ohcnetwork · areebahmeddd · Feb 21, 2025 · Feb 22, 2025
diff --git a/.gitignore b/.gitignore
@@ -1,25 +1,29 @@
+# System files
 **/*/service_images.json
 **/*.pyc
+._*                     # OSX leaves these everywhere on SMB shares
+.DS_Store               # OSX trash
 
-# OSX leaves these everywhere on SMB shares
-._*
-terraform-aws-modules
-# OSX trash
-.DS_Store
+# Terraform files
+.history
+*.terraform
+*.tfstate
+.terraform.lock.hcl
 
-# Files generated by JetBrains IDEs, e.g. IntelliJ IDEA
+# IDE files
+## JetBrains (e.g. IntelliJ IDEA)
 .idea/
 *.iml
 
-# Vscode files
+## Visual Studio Code
 .vscode
 
-# Emacs save files
+## Emacs save files
 *~
 \#*\#
 .\#*
 
-# Vim-related files
+## Vim-related files
 [._]*.s[a-w][a-z]
 [._]s[a-w][a-z]
 *.un~
@@ -30,7 +34,5 @@ Session.vim
 **/charts/*.tgz
 *Chart.lock
 
-.history
-*.terraform
-*.tfstate
-.terraform.lock.hcl
+# Terraform AWS modules
+terraform-aws-modules
diff --git a/ClusterIssuer/cluster-issuer.yaml b/ClusterIssuer/cluster-issuer.yaml
@@ -2,13 +2,14 @@ apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
   name: letsencrypt-production
+
 spec:
   acme:
     email: 'email.id@example.in'
-    server: https://acme-v02.api.letsencrypt.org/directory
+    server: 'https://acme-v02.api.letsencrypt.org/directory'
     privateKeySecretRef:
       name: letsencrypt-production
     solvers:
-    - http01:
-        ingress:
+      - http01:
+          ingress:
             class: nginx
diff --git a/README.md b/README.md
@@ -1 +1 @@
-# Care Deployment Config Template
+# Care Deployment Configuration Templates
diff --git a/certificate/certificate.yml b/certificate/certificate.yml
@@ -3,12 +3,13 @@ kind: Certificate
 metadata:
   name: care-tls
   namespace: default
+
 spec:
   secretName: care-tls
   issuerRef:
     name: letsencrypt-production
     kind: ClusterIssuer
   dnsNames:
-  - care.demo.example.in
-  - careapi.demo.example.in
-  - metabase.demo.example.in
+    - care.demo.example.in
+    - careapi.demo.example.in
+    - metabase.demo.example.in
diff --git a/configmaps/care-configmap.yaml b/configmaps/care-configmap.yaml
@@ -4,20 +4,22 @@ metadata:
   name: care-production
   labels:
     app: care
-    env: staging
+    env: production
     namespace: default
+
 data:
   POSTGRES_DB: 'care'
   POSTGRES_USER: 'postgres'
   POSTGRES_HOST: ''
   POSTGRES_PORT: '5432'
+  POSTGRES_PASSWORD: ''
   DJANGO_SETTINGS_MODULE: 'config.settings.production'
   DJANGO_SECURE_SSL_REDIRECT: 'False'
   USE_S3: 'False'
   AWS_STORAGE_BUCKET_NAME: 'care-patient-data-private-bucket'
   CSRF_TRUSTED_ORIGINS: '["http://care-django-production", "https://care.demo.example.in", "https://careapi.demo.example.in"]'
   DJANGO_ALLOWED_HOSTS: '["care-django-production", "care.demo.example.in", "careapi.demo.example.in"]'
-  RATE_LIMIT: "5/10m"
-  MAINTENANCE_MODE: "0"
-  CLOUD_PROVIDER: "GCP"
-  CLOUD_REGION: "asia-south1"
+  RATE_LIMIT: '5/10m'
+  MAINTENANCE_MODE: '0'
+  CLOUD_PROVIDER: 'GCP'
+  CLOUD_REGION: 'asia-south1'
diff --git a/configmaps/care-fe-production.yaml b/configmaps/care-fe-production.yaml
@@ -6,25 +6,26 @@ metadata:
     app: care-fe-production
     env: production
     namespace: default
+
 data:
   config.json: |
     {
       "dashboard_url": "https://metabase.demo.example.in",
-      "github_url": "https://github.com/coronasafe",
-      "coronasafe_url": "https://coronasafe.network?ref=care",
+      "github_url": "https://github.com/ohcnetwork",
+      "coronasafe_url": "https://ohc.network/care",
       "site_url": "care.demo.example.in",
       "analytics_server_url": "",
       "header_logo": {
-          "light":"https://cdn.coronasafe.network/header_logo.png",
-          "dark":"https://cdn.coronasafe.network/header_logo.png"
+        "light": "https://cdn.ohc.network/header_logo.png",
+        "dark": "https://cdn.ohc.network/header_logo.png"
       },
       "main_logo": {
-          "light":"https://cdn.coronasafe.network/10bedicu_logo.png",
-          "dark":"https://cdn.coronasafe.network/10bedicu_logo.png"
+        "light": "https://cdn.ohc.network/10bedicu_logo.png",
+        "dark": "https://cdn.ohc.network/10bedicu_logo.png"
       },
       "state_logo": {
-            "light":"https://cdn.coronasafe.network/10bedicu_logo.png",
-            "dark":"https://cdn.coronasafe.network/10bedicu_logo.png"
+        "light": "https://cdn.ohc.network/10bedicu_logo.png",
+        "dark": "https://cdn.ohc.network/10bedicu_logo.png"
       },
       "gmaps_api_key": "",
       "gov_data_api_key": "",
@@ -37,4 +38,4 @@ data:
       "sample_format_asset_import": "https://spreadsheets.google.com/feeds/download/spreadsheets/Export?key=11JaEhNHdyCHth4YQs_44YaRlP77Rrqe81VSEfg1glko&exportFormat=xlsx",
       "sample_format_external_result_import": "https://docs.google.com/spreadsheets/d/17VfgryA6OYSYgtQZeXU9mp7kNvLySeEawvnLBO_1nuE/export?format=csv&id=17VfgryA6OYSYgtQZeXU9mp7kNvLySeEawvnLBO_1nuE",
       "enable_abdm": true
-    }
+    }
diff --git a/configmaps/nginx.yaml b/configmaps/nginx.yaml
@@ -2,40 +2,42 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: nginx-conf-production
+
 data:
   nginx.conf: |
     user nginx;
-    worker_processes  1;
-    error_log  /dev/stdout;
+    worker_processes 1;
+    error_log /dev/stdout;
+
     events {
-      worker_connections  10240;
+      worker_connections 10240;
     }
-    http {
 
-      access_log  /dev/stdout;
+    http {
+      access_log /dev/stdout;
 
       server {
         listen 80;
         server_name careapi.demo.example.in;
         client_max_body_size 50M;
-        # Hack to enforce SSL.
 
-        if ($http_x_forwarded_proto != "https") {
-          return 301 https://$host$request_uri;
-        }
-        # add_header Access-Control-Allow-Origin "*";
+        # if ($http_x_forwarded_proto != "https") {
+        #   return 301 https://$host$request_uri;
+        # }
+
         add_header X-XSS-Protection "1; mode=block";
         add_header X-Frame-Options "SAMEORIGIN";
         add_header X-Content-Type-Options nosniff;
         add_header Referrer-Policy "no-referrer, strict-origin-when-cross-origin";
-        add_header Feature-Policy "geolocation 'self' ";
+        add_header Feature-Policy "geolocation 'self'";
+        add_header Access-Control-Allow-Origin "'https://*.example.in https://*.ohc.network' always";
+
         add_header Powered-By "Open HealthCare Network (ohc.network)";
-        add_header Support-Email "info@coronasafe.network";
-        add_header Source-Code "github.com/coronasafe";
+        add_header Support-Email "info@ohc.network";
+        add_header Source-Code "github.com/ohcnetwork";
         add_header Licence-Type "MIT";
-
-        add_header Volunteer "volunteers.coronasafe.network";
-        add_header Collaborate-On "slack.coronasafe.in";
+        add_header Volunteer "volunteers.ohc.network";
+        add_header Collaborate-On "slack.ohc.network";
 
         access_log /dev/stdout;
         error_log /dev/stdout;
@@ -51,24 +53,25 @@ data:
       server {
         listen 80;
         server_name care.demo.example.in;
-        # Hack to enforce SSL.
         client_max_body_size 50M;
-        if ($http_x_forwarded_proto != "https") {
-          return 301 https://$host$request_uri;
-        }
+
+        # if ($http_x_forwarded_proto != "https") {
+        #   return 301 https://$host$request_uri;
+        # }
+
         add_header X-XSS-Protection "1; mode=block";
         add_header X-Frame-Options "SAMEORIGIN";
         add_header X-Content-Type-Options nosniff;
         add_header Referrer-Policy "no-referrer, strict-origin-when-cross-origin";
-        add_header Feature-Policy "geolocation 'self' ";
+        add_header Feature-Policy "geolocation 'self'";
+        add_header Access-Control-Allow-Origin "'https://*.example.in https://*.ohc.network' always";
+
         add_header Powered-By "Open HealthCare Network (ohc.network)";
-        add_header Support-Email "info@coronasafe.network";
-        add_header Source-Code "github.com/coronasafe";
+        add_header Support-Email "info@ohc.network";
+        add_header Source-Code "github.com/ohcnetwork";
         add_header Licence-Type "MIT";
-
-        add_header Volunteer "volunteers.coronasafe.network";
-        add_header Collaborate-On "slack.coronasafe.in";
-        add_header Access-Control-Allow-Origin "'https://*.example.in https://*.coronasafe.network' always";
+        add_header Volunteer "volunteers.ohc.network";
+        add_header Collaborate-On "slack.ohc.network";
 
         access_log /dev/stdout;
         error_log /dev/stdout;
@@ -84,31 +87,32 @@ data:
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header Host $http_host;
           proxy_redirect off;
-          proxy_pass http://care-fe-staging-production;
+          proxy_pass http://care-fe-staging-production:80;
         }
       }
 
       server {
         listen 80;
-        server_name metabase.demo.example.in ;
-        # Hack to enforce SSL.
+        server_name metabase.demo.example.in;
         client_max_body_size 50M;
-        if ($http_x_forwarded_proto != "https") {
-          return 301 https://$host$request_uri;
-        }
+
+        # if ($http_x_forwarded_proto != "https") {
+        #   return 301 https://$host$request_uri;
+        # }
+
         add_header X-XSS-Protection "1; mode=block";
         add_header X-Frame-Options "SAMEORIGIN";
         add_header X-Content-Type-Options nosniff;
         add_header Referrer-Policy "no-referrer, strict-origin-when-cross-origin";
-        add_header Feature-Policy "geolocation 'self' ";
+        add_header Feature-Policy "geolocation 'self'";
+        add_header Access-Control-Allow-Origin "'https://*.example.in https://*.ohc.network' always";
+
         add_header Powered-By "Open HealthCare Network (ohc.network)";
-        add_header Support-Email "info@coronasafe.network";
-        add_header Source-Code "github.com/coronasafe";
+        add_header Support-Email "info@ohc.network";
+        add_header Source-Code "github.com/ohcnetwork";
         add_header Licence-Type "MIT";
-
-        add_header Volunteer "volunteers.coronasafe.network";
-        add_header Collaborate-On "slack.coronasafe.in";
-        add_header Access-Control-Allow-Origin "'https://*.example.in https://*.coronasafe.network' always";
+        add_header Volunteer "volunteers.ohc.network";
+        add_header Collaborate-On "slack.ohc.network";
 
         access_log /dev/stdout;
         error_log /dev/stdout;
@@ -121,4 +125,3 @@ data:
         }
       }
     }
-
diff --git a/deployments/care-backend.yaml b/deployments/care-backend.yaml
@@ -2,7 +2,12 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: care-django-production
+
 spec:
+  selector:
+    matchLabels:
+      app: care-django-production
+
   template:
     metadata:
       labels:
@@ -11,24 +16,17 @@ spec:
         env: production
         namespace: default
     spec:
-#      imagePullSecrets:
-#        - name: githubreg
+      # imagePullSecrets:
+      #   - name: githubreg
       containers:
         - name: care
-          image: ghcr.io/coronasafe/care:production-latest
+          image: ghcr.io/ohcnetwork/care:production-latest
           imagePullPolicy: Always
-          # resources:
-          #   requests:
-          #     memory: "200Mi"
-          #     cpu: "200m"
-          #   limits:
-          #     memory: "300Mi"
-          #     cpu: "200m"
-          command:
-            - /app/start-ecs.sh
+          command: ["/bin/bash", "-c", "--"]
+          args: ["/app/start.sh"]
           ports:
-            - containerPort: 9000
-              name: django
+            - name: django
+              containerPort: 9000
               protocol: TCP
           envFrom:
             - configMapRef:
@@ -40,20 +38,23 @@ spec:
               value: "20200331015742"
             - name: deployment-version
               value: "_BUILD_NUMBER_"
-          volumeMounts:
-            - name: newrelic-ini
-              mountPath: /etc/newrelic.ini
-              subPath: newrelic.ini
-              readOnly: true
-      volumes:
-        - name: newrelic-ini
-          secret:
-            secretName: care-production
-            defaultMode: 0444
-            items:
-              - key: NEWRELIC_INI
-                path: newrelic.ini
-  selector:
-    matchLabels:
-      app: care-django-production
-
+          # resources:
+          #   requests:
+          #     memory: "200Mi"
+          #     cpu: "200m"
+          #   limits:
+          #     memory: "300Mi"
+          #     cpu: "200m"
+      #     volumeMounts:
+      #       - name: newrelic-ini
+      #         mountPath: /etc/newrelic.ini
+      #         subPath: newrelic.ini
+      #         readOnly: true
+      # volumes:
+      #   - name: newrelic-ini
+      #     secret:
+      #       secretName: care-production
+      #       defaultMode: 0444
+      #       items:
+      #         - key: NEWRELIC_INI
+      #           path: newrelic.ini
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		# Care Deployment Config Template
		# Care Deployment Configuration Templates