Shanoir Installation Configure - alexpron/shanoir-ng GitHub Wiki
CONFIGURE
Shanoir is configured with environment variables. It is mostly handled
with a set of facade variables named SHANOIR_*which cover
the most typical setups. Default configuration setup is set in the
.env file stored in the Shanoir repository.
| Name | Value | Description |
|---|---|---|
SHANOIR_URL_HOST |
hostname | hostname where shanoir is reachable |
SHANOIR_URL_SCHEME |
http|https |
https (over TLS), http (plain text, NOT RECOMMENDED) |
SHANOIR_SMTP_HOST |
hostname | SMTP relay for outgoing e-mails |
SHANOIR_ADMIN_EMAIL |
e-mail address | contact address of the administrator (for outgoing e-mails) |
SHANOIR_ADMIN_NAME |
name | name of the administrator (for outgoing e-mails) |
SHANOIR_PREFIX |
slug (optional) | prefix for container names (needed if you deploy multiple shanoir instances on the same host) |
SHANOIR_X_FORWARDED |
generate|trust |
configures whether the nginx container generates the X-Forwarded-* HTTP headers (if running stand-alone) or trusts the existing headers (if located behind another reverse-proxy) |
SHANOIR_CERTIFICATE |
auto|manual |
auto-generates a self-signed TLS certificate (NOT RECOMMENDED) or use a manually installed certificate |
SHANOIR_MIGRATION |
auto|init|never|manual|export|import |
Normal runs should use auto in development and never in production. Other values are for controlling deployment and migrations (see below). |
SHANOIR_KEYCLOAK_USERSHANOIR_KEYCLOAK_PASSWORD |
username/password | Keycloak admin account used by shanoir for managing user accounts |
SHANOIR_VIEWER_OHIF_URL_SCHEME |
http|https |
https (over TLS), http (plain text, NOT RECOMMENDED) |
SHANOIR_VIEWER_OHIF_URL_HOST |
hostname | hostname where the OHFI-Viewer is reachable |
Notes
-
You must ensure that the hostname
SHANOIR_URL_HOSTcan be resolved from the clients using shanoir (the users) and from each microservice (running in the containers). In development environment this is achieved by:- adding the following line to your /etc/hosts
127.0.0.1 shanoir-ng-nginx viewer - ensuring that the nginx container name is equals to the value of
SHANOIR_URL_HOST(in the default setup, they both use:shanoir-ng-nginx)
- adding the following line to your /etc/hosts
-
If docker is not running natively and thus you are using docker-machine (windows/macos users), you will need to tune the virtualbox machine:
- increase the amount of allocated RAM
- set up tcp port redirections (at least for 8080 and 443)
-
The TLS configuration provided by the nginx container is permissive and not guaranteed to be up-to-date. You should not rely on it for facing the public internet. In production you should rather have a separate HTTP reverse-proxy, properly administrated according to your security policies.
-
Upon config changes, for most cases you will just need to re-create the affected containers (run:
docker-compose up -d). However if the changes also affect the keycloak container, then you will also need to re-deploy the shanoir-ng realm (see below).