idmanager: idmanager:
container_name: bridgehead_idmanager container_name: idmanager
image: docker.verbis.dkfz.de/ccp/idmanager:deploy-c4 image: docker.verbis.dkfz.de/ccp/idmanager:bridgehead-develop
environment: environment:
TOMCAT_REVERSEPROXY_FQDN: ${HOST}/id-manager TOMCAT_REVERSEPROXY_FQDN: ${HOST}
MAGICPL_SITE: ${SITE}
MAGICPL_MAINZELLISTE_API_KEY: ${MAGICPL_MAINZELLISTE_API_KEY} MAGICPL_MAINZELLISTE_API_KEY: ${MAGICPL_MAINZELLISTE_API_KEY}
MAGICPL_API_KEY: ${MAGICPL_API_KEY} MAGICPL_API_KEY: ${MAGICPL_API_KEY}
MAGICPL_API_KEY_CONNECTOR: ${MAGICPL_API_KEY_CONNECTOR} MAGICPL_API_KEY_CONNECTOR: ${MAGICPL_API_KEY_CONNECTOR}
MAGICPL_PASSPHRASE: ${MAGICPL_PASSPHRASE}
MAGICPL_MAINZELLISTE_CENTRAL_API_KEY: ${MAGICPL_MAINZELLISTE_CENTRAL_API_KEY} MAGICPL_MAINZELLISTE_CENTRAL_API_KEY: ${MAGICPL_MAINZELLISTE_CENTRAL_API_KEY}
MAGICPL_CENTRAL_API_KEY: ${MAGICPL_CENTRAL_API_KEY} MAGICPL_CENTRAL_API_KEY: ${MAGICPL_CENTRAL_API_KEY}
MAGICPL_OIDC_CLIENT_ID: ${MAGICPL_OIDC_CLIENT_ID} MAGICPL_OIDC_CLIENT_ID: ${MAGICPL_OIDC_CLIENT_ID}
MAGICPL_OIDC_CLIENT_SECRET: ${MAGICPL_OIDC_CLIENT_SECRET} MAGICPL_OIDC_CLIENT_SECRET: ${MAGICPL_OIDC_CLIENT_SECRET}
volumes: volumes:
- "idmanager_logs:/usr/local/tomcat/logs" - "idmanager_logs:/usr/local/tomcat/logs"
secrets: depends_on:
- magicpl.docker.xml - patientlist
- dktk_bridgehead_info.docker.xml
- proxy.docker.xml
labels: labels:
- "traefik.http.routers.idmanager.rule=PathPrefix(`/id-manager`)" - "traefik.http.routers.idmanager.rule=PathPrefix(`/ID-Manager`)"
- "traefik.http.middlewares.idmanager_strip.stripprefix.prefixes=/id-mana\
ger"
- "traefik.http.routers.idmanager.middlewares=idmanager_strip"
- "traefik.http.services.idmanager.loadbalancer.server.port=8080" - "traefik.http.services.idmanager.loadbalancer.server.port=8080"
patientlist:
container_name: patientlist
image: docker.verbis.dkfz.de/ccp/patientlist:bridgehead-develop
environment:
ML_SITE: ${SITE}
ML_API_KEY: ${ML_API_KEY}
TOMCAT_REVERSEPROXY_FQDN: ${HOST}
env_file: env_file:
###TODO: Move into Image # TODO: Implement automatic seed generation in mainzelliste
- internal.env - ../site-config/patientlist.env
volumes:
- "patientlist_logs:/usr/local/tomcat/logs"
labels:
- "traefik.http.routers.patientlist.rule=PathPrefix(`/Patientlist`)"
- "traefik.http.services.patientlist.loadbalancer.server.port=8080"
depends_on:
- patientlist-db
patientlist-db:
container_name: patientlist-db
image: postgres:13.1-alpine
environment:
POSTGRES_DB: mainzelliste
POSTGRES_USER: mainzelliste
POSTGRES_PASSWORD: ${ML_DB_PASS}
TZ: "Europe/Berlin"
volumes:
- "patientlist_db_data:/var/lib/postgresql/data"
store: store:
container_name: bridgehead_c4_store container_name: bridgehead_c4_store

View File

@ -1,57 +0,0 @@
SITE=bridgehead_test
SITEID=BRIDGEHEAD_TEST
TOMCAT_REVERSEPROXY_FQDN=${HOST}/c4-connector
DEPLOYMENT_CONTEXT=c4-connector
CONNECTOR_SHARE_URL="http://${HOST}:8080"
CONNECTOR_ENABLE_METRICS=false
CONNECTOR_MONITOR_INTERVAL=
CONNECTOR_UPDATE_SERVER=
POSTGRES_PORT=5432
POSTGRES_DB=samply.connector
POSTGRES_USER=samply.connector
HTTP_PROXY_HOST=${PROXY_URL}
HTTP_PROXY_USER=
HTTP_PROXY_PASSWORD=
HTTPS_PROXY_HOST=${PROXY_URL}
HTTPS_PROXY_USER=
HTTPS_PROXY_PASSWORD=
HTTP_PROXY=${PROXY_URL}
HTTPS_PROXY=${PROXY_URL}
http_proxy=${PROXY_URL}
https_proxy=${PROXY_URL}
CCP_CENTRALSEARCH_URL=https://centralsearch-test.dktk.dkfz.de/
CENTRAL_SEARCH=https://centralsearch-test.dktk.dkfz.de/
CCP_DECENTRALSEARCH_URL=https://decentralsearch-test.ccp-it.dktk.dkfz.de/
DECENTRAL_SEARCH=https://decentralsearch-test.ccp-it.dktk.dkfz.de/
CCP_MDR_URL=https://mdr.ccp-it.dktk.dkfz.de/v3/api/mdr
MDR_URL=https://mdr.ccp-it.dktk.dkfz.de/v3/api/mdr
CCP_MONITOR_URL=
MONITOR_OPTOUT=
## nNGM
#NNGM_URL=http://bridgeheadstore:8080
#NNGM_PROFILE=http://uk-koeln.de/fhir/StructureDefinition/Patient/nNGM/pseudonymisiert
#NNGM_MAINZELLISTE_URL=https://test.verbis.dkfz.de/mpl
##MDR
MDR_NAMESPACE=adt,dktk,marker
#MDR_MAP=
MDR_VALIDATION=false
ML_DB_NAME=mainzelliste
ML_DB_PORT=5432
ML_DB_USER=mainzelliste
CENTRAL_CONTROL_NUMBER_GENERATPR_URL=http://e260-serv-03/central/api
GLOBAL_ID=DKTK
MAINZELLISTE_URL=https://patientlist-test.ccpit.dktk.dkfz.de/mainzelliste
NNGM_URL=https://test.anforderung.nngm.de/trial/nNGMv09/import-fb
NNGM_PROFILE=http://uk-koeln.de/fhir/StructureDefinition/Patient/nNGM/pseudonymisiert
NNGM_MAINZELLISTE_URL=https://test.verbis.dkfz.de/mpl

