From ee61ac3a0356785dbd92a91130fcb0f9c1659235 Mon Sep 17 00:00:00 2001 From: Torben Brenner Date: Wed, 23 Feb 2022 19:31:57 +0100 Subject: [PATCH] refactor: Resorted environment and prepared special images for dktk --- c4/docker-compose.yml | 92 ++-- c4/internal.env | 57 --- dktk/docker-compose.yml | 115 ++--- dktk/internal.env | 56 --- gbn/docker-compose.yml | 10 +- gbn/internal.env | 28 -- init-dev-environment.sh | 40 ++ internal-configuration/bridgehead-common.xml | 13 - .../centralSearchPublicKey.der | Bin 294 -> 0 bytes internal-configuration/magicpl.xml | 444 ------------------ internal-configuration/mainzelliste.conf | 227 --------- internal-configuration/proxy.xml | 21 - site.dev.conf | 20 - 13 files changed, 138 insertions(+), 985 deletions(-) delete mode 100644 c4/internal.env delete mode 100644 dktk/internal.env delete mode 100644 gbn/internal.env create mode 100755 init-dev-environment.sh delete mode 100644 internal-configuration/bridgehead-common.xml delete mode 100644 internal-configuration/centralSearchPublicKey.der delete mode 100644 internal-configuration/magicpl.xml delete mode 100644 internal-configuration/mainzelliste.conf delete mode 100644 internal-configuration/proxy.xml delete mode 100644 site.dev.conf diff --git a/c4/docker-compose.yml b/c4/docker-compose.yml index 0359daa..31ad1f0 100644 --- a/c4/docker-compose.yml +++ b/c4/docker-compose.yml @@ -7,21 +7,10 @@ volumes: idmanager_logs: store_db_data: store_logs: -secrets: - mainzelliste.docker.conf: - file: ../internal-configuration/mainzelliste.conf - magicpl.docker.xml: - file: ../internal-configuration/magicpl.xml - dktk_bridgehead_info.docker.xml: - file: ../internal-configuration/bridgehead-common.xml - centralSearchPublicKey: - file: ../internal-configuration/centralSearchPublicKey.der - proxy.docker.xml: - file: ../internal-configuration/proxy.xml services: traefik: - container_name: bridgehead_traefik + container_name: traefik image: traefik:2.4 command: - --api.insecure=true @@ -41,7 +30,7 @@ services: - /var/run/docker.sock:/var/run/docker.sock:ro landing: - container_name: bridgehead_landingpage + container_name: landingpage image: nginx:stable volumes: - ../landing/:/usr/share/nginx/html @@ -51,15 +40,12 @@ services: - "traefik.http.services.landing.loadbalancer.server.port=80" connector: - container_name: bridgehead_c4_connector - image: docker.verbis.dkfz.de/ccp/connector:3 + container_name: c4-connector + image: "samply/share-client:c4-feature-environmentPreconfigurationTorben" environment: - STORE_URL: http://bridgehead_c4_store:8080 - LDM_URL: http://bridgehead_c4_store:8080 - POSTGRES_HOST: ${CONNECTOR_DB_HOST} + STORE_URL: http://store:8080 + LDM_URL: http://store:8080 POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS} - NNGM_PASSWORD: ${NNGM_PASSWORD} - NNGM_MAINZELLISTE_APIKEY: ${NNGM_MAINZELLISTE_APIKEY} volumes: - "connector_logs:/usr/local/tomcat/logs" labels: @@ -67,53 +53,69 @@ services: - "traefik.http.routers.c4_connector.rule=PathPrefix(`/c4-connector`)" - "traefik.http.services.c4_connector.loadbalancer.server.port=8080" depends_on: - - connector_db + - connector-db restart: always - env_file: - ###TODO: Move into Image - - internal.env - connector_db: - container_name: bridgehead_c4_connector_db + connector-db: + container_name: connector-db image: postgres:10.17 environment: - POSTGRES_HOST: ${CONNECTOR_DB_HOST} + POSTGRES_DB: "share_v2" + POSTGRES_USER: "samplyweb" POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS} volumes: - "connector_db_data:/var/lib/postgresql/data" restart: always - env_file: - ###TODO: Move into Image - - internal.env idmanager: - container_name: bridgehead_idmanager - image: docker.verbis.dkfz.de/ccp/idmanager:deploy-c4 + container_name: idmanager + image: docker.verbis.dkfz.de/ccp/idmanager:bridgehead-develop environment: - TOMCAT_REVERSEPROXY_FQDN: ${HOST}/id-manager + TOMCAT_REVERSEPROXY_FQDN: ${HOST} + MAGICPL_SITE: ${SITE} MAGICPL_MAINZELLISTE_API_KEY: ${MAGICPL_MAINZELLISTE_API_KEY} MAGICPL_API_KEY: ${MAGICPL_API_KEY} MAGICPL_API_KEY_CONNECTOR: ${MAGICPL_API_KEY_CONNECTOR} - MAGICPL_PASSPHRASE: ${MAGICPL_PASSPHRASE} MAGICPL_MAINZELLISTE_CENTRAL_API_KEY: ${MAGICPL_MAINZELLISTE_CENTRAL_API_KEY} MAGICPL_CENTRAL_API_KEY: ${MAGICPL_CENTRAL_API_KEY} MAGICPL_OIDC_CLIENT_ID: ${MAGICPL_OIDC_CLIENT_ID} MAGICPL_OIDC_CLIENT_SECRET: ${MAGICPL_OIDC_CLIENT_SECRET} volumes: - "idmanager_logs:/usr/local/tomcat/logs" - secrets: - - magicpl.docker.xml - - dktk_bridgehead_info.docker.xml - - proxy.docker.xml + depends_on: + - patientlist labels: - - "traefik.http.routers.idmanager.rule=PathPrefix(`/id-manager`)" - - "traefik.http.middlewares.idmanager_strip.stripprefix.prefixes=/id-mana\ - ger" - - "traefik.http.routers.idmanager.middlewares=idmanager_strip" + - "traefik.http.routers.idmanager.rule=PathPrefix(`/ID-Manager`)" - "traefik.http.services.idmanager.loadbalancer.server.port=8080" + + patientlist: + container_name: patientlist + image: docker.verbis.dkfz.de/ccp/patientlist:bridgehead-develop + environment: + ML_SITE: ${SITE} + ML_API_KEY: ${ML_API_KEY} + TOMCAT_REVERSEPROXY_FQDN: ${HOST} env_file: - ###TODO: Move into Image - - internal.env + # TODO: Implement automatic seed generation in mainzelliste + - ../site-config/patientlist.env + volumes: + - "patientlist_logs:/usr/local/tomcat/logs" + labels: + - "traefik.http.routers.patientlist.rule=PathPrefix(`/Patientlist`)" + - "traefik.http.services.patientlist.loadbalancer.server.port=8080" + depends_on: + - patientlist-db + + patientlist-db: + container_name: patientlist-db + image: postgres:13.1-alpine + environment: + POSTGRES_DB: mainzelliste + POSTGRES_USER: mainzelliste + POSTGRES_PASSWORD: ${ML_DB_PASS} + TZ: "Europe/Berlin" + volumes: + - "patientlist_db_data:/var/lib/postgresql/data" store: container_name: bridgehead_c4_store @@ -152,4 +154,4 @@ services: restart: always env_file: ###TODO: Move into Image - - internal.env \ No newline at end of file + - internal.env diff --git a/c4/internal.env b/c4/internal.env deleted file mode 100644 index edb04ef..0000000 --- a/c4/internal.env +++ /dev/null @@ -1,57 +0,0 @@ -SITE=bridgehead_test -SITEID=BRIDGEHEAD_TEST - -TOMCAT_REVERSEPROXY_FQDN=${HOST}/c4-connector -DEPLOYMENT_CONTEXT=c4-connector - -CONNECTOR_SHARE_URL="http://${HOST}:8080" -CONNECTOR_ENABLE_METRICS=false -CONNECTOR_MONITOR_INTERVAL= -CONNECTOR_UPDATE_SERVER= - -POSTGRES_PORT=5432 -POSTGRES_DB=samply.connector -POSTGRES_USER=samply.connector - -HTTP_PROXY_HOST=${PROXY_URL} -HTTP_PROXY_USER= -HTTP_PROXY_PASSWORD= -HTTPS_PROXY_HOST=${PROXY_URL} -HTTPS_PROXY_USER= -HTTPS_PROXY_PASSWORD= -HTTP_PROXY=${PROXY_URL} -HTTPS_PROXY=${PROXY_URL} -http_proxy=${PROXY_URL} -https_proxy=${PROXY_URL} - -CCP_CENTRALSEARCH_URL=https://centralsearch-test.dktk.dkfz.de/ -CENTRAL_SEARCH=https://centralsearch-test.dktk.dkfz.de/ -CCP_DECENTRALSEARCH_URL=https://decentralsearch-test.ccp-it.dktk.dkfz.de/ -DECENTRAL_SEARCH=https://decentralsearch-test.ccp-it.dktk.dkfz.de/ - -CCP_MDR_URL=https://mdr.ccp-it.dktk.dkfz.de/v3/api/mdr -MDR_URL=https://mdr.ccp-it.dktk.dkfz.de/v3/api/mdr -CCP_MONITOR_URL= -MONITOR_OPTOUT= - -## nNGM -#NNGM_URL=http://bridgeheadstore:8080 -#NNGM_PROFILE=http://uk-koeln.de/fhir/StructureDefinition/Patient/nNGM/pseudonymisiert -#NNGM_MAINZELLISTE_URL=https://test.verbis.dkfz.de/mpl - -##MDR -MDR_NAMESPACE=adt,dktk,marker -#MDR_MAP= -MDR_VALIDATION=false - -ML_DB_NAME=mainzelliste -ML_DB_PORT=5432 -ML_DB_USER=mainzelliste - -CENTRAL_CONTROL_NUMBER_GENERATPR_URL=http://e260-serv-03/central/api -GLOBAL_ID=DKTK -MAINZELLISTE_URL=https://patientlist-test.ccpit.dktk.dkfz.de/mainzelliste - -NNGM_URL=https://test.anforderung.nngm.de/trial/nNGMv09/import-fb -NNGM_PROFILE=http://uk-koeln.de/fhir/StructureDefinition/Patient/nNGM/pseudonymisiert -NNGM_MAINZELLISTE_URL=https://test.verbis.dkfz.de/mpl diff --git a/dktk/docker-compose.yml b/dktk/docker-compose.yml index eeb0029..21e96c9 100644 --- a/dktk/docker-compose.yml +++ b/dktk/docker-compose.yml @@ -7,32 +7,16 @@ volumes: idmanager_logs: store_db_data: store_logs: -secrets: - mainzelliste.docker.conf: - file: ../internal-configuration/mainzelliste.conf - magicpl.docker.xml: - file: ../internal-configuration/magicpl.xml - dktk_bridgehead_info.docker.xml: - file: ../internal-configuration/bridgehead-common.xml - centralSearchPublicKey: - file: ../internal-configuration/centralSearchPublicKey.der - proxy.docker.xml: - file: ../internal-configuration/proxy.xml services: traefik: - container_name: bridgehead_traefik + container_name: traefik image: traefik:2.4 command: - --api.insecure=true - --entrypoints.web.address=:80 - --entrypoints.web-secure.address=:443 - --providers.docker=true - environment: - http_proxy: "" - HTTP_PROXY: "" - https_proxy: "" - HTTPS_PROXY: "" ports: - 80:80 - 443:443 @@ -41,7 +25,7 @@ services: - /var/run/docker.sock:/var/run/docker.sock:ro landing: - container_name: bridgehead_landingpage + container_name: landingpage image: nginx:stable volumes: - ../landing/:/usr/share/nginx/html @@ -51,101 +35,94 @@ services: - "traefik.http.services.landing.loadbalancer.server.port=80" connector: - container_name: bridgehead_dktk_connector - image: "samply/share-client:dktk-7" + image: "samply/share-client:dktk-feature-environmentPreconfigurationTorben" environment: - TOMCAT_REVERSEPROXY_FQDN: ${HOST}/dktk-connector - DEPLOYMENT_CONTEXT: dktk-connector - STORE_URL: ${STORE_URL} - POSTGRES_HOST: ${CONNECTOR_DB_HOST} - POSTGRES_PASS: ${CONNECTOR_POSTGRES_PASS} + ID_MANAGER_APIKEY: ${MAGICPL_API_KEY_CONNECTOR} + POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS} + HTTP_PROXY_USER: ${HTTP_PROXY_USER} + HTTP_PROXY_PASSWORD: ${HTTP_PROXY_PASSWORD} + HTTPS_PROXY_USER: ${HTTPS_PROXY_USER} + HTTPS_PROXY_PASSWORD: ${HTTPS_PROXY_PASSWORD} + env_file: + - ../site-config/dktk.env + # Necessary for the connector to successful check the status of other components on the same host + extra_hosts: + - "host.docker.internal:host-gateway" + - "${HOST}:${HOSTIP}" volumes: - "connector_logs:/usr/local/tomcat/logs" depends_on: - - connector_db + - connector-db restart: always labels: - "traefik.enable=true" - "traefik.http.routers.dktk_connector.rule=PathPrefix(`/dktk-connector`)" - "traefik.http.services.dktk_connector.loadbalancer.server.port=8080" - env_file: - ###TODO: Move into Image - - internal.env - connector_db: - container_name: bridgehead_dktk_connector_db + connector-db: image: postgres:10.17 environment: - POSTGRES_HOST: ${CONNECTOR_DB_HOST} + POSTGRES_DB: "share_v2" + POSTGRES_USER: "samplyweb" POSTGRES_PASSWORD: ${CONNECTOR_POSTGRES_PASS} volumes: - "connector_db_data:/var/lib/postgresql/data" restart: always - env_file: - ###TODO: Move into Image - - internal.env - idmanager: - container_name: bridgehead_id-manager - image: docker.verbis.dkfz.de/pseudonymisierung/magicpl:release-0.2.0 + id-manager: + container_name: id-manager + image: docker.verbis.dkfz.de/ccp/idmanager:bridgehead-develop environment: - TOMCAT_REVERSEPROXY_FQDN: ${HOST} - DEPLOYMENT_CONTEXT: id-manager - MAGICPL_SITE: ${SITEID} + MAGICPL_SITE: ${SITE} MAGICPL_MAINZELLISTE_API_KEY: ${MAGICPL_MAINZELLISTE_API_KEY} MAGICPL_API_KEY: ${MAGICPL_API_KEY} MAGICPL_API_KEY_CONNECTOR: ${MAGICPL_API_KEY_CONNECTOR} - MAGICPL_PASSPHRASE: ${MAGICPL_PASSPHRASE} MAGICPL_MAINZELLISTE_CENTRAL_API_KEY: ${MAGICPL_MAINZELLISTE_CENTRAL_API_KEY} MAGICPL_CENTRAL_API_KEY: ${MAGICPL_CENTRAL_API_KEY} MAGICPL_OIDC_CLIENT_ID: ${MAGICPL_OIDC_CLIENT_ID} MAGICPL_OIDC_CLIENT_SECRET: ${MAGICPL_OIDC_CLIENT_SECRET} - TZ: Europe/Berlin + TOMCAT_REVERSEPROXY_FQDN: "${PROTOCOL}://${HOST}:${PORT}" + HTTP_PROXY_USER: ${HTTP_PROXY_USER} + HTTP_PROXY_PASSWORD: ${HTTP_PROXY_PASSWORD} + HTTPS_PROXY_USER: ${HTTPS_PROXY_USER} + HTTPS_PROXY_PASSWORD: ${HTTPS_PROXY_PASSWORD} + env_file: + - ../site-config/dktk.env volumes: - "idmanager_logs:/usr/local/tomcat/logs" - secrets: - - magicpl.docker.xml - - dktk_bridgehead_info.docker.xml - - proxy.docker.xml depends_on: - patientlist labels: - - "traefik.http.routers.idmanager.rule=PathPrefix(`/id-manager`)" - - "traefik.http.services.idmanager.loadbalancer.server.port=8080" - env_file: - ###TODO: Move into Image - - internal.env + - "traefik.http.routers.id-manager.rule=PathPrefix(`/ID-Manager`)" + - "traefik.http.services.id-manager.loadbalancer.server.port=8080" patientlist: - container_name: bridgehead_patientlist - image: medicalinformatics/mainzelliste:develop + container_name: patientlist + image: docker.verbis.dkfz.de/ccp/patientlist:bridgehead-develop environment: + ML_SITE: ${SITE} + ML_API_KEY: ${MAGICPL_MAINZELLISTE_API_KEY} ML_DB_PASS: ${ML_DB_PASS} - ML_API_KEY: ${ML_API_KEY} - ML_SITE: ${SITEID} - TOMCAT_REVERSEPROXY_FQDN: ${HOST} - DEPLOYMENT_CONTEXT: patientlist + TOMCAT_REVERSEPROXY_FQDN: "${PROTOCOL}://${HOST}:${PORT}" env_file: + - ../site-config/dktk.env + # TODO: Implement automatic seed generation in mainzelliste - ../site-config/patientlist.env - - internal.env volumes: - "patientlist_logs:/usr/local/tomcat/logs" - secrets: - - mainzelliste.docker.conf - - centralSearchPublicKey labels: - - "traefik.http.routers.patientlist.rule=PathPrefix(`/patientlist`)" + - "traefik.http.routers.patientlist.rule=PathPrefix(`/Patientlist`)" - "traefik.http.services.patientlist.loadbalancer.server.port=8080" depends_on: - - patientlist_db + - patientlist-db - patientlist_db: - container_name: bridgehead_dktk_patientlist_db + patientlist-db: + container_name: patientlist-db image: postgres:13.1-alpine environment: + POSTGRES_DB: mainzelliste + POSTGRES_USER: mainzelliste POSTGRES_PASSWORD: ${ML_DB_PASS} + TZ: "Europe/Berlin" volumes: - "patientlist_db_data:/var/lib/postgresql/data" - env_file: - ###TODO: Move into Image - - internal.env diff --git a/dktk/internal.env b/dktk/internal.env deleted file mode 100644 index 239a649..0000000 --- a/dktk/internal.env +++ /dev/null @@ -1,56 +0,0 @@ -CONNECTOR_SHARE_URL="http://${HOST}:8080" -CONNECTOR_ENABLE_METRICS=false -CONNECTOR_MONITOR_INTERVAL= -CONNECTOR_UPDATE_SERVER= - -POSTGRES_PORT=5432 -POSTGRES_DB=samply.connector -POSTGRES_USER=samply.connector - -HTTP_PROXY_HOST=${PROXY_URL} -HTTP_PROXY_USER= -HTTP_PROXY_PASSWORD= -HTTPS_PROXY_HOST=${PROXY_URL} -HTTPS_PROXY_USER= -HTTPS_PROXY_PASSWORD= -HTTP_PROXY=${PROXY_URL} -HTTPS_PROXY=${PROXY_URL} -http_proxy=${PROXY_URL} -https_proxy=${PROXY_URL} - -CCP_CENTRALSEARCH_URL=https://centralsearch-test.dktk.dkfz.de/ -CCP_DECENTRALSEARCH_URL=https://decentralsearch-test.ccp-it.dktk.dkfz.de/ - -CCP_MDR_URL=https://mdr.ccp-it.dktk.dkfz.de/v3/api/mdr -CCP_MONITOR_URL= -MONITOR_OPTOUT= - -## nNGM -#NNGM_URL=http://bridgeheadstore:8080 -#NNGM_PROFILE=http://uk-koeln.de/fhir/StructureDefinition/Patient/nNGM/pseudonymisiert -#NNGM_MAINZELLISTE_URL=https://test.verbis.dkfz.de/mpl - -##MDR -MDR_NAMESPACE=adt,dktk,marker -#MDR_MAP= -MDR_VALIDATION=false - -ML_DB_HOST=bridgehead_dktk_patientlist_db -ML_DB_NAME=samply.connector -ML_DB_PORT=5432 -ML_DB_USER=samply.connector - -CENTRAL_CONTROL_NUMBER_GENERATPR_URL=http://e260-serv-03/central/api -GLOBAL_ID=DKTK -MAINZELLISTE_URL=https://patientlist-test.ccpit.dktk.dkfz.de/mainzelliste -ML_DB_DRIVER=org.postgresql.Driver -ML_DB_TYPE=postgresql - -ML_LOG_LEVEL=warning -TZ=Europe/Berlin - -MAGICPL_LOG_LEVEL=info -MAGICPL_MAINZELLISTE_URL=http://patientlist:8080/patientlist -MAGICPL_MAINZELLISTE_CENTRAL_URL=http://e260-serv-03/central/mainzelliste -MAGICPL_CENTRAL_URL=http://e260-serv-03/central/api -MAGICPL_OIDC_PROVIDER=https://auth-test.ccp-it.dktk.dkfz.de diff --git a/gbn/docker-compose.yml b/gbn/docker-compose.yml index e3b7b54..ce56861 100644 --- a/gbn/docker-compose.yml +++ b/gbn/docker-compose.yml @@ -8,7 +8,7 @@ volumes: services: traefik: - container_name: bridgehead_traefik + container_name: traefik image: traefik:2.4 command: - --api.insecure=true @@ -28,7 +28,7 @@ services: - /var/run/docker.sock:/var/run/docker.sock:ro landing: - container_name: bridgehead_landingpage + container_name: landingpage image: nginx:stable volumes: - ../landing/:/usr/share/nginx/html @@ -56,8 +56,8 @@ services: restart: "always" connector: - container_name: "bridgehead_gbn_connector" - image: "samply/share-client:gbn-7" + container_name: connector + image: "samply/share-client:gbn-feature-environmentPreconfigurationTorben" environment: POSTGRES_HOST: "bridgehead_gbn_connector_db" POSTGRES_PASS: ${CONNECTOR_POSTGRES_PASS} @@ -85,4 +85,4 @@ services: restart: "always" env_file: ###TODO: Move into Image - - internal.env \ No newline at end of file + - internal.env diff --git a/gbn/internal.env b/gbn/internal.env deleted file mode 100644 index 57806f0..0000000 --- a/gbn/internal.env +++ /dev/null @@ -1,28 +0,0 @@ -POSTGRES_DB=samply.connector -POSTGRES_USER=samply -QUERY_LANGUAGE=CQL -CONNECTOR_SHARE_URL="http://${HOST}:8080" -MDR_URL="https://mdr.germanbiobanknode.de/v3/api/mdr" -MONITOR_URL=https://ccpit.dktk.dkfz.de/dktk.monitor/rest/info -no_proxy=bridgehead_gbn_connector,bridgehead_gbn_blaze_store,bridgehead_gbn_connector_db -TOMCAT_REVERSEPROXY_FQDN=${HOST}/gbn-connector -DEPLOYMENT_CONTEXT=gbn-connector -CONNECTOR_MONITOR_INTERVAL= -CONNECTOR_UPDATE_SERVER= -feature_BBMRI_DIRECTORY_SYNC=false -feature_DKTK_CENTRAL_SEARCH=false -feature_NNGM_CTS=false -LOG_LEVEL=info - -HTTP_PROXY_HOST=${PROXY_URL} -HTTP_PROXY_USER= -HTTP_PROXY_PASSWORD= -HTTPS_PROXY_HOST=${PROXY_URL} -HTTPS_PROXY_USER= -HTTPS_PROXY_PASSWORD= -HTTP_PROXY=${PROXY_URL} -HTTPS_PROXY=${PROXY_URL} -http_proxy=${PROXY_URL} -https_proxy=${PROXY_URL} - -CONNECTOR_ENABLE_METRICS=false diff --git a/init-dev-environment.sh b/init-dev-environment.sh new file mode 100755 index 0000000..13385b7 --- /dev/null +++ b/init-dev-environment.sh @@ -0,0 +1,40 @@ +#!