Merge pull request #25 from samply/feature/bbmri

Feature/bbmri

bbmri/docker-compose.yml

@@ -0,0 +1,116 @@
+version: "3.7"
+
+services:
+  traefik:
+    container_name: bridgehead-traefik
+    image: traefik:latest
+    command:
+      - --entrypoints.web.address=:80
+      - --entrypoints.websecure.address=:443
+      - --providers.docker=true
+      - --providers.file.watch=true
+      - --providers.file.directory=/configuration/
+      - --api.dashboard=true
+      - --accesslog=true # print access-logs
+      - --entrypoints.web.http.redirections.entrypoint.to=websecure
+      - --entrypoints.web.http.redirections.entrypoint.scheme=https
+    labels:
+      - "traefik.http.routers.dashboard.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
+      - "traefik.http.routers.dashboard.entrypoints=websecure"
+      - "traefik.http.routers.dashboard.service=api@internal"
+      - "traefik.http.routers.dashboard.tls=true"
+      - "traefik.http.routers.dashboard.middlewares=auth"
+      - "traefik.http.middlewares.auth.basicauth.users=${bc_auth_users}"
+    ports:
+      - 80:80
+      - 443:443
+    volumes:
+      - /etc/bridgehead/traefik-tls:/certs:ro
+      - ../lib/traefik-configuration/:/configuration:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+
+  forward_proxy:
+    container_name: bridgehead-forward-proxy
+    image: samply/bridgehead-forward-proxy:latest
+    environment:
+      HTTPS_PROXY: ${HTTPS_PROXY_URL}
+      USERNAME: ${HTTPS_PROXY_USERNAME}
+      PASSWORD: ${HTTPS_PROXY_PASSWORD}
+    volumes:
+      - /etc/bridgehead/trusted-ca-certs:/docker/custom-certs/:ro
+
+#  landing:
+#    container_name: bridgehead-landingpage
+#    image: samply/bridgehead-landingpage:master
+#    labels:
+#      - "traefik.enable=true"
+#      - "traefik.http.routers.landing.rule=PathPrefix(`/`)"
+#      - "traefik.http.services.landing.loadbalancer.server.port=80"
+#      - "traefik.http.routers.landing.tls=true"
+#    environment:
+#      HOST: ${HOST}
+#      PROJECT: ${PROJECT}
+#      SITE_NAME: ${SITE_NAME}
+
+  blaze:
+    image: "samply/blaze:0.18"
+    container_name: bridgehead-ccp-blaze
+    environment:
+      BASE_URL: "http://bridgehead-ccp-blaze:8080"
+      JAVA_TOOL_OPTIONS: "-Xmx4g"
+      LOG_LEVEL: "debug"
+      ENFORCE_REFERENTIAL_INTEGRITY: "false"
+    volumes:
+      - "blaze-data:/app/data"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.middlewares.ccp-auth.basicauth.users=${bc_auth_users}"
+      - "traefik.http.routers.blaze_ccp.rule=PathPrefix(`/ccp-localdatamanagement`)"
+      - "traefik.http.middlewares.ccp_b_strip.stripprefix.prefixes=/ccp-localdatamanagement"
+      - "traefik.http.services.blaze_ccp.loadbalancer.server.port=8080"
+      - "traefik.http.routers.blaze_ccp.middlewares=ccp_b_strip,ccp-auth"
+      - "traefik.http.routers.blaze_ccp.tls=true"
+
+  spot:
+    image: samply/spot:latest
+    container_name: bridgehead-spot
+    environment:
+      SECRET: ${SPOT_BEAM_SECRET_LONG}
+      APPID: spot
+      PROXY_ID: ${PROXY_ID}
+      LDM_URL: http://bridgehead-ccp-blaze:8080/fhir
+      BEAM_PROXY: http://beam-proxy:8081
+    depends_on:
+      - "beam-proxy"
+      - "blaze"
+    labels:
+      - "traefik.enable=false"
+
+  beam-proxy:
+    image: "samply/beam-proxy:develop"
+    container_name: bridgehead-beam-proxy
+    environment:
+      BROKER_URL: ${BROKER_URL}
+      PROXY_ID: ${PROXY_ID}
+      APP_0_ID: spot
+      APP_0_KEY: ${SPOT_BEAM_SECRET_SHORT}
+      PRIVKEY_FILE: /run/secrets/proxy.pem
+      RUST_LOG: debug
+      ALL_PROXY: http://forward_proxy:3128
+      TLS_CA_CERTIFICATES_DIR: /conf/trusted-ca-certs
+    secrets:
+      - proxy.pem
+    labels:
+      - "traefik.enable=false"
+    depends_on:
+      - "forward_proxy"
+    volumes:
+      - /etc/bridgehead/trusted-ca-certs:/conf/trusted-ca-certs:ro
+
+
+volumes:
+  blaze-data:
+
+secrets:
+  proxy.pem:
+    file: /etc/bridgehead/pki/${SITE_ID}.priv.pem