View File

@ -7,32 +7,16 @@ volumes:
idmanager_logs: idmanager_logs:
store_db_data: store_db_data:
store_logs: store_logs:
secrets:
mainzelliste.docker.conf:
file: ../internal-configuration/mainzelliste.conf
magicpl.docker.xml:
file: ../internal-configuration/magicpl.xml
dktk_bridgehead_info.docker.xml:
file: ../internal-configuration/bridgehead-common.xml
centralSearchPublicKey:
file: ../internal-configuration/centralSearchPublicKey.der
proxy.docker.xml:
file: ../internal-configuration/proxy.xml
services: services:
traefik: traefik:
container_name: bridgehead_traefik container_name: traefik
image: traefik:2.4 image: traefik:2.4
command: command:
- --api.insecure=true - --api.insecure=true
- --entrypoints.web.address=:80 - --entrypoints.web.address=:80
- --entrypoints.web-secure.address=:443 - --entrypoints.web-secure.address=:443
- --providers.docker=true - --providers.docker=true
environment:
http_proxy: ""
HTTP_PROXY: ""
https_proxy: ""
HTTPS_PROXY: ""
ports: ports:
- 80:80 - 80:80
- 443:443 - 443:443
@ -41,7 +25,7 @@ services:
- /var/run/docker.sock:/var/run/docker.sock:ro - /var/run/docker.sock:/var/run/docker.sock:ro
landing: landing:
container_name: bridgehead_landingpage container_name: landingpage
image: nginx:stable image: nginx:stable
volumes: volumes:
- ../landing/:/usr/share/nginx/html - ../landing/:/usr/share/nginx/html
@ -51,101 +35,94 @@ services:
- "traefik.http.services.landing.loadbalancer.server.port=80" - "traefik.http.services.landing.loadbalancer.server.port=80"
connector: connector:
container_name: bridgehead_dktk_connector image: "samply/share-client:dktk-feature-environmentPreconfigurationTorben"
image: "samply/share-client:dktk-7"
environment: environment:
TOMCAT_REVERSEPROXY_FQDN: ${HOST}/dktk-connector ID_MANAGER_APIKEY: ${MAGICPL_API_KEY_CONNECTOR}
DEPLOYMENT_CONTEXT: dktk-connector POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS}
STORE_URL: ${STORE_URL} HTTP_PROXY_USER: ${HTTP_PROXY_USER}
POSTGRES_HOST: ${CONNECTOR_DB_HOST} HTTP_PROXY_PASSWORD: ${HTTP_PROXY_PASSWORD}
POSTGRES_PASS: ${CONNECTOR_POSTGRES_PASS} HTTPS_PROXY_USER: ${HTTPS_PROXY_USER}
HTTPS_PROXY_PASSWORD: ${HTTPS_PROXY_PASSWORD}
env_file:
- ../site-config/dktk.env
# Necessary for the connector to successful check the status of other components on the same host
extra_hosts:
- "host.docker.internal:host-gateway"
- "${HOST}:${HOSTIP}"
volumes: volumes:
- "connector_logs:/usr/local/tomcat/logs" - "connector_logs:/usr/local/tomcat/logs"
depends_on: depends_on:
- connector_db - connector-db
restart: always restart: always
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.dktk_connector.rule=PathPrefix(`/dktk-connector`)" - "traefik.http.routers.dktk_connector.rule=PathPrefix(`/dktk-connector`)"
- "traefik.http.services.dktk_connector.loadbalancer.server.port=8080" - "traefik.http.services.dktk_connector.loadbalancer.server.port=8080"
env_file:
###TODO: Move into Image
- internal.env
connector_db: connector-db:
container_name: bridgehead_dktk_connector_db
image: postgres:10.17 image: postgres:10.17
environment: environment:
POSTGRES_HOST: ${CONNECTOR_DB_HOST} POSTGRES_DB: "share_v2"
POSTGRES_USER: "samplyweb"
POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS} POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS}
volumes: volumes:
- "connector_db_data:/var/lib/postgresql/data" - "connector_db_data:/var/lib/postgresql/data"
restart: always restart: always
env_file:
###TODO: Move into Image
- internal.env
idmanager: id-manager:
container_name: bridgehead_id-manager container_name: id-manager
image: docker.verbis.dkfz.de/pseudonymisierung/magicpl:release-0.2.0 image: docker.verbis.dkfz.de/ccp/idmanager:bridgehead-develop
environment: environment:
TOMCAT_REVERSEPROXY_FQDN: ${HOST} MAGICPL_SITE: ${SITE}
DEPLOYMENT_CONTEXT: id-manager
MAGICPL_SITE: ${SITEID}
MAGICPL_MAINZELLISTE_API_KEY: ${MAGICPL_MAINZELLISTE_API_KEY} MAGICPL_MAINZELLISTE_API_KEY: ${MAGICPL_MAINZELLISTE_API_KEY}
MAGICPL_API_KEY: ${MAGICPL_API_KEY} MAGICPL_API_KEY: ${MAGICPL_API_KEY}
MAGICPL_API_KEY_CONNECTOR: ${MAGICPL_API_KEY_CONNECTOR} MAGICPL_API_KEY_CONNECTOR: ${MAGICPL_API_KEY_CONNECTOR}
MAGICPL_PASSPHRASE: ${MAGICPL_PASSPHRASE}
MAGICPL_MAINZELLISTE_CENTRAL_API_KEY: ${MAGICPL_MAINZELLISTE_CENTRAL_API_KEY} MAGICPL_MAINZELLISTE_CENTRAL_API_KEY: ${MAGICPL_MAINZELLISTE_CENTRAL_API_KEY}
MAGICPL_CENTRAL_API_KEY: ${MAGICPL_CENTRAL_API_KEY} MAGICPL_CENTRAL_API_KEY: ${MAGICPL_CENTRAL_API_KEY}
MAGICPL_OIDC_CLIENT_ID: ${MAGICPL_OIDC_CLIENT_ID} MAGICPL_OIDC_CLIENT_ID: ${MAGICPL_OIDC_CLIENT_ID}
MAGICPL_OIDC_CLIENT_SECRET: ${MAGICPL_OIDC_CLIENT_SECRET} MAGICPL_OIDC_CLIENT_SECRET: ${MAGICPL_OIDC_CLIENT_SECRET}
TZ: Europe/Berlin TOMCAT_REVERSEPROXY_FQDN: "${PROTOCOL}://${HOST}:${PORT}"
HTTP_PROXY_USER: ${HTTP_PROXY_USER}
HTTP_PROXY_PASSWORD: ${HTTP_PROXY_PASSWORD}
HTTPS_PROXY_USER: ${HTTPS_PROXY_USER}
HTTPS_PROXY_PASSWORD: ${HTTPS_PROXY_PASSWORD}
env_file:
- ../site-config/dktk.env
volumes: volumes:
- "idmanager_logs:/usr/local/tomcat/logs" - "idmanager_logs:/usr/local/tomcat/logs"
secrets:
- magicpl.docker.xml
- dktk_bridgehead_info.docker.xml
- proxy.docker.xml
depends_on: depends_on:
- patientlist - patientlist
labels: labels:
- "traefik.http.routers.idmanager.rule=PathPrefix(`/id-manager`)" - "traefik.http.routers.id-manager.rule=PathPrefix(`/ID-Manager`)"
- "traefik.http.services.idmanager.loadbalancer.server.port=8080" - "traefik.http.services.id-manager.loadbalancer.server.port=8080"
env_file:
###TODO: Move into Image
- internal.env
patientlist: patientlist:
container_name: bridgehead_patientlist container_name: patientlist
image: medicalinformatics/mainzelliste:develop image: docker.verbis.dkfz.de/ccp/patientlist:bridgehead-develop
environment: environment:
ML_SITE: ${SITE}
ML_API_KEY: ${MAGICPL_MAINZELLISTE_API_KEY}
ML_DB_PASS: ${ML_DB_PASS} ML_DB_PASS: ${ML_DB_PASS}
ML_API_KEY: ${ML_API_KEY} TOMCAT_REVERSEPROXY_FQDN: "${PROTOCOL}://${HOST}:${PORT}"
ML_SITE: ${SITEID}
TOMCAT_REVERSEPROXY_FQDN: ${HOST}
DEPLOYMENT_CONTEXT: patientlist
env_file: env_file:
- ../site-config/dktk.env
# TODO: Implement automatic seed generation in mainzelliste
- ../site-config/patientlist.env - ../site-config/patientlist.env
- internal.env
volumes: volumes:
- "patientlist_logs:/usr/local/tomcat/logs" - "patientlist_logs:/usr/local/tomcat/logs"
secrets:
- mainzelliste.docker.conf
- centralSearchPublicKey
labels: labels:
- "traefik.http.routers.patientlist.rule=PathPrefix(`/patientlist`)" - "traefik.http.routers.patientlist.rule=PathPrefix(`/Patientlist`)"
- "traefik.http.services.patientlist.loadbalancer.server.port=8080" - "traefik.http.services.patientlist.loadbalancer.server.port=8080"
depends_on: depends_on:
- patientlist_db - patientlist-db
patientlist_db: patientlist-db:
container_name: bridgehead_dktk_patientlist_db container_name: patientlist-db
image: postgres:13.1-alpine image: postgres:13.1-alpine
environment: environment:
POSTGRES_DB: mainzelliste
POSTGRES_USER: mainzelliste
POSTGRES_PASSWORD: ${ML_DB_PASS} POSTGRES_PASSWORD: ${ML_DB_PASS}
TZ: "Europe/Berlin"
volumes: volumes:
- "patientlist_db_data:/var/lib/postgresql/data" - "patientlist_db_data:/var/lib/postgresql/data"
env_file:
###TODO: Move into Image
- internal.env

