Skip to content

Commit

Permalink
Merge branch 'main' into 86bzmr0pe
Browse files Browse the repository at this point in the history
  • Loading branch information
drizzentic committed Aug 8, 2024
2 parents d27e970 + 0882027 commit 4f22a51
Show file tree
Hide file tree
Showing 25 changed files with 102 additions and 32 deletions.
21 changes: 13 additions & 8 deletions .env.traefik.remote
Original file line number Diff line number Diff line change
Expand Up @@ -26,28 +26,33 @@ JS_REPORT_PACKAGE_PATH=
# KAFKA_TOPICS=2xx,reprocess,3xx,metrics:3:1
KAFKA_TOPICS=2xx,2xx-async,reprocess,3xx,metrics:3:3,patient,observation

OPENHIM_CORE_MEDIATOR_HOSTNAME=c9a4-41-90-68-240.ngrok-free.app
OPENHIM_CORE_MEDIATOR_HOSTNAME=<domain>
OPENHIM_MEDIATOR_API_PORT=443/openhimcomms

# Reverse Proxy - Nginx
REVERSE_PROXY_INSTANCES=1
DOMAIN_NAME=c9a4-41-90-68-240.ngrok-free.app
SUBDOMAINS=openhimcomms.<domain>,openhimcore.<domain>,openhimconsole.<domain>,kibana.<domain>,reports.<domain>,santewww.<domain>,santempi.<domain>,superset.<domain>,keycloak.<domain>,grafana.<domain>,minio.<domain>,jempi-web.<domain>,jempi-api.<domain>
DOMAIN_NAME_HOST_TRAEFIK=<domain>
STAGING=false
INSECURE=false

# Identity Access Manager - Keycloak
KC_FRONTEND_URL=https://keycloak.c9a4-41-90-68-240.ngrok-free.app
KC_FRONTEND_URL=https://keycloak.<domain>
KC_GRAFANA_ROOT_URL=https://grafana.<domain>
KC_JEMPI_ROOT_URL=https://jempi-web.<domain>
KC_SUPERSET_ROOT_URL=https://superset.<domain>
KC_OPENHIM_ROOT_URL=https://c9a4-41-90-68-240.ngrok-free.app
KC_OPENHIM_ROOT_URL=https://<domain>
GF_SERVER_DOMAIN=grafana.<domain>

REACT_APP_JEMPI_BASE_API_HOST=https://jempi-api.<domain>
REACT_APP_JEMPI_BASE_API_PORT=443
OPENHIM_CONSOLE_BASE_URL=https://c9a4-41-90-68-240.ngrok-free.app
OPENHIM_API_HOST=https://c9a4-41-90-68-240.ngrok-free.app/openhimcomms
OPENHIM_CONSOLE_BASE_URL=https://<domain>
OPENHIM_API_HOST=https://<domain>/openhimcomms
OPENHIM_API_PORT=443/openhimcomms
OPENHIM_HOST_NAME=c9a4-41-90-68-240.ngrok-free.app
OPENHIM_HOST_NAME=<domain>
CERT_RESOLVER=le
CA_SERVER=https://acme-v02.api.letsencrypt.org/directory
OPENHIM_CORE_IMAGE=jembi/openhim-core:prerelease
OPENHIM_CONSOLE_IMAGE=jembi/openhim-console:poc-microfrontend-prelease
GF_SERVER_ROOT_URL=https://<domain>/grafana
GF_SERVER_DOMAIN=<domain>
MINIO_BROWSER_REDIRECT_URL=https://<domain>/minio
3 changes: 3 additions & 0 deletions client-registry-jempi/docker-compose.api.yml
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ services:
jempi:
postgres:


jempi-api-kc:
image: jembi/jempi-api-kc:${JEMPI_API_KC_IMAGE_TAG}
environment:
Expand Down Expand Up @@ -89,9 +90,11 @@ services:
jempi:
postgres:


volumes:
jempi-shared-data:


networks:
reverse-proxy:
name: reverse-proxy_public
Expand Down
1 change: 1 addition & 0 deletions client-registry-jempi/docker-compose.web.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ services:
keycloak:
default:


