From f7c858c68ac1e2181c834ea7358cf8a26eec1931 Mon Sep 17 00:00:00 2001 From: Siddharth Vaish Date: Thu, 24 Oct 2024 13:17:24 +0530 Subject: [PATCH 1/5] [TEST] Analysing Orthanc --- Dockerfile | 36 ++ docker-compose-orthanc.yml | 57 ++ java/HelloWorld.java | 0 orthanc.json | 1007 ++++++++++++++++++++++++++++++++++++ 4 files changed, 1100 insertions(+) create mode 100644 Dockerfile create mode 100644 docker-compose-orthanc.yml create mode 100644 java/HelloWorld.java create mode 100644 orthanc.json diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..ca733ef --- /dev/null +++ b/Dockerfile @@ -0,0 +1,36 @@ +# Use the base Orthanc plugins image +FROM jodogne/orthanc-plugins:latest + +RUN apt-get update && apt-get install -y openjdk-17-jdk cmake build-essential python3 unzip libjsoncpp-dev \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +ENV JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64 + +WORKDIR /home/root/ +RUN wget -qO- https://orthanc.uclouvain.be/downloads/sources/orthanc-java/OrthancJava-1.0.tar.gz | tar xvz + +WORKDIR /home/root/OrthancJava-1.0 +RUN mkdir BuildPlugin && \ + cd BuildPlugin && \ + cmake ../Plugin -DCMAKE_BUILD_TYPE=Release && \ + make + +WORKDIR /home/root/OrthancJava-1.0 +RUN mkdir BuildJavaSDK && \ + cd BuildJavaSDK && \ + cmake ../JavaSDK && \ + make + +WORKDIR /home/root/ +RUN wget https://orthanc.uclouvain.be/downloads/cross-platform/orthanc-java/mainline/OrthancFHIR.jar + +COPY java/HelloWorld.java /home/root/java/ +WORKDIR /home/root/java/ +RUN javac -cp /home/root/OrthancJava-1.0/BuildJavaSDK/OrthancJavaSDK.jar HelloWorld.java + +# Expose Orthanc default port +EXPOSE 4242 8042 + +ENV LD_PRELOAD=/usr/lib/jvm/java-17-openjdk-amd64/lib/server/libjvm.so +ENTRYPOINT ["/usr/local/sbin/Orthanc"] \ No newline at end of file diff --git a/docker-compose-orthanc.yml b/docker-compose-orthanc.yml new file mode 100644 index 0000000..7e99f78 --- /dev/null +++ b/docker-compose-orthanc.yml @@ -0,0 +1,57 @@ +version: "3.8" + +services: + orthanc: + command: /run/secrets/ + secrets: + - orthanc.json + build: + context: . + dockerfile: Dockerfile + restart: always + environment: + - ORTHANC_NAME=${ORTHANC_NAME} + - ORTHANC_AUTHENTICATION=keycloak + - KEYCLOAK_REALM=orthanc + - KEYCLOAK_CLIENT_ID=orthanc + volumes: + - orthanc-db:/var/lib/orthanc/db + networks: + - ozone + - web + ports: + - "8888:8042" +# depends_on: +# env-substitution: +# condition: service_completed_successfully + + # keycloak: + # image: orthancteam/orthanc-keycloak:latest + # restart: always + # ports: + # - "8080:8080" + # environment: + # - ORTHANC__USER__NAME=orthanc + # - ORTHANC__USER__PASSWORD=orthanc + # - KC_DB="postgresql" + # - KC_DB_URL="jdbc:postgresql://postgres:5432/keycloak" + # - KC_DB_USERNAME="orthanc" + # - KC_DB_PASSWORD="orthanc" + # networks: + # - ozone + # - web + +# env-substitution: +# environment: +# - ORTHANC_PUBLIC_URL=http://${ORTHANC_HOSTNAME} + +secrets: + orthanc.json: + file: orthanc.json + +networks: + ozone: + web: + +volumes: + orthanc-db: \ No newline at end of file diff --git a/java/HelloWorld.java b/java/HelloWorld.java new file mode 100644 index 0000000..e69de29 diff --git a/orthanc.json b/orthanc.json new file mode 100644 index 0000000..ad2e460 --- /dev/null +++ b/orthanc.json @@ -0,0 +1,1007 @@ +{ + /** + * General configuration of Orthanc + * + * As a general recommendation, you should always favour absolute + * paths when you need to provide a path to a file or a directory. + * This is not done in this configuration file since we don't know + * where Orthanc is going to be installed. + **/ + + // The logical name of this instance of Orthanc. This one is + // displayed in Orthanc Explorer and at the URI "/system". + "Name" : "Orthanc inside Docker", + + // Path to the directory that holds the heavyweight files (i.e. the + // raw DICOM instances). Backslashes must be either escaped by + // doubling them, or replaced by forward slashes "/". + "StorageDirectory" : "/var/lib/orthanc/db", + + // Path to the directory that holds the SQLite index (if unset, the + // value of StorageDirectory is used). This index could be stored on + // a RAM-drive or a SSD device for performance reasons. + "IndexDirectory" : "/var/lib/orthanc/db", + + // Path to the directory where Orthanc stores its large temporary + // files. The content of this folder can be safely deleted once + // Orthanc is stopped. The folder must exist. The corresponding + // filesystem must be properly sized, given that for instance a ZIP + // archive of DICOM images created by a job can weight several GBs, + // and that there might be up to "min(JobsHistorySize, + // MediaArchiveSize)" archives to be stored simultaneously. If not + // set, Orthanc will use the default temporary folder of the + // operating system (such as "/tmp/" on UNIX-like systems, or + // "C:/Temp" on Microsoft Windows). + // "TemporaryDirectory" : "/tmp/Orthanc/", + + // Enable the transparent compression of the DICOM instances + "StorageCompression" : false, + + // Maximum size of the storage in MB (a value of "0" indicates no + // limit on the storage size) + "MaximumStorageSize" : 0, + + // Maximum number of patients that can be stored at a given time + // in the storage (a value of "0" indicates no limit on the number + // of patients) + "MaximumPatientCount" : 0, + + // Action to take when the maximum storage is reached. + // By default, the patients are recycled ("Recycle" mode). + // In "Reject" mode, the sender will receive a 0xA700 DIMSE status code + // if the instance was sent through C-Store, a 507 HTTP status code + // if using the REST API and a 0xA700 Failure reason when using + // DicomWeb Stow-RS. + // Note: this value is taken into account only if you have set + // a MaximumStorageSize != 0 or a MaximumPatientCount != 0 + // Allowed values: "Recycle", "Reject" + // (new in Orthanc 1.11.2) + "MaximumStorageMode" : "Recycle", + + // Maximum size of the storage cache in MB. The storage cache + // is stored in RAM and contains a copy of recently accessed + // files (written or read). A value of "0" indicates the cache + // is disabled. (new in Orthanc 1.10.0) + "MaximumStorageCacheSize" : 128, + + // List of paths to the custom Lua scripts that are to be loaded + // into this instance of Orthanc + "LuaScripts" : [ + ], + + // The period (in seconds) between 2 calls of the "OnHeartBeat" + // lua callback. O means the heart beat is disabled. + // TODO: text below for Orthanc book: + // Note: that the period is actually not the delay between + // the end of an execution and the triggering of the next one. + // Since there is only one lua context, if other lua code is being + // executed, the heart beat might be delayed even more. + "LuaHeartBeatPeriod" : 0, + + // List of paths to the plugins that are to be loaded into this + // instance of Orthanc (e.g. "./libPluginTest.so" for Linux, or + // "./PluginTest.dll" for Windows). These paths can refer to + // folders, in which case they will be scanned non-recursively to + // find shared libraries. Backslashes must be either escaped by + // doubling them, or replaced by forward slashes "/". + "Plugins" : [ + "/usr/share/orthanc/plugins", "/usr/local/share/orthanc/plugins", + "/home/root/OrthancJava-1.0/BuildPlugin/libOrthancJava.so" + ], + + "Java" : { + "Enabled" : true, + //"Classpath" : "/home/root/java/:/home/root/OrthancJava-1.0/BuildJavaSDK/OrthancJavaSDK.jar:.", + //"InitializationClass" : "HelloWorld" + "Classpath" : "/home/root/OrthancJava-1.0/BuildJavaSDK/OrthancJavaSDK.jar:/home/root/OrthancFHIR.jar", + "InitializationClass" : "Main" + }, + + // Maximum number of processing jobs that are simultaneously running + // at any given time. A value of "0" indicates to use all the + // available CPU logical cores. To emulate Orthanc <= 1.3.2, set + // this value to "1". + "ConcurrentJobs" : 2, + + // Defines the number of threads that are used to execute each type of + // jobs (for the jobs that can be parallelized). + // A value of "0" indicates to use all the available CPU logical cores. + // (new in Orthanc 1.11.3) + "JobsEngineThreadsCount" : { + "ResourceModification": 1 // for /anonymize, /modify + }, + + /** + * Configuration of the HTTP server + **/ + + // Enable the HTTP server. If this parameter is set to "false", + // Orthanc acts as a pure DICOM server. The REST API and Orthanc + // Explorer will not be available. + "HttpServerEnabled" : true, + + // Enable/disable the Orthanc Explorer Web user interface. This + // option is only meaningful if the "HttpServerEnabled" option is + // set to "true" (new in Orthanc 1.8.2). + "OrthancExplorerEnabled" : true, + + // HTTP port for the REST services and for the GUI + "HttpPort" : 8042, + + // When the following option is "true", if an error is encountered + // while calling the REST API, a JSON message describing the error + // is put in the HTTP answer. This feature can be disabled if the + // HTTP client does not properly handles such answers. + "HttpDescribeErrors" : true, + + // Enable HTTP compression to improve network bandwidth utilization, + // at the expense of more computations on the server. Orthanc + // supports the "gzip" and "deflate" HTTP encodings. + // When working on a LAN or on localhost, you should typically set + // this configuration to false while when working on low-bandwidth, + // you should set it to true. + // Note in versions up to 1.12.1, the default value was "true" and is + // "false" since 1.12.2. + "HttpCompressionEnabled" : false, + + // Enable the publication of the content of the Orthanc server as a + // WebDAV share (new in Orthanc 1.8.0). On the localhost, the WebDAV + // share is mapped as "http://localhost:8042/webdav/". + "WebDavEnabled" : true, + + // Whether to allow deletions through the WebDAV share. This is + // disabled by default to avoid accidental loss of DICOM instances. + "WebDavDeleteAllowed" : false, + + // Whether to allow uploads through the WebDAV share. + "WebDavUploadAllowed" : true, + + + + /** + * Configuration of the DICOM server + **/ + + // Enable the DICOM server. If this parameter is set to "false", + // Orthanc acts as a pure REST server. It will not be possible to + // receive files or to do query/retrieve through the DICOM protocol. + "DicomServerEnabled" : true, + + // The DICOM Application Entity Title (cannot be longer than 16 + // characters) + "DicomAet" : "ORTHANC", + + // Check whether the called AET corresponds to the AET of Orthanc + // during an incoming DICOM SCU request + "DicomCheckCalledAet" : false, + + // The DICOM port + "DicomPort" : 4242, + + // The default encoding that is assumed for DICOM files without + // "SpecificCharacterSet" DICOM tag, and that is used when answering + // C-FIND requests (including worklists). The allowed values are + // "Ascii", "Utf8", "Latin1", "Latin2", "Latin3", "Latin4", + // "Latin5", "Cyrillic", "Windows1251", "Arabic", "Greek", "Hebrew", + // "Thai", "Japanese", "Chinese", "JapaneseKanji", "Korean", and + // "SimplifiedChinese". + "DefaultEncoding" : "Latin1", + + // The transfer syntaxes that are accepted by Orthanc C-STORE SCP. + // This is an array listing the accepted transfer syntax UIDs. Each + // entry can contain wildcards ("?" or "*"). By default, all the + // known transfer syntaxes are accepted. (new in Orthanc 1.9.0) + "AcceptedTransferSyntaxes" : [ "1.2.840.10008.1.*" ], + + // User-friendly groups of transfer syntaxes that can be enabled or + // disabled at once. These options are applied after the main + // "AcceptedTransferSyntaxes" option has been applied (if present). + /** + "DeflatedTransferSyntaxAccepted" : true, + "JpegTransferSyntaxAccepted" : true, + "Jpeg2000TransferSyntaxAccepted" : true, + "JpegLosslessTransferSyntaxAccepted" : true, + "JpipTransferSyntaxAccepted" : true, + "Mpeg2TransferSyntaxAccepted" : true, + "RleTransferSyntaxAccepted" : true, + "Mpeg4TransferSyntaxAccepted" : true, // New in Orthanc 1.6.0 + "H265TransferSyntaxAccepted" : true, // New in Orthanc 1.9.0 + **/ + + // Whether Orthanc accepts to act as C-STORE SCP for unknown storage + // SOP classes (aka. "promiscuous mode") + "UnknownSopClassAccepted" : false, + + // Set the timeout (in seconds) after which the DICOM associations + // are closed by the Orthanc SCP (server) if no further DIMSE + // command is received from the SCU (client). + // A value of 0 means "no timeout". + "DicomScpTimeout" : 30, + + + + /** + * Security-related options for the HTTP server + **/ + + // Whether remote hosts can connect to the HTTP server + "RemoteAccessAllowed" : true, + + // Whether or not SSL is enabled + "SslEnabled" : false, + + // Path to the SSL certificate used by the HTTP server. The file + // must be stored in the PEM format, and must contain both the + // certificate and the private key. This option is only meaningful + // if "SslEnabled" is true. + "SslCertificate" : "certificate.pem", + + // Sets the minimum accepted SSL protocol version for the HTTP server + // (cf. "ssl_protocol_version" option of civetweb). By default, + // require TLS 1.2 or 1.3. This option is only meaningful if "SslEnabled" + // is true. (new in Orthanc 1.8.2) + // + // Value => Protocols + // 0 SSL2+SSL3+TLS1.0+TLS1.1+TLS1.2+TLS1.3 + // 1 SSL3+TLS1.0+TLS1.1+TLS1.2+TLS1.3 + // 2 TLS1.0+TLS1.1+TLS1.2+TLS1.3 + // 3 TLS1.1+TLS1.2+TLS1.3 + // 4 TLS1.2+TLS1.3 + // 5 TLS1.3 + "SslMinimumProtocolVersion" : 4, + + // Set the accepted ciphers for SSL connections for the HTTP server. + // The ciphers must be provided as a list of strings. If not set, + // this will default to FIPS 140-2 ciphers. This option is only + // meaningful if "SslEnabled" is true. (new in Orthanc 1.8.2) + /** + "SslCiphersAccepted" : [ "AES128-GCM-SHA256" ], + **/ + + // Whether or not peer client certificates shall be checked. This + // option is only meaningful if "SslEnabled" is true. + "SslVerifyPeers" : false, + + // Path to a file containing the concatenation of the client SSL + // certificate(s) that are trusted to verify the identity of remote + // HTTP clients. The individual certificate(s) or root CAs must be + // stored in the PEM format. This option is only meaningful + // if "SslVerifyPeers" is true. + "SslTrustedClientCertificates" : "trustedClientCertificates.pem", + + // Whether or not the password protection is enabled (using HTTP + // basic access authentication). Starting with Orthanc 1.5.8, if + // "AuthenticationEnabled" is not