View File

@ -1,56 +0,0 @@
CONNECTOR_SHARE_URL="http://${HOST}:8080"
CONNECTOR_ENABLE_METRICS=false
CONNECTOR_MONITOR_INTERVAL=
CONNECTOR_UPDATE_SERVER=
POSTGRES_PORT=5432
POSTGRES_DB=samply.connector
POSTGRES_USER=samply.connector
HTTP_PROXY_HOST=${PROXY_URL}
HTTP_PROXY_USER=
HTTP_PROXY_PASSWORD=
HTTPS_PROXY_HOST=${PROXY_URL}
HTTPS_PROXY_USER=
HTTPS_PROXY_PASSWORD=
HTTP_PROXY=${PROXY_URL}
HTTPS_PROXY=${PROXY_URL}
http_proxy=${PROXY_URL}
https_proxy=${PROXY_URL}
CCP_CENTRALSEARCH_URL=https://centralsearch-test.dktk.dkfz.de/
CCP_DECENTRALSEARCH_URL=https://decentralsearch-test.ccp-it.dktk.dkfz.de/
CCP_MDR_URL=https://mdr.ccp-it.dktk.dkfz.de/v3/api/mdr
CCP_MONITOR_URL=
MONITOR_OPTOUT=
## nNGM
#NNGM_URL=http://bridgeheadstore:8080
#NNGM_PROFILE=http://uk-koeln.de/fhir/StructureDefinition/Patient/nNGM/pseudonymisiert
#NNGM_MAINZELLISTE_URL=https://test.verbis.dkfz.de/mpl
##MDR
MDR_NAMESPACE=adt,dktk,marker
#MDR_MAP=
MDR_VALIDATION=false
ML_DB_HOST=bridgehead_dktk_patientlist_db
ML_DB_NAME=samply.connector
ML_DB_PORT=5432
ML_DB_USER=samply.connector
CENTRAL_CONTROL_NUMBER_GENERATPR_URL=http://e260-serv-03/central/api
GLOBAL_ID=DKTK
MAINZELLISTE_URL=https://patientlist-test.ccpit.dktk.dkfz.de/mainzelliste
ML_DB_DRIVER=org.postgresql.Driver
ML_DB_TYPE=postgresql
ML_LOG_LEVEL=warning
TZ=Europe/Berlin
MAGICPL_LOG_LEVEL=info
MAGICPL_MAINZELLISTE_URL=http://patientlist:8080/patientlist
MAGICPL_MAINZELLISTE_CENTRAL_URL=http://e260-serv-03/central/mainzelliste
MAGICPL_CENTRAL_URL=http://e260-serv-03/central/api
MAGICPL_OIDC_PROVIDER=https://auth-test.ccp-it.dktk.dkfz.de

