mirror of
https://github.com/samply/bridgehead.git
synced 2025-12-08 05:04:27 +01:00
Compare commits
11 Commits
hotfix/itc
...
prototype/
| Author | SHA1 | Date | |
|---|---|---|---|
|
6fe3bb0cc4 | ||
|
|
8770470e90 | ||
|
|
efa38d78bc | ||
|
|
3c85bce8fe | ||
|
|
4246fbd162 | ||
|
|
24dec5a172 | ||
|
|
afe1e37854 | ||
|
|
ccd935701c | ||
|
|
332997963b | ||
|
|
9ed11d63b2 | ||
|
|
80ec87a818 |
@@ -180,6 +180,13 @@ case "$ACTION" in
|
||||
;;
|
||||
postRun | postUpdate)
|
||||
;;
|
||||
send-file)
|
||||
loadVars
|
||||
log "WARNING" "Your are about to send a file to another bridgehead in your network!"
|
||||
read -p "Please name the bridgehead you want to send the file to (proxy-id): " RECEIVER_PROXY_ID
|
||||
read -p "Continue? (Y/N): " confirm && [[ $confirm == [yY] || $confirm == [yY][eE][sS] ]] || exit 1
|
||||
exec $COMPOSE -p $PROJECT -f ./modules/beam-file-compose.yml --profile beam-file-sender run beam-file-sender send --to beamfile.$RECEIVER_PROXY_ID /data/outfile
|
||||
;;
|
||||
*)
|
||||
printUsage
|
||||
exit 1
|
||||
|
||||
@@ -22,7 +22,7 @@ services:
|
||||
- "traefik.http.routers.blaze_cce.tls=true"
|
||||
|
||||
focus:
|
||||
image: docker.verbis.dkfz.de/cache/samply/focus:${FOCUS_TAG}-dktk
|
||||
image: docker.verbis.dkfz.de/cache/samply/focus:${FOCUS_TAG}
|
||||
container_name: bridgehead-focus
|
||||
environment:
|
||||
API_KEY: ${FOCUS_BEAM_SECRET_SHORT}
|
||||
@@ -34,7 +34,6 @@ services:
|
||||
EPSILON: 0.28
|
||||
QUERIES_TO_CACHE: '/queries_to_cache.conf'
|
||||
ENDPOINT_TYPE: ${FOCUS_ENDPOINT_TYPE:-blaze}
|
||||
CQL_PROJECTS_ENABLED: "cce"
|
||||
volumes:
|
||||
- /srv/docker/bridgehead/cce/queries_to_cache.conf:/queries_to_cache.conf:ro
|
||||
depends_on:
|
||||
|
||||
@@ -17,7 +17,6 @@ services:
|
||||
BEAM_PROXY_ID: ${SITE_ID}
|
||||
BEAM_BROKER_ID: ${BROKER_ID}
|
||||
BEAM_APP_ID: "focus"
|
||||
PROJECT_METADATA: "cce"
|
||||
depends_on:
|
||||
- "beam-proxy"
|
||||
labels:
|
||||
|
||||
@@ -45,6 +45,7 @@ services:
|
||||
BROKER_URL: ${BROKER_URL}
|
||||
PROXY_ID: ${PROXY_ID}
|
||||
APP_focus_KEY: ${FOCUS_BEAM_SECRET_SHORT}
|
||||
APP_beamfilesend_KEY: ${BEAM_FILE_SEND_SECRET}
|
||||
PRIVKEY_FILE: /run/secrets/proxy.pem
|
||||
ALL_PROXY: http://forward_proxy:3128
|
||||
TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs
|
||||
|
||||
@@ -5,6 +5,7 @@ FOCUS_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | h
|
||||
FOCUS_RETRY_COUNT=${FOCUS_RETRY_COUNT:-64}
|
||||
SUPPORT_EMAIL=support-ccp@dkfz-heidelberg.de
|
||||
PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem
|
||||
BEAM_FILE_SEND_SECRET="$(echo \"beam-file-send-salt\" | openssl pkeyutl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
|
||||
|
||||
BROKER_URL_FOR_PREREQ=$BROKER_URL
|
||||
|
||||
@@ -24,4 +25,5 @@ do
|
||||
done
|
||||
|
||||
transfairSetup
|
||||
scoutSetup
|
||||
scoutSetup
|
||||
beamFileSetup
|
||||
|
||||
@@ -22,7 +22,7 @@ services:
|
||||
- "traefik.http.routers.blaze_itcc.tls=true"
|
||||
|
||||
focus:
|
||||
image: docker.verbis.dkfz.de/cache/samply/focus:${FOCUS_TAG}-dktk
|
||||
image: docker.verbis.dkfz.de/cache/samply/focus:${FOCUS_TAG}
|
||||
container_name: bridgehead-focus
|
||||
environment:
|
||||
API_KEY: ${FOCUS_BEAM_SECRET_SHORT}
|
||||
@@ -34,7 +34,6 @@ services:
|
||||
EPSILON: 0.28
|
||||
QUERIES_TO_CACHE: '/queries_to_cache.conf'
|
||||
ENDPOINT_TYPE: ${FOCUS_ENDPOINT_TYPE:-blaze}
|
||||
CQL_PROJECTS_ENABLED: "itcc"
|
||||
volumes:
|
