-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add optional-components/stac-data-proxy
- Loading branch information
1 parent
348ee89
commit ccdacce
Showing
11 changed files
with
148 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
config/magpie/permissions.cfg | ||
config/proxy/conf.extra-service.d/stac-proxy-data.conf |
5 changes: 5 additions & 0 deletions
5
birdhouse/optional-components/stac-data-proxy/config/magpie/docker-compose-extra.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
version: "3.4" | ||
services: | ||
magpie: | ||
volumes: | ||
- ./optional-components/stac-data-proxy/config/magpie/permissions.cfg:${MAGPIE_PERMISSIONS_CONFIG_PATH}/stac-data-proxy.cfg:ro |
12 changes: 12 additions & 0 deletions
12
birdhouse/optional-components/stac-data-proxy/config/magpie/permissions.cfg.template
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
# NOTE: | ||
# Assume 'secure-data-proxy' would exist if needed. | ||
# Since 'secure-data-proxy' < 'stac-data-proxy', it should be loaded first. | ||
permissions: | ||
# following permission does not change anything technically (full access for admins) | ||
# it is employed only to set up the relevant resource path and make permission customization easier by Magpie API/UI | ||
- service: secure-data-proxy | ||
resource: ${STAC_DATA_PROXY_URL_PATH} | ||
type: route | ||
permission: read | ||
group: administrators | ||
action: create |
5 changes: 5 additions & 0 deletions
5
...omponents/stac-data-proxy/config/proxy/conf.extra-service.d/stac-proxy-data.conf.template
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
location ${STAC_DATA_PROXY_URL_PATH}/ { | ||
${SECURE_DATA_PROXY_AUTH_INCLUDE} | ||
|
||
alias /stac-data-proxy/; | ||
} |
7 changes: 7 additions & 0 deletions
7
birdhouse/optional-components/stac-data-proxy/config/proxy/docker-compose-extra.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
version: "3.4" | ||
services: | ||
proxy: | ||
volumes: | ||
- ./optional-components/stac-data-proxy/config/proxy/conf.extra-service.d:/etc/nginx/conf.extra-service.d/stac-data-proxy:ro | ||
# NOTE: data for hosted STAC assets, not to be confused with 'stac-db' for internal STAC catalog definitions | ||
- ${STAC_DATA_PROXY_DIR_PATH}:/stac-data-proxy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
#!/bin/sh | ||
|
||
# All env in this default.env can be overridden by env.local. | ||
|
||
# All env in this default.env must NOT depend on any other env. If they do, they | ||
# must use single quotes to avoid early expansion before overrides in env.local | ||
# are applied and must be added to the list of DELAYED_EVAL. | ||
|
||
# add any new variables not already in 'VARS' or 'OPTIONAL_VARS' that must be replaced in templates here | ||
# single quotes are important in below list to keep variable names intact until 'pavics-compose' parses them | ||
EXTRA_VARS=' | ||
$STAC_DATA_PROXY_DIR_PATH | ||
$STAC_DATA_PROXY_URL_PATH | ||
' | ||
|
||
# extend the original 'VARS' from 'birdhouse/pavics-compose.sh' to employ them for template substitution | ||
# adding them to 'VARS', they will also be validated in case of override of 'default.env' using 'env.local' | ||
VARS="$VARS $EXTRA_VARS" | ||
|
||
# Direcotry path that will be used as volume mount for storing hosted STAC assets data | ||
# NOTE: | ||
# Hosting is not performed by the API itself. Data is expected to already reside in that | ||
# location when referenced by STAC Collections and Items to make them accessible externally. | ||
export STAC_DATA_PROXY_DIR_PATH='${DATA_PERSIST_ROOT}/stac-data' | ||
|
||
# URL path (after PAVICS_FQDN_PUBLIC) that will be used to proxy local STAC assets data | ||
export STAC_DATA_PROXY_URL_PATH="/data/stac" | ||
|
||
DELAYED_EVAL=" | ||
$DELAYED_EVAL | ||
STAC_DATA_PROXY_DIR_PATH | ||
" | ||
|
||
# add any component that this component requires to run | ||
# NOTE: | ||
# './optional-component/secure-data-proxy' is purposely omitted from dependencies | ||
# if 'EXTRA_CONF_DIRS' enabled it as well, the proxy path/alias will have relevant auth request enabled | ||
# otherwise, it will use by default the public access with no prior nginx auth validation | ||
COMPONENT_DEPENDENCIES=" | ||
./components/stac | ||
./config/proxy | ||
" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
config/stac-data-proxy/permissions.cfg |
5 changes: 5 additions & 0 deletions
5
...se/optional-components/stac-public-access/config/stac-data-proxy/docker-compose-extra.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
version: "3.4" | ||
services: | ||
magpie: | ||
volumes: | ||
- ./optional-components/stac-public-access/config/stac-data-proxy/permissions.cfg:${MAGPIE_PERMISSIONS_CONFIG_PATH}/stac-data-proxy-public.cfg:ro |
10 changes: 10 additions & 0 deletions
10
...se/optional-components/stac-public-access/config/stac-data-proxy/permissions.cfg.template
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
# NOTE: | ||
# Assume 'secure-data-proxy' would exist if needed. | ||
# Since 'secure-data-proxy' < 'stac-data-proxy-public', it should be loaded first. | ||
permissions: | ||
- service: secure-data-proxy | ||
resource: ${STAC_DATA_PROXY_URL_PATH} | ||
type: route | ||
permission: read | ||
group: anonymous | ||
action: create |