samply/bridgehead
1
0
Fork 0
mirror of https://github.com/samply/bridgehead.git synced 2025-06-16 21:50:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: samply:feature/authentik
Branches Tags
samply:main samply:transfair-cli samply:develop samply:feature/exporter-docu samply:test/teiler-dashboard samply:feature/add-pscc samply:feature/authentik samply:feature/teiler-for-ccp-and-bbmri samply:qr-bbmri-v2 samply:prototype/beamFile samply:test/exporter-no-python samply:cherry-pick-tmp-pr samply:test/obds2fhir-batch-import samply:ovis samply:test/airgapped-blaze samply:pr-secret-sync-gitlab-bbmri samply:feature/add-qb-to-cce samply:Threated-patch-1 samply:torbrenner-patch-1 samply:feat/routine-connector-minor-fixes samply:metadata_fb samply:feat/dnpm-dip samply:bugfix/test-old-blaze samply:dnpm-etl-rewrite samply:feature/qr-basic-auth samply:refactor/logging samply:feature/opal-client-for-new-token-manager samply:test/onkofdz samply:feature/addExporterAndTeilerToEric samply:set_env_variables_needed_for_fhir2sql samply:feature/externalize-versions samply:fix/kr-deactivate-landingpage samply:refactor/datashield-auth-config samply:refactor/independent-modules samply:feature/dnpm-extra-broker samply:revert-223-feat/add-dkfz-hector-ki-project samply:ehds2_develop samply:ehds2 samply:feature/auto-pr samply:qr_bbmri samply:feature/cBioPortal samply:feat/blaze-frontend samply:feat/central-rstudio samply:pro/lemedart samply:feature/feedback-agent samply:feature/component-moniotring samply:feature/cbioportal-datashield samply:documentation/blaze_resources samply:feat/cBioPortal samply:test-switch-branch samply:feature/nngm-rest samply:feature/opal samply:feature/snap samply:feature/accessTokenFromConfiguration
..
compare: samply:cbb73ab9b5f13d5ef0cee7630c5cfe2d053713a0
Branches Tags
samply:transfair-cli samply:develop samply:feature/exporter-docu samply:main samply:test/teiler-dashboard samply:feature/add-pscc samply:feature/authentik samply:feature/teiler-for-ccp-and-bbmri samply:qr-bbmri-v2 samply:prototype/beamFile samply:test/exporter-no-python samply:cherry-pick-tmp-pr samply:test/obds2fhir-batch-import samply:ovis samply:test/airgapped-blaze samply:pr-secret-sync-gitlab-bbmri samply:feature/add-qb-to-cce samply:Threated-patch-1 samply:torbrenner-patch-1 samply:feat/routine-connector-minor-fixes samply:metadata_fb samply:feat/dnpm-dip samply:bugfix/test-old-blaze samply:dnpm-etl-rewrite samply:feature/qr-basic-auth samply:refactor/logging samply:feature/opal-client-for-new-token-manager samply:test/onkofdz samply:feature/addExporterAndTeilerToEric samply:set_env_variables_needed_for_fhir2sql samply:feature/externalize-versions samply:fix/kr-deactivate-landingpage samply:refactor/datashield-auth-config samply:refactor/independent-modules samply:feature/dnpm-extra-broker samply:revert-223-feat/add-dkfz-hector-ki-project samply:ehds2_develop samply:ehds2 samply:feature/auto-pr samply:qr_bbmri samply:feature/cBioPortal samply:feat/blaze-frontend samply:feat/central-rstudio samply:pro/lemedart samply:feature/feedback-agent samply:feature/component-moniotring samply:feature/cbioportal-datashield samply:documentation/blaze_resources samply:feat/cBioPortal samply:test-switch-branch samply:feature/nngm-rest samply:feature/opal samply:feature/snap samply:feature/accessTokenFromConfiguration

2 Commits
feature/au ... cbb73ab9b5

Author SHA1 Message Date
David Juarez
cbb73ab9b5 Test 2025-05-28 15:01:36 +02:00
David Juarez
dd37863b8b Remove OIDC configuration in BBMRI 2025-05-28 14:55:04 +02:00
6 changed files with 8 additions and 34 deletions
Expand all files Collapse all files

21
bbmri/modules/exporter-compose.yml
View File

@ -23,18 +23,6 @@ services:
- "traefik.http.routers.exporter_bbmri.tls=true" - "traefik.http.routers.exporter_bbmri.tls=true"
- "traefik.http.middlewares.exporter_bbmri_strip.stripprefix.prefixes=/bbmri-exporter" - "traefik.http.middlewares.exporter_bbmri_strip.stripprefix.prefixes=/bbmri-exporter"
- "traefik.http.routers.exporter_bbmri.middlewares=exporter_bbmri_strip" - "traefik.http.routers.exporter_bbmri.middlewares=exporter_bbmri_strip"
# Main router
- "traefik.http.routers.exporter_bbmri.priority=20"
# API router
- "traefik.http.routers.exporter_bbmri_api.middlewares=exporter_bbmri_strip,exporter_auth"
- "traefik.http.routers.exporter_bbmri_api.rule=PathRegexp(`/bbmri-exporter/.+`)"
- "traefik.http.routers.exporter_bbmri_api.tls=true"
- "traefik.http.routers.exporter_bbmri_api.priority=25"
# Shared middlewares
- "traefik.http.middlewares.exporter_auth.basicauth.users=${EXPORTER_USER}"
volumes: volumes:
- "/var/cache/bridgehead/bbmri/exporter-files:/app/exporter-files/output" - "/var/cache/bridgehead/bbmri/exporter-files:/app/exporter-files/output"
@ -77,12 +65,3 @@ services:
- "traefik.http.routers.reporter_bbmri.tls=true" - "traefik.http.routers.reporter_bbmri.tls=true"
- "traefik.http.middlewares.reporter_bbmri_strip.stripprefix.prefixes=/bbmri-reporter" - "traefik.http.middlewares.reporter_bbmri_strip.stripprefix.prefixes=/bbmri-reporter"
- "traefik.http.routers.reporter_bbmri.middlewares=reporter_bbmri_strip" - "traefik.http.routers.reporter_bbmri.middlewares=reporter_bbmri_strip"
- "traefik.http.routers.reporter_bbmri.priority=20"
#- "traefik.http.routers.reporter_bbmri.middlewares=reporter_bbmri_strip,exporter_auth"
- "traefik.http.routers.reporter_bbmri_api.middlewares=reporter_bbmri_strip,exporter_auth"
- "traefik.http.routers.reporter_bbmri_api.rule=PathRegexp(`/bbmri-reporter/.+`)"
- "traefik.http.routers.reporter_bbmri_api.tls=true"
- "traefik.http.routers.reporter_bbmri_api.priority=25"
#- "traefik.http.middlewares.reporter_auth.basicauth.users=${EXPORTER_USER}"