networks:
reverse-proxy:
name: reverse-proxy_public
Expand Down
2 changes: 1 addition & 1 deletion client-registry-jempi/package-metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@
"POSTGRESQL_PASSWORD": "instant101",
"JEMPI_SESSION_SECURE": false,
"JEMPI_SESSION_DOMAIN_NAME": "localhost",
"DOMAIN_NAME": "",
"DOMAIN_NAME": "localhost",
"KAFKA_APPLICATION_ID_API": "api-app-id",
"DGRAPH_HOSTS": "jempi-alpha-01,jempi-alpha-02,jempi-alpha-03",
"DGRAPH_PORTS": "9080,9081,9082",
Expand Down
3 changes: 2 additions & 1 deletion client-registry-santempi/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -47,10 +47,11 @@ services:
reverse-proxy:
traefik:

# Sante's Match configuration is stored in the container. This will prevent the matching rules of the client registry from being lost. A docker config cannot be used for this case as the settings can be changed on Sante's UI.
# Sante's Match configuration is stored in the container. This will prevent the matching rules of the client registry from being lost. A docker config cannot be used for this case as the settings can be changed on Sante's UI.
volumes:
santedb-data:


networks:
mpi:
name: mpi_public
Expand Down
2 changes: 2 additions & 0 deletions dashboard-visualiser-jsreport/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -49,9 +49,11 @@ services:
elastic:
default:


volumes:
jsreport-data:


networks:
reverse-proxy:
name: reverse-proxy_public
Expand Down
1 change: 1 addition & 0 deletions dashboard-visualiser-kibana/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ services:
elastic:
default:


configs:
kibana-kibana.yml:
file: ./kibana.yml
Expand Down
2 changes: 2 additions & 0 deletions dashboard-visualiser-superset/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ services:
postgres:
default:


configs:
superset_config.py:
file: ./config/superset_config.py
Expand All @@ -71,6 +72,7 @@ configs:
volumes:
superset_home:


networks:
clickhouse:
name: clickhouse_public
Expand Down
2 changes: 2 additions & 0 deletions fhir-ig-importer/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ services:
reverse-proxy:
environment:
FHIR_IG_IMPORTER_CORE_URL: ${FHIR_IG_IMPORTER_CORE_URL}
OPENHIM_API_USERNAME: ${OPENHIM_USERNAME}
OPENHIM_API_IG_PASSWORD: ${OPENHIM_PASSWORD}

networks:
hapi-fhir:
Expand Down
1 change: 1 addition & 0 deletions fhir-ig-importer/importer/docker-compose.config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ services:
OPENHIM_API_PASSWORD: ${OPENHIM_PASSWORD}
# Reject unauthorised is only needed if the OpenHIM's SSL is not setup
NODE_TLS_REJECT_UNAUTHORIZED: 0
OPENHIM_CONSOLE_BASE_URL: ${OPENHIM_CONSOLE_BASE_URL}
command: sh -c "node openhimConfig.js"
configs:
- source: fhir-ig-importer-config-importer-openhimConfig.js
Expand Down
2 changes: 1 addition & 1 deletion fhir-ig-importer/importer/volume/ig-importer-app.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
"description": "FHIR IG microfrontend app",
"category": "HIE Configuration",
"type": "esmodule",
"url": "https://openhimconsole.<domain>/fhir-ig-importer",
"url": "<openhim-console-url>/fhir-ig-importer",
"showInPortal": true,
"showInSideBar": true,
"access_roles": ["admin"],
Expand Down
12 changes: 12 additions & 0 deletions fhir-ig-importer/importer/volume/openhimConfig.js
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,18 @@ const appJsonData = JSON.parse(
fs.readFileSync(path.resolve(__dirname, "ig-importer-app.json"))
);

//Substitute the url with environ variable

let url = appJsonData.url;
if (!process.env.OPENHIM_CONSOLE_BASE_URL) {
throw new Error("Environment variable OPENHIM_CONSOLE_BASE_URL is not set");
}
let newUrl = url.replace(
"<openhim-console-url>",
process.env.OPENHIM_CONSOLE_BASE_URL
);

appJsonData.url = newUrl;
const data = JSON.stringify(jsonData);
const appData = JSON.stringify(appJsonData);

