This repository has been archived by the owner on Nov 17, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 20
DSF 0.8.0 Configuration Parameters FHIR
Hauke Hund edited this page Aug 23, 2023
·
4 revisions
See DSF 0.9.3 Configuration Parameters - FHIR Server for the latest release.
Please note: Additional parameters (not listed here) are used to define elements of the external FHIR bundle.
- Property: org.highmed.dsf.fhir.client.certificate
- Required: Yes
- Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
- Recommendation: Use docker secret file to configure
-
Example:
/run/secrets/app_client_certificate.pem
- Property: org.highmed.dsf.fhir.client.certificate.private.key
- Required: Yes
- Description: Private key corresponding to the local client certificate as PEM encoded file. Use ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
- Recommendation: Use docker secret file to configure
-
Example:
/run/secrets/app_client_certificate_private_key.pem
ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
- Property: org.highmed.dsf.fhir.client.certificate.private.key.password
- Required: No
- Description: Password to decrypt the local client certificate encrypted private key
- Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
-
Example:
/run/secrets/app_client_certificate_private_key.pem.password
- Property: org.highmed.dsf.fhir.client.proxy.password
- Required: No
- Description: Proxy password, set if the the DSF FHIR server can reach the internet only through a proxy which requests authentication
- Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_PASSWORD_FILE
- Property: org.highmed.dsf.fhir.client.proxy.url
- Required: No
- Description: Proxy location, set if the DSF FHIR server can reach the internet only through a proxy
-
Example:
http://proxy.foo:8080
- Property: org.highmed.dsf.fhir.client.proxy.username
- Required: No
- Description: Proxy username, set if the the DSF FHIR server can reach the internet only through a proxy which requests authentication
- Property: org.highmed.dsf.fhir.client.timeout.connect
- Required: No
- Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
- Recommendation: Change default value only if timeout exceptions occur
-
Default:
2000
- Property: org.highmed.dsf.fhir.client.timeout.read
- Required: No
- Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
- Recommendation: Change default value only if timeout exceptions occur
-
Default:
10000
- Property: org.highmed.dsf.fhir.client.trust.certificates
- Required: Yes
- Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
- Recommendation: Use docker secret file to configure
-
Example:
/run/secrets/app_client_trust_certificates.pem
- Property: org.highmed.dsf.fhir.client.verbose
- Required: No
-
Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to
true
-
Default:
false
- Property: org.highmed.dsf.fhir.db.liquibase.password
- Required: Yes
- Description: The password to access the database from the DSF FHIR server to execute database migrations
- Recommendation: Use docker secret file to configure by using ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
-
Example:
/run/secrets/db_liquibase.password
- Property: org.highmed.dsf.fhir.db.liquibase.username
- Required: No
- Description: The user name to access the database from the DSF FHIR server to execute database migrations
-
Default:
liquibase_user
- Property: org.highmed.dsf.fhir.db.url
- Required: Yes
- Description: The address of the database used for the DSF FHIR server
- Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
-
Example:
jdbc:postgresql://db/fhir
- Property: org.highmed.dsf.fhir.db.user.group
- Required: No
- Description: The name of the user group to access the database from the DSF FHIR server
-
Default:
fhir_users
- Property: org.highmed.dsf.fhir.db.user.password
- Required: Yes
- Description: The password to access the database from the DSF FHIR server
- Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE
-
Example:
/run/secrets/db_user.password
- Property: org.highmed.dsf.fhir.db.user.permanent.delete.group
- Required: No
- Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
-
Default:
fhir_permanent_delete_users
ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
- Property: org.highmed.dsf.fhir.db.user.permanent.delete.password
- Required: Yes
- Description: The password to access the database from the DSF FHIR server for permanent deletes
- Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
-
Example:
/run/secrets/db_user_permanent_delete.password
- Property: org.highmed.dsf.fhir.db.user.permanent.delete.username
- Required: No
- Description: The user name to access the database from the DSF FHIR server for permanent deletes
- Recommendation: Use a different user then ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME
-
Default:
fhir_server_permanent_delete_user
- Property: org.highmed.dsf.fhir.db.user.username
- Required: No
- Description: The user name to access the database from the DSF FHIR server
-
Default:
fhir_server_user
- Property: org.highmed.dsf.fhir.server.base.url
- Required: Yes
- Description: The base address of this DSF FHIR server to read/store fhir resources
-
Example:
https://foo.bar/fhir
- Property: org.highmed.dsf.fhir.server.cors.origins
- Required: No
- Description: List of allowed CORS origins, used to set the Access-Control-Allow-Origin HTTP response header, which indicates whether the response can be shared with requesting code from the given origin; comma or space separated list, YAML block scalars supported
- Property: org.highmed.dsf.fhir.server.init.bundle
- Required: No
- Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
- Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
-
Default:
conf/bundle.xml
- Property: org.highmed.dsf.fhir.server.organization.identifier.value
- Required: Yes
- Description: The local identifier value used in the Allow-List
- Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
-
Example:
hospital.com
- Property: org.highmed.dsf.fhir.server.page.count
- Required: No
- Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
-
Default:
20
- Property: org.highmed.dsf.fhir.server.user.thumbprints
- Required: Yes
- Description: List of SHA512 thumbprints as hex from local client certificates that can be used to access the DSF FHIR server; comma or space separated list, YAML block scalars supported
- Recommendation: Besides the DSF BPE client certificate thumbprint, add a second thumbprint of a personal client certificate for administration purposes
- Property: org.highmed.dsf.fhir.server.user.thumbprints.permanent.delete
- Required: Yes
- Description: List of SHA512 thumbprints as hex from local client certificates that can be used to access the DSF FHIR server for permanent deletes; comma or space separated list, YAML block scalars supported
- Recommendation: Besides the DSF BPE client certificate thumbprint, add a second thumbprint of a personal client certificate for administration purposes