FHIR Chat · OpenVidu setup · clinic-arrivals

Stream: clinic-arrivals

Topic: OpenVidu setup

view this post on Zulip Vadim Peretokin (Mar 31 2020 at 05:51):

@James Berry would you mind documenting the OpenVidu setup?

view this post on Zulip James Berry (Mar 31 2020 at 05:55):

Actually I am in the process of turning it into software using Pulumi - but yes I will document it as well

view this post on Zulip Shovan Roy (Mar 31 2020 at 21:38):

@James Berry let me know if you need any assistance on this..
bwn..I would love to see the Pulumi config.. :slight_smile:

view this post on Zulip James Berry (Apr 01 2020 at 00:13):

@Grahame Grieve I need to create access keys for programmatic access to AWS but don't have the following permission
'''User: arn:aws:iam::515384486676:user/James.Berry is not authorized to perform: iam:ListAccessKeys on resource: user James.Berry'''
'''User: arn:aws:iam::515384486676:user/James.Berry is not authorized to perform: iam:CreateAccessKey on resource: user James.Berry'''
'''User: arn:aws:iam::515384486676:user/James.Berry is not authorized to perform: iam:GetUser on resource: user James.Berry'''
Please add permissions http://docs.aws.amazon.com/console/iam/about_permissions

view this post on Zulip James Berry (Apr 01 2020 at 00:17):

Hi @Shovan Roy so what I am going to do first is programmatic creation of single OpenVidu server in parallel to the one that is being used, which will effectively document the process. Then I will look at how to autoscale it.

view this post on Zulip Grahame Grieve (Apr 01 2020 at 00:33):

@James Berry try again

view this post on Zulip James Berry (Apr 01 2020 at 00:38):

@Grahame Grieve nope, still have same lack of permissions, signed out and in and tried again twice, no change

view this post on Zulip Grahame Grieve (Apr 01 2020 at 00:51):

do you know what permissions I actually need to add ?

view this post on Zulip James Berry (Apr 01 2020 at 00:55):

https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_users-self-manage-mfa-and-creds.html this would give me full access to my credentials on the proviso that I have MFA enabled

view this post on Zulip James Berry (Apr 01 2020 at 04:15):

Seeing as we are already using C# for the desktop app I am using it for the Pulumi deployment of AWS infrastructure. It's currently in preview but should go GA this month. Other choices are Node.js (TypeScript or JavaScript), Python, or Go (also in preview). Reason I suggest C# is to minimise the languages in use. Alternatively, we could go with JS as it is in use for the webapp however I think this is a weaker reason. What does everyone think?

view this post on Zulip Vadim Peretokin (Apr 01 2020 at 04:18):

C# is fine, and we're not limited by desktop deployments here so we can use the modern .net core

view this post on Zulip Vadim Peretokin (Apr 01 2020 at 04:18):

That's my 2c

view this post on Zulip James Berry (Apr 01 2020 at 04:18):

Yes it is .NET Core 3.1 atm

view this post on Zulip James Berry (Apr 01 2020 at 04:19):

Also it will have two GitHub Actions workflows

view this post on Zulip Vadim Peretokin (Apr 01 2020 at 04:20):

What would the workflows and the code do?

view this post on Zulip James Berry (Apr 01 2020 at 04:24):

https://www.pulumi.com/docs/get-started/aws
https://www.pulumi.com/docs/guides/continuous-delivery/github-actions/
https://www.pulumi.com/docs/guides/continuous-delivery/github-app/

view this post on Zulip James Berry (Apr 01 2020 at 04:30):

Grahame Grieve said:

do you know what permissions I actually need to add ?

Or you can create access keys for me and send them https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html#cli-quick-configuration see the section To create access keys for an IAM user

view this post on Zulip James Berry (Apr 01 2020 at 12:23):

I've got the first cut of the video infrastructure in my fork at https://github.com/jamesianberry/ClinicArrivals
I am using my domain and AWS to test it out. It builds a video server OK, and letsencrypt works, but there is some timeout happening in the provisioning process which I still need to work out - also the outputs aren't being parsed properly. But it's a good first step. I don't want to submit a pull request yet because we need to set up AWS credentials and secrets. But have a look at the changes in the video directory and two more GitHub Actions workflows

view this post on Zulip Vadim Peretokin (Apr 01 2020 at 16:44):

You can setup a draft pull request, what about that?

view this post on Zulip James Berry (Apr 02 2020 at 00:26):

@Grahame Grieve actually what you should do is create a new user for automation with a set of limited rights to provision EC2 and CloudFormation and generate access keys for it, then load those secrets into GitHub. That is what I have done in my AWS

view this post on Zulip Grahame Grieve (Apr 02 2020 at 00:32):

getting to it

view this post on Zulip James Berry (Apr 02 2020 at 00:37):

call the secrets in GitHub AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY

view this post on Zulip James Berry (Apr 02 2020 at 05:38):

Vadim Peretokin said:

You can setup a draft pull request, what about that?

Happy to do that - submitted. @Grahame Grieve will also need to:

  1. sign up to app.pulumi.com
  2. create a Pulumi access token https://app.pulumi.com/account/tokens
  3. add PULUMI_ACCESS_TOKEN to GitHub secrets
  4. install Pulumi GitHub App https://github.com/apps/pulumi
    Once that and the AWS credentials are sorted, we can update the parameters and it will build new infrastructure - but we will continue to use the current server until we are happy it is working fine

view this post on Zulip James Berry (Apr 02 2020 at 05:50):

Shovan Roy said:

James Berry let me know if you need any assistance on this..
bwn..I would love to see the Pulumi config.. :)

Hi Shovan, have a look at https://github.com/grahamegrieve/ClinicArrivals/pull/47/files

view this post on Zulip Vadim Peretokin (Apr 02 2020 at 06:02):

Ah there is a separate dropdown button when submitting a pull request to explicitly mark it as draft: <https://github.blog/2019-02-14-introducing-draft-pull-requests/>

Unfortunately you can't re-set a real PR back to draft state

view this post on Zulip James Berry (Apr 02 2020 at 06:37):

Vadim Peretokin said:

Ah there is a separate dropdown button when submitting a pull request to explicitly mark it as draft: <https://github.blog/2019-02-14-introducing-draft-pull-requests/>

Unfortunately you can't re-set a real PR back to draft state

should I just close it? Actually, I don't think it is a real problem - it can just stay there until we think it's ready. I don't see it causing any problem even if merged because it build infrastructure in parallel - or nothing at all until the prerequisites are met. Meanwhile I can keep developed the code in my fork.

view this post on Zulip Vadim Peretokin (Apr 02 2020 at 07:24):

It's no problem at all, keep it as it is. Just something for the future

view this post on Zulip Grahame Grieve (Apr 02 2020 at 11:03):

@James Berry maybe we should do a zoom call so you can walk me through this?

view this post on Zulip James Berry (Apr 02 2020 at 22:00):

Grahame Grieve said:

James Berry maybe we should do a zoom call so you can walk me through this?

Ready when you are - you'll have to invite me I think as I don't have an account but can join

view this post on Zulip James Berry (Apr 10 2020 at 11:04):

Vadim Peretokin said:

It's no problem at all, keep it as it is. Just something for the future

https://github.blog/changelog/2020-04-08-convert-pull-request-to-draft/

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -