Compose is a tool for defining and running multi-container Docker applications.
Install compose https://docs.docker.com/compose/install/
Note: Install docker CE or EE version. Docker CS is not supported and permission errors may be experienced if using Docker CS version.
Docker CS (Commercially Supported) is kind of the old bundle version of Docker EE for versions <= 1.13.
How to use the OpenSRP server web docker image?
OpenSRP server web docker image is published on dockerhub and github container registry.
Prerequisites
For OpenSRP to work it needs the following applications/services to support it and in brackets are their respective spring profiles that activate them (Default spring profiles are jedis,postgres and oauth2
):
1. Redis (`jedis` profile) 2. Postgres (`postgres` profile) 3. Keycloak or Openmrs for (v2.1.* tags for openmrs sync, `openmrs-sync` profile) authentication is by default oauth2 but basic auth is still available for openmrs authentication with (`basic_auth` profile)
To update the active profiles make changes on this line (comma separated) and include the file on the volumes section of docker compose.
OpenSRP server is deployed as a .war file. Its main configurations are stored in the following locations:
Holds the postgres DB configurations e.g credentials, database name and other additional configs.
Holds mappings between URL paths and the servlets that handle requests with those paths, also the active spring profiles.
Holds the logging configurations.
Holds all the application properties config.
keycloak.json
Holds all the keycloak configs used on spring.
{ "auth-server-url": "https://<keycloak-url>/auth/", "confidential-port": 443, "credentials": { "secret": "<sample-secret>" }, "realm": "<realm name>", "resource": "<resource name>", "ssl-required": "external" }
Holds the mybatis database configurations.
Mybatis In-App Migration
Mybatis runtime configuration has been added from v2.10.x, v3.2.x, v2.1.7x meaning migrations will run when during application start up, when one is using older versions of OpenSRP ensure the mybatis service is uncommented from the below snippet of docker-compose file.
Now using the image.
version: "3.9" services: redis: restart: unless-stopped image: redis:6.0 ports: - "6379:6379" command: redis-server --requirepass redisPassword # update with an appropriate password. volumes: - redisdata:/data postgres: restart: unless-stopped image: postgres:14 ports: - "5457:5432" environment: - "POSTGRES_PASSWORD=mysecretpassword" - "POSTGRES_USER=postgres" - "POSTGRES_DB=postgres" volumes: - pgdata:/var/lib/postgresql/data # Remove keycloak service if openmrs is used for authentication keycloak: restart: unless-stopped image: jboss/keycloak:16.1.1 environment: - "KEYCLOAK_USER=admin" - "KEYCLOAK_PASSWORD=admin" - "DB_VENDOR=postgres" - "DB_PASSWORD=secretpassword" - "DB_USER=keycloak" - "DB_ADDR=postgres:5432" - "PROXY_ADDRESS_FORWARDING=true" ports: - "8081:8080" - "8443:8443" depends_on: - postgres OpenSRP-server-web: restart: unless-stopped image: OpenSRP/OpenSRP-server-web:v2.9.2-SNAPSHOT # pick the latest tag ports: - "8080:8080" volumes: - ./context.xml:/usr/local/tomcat/webapps/OpenSRP/META-INF/context.xml - ./OpenSRP.properties:/usr/local/tomcat/webapps/OpenSRP/WEB-INF/classes/OpenSRP.properties - ./keycloak.json:/usr/local/tomcat/webapps/OpenSRP/WEB-INF/keycloak.json - multimediaData:/opt/multimedia depends_on: - mybatis - keycloak - redis # refer to https://hub.docker.com/r/OpenSRP/web # OpenSRP-web: # depends_on: # - OpenSRP-server-web # mybatis: #runs database migrations # image: OpenSRP/OpenSRP-server-web:v2.10.0-SNAPSHOT # pick the latest tag # command: ["/opt/mybatis/mybatis-migrations-3.3.4/bin/migrate", "up", "--path=/migrations", "--env=deployment"] # volumes: # - ./deployment.properties:/migrations/environments/deployment.properties # depends_on: # - postgres volumes: redisdata: # external: true pgdata: # external: true multimediaData: # external: true
And to run it
docker-compose up
For production setups consider backing up the postgresql databases.