verbis-admin
/
bridgehead
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Cleanup of old files 

Moved c4 and dktk to ccp
This commit is contained in:
root 2022-05-02 16:19:17 +02:00
parent 7b299bb338
commit 8c5e8ed833
11 changed files with 116 additions and 915 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.gitignore vendored
View File

@ -1,10 +1,7 @@
##Ignore site configuration
.gitmodules
site-config
## Ignore site configuration
config/**/*
!config/**/*.default
docker-compose.override.yml
site.conf
lading/*
certs/*

1
auth/dktk
View File

@ -1 +0,0 @@
ps:$apr1$wl54tz29$glQPyZIoNEosI0zQDHXz1.

159
c4/docker-compose.yml
View File

@ -1,159 +0,0 @@
version: "3.7"
volumes:
c4-connector-db-data:
c4-connector-logs:
patientlist-db-data:
patientlist-logs:
id-manager-logs:
c4-store-db-data:
c4-store-logs:
services:
traefik:
image: traefik:2.4
command:
- --api.insecure=true
- --entrypoints.web.address=:80
- --entrypoints.web-secure.address=:443
- --providers.docker=true
ports:
- 80:80
- 443:443
- 8080:8080
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
landing:
image: nginx:stable
volumes:
- ../landing/:/usr/share/nginx/html
labels:
- "traefik.enable=true"
- "traefik.http.routers.landing.rule=PathPrefix(`/`)"
- "traefik.http.services.landing.loadbalancer.server.port=80"
c4-connector:
image: "samply/share-client:c4-feature-environmentPreconfigurationTorben"
environment:
POSTGRES_HOST: "c4-connector-db"
ID_MANAGER_APIKEY: ${MAGICPL_API_KEY_CONNECTOR}
POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS}
HTTP_PROXY_USER: ${HTTP_PROXY_USER}
HTTP_PROXY_PASSWORD: ${HTTP_PROXY_PASSWORD}
HTTPS_PROXY_USER: ${HTTPS_PROXY_USER}
HTTPS_PROXY_PASSWORD: ${HTTPS_PROXY_PASSWORD}
LDM_URL: "${PROTOCOL}://${HOST}/c4-localdatamanagement"
POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS}
env_file:
- ../site-config/c4.env
# Necessary for the connector to successful check the status of other components on the same host
extra_hosts:
- "host.docker.internal:host-gateway"
- "${HOST}:${HOSTIP}"
volumes:
- "c4-connector-logs:/usr/local/tomcat/logs"
depends_on:
- connector-db
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.c4_connector.rule=PathPrefix(`/c4-connector`)"
- "traefik.http.services.c4_connector.loadbalancer.server.port=8080"
c4-connector-db:
image: postgres:10.17
environment:
POSTGRES_DB: "share_v2"
POSTGRES_USER: "samplyweb"
POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS}
volumes:
- "c4-connector-db-data:/var/lib/postgresql/data"
restart: always
id-manager:
image: docker.verbis.dkfz.de/ccp/idmanager:bridgehead-develop
environment:
MAGICPL_SITE: ${SITE}
MAGICPL_MAINZELLISTE_API_KEY: ${MAGICPL_MAINZELLISTE_API_KEY}
MAGICPL_API_KEY: ${MAGICPL_API_KEY}
MAGICPL_API_KEY_CONNECTOR: ${MAGICPL_API_KEY_CONNECTOR}
MAGICPL_MAINZELLISTE_CENTRAL_API_KEY: ${MAGICPL_MAINZELLISTE_CENTRAL_API_KEY}
MAGICPL_CENTRAL_API_KEY: ${MAGICPL_CENTRAL_API_KEY}
MAGICPL_OIDC_CLIENT_ID: ${MAGICPL_OIDC_CLIENT_ID}
MAGICPL_OIDC_CLIENT_SECRET: ${MAGICPL_OIDC_CLIENT_SECRET}
TOMCAT_REVERSEPROXY_FQDN: "${HOST}"
HTTP_PROXY_USER: ${HTTP_PROXY_USER}
HTTP_PROXY_PASSWORD: ${HTTP_PROXY_PASSWORD}
HTTPS_PROXY_USER: ${HTTPS_PROXY_USER}
HTTPS_PROXY_PASSWORD: ${HTTPS_PROXY_PASSWORD}
env_file:
- ../site-config/dktk.env
volumes:
- "id-manager-logs:/usr/local/tomcat/logs"
depends_on:
- patientlist
labels:
- "traefik.http.routers.idmanager.rule=PathPrefix(`/ID-Manager`)"
- "traefik.http.services.idmanager.loadbalancer.server.port=8080"
patientlist:
image: docker.verbis.dkfz.de/ccp/patientlist:bridgehead-develop
environment:
ML_SITE: ${SITE}
ML_API_KEY: ${MAGICPL_MAINZELLISTE_API_KEY}
ML_DB_PASS: ${ML_DB_PASS}
TOMCAT_REVERSEPROXY_FQDN: "${HOST}"
env_file:
- ../site-config/dktk.env
# TODO: Implement automatic seed generation in mainzelliste
- ../site-config/patientlist.env
volumes:
- "patientlist-logs:/usr/local/tomcat/logs"
labels:
- "traefik.http.routers.patientlist.rule=PathPrefix(`/Patientlist`)"
- "traefik.http.services.patientlist.loadbalancer.server.port=8080"
depends_on:
- patientlist-db
patientlist-db:
image: postgres:13.1-alpine
environment:
POSTGRES_DB: mainzelliste
POSTGRES_USER: mainzelliste
POSTGRES_PASSWORD: ${ML_DB_PASS}
TZ: "Europe/Berlin"
volumes:
- "patientlist-db-data:/var/lib/postgresql/data"
c4-store:
image: docker.verbis.dkfz.de/ccp/samply.store:release-5.1.2
environment:
MDR_NAMESPACE: "adt,dktk,marker"
MDR_VALIDATION: false
DEPLOYMENT_CONTEXT: "c4-localdatamanagement"
POSTGRES_HOST: c4-store-db
POSTGRES_PORT: 5432
POSTGRES_DB: samplystore
POSTGRES_USER: samplystore
POSTGRES_PASSWORD: ${STORE_POSTGRES_PASS}
TZ: "Europe/Berlin"
volumes:
- "c4-store-logs:/usr/local/tomcat/logs"
labels:
- "traefik.enable=true"
- "traefik.http.routers.store_c4.rule=PathPrefix(`/c4-localdatamanagement`)"
depends_on:
- store-db
restart: always
c4-store-db:
image: postgres:9.5-alpine
command: postgres -c datestyle='iso, dmy'
environment:
TZ: "Europe/Berlin"
POSTGRES_DB: samplystore
POSTGRES_USER: samplystore
POSTGRES_PASSWORD: ${STORE_POSTGRES_PASS}
volumes:
- "c4-store-db-data:/var/lib/postgresql/data"
restart: always