explicitly set, authentication is + // enabled iff. remote access is allowed (i.e. the default value of + // "AuthenticationEnabled" equals that of "RemoteAccessAllowed"). + /** + "AuthenticationEnabled" : true, + **/ + + // The list of the registered users. Because Orthanc uses HTTP + // Basic Authentication, the passwords are stored as plain text. + "RegisteredUsers" : { + // "alice" : "alicePassword" + }, + + + + /** + * Security-related options for the DICOM connections (SCU/SCP) + **/ + + // Whether DICOM TLS is enabled in the Orthanc SCP (new in Orthanc 1.9.0) + "DicomTlsEnabled" : false, + + // Path to the TLS certificate file (in PEM format) to be used for + // both Orthanc SCP (incoming DICOM connections) and Orthanc SCU + // (outgoing DICOM connections). Note that contrarily to the + // "SslCertificate" option, the certificate and its private key must + // be split into two separate files. (new in Orthanc 1.9.0) + /** + "DicomTlsCertificate" : "orthanc.crt", + **/ + + // Path to the file containing the private key (in PEM format) that + // corresponds to the TLS certificate specified in option + // "DicomTlsCertificate". (new in Orthanc 1.9.0) + /** + "DicomTlsPrivateKey" : "orthanc.key", + **/ + + // Path to a file containing all the TLS certificates that Orthanc + // can trust, both for its SCP (incoming DICOM connections) and SCU + // (outgoing DICOM connections). This file must contain a sequence + // of PEM certificates. (new in Orthanc 1.9.0) + /** + "DicomTlsTrustedCertificates" : "trusted.crt", + **/ + + // Whether Orthanc rejects DICOM TLS connections to/from remote + // modalities that do not provide a certificate. Setting this option + // to "true" (resp. "false") corresponds to "--require-peer-cert" + // (resp. "--ignore-peer-cert") in the DCMTK command-line + // tools. (new in Orthanc 1.9.3) + // Once you set this configuration to true, you must provide a list of + // trusted certificates in DicomTlsTrustedCertificates. + "DicomTlsRemoteCertificateRequired" : true, + + // Sets the minimum accepted TLS protocol version for the DICOM server + // By default, require TLS 1.2 or 1.3. This option is only meaningful + // if "DicomTlsEnabled" is true (new in Orthanc 1.12.4). + // Note that, internally, Orthanc is configured to use the BCP195 profile + // by default. As soon as you switch to another protocol version, you + // must also provide the list of supported cipher suites. + // This configuration applies to Orthanc acting both as SCU and SCP. + // Value => Protocols + // 0 use default BCP 195 profile and default cipher suites + // 1 SSL3+TLS1.0+TLS1.1+TLS1.2+TLS1.3 + // 2 TLS1.0+TLS1.1+TLS1.2+TLS1.3 + // 3 TLS1.1+TLS1.2+TLS1.3 + // 4 TLS1.2+TLS1.3 + // 5 TLS1.3 + "DicomTlsMinimumProtocolVersion" : 0, + + // Set the accepted ciphers for TLS connections for the DICOM server. + // The ciphers must be provided as a list of strings. If not set, + // this will default to BCP195 ciphers if DicomTlsMinimumProtocolVersion is 0 + // or to an empty list for other values. This option is only + // meaningful if "DicomTlsEnabled" is true. (new in Orthanc 1.12.4). + // This configuration must be provided if DicomTlsMinimumProtocolVersion != 0. + // The list of valid cipher names are available in + // https://www.openssl.org/docs/man3.3/man1/openssl-ciphers.html + // The OpenSSL names are used. + /** + "DicomTlsCiphersAccepted" : [] + **/ + + // Whether the Orthanc SCP allows incoming C-ECHO requests, even + // from SCU modalities it does not know about (i.e. that are not + // listed in the "DicomModalities" option above). Orthanc 1.3.0 + // is the only version to behave as if this argument were set to "false". + "DicomAlwaysAllowEcho" : true, + + // Whether the Orthanc SCP allows incoming C-STORE requests, even + // from SCU modalities it does not know about (i.e. that are not + // listed in the "DicomModalities" option above) + "DicomAlwaysAllowStore" : true, + + // Whether the Orthanc SCP allows incoming C-FIND requests, even + // from SCU modalities it does not know about (i.e. that are not + // listed in the "DicomModalities" option above). Setting this + // option to "true" implies security risks. (new in Orthanc 1.9.0) + // Note: From Orthanc 1.10.0, this option only applies to C-FIND + // requests for patients/studies/series/instances. Use option + // "DicomAlwaysAllowFindWorklist" for worklists. + "DicomAlwaysAllowFind" : false, + + // Whether the Orthanc SCP allows incoming C-FIND requests for worklists, + // even from SCU modalities it does not know about (i.e. that are not + // listed in the "DicomModalities" option above). Setting this + // option to "true" implies security risks. (new in Orthanc 1.10.0) + "DicomAlwaysAllowFindWorklist" : false, + + // Whether the Orthanc SCP allows incoming C-GET requests, even + // from SCU modalities it does not know about (i.e. that are not + // listed in the "DicomModalities" option above). Setting this + // option to "true" implies security risks. (new in Orthanc 1.9.0) + "DicomAlwaysAllowGet" : false, + + // Whether the Orthanc SCP allows incoming C-MOVE requests, even + // from SCU modalities it does not know about (i.e. that are not + // listed in the "DicomModalities" option above). Setting this + // option to "true" implies security risks. (new in Orthanc 1.9.7) + "DicomAlwaysAllowMove" : false, + + // Whether Orthanc checks the IP/hostname address of the remote + // modality initiating a DICOM connection (as listed in the + // "DicomModalities" option above). If this option is set to + // "false", Orthanc only checks the AET of the remote modality. + "DicomCheckModalityHost" : false, + + + + /** + * Network topology + **/ + + // The list of the known DICOM modalities. This option is ignored if + // "DicomModalitiesInDatabase" is set to "true", in which case you + // must use the REST API to define modalities. + "DicomModalities" : { + /** + * Uncommenting the following line would enable Orthanc to + * connect to an instance of the "storescp" open-source DICOM + * store (shipped in the DCMTK distribution), as started by the + * command line "storescp 2000". The first parameter is the + * AET of the remote modality (cannot be longer than 16 + * characters), the second one is the remote network address, + * and the third one is the TCP port number corresponding + * to the DICOM protocol on the remote modality (usually 104). + **/ + // "sample" : [ "STORESCP", "127.0.0.1", 2000 ] + + /** + * A fourth parameter is available to enable patches for + * specific PACS manufacturers. The allowed values are currently: + * - "Generic" (default value), + * - "GenericNoWildcardInDates" (to replace "*" by "" in date fields + * in outgoing C-FIND requests originating from Orthanc), + * - "GenericNoUniversalWildcard" (to replace "*" by "" in all fields + * in outgoing C-FIND SCU requests originating from Orthanc), + * - "Vitrea", + * - "GE" (Enterprise Archive, MRI consoles and Advantage Workstation + * from GE Healthcare). + * + * This parameter is case-sensitive. + **/ + // "vitrea" : [ "VITREA", "192.168.1.1", 104, "Vitrea" ] + + /** + * By default, the Orthanc SCP accepts all DICOM commands (C-ECHO, + * C-STORE, C-FIND, C-MOVE, C-GET and storage