search

UCL-MIRSG / ansible-collection-infra

Ansible Collection to configure infrastructure for XNAT and OMERO
BSD 3-Clause "New" or "Revised" License
1 stars 1 forks source link

Nginx configuration prevents default XNAT SCP from starting #119

Closed HChughtai closed 2 months ago

HChughtai commented 3 months ago

Short Description

Identified through UCL-MIRSG/UCLMedicalImagingEnv#401, the default configuration for the nginx role clashes with the default DICOM SCP receiver that XNAT starts on port 8104.

As nginx starts up first, it starts listening on nginx_upstream_listen_port (by default 8104 and so preventst XNAT/Tomcat from listening on it. This means that the DICOM SCP receiver is blocked from starting up.

Evidence/Steps to Reproduce

See UCL-MIRSG/UCLMedicalImagingEnv#401

Acceptance Criteria/Expected Behaviour

Details

No response

Resolution

No response

HChughtai commented 3 months ago

Hi @p-j-smith and @drmatthews,

Do you recall the rationale for the server block within the stream block here? 

{% if nginx_upstream_port is defined and nginx_upstream_listen_port is defined %}
stream {
    upstream backend {
        server localhost:{{ nginx_upstream_port }};
    }

    server {
        listen {{ nginx_upstream_listen_port }};
        proxy_pass backend;
    }
}
{% endif %}

Right now by default nginx_upstream_listen_port == nginx_upstream_port == default XNAT DICOM SCP port = 8104 which is causing issues as two things are trying to listen on the same port.

HChughtai commented 3 months ago

Looking at older commits, the stream block was the same structure as here (but with different variable names) The difference was that one port was 104 and the other was 8104 which meant there wasn't a clash.

p-j-smith commented 3 months ago

Looking at older commits, the stream block was the same structure as here (but with different variable names) The difference was that one port was 104 and the other was 8104 which meant there wasn't a clash.

Looks like it was changed in this pr to resolve this issue. Shall we change the defaults back to 104 and 8104?

HChughtai commented 3 months ago

Ah, so it was my fault 🤦🏽 for not realising why those ports were different. It is a bit confusing that the XNAT interface will say 8104, whilst the port to use will be 104. I'm tempted to say that we stream the port directly through

p-j-smith commented 3 months ago

Ah, so it was my fault 🤦🏽 for not realising why those ports were different.

No worries 😄 I also should have checked what those ports were for before making the changes.

I'm tempted to say that we stream the port directly through

Do you know how do we do this? Does the nginx config need changing?

HChughtai commented 3 months ago

Do you know how do we do this? Does the nginx config need changing?

Yeah, we can just remove the entire stream block so nginx doesn't handle connections on the DICOM port. The firewall will still allow connections on the DICOM port but will connection directly to Tomcat:8104

p-j-smith commented 3 months ago

ah I see, yeah that sounds like a much better way of doing it

HChughtai commented 3 months ago

I'm planning to do a PR next week when I'm back on an ARC sprint. Going to think about how we might allow configuration of multiple DICOM SCP ports at the same time.

p-j-smith commented 2 months ago

Looking at older commits, the stream block was the same structure as here (but with different variable names) The difference was that one port was 104 and the other was 8104 which meant there wasn't a clash.

Should we change the defaults back to 104 and 8104 for now? Or remove the stream block?

HChughtai commented 2 months ago

Should we change the defaults back to 104 and 8104 for now? Or remove the stream block?

I've got the change for removing the stream block pretty much ready to go. I'll open a PR with that, and we can do further changes to handling multiple DICOM ports as we need to.