112
ccp/docker-compose.yml Normal file
View File

@ -0,0 +1,112 @@
version: "3.7"
services:
### Does not need proxy settings
traefik:
container_name: bridgehead-traefik
image: traefik:2.4
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker=true
- --api.dashboard=true
- --accesslog=true # print access-logs
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
labels:
- "traefik.http.routers.dashboard.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
- "traefik.http.routers.dashboard.entrypoints=websecure"
- "traefik.http.routers.dashboard.service=api@internal"
- "traefik.http.routers.dashboard.tls=true"
- "traefik.http.routers.dashboard.middlewares=auth"
- "traefik.http.middlewares.auth.basicauth.users=${bc_auth_users}"
ports:
- 80:80
- 443:443
volumes:
- ../certs:/tools/certs
- /var/run/docker.sock:/var/run/docker.sock:ro
extra_hosts:
- "host.docker.internal:host-gateway"
### Does need to know the outside proxy to connect central components
forward_proxy:
container_name: bridgehead-squid
image: ubuntu/squid
environment:
http_proxy: ${http_proxy}
https_proxy: ${https_proxy}
volumes:
- "bridgehead-proxy:/var/log/squid"
## Needs internal proxy config
landing:
container_name: bridgehead-landingpage
image: nginx:stable
volumes:
- ../landing/:/usr/share/nginx/html
labels:
- "traefik.enable=true"
- "traefik.http.routers.landing.rule=PathPrefix(`/`)"
- "traefik.http.services.landing.loadbalancer.server.port=80"
- "traefik.http.routers.landing.tls=true"
## Needs internal proxy config
blaze:
image: "samply/blaze:0.17"
container_name: bridgehead-ccp-blaze
environment:
BASE_URL: "http://blaze:8080"
JAVA_TOOL_OPTIONS: "-Xmx4g"
LOG_LEVEL: "debug"
ENFORCE_REFERENTIAL_INTEGRITY: "false"
volumes:
- "blaze-data:/app/data"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.test-auth.basicauth.users=${bc_auth_users}"
- "traefik.http.routers.blaze_ccp.rule=PathPrefix(`/ccp-localdatamanagement`)"
- "traefik.http.middlewares.ccp_b_strip.stripprefix.prefixes=/ccp-localdatamanagement"
- "traefik.http.services.blaze_ccp.loadbalancer.server.port=8080"
- "traefik.http.routers.blaze_ccp.middlewares=ccp_b_strip,test-auth"
- "traefik.http.routers.blaze_ccp.tls=true"
ccp-search-share:
image: "ghcr.io/samply/dktk-fed-search-share:main"
container_name: bridgehead_ccp_share
environment:
APP_BASE_URL: "http://dktk-fed-search-share:8080"
APP_BROKER_BASEURL: "http://dktk-fed-search.verbis.dkfz.de/broker/rest/searchbroker"
APP_BROKER_MAIL: "foo@bar.de"
APP_STORE_BASEURL: "http://bridgehead-dktk-blaze:8080/fhir"
SPRING_DATASOURCE_URL: "jdbc:postgresql://bridgehead_ccp_share_db:5432/dktk-fed-search-share"
JAVA_TOOL_OPTIONS: "-Xmx1g"
# http_proxy: "http://bridgehead-squid:3128"
# https_proxy: "http://bridgehead-squid:3128"
# HTTP_PROXY: "http://bridgehead-squid:3128"
# HTTPS_PROXY: "http://bridgehead-squid:3128"
depends_on:
- ccp-search-share-db
- blaze
labels:
- "traefik.enable=true"
- "traefik.http.routers.dktk-fed-search.rule=PathPrefix(`/dktk-connector`)"
- "traefik.http.services.dktk-fed-search.loadbalancer.server.port=8080"
extra_hosts:
- "dktk-fed-search.verbis.dkfz.de:10.133.193.8"
ccp-search-share-db:
image: "postgres:14"
container_name: bridgehead_ccp_share_db
environment:
POSTGRES_USER: "dktk-fed-search-share"
POSTGRES_PASSWORD: "dktk-fed-search-share"
POSTGRES_DB: "dktk-fed-search-share"
volumes:
- "ccp-search-share-db-data:/var/lib/postgresql/data"
volumes:
blaze-data:
bridgehead-proxy:
ccp-search-share-db-data:

144
dktk-fed/docker-compose.yml
View File

@ -1,144 +0,0 @@
version: "3.7"
services:
### Does not need proxy settings
traefik:
container_name: bridgehead-traefik
image: traefik:2.4
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker=true
- --api.dashboard=true
- --accesslog=true # print access-logs
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
labels:
- "traefik.http.routers.dashboard.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
- "traefik.http.routers.dashboard.entrypoints=websecure"
- "traefik.http.routers.dashboard.service=api@internal"
- "traefik.http.routers.dashboard.tls=true"
- "traefik.http.routers.dashboard.middlewares=auth"
- "traefik.http.middlewares.auth.basicauth.users=${bc_auth_users}"
ports:
- 80:80
- 443:443
volumes:
- ../certs:/tools/certs
- /var/run/docker.sock:/var/run/docker.sock:ro
extra_hosts:
- "host.docker.internal:host-gateway"
### Does need to know the outside proxy to connect central components
forward_proxy:
container_name: bridgehead-squid
image: ubuntu/squid
environment:
http_proxy: ${http_proxy}
https_proxy: ${https_proxy}
volumes:
- "bridgehead-proxy:/var/log/squid"
## Needs internal proxy config
landing:
container_name: bridgehead-landingpage
image: nginx:stable
volumes:
- ../landing/:/usr/share/nginx/html
labels:
- "traefik.enable=true"
- "traefik.http.routers.landing.rule=PathPrefix(`/`)"
- "traefik.http.services.landing.loadbalancer.server.port=80"
- "traefik.http.routers.landing.tls=true"
## Needs internal proxy config
blaze:
image: "samply/blaze:0.16"
container_name: bridgehead-dktk-blaze
environment:
BASE_URL: "http://blaze:8080"
JAVA_TOOL_OPTIONS: "-Xmx4g"
LOG_LEVEL: "debug"
ENFORCE_REFERENTIAL_INTEGRITY: "false"
volumes:
- "blaze-data:/app/data"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.test-auth.basicauth.users=${bc_auth_users}"
- "traefik.http.routers.blaze_dktk.rule=PathPrefix(`/dktk-localdatamanagement`)"
- "traefik.http.middlewares.dktk_b_strip.stripprefix.prefixes=/dktk-localdatamanagement"
- "traefik.http.services.blaze_dktk.loadbalancer.server.port=8080"
- "traefik.http.routers.blaze_dktk.middlewares=dktk_b_strip,test-auth"
- "traefik.http.routers.blaze_dktk.tls=true"
dktk-connector:
image: "samply/share-client:gbn-feature-environmentPreconfiguration"
environment:
POSTGRES_HOST: "dktk-connector-db"
POSTGRES_PASSWORD: "123"
STORE_URL: "http://bridgehead-blaze:8080/fhir"
MDR_URL: "https://mdr.ccp-it.dktk.dkfz.de/v3/api/mdr"
DEPLOYMENT_CONTEXT: "dktk-connector"
volumes:
- "dktk-connector-logs:/usr/local/tomcat/logs"
labels:
- "traefik.enable=true"
- "traefik.http.routers.dktk_connector.rule=PathPrefix(`/dktk-connector`)"
- "traefik.http.services.dktk_connector.loadbalancer.server.port=8080"
- "traefik.http.routers.landing.tls=true"
depends_on:
- "dktk-connector-db"
- "forward_proxy"
restart: "always"
dktk-connector-db:
image: "postgres:10.17"
environment:
POSTGRES_DB: "samply.connector"
POSTGRES_USER: "samply"
POSTGRES_PASSWORD: "123"
volumes:
- "dktk-connector-db-data:/var/lib/postgresql/data"
restart: "always"
# dktk-fed-search-share:
# image: "ghcr.io/samply/dktk-fed-search-share:pr-1"
# container_name: bridgehead_dktk_share
# environment:
# APP_BASE_URL: "http://dktk-fed-search-share:8080"
# APP_STORE_URL: "http://blaze:8080/fhir"
# APP_BROKER_BASEURL: "http://e260-serv-11.inet.dkfz-heidelberg.de:8080/broker/rest/searchbroker"
# APP_BROKER_MAIL: "foo@bar.de"
# APP_STORE_BASEURL: "http://bridgehead_dktk_blaze:8080/fhir"
# SPRING_DATASOURCE_URL: "jdbc:postgresql://dktk-fed-search-share-db:5432/dktk-fed-search-share"
# JAVA_TOOL_OPTIONS: "-Xmx1g"
# http_proxy: "http://www-int2.inet.dkfz-heidelberg.de:3128"
# https_proxy: "http://www-int2.inet.dkfz-heidelberg.de:3128"
# HTTP_PROXY: "http://www-int2.inet.dkfz-heidelberg.de:3128"
# HTTPS_PROXY: "http://www-int2.inet.dkfz-heidelberg.de:3128"
# depends_on:
# - dktk-fed-search-share-db
# - blaze
# labels:
# - "traefik.enable=true"
# - "traefik.http.routers.dktk-fed-search.rule=PathPrefix(`/dktk-connector`)"
# - "traefik.http.services.dktk-fed-search.loadbalancer.server.port=8080"
# dktk-fed-search-share-db:
# image: "postgres:14"
# environment:
# POSTGRES_USER: "dktk-fed-search-share"
# POSTGRES_PASSWORD: "dktk-fed-search-share"
# POSTGRES_DB: "dktk-fed-search-share"
# volumes:
# - "dktk-fed-search-share-db-data:/var/lib/postgresql/data"
volumes:
blaze-data:
dktk-connector-logs:
dktk-connector-db-data:
# dktk-fed-search-share-db-data:

122
dktk/docker-compose.yml
View File

@ -1,122 +0,0 @@
version: "3.7"
volumes:
dktk-connector-db-data:
dktk-connector-logs:
patientlist-db-data:
patientlist-logs:
id-manager-logs:
services:
traefik:
image: traefik:2.4
command:
- --api.insecure=true
- --entrypoints.web.address=:80
- --entrypoints.web-secure.address=:443
- --providers.docker=true
ports:
- 80:80
- 443:443
- 8080:8080
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
landing:
image: nginx:stable
volumes:
- ../landing/:/usr/share/nginx/html
labels:
- "traefik.enable=true"
- "traefik.http.routers.landing.rule=PathPrefix(`/`)"
- "traefik.http.services.landing.loadbalancer.server.port=80"
dktk-connector:
image: "samply/share-client:dktk-feature-environmentPreconfigurationTorben"
environment:
POSTGRES_HOST: "dktk-connector-db"
ID_MANAGER_APIKEY: ${MAGICPL_API_KEY_CONNECTOR}
POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS}
HTTP_PROXY_USER: ${HTTP_PROXY_USER}
HTTP_PROXY_PASSWORD: ${HTTP_PROXY_PASSWORD}
HTTPS_PROXY_USER: ${HTTPS_PROXY_USER}
HTTPS_PROXY_PASSWORD: ${HTTPS_PROXY_PASSWORD}
env_file:
- ../site-config/dktk.env
# Necessary for the connector to successful check the status of other components on the same host
extra_hosts:
- "host.docker.internal:host-gateway"
- "${HOST}:${HOSTIP}"
volumes:
- "dktk-connector-logs:/usr/local/tomcat/logs"
depends_on:
- connector-db
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.dktk_connector.rule=PathPrefix(`/dktk-connector`)"
- "traefik.http.services.dktk_connector.loadbalancer.server.port=8080"
dktk-connector-db:
image: postgres:10.17
environment:
POSTGRES_DB: "share_v2"
POSTGRES_USER: "samplyweb"
POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS}
volumes:
- "dktk-connector-db-data:/var/lib/postgresql/data"
restart: always
id-manager:
image: docker.verbis.dkfz.de/ccp/idmanager:bridgehead-develop
environment:
MAGICPL_SITE: ${SITE}
MAGICPL_MAINZELLISTE_API_KEY: ${MAGICPL_MAINZELLISTE_API_KEY}
MAGICPL_API_KEY: ${MAGICPL_API_KEY}
MAGICPL_API_KEY_CONNECTOR: ${MAGICPL_API_KEY_CONNECTOR}
MAGICPL_MAINZELLISTE_CENTRAL_API_KEY: ${MAGICPL_MAINZELLISTE_CENTRAL_API_KEY}
MAGICPL_CENTRAL_API_KEY: ${MAGICPL_CENTRAL_API_KEY}
MAGICPL_OIDC_CLIENT_ID: ${MAGICPL_OIDC_CLIENT_ID}
MAGICPL_OIDC_CLIENT_SECRET: ${MAGICPL_OIDC_CLIENT_SECRET}
TOMCAT_REVERSEPROXY_FQDN: "${HOST}"
HTTP_PROXY_USER: ${HTTP_PROXY_USER}
HTTP_PROXY_PASSWORD: ${HTTP_PROXY_PASSWORD}
HTTPS_PROXY_USER: ${HTTPS_PROXY_USER}
HTTPS_PROXY_PASSWORD: ${HTTPS_PROXY_PASSWORD}
env_file:
- ../site-config/dktk.env
volumes:
- "id-manager-logs:/usr/local/tomcat/logs"
depends_on:
- patientlist
labels:
- "traefik.http.routers.id-manager.rule=PathPrefix(`/ID-Manager`)"
- "traefik.http.services.id-manager.loadbalancer.server.port=8080"
patientlist:
image: docker.verbis.dkfz.de/ccp/patientlist:bridgehead-develop
environment:
ML_SITE: ${SITE}
ML_API_KEY: ${MAGICPL_MAINZELLISTE_API_KEY}
ML_DB_PASS: ${ML_DB_PASS}
TOMCAT_REVERSEPROXY_FQDN: "${HOST}"
env_file:
- ../site-config/dktk.env
# TODO: Implement automatic seed generation in mainzelliste
- ../site-config/patientlist.env
volumes:
- "patientlist-logs:/usr/local/tomcat/logs"
labels:
- "traefik.http.routers.patientlist.rule=PathPrefix(`/Patientlist`)"
- "traefik.http.services.patientlist.loadbalancer.server.port=8080"
depends_on:
- patientlist-db
patientlist-db:
image: postgres:13.1-alpine
environment:
POSTGRES_DB: mainzelliste
POSTGRES_USER: mainzelliste
POSTGRES_PASSWORD: ${ML_DB_PASS}
TZ: "Europe/Berlin"
volumes:
- "patientlist-db-data:/var/lib/postgresql/data"

0
gbn/gbn.env.dev
View File

444
internal-configuration/magicpl.xml
View File

@ -1,444 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pathconfig [
<!ENTITY localPatientListUrl "MAGICPL_MAINZELLISTE_URL">
<!ENTITY localPatientlistApiKey "MAGICPL_MAINZELLISTE_API_KEY">
<!ENTITY magicplApiKey "MAGICPL_API_KEY">
<!ENTITY magicplApiKeyConnector "MAGICPL_API_KEY_CONNECTOR">
<!ENTITY centralPatientListUrl "MAGICPL_MAINZELLISTE_CENTRAL_URL">
<!ENTITY centralPatientListApiKey "MAGICPL_MAINZELLISTE_CENTRAL_API_KEY">
<!ENTITY centralKNEUrl "MAGICPL_CENTRAL_URL">
<!ENTITY centralKNEApiKey "MAGICPL_CENTRAL_API_KEY">
<!ENTITY site "MAGICPL_SITE">
]>
<pathconfig xmlns="http://www.example.org/Pfade" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.example.org/Pfade magicpl.xsd ">
<paths>
<multipath>
<name>getId</name>
<input>
<iorecord ref="IDAT" name="IDAT"/>
<iosingle ref="extIDs" name="extIDs"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="consented" name="consented"/>
<iosingle ref="auditTrail" name="auditTrail"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<step>
<name>getRequestedId</name>
<parameters/>
<input>
<iorecord ref="IDAT" name="IDAT"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="consented" name="consented"/>
<iosingle ref="auditTrail" name="auditTrail"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<switch>
<evaluator name="de.pseudonymisierung.magicpl.evaluator.IsConsentedEvaluator">
<parameters>
<parameter name="key">consented</parameter>
</parameters>
</evaluator>
<!-- eventuell muss hier andere unterscheidung genommen werden -->
<case value="true">
<multipath>
<name>getDktkIdWithIdat</name>
<parameters/>
<input>
<iorecord ref="IDAT"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="extIDs" name="extIDs"/>
<iosingle ref="consented"/>
<iosingle ref="auditTrail" name="auditTrail"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<step>
<name>getIdToken</name>
<parameters>
<!-- Hier war lokale Pfade URL angegeben, es soll aber eigentlich zentraler KNE aufgerufen werden -->
<parameter name="url">&centralKNEUrl;/paths/getIdToken</parameter>
<parameter name="method">POST</parameter>
<parameter name="apiKey">&centralKNEApiKey;</parameter>
<parameter name="excludeIdTypes">BK_&site;_L-ID</parameter>
<parameter name="excludeIDAT">locallyUniqueId</parameter>
</parameters>
<input>
<iorecord ref="IDAT" name="IDAT"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="tokenId"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.PathClient</implementation>
</step>
<step>
<name>getDktkId</name>
<parameters>
<parameter name="mainzellisteURL">&centralPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&centralPatientListApiKey;</parameter>
<parameter name="mainzellisteApiVersion">3.2</parameter>
</parameters>
<input>
<iosingle ref="tokenId"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteClient</implementation>
</step>
<step>
<name>mapIdStringToExternalId</name>
<parameters>
<parameter name="map">ids->extIDs</parameter>
</parameters>
<input>
<iosingle ref="ids" name="ids"/>
</input>
<output>
<iosingle ref="extIDs" name="extIDs"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.InputMapperProcessor</implementation>
</step>
<step>
<name>getLocalTKTExternalId</name>
<parameters>
<parameter name="mainzellisteURL">&localPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&localPatientlistApiKey;</parameter>
<parameter name="fieldType">plain</parameter>
</parameters>
<input>
<iorecord ref="IDAT" name="IDAT"/>
<iosingle ref="extIDs" name="extIDs"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="tokenId"/>
</output>
<!-- TODO: Implementation für Ticket Erzeugung ohne Kontrolnummer -->
<!-- Wird hier eine neue Klasse benötigt oder kann diese hier entsprechend angepasst werden? -->
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteKNTicketClient</implementation>
</step>
<step>
<name>generateLocalIdExternalId</name>
<parameters>
