-
Notifications
You must be signed in to change notification settings - Fork 99
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature: deploy BHIMA using docker and docker-compose #7586
Merged
jmcameron
merged 29 commits into
IMA-WorldHealth:master
from
Third-Culture-Software:master
May 22, 2024
Merged
Changes from all commits
Commits
Show all changes
29 commits
Select commit
Hold shift + click to select a range
5da2515
Create docker-image.yml
jniles 5fd6699
chore: improve docker + compose
jniles 116cee0
deploy: add ghcr.io image to docker compose
jniles 8378f57
chore: initialize mysql database in docker
jniles c2d48e4
chore: rename sql files
jniles bdc1845
fix: sever-unit -> server-unit
jniles 6ee5c5c
fix: add env vars to bhima docker
jniles e5e9118
Merge pull request #1 from Third-Culture-Software/chore-build-with-do…
jniles cf3d147
chore: allow manual trigger of builds
jniles 75790e7
Merge pull request #2 from Third-Culture-Software/chore-build-with-do…
jniles 624f3b3
Create docker-image.yml
jniles 4a21d87
chore: improve docker + compose
jniles e115364
deploy: add ghcr.io image to docker compose
jniles 572edf5
chore: initialize mysql database in docker
jniles 6b89ad3
chore: rename sql files
jniles e7afb25
fix: sever-unit -> server-unit
jniles 9071a22
fix: add env vars to bhima docker
jniles 4488bd3
chore: allow manual trigger of builds
jniles 804a184
Create .env.docker
jniles c121fe8
Update .dockerignore
jniles 8bebc31
refactor: use dockerhub for distribution.
jniles a0648a4
Merge branch 'master' into chore-docker-env
jniles 07e8800
Merge pull request #3 from Third-Culture-Software/chore-docker-env
jniles b163a1c
chore(docker): fewer env file configurations
jniles f8ee5b4
docs: add reference to docker installations
jniles e8fb3d8
Merge pull request #4 from Third-Culture-Software/chore-finalize-dock…
jniles 2c5a026
docs: ensure that the repo is cloned first
jniles 403cc4a
docs: ensure docker is called out
jniles efdf721
Merge branch 'master' into master
jmcameron File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
# This .env file is for use in the Docker build step, setting all the internal | ||
# variables that could be later overridden by the user. | ||
|
||
# We expect the following variables to be set by the user: | ||
# DB_HOST | ||
# DB_USER | ||
# DB_PASS | ||
# REDIS_HOST | ||
|
||
# Any other variables set by the user will override these variables. | ||
|
||
# define the port on which the HTTP server will listen. | ||
PORT=8080 | ||
|
||
# MySQL Database Configuration | ||
# The following variables should be pretty straightforward. | ||
# DB_PORT is the MySQL server port | ||
DB_PORT=3306 | ||
|
||
# Secret Session Variables | ||
# Used by express-session middleware for encryption. This is just a temporary example. | ||
# In production, use a secure generator for this: | ||
# EX: openssl rand -hex 25 | ||
SESS_SECRET=zC8YmujYRe9EoJVXUEJVzuK3pxDCJzYySJo5Vj5CefwXiiPYCVehutAJVqQ6SNwd | ||
|
||
# define logging level for the npm debug module. | ||
DEBUG=app,errors | ||
|
||
# define the directory where reports, files, and images will be uploaded. | ||
# Upload directory requirements: | ||
# - Must be writable by the application user. | ||
# - Must be a relative directory within the Bhima installation. | ||
UPLOAD_DIR='client/upload' | ||
|
||
# Report directory (Define where reports will be saved on the server) | ||
REPORT_DIR='' | ||
|
||
# SMTP Credentials | ||
SMTP_USERNAME="user@smtp.server" | ||
SMTP_PASSWORD="SomePassword" | ||
SMTP_HOST="some.host.com" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
# | ||
name: Create and publish a Docker image | ||
|
||
# Configures this workflow to run every time a change is pushed to the branch called `release`. | ||
on: | ||
push: | ||
branches: ['release'] | ||
workflow_dispatch: | ||
|
||
# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds. | ||
env: | ||
REGISTRY: ghcr.io | ||
IMAGE_NAME: ${{ github.repository }} | ||
|
||
# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu. | ||
jobs: | ||
build-and-push-image: | ||
runs-on: ubuntu-latest | ||
# Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. | ||
permissions: | ||
contents: read | ||
packages: write | ||
attestations: write | ||
# | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
# Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here. | ||
- name: Log in to the Container registry | ||
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 | ||
with: | ||
registry: ${{ env.REGISTRY }} | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
# This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels. | ||
- name: Extract metadata (tags, labels) for Docker | ||
id: meta | ||
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 | ||
with: | ||
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | ||
# This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages. | ||
# It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository. | ||
# It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step. | ||
- name: Build and push Docker image | ||
id: push | ||
uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 | ||
with: | ||
context: . | ||
push: true | ||
tags: ${{ steps.meta.outputs.tags }} | ||
labels: ${{ steps.meta.outputs.labels }} | ||
|
||
# This step generates an artifact attestation for the image, which is an unforgeable statement about where and how it was built. It increases supply chain security for people who consume the image. For more information, see "[AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds)." | ||
- name: Generate artifact attestation | ||
uses: actions/attest-build-provenance@v1 | ||
with: | ||
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} | ||
subject-digest: ${{ steps.push.outputs.digest }} | ||
push-to-registry: true | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,43 +1,46 @@ | ||
# define base image | ||
FROM node:lts-slim | ||
FROM node:lts | ||
|
||
# download all the missing dependencies for chromium, plus chromium itself | ||
# Install missing dependencies for chromium | ||
# These are all needed to make sure the browser can properly render all | ||
# the requiredd page | ||
RUN apt-get update && apt-get install -y \ | ||
ca-certificates fonts-liberation gconf-service \ | ||
libappindicator1 libasound2 libatk-bridge2.0-0 libatk1.0-0 libc6 libcairo2 \ | ||
libasound2 libatk-bridge2.0-0 libatk1.0-0 libc6 libcairo2 \ | ||
libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgbm1 libgcc1 libgconf-2-4 \ | ||
libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libnss3 libpango-1.0-0 \ | ||
libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 \ | ||
libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 \ | ||
libxss1 libxtst6 lsb-release libxshmfence1 chromium -y | ||
libxss1 libxtst6 lsb-release libxshmfence1 chromium -y \ | ||
&& rm -rf /var/lib/apt/lists/* | ||
|
||
# ENV NODE_ENV=production | ||
ENV YARN_VERSION 1.22.17 | ||
#ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD 1 | ||
RUN yarn policies set-version $YARN_VERSION | ||
#ENV CHROME_BIN /usr/bin/chromium | ||
#ENV PUPPETEER_EXECUTABLE_PATH /usr/bin/chromium | ||
|
||
# define working directory inside the container | ||
# Set working directory | ||
WORKDIR /usr/src/app | ||
|
||
# Copy all the source code from host machine to the container project directory | ||
COPY . . | ||
# Copy source code | ||
COPY --chown=node:node . . | ||
|
||
# install all the dependencies | ||
RUN yarn --frozen-lockfile && yarn build | ||
# Copy environment file to bin folder | ||
COPY --chown=node:node .env.docker /usr/src/app/.env | ||
|
||
# yarn build creates the bin/ folder | ||
COPY .env bin/ | ||
# Install dependencies | ||
RUN npm install && \ | ||
NODE_ENV=production npm run build && \ | ||
npm install --omit=dev | ||
|
||
# change directory to the bin diretory | ||
# Change directory to bin | ||
WORKDIR /usr/src/app/bin/ | ||
|
||
# make sure the node user is the owner of all the underlying files. | ||
# Set ownership | ||
RUN chown -R node:node * | ||
|
||
# ensure this container runs as the user "node" | ||
# Switch to non-root user | ||
USER node | ||
|
||
# define the start up command of the container to run the server | ||
CMD ["node", "server/app.js"] | ||
ENV NODE_ENV production | ||
|
||
LABEL org.opencontainers.image.source=https://github.com/third-Culture-Software/bhima | ||
