diff --git a/README.md b/README.md index 3133951c..6dfef799 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,10 @@ -# caMicroscope Distribution +

+ camicroscope: a web-based image viewer optimized for large bio-medical image data viewing +

[![Build Status](https://travis-ci.org/camicroscope/Distro.svg?branch=master)](https://travis-ci.org/camicroscope/Distro) -caMicroscope 3.X distribution +# caMicroscope distribution run with `docker-compose -f caMicroscope.yml up` @@ -37,8 +39,6 @@ Security and Routes - This is handled by the security container. By default rout Image Volume - This is, by default, the images directory in this directory. If this is changed, please make the same change across all impacted services. -Packages - Packages are built in the viewer service using parcel, mount a different directory with packages.js to the package directory to overwrite or add functionality. - ## PathDB To use PathDB, use quip-pathdb.yml instead of caMicroscope.yml. This deployment does not include the auth and loader as separate services, as this PathDB provides that functionality. diff --git a/auth_without_pathdb.md b/auth_without_pathdb.md deleted file mode 100644 index 403da2e1..00000000 --- a/auth_without_pathdb.md +++ /dev/null @@ -1,33 +0,0 @@ -# QUIP Auth Without PathDB - -## About this Method and Guide - -PathDB is used as both authentication and authorization. In instances where PathDB is not desired, we use a combination of an external identity provider and an internal authorization service. The authorization service consumes Json Web Tokens (JWTs) from the identity provider, and then will issue JWTs which convey both authentication and authorization, which are consumed by the application. - -This guide aims to explain how to make a deployment use this method. - -## Getting an Identity Provider and Setting up Login - -There are many identity providers, but for testing and examples, we have been using auth0. - -When selecting, an identity provider, note that we expect it to provide a JWT, and to have a certificate/public key/secret which can be used to verify such JWTs. - -The example given in the Distro within config/login.html is set up for auth0; simply change the corresponding variables for your auth0 application if auth0 is used. If using another identity provider, then login.html, or equivalent, needs to, at least, set the JWT to a cookie called "token", and call the auth service's 'check' route, and save a successful result as the token. Follow the guide which your identity provider uses for further guidance. - -## Keys/Certificates - -Add the following files; by default, they are mounted: - -- --./jwt\_keys/certificate or ./jwt\_keys/jwk.json is the certificate/public key/secret or jwk (respectively) from the **identity provider**. (If both are included, the jwk takes precedence). -- --./jwt\_keys/key and ./jwt\_keys/key.pub are used as the signing and check keys for the **auth service** - - --These can (and should) be generated with ./kwt\_keys/make\_keys.sh - -## Deployment Configuration - -Turn off disable security under the elevate service to block routes. - -## Adding Users to Database - -Add users as in ./config/add\_mongo\_users.js. Attributes can be added to deny access to routes (e.g. allow only some users to post and delete) - -The name field is the email field (or failing that, sub field) in that priority from the identity provider. diff --git a/caMicroscope.yml b/caMicroscope.yml index c4c23b99..e3ebd906 100644 --- a/caMicroscope.yml +++ b/caMicroscope.yml @@ -34,13 +34,13 @@ services: - ./config/bindaas_projects/:/root/bindaas/bin/projects/ - ./config/bindaas.config.json:/root/bindaas/bin/bindaas.config.json iip: - build: "https://github.com/camicroscope/iipImage.git#v3.2.0" + build: "https://github.com/caMicroscope/iipImage.git#v3.2.0" container_name: ca-iip restart: unless-stopped volumes: - ./images/:/images/ viewer: - build: "https://github.com/camicroscope/caMicroscope.git#v3.6.1" + build: "https://github.com/caMicroscope/caMicroscope.git#v3.6.2" container_name: ca-front restart: unless-stopped volumes: @@ -48,7 +48,7 @@ services: logging: driver: none loader: - build: "https://github.com/camicroscope/SlideLoader.git#v3.5.9" + build: "https://github.com/caMicroscope/SlideLoader.git#v3.6.2" container_name: ca-load restart: unless-stopped logging: @@ -56,7 +56,7 @@ services: volumes: - ./images/:/images/ security: - build: "https://github.com/camicroscope/Security.git#v3.5.2" + build: "https://github.com/caMicroscope/Security.git#v3.6.2" container_name: ca-security restart: unless-stopped ports: diff --git a/develop.yml b/develop.yml index c07e1695..f0b7c270 100644 --- a/develop.yml +++ b/develop.yml @@ -29,22 +29,24 @@ services: - ./config/bindaas_projects/:/root/bindaas/bin/projects/ - ./config/bindaas.config.json:/root/bindaas/bin/bindaas.config.json iip: - build: "https://github.com/camicroscope/iipImage.git#develop" + build: "https://github.com/caMicroscope/iipImage.git#develop" container_name: ca-iip volumes: - ./images/:/images/ viewer: - build: "https://github.com/camicroscope/caMicroscope.git#develop" + build: "https://github.com/caMicroscope/caMicroscope.git#develop" container_name: ca-front + environment: + - cacheoff=true volumes: - ./config/login.html:/usr/local/apache2/htdocs/login.html loader: - build: "https://github.com/camicroscope/SlideLoader.git#develop" + build: "https://github.com/caMicroscope/SlideLoader.git#develop" container_name: ca-load volumes: - ./images/:/images/ security: - build: "https://github.com/camicroscope/Security.git#develop" + build: "https://github.com/caMicroscope/Security.git#develop" container_name: ca-security ports: - "4010:4010" @@ -57,6 +59,6 @@ services: build: "./Deps/auth_service/" volumes: - ./jwt_keys/:/keys/ - environment: - JWKS: "https://birmstuff.auth0.com/.well-known/jwks.json" container_name: ca-auth + environment: + JWKS: "https://www.googleapis.com/oauth2/v3/certs" diff --git a/quip-pathdb.yml b/quip-pathdb.yml index 858897c9..8a411df5 100644 --- a/quip-pathdb.yml +++ b/quip-pathdb.yml @@ -39,7 +39,7 @@ services: volumes: - ./images/:/data/images/ security: - build: "https://github.com/camicroscope/Security.git#v3.5.2" + build: "https://github.com/camicroscope/Security.git#v3.6.2" container_name: ca-security restart: unless-stopped ports: ["4010:4010"] @@ -56,7 +56,7 @@ services: build: context: "https://github.com/SBU-BMI/PathDB.git#1.3.5" args: - viewer: "v3.6.1" + viewer: "v3.6.2" container_name: quip-pathdb restart: unless-stopped ports: ["443:443","80:80"]