Docker Compose Setup

Compose is a tool for defining and running multi-container Docker applications.

Install compose https://docs.docker.com/compose/install/

Note: Install docker CE or EE version. Docker CS is not supported and permission errors may be experienced if using Docker CS version.
Docker CS (Commercially Supported) is kind of the old bundle version of Docker EE for versions <= 1.13.

How to use the OpenSRP server web docker image?

OpenSRP server web docker image is published on dockerhub and github container registry.

Prerequisites

For OpenSRP to work it needs the following applications/services to support it and in brackets are their respective spring profiles that activate them (Default spring profiles are jedis,postgres and oauth2):

1. Redis (`jedis` profile)
2. Postgres (`postgres` profile)
3. Keycloak or Openmrs for (v2.1.* tags for openmrs sync, `openmrs-sync` profile) authentication is by default oauth2 but basic auth is still available for openmrs authentication with (`basic_auth` profile)

To update the active profiles make changes on this line (comma separated) and include the file on the volumes section of docker compose.

OpenSRP server is deployed as a .war file. Its main configurations are stored in the following locations:

The depending on your setup one needs to modify the following files and mount them as volumes on the docker containers. The context.xml, keycloak.json and opensrp.properties must be updated.

context.xml
- Holds the postgres DB configurations e.g credentials, database name and other additional configs.
- Copy this file and update the postgres credentials.
web.xml
- Holds mappings between URL paths and the servlets that handle requests with those paths, also the active spring profiles.
- Unless one need additional spring maven profiles other than defaults there is no need to copy and update configuration.
  - Additional profiles can be added on this line.
log4j2.xml
- Holds the logging configurations.
- Unless one needs to customize log configurations leave as is.
opensrp.properties
- Holds all the application properties config.
- Copy the file and update applications configurations for redis, rabbitmq, openmrs, dhis2, threading, metrics, sentry just to name a few.
- Change only what one needs and leave the rest as defaults.
- Additionally update cors here to * for developments purposes or comma separated links of trusted origins.
keycloak.json
- Holds all the keycloak configs used on spring.
{ "auth-server-url": "https://<keycloak-url>/auth/", "confidential-port": 443, "credentials": { "secret": "<sample-secret>" }, "realm": "<realm name>", "resource": "<resource name>", "ssl-required": "external" }

Mybatis In-App Migration

Mybatis runtime configuration has been added from v2.10.x, v3.2.x, v2.1.7x meaning migrations will run when during application start up.

Now using the image.

version: "3.9"
services:
  redis:
    restart: unless-stopped
    image: redis:6.0
    ports:
      - "6379:6379"
    command: redis-server --requirepass redisPassword # update with an appropriate password.
    volumes:
      - redisdata:/data
  postgres:
    restart: unless-stopped
    image: postgres:14
    ports:
      - "5457:5432"
    environment:
      - "POSTGRES_PASSWORD=mysecretpassword"
      - "POSTGRES_USER=postgres"
      - "POSTGRES_DB=postgres"
    volumes:
      - pgdata:/var/lib/postgresql/data
# Remove keycloak service if openmrs is used for authentication
  keycloak:
    restart: unless-stopped
    image: jboss/keycloak:16.1.1
    environment:
      - "KEYCLOAK_USER=admin"
      - "KEYCLOAK_PASSWORD=admin"
      - "DB_VENDOR=postgres"
      - "DB_PASSWORD=secretpassword"
      - "DB_USER=keycloak"
      - "DB_ADDR=postgres:5432"
      - "PROXY_ADDRESS_FORWARDING=true"
    ports:
      - "8081:8080"
      - "8443:8443"
    depends_on:
      - postgres
  opensrp-server-web:
    restart: unless-stopped
    image: opensrp/opensrp-server-web:v2.10.0-SNAPSHOT # pick the latest tag
    ports:
      - "8080:8080"
    volumes:
      - ./context.xml:/usr/local/tomcat/webapps/opensrp/META-INF/context.xml
      - ./opensrp.properties:/usr/local/tomcat/webapps/opensrp/WEB-INF/classes/opensrp.properties
      - ./keycloak.json:/usr/local/tomcat/webapps/opensrp/WEB-INF/keycloak.json
      - multimediaData:/opt/multimedia
    depends_on:
      - keycloak
      - redis
# refer to https://hub.docker.com/r/opensrp/web 
# opensrp-web: 
#    depends_on:
#      - opensrp-server-web

volumes:
  redisdata:
#    external: true
  pgdata:
#    external: true
  multimediaData:
#    external: true

And to run it

For production setups consider backing up the postgresql databases.

References

https://docs.docker.com/compose/

https://docs.docker.com/compose/networking/