bbmri/vars

@@ -0,0 +1,7 @@
+BROKER_ID=broker.bbmri.samply.de
+BROKER_URL=https://${BROKER_ID}
+PROXY_ID=${SITE_ID}.${BROKER_ID}
+SPOT_BEAM_SECRET_SHORT="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
+SPOT_BEAM_SECRET_LONG="ApiKey spot.${PROXY_ID} ${SPOT_BEAM_SECRET_SHORT}"
+SUPPORT_EMAIL=bridgehead@helpdesk.bbmri-eric.eu
+PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem

bridgehead

@@ -32,7 +32,7 @@ case "$PROJECT" in
 	nngm)
 		#nothing extra to do
 		;;
-	gbn)
+	bbmri)
 		#nothing extra to do
 		;;
 	*)

gbn/docker-compose.yml

@@ -1,100 +0,0 @@
-version: '3.7'
-
-volumes:
-  gbn-connector-logs:
-  gbn-connector-db-data:
-  gbn-store-db-data:
-
-services:
-  traefik:
-    container_name: bridgehead-traefik
-    image: traefik:2
-    command:
-      - --entrypoints.web.address=:80
-      - --entrypoints.websecure.address=:443
-      - --providers.docker=true
-      - --api.dashboard=true
-      - --accesslog=true # print access-logs
-      - --entrypoints.web.http.redirections.entrypoint.to=websecure
-      - --entrypoints.web.http.redirections.entrypoint.scheme=https
-    labels:
-      - "traefik.http.routers.dashboard.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
-      - "traefik.http.routers.dashboard.entrypoints=websecure"
-      - "traefik.http.routers.dashboard.service=api@internal"
-      - "traefik.http.routers.dashboard.tls=true"
-      - "traefik.http.routers.dashboard.middlewares=auth"
-      - "traefik.http.middlewares.auth.basicauth.users=${bc_auth_users}"
-    ports:
-      - 80:80
-      - 443:443
-    volumes:
-      - ../certs:/tools/certs
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-    extra_hosts:
-      - "host.docker.internal:host-gateway"
-
-  forward_proxy:
-    container_name: bridgehead-forward-proxy
-    image: ubuntu/squid
-    environment:
-      http_proxy: ${http_proxy}
-      https_proxy: ${https_proxy}
-    volumes:
-      - "bridgehead-proxy:/var/log/squid"
-    
-  landing:
-    container_name: bridgehead-landingpage
-    image: samply/bridgehead-landingpage
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.landing.rule=PathPrefix(`/`)"
-      - "traefik.http.services.landing.loadbalancer.server.port=80"
-      - "traefik.http.routers.landing.tls=true"
-    environment:
-      HOST: ${HOST}
-      PROJECT: ${PROJECT}
-      SITE_NAME: ${SITE_NAME}
-
-  blaze:
-    image: "samply/blaze:0.17"
-    container_name: bridgehead-gbn-blaze
-    environment:
-      BASE_URL: "http://blaze:8080"
-      JAVA_TOOL_OPTIONS: "-Xmx4g"
-      LOG_LEVEL: "debug"
-      ENFORCE_REFERENTIAL_INTEGRITY: "false"
-    volumes:
-    - "blaze-data:/app/data"
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.middlewares.gbn-auth.basicauth.users=${bc_auth_users}"
-      - "traefik.http.routers.blaze_gbn.rule=PathPrefix(`/gbn-localdatamanagement`)"
-      - "traefik.http.middlewares.gbn_b_strip.stripprefix.prefixes=/gbn-localdatamanagement"
-      - "traefik.http.services.blaze_gbn.loadbalancer.server.port=8080"
-      - "traefik.http.routers.blaze_gbn.middlewares=gbn_b_strip,gbn-auth"
-      - "traefik.http.routers.blaze_gbn.tls=true"
-
-  gbn-connector:
-    container_name: bridgehead-gbn-connector
-    image: "samply/share-client:gbn-feature-environmentPreconfiguration"
-    environment:
-      POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS}
-    volumes:
-      - "gbn-connector-logs:/usr/local/tomcat/logs"
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.gbn_connector.rule=PathPrefix(`/gbn-connector`)"
-      - "traefik.http.services.gbn_connector.loadbalancer.server.port=8080"
-    depends_on:
-      - "gbn-connector-db"
-    restart: "always"
-
-  gbn-connector-db:
-    image: "postgres:10.17"
-    environment:
-      POSTGRES_DB: "samply.connector"
-      POSTGRES_USER: "samply"
-      POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS}
-    volumes:
-      - "gbn-connector-db-data:/var/lib/postgresql/data"
-    restart: "always"

