dktk-fed
This commit is contained in:
parent
78a78eecaa
commit
d344afe203
22
README.md
22
README.md
|
@ -1 +1,23 @@
|
||||||
# bridgehead
|
# bridgehead
|
||||||
|
|
||||||
|
This repository contains all tools to deploy a bridgehead with docker. If you have any questions about deploying a bridgehead, please contact us.
|
||||||
|
|
||||||
|
There are some prerequisites, which need to be meet before starting a bridgehead. If you running a Windows or Mac OS machine you should read starting a bridgehead. If you running a Linux machine you can start or install a bridgehead.
|
||||||
|
|
||||||
|
## Setup
|
||||||
|
|
||||||
|
Clone this repository to /srv/docker/
|
||||||
|
|
||||||
|
The first step is to copy the site.conf. It contains some configuration and secrets for your bridgehead.
|
||||||
|
|
||||||
|
With cp site.dev.conf site.conf you can clone the template. You need to set the project accoriding to the which bridgehead you want to start. It's either a GBN/BBMRI-ERIC, DKTK, DKTK-FED or C4 Bridgehead.
|
||||||
|
|
||||||
|
Each Project needs a .env file where all the settings are located. Each Project has a template for it in their respective folder. We offer you to setup the file with and also to manage it.
|
||||||
|
|
||||||
|
### DKTK-FED
|
||||||
|
|
||||||
|
For the DKTK Federate Search put dkkt-fed as project in the site.conf.
|
||||||
|
|
||||||
|
## Starting the bridgehead
|
||||||
|
|
||||||
|
./install_bridgehead
|
|
@ -0,0 +1,52 @@
|
||||||
|
version: "3.7"
|
||||||
|
|
||||||
|
services:
|
||||||
|
traefik:
|
||||||
|
container_name: bridgehead_traefik
|
||||||
|
image: traefik:2.4
|
||||||
|
command:
|
||||||
|
- --api.insecure=true
|
||||||
|
- --entrypoints.web.address=:80
|
||||||
|
- --entrypoints.web-secure.address=:443
|
||||||
|
- --providers.docker=true
|
||||||
|
ports:
|
||||||
|
- 80:80
|
||||||
|
- 443:443
|
||||||
|
- 8080:8080
|
||||||
|
volumes:
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||||
|
- ../auth/:/auth
|
||||||
|
extra_hosts:
|
||||||
|
- "host.docker.internal:host-gateway"
|
||||||
|
|
||||||
|
landing:
|
||||||
|
container_name: bridgehead_landingpage
|
||||||
|
image: nginx:stable
|
||||||
|
volumes:
|
||||||
|
- ../landing/:/usr/share/nginx/html
|
||||||
|
labels:
|
||||||
|
- "traefik.enable=true"
|
||||||
|
- "traefik.http.routers.landing.rule=PathPrefix(`/`)"
|
||||||
|
- "traefik.http.services.landing.loadbalancer.server.port=80"
|
||||||
|
|
||||||
|
blaze:
|
||||||
|
image: "samply/blaze:0.15"
|
||||||
|
container_name: bridgehead_dktk_blaze
|
||||||
|
environment:
|
||||||
|
BASE_URL: "http://blaze:8080"
|
||||||
|
JAVA_TOOL_OPTIONS: "-Xmx4g"
|
||||||
|
LOG_LEVEL: "debug"
|
||||||
|
ENFORCE_REFERENTIAL_INTEGRITY: "false"
|
||||||
|
volumes:
|
||||||
|
- "blaze-data:/app/data"
|
||||||
|
labels:
|
||||||
|
- "traefik.enable=true"
|
||||||
|
- "traefik.http.middlewares.test-auth.basicauth.usersfile=/auth/dktk"
|
||||||
|
- "traefik.http.routers.blaze_dktk.rule=PathPrefix(`/dktk-localdatamanagement`)"
|
||||||
|
- "traefik.http.middlewares.dktk_b_strip.stripprefix.prefixes=/dktk-localdatamanagement"
|
||||||
|
- "traefik.http.services.blaze_dktk.loadbalancer.server.port=8080"
|
||||||
|
- "traefik.http.routers.blaze_dktk.middlewares=dktk_b_strip,test-auth"
|
||||||
|
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
blaze-data:
|
|
@ -0,0 +1,32 @@
|
||||||
|
#!/bin/bash
|
||||||
|
### Note: Currently not complete, needs some features before useable for production
|
||||||
|
|
||||||
|
source lib/functions.sh
|
||||||
|
|
||||||
|
exitIfNotRoot
|
||||||
|
|
||||||
|
if ! ./lib/prerequisites.sh; then
|
||||||
|
log "Prerequisites failed, exiting"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
source site.conf
|
||||||
|
|
||||||
|
echo -e "\nInstalling systemd units ..."
|
||||||
|
cp -v \
|
||||||
|
lib/systemd/bridgehead\@.service \
|
||||||
|
lib/systemd/bridgehead-update\@.service \
|
||||||
|
lib/systemd/bridgehead-update\@.timer \
|
||||||
|
/etc/systemd/system/
|
||||||
|
|
||||||
|
systemctl daemon-reload
|
||||||
|
|
||||||
|
echo
|
||||||
|
|
||||||
|
if ! systemctl is-active --quiet bridgehead@"${project}"; then
|
||||||
|
echo "Enabling autostart of bridgehead@${project}.service"
|
||||||
|
systemctl enable bridgehead@"${project}"
|
||||||
|
echo "Enabling nightly updates for bridgehead@${project}.service ..."
|
||||||
|
systemctl enable --now bridgehead-update@"${project}".timer
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo -e "\nDone - now start your bridgehead by running\n\tsystemctl start bridgehead@${project}.service\nor by rebooting your machine."
|
|
@ -0,0 +1,12 @@
|
||||||
|
#!/bin/bash -e
|
||||||
|
|
||||||
|
exitIfNotRoot() {
|
||||||
|
if [ "$EUID" -ne 0 ]; then
|
||||||
|
echo "Please run as root"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
log() {
|
||||||
|
echo "$(date +'%Y-%m-%d %T')" "$1:" "$2"
|
||||||
|
}
|
|
@ -0,0 +1,88 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
cat > ../landing/index.html <<EOL
|
||||||
|
<html lang="en">
|
||||||
|
|
||||||
|
<head>
|
||||||
|
<meta charset="utf-8">
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||||
|
<meta name="description" content="">
|
||||||
|
<title>Bridgehead Overview</title>
|
||||||
|
<!-- Bootstrap core CSS -->
|
||||||
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet"
|
||||||
|
integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
|
||||||
|
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js"
|
||||||
|
integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p"
|
||||||
|
crossorigin="anonymous"></script>
|
||||||
|
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<body>
|
||||||
|
|
||||||
|
<nav class="navbar navbar-light" style="background-color: #aad7f6;">
|
||||||
|
<h2 class="pb-2 border-bottom">Bridgehead ${site_name}</h2>
|
||||||
|
</nav>
|
||||||
|
<div class="container px-4 py-5" id="featured-3">
|
||||||
|
<div>
|
||||||
|
<h2>Components</h2>
|
||||||
|
<h3>Central</h3>
|
||||||
|
<table class="table">
|
||||||
|
<thead class="thead-dark">
|
||||||
|
<tr>
|
||||||
|
<th style="width: 50%">Group</th>
|
||||||
|
<th style="width: 50%">Service</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
<tr>
|
||||||
|
<td>CCP-IT</td>
|
||||||
|
<td><a href="https://patientlist.ccp-it.dktk.dkfz.de">Zentrale Patientenliste</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>CCP-IT</td>
|
||||||
|
<td><a href="https://decentralsearch.ccp-it.dktk.dkfz.de">Dezentrale Suche</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>CCP-IT</td>
|
||||||
|
<td><a href="https://centralsearch.ccp-it.dktk.dkfz.de">Zentrale Suche</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>CCP-IT</td>
|
||||||
|
<td><a href="https://deployment.ccp-it.dktk.dkfz.de">Deployment-Server</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>CCP-IT</td>