<parameter name="mainzellisteURL">&localPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&localPatientlistApiKey;</parameter>
<parameter name="mainzellisteApiVersion">3.2</parameter>
<parameter name="idType">BK_&site;_L-ID</parameter>
</parameters>
<input>
<iosingle ref="tokenId"/>
<iosingle ref="extIDs" name="extIDs"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteClient</implementation>
</step>
</multipath>
</case>
<case value="false">
<multipath>
<name>getLocalIdWithIDAT</name>
<input>
<iorecord ref="IDAT" name="IDAT"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="auditTrail" name="auditTrail"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<step>
<name>getTKT</name>
<parameters>
<parameter name="mainzellisteURL">&localPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&localPatientlistApiKey;</parameter>
<parameter name="fieldType">plain</parameter>
</parameters>
<input>
<iorecord ref="IDAT" name="IDAT"/>
<iosingle ref="idTypes" name="idTypes"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="tokenId"/>
</output>
<!-- Wird hier eine neue Klasse benötigt oder kann diese hier entsprechend angepasst werden? -->
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteKNTicketClient</implementation>
</step>
<step>
<name>generateLocalId</name>
<parameters>
<parameter name="mainzellisteURL">&localPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&localPatientlistApiKey;</parameter>
<parameter name="mainzellisteApiVersion">3.2</parameter>
<parameter name="idType">BK_&site;_L-ID</parameter>
</parameters>
<input>
<iosingle ref="tokenId"/>
<iosingle ref="sureness" name="sureness"/>
</input>
<output>
<iosingle ref="ids" name="ids"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteClient</implementation>
</step>
</multipath>
</case>
</switch>
</step>
</multipath>
<multipath>
<name>readPatients</name>
<input>
<iosingle ref="searchIds" name="searchIds"/>
<iosingle ref="resultIds" name="resultIds"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="patients" name="patients"/>
</output>
<step>
<name>DecideLocalOrCentralRequest</name>
<input>
<iosingle ref="searchIds" name="searchIds"/>
<iosingle ref="resultIds" name="resultIds"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="patients" name="patients"/>
</output>
<switch>
<evaluator name="de.pseudonymisierung.magicpl.evaluator.RegexEvaluator">
<parameters>
<parameter name="regex">MDS_\*_G-ID</parameter>
<parameter name="fieldName">resultIds</parameter>
</parameters>
</evaluator>
<case value="true">
<multipath>
<name>readPatientsCentrally</name>
<input>
<iosingle ref="searchIds" name="searchIds"/>
<iosingle ref="resultIds" name="resultIds"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="patients" name="patients"/>
</output>
<step>
<name>createReadTokenCentral</name>
<parameters>
<parameter name="mainzellisteURL">&centralPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&centralPatientListApiKey;</parameter>
<parameter name="ignoredIdTypeCheck">true</parameter>
</parameters>
<input>
<iosingle ref="searchIds" name="searchIds"/>
<iosingle ref="resultIds" name="resultIds"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="tokenId"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteReadTokenClient</implementation>
</step>
<step>
<name>resolveReadTokenCentral</name>
<parameters>
<parameter name="mainzellisteURL">&centralPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&centralPatientListApiKey;</parameter>
</parameters>
<input>
<iosingle ref="tokenId"/>
</input>
<output>
<iosingle ref="patients"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteReadClient</implementation>
</step>
</multipath>
</case>
<case value="false">
<multipath>
<name>readPatientsLocally</name>
<input>
<iosingle ref="searchIds" name="searchIds"/>
<iosingle ref="resultIds" name="resultIds"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="patients" name="patients"/>
</output>
<step>
<name>createReadToken</name>
<parameters>