Expand Down
5 changes: 4 additions & 1 deletion fhir-ig-importer/package-metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@
"FHIR_IG_IMPORTER_CORE_HOST": "0.0.0.0",
"FHIR_IG_IMPORTER_CORE_URL": "http://0.0.0.0:3001/fhir/ig/v1.0",
"FHIR_IG_IMPORTER_UI_VERSION": "latest",
"FHIR_IG_IMPORTER_CORE_VERSION": "latest"
"FHIR_IG_IMPORTER_CORE_VERSION": "latest",
"OPENHIM_CONSOLE_BASE_URL": "http://localhost:9000",
"OPENHIM_API_USERNAME": "[email protected]",
"OPENHIM_API_IG_PASSWORD": "instant101"
}
}
5 changes: 4 additions & 1 deletion identity-access-manager-keycloak/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ services:
"start",
"--proxy=edge",
"--hostname-url=${KC_FRONTEND_URL}",
"--import-realm",
"--import-realm"
]
hostname: identity-access-manager-keycloak
healthcheck:
Expand Down Expand Up @@ -49,17 +49,20 @@ services:
- traefik.enable=true
- traefik.docker.network=reverse-proxy-traefik_public
- traefik.http.routers.identity-access-manager-keycloak.service=identity-access-manager-keycloak
- traefik.http.services.identity-access-manager-keycloak.loadbalancer.server.scheme=http
- traefik.http.services.identity-access-manager-keycloak.loadbalancer.server.port=8080
- traefik.http.routers.identity-access-manager-keycloak.rule=Host(`${KC_TRAEFIK_SUBDOMAIN}.${DOMAIN_NAME_HOST_TRAEFIK}`)
- traefik.http.routers.identity-access-manager-keycloak.tls=true
- traefik.http.routers.identity-access-manager-keycloak.tls.certresolver=${CERT_RESOLVER}
- traefik.http.routers.identity-access-manager-keycloak.entrypoints=websecure
networks:
reverse-proxy:
public:
traefik:
default:
postgres:


configs:
realm.json:
file: ./config/realm.json
Expand Down
5 changes: 1 addition & 4 deletions interoperability-layer-openhim/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -63,9 +63,6 @@ services:
- traefik.http.routers.openhimcore.middlewares=openhimcore-stripprefix
- traefik.http.routers.openhimcore.tls.certresolver=le




openhim-console:
image: ${OPENHIM_CONSOLE_IMAGE}
environment:
Expand Down Expand Up @@ -95,7 +92,7 @@ services:
- traefik.http.routers.openhim-console.service=openhim-console
- traefik.http.routers.openhim-console.entrypoints=websecure
- traefik.http.routers.openhim-console.tls=true
- traefik.http.routers.openhim-console.rule=Host(`${DOMAIN_NAME}`)
- traefik.http.routers.openhim-console.rule=Host(`${DOMAIN_NAME_HOST_TRAEFIK}`)
- traefik.http.services.openhim-console.loadbalancer.server.port=80
placement:
max_replicas_per_node: ${OPENHIM_CONSOLE_MAX_REPLICAS_PER_NODE}
Expand Down
2 changes: 1 addition & 1 deletion kafka-mapper-consumer/consumer-ui-app.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
"description": "Kafka mapper consumer microfrontends app",
"category": "HIE Configuration",
"type": "esmodule",
"url": "http://localhost:8091/jembi-kafka-mapper-consumer-ui.js",
"url": "<openhim-console-url>/kafka-mapper-consumer-ui",
"showInPortal": true,
"showInSideBar": false,
"access_roles": ["admin"],
Expand Down
1 change: 1 addition & 0 deletions kafka-mapper-consumer/docker-compose.config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ services:
OPENHIM_API_PASSWORD: ${OPENHIM_PASSWORD}
# Reject unauthorised is only needed if the OpenHIM's SSL is not setup
NODE_TLS_REJECT_UNAUTHORIZED: 0
OPENHIM_CONSOLE_BASE_URL: ${OPENHIM_CONSOLE_BASE_URL}
command: sh -c "node openhimConfig.js"
configs:
- source: kafka-mapper-consumer-openhimConfig.js
Expand Down
14 changes: 14 additions & 0 deletions kafka-mapper-consumer/openhimConfig.js
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,20 @@ function makeRequest(options, data) {
const appJsonData = JSON.parse(
fs.readFileSync(path.resolve(__dirname, "consumer-ui-app.json"))
);
//Substitute the url with environ variable

let url = appJsonData.url;

if (!process.env.OPENHIM_CONSOLE_BASE_URL) {
throw new Error("Environment variable OPENHIM_CONSOLE_BASE_URL is not set");
}

let newUrl = url.replace(
"<openhim-console-url>",
process.env.OPENHIM_CONSOLE_BASE_URL
);

appJsonData.url = newUrl;
const appData = JSON.stringify(appJsonData);

const options = {
Expand Down
5 changes: 3 additions & 2 deletions kafka-mapper-consumer/package-metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,8 @@
"REGISTER_MEDIATOR": "true",
"CLICKHOUSE_HOST": "analytics-datastore-clickhouse",
"CLICKHOUSE_PORT": "8123",
"KAFKA_CONSUMER_MAPPER_MEDIATOR_VERSION": "jembi/kafka-mapper-consumer:v0.0.1",
"KAFKA_CONSUMER_MAPPER_UI_VERSION": "jembi/kafka-mapper-consumer-ui:v0.0.1"
"KAFKA_CONSUMER_MAPPER_MEDIATOR_VERSION": "jembi/kafka-mapper-consumer:latest",
"KAFKA_CONSUMER_MAPPER_UI_VERSION": "jembi/kafka-mapper-consumer-ui:latest",
"OPENHIM_CONSOLE_BASE_URL": "http://localhost:9000"
}
}
19 changes: 13 additions & 6 deletions monitoring/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,13 @@ services:
- traefik.docker.network=reverse-proxy-traefik_public
- traefik.http.routers.grafana.service=grafana
- traefik.http.services.grafana.loadbalancer.server.port=3000
- traefik.http.routers.grafana.rule=Host(${DOMAIN_NAME} && PathPrefix(`/grafana`)
- traefik.http.routers.grafana.rule=Host(`${DOMAIN_NAME_HOST_TRAEFIK}`) && PathPrefix(`/grafana`)
- traefik.http.routers.grafana.tls=true
- traefik.http.services.grafana.loadbalancer.server.scheme=http
- traefik.http.routers.grafana.entrypoints=websecure
- traefik.http.routers.grafana.tls.certresolver=le
- traefik.http.middlewares.grafana-stripprefix.stripprefix.prefixes=/grafana
- traefik.http.routers.grafana.middlewares=grafana-stripprefix
- traefik.http.routers.openhim-console.tls=true
- traefik.http.services.openhim-console.loadbalancer.server.scheme=http
environment:
GF_SECURITY_ADMIN_USER: ${GF_SECURITY_ADMIN_USER}
GF_SECURITY_ADMIN_PASSWORD: ${GF_SECURITY_ADMIN_PASSWORD}
Expand All @@ -41,8 +43,8 @@ services:
GF_AUTH_GENERIC_OAUTH_TOKEN_URL: "${KC_API_URL}/realms/${KC_REALM_NAME}/protocol/openid-connect/token"
GF_AUTH_GENERIC_OAUTH_API_URL: "${KC_API_URL}/realms/${KC_REALM_NAME}/protocol/openid-connect/userinfo"
GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: "contains(roles[*], 'admin') && 'Admin' || contains(roles[*], 'editor') && 'Editor' || 'Viewer'"
GF_SERVER_DOMAIN: ${GF_SERVER_DOMAIN}
GF_SERVER_ROOT_URL: ${KC_GRAFANA_ROOT_URL}
GF_SERVER_DOMAIN: ${DOMAIN_NAME_HOST_TRAEFIK}
GF_SERVER_ROOT_URL: ${DOMAIN_NAME_HOST_TRAEFIK}
GF_SERVER_SERVE_FROM_SUB_PATH: ${GF_SERVER_SERVE_FROM_SUB_PATH}
GF_AUTH_SIGNOUT_REDIRECT_URL: "${KC_FRONTEND_URL}/realms/${KC_REALM_NAME}/protocol/openid-connect/logout?client_id=${KC_GRAFANA_CLIENT_ID}&post_logout_redirect_uri=${KC_GRAFANA_ROOT_URL}/login"
configs:
Expand Down Expand Up @@ -177,8 +179,13 @@ services:
labels:
- traefik.enable=true
- traefik.docker.network=reverse-proxy-traefik_public
- traefik.http.routers.minio.rule=${DOMAIN_NAME_HOST_TRAEFIK} && PathPrefix(`/minio`)
- traefik.http.routers.minio.service=minio
- traefik.http.routers.minio.rule=Host(`${DOMAIN_NAME_HOST_TRAEFIK}`) && PathPrefix(`/minio`)
- traefik.http.services.minio.loadbalancer.server.port=9001
- traefik.http.routers.minio.tls=true
- traefik.http.services.minio.loadbalancer.server.scheme=http
- traefik.http.routers.minio.entrypoints=websecure
- traefik.http.routers.minio.tls.certresolver=le
- traefik.http.middlewares.minio-stripprefix.stripprefix.prefixes=/minio
- traefik.http.routers.minio.middlewares=minio-stripprefix
networks:
Expand Down
1 change: 1 addition & 0 deletions reprocess-mediator/docker-compose.config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ services:
OPENHIM_API_PASSWORD: ${OPENHIM_PASSWORD}
# Reject unauthorised is only needed if the OpenHIM's SSL is not setup
NODE_TLS_REJECT_UNAUTHORIZED: 0
OPENHIM_CONSOLE_BASE_URL: ${OPENHIM_CONSOLE_BASE_URL}
command: sh -c "node openhimConfig.js"
configs:
- source: reprocess-openhimConfig.js
Expand Down
13 changes: 13 additions & 0 deletions reprocess-mediator/openhimConfig.js
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,19 @@ function makeRequest(options, data) {
const appJsonData = JSON.parse(
fs.readFileSync(path.resolve(__dirname, "reprocess-ui-app.json"))
);
//Substitute the url with environ variable

