This repository has been archived by the owner on Nov 17, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 20
DSF 0.8.0 Configuration Parameters BPE
Hauke Hund edited this page Aug 23, 2023
·
4 revisions
See DSF 0.9.3 Configuration Parameters - BPE Server for the latest release.
Please note: Additional parameters (not listed here) are used to configure process plugins.
- Property: org.highmed.dsf.bpe.consent.webservice.factory.class
- Required: No
- Description: Factory for client implementations used to connect to a consent server in order to check permissions to access patient medical data
- Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your Consent server
-
Default:
org.highmed.consent.client.stub.ConsentClientStubFactory
- Property: org.highmed.dsf.bpe.db.liquibase.password
- Required: Yes
- Description: The password to access the database from the DSF BPE server to execute database migrations
- Recommendation: Use docker secret file to configure by using ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
-
Example:
/run/secrets/db_liquibase.password
- Property: org.highmed.dsf.bpe.db.liquibase.username
- Required: No
- Description: The user name to access the database from the DSF BPE server to execute database migrations
-
Default:
liquibase_user
- Property: org.highmed.dsf.bpe.db.url
- Required: Yes
- Description: The address of the database used for the DSF BPE server
- Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
-
Example:
jdbc:postgresql://db/bpe
- Property: org.highmed.dsf.bpe.db.user.camunda.group
- Required: No
- Description: The name of the user group to access the database from the DSF BPE server for camunda processes
-
Default:
camunda_users
- Property: org.highmed.dsf.bpe.db.user.camunda.password
- Required: Yes
- Description: The password to access the database from the DSF BPE server for camunda processes
- Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
-
Example:
/run/secrets/db_user_camunda.password
- Property: org.highmed.dsf.bpe.db.user.camunda.username
- Required: No
- Description: The user name to access the database from the DSF BPE server for camunda processes
- Recommendation: Use a different user then in ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME
-
Default:
camunda_server_user
- Property: org.highmed.dsf.bpe.db.user.group
- Required: No
- Description: The name of the user group to access the database from the DSF BPE server
-
Default:
bpe_users
- Property: org.highmed.dsf.bpe.db.user.password
- Required: Yes
- Description: The password to access the database from the DSF BPE server
- Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE
-
Example:
/run/secrets/db_user.password
- Property: org.highmed.dsf.bpe.db.user.username
- Required: No
- Description: The user name to access the database from the DSF BPE server
-
Default:
bpe_server_user
- Property: org.highmed.dsf.bpe.fhir.client.certificate
- Required: Yes
- Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
- Recommendation: Use docker secret file to configure
-
Example:
/run/secrets/app_client_certificate.pem
- Property: org.highmed.dsf.bpe.fhir.client.certificate.private.key
- Required: Yes
- Description: Private key corresponding to the local client certificate as PEM encoded file. Use ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
- Recommendation: Use docker secret file to configure
-
Example:
/run/secrets/app_client_certificate_private_key.pem
ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
- Property: org.highmed.dsf.bpe.fhir.client.certificate.private.key.password
- Required: No
- Description: Password to decrypt the local client certificate encrypted private key
- Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
-
Example:
/run/secrets/app_client_certificate_private_key.pem.password
ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD_FILE
- Property: org.highmed.dsf.bpe.fhir.client.local.proxy.password
- Required: No
- Description: Proxy password, set if the DSF BPE server can reach internal servers, like the DSF FHIR server, only through a proxy which requests authentication
- Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD_FILE
- Property: org.highmed.dsf.bpe.fhir.client.local.proxy.url
- Required: No
- Description: Proxy location, set if the DSF BPE server can reach internal servers, like the DSF FHIR server, only through a proxy
-
Example:
http://proxy.foo:8080
- Property: org.highmed.dsf.bpe.fhir.client.local.proxy.username
- Required: No
- Description: Proxy username, set if the DSF BPE server can reach internal servers, like the DSF FHIR server, only through a proxy which requests authentication
- Property: org.highmed.dsf.bpe.fhir.client.local.timeout.connect
- Required: No
- Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
- Recommendation: Change default value only if timeout exceptions occur
-
Default:
2000
- Property: org.highmed.dsf.bpe.fhir.client.local.timeout.read
- Required: No
- Description: The timeout in milliseconds until a reading a resource from the local DSF FHIR server is aborted
- Recommendation: Change default value only if timeout exceptions occur
-
Default:
60000
- Property: org.highmed.dsf.bpe.fhir.client.local.verbose
- Required: No
-
Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to
true -
Default:
false
ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD_FILE
- Property: org.highmed.dsf.bpe.fhir.client.local.websocket.proxy.password
- Required: No
- Description: Proxy password, set if the DSF BPE server can reach internal servers via websocket, like the getSub server, only through a proxy which requests authentication
- Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD_FILE
- Property: org.highmed.dsf.bpe.fhir.client.local.websocket.proxy.url
- Required: No
- Description: Proxy location, set if the DSF BPE server can reach internal servers via websocket, like the DSF FHIR server, only through a proxy
-
Example:
http://proxy.foo:8080
- Property: org.highmed.dsf.bpe.fhir.client.local.websocket.proxy.username
- Required: No
- Description: Proxy username, set if the DSF BPE server can reach internal servers via websocket, like the DSF FHIR server, only through a proxy which requests authentication
ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD_FILE
- Property: org.highmed.dsf.bpe.fhir.client.remote.proxy.password
- Required: No
- Description: Proxy password, set if the the DSF FHIR server can reach the internet only through a proxy which requests authentication
- Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD_FILE
- Property: org.highmed.dsf.bpe.fhir.client.remote.proxy.url
- Required: No
- Description: Proxy location, set if the DSF BPE server can reach the internet only through a proxy
-
Example:
http://proxy.foo:8080
- Property: org.highmed.dsf.bpe.fhir.client.remote.proxy.username
- Required: No
- Description: Proxy username, set if the the DSF BPE server can reach the internet only through a proxy which requests authentication
- Property: org.highmed.dsf.bpe.fhir.client.remote.timeout.connect
- Required: No
- Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
- Recommendation: Change default value only if timeout exceptions occur
-
Default:
5000
- Property: org.highmed.dsf.bpe.fhir.client.remote.timeout.read
- Required: No
- Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
- Recommendation: Change default value only if timeout exceptions occur
-
Default:
60000
- Property: org.highmed.dsf.bpe.fhir.client.remote.verbose
- Required: No
-
Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to
true -
Default:
false
- Property: org.highmed.dsf.bpe.fhir.client.trust.certificates
- Required: Yes
- Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
- Recommendation: Use docker secret file to configure
-
Example:
/run/secrets/app_client_trust_certificates.pem
- Property: org.highmed.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
- Required: No
- Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
-
Default:
?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson
- Property: org.highmed.dsf.bpe.fhir.server.base.url
- Required: Yes
- Description: The base address of the local DSF FHIR server to read/store fhir resources
-
Example:
https://foo.bar/fhir
- Property: org.highmed.dsf.bpe.fhir.server.organization.identifier.value
- Required: Yes
- Description: The local identifier value used in the Allow-List
- Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
-
Example:
hospital.com
- Property: org.highmed.dsf.bpe.fhir.task.subscription.retry.max
- Required: No
-
Description: Number of retries until a websocket connection can be established with the DSF FHIR server,
-1means infinite number of retries -
Default:
-1
- Property: org.highmed.dsf.bpe.fhir.task.subscription.retry.sleep
- Required: No
- Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
-
Default:
5000
- Property: org.highmed.dsf.bpe.fhir.task.subscription.search.parameter
- Required: No
- Description: Subscription to receive notifications about task resources from the DSF FHIR server
-
Default:
?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson
- Property: org.highmed.dsf.bpe.mail.client.certificate
- Required: No
- Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS
- Recommendation: Use docker secret file to configure
-
Example:
/run/secrets/smtp_server_client_certificate.pem
- Property: org.highmed.dsf.bpe.mail.client.certificate.private.key
- Required: No
- Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS
- Recommendation: Use docker secret file to configure
-
Example:
/run/secrets/smtp_server_client_certificate_private_key.pem
ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
- Property: org.highmed.dsf.bpe.mail.client.certificate.private.key.password
- Required: No
- Description: Password to decrypt the local client certificate encrypted private key
- Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
-
Example:
/run/secrets/smtp_server_client_certificate_private_key.pem.password
- Property: org.highmed.dsf.bpe.mail.fromAddress
- Required: No
- Description: Mail service sender address
-
Example:
sender@localhost
- Property: org.highmed.dsf.bpe.mail.host
- Required: No
- Description: SMTP server hostname
-
Example:
smtp.server.de
- Property: org.highmed.dsf.bpe.mail.mailOnErrorLogEventBufferSize
- Required: No
- Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled.
