WIP blaze frontend

switch focus of ccp to tag

bridgehead

@@ -28,9 +28,6 @@ fi
 case "$PROJECT" in
 	ccp)
 		#nothing extra to do
-        ;;
-	leme)
-		#nothing extra to do
 		;;
 	bbmri)
 		#nothing extra to do

ccp/docker-compose.yml

@@ -19,9 +19,30 @@ services:
       - "traefik.http.services.blaze_ccp.loadbalancer.server.port=8080"
       - "traefik.http.routers.blaze_ccp.middlewares=ccp_b_strip,auth"
       - "traefik.http.routers.blaze_ccp.tls=true"
+    
+  frontend:
+    image: "samply/blaze-frontend:latest"
+    environment:
+      ORIGIN: "https://${HOST}/ccp-blaze-frontend"
+      BACKEND_BASE_URL: "https://${HOST}/ccp-localdatamanagement"
+      AUTH_CLIENT_ID: "${OIDC_PRIVATE_CLIENT_ID}"
+      AUTH_CLIENT_SECRET: "${OIDC_CLIENT_SECRET}"
+      AUTH_ISSUER: "${OIDC_URL}"
+      AUTH_SECRET: "666df42c74ce1f4728fe2ffe99b146e0f2e4b4f9810594fcf68c0330495bca0f" # TODO: Generate
+      PROTOCOL_HEADER: "x-forwarded-proto"
+      HOST_HEADER: "x-forwarded-host"
+    depends_on:
+      - blaze
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.blaze_frontend.rule=PathPrefix(`/ccp-blaze-frontend`)"
+      - "traefik.http.middlewares.ccp_blaze_frontend_strip.stripprefix.prefixes=/ccp-blaze-frontend"
+      - "traefik.http.routers.blaze_ccp.middlewares=ccp_blaze_frontend_strip"
+      - "traefik.http.services.blaze_frontend.loadbalancer.server.port=3000"
+      - "traefik.http.routers.blaze_frontend.tls=true"
 
   focus:
-    image: docker.verbis.dkfz.de/cache/samply/focus:0.4.4
+    image: docker.verbis.dkfz.de/cache/samply/focus:${FOCUS_TAG}
     container_name: bridgehead-focus
     environment:
       API_KEY: ${FOCUS_BEAM_SECRET_SHORT}

ccp/vars

@@ -17,6 +17,7 @@ OIDC_REALM="${OIDC_REALM:-master}"
 OIDC_URL="https://login.verbis.dkfz.de"
 OIDC_ISSUER_URL="${OIDC_URL}/realms/${OIDC_REALM}"
 OIDC_GROUP_CLAIM="groups"
+add_private_oidc_redirect_url "/ccp-localdatamanagement"
 
 POSTGRES_TAG=15.6-alpine
 

leme/docker-compose.yml

@@ -1,62 +0,0 @@
-
-services:
-  blaze:
-    image: docker.verbis.dkfz.de/cache/samply/blaze:latest
-    container_name: bridgehead-leme-blaze
-    environment:
-      BASE_URL: "http://bridgehead-leme-blaze:8080"
-      JAVA_TOOL_OPTIONS: "-Xmx${BLAZE_MEMORY_CAP:-4096}m"
-      DB_RESOURCE_CACHE_SIZE: ${BLAZE_RESOURCE_CACHE_CAP:-2500000}
-      DB_BLOCK_CACHE_SIZE: $BLAZE_MEMORY_CAP
-      ENFORCE_REFERENTIAL_INTEGRITY: "false"
-    volumes:
-      - "blaze-data:/app/data"
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.blaze_leme.rule=PathPrefix(`/leme-localdatamanagement`)"
-      - "traefik.http.middlewares.leme_b_strip.stripprefix.prefixes=/leme-localdatamanagement"
-      - "traefik.http.services.blaze_leme.loadbalancer.server.port=8080"
-      - "traefik.http.routers.blaze_leme.middlewares=leme_b_strip,auth"
-      - "traefik.http.routers.blaze_leme.tls=true"
-
-  focus:
-    image: docker.verbis.dkfz.de/cache/samply/focus:0.4.4
-    container_name: bridgehead-focus
-    environment:
-      API_KEY: ${FOCUS_BEAM_SECRET_SHORT}
-      BEAM_APP_ID_LONG: focus.${PROXY_ID}
-      PROXY_ID: ${PROXY_ID}
-      BLAZE_URL: "http://bridgehead-leme-blaze:8080/fhir/"
-      BEAM_PROXY_URL: http://beam-proxy:8081
-      RETRY_COUNT: ${FOCUS_RETRY_COUNT}
-      EPSILON: 0.28
-    depends_on:
-      - "beam-proxy"
-      - "blaze"
-
-  beam-proxy:
-    image: docker.verbis.dkfz.de/cache/samply/beam-proxy:develop
-    container_name: bridgehead-beam-proxy
-    environment:
-      BROKER_URL: ${BROKER_URL}
-      PROXY_ID: ${PROXY_ID}
-      APP_focus_KEY: ${FOCUS_BEAM_SECRET_SHORT}
-      PRIVKEY_FILE: /run/secrets/proxy.pem
-      ALL_PROXY: http://forward_proxy:3128
-      TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs
-      ROOTCERT_FILE: /conf/root.crt.pem
-    secrets:
-      - proxy.pem
-    depends_on:
-      - "forward_proxy"
-    volumes:
-      - /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro
-      - /srv/docker/bridgehead/leme/root.crt.pem:/conf/root.crt.pem:ro
-
-
-volumes:
-  blaze-data:
-
-secrets:
-  proxy.pem:
-    file: /etc/bridgehead/pki/${SITE_ID}.priv.pem