commitment) issued by the + * registered remote SCU modalities. Starting with Orthanc 1.5.0, + * it is possible to specify which DICOM commands are allowed, + * separately for each remote modality, using the syntax + * below. + * + * The "AllowEcho" (resp. "AllowStore") option only has an effect + * respectively if global option "DicomAlwaysAllowEcho" + * (resp. "DicomAlwaysAllowStore") is set to "false". + * + * Starting with Orthanc 1.7.0, "AllowTranscoding" can be used to + * disable the transcoding to uncompressed transfer syntaxes if + * this remote modality doesn't support compressed transfer + * syntaxes. This option currently applies to Orthanc C-GET SCP + * and to Orthanc C-STORE SCU. This option only has an effect if + * the global option "EnableTranscoding" is set to "true". + * + * By default, all "Allow*" options are true. + * "AllowStorageCommitment" is actually an alias for + * "AllowNAction" & "AllowEventReport". + * + * The "UseDicomTls" option specifies whether DICOM TLS should be + * used when opening a SCU connection from Orthanc to this remote + * modality. By default, DICOM TLS is not enabled. + * + * The "LocalAet" option allows one to overwrite the global + * "DicomAet" configuration option in order to specify another AET + * for Orthanc when initiating an SCU to this very specific + * modality. Similarly, "Timeout" allows one to overwrite the + * global value "DicomScuTimeout" on a per-modality basis. + **/ + //"untrusted" : { + // "AET" : "ORTHANC", + // "Port" : 104, + // "Host" : "127.0.0.1", + // "Manufacturer" : "Generic", + // "AllowEcho" : false, + // "AllowFind" : false, + // "AllowFindWorklist" : false, // new in 1.10.0 + // "AllowGet" : false, + // "AllowMove" : false, + // "AllowStore" : true, + // "AllowStorageCommitment" : false, // new in 1.6.0 + // "AllowTranscoding" : true, // new in 1.7.0 + // "UseDicomTls" : false, // new in 1.9.0 + // "LocalAet" : "HELLO", // new in 1.9.0 + // "Timeout" : 60 // new in 1.9.1 + //} + }, + + // Whether to store the DICOM modalities in the Orthanc database + // instead of in this configuration file (new in Orthanc 1.5.0) + "DicomModalitiesInDatabase" : false, + + // Whether the C-ECHO SCU is automatically followed by a C-FIND SCU, + // while testing the connectivity from Orthanc to a remote DICOM + // modality. This allows one to check that the remote modality does + // accept C-FIND requests from Orthanc (new in Orthanc 1.8.1). + "DicomEchoChecksFind" : false, + + // The timeout (in seconds) after which the DICOM associations are + // considered as closed by the Orthanc SCU (client) if the remote + // DICOM SCP (server) does not answer. + // A value of 0 means "no timeout". + "DicomScuTimeout" : 10, + + // During a C-STORE SCU request initiated by Orthanc, if the remote + // modality doesn't support the original transfer syntax of some + // DICOM instance, specify which transfer syntax should be preferred + // to transcode this instance (provided the remote modality accepts + // this syntax). In Orthanc between 1.7.0 and 1.8.2, this parameter + // was implicitly set to "Little Endian Implicit" + // (1.2.840.10008.1.2). In Orthanc <= 1.6.1 and in Orthanc >= 1.9.0, + // this parameter is by default set to "Little Endian Explicit" + // (1.2.840.10008.1.2.1). This parameter can possibly correspond to + // a compressed transfer syntax. (new in Orthanc 1.9.0) + "DicomScuPreferredTransferSyntax" : "1.2.840.10008.1.2.1", + + // Number of threads that are used by the embedded DICOM server. + // This defines the number of concurrent DICOM operations that can + // be run when Orthanc is acting as SCP. + // Note: This is not limiting the number of concurrent connections + // but the number of concurrent DICOM operations. + // E.g, with a single thread, if a C-Find is received during + // e.g the transcoding of an incoming C-Store, the C-Find will + // be processed only at the end of the C-Store operation but both + // DICOM assocations will remain active. + // (new in Orthanc 1.10.0, before this version, the value was + // fixed to 4) + "DicomThreadsCount" : 4, + + // The list of the known Orthanc peers. This option is ignored if + // "OrthancPeersInDatabase" is set to "true", in which case you must + // use the REST API to define Orthanc peers. + "OrthancPeers" : { + /** + * Each line gives the base URL of an Orthanc peer, possibly + * followed by the username/password pair (if the password + * protection is enabled on the peer). + **/ + // "peer" : [ "http://127.0.0.1:8043/", "alice", "alicePassword" ] + // "peer2" : [ "http://127.0.0.1:8044/" ] + + /** + * This is another, more advanced format to define Orthanc + * peers. It notably allows one to specify HTTP headers, a HTTPS + * client certificate in the PEM format (as in the "--cert" option + * of curl), or to enable PKCS#11 authentication for smart cards. + * + * The "Timeout" option allows one to overwrite the global value + * "HttpTimeout" on a per-peer basis. + **/ + // "peer" : { + // "Url" : "http://127.0.0.1:8043/", + // "Username" : "alice", + // "Password" : "alicePassword", + // "HttpHeaders" : { "Token" : "Hello world" }, + // "CertificateFile" : "client.crt", + // "CertificateKeyFile" : "client.key", + // "CertificateKeyPassword" : "certpass", + // "Pkcs11" : false, + // "Timeout" : 42 // New in Orthanc 1.9.1 + // } + }, + + // Whether to store the Orthanc peers in the Orthanc database + // instead of in this configuration file (new in Orthanc 1.5.0) + "OrthancPeersInDatabase" : false, + + // Parameters of the HTTP proxy to be used by Orthanc. If set to the + // empty string, no HTTP proxy is used. For instance: + // "HttpProxy" : "192.168.0.1:3128" + // "HttpProxy" : "proxyUser:proxyPassword@192.168.0.1:3128" + "HttpProxy" : "", + + // If set to "true", debug messages from libcurl will be issued + // whenever Orthanc makes an outgoing HTTP request. This is notably + // useful to debug HTTPS-related problems. + "HttpVerbose" : false, + + // Set the timeout for HTTP requests issued by Orthanc (in seconds). + "HttpTimeout" : 60, + + // Enable the verification of the peers during HTTPS requests. This + // option must be set to "false" if using self-signed certificates. + // Pay attention that setting this option to "false" results in + // security risks! + // Reference: http://curl.haxx.se/docs/sslcerts.html + "HttpsVerifyPeers" : true, + + // Path to the CA (certification authority) certificates to validate + // peers in HTTPS requests. From curl documentation ("--cacert" + // option): "Tells curl to use the specified certificate file to + // verify the peers. The file may contain multiple CA + // certificates. The certificate(s) must be in PEM format." On + // Debian-based systems, this option can be set to + // "/etc/ssl/certs/ca-certificates.crt" + "HttpsCACertificates" : "/etc/ssl/certs/ca-certificates.crt", + + + + /** + * Advanced options + **/ + + // Dictionary of symbolic names for the user-defined metadata. Each + // entry must map an unique string to an unique number between 1024 + // and 65535. Reserved values: + // - The Orthanc whole-slide imaging plugin uses metadata 4200 + "UserMetadata" : { + // "Sample" : 1024 + }, + + // Dictionary of symbolic names