Added Configuration for Local ID-Management
This commit is contained in:
parent
c9bb317cd2
commit
6d24dbce7f
|
@ -0,0 +1,75 @@
|
|||
version: "3.7"
|
||||
services:
|
||||
id-manager:
|
||||
image: docker.verbis.dkfz.de/bridgehead/magicpl
|
||||
environment:
|
||||
TOMCAT_REVERSEPROXY_FQDN: ${HOST}
|
||||
MAGICPL_SITE: ${SITE_ID}
|
||||
MAGICPL_ALLOWED_ORIGINS: https://${HOST}
|
||||
MAGICPL_LOCAL_PATIENTLIST_APIKEY: ${IDMANAGER_LOCAL_PATIENTLIST_APIKEY}
|
||||
MAGICPL_CENTRAXX_APIKEY: ${IDMANAGER_CENTRAXX_APIKEY}
|
||||
MAGICPL_CONNECTOR_APIKEY: ${IDMANAGER_CONNECTOR_APIKEY}
|
||||
MAGICPL_CENTRAL_PATIENTLIST_APIKEY: ${IDMANAGER_CENTRAL_PATIENTLIST_APIKEY}
|
||||
MAGICPL_CONTROLNUMBERGENERATOR_APIKEY: ${IDMANAGER_CONTROLNUMBERGENERATOR_APIKEY}
|
||||
MAGICPL_OIDC_CLIENT_ID: ${IDMANAGER_AUTH_CLIENT_ID}
|
||||
MAGICPL_OIDC_CLIENT_SECRET: ${IDMANAGER_AUTH_CLIENT_SECRET}
|
||||
depends_on:
|
||||
- patientlist
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.id-manager.rule=PathPrefix(`/id-manager`)"
|
||||
- "traefik.http.services.id-manager.loadbalancer.server.port=8080"
|
||||
- "traefik.http.routers.id-manager.tls=true"
|
||||
|
||||
patientlist:
|
||||
image: docker.verbis.dkfz.de/bridgehead/mainzelliste
|
||||
environment:
|
||||
- TOMCAT_REVERSEPROXY_FQDN=${HOST}
|
||||
- ML_SITE=${SITE_ID}
|
||||
- ML_DB_PASS=${PATIENTLIST_POSTGRES_PASSWORD}
|
||||
- ML_API_KEY=${IDMANAGER_LOCAL_PATIENTLIST_APIKEY}
|
||||
# Add Variables from /etc/patientlist-id-generators.env
|
||||
- ML_BK_IDGENERATOR_RANDOM_1
|
||||
- ML_BK_IDGENERATOR_RANDOM_2
|
||||
- ML_BK_IDGENERATOR_RANDOM_3
|
||||
- ML_MDS_IDGENERATOR_RANDOM_1
|
||||
- ML_MDS_IDGENERATOR_RANDOM_2
|
||||
- ML_MDS_IDGENERATOR_RANDOM_3
|
||||
- ML_DKTK000001985_IDGENERATOR_RANDOM_1
|
||||
- ML_DKTK000001985_IDGENERATOR_RANDOM_2
|
||||
- ML_DKTK000001985_IDGENERATOR_RANDOM_3
|
||||
- ML_DKTK000001986_IDGENERATOR_RANDOM_1
|
||||
- ML_DKTK000001986_IDGENERATOR_RANDOM_2
|
||||
- ML_DKTK000001986_IDGENERATOR_RANDOM_3
|
||||
- ML_DKTK000001950_IDGENERATOR_RANDOM_1
|
||||
- ML_DKTK000001950_IDGENERATOR_RANDOM_2
|
||||
- ML_DKTK000001950_IDGENERATOR_RANDOM_3
|
||||
- ML_DKTK000001951_IDGENERATOR_RANDOM_1
|
||||
- ML_DKTK000001951_IDGENERATOR_RANDOM_2
|
||||
- ML_DKTK000001951_IDGENERATOR_RANDOM_3
|
||||
- ML_DKTK999999999_IDGENERATOR_RANDOM_1
|
||||
- ML_DKTK999999999_IDGENERATOR_RANDOM_2
|
||||
- ML_DKTK999999999_IDGENERATOR_RANDOM_3
|
||||
- ML_DKTK000002089_IDGENERATOR_RANDOM_1
|
||||
- ML_DKTK000002089_IDGENERATOR_RANDOM_2
|
||||
- ML_DKTK000002089_IDGENERATOR_RANDOM_3
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.patientlist.rule=PathPrefix(`/patientlist`)"
|
||||
- "traefik.http.services.patientlist.loadbalancer.server.port=8080"
|
||||
- "traefik.http.routers.patientlist.tls=true"
|
||||
depends_on:
|
||||
- patientlist-db
|
||||
|
||||
patientlist-db:
|
||||
image: postgres:14-alpine
|
||||
environment:
|
||||
POSTGRES_USER: "mainzelliste"
|
||||
POSTGRES_DB: "mainzelliste"
|
||||
POSTGRES_PASSWORD: ${PATIENTLIST_POSTGRES_PASSWORD}
|
||||
volumes:
|
||||
- "patientlist-db-data:/var/lib/postgresql/data"
|
||||
|
||||
volumes:
|
||||
patientlist-db-data:
|
||||
|
|
@ -0,0 +1,17 @@
|
|||
#!/bin/bash
|
||||
|
||||
function idManagementSetup() {
|
||||
if [ -n "$ENABLE_ID_MANAGEMENT" ]; then
|
||||
log INFO "id-management setup detected -- will start id-management (mainzelliste & magicpl)."
|
||||
OVERRIDE+=" -f ./$PROJECT/modules/id-management-compose.yml"
|
||||
|
||||
# Auto Generate local Passwords
|
||||
PATIENTLIST_POSTGRES_PASSWORD="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
|
||||
IDMANAGER_LOCAL_PATIENTLIST_APIKEY="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
|
||||
|
||||
# Source the ID Generators Configuration
|
||||
source /etc/bridgehead/patientlist-id-generators.env
|
||||
log INFO "ID-Management Generator 1: ${ML_BK_IDGENERATOR_RANDOM_1}"
|
||||
fi
|
||||
|
||||
}
|
3
ccp/vars
3
ccp/vars
|
@ -8,6 +8,9 @@ REPORTHUB_BEAM_SECRET_LONG="ApiKey report-hub.${PROXY_ID} ${REPORTHUB_BEAM_SECRE
|
|||
SUPPORT_EMAIL=support-ccp@dkfz-heidelberg.de
|
||||
PRIVATEKEYFILENAME=/etc/bridgehead/pki/${SITE_ID}.priv.pem
|
||||
|
||||
# This will load id-management setup. Effective only if id-management configuration is defined.
|
||||
source $PROJECT/modules/id-management-setup.sh
|
||||
idManagementSetup
|
||||
# This will load nngm setup. Effective only if nngm configuration is defined.
|
||||
source $PROJECT/nngm-setup.sh
|
||||
nngmSetup
|
||||
|
|
|
@ -131,7 +131,7 @@ fail_and_report() {
|
|||
|
||||
setHostname() {
|
||||
if [ -z "$HOST" ]; then
|
||||
export HOST=$(hostname -f)
|
||||
export HOST=$(hostname -f | tr "[:upper:]" "[:lower:]")
|
||||
log DEBUG "Using auto-detected hostname $HOST."
|
||||
fi
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue