Page Comparison

...

...

Bahmni ABDM Proxy simulates HRP (Health Repository Providers) in order to allow sharing ABDM secrets across multiple single tenant bahmni instances running as HIU/HIP.

1. Individual Bahmni instances (as HIU/HIP) continues to directly call the ABDM gateway using shared secrets

2. ABDM Gateway responds back onto the ABDM Proxy callback endpoint (common accross all Bahmni HIP/HIU instances).

3. ABDM Proxy maintains knowledge (map) about HIU/HIP (key) and their corresponding instance url. It extracts the HIU/HIP ID from the request callback header (e.g. X-HIU-ID) and derive the deligate delegate url

4. It would then forward the request to the deligate delegate url (with headers as-is) in order to have it handled by the designated HIP/HIU instance.

...

The assumption is that all the Bahmni instances are running within the same Kubernetes cluster (any of the 3 approaches depicted in this document).

🔘 Create A record for ABDM Proxy

The assumption is that you have already setup a Also Hosted Zone for your target domain (e.g. mybahmni.in) and completed the is already setup along with completing this infra setup.

🔘 Create A record for ABDM Proxy

This A record is to have a unique subdomain for ABDM proxy e.g. abdm-proxy.mybahmni.in. You could either follow Follow this guide for CLI or this for Console (choose Alias to network load-balancer and then select the configured elb from your target aws region).

🔘 Apply ABDM proxy ingress in default namespace

Start by forking this repo https://github.com/BahmniIndiaDistro/abdm-callback-proxy - change the host in ingress.yaml to the alias that you was setup in above earlier setup e.g. abdm-proxy.mybahmni.in and then apply . Apply the configuration in default namespace

kubectl apply -f ingress.yaml

🔘

...

Configure HIU and HIP services on ABDM Gateway

Register individual HIP/HIU as service on the gateway using the shared abdm client secrets

HIU

curl --location --request PUT 'https://dev.ndhm.gov.in/devservice/v1/bridges/services' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer ENTER_THE_TOKEN' \
--data-raw '{"id":"alpha","name":"Alpha","type":"HIU","active":true,"alias":["Alpha"]}'

HIP

curl --location --request PUT 'https://dev.ndhm.gov.in/devservice/v1/bridges/services' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer ENTER_THE_TOKEN' \
--data-raw '{"id":"omega","name":"Omega","type":"HIP","active":true,"alias":["Omega"]}'

🔘 Configure HIU and HIP instance url on Bahmni ABDM Proxy

Bahmni ABDM proxy uses Nginx + NJS to manage the HIU/HIP map and perform the deligationdelegation. Change the deligateRepository in njs.ts to represent your the bahmni cluster with various instances of bahmni as HIU/HIP. In below example alpha and omega are 2 bahmni instances running as HIP/HIP in different namespace within the same EKS cluster having their own A record defined.

const deligateRepository: { [key: string]: string } = {
  alpha: 'alpha.mybahmni.in',
  omega: 'omega.mybahmni.in',
};

TODO

...

...

Create services on ABDM gateway

...

Create Docker Image and push to Implementer’s dockerhub

...

• Build the project using yarn build

• Create and publish docker Image: docker build -t yourDockerHubRepo/abdm-callback-proxy . && docker push yourDockerHubRepo/abdm-callback-proxy. It would also require a docker login to target dockerhub account before pushing the image.

🔘 Apply abdm proxy service in default namespace

Replace spec.containers.image in abdm-callback.proxy.yaml with your Dockerhub repo name (instead of bahmniindiadistro/). Apply the abdm-callback-proxy service in default namesapce

kubectl apply -f abdm-callback.proxy.yaml