||||
- /srv/docker/bridgehead/itcc/queries_to_cache.conf:/queries_to_cache.conf:ro
|
||||
depends_on:
|
||||
|
||||
@@ -17,7 +17,6 @@ services:
|
||||
BEAM_PROXY_ID: ${SITE_ID}
|
||||
BEAM_BROKER_ID: ${BROKER_ID}
|
||||
BEAM_APP_ID: "focus"
|
||||
PROJECT_METADATA: "itcc"
|
||||
depends_on:
|
||||
- "beam-proxy"
|
||||
labels:
|
||||
|
||||
@@ -337,7 +337,8 @@ function sync_secrets() {
|
||||
}
|
||||
|
||||
function secret_sync_gitlab_token() {
|
||||
if [[ "$PROJECT" != "dktk" && "$PROJECT" != "bbmri" ]]; then
|
||||
if [ "$PROJECT" == "minimal" ]; then
|
||||
log "INFO" "Not running Secret Sync for project minimal"
|
||||
return
|
||||
fi
|
||||
# Map the origin of the git repository /etc/bridgehead to the prefix recognized by Secret Sync
|
||||
@@ -397,7 +398,7 @@ function secret_sync_gitlab_token() {
|
||||
else
|
||||
log "WARN" "Secret Sync failed"
|
||||
# Remove the git credential helper
|
||||
git -C /etc/bridgehead config --unset credential.helpera
|
||||
git -C /etc/bridgehead config --unset credential.helper
|
||||
fi
|
||||
|
||||
# In the past the git credential helper was also set for /srv/docker/bridgehead but never used.
|
||||
|
||||
35
modules/beam-file-compose.yml
Normal file
35
modules/beam-file-compose.yml
Normal file
@@ -0,0 +1,35 @@
|
||||
# NOTE: Current implementation is restricted to a bridgehead only being able to either upload or download data
|
||||
services:
|
||||
beam-file-sender:
|
||||
image: samply/beam-file:${BEAM_FILE_TAG}
|
||||
container_name: bridgehead-beam-file-sender
|
||||
environment:
|
||||
- BEAM_ID=beamfilesend.${PROXY_ID}
|
||||
- BEAM_SECRET=${BEAM_FILE_SEND_SECRET}
|
||||
- BEAM_URL=http://beam-proxy:8081
|
||||
- BIND_ADDR=0.0.0.0:8085
|
||||
- API_KEY=${BEAM_FILE_API_KEY}
|
||||
# Only uncomment if your are sure what to do
|
||||
# ports:
|
||||
# - 8085:8085
|
||||
volumes:
|
||||
- /var/cache/bridgehead/beam-file-out/:/data
|
||||
profiles: ["beam-file-sender"]
|
||||
|
||||
beam-file-receiver:
|
||||
image: samply/beam-file:${BEAM_FILE_TAG}
|
||||
container_name: bridgehead-beam-file-receiver
|
||||
environment:
|
||||
- BEAM_ID=beamfile.${PROXY_ID}
|
||||
- BEAM_SECRET=${BEAM_FILE_SECRET}
|
||||
- BEAM_URL=http://beam-proxy:8081
|
||||
- API_KEY=${BEAM_FILE_API_KEY}
|
||||
command: ["receive", "save", "--outdir", "/data"]
|
||||
volumes:
|
||||
- /var/cache/bridgehead/beam-file/:/data
|
||||
profiles: ["beam-file-receiver"]
|
||||
|
||||
beam-proxy:
|
||||
environment:
|
||||
APP_beamfile_KEY: ${BEAM_FILE_SECRET}
|
||||
profiles: ["beam-file-receiver"]
|
||||
11
modules/beam-file-setup.sh
Normal file
11
modules/beam-file-setup.sh
Normal file
@@ -0,0 +1,11 @@
|
||||
#!/bin/bash -e
|
||||
|
||||
function beamFileSetup() {
|
||||
if [ -n "$ENABLE_BEAM_FILE_RECEIVER" ]; then
|
||||
echo "Starting beam file in receiver mode"
|
||||
OVERRIDE+=" -f ./modules/beam-file-compose.yml --profile beam-file-receiver"
|
||||
BEAM_FILE_SECRET="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
|
||||
BEAM_FILE_API_KEY="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
|
||||
log INFO "Beam File in Receiver Mode available uses ApiKey ${BEAM_FILE_API_KEY}"
|
||||
fi
|
||||
}
|
||||
@@ -3,4 +3,5 @@ BEAM_TAG=develop
|
||||
BLAZE_TAG=main
|
||||
POSTGRES_TAG=15.13-alpine
|
||||
TEILER_DASHBOARD_TAG=develop
|
||||
MTBA_TAG=develop
|
||||
MTBA_TAG=develop
|
||||
BEAM_FILE_TAG=task-based-files
|
||||
|
||||
Reference in New Issue
Block a user