services: ############################################ DataSHIELD Client (Rocker R-Studio) rstudio: container_name: bridgehead-rstudio image: docker.verbis.dkfz.de/ccp/dktk-rstudio:latest environment: #DEFAULT_USER: "rstudio" # Please, don't remove this line. It is informative. PASSWORD: "${LDM_AUTH}" HTTP_RELATIVE_PATH: "/rstudio" labels: - "traefik.enable=true" - "traefik.http.routers.rstudio_ccp.rule=PathPrefix(`/rstudio`)" - "traefik.http.services.rstudio_ccp.loadbalancer.server.port=8787" - "traefik.http.routers.rstudio_ccp.tls=true" - "traefik.http.middlewares.rstudio_ccp_strip.stripprefix.prefixes=/rstudio" - "traefik.http.routers.rstudio_ccp.middlewares=rstudio_ccp_strip" #volumes: #- "bridgehead-rstudio-config:/home/rstudio/.config/rstudio" #- "bridgehead-rstudio-workspace:/home/rstudio/workspace" ############################################ DataSHIELD Server (Opal) opal: container_name: bridgehead-opal image: docker.verbis.dkfz.de/ccp/dktk-opal:latest labels: - "traefik.enable=true" - "traefik.http.routers.opal_ccp.rule=PathPrefix(`/opal`)" - "traefik.http.services.opal_ccp.loadbalancer.server.port=8080" - "traefik.http.routers.opal_ccp.tls=true" links: - opal-rserver - opal-db environment: JAVA_OPTS: "-Xms1G -Xmx8G -XX:+UseG1GC" # OPAL_ADMINISTRATOR_USER: "administrator" # Please, don't remove this line. It is informative. OPAL_ADMINISTRATOR_PASSWORD: "${LDM_AUTH}" POSTGRESDATA_HOST: "opal-db" POSTGRESDATA_DATABASE: "opal" POSTGRESDATA_USER: "opal" POSTGRESDATA_PASSWORD: "${OPAL_DB_PASSWORD}" ROCK_HOSTS: "opal-rserver:8085" APP_URL: "https://${HOST}/opal" APP_CONTEXT_PATH: "/opal" OPAL_PRIVATE_KEY: "/run/secrets/opal-key.pem" OPAL_CERTIFICATE: "/run/secrets/opal-cert.pem" secrets: - opal-cert.pem - opal-key.pem # volumes: # - "bridgehead-opal:/srv" opal-db: # Data container_name: bridgehead-opal-db image: docker.verbis.dkfz.de/cache/postgres:15.1-alpine environment: POSTGRES_PASSWORD: "${OPAL_DB_PASSWORD}" # Set in datashield-setup.sh POSTGRES_USER: "opal" POSTGRES_DB: "opal" # Please evaluate if this volume makes sense. An import can take several hours. If the bridgehead is restarted, # the data should be reimported again. # volumes: # - "bridgehead-opal-db:/var/lib/postgresql/data" opal-rserver: container_name: bridgehead-opal-rserver image: docker.verbis.dkfz.de/cache/datashield/rock-base:6.3 # https://datashield.discourse.group/t/ds-aggregate-method-error/416/4 beam-connect: image: docker.verbis.dkfz.de/cache/samply/beam-connect:no-auth container_name: bridgehead-datashield-connect environment: PROXY_URL: "http://beam-proxy:8081" TLS_CA_CERTIFICATES_DIR: /run/secrets APP_ID: datashield-connect.${SITE_ID}.${BROKER_ID} PROXY_APIKEY: ${DATASHIELD_CONNECT_SECRET} DISCOVERY_URL: "./map/central.json" LOCAL_TARGETS_FILE: "./map/local.json" secrets: - opal-cert.pem depends_on: - beam-proxy volumes: - /etc/bridgehead/datashield-connect/:/map:ro beam-proxy: environment: APP_datashield-connect_KEY: ${DATASHIELD_CONNECT_SECRET} #volumes: # bridgehead-rstudio-config: # name: "bridgehead-rstudio-config" # bridgehead-rstudio-workspace: # name: "bridgehead-rstudio-workspace" # bridgehead-opal-db: # name: "bridgehead-opal-db" # bridgehead-opal: # name: "bridgehead-opal" secrets: opal-cert.pem: file: /etc/bridgehead/trusted-ca-certs/opal-cert.pem opal-key.pem: file: /etc/bridgehead/trusted-ca-certs/opal-key.pem