View File

@ -8,7 +8,7 @@ volumes:
services: services:
traefik: traefik:
container_name: bridgehead_traefik container_name: traefik
image: traefik:2.4 image: traefik:2.4
command: command:
- --api.insecure=true - --api.insecure=true
@ -28,7 +28,7 @@ services:
- /var/run/docker.sock:/var/run/docker.sock:ro - /var/run/docker.sock:/var/run/docker.sock:ro
landing: landing:
container_name: bridgehead_landingpage container_name: landingpage
image: nginx:stable image: nginx:stable
volumes: volumes:
- ../landing/:/usr/share/nginx/html - ../landing/:/usr/share/nginx/html
@ -56,8 +56,8 @@ services:
restart: "always" restart: "always"
connector: connector:
container_name: "bridgehead_gbn_connector" container_name: connector
image: "samply/share-client:gbn-7" image: "samply/share-client:gbn-feature-environmentPreconfigurationTorben"
environment: environment:
POSTGRES_HOST: "bridgehead_gbn_connector_db" POSTGRES_HOST: "bridgehead_gbn_connector_db"
POSTGRES_PASS: ${CONNECTOR_POSTGRES_PASS} POSTGRES_PASS: ${CONNECTOR_POSTGRES_PASS}

View File

@ -1,28 +0,0 @@
POSTGRES_DB=samply.connector
POSTGRES_USER=samply
QUERY_LANGUAGE=CQL
CONNECTOR_SHARE_URL="http://${HOST}:8080"
MDR_URL="https://mdr.germanbiobanknode.de/v3/api/mdr"
MONITOR_URL=https://ccpit.dktk.dkfz.de/dktk.monitor/rest/info
no_proxy=bridgehead_gbn_connector,bridgehead_gbn_blaze_store,bridgehead_gbn_connector_db
TOMCAT_REVERSEPROXY_FQDN=${HOST}/gbn-connector
DEPLOYMENT_CONTEXT=gbn-connector
CONNECTOR_MONITOR_INTERVAL=
CONNECTOR_UPDATE_SERVER=
feature_BBMRI_DIRECTORY_SYNC=false
feature_DKTK_CENTRAL_SEARCH=false
feature_NNGM_CTS=false
LOG_LEVEL=info
HTTP_PROXY_HOST=${PROXY_URL}
HTTP_PROXY_USER=
HTTP_PROXY_PASSWORD=
HTTPS_PROXY_HOST=${PROXY_URL}
HTTPS_PROXY_USER=
HTTPS_PROXY_PASSWORD=
HTTP_PROXY=${PROXY_URL}
HTTPS_PROXY=${PROXY_URL}
http_proxy=${PROXY_URL}
https_proxy=${PROXY_URL}
CONNECTOR_ENABLE_METRICS=false

40
init-dev-environment.sh Executable file
View File

@ -0,0 +1,40 @@
#!/bin/bash
### This configuration file is intended for fast setup of a developers testenvironment.
### The settings made here are normally placed in the system units configuration.
### Refer to the readme on how to do this.
### On long term we want to move those to a zero knowledge passwort manager like bitwarden.
### Configuration for Network Properties
# needed by the connector to resolve hosts address for ui-links and service status checks
export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}');
# needed for the reverse proxy configuration of the services
export HOST=$(hostname)
# additional information about the local proxy if necessary
export HTTP_PROXY_USER=""
export HTTP_PROXY_PASSWORD=""
export HTTPS_PROXY_USER=""
export HTTPS_PROXY_PASSWORD=""
### Configuration for Connector Secrets
# the password of database connector-db
export CONNECTOR_POSTGRES_PASS=pleaseChangeThis1
### Configuration for ID-Management Secrets
# the password of database patientlist-db
export ML_DB_PASS=pleaseChangeThis2
# the apikey of the localdatamanagement for the patientlist
export MAGICPL_API_KEY=pleaseChangeThis3
# the apikey of the id-manager for the patientlist
export MAGICPL_MAINZELLISTE_API_KEY=pleaseChangeThis4
# the apikey of the connector for the patientlist
export MAGICPL_API_KEY_CONNECTOR=pleaseChangeThis5
# the apikey of the id-manager for the central patientlist
export MAGICPL_MAINZELLISTE_CENTRAL_API_KEY=dktk[CentralS3cr3tKey]KNE;
# the apikey of the id-manager for the controlnumbergenerator
export MAGICPL_CENTRAL_API_KEY=dguQJ5IoqUrxCF8fNl6fOl2YvsZAVB1Y;
# client-id used for autheticating users in central ccp-authentication service
export MAGICPL_OIDC_CLIENT_ID=bridgehead-developers;
# client-secret used for autheticating users in central ccp-authentication service
export MAGICPL_OIDC_CLIENT_SECRET=1de49kn2j36qom15n7vkrve0g7pgh1f5p7v945pkl2hesak74bgek657tgi6or1hu5ji3m9lfrbhfa0g3haq18ebe205al4uoig9ii5;

View File

@ -1,13 +0,0 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<bridgehead xmlns="http://schema.samply.de/config/BridgeheadInfo">
<!-- NOTE: This file is only used in magicpl -->
<name>Brückenkopf</name>
<longname>DKTK Brückenkopf Teststandort</longname>
<dktkid>MAGICPL_SITE</dktkid>
<monitor>NOT_USED</monitor>
<interval>string</interval>
<centralsearch>NOT_USED</centralsearch>
<decentralsearch>NOT_USED</decentralsearch>
<updateserver>string</updateserver>
<queryLanguage>QUERY</queryLanguage>
</bridgehead>