for the user-defined types of + // attached files. Each entry must map an unique string to an unique + // number between 1024 and 65535. Optionally, a second argument can + // provided to specify a MIME content type for the attachment. + "UserContentType" : { + // "sample" : 1024 + // "sample2" : [ 1025, "application/pdf" ] + }, + + // Number of seconds without receiving any instance before a + // patient, a study or a series is considered as stable. + "StableAge" : 60, + + // By default, Orthanc compares AET (Application Entity Titles) in a + // case-insensitive way. Setting this option to "true" will enable + // case-sensitive matching. + "StrictAetComparison" : false, + + // When the following option is "true", the MD5 of the DICOM files + // will be computed and stored in the Orthanc database. This + // information can be used to detect disk corruption, at the price + // of a small performance overhead. + "StoreMD5ForAttachments" : true, + + // The maximum number of results for a single C-FIND request at the + // Patient, Study or Series level. Setting this option to "0" means + // no limit. + "LimitFindResults" : 0, + + // The maximum number of results for a single C-FIND request at the + // Instance level. Setting this option to "0" means no limit. + "LimitFindInstances" : 0, + + // If this option is set to "true" (default behavior until Orthanc + // 1.3.2), Orthanc will log the resources that are exported to other + // DICOM modalities or Orthanc peers, inside the URI + // "/exports". Setting this option to "false" is useful to prevent + // the index to grow indefinitely in auto-routing tasks (this is the + // default behavior since Orthanc 1.4.0). + "LogExportedResources" : false, + + // Enable or disable HTTP Keep-Alive (persistent HTTP + // connections). Setting this option to "true" prevents Orthanc + // issue #32 ("HttpServer does not support multiple HTTP requests in + // the same TCP stream"), but can possibly slow down HTTP clients + // that do not support persistent connections. The default behavior + // used to be "false" in Orthanc <= 1.5.1. Setting this option to + // "false" is also recommended if Orthanc is compiled against + // Mongoose. + "KeepAlive" : true, + + // Defines the Keep-Alive timeout in seconds. + // (new in Orthanc 1.11.3) + "KeepAliveTimeout" : 1, + + // Enable or disable Nagle's algorithm. Only taken into + // consideration if Orthanc is compiled to use CivetWeb. Experiments + // show that best performance can be obtained by setting both + // "KeepAlive" and "TcpNoDelay" to "true". Beware however of + // caveats: https://eklitzke.org/the-caveats-of-tcp-nodelay + "TcpNoDelay" : true, + + // Number of threads that are used by the embedded HTTP server. + "HttpThreadsCount" : 50, + + // If this option is set to "false", Orthanc will run in index-only + // mode. The DICOM files will not be stored on the drive: Orthanc + // only indexes the small subset of the so-called "main DICOM tags" + // in its SQL database. Note that this option might prevent the + // upgrade to newer versions of Orthanc. Also note that this + // behavior might not be available with the storage area plugins. + "StoreDicom" : true, + + // DICOM associations initiated by Lua scripts are kept open as long + // as new DICOM commands are issued. This option sets the number of + // seconds of inactivity to wait before automatically closing a + // DICOM association used by Lua. If set to 0, the connection is + // closed immediately. This option is only used in Lua scripts. + "DicomAssociationCloseDelay" : 5, + + // Maximum number of query/retrieve DICOM requests that are + // maintained by Orthanc. The least recently used requests get + // deleted as new requests are issued. + "QueryRetrieveSize" : 100, + + // When handling a C-FIND SCP request, setting this flag to "true" + // will enable case-sensitive match for PN value representation + // (such as PatientName). By default, the search is + // case-insensitive, which does not follow the DICOM standard. + "CaseSensitivePN" : false, + + // Configure PKCS#11 to use hardware security modules (HSM) and + // smart cards when carrying on HTTPS client authentication. + /** + "Pkcs11" : { + "Module" : "/usr/local/lib/libbeidpkcs11.so", + "Module" : "C:/Windows/System32/beidpkcs11.dll", + "Pin" : "1234", + "Verbose" : true + } + **/ + + // If set to "false", Orthanc will not load its default dictionary + // of private tags. This might be necessary if you cannot import a + // DICOM file encoded using the Implicit VR Endian transfer syntax, + // and containing private tags: Such an import error might stem from + // a bad dictionary. You can still list your private tags of + // interest in the "Dictionary" configuration option below. + "LoadPrivateDictionary" : true, + + // Locale to be used by Orthanc. Currently, only used if comparing + // strings in a case-insensitive way. It should be safe to keep this + // value undefined, which lets Orthanc autodetect the suitable locale. + // "Locale" : "en_US.UTF-8", + + // Register a new tag in the dictionary of DICOM tags that are known + // to Orthanc. Each line must contain the tag (formatted as 2 + // hexadecimal numbers), the value representation (2 upcase + // characters), a nickname for the tag, possibly the minimum + // multiplicity (> 0 with defaults to 1), possibly the maximum + // multiplicity (0 means arbitrary multiplicity, defaults to 1), and + // possibly the Private Creator (for private tags). + // Note: For private tags, you should only declare the lower 8 bits + // of the element since the higher 8 bits may vary from one file to + // the other. + "Dictionary" : { + // "0014,1020" : [ "DA", "ValidationExpiryDate", 1, 1 ] + // "00e1,c2" : [ "UI", "PET-CT Multi Modality Name", 1, 1, "ELSCINT1" ] + // "7053,03" : [ "ST", "Original Image Filename", 1, 1, "Philips PET Private Group" ] + // "2001,5f" : [ "SQ", "StackSequence", 1, 1, "Philips Imaging DD 001" ] + }, + + // Load a set of external DICOM dictionaries in order to replace the + // default dictionaries. This option must contain a set of files in + // the DCMTK format. The order of the dictionaries *is* + // important. This option can be used to turn Orthanc into a DICONDE + // server. (new in Orthanc 1.9.4) + /** + "ExternalDictionaries" : [ + "/usr/share/libdcmtk12/dicom.dic", + "/usr/share/libdcmtk12/diconde.dic" + ] + **/ + + // Whether to run DICOM C-MOVE operations synchronously. If set to + // "false" (asynchronous mode), each incoming C-MOVE request results + // in the creation of a new background job. Up to Orthanc 1.3.2, the + // implicit behavior was to use synchronous C-MOVE ("true"). Between + // Orthanc 1.4.0 and 1.4.2, the default behavior was set to + // asynchronous C-MOVE ("false"). Since Orthanc 1.5.0, the default + // behavior is back to synchronous C-MOVE ("true", which ensures + // backward compatibility with Orthanc <= 1.3.2). + "SynchronousCMove" : true, + + // Maximum number of completed jobs that are kept in memory. A + // processing job is considered as complete once it is tagged as + // "Success" or "Failure". Since Orthanc 1.5.0, a value of "0" + // indicates to keep no job in memory (i.e. jobs are removed from + // the