|
||||||
|
<td><a href="https://dktk-kne.kgu.de">Zentraler Kontrollnummernerzeuger</td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div>
|
||||||
|
<h3>Local</h3>
|
||||||
|
<table class="table">
|
||||||
|
<thead class="thead-dark">
|
||||||
|
<tr>
|
||||||
|
<th style="width: 50%">Project</th>
|
||||||
|
<th style="width: 50%">Services</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
<tr>
|
||||||
|
<td>Bridgehead</td>
|
||||||
|
<td>Reverse Proxy <a href="http://e260-serv-05:8080/">Traefik</a></td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>DKTK</td>
|
||||||
|
<td><a href="http://e260-serv-05/dktk-localdatamanagement/fhir/">Blaze</a></td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</div>
|
||||||
|
<footer class="footer mt-auto py-3 ">
|
||||||
|
<a href="https://dktk.dkfz.de/"><img src="https://www.oncoray.de/fileadmin/files/bilder_gruppen/DKTK/Logo_DKTK_neu_2016.jpg" height="10%" width="30%"></a> DKTK 2022
|
||||||
|
</footer>
|
||||||
|
</body>
|
||||||
|
|
||||||
|
</html>
|
||||||
|
EOL
|
|
@ -0,0 +1,54 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
|
||||||
|
## Check if user is a su
|
||||||
|
echo "Welcome to the starting a bridgehead. We will get your instance up and running in no time"
|
||||||
|
echo "First we will check if all prerequisites are met ..."
|
||||||
|
prerequisites="git docker docker-compose cat"
|
||||||
|
for prerequisite in $prerequisites; do
|
||||||
|
$prerequisite --version 2>&1
|
||||||
|
is_available=$?
|
||||||
|
if [ $is_available -gt 0 ]; then
|
||||||
|
log "ERROR" "Prerequisite not fulfilled - $prerequisite is not available!"
|
||||||
|
exit 79
|
||||||
|
fi
|
||||||
|
# TODO: Check for specific version
|
||||||
|
done
|
||||||
|
|
||||||
|
echo "Checking site.conf"
|
||||||
|
|
||||||
|
#check if site.conf is created
|
||||||
|
if [ ! -f site.conf ]; then
|
||||||
|
echo "Please create your specific site.conf file from the site.dev.conf"
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
|
||||||
|
#Load site specific variables
|
||||||
|
source site.conf
|
||||||
|
|
||||||
|
if [ -z "$site_name" ]; then
|
||||||
|
echo "Please set site_name"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Checking site-config module"
|
||||||
|
|
||||||
|
## Download submodule
|
||||||
|
if [ ! -d "site-config" ]; then
|
||||||
|
echo "Please set up the site-config folder. Instruction are in the readme."
|
||||||
|
exit
|
||||||
|
else
|
||||||
|
echo "Site configuration is already loaded"
|
||||||
|
fi
|
||||||
|
|
||||||
|
#Check if a project is selected
|
||||||
|
if [ -z "$project" ]; then
|
||||||
|
echo "No project selected! Please add a Project in your local site.conf."
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
|
||||||
|
#check if project env is present
|
||||||
|
if [ -d "site-config/${project}.env" ]; then
|
||||||
|
echo "Please copy the tempalte from ${project} and put it in the site-config folder"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "All prerequisites are met!"
|
|
@ -0,0 +1,10 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Bridgehead (%i) Update Service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
WorkingDirectory=/srv/docker/bridgehead/
|
||||||
|
ExecStart=/bin/bash -c "/srv/docker/bridgehead/update-bridgehead.sh %i"
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
|
@ -0,0 +1,8 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Nightly Updates of Bridgehead (%i)
|
||||||
|
|
||||||
|
[Timer]
|
||||||
|
OnCalendar=*-*-* 03:00:00
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=basic.target
|
|
@ -0,0 +1,15 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Bridgehead (%i) Service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Restart=always
|
||||||
|
RestartSec=30
|
||||||
|
|
||||||
|
WorkingDirectory=/srv/docker/bridgehead/
|
||||||
|
|
||||||
|
ExecStartPre=/bin/bash -c '`which docker-compose` -f %i/docker-compose.yml --env-file site-config/%i.env down'
|
||||||
|
ExecStart=/bin/bash -c '`which docker-compose` -f %i/docker-compose.yml --env-file site-config/%i.env up'
|
||||||
|
ExecStop=/bin/bash -c '`which docker-compose` -f %i/docker-compose.yml --env-file site-config/%i.env down'
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
|
@ -0,0 +1,11 @@
|
||||||
|
#!/bin/bash
|
||||||
|
### This is the configuration file for secrets, only your site should know
|
||||||
|
|
||||||
|
##Setting Network properties
|
||||||
|
export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}');
|
||||||
|
export HOST=
|
||||||
|
|
||||||
|
export site_name=
|
||||||
|
### Write the Project you want to start with the brigdehead
|
||||||
|
##Exmaple project=dktk-fed
|
||||||
|
export project=
|
|
@ -0,0 +1,18 @@
|
||||||
|
#!/bin/bash
|
||||||
|
### Note: Currently not complete, needs some features before useable for production
|
||||||
|
|
||||||
|
source lib/functions.sh
|
||||||
|
|
||||||
|
if ! lib/prerequisites.sh; then
|
||||||
|
log "Prerequisites failed, exiting"
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
source site.conf
|
||||||
|
|
||||||
|
./lib/generate.sh
|
||||||
|
|
||||||
|
log "Starting bridgehead"
|
||||||
|
|
||||||
|
docker-compose -f ${project}/docker-compose.yml --env-file site-config/${project}.env up -d
|
||||||
|
|
||||||
|
log "The bridgehead should be in online in a few seconds"
|
|
@ -0,0 +1,8 @@
|
||||||
|
#!/bin/bash -e
|
||||||
|
|
||||||
|
source lib/functions.sh
|
||||||
|
source site.conf
|
||||||
|
|
||||||
|
log "Stopping bridgehead"
|
||||||
|
|
||||||
|
docker-compose -f ${project}/docker-compose.yml --env-file site-config/${project}.env down
|
|
@ -0,0 +1,10 @@
|
||||||
|
#!/bin/bash -e
|
||||||
|
|
||||||
|
source site.conf
|
||||||
|
source lib/functions.sh
|
||||||
|
|
||||||
|
echo "Stopping systemd services and removing bridgehead ..."
|
||||||
|
|
||||||
|
systemctl disable --now bridgehead@${project}.service bridgehead-update@${project}.timer bridgehead-update@${project}.service
|
||||||
|
|
||||||
|
rm -v /etc/systemd/system/{bridgehead\@.service,bridgehead-update\@.timer,bridgehead-update\@.service}
|
|
@ -0,0 +1,37 @@
|
||||||
|
#!/bin/bash
|
||||||
|
service="bridgehead"
|
||||||
|
|
||||||
|
source lib/functions.sh
|
||||||
|
|
||||||
|
if ! lib/prerequisites.sh; then
|
||||||
|
log "Prerequisites failed, exiting"
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
|
||||||
|
log "INFO" "Checking for updates of $service"
|
||||||
|
# check prerequisites
|
||||||
|
|
||||||
|
# check if updates are available
|
||||||
|
old_git_hash="$(git rev-parse --verify HEAD)"
|
||||||
|
git fetch 2>&1
|
||||||
|
git pull 2>&1
|
||||||
|
new_git_hash="$(git rev-parse --verify HEAD)"
|
||||||
|
git_updated="false"
|
||||||
|
if [ "$old_git_hash" != "$new_git_hash" ]; then
|
||||||
|
log "INFO" "Pulled new changes from origin"
|
||||||
|
git_updated="true"
|
||||||
|
fi
|
||||||
|
docker_updated="false"
|
||||||
|
for image in $(docker ps --filter "name=$service" --format {{.Image}}); do
|
||||||
|
log "INFO" "Checking for Updates of Image: $image"
|
||||||
|
if docker pull $image | grep "Downloaded newer image"; then
|
||||||
|
log "INFO" "$image updated."
|
||||||
|
docker_updated="true"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
if [ $git_updated = "true" ] || [ $docker_updated = "true" ]; then
|
||||||
|
log "INFO" "Due to previous updates now restarting $service@$1"
|
||||||
|
systemctl restart "$service@$1.service"
|
||||||
|
fi
|
||||||
|
log "INFO" "checking updates finished"
|
||||||
|
exit 0
|
Loading…
Reference in New Issue