<parameter name="mainzellisteURL">&localPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&localPatientlistApiKey;</parameter>
<parameter name="ignoredIdTypeCheck">true</parameter>
</parameters>
<input>
<iosingle ref="searchIds" name="searchIds"/>
<iosingle ref="resultIds" name="resultIds"/>
<iosingle ref="auditTrail" name="auditTrail"/>
</input>
<output>
<iosingle ref="tokenId"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteReadTokenClient</implementation>
</step>
<step>
<name>resolveReadToken</name>
<parameters>
<parameter name="mainzellisteURL">&localPatientListUrl;</parameter>
<parameter name="mainzellisteApiKey">&localPatientlistApiKey;</parameter>
</parameters>
<input>
<iosingle ref="tokenId"/>
</input>
<output>
<iosingle ref="patients"/>
</output>
<implementation>de.pseudonymisierung.magicpl.processor.MainzellisteReadClient</implementation>
</step>
</multipath>
</case>
</switch>
</step>
</multipath>
</paths>
<iodefinitions>
<iorecord name="IDAT">
<iosingle name="Vorname"/>
<iosingle name="Nachname"/>
<iosingle name="Fruehere_Namen"/>
<iosingle name="Geburtstag"/>
<iosingle name="Geburtsmonat"/>
<iosingle name="Geburtsjahr"/>
<iosingle name="Staatsangehoerigkeit"/>
<iosingle name="Geschlecht"/>
<!-- external id which will be inputed into paths -->
<iosingle name="locallyUniqueId"/>
</iorecord>
<iosingle name="idTypes" type="ArrayList"/>
<iosingle name="ids"/>
<!-- iosingle for external Ids which will be transferred between two steps -->
<iosingle name="extIDs"/>
<iosingle name="consented"/>
<iosingle name="tokenId"/>
<iosingle name="auditTrail"/>
<iosingle name="searchIds"/>
<iosingle name="resultIds"/>
<iosingle name="patients"/>
<iosingle name="sureness"/>
</iodefinitions>
<authentication>
<client>
<permissions>getId</permissions>
<restrictions>
<restriction path="getId">
<inputRestriction input="idTypes">
<permissibleValues>
<value>DKTK000001950_&site;_L-ID</value>
<value>DKTK000001950_&site;_G-ID</value>
</permissibleValues>
</inputRestriction>
</restriction>
</restrictions>
<roles>DKTK000001950_USER</roles>
</client>
<client>
<permissions>getId</permissions>
<restrictions>
<restriction path="getId">
<inputRestriction input="idTypes">
<permissibleValues>
<value>DKTK000001951_&site;_L-ID</value>
<value>DKTK000001951_&site;_G-ID</value>
</permissibleValues>
</inputRestriction>
</restriction>
</restrictions>
<roles>DKTK000001951_USER</roles>
</client>
<client>
<permissions>getId</permissions>
<restrictions>
<restriction path="getId">
<inputRestriction input="idTypes">
<permissibleValues>
<value>DKTK000001985_&site;_L-ID</value>
<value>DKTK000001985_&site;_G-ID</value>
</permissibleValues>
</inputRestriction>
</restriction>
</restrictions>
<roles>DKTK000001985_USER</roles>
</client>
<client>
<permissions>getId</permissions>
<restrictions>
<restriction path="getId">
<inputRestriction input="idTypes">
<permissibleValues>
<value>DKTK000001986_&site;_L-ID</value>
<value>DKTK000001986_&site;_G-ID</value>
</permissibleValues>
</inputRestriction>
</restriction>
</restrictions>
<roles>DKTK000001986_USER</roles>
</client>
<client>
<permissions>getId</permissions>
<restrictions>
<restriction path="getId">
<inputRestriction input="idTypes">
<permissibleValues>
<value>DKTK999999999_&site;_L-ID</value>
<value>DKTK999999999_&site;_G-ID</value>
</permissibleValues>
</inputRestriction>
</restriction>
</restrictions>
<roles>DKTK999999999_USER</roles>
</client>
<client>
<permissions>getId</permissions>
<restrictions>
<restriction path="getId">
<inputRestriction input="idTypes">
<permissibleValues>
<value>DKTK000002089_&site;_L-ID</value>
<value>DKTK000002089_&site;_G-ID</value>
</permissibleValues>
</inputRestriction>
</restriction>
</restrictions>
<roles>DKTK000002089_USER</roles>
</client>
<client>
<permissions>getId</permissions>
<apiKey>&magicplApiKey;</apiKey>
</client>
<client>
<permissions>readPatients</permissions>
<apiKey>&magicplApiKeyConnector;</apiKey>
</client>
</authentication>
</pathconfig>