leme/root.crt.pem

@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDNTCCAh2gAwIBAgIUHtDdZ+L/Z1YmwlrHJRelJFLAGh0wDQYJKoZIhvcNAQEL
-BQAwFjEUMBIGA1UEAxMLQnJva2VyLVJvb3QwHhcNMjQwNTEzMTExMTQyWhcNMzQw
-NTExMTExMjExWjAWMRQwEgYDVQQDEwtCcm9rZXItUm9vdDCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAMLGngURLDDleDC/jGUSU12z9nfJBFrHItWQkcQk
-uZPOhCB55mD18aMtLmpXcHQ4MZdDOCHjA7n3gZa04PvueuLht57z3Uyk+M9C1Oor
-9KpnJWLogWtVJ9iaLrIGGS+lwttpglISg+7nZIszrCVaq2/mLe/Il47D7EifmA8L
-T+/gNd470tvAWaFn3pmeNJ2CHZ0ld+6CSOweerfPHq44DrZeCO8nRl/+v/JTizLg
-Fxjr2N38TohL4S8/QLIWtyQLZJbshuWAMwd7WtMXWqGPrIIDC8NiIQW8Yb1zjdoD
-/Ghmw6yfr+/m02GpJTe4rVhYJT9WYZS6wUbRlK1WTuy8T2ECAwEAAaN7MHkwDgYD
-VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMdNeYJQr5e5
-Cmh3NzSg/6eQF0IxMB8GA1UdIwQYMBaAFMdNeYJQr5e5Cmh3NzSg/6eQF0IxMBYG
-A1UdEQQPMA2CC0Jyb2tlci1Sb290MA0GCSqGSIb3DQEBCwUAA4IBAQBl3iQUJYKz
-E82f1SMyd9EHx4xs5fwVAKpndDkPBo4QbRHCeSfEnkxJHtluaDXJF0MaWMbvNps1
-99afOVjZCDa5UQUqneyBTbY1tHr3gyYV/doe4FIHA799D2dKlyxu6sPNzRZJGppT
-gaueKzc3jKINER1LcdOaPmSogNGNezCwOsAkmwuPQMrzMT8JPlLEGh0vfG4B994w
-ECxyC3PicjXvq5UOCwYiGSwawqTznLUb3FO6SFYS1mNv2inVaNfLzkuCkdIyyqeU
-dc/h6tuDSC+CKAy+/qoDNzG9KD+mI8kVyhhIrQ++vQ9bbRtWr5aQzaq+fyDJNXx3
-IQvYUuSR8Nab
------END CERTIFICATE-----

leme/vars

@@ -1,14 +0,0 @@
-BROKER_ID=broker-test.health-innovation-lab.eu
-BROKER_URL=http://${BROKER_ID}
-PROXY_ID=${SITE_ID}.${BROKER_ID}
-FOCUS_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
-FOCUS_RETRY_COUNT=32
-PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem
-
-BROKER_URL_FOR_PREREQ=$BROKER_URL
-
-# for module in $PROJECT/modules/*.sh
-# do
-#     log DEBUG "sourcing $module"
-#     source $module
-# done

lib/prepare-system.sh

@@ -49,9 +49,6 @@ case "$PROJECT" in
 	ccp)
 		site_configuration_repository_middle="git.verbis.dkfz.de/bridgehead-configurations/bridgehead-config-"
 		;;
-    leme)
-		site_configuration_repository_middle="git.verbis.dkfz.de/bridgehead-configurations/bridgehead-config-"
-		;;
 	bbmri)
 		site_configuration_repository_middle="git.verbis.dkfz.de/bbmri-bridgehead-configs/"
 		;;

minimal/docker-compose.yml

@@ -46,15 +46,15 @@ services:
       # Wait 1s before marking this service healthy. Required for the oauth2-proxy to talk to the OIDC provider on startup which will fail if the forward proxy is not started yet.
       test: ["CMD", "sleep", "1"]
 
-  # landing:
+  landing:
-  #   container_name: bridgehead-landingpage
+    container_name: bridgehead-landingpage
-  #   image: docker.verbis.dkfz.de/cache/samply/bridgehead-landingpage:main
+    image: docker.verbis.dkfz.de/cache/samply/bridgehead-landingpage:main
-  #   labels:
+    labels:
-  #     - "traefik.enable=true"
+      - "traefik.enable=true"
-  #     - "traefik.http.routers.landing.rule=PathPrefix(`/`)"
+      - "traefik.http.routers.landing.rule=PathPrefix(`/`)"
-  #     - "traefik.http.services.landing.loadbalancer.server.port=80"
+      - "traefik.http.services.landing.loadbalancer.server.port=80"
-  #     - "traefik.http.routers.landing.tls=true"
+      - "traefik.http.routers.landing.tls=true"
-  #   environment:
+    environment:
-  #     HOST: ${HOST}
+      HOST: ${HOST}
-  #     PROJECT: ${PROJECT}
+      PROJECT: ${PROJECT}
-  #     SITE_NAME: ${SITE_NAME}
+      SITE_NAME: ${SITE_NAME}