View File

@ -1,444 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pathconfig [
<!ENTITY localPatientListUrl "MAGICPL_MAINZELLISTE_URL">
<!ENTITY localPatientlistApiKey "MAGICPL_MAINZELLISTE_API_KEY">
<!ENTITY magicplApiKey "MAGICPL_API_KEY">
<!ENTITY magicplApiKeyConnector "MAGICPL_API_KEY_CONNECTOR">
<!ENTITY centralPatientListUrl "MAGICPL_MAINZELLISTE_CENTRAL_URL">
<!ENTITY centralPatientListApiKey "MAGICPL_MAINZELLISTE_CENTRAL_API_KEY">
<!ENTITY centralKNEUrl "MAGICPL_CENTRAL_URL">
<!ENTITY centralKNEApiKey "MAGICPL_CENTRAL_API_KEY">
<!ENTITY site "MAGICPL_SITE">
]>
<pathconfig xmlns="http://www.example.org/Pfade" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.example.org/Pfade magicpl.xsd ">
<paths>
<multipath>
<name>getId</name>
<input>
<iorecord ref="IDAT" name="IDAT"/>
<iosingle ref="extIDs" name="extIDs"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="consented" name="consented"/>
<iosingle ref="auditTrail" name="auditTrail"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<step>
<name>getRequestedId</name>
<parameters/>
<input>
<iorecord ref="IDAT" name="IDAT"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="consented" name="consented"/>
<iosingle ref="auditTrail" name="auditTrail"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<switch>
<evaluator name="de.pseudonymisierung.magicpl.evaluator.IsConsentedEvaluator">
<parameters>
<parameter name="key">consented</parameter>
</parameters>
</evaluator>
<!-- eventuell muss hier andere unterscheidung genommen werden -->
<case value="true">
<multipath>
<name>getDktkIdWithIdat</name>
<parameters/>
<input>
<iorecord ref="IDAT"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="extIDs" name="extIDs"/>
<iosingle ref="consented"/>
<iosingle ref="auditTrail" name="auditTrail"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<step>
<name>getIdToken</name>
<parameters>
<!-- Hier war lokale Pfade URL angegeben, es soll aber eigentlich zentraler KNE aufgerufen werden -->
<parameter name="url">&centralKNEUrl;/paths/getIdToken</parameter>
<parameter name="method">POST</parameter>
<parameter name="apiKey">&centralKNEApiKey;</parameter>
<parameter name="excludeIdTypes">BK_&site;_L-ID</parameter>
<parameter name="excludeIDAT">locallyUniqueId</parameter>
</parameters>
<input>
<iorecord ref="IDAT" name="IDAT"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="tokenId"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.PathClient</implementation>
</step>
<step>
<name>getDktkId</name>
<parameters>
<parameter name="mainzellisteURL">&centralPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&centralPatientListApiKey;</parameter>
<parameter name="mainzellisteApiVersion">3.2</parameter>
</parameters>
<input>
<iosingle ref="tokenId"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteClient</implementation>
</step>
<step>
<name>mapIdStringToExternalId</name>
<parameters>
<parameter name="map">ids->extIDs</parameter>
</parameters>
<input>
<iosingle ref="ids" name="ids"/>
</input>
<output>
<iosingle ref="extIDs" name="extIDs"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.InputMapperProcessor</implementation>
</step>
<step>
<name>getLocalTKTExternalId</name>
<parameters>
<parameter name="mainzellisteURL">&localPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&localPatientlistApiKey;</parameter>
<parameter name="fieldType">plain</parameter>
</parameters>
<input>
<iorecord ref="IDAT" name="IDAT"/>
<iosingle ref="extIDs" name="extIDs"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="tokenId"/>
</output>
<!-- TODO: Implementation für Ticket Erzeugung ohne Kontrolnummer -->
<!-- Wird hier eine neue Klasse benötigt oder kann diese hier entsprechend angepasst werden? -->
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteKNTicketClient</implementation>
</step>
<step>
<name>generateLocalIdExternalId</name>
<parameters>
<parameter name="mainzellisteURL">&localPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&localPatientlistApiKey;</parameter>
<parameter name="mainzellisteApiVersion">3.2</parameter>
<parameter name="idType">BK_&site;_L-ID</parameter>
</parameters>
<input>
<iosingle ref="tokenId"/>
<iosingle ref="extIDs" name="extIDs"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteClient</implementation>
</step>
</multipath>
</case>
<case value="false">
<multipath>
<name>getLocalIdWithIDAT</name>
<input>
<iorecord ref="IDAT" name="IDAT"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="auditTrail" name="auditTrail"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<step>
<name>getTKT</name>
<parameters>
<parameter name="mainzellisteURL">&localPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&localPatientlistApiKey;</parameter>
<parameter name="fieldType">plain</parameter>
</parameters>
<input>
<iorecord ref="IDAT" name="IDAT"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="tokenId"/>
</output>
<!-- Wird hier eine neue Klasse benötigt oder kann diese hier entsprechend angepasst werden? -->
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteKNTicketClient</implementation>
</step>
<step>
<name>generateLocalId</name>
<parameters>
<parameter name="mainzellisteURL">&localPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&localPatientlistApiKey;</parameter>
<parameter name="mainzellisteApiVersion">3.2</parameter>
<parameter name="idType">BK_&site;_L-ID</parameter>
</parameters>
<input>
<iosingle ref="tokenId"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteClient</implementation>
</step>
</multipath>
</case>
</switch>
</step>
</multipath>
<multipath>
<name>readPatients</name>
<input>
<iosingle ref="searchIds" name="searchIds"/>
<iosingle ref="resultIds" name="resultIds"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="patients" name="patients"/>
</output>
<step>
