From 5c2d0df15427ceb27851108e2c605f005359a3f5 Mon Sep 17 00:00:00 2001 From: Piotr Mankowski Date: Wed, 31 Aug 2022 16:00:03 -0700 Subject: [PATCH] Updated server-side configuration changes (#43) * Server-side configuration changes * Updated docker config * Cleanup * Fixes * AWS testing fixes * Updated SHR version * Test fix --- .env | 4 +- .../3_lab_workflows.postman_collection.json | 10 ++-- configs/opencr/config.json | 2 +- configs/openhim-console/default.json | 4 +- configs/shr/config.json | 27 ++++++--- configs/traefik/certs.yml | 2 +- configs/traefik/traefik.yml | 3 +- docker-compose.yml | 57 +++++++++---------- 8 files changed, 60 insertions(+), 49 deletions(-) diff --git a/.env b/.env index 0f3254a..103f4f7 100644 --- a/.env +++ b/.env @@ -1,3 +1,3 @@ -SHR_VERSION=v0.7.0 -FHIR_CONVERTER_VERSION=v3.1.4 +SHR_VERSION=v0.7.1 +FHIR_CONVERTER_VERSION=v3.2.1 OMANG_SVC_VERSION=v1.6.3 \ No newline at end of file diff --git a/.postman/collections/3_lab_workflows.postman_collection.json b/.postman/collections/3_lab_workflows.postman_collection.json index e5ed7dc..6b635e2 100644 --- a/.postman/collections/3_lab_workflows.postman_collection.json +++ b/.postman/collections/3_lab_workflows.postman_collection.json @@ -359,7 +359,7 @@ } }, "url": { - "raw": "{{openhim-url}}/72f/convert/fhir/ADT_in.hbs", + "raw": "{{openhim-url}}/72f/convert/fhir/ADT_A04_TO_IPMS.hbs", "host": [ "{{openhim-url}}" ], @@ -367,7 +367,7 @@ "72f", "convert", "fhir", - "ADT_in.hbs" + "ADT_A04_TO_IPMS.hbs" ] } }, @@ -422,7 +422,7 @@ ] }, { - "name": "04 SHR --> IPMS: ORM", + "name": "06 SHR --> IPMS: ORM", "item": [ { "name": "Send Lab Order To IPMS (ORM)", @@ -459,7 +459,7 @@ } }, "url": { - "raw": "{{openhim-url}}/72f/convert/fhir/OBR.hbs", + "raw": "{{openhim-url}}/72f/convert/fhir/ORM_O01_TO_IPMS.hbs", "host": [ "{{openhim-url}}" ], @@ -467,7 +467,7 @@ "72f", "convert", "fhir", - "OBR.hbs" + "ORM_O01_TO_IPMS.hbs" ] } }, diff --git a/configs/opencr/config.json b/configs/opencr/config.json index f45405a..10f412f 100644 --- a/configs/opencr/config.json +++ b/configs/opencr/config.json @@ -69,7 +69,7 @@ } }, "sync": { - "lastFHIR2ESSync": "2022-07-08T03:45:49" + "lastFHIR2ESSync": "2022-08-31T19:24:26" }, "__comments": { "matching.tool": "this tells if the app should use mediator algorithms or elasticsearch algorithms for matching, two options mediator and elasticsearch" diff --git a/configs/openhim-console/default.json b/configs/openhim-console/default.json index 8313869..38c53b8 100644 --- a/configs/openhim-console/default.json +++ b/configs/openhim-console/default.json @@ -2,8 +2,8 @@ "version": "1.13.2", "minimumCoreVersion": "5.2.0", "protocol": "https", - "host": "10.171.5.12", - "hostPath": "/openhim-api", + "host": "core.moh.org.bw", + "hostPath": "", "port": "", "title": "Botswana HIE Admin Console", "footerTitle": "OpenHIM Administration Console", diff --git a/configs/shr/config.json b/configs/shr/config.json index 64345cd..a45dd81 100644 --- a/configs/shr/config.json +++ b/configs/shr/config.json @@ -3,10 +3,6 @@ "port": 3000, "mllpPort": 3001 }, - "mllp": { - "targetIp": "shr", - "targetPort": 3001 - }, "mediator": { "api": { "username": "root@openhim.org", @@ -21,11 +17,28 @@ } }, "fhirServer": { - "mpiURL": "https://openhim-core:5000/CR/fhir", "baseURL": "http://shr-fhir:8080/fhir" }, - "fhirConverterUrl": "https://openhim-core:5000/72f", + "clientRegistryUrl": "http://openhim-core:5001/CR/fhir", + "fhirConverterUrl": "http://openhim-core:5001/72f", "taskRunner": { - "brokers" : ["kafka:9092"] + "brokers": [ + "kafka:9092" + ] + }, + "bwConfig": { + "pimsSystemUrl": "https://api.openconceptlab.org/orgs/B-TECHBW/sources/PIMS-LAB-TEST-DICT/", + "omangSystemUrl": "http://moh.bw.org/ext/identifier/omang", + "oclUrl": "https://api.openconceptlab.org", + "requestTimeout": 10000, + "toIpmsAdtTemplate": "ADT_A04_TO_IPMS.hbs", + "fromIpmsAdtTemplate": "ADT_A04_FROM_IPMS.hbs", + "toIpmsOrmTemplate": "ORM_O01_TO_IPMS.hbs", + "fromIpmsOruTemplate": "ORU_R01_FROM_IPMS.hbs", + "mllp": { + "targetIp": "localhost", + "targetAdtPort": 2100, + "targetOrmPort": 2100 + } } } diff --git a/configs/traefik/certs.yml b/configs/traefik/certs.yml index 9fc3140..19571b3 100644 --- a/configs/traefik/certs.yml +++ b/configs/traefik/certs.yml @@ -1,4 +1,4 @@ tls: certificates: - - certFile: /etc/certs/live/moh.org.bw/cert.pem + - certFile: /etc/certs/live/moh.org.bw/fullchain.pem keyFile: /etc/certs/live/moh.org.bw/privkey.pem diff --git a/configs/traefik/traefik.yml b/configs/traefik/traefik.yml index a15a070..20f0d5d 100644 --- a/configs/traefik/traefik.yml +++ b/configs/traefik/traefik.yml @@ -13,7 +13,8 @@ entryPoints: web-secure: address: :443 api: - insecure: true + dashboard: true + insecure: false providers: file: watch: true diff --git a/docker-compose.yml b/docker-compose.yml index 3779b3a..ace1764 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -17,9 +17,11 @@ services: # reverse proxy ### traefik: - image: traefik:v2.6.1 + image: traefik:v2.8.3 container_name: traefik + restart: unless-stopped ports: + - '80:80' - '443:443' - '8080:8080' volumes: @@ -29,10 +31,15 @@ services: - certs:/etc/certs networks: - hie - environment: - - AWS_ACCESS_KEY_ID - - AWS_SECRET_ACCESS_KEY - - AWS_HOSTED_ZONE_ID + labels: + - 'traefik.enable=true' + - 'traefik.docker.network=hie-botswana_hie' + - "traefik.http.routers.api.rule=Host(`traefik.moh.org.bw`)" + - "traefik.http.routers.api.service=api@internal" + - 'traefik.http.routers.api.tls=true' + - 'traefik.http.routers.api.entrypoints=web-secure' + # - "traefik.http.routers.api.middlewares=auth" + # - "traefik.http.middlewares.auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0" ## TODO: Set up Traefik for AWS DNS properly and remove certbot: @@ -70,10 +77,7 @@ services: - 'traefik.http.routers.opencr.tls=true' - 'traefik.http.routers.opencr.entrypoints=web-secure' - 'traefik.http.services.opencr.loadbalancer.server.port=3000' - - 'traefik.http.routers.opencr.rule=PathPrefix(`/opencr`)' - - 'traefik.http.routers.opencr.middlewares=opencr' - - 'traefik.http.middlewares.opencr.stripprefix.prefixes=/opencr' - - 'traefik.http.middlewares.opencr.stripprefix.forceSlash=false' + - 'traefik.http.routers.opencr.rule=Host(`opencr.moh.org.bw`)' opencr-fhir: image: hapiproject/hapi:latest container_name: opencr-fhir @@ -128,7 +132,8 @@ services: - ./configs/shr/config.json:/app/config/config_docker.json - ./configs/shr/mediator.json:/app/config/mediator_docker.json ports: - - 80:3001 + - 3001:3001 + - 3002:3002 shr-fhir: image: hapiproject/hapi:latest container_name: shr-fhir @@ -175,20 +180,17 @@ services: - 'traefik.http.routers.openhim-api.service=openhim-api' - 