-
Default:
4
- Property: org.highmed.dsf.bpe.mail.password
- Required: No
- Description: SMTP server authentication password
- Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using ORG_HIGHMED_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS
- Property: org.highmed.dsf.bpe.mail.port
- Required: No
- Description: SMTP server port
-
Example:
465 -
Default:
0
- Property: org.highmed.dsf.bpe.mail.replyToAddresses
- Required: No
- Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
-
Example:
reply.to@localhost
- Property: org.highmed.dsf.bpe.mail.sendMailOnErrorLogEvent
- Required: No
-
Description: To enable mails being send for every ERROR logged, set to
true. Requires SMTP server to be configured. -
Default:
false
- Property: org.highmed.dsf.bpe.mail.sendTestMailOnStartup
- Required: No
-
Description: To enable a test mail being send on startup of the BPE, set to
true. Requires SMTP server to be configured. -
Default:
false
- Property: org.highmed.dsf.bpe.mail.smime.p12Keystore
- Required: No
- Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
- Recommendation: Use docker secret file to configure
-
Example:
/run/secrets/smime_certificate.p12
ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
- Property: org.highmed.dsf.bpe.mail.smime.p12Keystore.password
- Required: No
- Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
- Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
-
Example:
/run/secrets/smime_certificate.p12.password
- Property: org.highmed.dsf.bpe.mail.toAddresses
- Required: No
- Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
-
Example:
recipient@localhost
- Property: org.highmed.dsf.bpe.mail.toAddressesCc
- Required: No
- Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
-
Example:
cc.recipient@localhost
- Property: org.highmed.dsf.bpe.mail.trust.certificates
- Required: No
- Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS
- Recommendation: Use docker secret file to configure
-
Example:
/run/secrets/smtp_server_trust_certificates.pem
- Property: org.highmed.dsf.bpe.mail.username
- Required: No
- Description: SMTP server authentication username
- Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS
- Property: org.highmed.dsf.bpe.mail.useSmtps
- Required: No
-
Description: To enable SMTP over TLS (smtps), set to
true -
Default:
false
- Property: org.highmed.dsf.bpe.mpi.webservice.factory.class
- Required: No
- Description: Factory for client implementations used to connect to a Master Patient Index (MPI) server in order to read patient demographic data
- Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your MPI
-
Default:
org.highmed.mpi.client.stub.MasterPatientIndexClientStubFactory
- Property: org.highmed.dsf.bpe.openehr.webservice.factory.class
- Required: No
- Description: Factory for client implementations used to connect to an openEHR repository in order to read patient medical data
- Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your openEHR repository
-
Default:
org.highmed.openehr.client.stub.OpenEhrClientStubFactory
- Property: org.highmed.dsf.bpe.process.excluded
- Required: No
- Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
- Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
- Property: org.highmed.dsf.bpe.process.fhir.server.retry.max
- Required: No
-
Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment,
-1means infinite number of retries -
Default:
-1
- Property: org.highmed.dsf.bpe.process.fhir.server.retry.sleep
- Required: No
- Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
-
Default:
5000
- Property: org.highmed.dsf.bpe.process.plugin.directroy
- Required: No
- Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
- Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
-
Default:
process
- Property: org.highmed.dsf.bpe.process.retired
- Required: No
- Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
- Recommendation: Retire processes that where deployed previously but are not anymore available
- Property: org.highmed.dsf.bpe.pseudonymization.webservice.factory.class
- Required: No
- Description: Factory for client implementations used to connect to a pseudonymization service in order to pseudonymize patient demographic and medical data
- Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your pseudonymization service
-
Default:
org.highmed.pseudonymization.client.stub.PseudonymizationClientStubFactory