<name>DecideLocalOrCentralRequest</name>
<input>
<iosingle ref="searchIds" name="searchIds"/>
<iosingle ref="resultIds" name="resultIds"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="patients" name="patients"/>
</output>
<switch>
<evaluator name="de.pseudonymisierung.magicpl.evaluator.RegexEvaluator">
<parameters>
<parameter name="regex">MDS_\*_G-ID</parameter>
<parameter name="fieldName">resultIds</parameter>
</parameters>
</evaluator>
<case value="true">
<multipath>
<name>readPatientsCentrally</name>
<input>
<iosingle ref="searchIds" name="searchIds"/>
<iosingle ref="resultIds" name="resultIds"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="patients" name="patients"/>
</output>
<step>
<name>createReadTokenCentral</name>
<parameters>
<parameter name="mainzellisteURL">&centralPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&centralPatientListApiKey;</parameter>
<parameter name="ignoredIdTypeCheck">true</parameter>
</parameters>
<input>
<iosingle ref="searchIds" name="searchIds"/>
<iosingle ref="resultIds" name="resultIds"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="tokenId"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteReadTokenClient</implementation>
</step>
<step>
<name>resolveReadTokenCentral</name>
<parameters>
<parameter name="mainzellisteURL">&centralPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&centralPatientListApiKey;</parameter>
</parameters>
<input>
<iosingle ref="tokenId"/>
</input>
<output>
<iosingle ref="patients"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteReadClient</implementation>
</step>
</multipath>
</case>
<case value="false">
<multipath>
<name>readPatientsLocally</name>
<input>
<iosingle ref="searchIds" name="searchIds"/>
<iosingle ref="resultIds" name="resultIds"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="patients" name="patients"/>
</output>
<step>
<name>createReadToken</name>
<parameters>
<parameter name="mainzellisteURL">&localPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&localPatientlistApiKey;</parameter>
<parameter name="ignoredIdTypeCheck">true</parameter>
</parameters>
<input>
<iosingle ref="searchIds" name="searchIds"/>
<iosingle ref="resultIds" name="resultIds"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="tokenId"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteReadTokenClient</implementation>
</step>
<step>
<name>resolveReadToken</name>
<parameters>
<parameter name="mainzellisteURL">&localPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&localPatientlistApiKey;</parameter>
</parameters>
<input>
<iosingle ref="tokenId"/>
</input>
<output>
<iosingle ref="patients"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteReadClient</implementation>
</step>
</multipath>
</case>
</switch>
</step>
</multipath>
</paths>
<iodefinitions>
<iorecord name="IDAT">
<iosingle name="Vorname"/>
<iosingle name="Nachname"/>
<iosingle name="Fruehere_Namen"/>
<iosingle name="Geburtstag"/>
<iosingle name="Geburtsmonat"/>
<iosingle name="Geburtsjahr"/>
<iosingle name="Staatsangehoerigkeit"/>
<iosingle name="Geschlecht"/>
<!-- external id which will be inputed into paths -->
<iosingle name="locallyUniqueId"/>
</iorecord>
<iosingle name="idTypes" type="ArrayList"/>
<iosingle name="ids"/>
<!-- iosingle for external Ids which will be transferred between two steps -->
<iosingle name="extIDs"/>
<iosingle name="consented"/>
<iosingle name="tokenId"/>
<iosingle name="auditTrail"/>
<iosingle name="searchIds"/>
<iosingle name="resultIds"/>
<iosingle name="patients"/>
<iosingle name="sureness"/>
</iodefinitions>
<authentication>
<client>
<permissions>getId</permissions>
<restrictions>
<restriction path="getId">
<inputRestriction input="idTypes">
<permissibleValues>
<value>DKTK000001950_&site;_L-ID</value>
<value>DKTK000001950_&site;_G-ID</value>
</permissibleValues>
</inputRestriction>
</restriction>
</restrictions>
<roles>DKTK000001950_USER</roles>
</client>
<client>
<permissions>getId</permissions>
<restrictions>
<restriction path="getId">
<inputRestriction input="idTypes">
<permissibleValues>
<value>DKTK000001951_&site;_L-ID</value>
<value>DKTK000001951_&site;_G-ID</value>
</permissibleValues>
</inputRestriction>
</restriction>
</restrictions>
<roles>DKTK000001951_USER</roles>
</client>
<client>
<permissions>getId</permissions>
<restrictions>
<restriction path="getId">
<inputRestriction input="idTypes">
<permissibleValues>
<value>DKTK000001985_&site;_L-ID</value>
<value>DKTK000001985_&site;_G-ID</value>
</permissibleValues>
</inputRestriction>
</restriction>
</restrictions>
<roles>DKTK000001985_USER</roles>
</client>
<client>
<permissions>getId</permissions>
<restrictions>
<restriction path="getId">
<inputRestriction input="idTypes">
<permissibleValues>
<value>DKTK000001986_&site;_L-ID</value>
<value>DKTK000001986_&site;_G-ID</value>
</permissibleValues>
</inputRestriction>
</restriction>
</restrictions>
<roles>DKTK000001986_USER</roles>
</client>
<client>
<permissions>getId</permissions>
<restrictions>
<restriction path="getId">
<inputRestriction input="idTypes">
<permissibleValues>
<value>DKTK999999999_&site;_L-ID</value>
<value>DKTK999999999_&site;_G-ID</value>
</permissibleValues>
</inputRestriction>
</restriction>
</restrictions>
<roles>DKTK999999999_USER</roles>
</client>
<client>
<permissions>getId</permissions>
<restrictions>
<restriction path="getId">
<inputRestriction input="idTypes">
<permissibleValues>
<value>DKTK000002089_&site;_L-ID</value>
<value>DKTK000002089_&site;_G-ID</value>
</permissibleValues>
</inputRestriction>
</restriction>
</restrictions>
<roles>DKTK000002089_USER</roles>
</client>
<client>
<permissions>getId</permissions>
<apiKey>&magicplApiKey;</apiKey>
</client>
<client>
<permissions>readPatients</permissions>
<apiKey>&magicplApiKeyConnector;</apiKey>
</client>
</authentication>
</pathconfig>

