changes for new chemistry related features (#46)

elabftw · Jan 22, 2025 · 80b9b1a · 80b9b1a
1 parent 7c0ddc7
commit 80b9b1a
Show file tree

Hide file tree

Showing 8 changed files with 112 additions and 3 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -107,7 +107,6 @@ RUN ./configure \
         --without-http_limit_req_module \
         --without-http_map_module \
         --without-http_memcached_module \
-        --without-http_proxy_module \
         --without-http_referer_module \
         --without-http_scgi_module \
         --without-http_split_clients_module \
@@ -291,7 +290,7 @@ WORKDIR /elabftw
 
 # COMPOSER
 ENV COMPOSER_HOME=/composer
-COPY --from=composer:2.6.6 /usr/bin/composer /usr/bin/composer
+COPY --from=composer:2.8.3 /usr/bin/composer /usr/bin/composer
 
 # this allows to skip the (long) build in dev mode where /elabftw will be bind-mounted anyway
 # pass it to build command with --build-arg BUILD_ALL=0

diff --git a/src/docker-compose.yml-EXAMPLE b/src/docker-compose.yml-EXAMPLE
@@ -289,6 +289,24 @@ services:
         # default value: false
         #- AUTO_DB_UPDATE=false
 
+        ###########
+        # PLUGINS #
+        ###########
+        # Activating these plugins is highly recommended for all labs
+        # See below the configuration necessary to deploy them.
+        # optional: define chemistry/biology plugin services domain name + port
+        # IMPORTANT: end url values with trailing slash!
+        #
+        # This service is necessary for the Chemical structure editor (Ketcher)
+        #- USE_INDIGO=false
+        #- INDIGO_URL=http://chem-plugin/
+        # The fingerprinter is necessary to create a fingerprint of chemical compounds so we can do sub-structure search
+        #- USE_FINGERPRINTER=false
+        #- FINGERPRINTER_URL=http://chem-plugin:8000/
+        # This is for the integration of the DNA Cloning tool
+        #- USE_SHAREYOURCLONING=false
+        #- SHAREYOURCLONING_URL=http://syc-plugin/
+
         #######
         # DEV #
         #######
@@ -393,6 +411,25 @@ services:
     networks:
       - elabftw-net
 
+  #chem-plugin:
+  #  image: elabftw/chem-plugin
+  #  container_name: chem-plugin
+  #  restart: always
+  #  networks:
+  #    - elabftw-net
+
+  #syc-plugin:
+  #  image: manulera/shareyourcloning:latest-syc-base
+  #  container_name: syc-plugin
+  #  restart: always
+  #  networks:
+  #    - elabftw-net
+  #  environment:
+  #    - ALLOWED_ORIGINS=*
+  #    - ROOT_PATH=/shareyourcloning
+  #    - BACKEND_URL=/shareyourcloning/
+
+
   # example of a redis container
   # uncomment if you want to spawn a redis container to manage sessions
   #redis:

diff --git a/src/entrypoint/docker-entrypoint.sh b/src/entrypoint/docker-entrypoint.sh
@@ -70,6 +70,12 @@ getEnv() {
     allow_methods=${ALLOW_METHODS:-}
     allow_headers=${ALLOW_HEADERS:-}
     status_password=${STATUS_PASSWORD:-}
+    use_indigo=${USE_INDIGO:-false}
+    indigo_url=${INDIGO_URL:-https://chem-plugin.elabftw.net/}
+    use_fingerprinter=${USE_FINGERPRINTER:-false}
+    fingerprinter_url=${FINGERPRINTER_URL:-https://chem-plugin.elabftw.net:8000/}
+    use_shareyourcloning=${USE_SHAREYOURCLONING:-false}
+    shareyourcloning_url=${SHAREYOURCLONING_URL:-https://syc.elabftw.net/}
     use_persistent_mysql_conn=${USE_PERSISTENT_MYSQL_CONN:-true}
 }
 
@@ -166,6 +172,22 @@ nginxConf() {
     # adjust client_max_body_size
     sed -i -e "s/%CLIENT_MAX_BODY_SIZE%/${max_upload_size}/" /etc/nginx/nginx.conf
 
+    # ADJUST PLUGINS
+    if [ -n "$indigo_url" ] && [ -n "$use_indigo" ]; then
+        sed -i -e "s|^#\s*include /etc/nginx/indigo.conf|include /etc/nginx/indigo.conf|" /etc/nginx/common.conf
+        sed -i -e "s|%INDIGO_URL%|${indigo_url}|" /etc/nginx/indigo.conf
+    fi
+    if [ -n "$fingerprinter_url" ] && [ -n "$use_fingerprinter" ]; then
+        sed -i -e "s|^#\s*include /etc/nginx/fingerprinter.conf|include /etc/nginx/fingerprinter.conf|" /etc/nginx/common.conf
+        sed -i -e "s|%FINGERPRINTER_URL%|${fingerprinter_url}|" /etc/nginx/fingerprinter.conf
+    fi
+    if [ -n "$shareyourcloning_url" ] && [ -n "$use_shareyourcloning" ]; then
+        # remove the trailing / if it exists, or it doesn't work
+        syc_url=${shareyourcloning_url%/}
+        sed -i -e "s|^#\s*include /etc/nginx/shareyourcloning.conf|include /etc/nginx/shareyourcloning.conf|" /etc/nginx/common.conf
+        sed -i -e "s|%SHAREYOURCLONING_URL%|${syc_url}|" /etc/nginx/shareyourcloning.conf
+    fi
+
     # SET REAL IP CONFIG
     if ($set_real_ip); then
         # read the IP addresses from env
@@ -250,6 +272,10 @@ phpfpmConf() {
     sed -i -e "s/%PHP_MAX_MEMORY%/${max_php_memory}/" $f
     # add container version in env (named env or it will get replaced by Docker build instruction
     sed -i -e "s/%ELABIMG_VERSION_ENV%/${elabimg_version}/" $f
+    # external services, we want to easily know from php app if they are available
+    sed -i -e "s/%USE_INDIGO%/${use_indigo}/" $f
+    sed -i -e "s/%USE_FINGERPRINTER%/${use_fingerprinter}/" $f
+    sed -i -e "s/%USE_SHAREYOURCLONING%/${use_shareyourcloning}/" $f
     # persistent mysql connection setting
     sed -i -e "s/%USE_PERSISTENT_MYSQL_CONN%/${use_persistent_mysql_conn}/" $f
 }

