Process Data Transfer Configuration v1.0.x.x - medizininformatik-initiative/mii-process-data-transfer GitHub Wiki
The data-transfer process can be configured using the following mandatory and optional environment variables depending on the organization's role. Add the necessary environment variables to the /opt/bpe/docker-compose.yml file of your BPE.
Important:
To receive eMail notifications, configure the e-mail environment variables described as part of the DSF BPE deployment starting with DEV_DSF_BPE_MAIL_....
DIC Mandatory
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_BASE_URL
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.base.url
- Required: Yes
- Processes: medizininformatik-initiativede_dataSend
- Description: The base address of the DIC FHIR server to read/store FHIR resources
- Example:
http://foo.bar/fhir
DMS Mandatory
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_BASE_URL
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.base.url
- Required: Yes
- Processes: medizininformatik-initiativede_dataReceive
- Description: The base address of the DMS FHIR server to read/store FHIR resources
- Example:
http://foo.bar/fhir
The following keypair could be generated by using the commands:
openssl genrsa -out dms_keypair.pem 4096
openssl rsa -in dms_keypair.pem -pubout -out dms_public_key.pem
openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in dms_keypair.pem -out dms_private_key.pem
DE_MEDIZININFORMATIK_INITIATIVE_DMS_PRIVATE_KEY
- Property: de.medizininformatik.initiative.dms.private.key
- Required: Yes
- Processes: medizininformatik-initiativede_dataReceive
- Description: Location of the DMS private-key as 4096 Bit RSA PEM encoded, not encrypted file
- Recommendation: Use docker secret file to configure
- Example:
/run/secrets/dms_private_key.pem
DE_MEDIZININFORMATIK_INITIATIVE_DMS_PUBLIC_KEY
- Property: de.medizininformatik.initiative.dms.public.key
- Required: Yes
- Processes: medizininformatik-initiativede_dataReceive
- Description: Location of the DMS public-key as 4096 Bit RSA PEM encoded file
- Recommendation: Use docker secret file to configure
- Example:
/run/secrets/dms_public_key.pem
DIC as Needed
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_DATALOGGINGENABLED
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.dataLoggingEnabled
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: To enable debug logging of FHIR resources set to
true - Default:
false
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_TRUST_CERTIFICATES
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.trust.certificates
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: PEM encoded file with one or more trusted root certificate to validate the DIC FHIR server certificate when connecting via https
- Recommendation: Use docker secret file to configure
- Example:
/run/secrets/hospital_ca.pem
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_BASICAUTH_USERNAME
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.basicauth.username
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: Basic authentication username, set if the server containing the FHIR data requests authentication using basic auth
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_BASICAUTH_PASSWORD or DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_BASICAUTH_PASSWORD_FILE
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.basicauth.password
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: Basic authentication password, set if the server containing the FHIR data requests authentication using basic auth
- Recommendation: Use docker secret file to configure by using DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_BASICAUTH_PASSWORD_FILE
- Example:
/run/secrets/fhir_server_basicauth.password
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_BEARER_TOKEN
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.bearer.token
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: Bearer token for authentication, set if the server containing the FHIR data requests authentication using a bearer token, cannot be set using docker secrets
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_CERTIFICATE
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.certificate
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: PEM encoded file with client-certificate, if DIC FHIR server requires mutual TLS authentication
- Recommendation: Use docker secret file to configure
- Example:
/run/secrets/fhir_server_client_certificate.pem
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_PRIVATE_KEY
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.private.key
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: Private key corresponding to the DIC FHIR server client-certificate as PEM encoded file. Use DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_PRIVATE_KEY_PASSWORD or DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
- Recommendation: Use docker secret file to configure
- Example:
/run/secrets/fhir_server_private_key.pem
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_PRIVATE_KEY_PASSWORD or DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_PRIVATE_KEY_PASSWORD_FILE
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.private.key.password
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: Password to decrypt the DIC FHIR server client-certificate encrypted private key
- Recommendation: Use docker secret file to configure by using DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_PRIVATE_KEY_PASSWORD_FILE
- Example:
/run/secrets/fhir_server_private_key.pem.password
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_PROXY_URL
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.proxy.url
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: Proxy location, set if the server containing the FHIR data can only be reached through a proxy
- Example:
http://proxy.foo:8080
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_PROXY_USERNAME
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.proxy.username
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: Proxy username, set if the server containing the FHIR data can only be reached through a proxy which requests authentication
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_PROXY_PASSWORD or DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_PROXY_PASSWORD_FILE
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.proxy.password
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: Proxy password, set if the server containing the FHIR data can only be reached through a proxy which requests authentication
- Recommendation: Use docker secret file to configure by using DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_PROXY_PASSWORD_FILE
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_CLIENT_VERBOSE
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.client.verbose
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: The client will log additional debug output
- Recommendation: Change default value only if exceptions occur
- Default:
false
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_TIMEOUT_CONNECT
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.timeout.connect