/bin/bash +### This configuration file is intended for fast setup of a developers testenvironment. +### The settings made here are normally placed in the system units configuration. +### Refer to the readme on how to do this. +### On long term we want to move those to a zero knowledge passwort manager like bitwarden. + +### Configuration for Network Properties +# needed by the connector to resolve hosts address for ui-links and service status checks +export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}'); +# needed for the reverse proxy configuration of the services +export HOST=$(hostname) +# additional information about the local proxy if necessary +export HTTP_PROXY_USER="" +export HTTP_PROXY_PASSWORD="" +export HTTPS_PROXY_USER="" +export HTTPS_PROXY_PASSWORD="" + +### Configuration for Connector Secrets +# the password of database connector-db +export CONNECTOR_POSTGRES_PASS=pleaseChangeThis1 + +### Configuration for ID-Management Secrets +# the password of database patientlist-db +export ML_DB_PASS=pleaseChangeThis2 + +# the apikey of the localdatamanagement for the patientlist +export MAGICPL_API_KEY=pleaseChangeThis3 +# the apikey of the id-manager for the patientlist +export MAGICPL_MAINZELLISTE_API_KEY=pleaseChangeThis4 +# the apikey of the connector for the patientlist +export MAGICPL_API_KEY_CONNECTOR=pleaseChangeThis5 + +# the apikey of the id-manager for the central patientlist +export MAGICPL_MAINZELLISTE_CENTRAL_API_KEY=dktk[CentralS3cr3tKey]KNE; +# the apikey of the id-manager for the controlnumbergenerator +export MAGICPL_CENTRAL_API_KEY=dguQJ5IoqUrxCF8fNl6fOl2YvsZAVB1Y; +# client-id used for autheticating users in central ccp-authentication service +export MAGICPL_OIDC_CLIENT_ID=bridgehead-developers; +# client-secret used for autheticating users in central ccp-authentication service +export MAGICPL_OIDC_CLIENT_SECRET=1de49kn2j36qom15n7vkrve0g7pgh1f5p7v945pkl2hesak74bgek657tgi6or1hu5ji3m9lfrbhfa0g3haq18ebe205al4uoig9ii5; diff --git a/internal-configuration/bridgehead-common.xml b/internal-configuration/bridgehead-common.xml deleted file mode 100644 index c210e42..0000000 --- a/internal-configuration/bridgehead-common.xml +++ /dev/null @@ -1,13 +0,0 @@ - - - - Brückenkopf - DKTK Brückenkopf Teststandort - MAGICPL_SITE - NOT_USED - string -NOT_USED - NOT_USED - string - QUERY - diff --git a/internal-configuration/centralSearchPublicKey.der b/internal-configuration/centralSearchPublicKey.der deleted file mode 100644 index 8f3e74cb1f1a3780313895517e190d465636b49c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 294 zcmV+>0ondAf&n5h4F(A+hDe6@4FLfG1potr0S^E$f&mHwf&l>l@nLuEK#1N)Tv!M;ba;%H@9S5r3T59 zZ_11@v(S6%IBCaiW85SP_OXWRX>sPubk){4 - - - - - - - - - -]> - - - - getId - - - - - - - - - - - - - getRequestedId - - - - - - - - - - - - - - - consented - - - - - - getDktkIdWithIdat - - - - - - - - - - - - - - getIdToken - - - ¢ralKNEUrl;/paths/getIdToken - POST - ¢ralKNEApiKey; - BK_&site;_L-ID - locallyUniqueId - - - - - - - - - - de.pseudonymisierung.magicpl.processor.PathClient - - - getDktkId - - ¢ralPatientListUrl; - ¢ralPatientListApiKey; - 3.2 - - - - - - - - - de.pseudonymisierung.magicpl.processor.MainzellisteClient - - - mapIdStringToExternalId - - ids->extIDs - - - - - - - - de.pseudonymisierung.magicpl.processor.InputMapperProcessor - - - getLocalTKTExternalId - - &localPatientListUrl; - &localPatientlistApiKey; - plain - - - - - - - - - - - - - de.pseudonymisierung.magicpl.processor.MainzellisteKNTicketClient - - - generateLocalIdExternalId - - &localPatientListUrl; - &localPatientlistApiKey; - 3.2 - BK_&site;_L-ID - - - - - - - - - - de.pseudonymisierung.magicpl.processor.MainzellisteClient - - - - - - getLocalIdWithIDAT - - - - - - - - - - - getTKT - - &localPatientListUrl; - &localPatientlistApiKey; - plain - - - - - - - - - - - de.pseudonymisierung.magicpl.processor.MainzellisteKNTicketClient - - - generateLocalId - - &localPatientListUrl; - &localPatientlistApiKey; - 3.2 - BK_&site;_L-ID - - - - - - - - - de.pseudonymisierung.magicpl.processor.MainzellisteClient - - - - - - - - readPatients - - - - - - - - - - DecideLocalOrCentralRequest - - - - - - - - - - - - MDS_\*_G-ID - resultIds - - - - - readPatientsCentrally - - - - - - - - - - createReadTokenCentral - - ¢ralPatientListUrl; - ¢ralPatientListApiKey; - true - - - - - - - - - - de.pseudonymisierung.magicpl.processor.MainzellisteReadTokenClient - - - resolveReadTokenCentral - - ¢ralPatientListUrl; - ¢ralPatientListApiKey; - - - - - - - - de.pseudonymisierung.magicpl.processor.MainzellisteReadClient - - - - - - readPatientsLocally - - - - - - - - - - createReadToken - - &localPatientListUrl; - &localPatientlistApiKey; - true - - - - - - - - - - de.pseudonymisierung.magicpl.processor.MainzellisteReadTokenClient - - - resolveReadToken - - &localPatientListUrl; - &localPatientlistApiKey; - - - - - - - - de.pseudonymisierung.magicpl.processor.MainzellisteReadClient - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - getId - - - - - DKTK000001950_&site;_L-ID - DKTK000001950_&site;_G-ID - - - - - DKTK000001950_USER - - - getId - - - - - DKTK000001951_&site;_L-ID - DKTK000001951_&site;_G-ID - - - - - DKTK000001951_USER - - - getId - - - - - DKTK000001985_&site;_L-ID - DKTK000001985_&site;_G-ID - - - - - DKTK000001985_USER - - - getId - - - - - DKTK000001986_&site;_L-ID - DKTK000001986_&site;_G-ID - - - - - DKTK000001986_USER - - - getId - - - - - DKTK999999999_&site;_L-ID - DKTK999999999_&site;_G-ID - - - - - DKTK999999999_USER - - - getId - - - - - DKTK000002089_&site;_L-ID - DKTK000002089_&site;_G-ID - - - - - DKTK000002089_USER - - - getId - &magicplApiKey; - - - readPatients - &magicplApiKeyConnector; - - - diff --git a/internal-configuration/mainzelliste.conf b/internal-configuration/mainzelliste.conf deleted file mode 100644 index d123a5a..0000000 --- a/internal-configuration/mainzelliste.conf +++ /dev/null @@ -1,227 +0,0 @@ -# For a comprehensive documentation of configuration parameters see the configuration manual -# ("Konfigurationshandbuch"). - -# debug mode: If set to true, token handling is disabled (i.e. no tokens are necessary). -debug = false - -# Name of this mainzelliste distribution instance. -dist = Lokale Patientenliste der CCP-IT am Standort ML_SITE - -# Database setup -db.driver = ML_DB_DRIVER -db.url = jdbc:ML_DB_TYPE://ML_DB_HOST:ML_DB_PORT/ML_DB_NAME -db.username = ML_DB_USER -db.password = ML_DB_PASS - -# Logging -# By default, logs are written to stdout -gcp.audittrail = true - -# Field definitions -field.Vorname.type = PlainTextField -field.Nachname.type = PlainTextField -field.Fruehere_Namen.type = PlainTextField -field.Geburtstag.type = IntegerField -field.Geburtsmonat.type = IntegerField -field.Geburtsjahr.type = IntegerField -field.Staatsangehoerigkeit.type = PlainTextField -field.Geschlecht.type = PlainTextField -field.locallyUniqueId.type = PlainTextField - -# Server-side validation -validator.field.Vorname.required = true -validator.field.Nachname.required = true -validator.field.Geburtstag.required = true -validator.field.Geburtsmonat.required = true -validator.field.Geburtsjahr.required = true - -validator.field.Vorname.format = [A-Za-zäÄöÖüÜß\\.\\-' ]*[A-Za-zäÄöÖüÜß]+[A-Za-zäÄöÖüÜß\\.\\-' ]* -validator.field.Nachname.format = [A-Za-zäÄöÖüÜß\\.\\-' ]*[A-Za-zäÄöÖüÜß]+[A-Za-zäÄöÖüÜß\\.\\-' ]* -validator.field.Fruehere_Namen.format = [A-Za-zäÄöÖüÜß\\.\\-' ]*[A-Za-zäÄöÖüÜß]+[A-Za-zäÄöÖüÜß\\.\\-' ]* - -# Date validation: -validator.date.0.fields = Geburtstag, Geburtsmonat, Geburtsjahr -validator.date.0.format = ddMMyyyy - -# Exchange groups -# An exchange group denotes a set of fields whose values are considered interchangeable. -# The matcher (currently only EpilinkMatcher) compares the fields in each exchange group to -# all of its permutations and uses the best matching combination for final decision. -exchangeGroup.0 = Vorname, Nachname, Fruehere_Namen - -# Field transformations -# -# Transformations for a field {fieldname} are defined by -# field.{fieldname}.transformers = {transformerlist}, where -# transformerlist is a comma-separated list of names of subclasses of FieldTransformer. -field.Vorname.transformers = StringNormalizer, FirstNameDecomposer -field.Nachname.transformers = StringNormalizer, GermanLastNameDecomposer -field.Fruehere_Namen.transformers = StringNormalizer, GermanLastNameDecomposer - -# field comparators -field.Vorname.comparator = NGramComparator -field.Nachname.comparator = NGramComparator -field.Fruehere_Namen.comparator = NGramComparator - -field.Geburtstag.comparator = BinaryFieldComparator -field.Geburtsmonat.comparator = BinaryFieldComparator -field.Geburtsjahr.comparator = BinaryFieldComparator - -field.Staatsangehoerigkeit.comparator = BinaryFieldComparator -field.Geschlecht.comparator = BinaryFieldComparator - -# Matcher definition -# Property matcher defines the class name of the matcher to use, which must be a subclass -# of Matcher. Currently only EpilinkMatcher and NullMatcher are supported. -matcher = EpilinkMatcher - -# Config for Epilink Matcher -# -# matcher.epilink.{fieldname}.frequency: Defines the assumed mean frequency of values -# for field {fieldname}. This corresponds to the u-probability in the Fellegi-Sunter-Model -# and can be estimated by the reciprocal of the number of distinct values (i.e. the -# frequency of "month" is 1 / 12). -matcher.epilink.Vorname.frequency = 0.000235 -matcher.epilink.Nachname.frequency = 0.0000271 -matcher.epilink.Fruehere_Namen.frequency = 0.0000271 - -# 1 / 30 (approximate average number of days in a month) -matcher.epilink.Geburtstag.frequency = 0.0333 -# 1 / 12 -matcher.epilink.Geburtsmonat.frequency = 0.0833 -# example value: birth years for an age range of 35 years (40 - 75). -matcher.epilink.Geburtsjahr.frequency = 0.0286 - -# Berechnungsgrundlage: 193 anerkannte + 13 umstrittene Staaten (Quelle: Wikipedia) -> ca. 1 / 200 -matcher.epilink.Staatsangehoerigkeit.frequency = 0.005 -matcher.epilink.Geschlecht.frequency = 0.5 - -# matcher.epilink.{fieldname}.error_rate defines the assumed error_rate for -# field {fieldname} (1 - m-probability) -# -# The supplied number stem from the evaluation of a German cancer registry -matcher.epilink.Vorname.errorRate = 0.01 -matcher.epilink.Nachname.errorRate = 0.008 -matcher.epilink.Fruehere_Namen.errorRate = 0.008 -matcher.epilink.Geburtstag.errorRate = 0.005 -matcher.epilink.Geburtsmonat.errorRate = 0.002 -matcher.epilink.Geburtsjahr.errorRate = 0.004 -matcher.epilink.Staatsangehoerigkeit.errorRate = 0.04 -matcher.epilink.Geschlecht.errorRate = 0.04 - -# matcher.epilink.threshold.match: Defines the minimum weight (in the interval [0,1]) -# for which a pair of records is considered a definite match. -# -# matcher.epilink.threshold_non_match: Defines the weight (in the interval [0,1]) -# below which a pair of records is considered a definite non-match. Must be less than or equal -# to matcher.epilink.threshold_match. -# -# Record pairs with a weight w with threshold_non_match <= w < threshold_match are -# considered possible matches and lead to a tentative PID. -matcher.epilink.threshold_match = 0.95 -matcher.epilink.threshold_non_match = 0.65 - -# Blocking -# The blocking strategy choice depends on the field types after the transformation. -# If compound fields are passed to the blocker, whether created by a field transformation or as input fields, -# the type of the subfields is the one that is relevant for the blocking. -# If exchange groups are used, only one of the fieldnames should be given here. The blocker is applied to -# the other fields as well. - -# Use Soundex for PlainText fields -blocking.soundex.type = Soundex -blocking.soundex.fields = Vorname, Nachname, Fruehere_Namen - -# Use FieldEquality e.g. for birthday based blocking -# This can be combined with Soundex blocking. -blocking.dob.type = FieldEquality -blocking.dob.fields = Geburtstag, Geburtsmonat, Geburtsjahr - -# Servers (apiKey and permission definition) -servers.0.apiKey = ML_API_KEY -servers.0.permissions = createSession;showSessionIds;deleteAllPatients;createToken;tt_addPatient;tt_readPatients;tt_editPatient;readConfiguration -# TODO: Reduce to bridgeheads ip -servers.0.allowedRemoteAdresses = 0.0.0.0/0 - -# Allowed format of the callback -callback.allowedFormat = https://.* -callback.allowSelfsigned = false - -# IdGenerators -idgenerators = BK_ML_SITE_L-ID, MDS_ML_SITE_L-ID, BK_ML_SITE_G-ID, locallyUniqueId, DKTK000001985_ML_SITE_L-ID, DKTK000001985_ML_SITE_G-ID, DKTK000001986_ML_SITE_L-ID, DKTK000001986_ML_SITE_G-ID, DKTK000001950_ML_SITE_L-ID, DKTK000001950_ML_SITE_G-ID, DKTK000001951_ML_SITE_L-ID, DKTK000001951_ML_SITE_G-ID, DKTK999999999_ML_SITE_L-ID, DKTK999999999_ML_SITE_G-ID, DKTK000002089_ML_SITE_L-ID, DKTK000002089_ML_SITE_G-ID - -idgenerators.eagerGeneration = false - -# Configuration of the local and global BK Pseudonymes -idgenerator.BK_ML_SITE_L-ID = PIDGenerator -idgenerator.BK_ML_SITE_L-ID.k1 = ML_BK_IDGENERATOR_RANDOM_1 -idgenerator.BK_ML_SITE_L-ID.k2 = ML_BK_IDGENERATOR_RANDOM_2 -idgenerator.BK_ML_SITE_L-ID.k3 = ML_BK_IDGENERATOR_RANDOM_3 - -idgenerator.BK_ML_SITE_G-ID = ExternalIDGenerator - -# The unique id from the local datawarehouse -idgenerator.locallyUniqueId = ExternalIDGenerator - -# Configuration for the local mds-id -idgenerator.MDS_ML_SITE_L-ID = PIDGenerator -idgenerator.MDS_ML_SITE_L-ID.k1 = ML_MDS_IDGENERATOR_RANDOM_1 -idgenerator.MDS_ML_SITE_L-ID.k2 = ML_MDS_IDGENERATOR_RANDOM_2 -idgenerator.MDS_ML_SITE_L-ID.k3 = ML_MDS_IDGENERATOR_RANDOM_3 -idgenerator.MDS_ML_SITE_L-ID.eager = * -idgenerator.MDS_ML_SITE_L-ID.exportEncryption = mdsIdEncryption -# Encryption for export of mds -crypto.key.mdsIdPublicKey.type = RSA_PUBLIC -crypto.key.mdsIdPublicKey.uri = file:///run/secrets/centralSearchPublicKey -crypto.encryption.mdsIdEncryption.key = mdsIdPublicKey -crypto.encryption.mdsIdEncryption.type = RSA_ENCRYPT - -# Configuration of the study specific id-generators - -# Configuration for project DKTK000001985 -idgenerator.DKTK000001985_ML_SITE_L-ID = PIDGenerator -idgenerator.DKTK000001985_ML_SITE_L-ID.k1 = ML_DKTK000001985_IDGENERATOR_RANDOM_1 -idgenerator.DKTK000001985_ML_SITE_L-ID.k2 = ML_DKTK000001985_IDGENERATOR_RANDOM_2 -idgenerator.DKTK000001985_ML_SITE_L-ID.k3 = ML_DKTK000001985_IDGENERATOR_RANDOM_3 - -idgenerator.DKTK000001985_ML_SITE_G-ID = ExternalIDGenerator - -# Configuration for project DKTK000001986 -idgenerator.DKTK000001986_ML_SITE_L-ID = PIDGenerator -idgenerator.DKTK000001986_ML_SITE_L-ID.k1 = ML_DKTK000001986_IDGENERATOR_RANDOM_1 -idgenerator.DKTK000001986_ML_SITE_L-ID.k2 = ML_DKTK000001986_IDGENERATOR_RANDOM_2 -idgenerator.DKTK000001986_ML_SITE_L-ID.k3 = ML_DKTK000001986_IDGENERATOR_RANDOM_3 - -idgenerator.DKTK000001986_ML_SITE_G-ID = ExternalIDGenerator - -# Configuration for project DKTK000001950 -idgenerator.DKTK000001950_ML_SITE_L-ID = PIDGenerator -idgenerator.DKTK000001950_ML_SITE_L-ID.k1 = ML_DKTK000001950_IDGENERATOR_RANDOM_1 -idgenerator.DKTK000001950_ML_SITE_L-ID.k2 = ML_DKTK000001950_IDGENERATOR_RANDOM_2 -idgenerator.DKTK000001950_ML_SITE_L-ID.k3 = ML_DKTK000001950_IDGENERATOR_RANDOM_3 - -idgenerator.DKTK000001950_ML_SITE_G-ID = ExternalIDGenerator - -# Configuration for project DKTK000001951 -idgenerator.DKTK000001951_ML_SITE_L-ID = PIDGenerator -idgenerator.DKTK000001951_ML_SITE_L-ID.k1 = ML_DKTK000001951_IDGENERATOR_RANDOM_1 -idgenerator.DKTK000001951_ML_SITE_L-ID.k2 = ML_DKTK000001951_IDGENERATOR_RANDOM_2 -idgenerator.DKTK000001951_ML_SITE_L-ID.k3 = ML_DKTK000001951_IDGENERATOR_RANDOM_3 - -idgenerator.DKTK000001951_ML_SITE_G-ID = ExternalIDGenerator - -# Configuration for project DKTK999999999 -idgenerator.DKTK999999999_ML_SITE_L-ID = PIDGenerator -idgenerator.DKTK999999999_ML_SITE_L-ID.k1 = ML_DKTK999999999_IDGENERATOR_RANDOM_1 -idgenerator.DKTK999999999_ML_SITE_L-ID.k2 = ML_DKTK999999999_IDGENERATOR_RANDOM_2 -idgenerator.DKTK999999999_ML_SITE_L-ID.k3 = ML_DKTK999999999_IDGENERATOR_RANDOM_3 - -idgenerator.DKTK999999999_ML_SITE_G-ID = ExternalIDGenerator - -# Configuration for project DKTK000002089 -idgenerator.DKTK000002089_ML_SITE_L-ID = PIDGenerator -idgenerator.DKTK000002089_ML_SITE_L-ID.k1 = ML_DKTK000002089_IDGENERATOR_RANDOM_1 -idgenerator.DKTK000002089_ML_SITE_L-ID.k2 = ML_DKTK000002089_IDGENERATOR_RANDOM_2 -idgenerator.DKTK000002089_ML_SITE_L-ID.k3 = ML_DKTK000002089_IDGENERATOR_RANDOM_3 - -idgenerator.DKTK000002089_ML_SITE_G-ID = ExternalIDGenerator diff --git a/internal-configuration/proxy.xml b/internal-configuration/proxy.xml deleted file mode 100644 index 7c0ba23..0000000 --- a/internal-configuration/proxy.xml +++ /dev/null @@ -1,21 +0,0 @@ - - - - - HTTP_PROXY_URL - HTTP_PROXY_USERNAME - HTTP_PROXY_PASSWORD - - - HTTPS_PROXY_URL - HTTPS_PROXY_USERNAME - HTTPS_PROXY_PASSWORD - - - NO_PROXY_HOSTS - - - - \ No newline at end of file diff --git a/site.dev.conf b/site.dev.conf deleted file mode 100644 index 662c644..0000000 --- a/site.dev.conf +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -### This is the configuration file for secrets, only your site should know - -##Setting Network properties -export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}'); -export HOST= -export PROXY_URL= - -export site_name= -### Write the Project you want to start with the brigdehead -##Exmaple project=gbn -project= - -###secrets -## Connector Password -export CONNECTOR_POSTGRES_PASS= - -##ID-Manager -#This needs to be set if the project is either c4 or dktk -export \ No newline at end of file