history as soon as they are completed), which prevents the + // use of some features of Orthanc (typically, synchronous mode in + // REST API) and should be avoided for non-developers. + "JobsHistorySize" : 10, + + // Whether to save the jobs into the Orthanc database. If this + // option is set to "true", the pending/running/completed jobs are + // automatically reloaded from the database if Orthanc is stopped + // then restarted (except if the "--no-jobs" command-line argument + // is specified). This option should be set to "false" if multiple + // Orthanc servers are using the same database (e.g. if PostgreSQL + // or MariaDB/MySQL is used). + "SaveJobs" : true, + + // Specifies how Orthanc reacts when it receives a DICOM instance + // whose SOPInstanceUID is already stored. If set to "true", the new + // instance replaces the old one. If set to "false", the new + // instance is discarded and the old one is kept. Up to Orthanc + // 1.4.1, the implicit behavior corresponded to "false". + "OverwriteInstances" : false, + + // Maximum number of ZIP/media archives that are maintained by + // Orthanc, as a response to the asynchronous creation of archives. + // The least recently used archives get deleted as new archives are + // generated. This option was introduced in Orthanc 1.5.0, and has + // no effect on the synchronous generation of archives. + "MediaArchiveSize" : 1, + + // Performance setting to specify how Orthanc accesses the storage + // area during find operations (C-FIND, /tools/find API route and + // QIDO-RS in dicom-web). Three modes are available: (1) "Always" + // allows Orthanc to read the storage area as soon as it needs an + // information that is not present in its database (slowest mode), + // (2) "Never" prevents Orthanc from accessing the storage area, and + // makes it uses exclusively its database (fastest mode), and (3) + // "Answers" allows Orthanc to read the storage area to generate its + // answers, but not to filter the DICOM resources (balance between + // the two modes). By default, the mode is "Always", which + // corresponds to the behavior of Orthanc <= 1.5.0. + "StorageAccessOnFind" : "Always", + + // Whether Orthanc monitors its metrics (new in Orthanc 1.5.4). If + // set to "true", the metrics can be retrieved at + // "/tools/metrics-prometheus" formetted using the Prometheus + // text-based exposition format. + "MetricsEnabled" : true, + + // Whether calls to URI "/tools/execute-script" is enabled. Starting + // with Orthanc 1.5.8, this URI is disabled by default for security. + "ExecuteLuaEnabled" : false, + + // Whether the REST API can write to the filesystem (e.g. in + // /instances/../export route). Starting with Orthanc 1.12.0, + // this URI is disabled by default for security. + "RestApiWriteToFileSystemEnabled": false, + + // Set the timeout while serving HTTP requests by the embedded Web + // server, in seconds. This corresponds to option + // "request_timeout_ms" of Mongoose/Civetweb. It will set the socket + // options "SO_RCVTIMEO" and "SO_SNDTIMEO" to the specified value. + "HttpRequestTimeout" : 30, + + // Set the default private creator that is used by Orthanc when it + // looks for a private tag in its dictionary (cf. "Dictionary" + // option), or when it creates/modifies a DICOM file (new in Orthanc 1.6.0). + "DefaultPrivateCreator" : "", + + // Maximum number of storage commitment reports (i.e. received from + // remote modalities) to be kept in memory (new in Orthanc 1.6.0). + "StorageCommitmentReportsSize" : 100, + + // Whether Orthanc transcodes DICOM files to an uncompressed + // transfer syntax over the DICOM protocol, if the remote modality + // does not support compressed transfer syntaxes (new in Orthanc 1.7.0). + "TranscodeDicomProtocol" : true, + + // If some plugin to decode/transcode DICOM instances is installed, + // this option specifies whether the built-in decoder/transcoder of + // Orthanc (that uses DCMTK) is applied before or after the plugins, + // or is not applied at all (new in Orthanc 1.7.0). The allowed + // values for this option are "After" (default value, corresponding + // to the behavior of Orthanc <= 1.6.1), "Before", or "Disabled". + "BuiltinDecoderTranscoderOrder" : "After", + + // If this option is set, Orthanc will transparently transcode any + // incoming DICOM instance to the given transfer syntax before + // storing it into its database. Beware that this might result in + // high CPU usage (if transcoding to some compressed transfer + // syntax), or in higher disk consumption (if transcoding to an + // uncompressed syntax). Also, beware that transcoding to a transfer + // syntax with lossy compression (notably JPEG) will change the + // "SOPInstanceUID" DICOM tag, and thus the Orthanc identifier at + // the instance level, which might break external workflow. + /** + "IngestTranscoding" : "1.2.840.10008.1.2", + **/ + + // Whether ingest transcoding is applied to incoming DICOM instances + // that have an uncompressed transfer syntax, i.e. Little Endian + // Implicit, Little Endian Explicit or Big Endian Explicit (new in + // Orthanc 1.8.2). + "IngestTranscodingOfUncompressed" : true, + + // Whether ingest transcoding is applied to incoming DICOM instances + // that have a compressed transfer syntax (new in Orthanc 1.8.2). + "IngestTranscodingOfCompressed" : true, + + // The compression level that is used when transcoding to one of the + // lossy/JPEG transfer syntaxes (integer between 1 and 100). + "DicomLossyTranscodingQuality" : 90, + + // Whether "fsync()" is called after each write to the storage area + // (new in Orthanc 1.7.4). If this option is set to "true", Orthanc + // will run more slowly, but the DICOM are guaranteed to be + // immediately written to the disk. This option only makes sense if + // the builtin filesystem storage area is used. It defaults to + // "false" in Orthanc <= 1.7.3, and to "true" in Orthanc >= 1.7.4. + "SyncStorageArea" : true, + + // If specified, on compatible systems, call "mallopt(M_ARENA_MAX, + // ...)" while starting Orthanc. This has the same effect at setting + // the environment variable "MALLOC_ARENA_MAX". This avoids large + // growth in RES memory if the threads of the embedded HTTP server + // have to allocate large chunks of memory (typically the case with + // large DICOM files). By setting "MallocArenaMax" to "N", these + // threads share "N" memory pools (known as "arenas"). Setting this + // option to "0" doesn't call mallopt()", which was the behavior of + // Orthanc <= 1.8.1. + "MallocArenaMax" : 5, + + // Deidentify/anonymize the contents of the logs (notably C-FIND, + // C-GET, and C-MOVE queries submitted to Orthanc) according to + // Table E.1-1 of the DICOM standard (new in Orthanc 1.8.2) + "DeidentifyLogs" : true, + + // If "DeidentifyLogs" is true, this sets the DICOM standard to + // follow for the deidentification/anonymization of the query + // contents. Possible values are "2008", "2017c", "2021b" (new + // in Orthanc 1.8.2), and "2023b" (new in Orthanc 1.12.1) + "DeidentifyLogsDicomVersion" : "2023b", + + // Maximum length of the PDU (Protocol Data Unit) in the DICOM + // network protocol, expressed in bytes. This value affects