View File

@ -1,227 +0,0 @@
# For a comprehensive documentation of configuration parameters see the configuration manual
# ("Konfigurationshandbuch").
# debug mode: If set to true, token handling is disabled (i.e. no tokens are necessary).
debug = false
# Name of this mainzelliste distribution instance.
dist = Lokale Patientenliste der CCP-IT am Standort ML_SITE
# Database setup
db.driver = ML_DB_DRIVER
db.url = jdbc:ML_DB_TYPE://ML_DB_HOST:ML_DB_PORT/ML_DB_NAME
db.username = ML_DB_USER
db.password = ML_DB_PASS
# Logging
# By default, logs are written to stdout
gcp.audittrail = true
# Field definitions
field.Vorname.type = PlainTextField
field.Nachname.type = PlainTextField
field.Fruehere_Namen.type = PlainTextField
field.Geburtstag.type = IntegerField
field.Geburtsmonat.type = IntegerField
field.Geburtsjahr.type = IntegerField
field.Staatsangehoerigkeit.type = PlainTextField
field.Geschlecht.type = PlainTextField
field.locallyUniqueId.type = PlainTextField
# Server-side validation
validator.field.Vorname.required = true
validator.field.Nachname.required = true
validator.field.Geburtstag.required = true
validator.field.Geburtsmonat.required = true
validator.field.Geburtsjahr.required = true
validator.field.Vorname.format = [A-Za-zäÄöÖüÜß\\.\\-' ]*[A-Za-zäÄöÖüÜß]+[A-Za-zäÄöÖüÜß\\.\\-' ]*
validator.field.Nachname.format = [A-Za-zäÄöÖüÜß\\.\\-' ]*[A-Za-zäÄöÖüÜß]+[A-Za-zäÄöÖüÜß\\.\\-' ]*
validator.field.Fruehere_Namen.format = [A-Za-zäÄöÖüÜß\\.\\-' ]*[A-Za-zäÄöÖüÜß]+[A-Za-zäÄöÖüÜß\\.\\-' ]*
# Date validation:
validator.date.0.fields = Geburtstag, Geburtsmonat, Geburtsjahr
validator.date.0.format = ddMMyyyy
# Exchange groups
# An exchange group denotes a set of fields whose values are considered interchangeable.
# The matcher (currently only EpilinkMatcher) compares the fields in each exchange group to
# all of its permutations and uses the best matching combination for final decision.
exchangeGroup.0 = Vorname, Nachname, Fruehere_Namen
# Field transformations
#
# Transformations for a field {fieldname} are defined by
# field.{fieldname}.transformers = {transformerlist}, where
# transformerlist is a comma-separated list of names of subclasses of FieldTransformer.
field.Vorname.transformers = StringNormalizer, FirstNameDecomposer
field.Nachname.transformers = StringNormalizer, GermanLastNameDecomposer
field.Fruehere_Namen.transformers = StringNormalizer, GermanLastNameDecomposer
# field comparators
field.Vorname.comparator = NGramComparator
field.Nachname.comparator = NGramComparator
field.Fruehere_Namen.comparator = NGramComparator
field.Geburtstag.comparator = BinaryFieldComparator
field.Geburtsmonat.comparator = BinaryFieldComparator
field.Geburtsjahr.comparator = BinaryFieldComparator
field.Staatsangehoerigkeit.comparator = BinaryFieldComparator
field.Geschlecht.comparator = BinaryFieldComparator
# Matcher definition
# Property matcher defines the class name of the matcher to use, which must be a subclass
# of Matcher. Currently only EpilinkMatcher and NullMatcher are supported.
matcher = EpilinkMatcher
# Config for Epilink Matcher
#
# matcher.epilink.{fieldname}.frequency: Defines the assumed mean frequency of values
# for field {fieldname}. This corresponds to the u-probability in the Fellegi-Sunter-Model
# and can be estimated by the reciprocal of the number of distinct values (i.e. the
# frequency of "month" is 1 / 12).
matcher.epilink.Vorname.frequency = 0.000235
matcher.epilink.Nachname.frequency = 0.0000271
matcher.epilink.Fruehere_Namen.frequency = 0.0000271
# 1 / 30 (approximate average number of days in a month)
matcher.epilink.Geburtstag.frequency = 0.0333
# 1 / 12
matcher.epilink.Geburtsmonat.frequency = 0.0833
# example value: birth years for an age range of 35 years (40 - 75).
matcher.epilink.Geburtsjahr.frequency = 0.0286
# Berechnungsgrundlage: 193 anerkannte + 13 umstrittene Staaten (Quelle: Wikipedia) -> ca. 1 / 200
matcher.epilink.Staatsangehoerigkeit.frequency = 0.005
matcher.epilink.Geschlecht.frequency = 0.5
# matcher.epilink.{fieldname}.error_rate defines the assumed error_rate for
# field {fieldname} (1 - m-probability)
#
# The supplied number stem from the evaluation of a German cancer registry
matcher.epilink.Vorname.errorRate = 0.01
matcher.epilink.Nachname.errorRate = 0.008
matcher.epilink.Fruehere_Namen.errorRate = 0.008
matcher.epilink.Geburtstag.errorRate = 0.005
matcher.epilink.Geburtsmonat.errorRate = 0.002
matcher.epilink.Geburtsjahr.errorRate = 0.004
matcher.epilink.Staatsangehoerigkeit.errorRate = 0.04
matcher.epilink.Geschlecht.errorRate = 0.04
# matcher.epilink.threshold.match: Defines the minimum weight (in the interval [0,1])
# for which a pair of records is considered a definite match.
#
# matcher.epilink.threshold_non_match: Defines the weight (in the interval [0,1])
# below which a pair of records is considered a definite non-match. Must be less than or equal
# to matcher.epilink.threshold_match.
#
# Record pairs with a weight w with threshold_non_match <= w < threshold_match are
# considered possible matches and lead to a tentative PID.
matcher.epilink.threshold_match = 0.95
matcher.epilink.threshold_non_match = 0.65
# Blocking
# The blocking strategy choice depends on the field types after the transformation.
# If compound fields are passed to the blocker, whether created by a field transformation or as input fields,
# the type of the subfields is the one that is relevant for the blocking.
# If exchange groups are used, only one of the fieldnames should be given here. The blocker is applied to
# the other fields as well.
# Use Soundex for PlainText fields
blocking.soundex.type = Soundex
blocking.soundex.fields = Vorname, Nachname, Fruehere_Namen
