High Level Summary of Steps

At a high level, for each of the services you run, ensure the username & passwords are secure. Check for all services including OpenMRS, Crater, Metabase, Odoo, DCM4chee, OpenELIS, etc, and also the associated database credentials.

For this, you would need to update the credentials in the .env file for services & DB’s, and for some of the services, you need to ensure that they are running. Then, log in to their admin section and change the default credentials. Additionally, make sure to update the .env file with the new credentials after bringing down the service, before bringing the services back up.

This whole process should likely take you approx. 30-45 mins. To know which all passwords need to be changed, search for all variables in .env file which end with PASSWORD. See the sample command that can help: cat .env | grep PASSWORD

Open

Credentials for Bahmni Lite

Credentials for Bahmni Standard

Steps needed for each Service

OpenMRS/Bahmni

For OpenMRS / Bahmni EMR UI, change credentials by:

1. Login into OpenMRS Admin UI (https://<ip>/openmrs/) with admin rights (superman user)

2. Go to Administration → Manage User

3. Change the creds for admin users: superman and admin

4. Save/Exit/Logout and login again to check the creds work as expected.

5. Update .env file with new creds for variables OPENMRS_ATOMFEED_USER and OPENMRS_ATOMFEED_PASSWORD

OpenELIS

For OpenELIS (Lab), follow these steps after login with admin user admin: Lab Security and Access Control (OpenELIS) and then update the .env file with new creds for variables OPENELIS_ATOMFEED_USER and OPENELIS_ATOMFEED_PASSWORD

Crater

1. Login into the crater as admin (superman@bahmni.org).

2. Go to Settings → Account Setting

3. Change the password to a new one

4. Save/Exit/Logout and login again to check the creds work as expected.

5. Update the .env file with new creds for variables CRATER_ADMIN_EMAIL, CRATER_ADMIN_PASSWORD,

   CRATER_USERNAME and CRATER_PASSWORD

Odoo

1. Login to Odoo with user admin and change the password.

2. Save/Exit/Logout and login again to check the creds work as expected.

3. Update the .env file with new creds for variables ODOO_ATOMFEED_USER and ODOO_ATOMFEED_PASSWORD

Metabase Analytics

1. Login to metabase with admin@mybahmni.org

2. Go to Settings → Admin Settings → People (https://<ip>/metabase/admin/people)

3. Click on the “…” (3 dots) on the right side of Admin user, and reset the password.

4. Save/Exit/Logout and login again to check the creds work as expected.

5. Update .env file with new creds for METABASE_ADMIN_EMAIL and METABASE_ADMIN_PASSWORD.

6. Also, ensure you have set up the correct permissions for other users: Securing Metabase & Bahmni Mart Analytics Tool

DCM4chee

1. Login to Dcm4chee service with admin user: admin

2. Change password.

3. Save/Exit/Logout and login again to check the creds work as expected. We don't have to update anything on .env file.

Databases

1. Note, the app services like openmrs, or crater, or odoo should be shut down, before changing DB service credentials, to ensure none of the services are connected to DB.

2. For databases you will need to ssh/exec into each container (docker compose exec <db-servicename>, and then using mysql or pgsql command, connect and then rename. To connect to a database see: Connecting to various databases.

3. To reset password for MySQL see: https://dev.mysql.com/doc/refman/8.0/en/resetting-permissions.html and for Postgres see: https://www.geeksforgeeks.org/postgresql-reset-password-for-postgres/ (step 4 onwards).

4. Once done, then update the .env file with new DB credentials and restart the service.