'traefik.http.routers.openhim-api.tls=true' - 'traefik.http.routers.openhim-api.entrypoints=web-secure' - - 'traefik.http.routers.openhim-api.rule=PathPrefix(`/openhim-api`)' - - 'traefik.http.routers.openhim-api.middlewares=openhim-api' - - 'traefik.http.middlewares.openhim-api.stripprefix.prefixes=/openhim-api' - - 'traefik.http.middlewares.openhim-api.stripprefix.forceSlash=false' + - 'traefik.http.routers.openhim-api.rule=Host(`core.moh.org.bw`)' - 'traefik.http.services.openhim-core.loadbalancer.server.port=5000' - 'traefik.http.services.openhim-core.loadbalancer.server.scheme=https' - 'traefik.http.routers.openhim-core.service=openhim-core' - 'traefik.http.routers.openhim-core.tls=true' - 'traefik.http.routers.openhim-core.entrypoints=web-secure' - - 'traefik.http.routers.openhim-core.rule=PathPrefix(`/openhim-core`)' - - 'traefik.http.routers.openhim-core.middlewares=openhim-core' - - 'traefik.http.middlewares.openhim-core.stripprefix.prefixes=/openhim-core' - - 'traefik.http.middlewares.openhim-core.stripprefix.forceSlash=false' + - 'traefik.http.routers.openhim-core.rule=Host(`openhim.moh.org.bw`)' + ports: + - 5001:5001 + - 8091:8080 openhim-console: container_name: openhim-console @@ -207,10 +209,7 @@ services: - 'traefik.docker.network=hie-botswana_hie' - 'traefik.http.routers.openhim-console.tls=true' - 'traefik.http.routers.openhim-console.entrypoints=web-secure' - - 'traefik.http.routers.openhim-console.rule=PathPrefix(`/openhim`)' - - 'traefik.http.routers.openhim-console.middlewares=openhim-console' - - 'traefik.http.middlewares.openhim-console.stripprefix.prefixes=/openhim' - - 'traefik.http.middlewares.openhim-console.stripprefix.forceSlash=false' + - 'traefik.http.routers.openhim-console.rule=Host(`moh.org.bw`)' networks: - hie @@ -247,14 +246,13 @@ services: - 'traefik.docker.network=hie-botswana_hie' - 'traefik.http.routers.converter.tls=true' - 'traefik.http.routers.converter.entrypoints=web-secure' - - 'traefik.http.routers.converter.rule=PathPrefix(`/converter`)' - - 'traefik.http.routers.converter.middlewares=converter' - - 'traefik.http.middlewares.converter.stripprefix.prefixes=/converter' - - 'traefik.http.middlewares.converter.stripprefix.forceSlash=false' + - 'traefik.http.routers.converter.rule=Host(`converter.moh.org.bw`)' # Kafka zookeeper: image: "bitnami/zookeeper:latest" + container_name: zookeeper + restart: unless-stopped hostname: zookeeper environment: - ALLOW_ANONYMOUS_LOGIN=yes @@ -266,6 +264,7 @@ services: image: "bitnami/kafka:latest" hostname: kafka container_name: kafka + restart: unless-stopped environment: - KAFKA_BROKER_ID=1 - KAFKA_CFG_LISTENERS=PLAINTEXT://:9092 @@ -295,16 +294,14 @@ services: - 'traefik.docker.network=hie-botswana_hie' - 'traefik.http.routers.omang.tls=true' - 'traefik.http.routers.omang.entrypoints=web-secure' - - 'traefik.http.routers.omang.rule=PathPrefix(`/omang`)' - - 'traefik.http.routers.omang.middlewares=omang' - - 'traefik.http.middlewares.omang.stripprefix.prefixes=/omang' - - 'traefik.http.middlewares.omang.stripprefix.forceSlash=false' + - 'traefik.http.routers.omang.rule=Host(`omang.moh.org.bw`)' environment: - TZ=GMT oracle-db: hostname: oracle-db container_name: oracle-db + restart: unless-stopped image: wnameless/oracle-xe-11g-r2:latest environment: - ORACLE_ALLOW_REMOTE=true