lib/functions.sh

@@ -20,7 +20,7 @@ checkOwner(){
 
 printUsage() {
 	echo "Usage: bridgehead start|stop|update|install|uninstall|enroll PROJECTNAME"
-	echo "PROJECTNAME should be one of ccp|nngm|gbn"
+	echo "PROJECTNAME should be one of ccp|nngm|bbmri"
 }
 
 checkRequirements() {

lib/remove-bridgehead-units.sh

@@ -7,8 +7,8 @@ if [ $# -eq 0 ]; then
     exit 1
 fi
 
-if [ $1 != "ccp" ] && [ $1 != "nngm" ] && [ $1 != "gbn" ]; then
-    log "ERROR" "Please provide a supported project like ccp, gbn or nngm"
+if [ $1 != "ccp" ] && [ $1 != "nngm" ] && [ $1 != "bbmri" ]; then
+    log "ERROR" "Please provide a supported project like ccp, bbmri or nngm"
     exit 1
 fi
 

lib/setup-bridgehead-units.sh

@@ -9,8 +9,8 @@ if [ $# -eq 0 ]; then
     exit 1
 fi
 
-if [ $1 != "ccp" ] && [ $1 != "nngm" ] && [ $1 != "gbn" ]; then
-    log "ERROR" "Please provide a supported project like ccp, gbn or nngm"
+if [ $1 != "ccp" ] && [ $1 != "nngm" ] && [ $1 != "bbmri" ]; then
+    log "ERROR" "Please provide a supported project like ccp, bbmri or nngm"
     exit 1
 fi
 

lib/update-bridgehead.sh

@@ -75,7 +75,7 @@ done
 # Check docker updates
 log "INFO" "Checking for updates to running docker images ..."
 docker_updated="false"
-for IMAGE in $(cat $PROJECT/docker-compose.yml | grep "image:" | sed -e 's_^.*image: \(.*\).*$_\1_g; s_\"__g'); do
+for IMAGE in $(cat $PROJECT/docker-compose.yml | grep -v "^#" | grep "image:" | sed -e 's_^.*image: \(.*\).*$_\1_g; s_\"__g'); do
   log "INFO" "Checking for Updates of Image: $IMAGE"
   if docker pull $IMAGE | grep "Downloaded newer image"; then
     CHANGE="Image $IMAGE updated."