fix(keyCloak): fix openresty keycloak deployment recipe (OHIF#3655)

Co-authored-by: Joe Boccanfuso <[email protected]>

package.json

@@ -32,7 +32,7 @@
     "dev:orthanc": "lerna run dev:orthanc --stream",
     "dev:dcm4chee": "lerna run dev:dcm4chee --stream",
     "dev:static": "lerna run dev:static --stream",
-    "orthanc:up": "docker-compose -f .docker/Nginx-Orthanc/docker-compose.yml up",
+    "orthanc:up": "docker-compose -f platform/app/.recipes/Nginx-Orthanc/docker-compose.yml up",
     "preinstall": "node preinstall.js",
     "start": "yarn run dev",
     "test": "yarn run test:unit",

platform/app/.recipes/OpenResty-Orthanc-Keycloak/config/nginx.conf

@@ -22,7 +22,7 @@ http {
 
     # lua_ settings
     #
-    lua_package_path '/usr/local/openresty/lualib/?.lua;;';
+    lua_package_path '/usr/local/openresty/lualib/?.lua;;/usr/local/share/lua/5.4/?.lua;;';
     lua_shared_dict discovery 1m; # cache for discovery metadata documents
     lua_shared_dict jwks 1m;      # cache for JWKs
     # lua_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
@@ -182,6 +182,8 @@ http {
           index index.html;
           try_files $uri $uri/ /index.html;
           add_header Cache-Control "no-store, no-cache, must-revalidate";
+          add_header 'Cross-Origin-Opener-Policy' 'same-origin' always;
+      	  add_header 'Cross-Origin-Embedder-Policy' 'require-corp' always;
         }
 
         # EXAMPLE: Reverse Proxy, no auth

platform/app/.recipes/OpenResty-Orthanc-Keycloak/dockerfile

@@ -28,6 +28,8 @@ FROM node:16.15.0-slim as builder
 RUN mkdir /usr/src/app
 WORKDIR /usr/src/app
 
+RUN apt-get update && apt-get install -y build-essential python3
+
 ENV APP_CONFIG=config/docker_openresty-orthanc-keycloak.js
 ENV PATH /usr/src/app/node_modules/.bin:$PATH
 
@@ -44,23 +46,38 @@ RUN yarn run build
 # Stage 2: Bundle the built application into a Docker container
 # which runs openresty (nginx) using Alpine Linux
 # LINK: https://hub.docker.com/r/openresty/openresty
-FROM openresty/openresty:1.15.8.1rc1-0-alpine-fat
+FROM openresty/openresty:1.21.4.2-0-bullseye-fat
 
 RUN mkdir /var/log/nginx
-RUN apk add --no-cache openssl
-RUN apk add --no-cache openssl-dev
-RUN apk add --no-cache git
-RUN apk add --no-cache gcc
+RUN apt-get update && \
+  apt-get install -y openssl libssl-dev git gcc wget unzip make&& \
+  apt-get clean
+
+RUN apt-get install --assume-yes lua5.4 libzmq3-dev lua5.4-dev
+RUN cd /tmp && \
+  wget http://luarocks.org/releases/luarocks-3.9.2.tar.gz && \
+  tar zxpf luarocks-3.9.2.tar.gz && \
+  cd luarocks-3.9.2 && \
+  ./configure && \
+  make && \
+  make install
+
 # !!!
+RUN luarocks install lua-resty-http
+# RUN luarocks install lua-nginx-module
+RUN luarocks install lua-cjson
+RUN luarocks install lua-resty-string
+RUN luarocks install lua-resty-session
+RUN luarocks install lua-resty-jwt
 RUN luarocks install lua-resty-openidc
 
+RUN apt-get clean && rm -rf /var/lib/apt/lists/*
+
 #
-RUN luarocks install lua-resty-jwt
-RUN luarocks install lua-resty-session
 RUN luarocks install lua-resty-http
 # !!!
-RUN luarocks install lua-resty-openidc
-RUN luarocks install luacrypto
+RUN luarocks install lua-resty-auto-ssl
+
 
 # Copy build output to image
 COPY --from=builder /usr/src/app/platform/app/dist /var/www/html

platform/docs/docs/configuration/configurationFiles.md

@@ -274,7 +274,7 @@ output.
 [dicom-web]: https://en.wikipedia.org/wiki/DICOMweb
 [storescu]: https://support.dcmtk.org/docs/storescu.html
 [webpack-proxy]: https://webpack.js.org/configuration/dev-server/#devserverproxy
-[orthanc-docker-compose]: https://github.com/OHIF/Viewers/tree/master/.docker/Nginx-Orthanc
+[orthanc-docker-compose]: https://github.com/OHIF/Viewers/tree/master/platform/app/.recipes/Nginx-Orthanc
 <!-- Archives -->
 [dcm4chee]: https://github.com/dcm4che/dcm4chee-arc-light
 [dcm4chee-docker]: https://github.com/dcm4che/dcm4chee-arc-light/wiki/Running-on-Docker

platform/docs/docs/configuration/dataSources/dicom-web.md

@@ -74,7 +74,7 @@ _Upload your first Study:_
 #### Orthanc: Learn More
 
 You can see the `docker-compose.yml` file this command runs at
-[`<project-root>/.docker/Nginx-Orthanc/`][orthanc-docker-compose], and more on
+[`<project-root>/platform/app/.recipes/Nginx-Orthanc`][orthanc-docker-compose], and more on
 Orthanc for Docker in [Orthanc's documentation][orthanc-docker].
 
 #### Connecting to Orthanc
@@ -163,7 +163,7 @@ A boolean indicating if the DICOM upload to the data source is permitted/accepte
 :::tip
 The [OHIF plugin for Orthanc](https://book.orthanc-server.com/plugins/ohif.html) by default utilizes the DICOM JSON data
 source and it has been discovered that only those studies uploaded to Orthanc AFTER the plugin has been installed are
-available as DICOM JSON. As such, if the OHIF plugin for Orthanc is desired for studies uploaded prior to installing the plugin, 
+available as DICOM JSON. As such, if the OHIF plugin for Orthanc is desired for studies uploaded prior to installing the plugin,
 then consider switching to using [DICOMweb instead](https://book.orthanc-server.com/plugins/ohif.html#using-dicomweb).
 :::