let url = appJsonData.url;

if (!process.env.OPENHIM_CONSOLE_BASE_URL) {
throw new Error("Environment variable OPENHIM_CONSOLE_BASE_URL is not set");
}
let newUrl = url.replace(
"<openhim-console-url>",
process.env.OPENHIM_CONSOLE_BASE_URL
);

appJsonData.url = newUrl;
const appData = JSON.stringify(appJsonData);

const options = {
Expand Down
8 changes: 4 additions & 4 deletions reprocess-mediator/package-metadata.json
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,10 @@
"OPENHIM_PASSWORD": "instant101",
"REGISTER_MEDIATOR": "true",
"REPROCESSOR_API_BASE_URL": "http://reprocess-mediator:3000",
"REPROCESS_MEDIATOR_VERSION": "jembi/reprocess-mediator:v0.1.0",
"REPROCESS_MEDIATOR_UI_VERSION": "jembi/reprocess-mediator-ui:v0.1.0",
"REPROCESS_MEDIATOR_VERSION": "jembi/reprocess-mediator:latest",
"REPROCESS_MEDIATOR_UI_VERSION": "jembi/reprocess-mediator-ui:latest",
"MONGODB_CONNECTION_STRING": "mongodb://mongo-1:27017/openhim",
"MONGODB_DIRECT_CONNECTION": false

"MONGODB_DIRECT_CONNECTION": false,
"OPENHIM_CONSOLE_BASE_URL": "http://localhost:9000"
}
}
2 changes: 1 addition & 1 deletion reprocess-mediator/reprocess-ui-app.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
"description": "Reprocess microfrontends app",
"category": "HIE Configuration",
"type": "esmodule",
"url": "http://localhost:3030/jembi-reprocessor-mediator-microfrontend.js",
"url": "<openhim-console-url>/reprocess-mediator-ui",
"showInPortal": true,
"showInSideBar": false,
"access_roles": ["admin"],
Expand Down
2 changes: 1 addition & 1 deletion reverse-proxy-traefik/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ services:
- traefik.http.routers.to-https.entrypoints=http
- traefik.http.routers.to-https.middlewares=to-https

- traefik.http.routers.traefik.rule=Host(`${DOMAIN_NAME}`) && PathPrefix(`/dashboard`)
- traefik.http.routers.traefik.rule=Host(`${DOMAIN_NAME_HOST_TRAEFIK}`) && PathPrefix(`/dashboard`)
- traefik.http.routers.traefik.entrypoints=http
- traefik.http.routers.traefik.middlewares=auth
- traefik.http.routers.traefik.service=api@internal
Expand Down

0 comments on commit 4f22a51

Please sign in to comment.