LABEL org.opencontainers.image.description="A hospital information management application for rural Congolese hospitals" | ||
LABEL org.opencontainers.image.licenses=GPL | ||
|
||
# Define startup command | ||
CMD ["node", "server/app.js"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,37 +1,48 @@ | ||
version: '3' | ||
|
||
services: | ||
bhima: | ||
build: . | ||
image: imaworldhealth/bhima | ||
#image: ghcr.io/third-culture-software/bhima | ||
image: thirdculturesoftware/bhima | ||
restart: unless-stopped | ||
ports: | ||
- $PORT:$PORT | ||
- "8080:${PORT:-8080}" | ||
environment: | ||
- REDIS_HOST=redis | ||
- DB_HOST=mysql | ||
- DB_USER=${DB_USER:-bhima} | ||
- DB_NAME=${DB_NAME:-bhima} | ||
- DB_PASS=${DB_PASS:-cbeec29bac2f7726e1355c5a5bf10f35963cac8e77ed763bf2} | ||
depends_on: | ||
- mysql | ||
- redis | ||
networks: | ||
- backend | ||
|
||
mysql: | ||
image: mysql:8 | ||
restart: always | ||
image: mysql:8.3 # pin 8.3 ; https://github.com/appsignal/appsignal-nodejs/commit/0586d603c75aa12f8e99f4a5716fd8445f10d79c | ||
restart: unless-stopped | ||
command: | ||
- --default-authentication-plugin=mysql_native_password | ||
- --sql-mode=STRICT_ALL_TABLES,NO_UNSIGNED_SUBTRACTION | ||
- --character-set-server=utf8mb4 | ||
- --collation-server=utf8mb4_unicode_ci | ||
- --default-authentication-plugin=mysql_native_password | ||
volumes: | ||
- mysqldata:/var/lib/mysql/ | ||
- "./temp/docker-build.sql:/docker-entrypoint-initdb.d/bhima.sql" | ||
- ./server/models:/docker-entrypoint-initdb.d | ||
environment: | ||
- MYSQL_RANDOM_ROOT_PASSWORD=1 | ||
- MYSQL_USER=$DB_USER | ||
- MYSQL_PASSWORD=$DB_PASS | ||
- MYSQL_DATABASE=$DB_NAME | ||
- MYSQL_RANDOM_ROOT_PASSWORD=yes | ||
- MYSQL_USER=${DB_USER:-bhima} | ||
- MYSQL_DATABASE=${DB_NAME:-bhima} | ||
- MYSQL_PASSWORD=${DB_PASS:-cbeec29bac2f7726e1355c5a5bf10f35963cac8e77ed763bf2} | ||
networks: | ||
- backend | ||
|
||
redis: | ||
image: redis:latest | ||
restart: always | ||
restart: unless-stopped | ||
networks: | ||
- backend | ||
|
||
networks: | ||
backend: | ||
|
||
volumes: | ||
mysqldata: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
# Installing BHIMA with Docker | ||
|
||
Using Docker and Docker Compose provides a simpler alternative to the traditional [Linux installation method](./installing-bhima.md). To install Docker and Docker Compose, follow the instructions on [the official Docker website](https://docs.docker.com/engine/install/). You will need to have installed docker to follow this guide. | ||
|
||
### System Requirements | ||
|
||
Currently, BHIMA is compatible only with the x64 architecture. If you are using other architectures (such as ARM64 or x86), please refer to alternative installation instructions. | ||
|
||
### Installation Steps | ||
|
||
1. Clone the BHIMA repository | ||
|
||
Retrieve the latest Docker Compose file by cloning the repository: | ||
|
||
```bash | ||
git clone --depth 1 https://github.com/Third-Culture-Software/bhima.git | ||
cd bhima | ||
``` | ||
|
||
2. Configure Environment Variables | ||
|
||
Open the downloaded docker-compose.yml file and modify the following environment variables according to your setup: | ||
|
||
- `PORT`: The port number where the application will be accessible. | ||
- `MYSQL_USERNAME`, `DB_USER`: The username for database access. | ||
- `DB_NAME`, `MYSQL_DATABASE`: The name of the database. | ||
- `MYSQL_PASSWORD`, `DB_PASS`: The password for the database. | ||
|
||
Launch the Application | ||
|
||
Start the application by running: | ||
|
||
```bash | ||
docker compose up | ||
``` | ||
|
||
This command builds the application and starts the services defined in the Docker Compose file. Wait for the download and setup to complete. | ||
|
||
4. Verify the installation | ||
|
||
Open a web browser and go to `http://localhost:<PORT>` to check if the application is running properly. Replace `<PORT>` with the port number you configured earlier. | ||
|
||
Enjoy using BHIMA! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It may seem obvious, but it is probably a good idea to mention that you need to install 'docker' on your system to do any of the following docker operations!