7
bbmri/modules/exporter-setup.sh
View File

@ -5,11 +5,4 @@ if [ "$ENABLE_EXPORTER" == true ]; then
OVERRIDE+=" -f ./$PROJECT/modules/exporter-compose.yml" OVERRIDE+=" -f ./$PROJECT/modules/exporter-compose.yml"
EXPORTER_DB_PASSWORD="$(echo \"This is a salt string to generate one consistent password for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)" EXPORTER_DB_PASSWORD="$(echo \"This is a salt string to generate one consistent password for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
EXPORTER_API_KEY="$(echo \"This is a salt string to generate one consistent API KEY for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 64)" EXPORTER_API_KEY="$(echo \"This is a salt string to generate one consistent API KEY for the exporter. It is not required to be secret.\" | sha1sum | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 64)"
if [ -z "$EXPORTER_USER" ]; then
log "INFO" "Now generating basic auth for the exporter and reporter (see adduser in bridgehead for more information). "
generated_passwd="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 32)"
add_basic_auth_user $PROJECT $generated_passwd "EXPORTER_USER" $PROJECT
fi
fi fi

3
bbmri/modules/teiler-compose.yml
View File

@ -68,3 +68,6 @@ services:
TEILER_DASHBOARD_DE_URL: "https://${HOST}/bbmri-teiler-dashboard/de" TEILER_DASHBOARD_DE_URL: "https://${HOST}/bbmri-teiler-dashboard/de"
TEILER_DASHBOARD_EN_URL: "https://${HOST}/bbmri-teiler-dashboard/en" TEILER_DASHBOARD_EN_URL: "https://${HOST}/bbmri-teiler-dashboard/en"
HTTP_PROXY: "http://forward_proxy:3128" HTTP_PROXY: "http://forward_proxy:3128"
ENABLE_MTBA: "${ENABLE_MTBA}"
ENABLE_DATASHIELD: "${ENABLE_DATASHIELD}"
IDMANAGER_UPLOAD_APIKEY: "${IDMANAGER_UPLOAD_APIKEY}" # Only used to check if the ID Manager is active

2
ccp/modules/datashield-compose.yml
View File

@ -22,7 +22,7 @@ services:
opal: opal:
container_name: bridgehead-opal container_name: bridgehead-opal
image: docker.verbis.dkfz.de/ccp/dktk-opal:latest image: docker.verbis.dkfz.de/ccp/dktk-opal:test
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.opal_ccp.rule=PathPrefix(`/opal`)" - "traefik.http.routers.opal_ccp.rule=PathPrefix(`/opal`)"

3
ccp/modules/teiler-compose.yml
View File

@ -19,7 +19,8 @@ services:
HTTP_RELATIVE_PATH: "/ccp-teiler" HTTP_RELATIVE_PATH: "/ccp-teiler"
teiler-dashboard: teiler-dashboard:
image: docker.verbis.dkfz.de/cache/samply/teiler-dashboard:develop #image: docker.verbis.dkfz.de/cache/samply/teiler-dashboard:develop
image: samply/teiler-dashboard:develop
container_name: bridgehead-teiler-dashboard container_name: bridgehead-teiler-dashboard
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"

6
ccp/vars
View File

@ -11,10 +11,8 @@ BROKER_URL_FOR_PREREQ=$BROKER_URL
OIDC_USER_GROUP="DKTK_CCP_$(capitalize_first_letter ${SITE_ID})" OIDC_USER_GROUP="DKTK_CCP_$(capitalize_first_letter ${SITE_ID})"
OIDC_ADMIN_GROUP="DKTK_CCP_$(capitalize_first_letter ${SITE_ID})_Verwalter" OIDC_ADMIN_GROUP="DKTK_CCP_$(capitalize_first_letter ${SITE_ID})_Verwalter"
OIDC_PRIVATE_CLIENT_ID=${SITE_ID}-private OIDC_PRIVATE_CLIENT_ID=${SITE_ID}-private
# OIDC_PUBLIC_CLIENT_ID=${SITE_ID}-public OIDC_PUBLIC_CLIENT_ID=${SITE_ID}-public
# OIDC_URL="https://sso.verbis.dkfz.de/application/o/${SITE_ID}/" OIDC_URL="https://login.verbis.dkfz.de/realms/test-realm-01"
OIDC_PUBLIC_CLIENT_ID=bridgehead-test-public
OIDC_URL="https://sso.verbis.dkfz.de/application/o/bridgehead-test-public/"
OIDC_GROUP_CLAIM="groups" OIDC_GROUP_CLAIM="groups"
POSTGRES_TAG=15.6-alpine POSTGRES_TAG=15.6-alpine