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: The timeout in milliseconds until a connection is established between the client and the DIC FHIR server
- Recommendation: Change default value only if timeout exceptions occur
- Default:
20000
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_TIMEOUT_CONNECTION_REQUEST
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.timeout.connection.request
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: The timeout in milliseconds used when requesting a connection from the connection manager between the client and the DIC FHIR server
- Recommendation: Change default value only if timeout exceptions occur
- Default:
20000
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DIC_FHIR_SERVER_TIMEOUT_SOCKET
- Property: de.medizininformatik.initiative.data.transfer.dic.fhir.server.timeout.socket
- Required: No
- Processes: medizininformatik-initiativede_dataSend
- Description: Maximum period of inactivity in milliseconds between two consecutive data packets of the client and the DIC FHIR server
- Recommendation: Change default value only if timeout exceptions occur
- Default:
60000
DMS as Needed
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_DATALOGGINGENABLED
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.dataLoggingEnabled
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: To enable debug logging of FHIR resources set to
true - Default:
false
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_TRUST_CERTIFICATES
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.trust.certificates
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: PEM encoded file with one or more trusted root certificate to validate the DMS FHIR server certificate when connecting via https
- Recommendation: Use docker secret file to configure
- Example:
/run/secrets/hospital_ca.pem
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_BASICAUTH_USERNAME
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.basicauth.username
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: Basic authentication username, set if the server containing the FHIR data requests authentication using basic auth
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_BASICAUTH_PASSWORD or DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_BASICAUTH_PASSWORD_FILE
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.basicauth.password
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: Basic authentication password, set if the server containing the FHIR data requests authentication using basic auth
- Recommendation: Use docker secret file to configure by using DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_BASICAUTH_PASSWORD_FILE
- Example:
/run/secrets/fhir_server_basicauth.password
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_BEARER_TOKEN
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.bearer.token
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: Bearer token for authentication, set if the server containing the FHIR data requests authentication using a bearer token, cannot be set using docker secrets
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_CERTIFICATE
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.certificate
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: PEM encoded file with client-certificate, if DMS FHIR server requires mutual TLS authentication
- Recommendation: Use docker secret file to configure
- Example:
/run/secrets/fhir_server_client_certificate.pem
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_PRIVATE_KEY
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.private.key
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: Private key corresponding to the DMS FHIR server client-certificate as PEM encoded file. Use DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_PRIVATE_KEY_PASSWORD or DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
- Recommendation: Use docker secret file to configure
- Example:
/run/secrets/fhir_server_private_key.pem
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_PRIVATE_KEY_PASSWORD or DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_PRIVATE_KEY_PASSWORD_FILE
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.private.key.password
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: Password to decrypt the DMS FHIR server client-certificate encrypted private key
- Recommendation: Use docker secret file to configure by using DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_PRIVATE_KEY_PASSWORD_FILE
- Example:
/run/secrets/fhir_server_private_key.pem.password
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_PROXY_URL
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.proxy.url
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: Proxy location, set if the server containing the FHIR data can only be reached through a proxy
- Example:
http://proxy.foo:8080
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_PROXY_USERNAME
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.proxy.username
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: Proxy username, set if the server containing the FHIR data can only be reached through a proxy which requests authentication
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_PROXY_PASSWORD or DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_PROXY_PASSWORD_FILE
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.proxy.password
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: Proxy password, set if the server containing the FHIR data can only be reached through a proxy which requests authentication
- Recommendation: Use docker secret file to configure by using DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_PROXY_PASSWORD_FILE
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_CLIENT_VERBOSE
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.client.verbose
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: The client will log additional debug output
- Recommendation: Change default value only if exceptions occur
- Default:
false
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_TIMEOUT_CONNECT
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.timeout.connect
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: The timeout in milliseconds until a connection is established between the client and the DMS FHIR server
- Recommendation: Change default value only if timeout exceptions occur
- Default:
20000
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_TIMEOUT_CONNECTION_REQUEST
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.timeout.connection.request
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: The timeout in milliseconds used when requesting a connection from the connection manager between the client and the DMS FHIR server
- Recommendation: Change default value only if timeout exceptions occur
- Default:
20000
DE_MEDIZININFORMATIK_INITIATIVE_DATA_TRANSFER_DMS_FHIR_SERVER_TIMEOUT_SOCKET
- Property: de.medizininformatik.initiative.data.transfer.dms.fhir.server.timeout.socket
- Required: No
- Processes: medizininformatik-initiativede_dataReceive
- Description: Maximum period of inactivity in milliseconds between two consecutive data packets of the client and the DMS FHIR server
- Recommendation: Change default value only if timeout exceptions occur
- Default:
60000