37
internal-configuration/nginx.conf
View File

@ -1,37 +0,0 @@
# Konfiguration for the bridgehead
server {
# this is the internal Docker DNS, cache only for 30s
resolver 127.0.0.11 valid=30s;
listen 80;
listen [::]:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $proxy_host;
proxy_set_header X-Forwarded-Proto $scheme;
### Defining the urls like this, will stop nginx from failing on startup if one service isn't started.
set $internal_connector_url http://connector:8080;
set $internal_idmanager_url http://idmanager:8080;
set $internal_patientlist_url http://patientlist:8080;
set $internal_ldm_url http://ldm:8080;
location / {
proxy_pass $internal_connector_url;
}
location /ID-Manager/ {
proxy_pass $internal_idmanager_url;
}
location /Patientlist/ {
proxy_pass $internal_patientlist_url;
}
location /LocalDatamanagement/ {
proxy_pass $internal_ldm_url;
}
}

4
landing/index.html
View File

@ -67,11 +67,11 @@
<tbody>
<tr>
<td>Bridgehead</td>
<td>Reverse Proxy <a href="http://e260-serv-05:8080/">Traefik</a></td>
<td>Reverse Proxy <a href="https://e260-serv-05/dashboard/">Traefik</a></td>
</tr>
<tr>
<td>DKTK</td>
<td><a href="http://e260-serv-05/dktk-localdatamanagement/fhir/">Blaze</a></td>
<td><a href="https://e260-serv-05/dktk-localdatamanagement/fhir/">Blaze</a></td>
</tr>
</tbody>
</table>

1
site-config

@ -1 +0,0 @@
Subproject commit cef02f04b52f4984e0a10560e0335f5248dde9c5