# Use FieldEquality e.g. for birthday based blocking
# This can be combined with Soundex blocking.
blocking.dob.type = FieldEquality
blocking.dob.fields = Geburtstag, Geburtsmonat, Geburtsjahr
# Servers (apiKey and permission definition)
servers.0.apiKey = ML_API_KEY
servers.0.permissions = createSession;showSessionIds;deleteAllPatients;createToken;tt_addPatient;tt_readPatients;tt_editPatient;readConfiguration
# TODO: Reduce to bridgeheads ip
servers.0.allowedRemoteAdresses = 0.0.0.0/0
# Allowed format of the callback
callback.allowedFormat = https://.*
callback.allowSelfsigned = false
# IdGenerators
idgenerators = BK_ML_SITE_L-ID, MDS_ML_SITE_L-ID, BK_ML_SITE_G-ID, locallyUniqueId, DKTK000001985_ML_SITE_L-ID, DKTK000001985_ML_SITE_G-ID, DKTK000001986_ML_SITE_L-ID, DKTK000001986_ML_SITE_G-ID, DKTK000001950_ML_SITE_L-ID, DKTK000001950_ML_SITE_G-ID, DKTK000001951_ML_SITE_L-ID, DKTK000001951_ML_SITE_G-ID, DKTK999999999_ML_SITE_L-ID, DKTK999999999_ML_SITE_G-ID, DKTK000002089_ML_SITE_L-ID, DKTK000002089_ML_SITE_G-ID
idgenerators.eagerGeneration = false
# Configuration of the local and global BK Pseudonymes
idgenerator.BK_ML_SITE_L-ID = PIDGenerator
idgenerator.BK_ML_SITE_L-ID.k1 = ML_BK_IDGENERATOR_RANDOM_1
idgenerator.BK_ML_SITE_L-ID.k2 = ML_BK_IDGENERATOR_RANDOM_2
idgenerator.BK_ML_SITE_L-ID.k3 = ML_BK_IDGENERATOR_RANDOM_3
idgenerator.BK_ML_SITE_G-ID = ExternalIDGenerator
# The unique id from the local datawarehouse
idgenerator.locallyUniqueId = ExternalIDGenerator
# Configuration for the local mds-id
idgenerator.MDS_ML_SITE_L-ID = PIDGenerator
idgenerator.MDS_ML_SITE_L-ID.k1 = ML_MDS_IDGENERATOR_RANDOM_1
idgenerator.MDS_ML_SITE_L-ID.k2 = ML_MDS_IDGENERATOR_RANDOM_2
idgenerator.MDS_ML_SITE_L-ID.k3 = ML_MDS_IDGENERATOR_RANDOM_3
idgenerator.MDS_ML_SITE_L-ID.eager = *
idgenerator.MDS_ML_SITE_L-ID.exportEncryption = mdsIdEncryption
# Encryption for export of mds
crypto.key.mdsIdPublicKey.type = RSA_PUBLIC
crypto.key.mdsIdPublicKey.uri = file:///run/secrets/centralSearchPublicKey
crypto.encryption.mdsIdEncryption.key = mdsIdPublicKey
crypto.encryption.mdsIdEncryption.type = RSA_ENCRYPT
# Configuration of the study specific id-generators
# Configuration for project DKTK000001985
idgenerator.DKTK000001985_ML_SITE_L-ID = PIDGenerator
idgenerator.DKTK000001985_ML_SITE_L-ID.k1 = ML_DKTK000001985_IDGENERATOR_RANDOM_1
idgenerator.DKTK000001985_ML_SITE_L-ID.k2 = ML_DKTK000001985_IDGENERATOR_RANDOM_2
idgenerator.DKTK000001985_ML_SITE_L-ID.k3 = ML_DKTK000001985_IDGENERATOR_RANDOM_3
idgenerator.DKTK000001985_ML_SITE_G-ID = ExternalIDGenerator
# Configuration for project DKTK000001986
idgenerator.DKTK000001986_ML_SITE_L-ID = PIDGenerator
idgenerator.DKTK000001986_ML_SITE_L-ID.k1 = ML_DKTK000001986_IDGENERATOR_RANDOM_1
idgenerator.DKTK000001986_ML_SITE_L-ID.k2 = ML_DKTK000001986_IDGENERATOR_RANDOM_2
idgenerator.DKTK000001986_ML_SITE_L-ID.k3 = ML_DKTK000001986_IDGENERATOR_RANDOM_3
idgenerator.DKTK000001986_ML_SITE_G-ID = ExternalIDGenerator
# Configuration for project DKTK000001950
idgenerator.DKTK000001950_ML_SITE_L-ID = PIDGenerator
idgenerator.DKTK000001950_ML_SITE_L-ID.k1 = ML_DKTK000001950_IDGENERATOR_RANDOM_1
idgenerator.DKTK000001950_ML_SITE_L-ID.k2 = ML_DKTK000001950_IDGENERATOR_RANDOM_2
idgenerator.DKTK000001950_ML_SITE_L-ID.k3 = ML_DKTK000001950_IDGENERATOR_RANDOM_3
idgenerator.DKTK000001950_ML_SITE_G-ID = ExternalIDGenerator
# Configuration for project DKTK000001951
idgenerator.DKTK000001951_ML_SITE_L-ID = PIDGenerator
idgenerator.DKTK000001951_ML_SITE_L-ID.k1 = ML_DKTK000001951_IDGENERATOR_RANDOM_1
idgenerator.DKTK000001951_ML_SITE_L-ID.k2 = ML_DKTK000001951_IDGENERATOR_RANDOM_2
idgenerator.DKTK000001951_ML_SITE_L-ID.k3 = ML_DKTK000001951_IDGENERATOR_RANDOM_3
idgenerator.DKTK000001951_ML_SITE_G-ID = ExternalIDGenerator
# Configuration for project DKTK999999999
idgenerator.DKTK999999999_ML_SITE_L-ID = PIDGenerator
idgenerator.DKTK999999999_ML_SITE_L-ID.k1 = ML_DKTK999999999_IDGENERATOR_RANDOM_1
idgenerator.DKTK999999999_ML_SITE_L-ID.k2 = ML_DKTK999999999_IDGENERATOR_RANDOM_2
idgenerator.DKTK999999999_ML_SITE_L-ID.k3 = ML_DKTK999999999_IDGENERATOR_RANDOM_3
idgenerator.DKTK999999999_ML_SITE_G-ID = ExternalIDGenerator
# Configuration for project DKTK000002089
idgenerator.DKTK000002089_ML_SITE_L-ID = PIDGenerator
idgenerator.DKTK000002089_ML_SITE_L-ID.k1 = ML_DKTK000002089_IDGENERATOR_RANDOM_1
idgenerator.DKTK000002089_ML_SITE_L-ID.k2 = ML_DKTK000002089_IDGENERATOR_RANDOM_2
idgenerator.DKTK000002089_ML_SITE_L-ID.k3 = ML_DKTK000002089_IDGENERATOR_RANDOM_3
idgenerator.DKTK000002089_ML_SITE_G-ID = ExternalIDGenerator

View File

@ -1,21 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<Configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://schema.samply.de/common"
xsi:schemaLocation="http://schema.samply.de/common http://schema.samply.de/config/Common.Config.xsd ">
<Proxy>
<HTTP>
<Url>HTTP_PROXY_URL</Url>
<Username>HTTP_PROXY_USERNAME</Username>
<Password>HTTP_PROXY_PASSWORD</Password>
</HTTP>
<HTTPS>
<Url>HTTPS_PROXY_URL</Url>
<Username>HTTPS_PROXY_USERNAME</Username>
<Password>HTTPS_PROXY_PASSWORD</Password>
</HTTPS>
<NoProxyHosts>
<Host>NO_PROXY_HOSTS</Host>
</NoProxyHosts>
<Realm/>
</Proxy>
</Configuration>

View File

@ -1,20 +0,0 @@
#!/bin/bash
### This is the configuration file for secrets, only your site should know
##Setting Network properties
export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}');
export HOST=
export PROXY_URL=
export site_name=
### Write the Project you want to start with the brigdehead
##Exmaple project=gbn
project=
###secrets
## Connector Password
export CONNECTOR_POSTGRES_PASS=
##ID-Manager
#This needs to be set if the project is either c4 or dktk
export