both + // Orthanc SCU and Orthanc SCP. It defaults to 16KB. The allowed + // range is [4096,131072]. (new in Orthanc 1.9.0) + "MaximumPduLength" : 16384, + + // Arbitrary identifier of this Orthanc server when storing its + // global properties if a custom index plugin is used. This + // identifier is only useful in the case of multiple + // readers/writers, in order to avoid collisions between multiple + // Orthanc servers. If unset, this identifier is taken as a SHA-1 + // hash derived from the MAC addresses of the network interfaces, + // and from the AET and TCP ports used by Orthanc. Manually setting + // this option is needed in Docker/Kubernetes environments. (new in + // Orthanc 1.9.2) + /** + "DatabaseServerIdentifier" : "Orthanc1", + **/ + + // Whether Orthanc protects the modification of metadata and + // attachments using revisions, which is done using the HTTP headers + // "ETag", "If-Match" and "If-None-Match" in the calls to the REST + // API. This is needed to handle collisions between concurrent + // modifications in the case of multiple writers. The database + // back-end must support this option, which is notably *not* yet the + // case of the built-in SQLite index. (new in Orthanc 1.9.2) + "CheckRevisions" : false, + + // Whether Orthanc streams ZIP archive/media to the HTTP + // client. Setting this option to "false" corresponds to the + // behavior of Orthanc <= 1.9.3: The ZIP is first entirely written + // to a temporary file, then sent to the client (which necessitates + // disk space and might lead to HTTP timeouts on large archives). If + // set to "true", the chunks of the ZIP file are progressively sent + // as soon as one DICOM file gets compressed (new in Orthanc 1.9.4) + "SynchronousZipStream" : true, + + // Default number of loader threads when generating Zip archive/media. + // A value of 0 means reading and writing are performed in sequence + // (default behaviour). A value > 1 is meaningful only if the storage + // is a distributed network storage (e.g object storage plugin). + // (new experimental feature in Orthanc 1.10.0) + "ZipLoaderThreads": 0, + + // Extra Main Dicom tags that are stored in DB together with all default + // Main Dicom tags that are already stored. + // see https://orthanc.uclouvain.be/book/faq/main-dicom-tags.html + // (new in Orthanc 1.11.0) + // Sequences tags are not supported. + /** + "ExtraMainDicomTags" : { + "Instance" : [ + "Rows", + "Columns", + "ImageType", + "SOPClassUID", + "ContentDate", + "ContentTime", + "FrameOfReferenceUID", + "PixelSpacing", + "SpecificCharacterSet", + "BitsAllocated" + ], + "Series" : [], + "Study": [], + "Patient": [] + }, + */ + + // Enables/disables warnings in the logs. + // "true" enables a warning. All warnings are enabled by default + // see https://orthanc.uclouvain.be/book/faq/main-dicom-tags.html#warnings + // (new in Orthanc 1.11.0) + "Warnings" : { + // A "RequestedTags" has been read from storage which is slower than + // reading it from DB. + // You might want to store this tag in ExtraMainDicomTags to build + // the response faster. + "W001_TagsBeingReadFromStorage": true, + + // Retrieving a list of Main dicom tags from a resource that has been + // saved with another "ExtraMainDicomTags" configuration which means that + // your response might be incomplete/inconsistent. + // You should call patients|studies|series|instances/../reconstruct to rebuild + // the DB. You may also check for the "Housekeeper" plugin + "W002_InconsistentDicomTagsInDb": true, + + // Display a warning message when Orthanc and its plugins are unable + // to decode a frame (new in Orthanc 1.12.5). + "W003_DecoderFailure": true + } + +, "OrthancExplorer2" : { "IsDefaultOrthancUI": false } +} From 82317fc8791b1851ef63cccf8cefbb7032618d06 Mon Sep 17 00:00:00 2001 From: Siddharth Vaish Date: Thu, 7 Nov 2024 15:10:38 +0530 Subject: [PATCH 2/5] Add config and fix port --- docker-compose-orthanc.yml | 2 +- orthanc.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose-orthanc.yml b/docker-compose-orthanc.yml index 7e99f78..175c916 100644 --- a/docker-compose-orthanc.yml +++ b/docker-compose-orthanc.yml @@ -20,7 +20,7 @@ services: - ozone - web ports: - - "8888:8042" + - "8889:8042" # depends_on: # env-substitution: # condition: service_completed_successfully diff --git a/orthanc.json b/orthanc.json index ad2e460..3f109bb 100644 --- a/orthanc.json +++ b/orthanc.json @@ -789,7 +789,7 @@ // instance replaces the old one. If set to "false", the new // instance is discarded and the old one is kept. Up to Orthanc // 1.4.1, the implicit behavior corresponded to "false". - "OverwriteInstances" : false, + "OverwriteInstances" : true, // Maximum number of ZIP/media archives that are maintained by // Orthanc, as a response to the asynchronous creation of archives. From 61db9f37c704d22a9485060cb093fb5bd5423e9d Mon Sep 17 00:00:00 2001 From: Siddharth Vaish Date: Sat, 9 Nov 2024 19:42:39 +0530 Subject: [PATCH 3/5] Add docker compose eip-openmrs-orthanc service and configs --- .env | 7 +++++ docker-compose-orthanc.yml | 53 ++++++++++++++++++++++++++++++-- scripts/docker-compose-files.txt | 1 + scripts/utils.sh | 1 + 4 files changed, 60 insertions(+), 2 deletions(-) diff --git a/.env b/.env index 250c9ac..9144581 100644 --- a/.env +++ b/.env @@ -98,6 +98,12 @@ EMR_WEIGHT_CONCEPT= ODOO_ENABLE_EXTRA_CUSTOMER_FIELDS_ROUTE=false ODOO_ENABLE_EXTRA_QUOTATION_FIELDS_ROUTE=false +# EIP client Orthanc +EIP_DB_NAME_ORTHANC=openmrs_eip_mgt_orthanc +EIP_DB_USER_ORTHANC=openmrs_eip_mgt_orthanc +EIP_DB_PASSWORD_ORTHANC=password +DB_EVENT_DESTINATIONS_ORTHANC=direct:orthanc-event-listener + # EIP client ERPNext EIP_DB_NAME_ERPNEXT=openmrs_eip_mgt_erpnext EIP_DB_USER_ERPNEXT=openmrs_eip_mgt_erpnext @@ -128,6 +134,7 @@ EIP_OPENMRS_SENAITE_CONFIG_PATH= EIP_OPENMRS_SENAITE_ROUTES_PATH= EIP_ODOO_OPENMRS_PROPERTIES_PATH= EIP_ODOO_OPENMRS_ROUTES_PATH= +EIP_OPENMRS_ORTHANC_ROUTES_PATH= # Use the following volume to point to override database initialization scripts # Be careful when overriding this because the default scripts run essential configuration tasks needed by Ozone FOSS diff --git a/docker-compose-orthanc.yml b/docker-compose-orthanc.yml index 175c916..9d5e771 100644 --- a/docker-compose-orthanc.yml +++ b/docker-compose-orthanc.yml @@ -10,7 +10,7 @@ services: dockerfile: Dockerfile restart: always environment: - - ORTHANC_NAME=${ORTHANC_NAME} + - ORTHANC_NAME=Orthanc - ORTHANC_AUTHENTICATION=keycloak - KEYCLOAK_REALM=orthanc - KEYCLOAK_CLIENT_ID=orthanc @@ -45,6 +45,54 @@ services: # environment: # - ORTHANC_PUBLIC_URL=http://${ORTHANC_HOSTNAME} + # Orthanc - OpenMRS integration service + eip-openmrs-orthanc: + depends_on: + env-substitution: + condition: service_completed_successfully + openmrs: + condition: service_healthy + mysql: + condition: service_started + orthanc: + condition: service_started + environment: + - EIP_DB_NAME_ORTHANC=${EIP_DB_NAME_ORTHANC} + - EIP_DB_USER_ORTHANC=${EIP_DB_USER_ORTHANC} + - EIP_DB_PASSWORD_ORTHANC=${EIP_DB_PASSWORD_ORTHANC} + - OPENMRS_URL=http://openmrs:8080/openmrs + - EIP_PROFILE=prod + - MYSQL_ADMIN_USER=root + - MYSQL_ADMIN_USER_PASSWORD=${MYSQL_ROOT_PASSWORD} + - OPENMRS_DB_HOST=${OPENMRS_DB_HOST} + - OPENMRS_DB_PORT=${OPENMRS_DB_PORT} + - OPENMRS_DB_NAME=${OPENMRS_DB_NAME} + - OPENMRS_DB_USER=${OPENMRS_DB_USER} + - OPENMRS_DB_PASSWORD=${OPENMRS_DB_PASSWORD} + - OPENMRS_USER=${OPENMRS_USER} + - OPENMRS_PASSWORD=${OPENMRS_PASSWORD} + - EIP_FHIR_RESOURCES= + - EIP_FHIR_SERVER_URL=http://openmrs:8080/openmrs/ws/fhir2/R4 + - EIP_FHIR_USERNAME=${OPENMRS_USER} + - EIP_FHIR_PASSWORD=${OPENMRS_PASSWORD} + image: mekomsolutions/eip-client + networks: + ozone: + aliases: + - eip-openmrs-orthanc + restart: unless-stopped + volumes: + - "${EIP_OPENMRS_ORTHANC_ROUTES_PATH}:/eip-client/routes" + - eip-home-orthanc:/eip-home + + mysql: + environment: + EIP_DB_NAME_ODOO: ${EIP_DB_NAME_ODOO} + EIP_DB_USER_ODOO: ${EIP_DB_USER_ODOO} + EIP_DB_PASSWORD_ODOO: ${EIP_DB_PASSWORD_ODOO} + volumes: + - "${SQL_SCRIPTS_PATH}/mysql/eip-openmrs-orthanc:/docker-entrypoint-initdb.d/db/eip-openmrs-orthanc" + secrets: orthanc.json: file: orthanc.json @@ -54,4 +102,5 @@ networks: web: volumes: - orthanc-db: \ No newline at end of file + orthanc-db: + eip-home-orthanc: ~ \ No newline at end of file diff --git a/scripts/docker-compose-files.txt b/scripts/docker-compose-files.txt index b23e48a..f96c788 100755 --- a/scripts/docker-compose-files.txt +++ b/scripts/docker-compose-files.txt @@ -2,3 +2,4 @@ docker-compose-common.yml docker-compose-odoo.yml docker-compose-openmrs.yml docker-compose-senaite.yml +docker-compose-orthanc.yml diff --git a/scripts/utils.sh b/scripts/utils.sh index 91ceed3..f5ad0c5 100644 --- a/scripts/utils.sh +++ b/scripts/utils.sh @@ -31,6 +31,7 @@ function exportPaths () { export ODOO_CONFIG_PATH=$DISTRO_PATH/configs/odoo/initializer_config/ export ODOO_CONFIG_FILE_PATH=$DISTRO_PATH/configs/odoo/config/odoo.conf export EIP_ODOO_OPENMRS_ROUTES_PATH=$DISTRO_PATH/binaries/eip-odoo-openmrs + export EIP_OPENMRS_ORTHANC_ROUTES_PATH=$DISTRO_PATH/binaries/eip-openmrs-orthanc export EIP_OPENMRS_SENAITE_ROUTES_PATH=$DISTRO_PATH/binaries/eip-openmrs-senaite export EIP_ERPNEXT_OPENMRS_ROUTES_PATH=$DISTRO_PATH/binaries/eip-erpnext-openmrs export OPENMRS_FRONTEND_BINARY_PATH=$DISTRO_PATH/binaries/openmrs/frontend From 1cf70ccab396e1cdf443855972d474cf0663c93e Mon Sep 17 00:00:00 2001 From: Siddharth Vaish Date: Mon, 2 Dec 2024 21:17:54 +0530 Subject: [PATCH 4/5] Add image and fix configs --- docker-compose-orthanc.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/docker-compose-orthanc.yml b/docker-compose-orthanc.yml index 9d5e771..e62605e 100644 --- a/docker-compose-orthanc.yml +++ b/docker-compose-orthanc.yml @@ -5,9 +5,8 @@ services: command: /run/secrets/ secrets: - orthanc.json - build: - context: . - dockerfile: Dockerfile + image: sidvaish97/orthanc_test:v1.0 + platform: linux/amd64 restart: always environment: - ORTHANC_NAME=Orthanc @@ -87,9 +86,9 @@ services: mysql: environment: - EIP_DB_NAME_ODOO: ${EIP_DB_NAME_ODOO} - EIP_DB_USER_ODOO: ${EIP_DB_USER_ODOO} - EIP_DB_PASSWORD_ODOO: ${EIP_DB_PASSWORD_ODOO} + EIP_DB_NAME_ORTHANC: ${EIP_DB_NAME_ORTHANC} + EIP_DB_USER_ORTHANC: ${EIP_DB_USER_ORTHANC} + EIP_DB_PASSWORD_ORTHANC: ${EIP_DB_PASSWORD_ORTHANC} volumes: - "${SQL_SCRIPTS_PATH}/mysql/eip-openmrs-orthanc:/docker-entrypoint-initdb.d/db/eip-openmrs-orthanc" From 9a91f445ef561667e73b7d88ad396ca175a0c7cd Mon Sep 17 00:00:00 2001 From: Siddharth Vaish Date: Thu, 2 Jan 2025 17:15:41 +0530 Subject: [PATCH 5/5] Add env variables and cleanup --- Dockerfile | 36 ------------------------------------ docker-compose-orthanc.yml | 28 ++++------------------------ scripts/utils.sh | 2 ++ 3 files changed, 6 insertions(+), 60 deletions(-) delete mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index ca733ef..0000000 --- a/Dockerfile +++ /dev/null @@ -1,36 +0,0 @@ -# Use the base Orthanc plugins image -FROM jodogne/orthanc-plugins:latest - -RUN apt-get update && apt-get install -y openjdk-17-jdk cmake build-essential python3 unzip libjsoncpp-dev \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* - -ENV JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64 - -WORKDIR /home/root/ -RUN wget -qO- https://orthanc.uclouvain.be/downloads/sources/orthanc-java/OrthancJava-1.0.tar.gz | tar xvz - -WORKDIR /home/root/OrthancJava-1.0 -RUN mkdir BuildPlugin && \ - cd BuildPlugin && \ - cmake ../Plugin -DCMAKE_BUILD_TYPE=Release && \ - make - -WORKDIR /home/root/OrthancJava-1.0 -RUN mkdir BuildJavaSDK && \ - cd BuildJavaSDK && \ - cmake ../JavaSDK && \ - make - -WORKDIR /home/root/ -RUN wget https://orthanc.uclouvain.be/downloads/cross-platform/orthanc-java/mainline/OrthancFHIR.jar - -COPY java/HelloWorld.java /home/root/java/ -WORKDIR /home/root/java/ -RUN javac -cp /home/root/OrthancJava-1.0/BuildJavaSDK/OrthancJavaSDK.jar HelloWorld.java - -# Expose Orthanc default port -EXPOSE 4242 8042 - -ENV LD_PRELOAD=/usr/lib/jvm/java-17-openjdk-amd64/lib/server/libjvm.so -ENTRYPOINT ["/usr/local/sbin/Orthanc"] \ No newline at end of file diff --git a/docker-compose-orthanc.yml b/docker-compose-orthanc.yml index e62605e..5d8f584 100644 --- a/docker-compose-orthanc.yml +++ b/docker-compose-orthanc.yml @@ -20,29 +20,6 @@ services: - web ports: - "8889:8042" -# depends_on: -# env-substitution: -# condition: service_completed_successfully - - # keycloak: - # image: orthancteam/orthanc-keycloak:latest - # restart: always - # ports: - # - "8080:8080" - # environment: - # - ORTHANC__USER__NAME=orthanc - # - ORTHANC__USER__PASSWORD=orthanc - # - KC_DB="postgresql" - # - KC_DB_URL="jdbc:postgresql://postgres:5432/keycloak" - # - KC_DB_USERNAME="orthanc" - # - KC_DB_PASSWORD="orthanc" - # networks: - # - ozone - # - web - -# env-substitution: -# environment: -# - ORTHANC_PUBLIC_URL=http://${ORTHANC_HOSTNAME} # Orthanc - OpenMRS integration service eip-openmrs-orthanc: @@ -60,6 +37,7 @@ services: - EIP_DB_USER_ORTHANC=${EIP_DB_USER_ORTHANC} - EIP_DB_PASSWORD_ORTHANC=${EIP_DB_PASSWORD_ORTHANC} - OPENMRS_URL=http://openmrs:8080/openmrs + - ORTHANC_URL=http://orthanc:8042 - EIP_PROFILE=prod - MYSQL_ADMIN_USER=root - MYSQL_ADMIN_USER_PASSWORD=${MYSQL_ROOT_PASSWORD} @@ -74,6 +52,8 @@ services: - EIP_FHIR_SERVER_URL=http://openmrs:8080/openmrs/ws/fhir2/R4 - EIP_FHIR_USERNAME=${OPENMRS_USER} - EIP_FHIR_PASSWORD=${OPENMRS_PASSWORD} + - OPENMRS_USERNAME=${OPENMRS_USER} + - OPENMRS_PASSWORD=${OPENMRS_PASSWORD} image: mekomsolutions/eip-client networks: ozone: @@ -94,7 +74,7 @@ services: secrets: orthanc.json: - file: orthanc.json + file: ${ORTHANC_CONFIG_PATH}/orthanc.json networks: ozone: diff --git a/scripts/utils.sh b/scripts/utils.sh index cdc4fa7..209c859 100644 --- a/scripts/utils.sh +++ b/scripts/utils.sh @@ -39,6 +39,7 @@ function exportPaths () { export SQL_SCRIPTS_PATH=$DISTRO_PATH/data/ export ERPNEXT_CONFIG_PATH=$DISTRO_PATH/configs/erpnext/initializer_config/ export ERPNEXT_SCRIPTS_PATH=$DISTRO_PATH/binaries/erpnext/scripts/ + export ORTHANC_CONFIG_PATH=$DISTRO_PATH/configs/orthanc/initializer_config echo "→ OPENMRS_CONFIG_PATH=$OPENMRS_CONFIG_PATH" echo "→ OPENMRS_PROPERTIES_PATH=$OPENMRS_PROPERTIES_PATH" @@ -55,6 +56,7 @@ function exportPaths () { echo "→ SQL_SCRIPTS_PATH=$SQL_SCRIPTS_PATH" echo "→ ERPNEXT_CONFIG_PATH=$ERPNEXT_CONFIG_PATH" echo "→ ERPNEXT_SCRIPTS_PATH=$ERPNEXT_SCRIPTS_PATH" + echo "→ ORTHANC_CONFIG_PATH=$ORTHANC_CONFIG_PATH" }