diff --git a/src/nginx/common.conf b/src/nginx/common.conf
@@ -2,6 +2,7 @@
 
 root /elabftw/web;
 index index.php;
+proxy_temp_path /run/proxy;
 
 # fix 502 error "upstream sent too big header"
 fastcgi_buffers 16 16k;
@@ -75,6 +76,13 @@ location = /nginx-status {
     stub_status;
 }
 
+# this line will be uncommented if INDIGO_URL is set
+#include /etc/nginx/indigo.conf;
+# this line will be uncommented if FINGERPRINTER_URL is set
+#include /etc/nginx/fingerprinter.conf;
+# this line will be uncommented if SHAREYOURCLONING_URL is set
+#include /etc/nginx/shareyourcloning.conf;
+
 # deny access to hidden files/folders
 location ~ /\.  { access_log off; log_not_found off; deny all; }
 
@@ -131,6 +139,8 @@ location ~ ^/(%PHP_FILES_NGINX_ALLOWLIST%)$|^/$ {
     }
 }
 
+
+
 # for all the requests that don't match, return 404, but don't pollute the logs with it
 location / {
     return 404;
@@ -140,7 +150,7 @@ location / {
 more_set_headers "Strict-Transport-Security: max-age=63072000";
 more_set_headers "X-XSS-Protection: 0";
 more_set_headers "X-Content-Type-Options: nosniff";
-more_set_headers "Content-Security-Policy: default-src 'self' data:; script-src 'self' %UNSAFE-EVAL4DEV%; connect-src 'self' blob: https://get.elabftw.net; img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; object-src 'self'; base-uri 'none'; frame-ancestors 'none'";
+more_set_headers "Content-Security-Policy: default-src 'self' data:; script-src 'self' %UNSAFE-EVAL4DEV%; connect-src 'self' blob: https://get.elabftw.net https://pubchem.ncbi.nlm.nih.gov; img-src 'self' data: blob:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; object-src 'self'; base-uri 'none'; frame-ancestors 'self'";
 more_set_headers "Referrer-Policy: no-referrer";
 more_set_headers "Permissions-Policy: autoplay 'none'; camera 'self'; document-domain 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'none'; microphone 'self'; midi 'none'; payment 'none'; vr 'none'";
 more_set_headers "Vary: Accept-Encoding";

diff --git a/src/nginx/fingerprinter.conf b/src/nginx/fingerprinter.conf
@@ -0,0 +1,5 @@
+# config snippet for fingerprinter service
+location = /fingerprinter {
+    # this URL is set by entrypoint script
+    proxy_pass %FINGERPRINTER_URL%;
+}
diff --git a/src/nginx/indigo.conf b/src/nginx/indigo.conf
@@ -0,0 +1,25 @@
+location ^~ /indigo {
+    # this URL is set by entrypoint script
+    proxy_pass %INDIGO_URL%;
+    # Should be set 'always' to transfer our lovely HTTP500 errors
+    # see: https://epa.ms/d6u2d
+    # Headers could be also set by Flasgger in service/config.py
+    add_header 'Access-Control-Allow-Origin' '*' always;
+    add_header 'Access-Control-Allow-Methods' 'POST, GET, PUT, DELETE, OPTIONS' always;
+    add_header 'Access-Control-Allow-Headers' 'Accept, Content-Type' always;
+    add_header 'Access-Control-Max-Age' '86400' always;
+    # Preserve host and other headers for the proxied requests
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+
+    # Optionally, timeouts for upstream server
+    proxy_connect_timeout 60;
+    proxy_send_timeout 60;
+    proxy_read_timeout 60;
+    send_timeout 60;
+
+    # Ensure HTTP500 errors are passed
+    proxy_intercept_errors off;
+}
diff --git a/src/nginx/shareyourcloning.conf b/src/nginx/shareyourcloning.conf
@@ -0,0 +1,4 @@
+location ^~ /shareyourcloning {
+    # this URL is set by entrypoint script
+    proxy_pass %SHAREYOURCLONING_URL%;
+}
diff --git a/src/php/elabpool.conf b/src/php/elabpool.conf
@@ -120,6 +120,9 @@ env[SITE_URL] = "%SITE_URL%"
 env[ELAB_AWS_ACCESS_KEY] = "%ELAB_AWS_ACCESS_KEY%"
 env[ELAB_AWS_SECRET_KEY] = "%ELAB_AWS_SECRET_KEY%"
 env[INVOKER_PSK] = "%INVOKER_PSK%"
+env[USE_INDIGO] = "%USE_INDIGO%"
+env[USE_FINGERPRINTER] = "%USE_FINGERPRINTER%"
+env[USE_SHAREYOURCLONING] = "%USE_SHAREYOURCLONING%"
 env[USE_PERSISTENT_MYSQL_CONN] = "%USE_PERSISTENT_MYSQL_CONN%"
 
 php_admin_value[memory_limit] = %PHP_MAX_MEMORY%