Do you use or administer OpenEMR? Take the General Satisfaction Survey to help improve the product

Environment Settings for Docker

Continuing the discussion from OpenEMR Official Docker has been released!:

Hello,

The Docker documentation states the following:

  1. “OpenEMR global settings can be set via the OPENEMR_SETTING_* settings. For example, can turn on the REST API in OpenEMR by setting OPENEMR_SETTING_rest_api to 1 . There are hundreds of potential settings, which are listed here.”
  2. “Can set up connection to a redis server for PHP sessions with the REDIS_SERVER environment setting. This only works for the 5.0.2+ and flex* images at this time.”

How exactly do we set these environment variables? I would A. like to spin up an OpenEMR instance with all my globals preset, for easy redeployment, and B. use my Redis container.

Thanks!
Venu

Hi, Venu.

Take a look at openemr/docker-compose.yml at master · openemr/openemr · GitHub , our suggested production docker-compose file. Setting the environment variables here will let the container see them when it spins up. Check the other orchestration files in the parent directory for examples of more complex configurations.

hi @vrjula ,
redis setting example: openemr/docker-compose.yml at master · openemr/openemr · GitHub
global setting examples: openemr/docker-compose.yml at master · openemr/openemr · GitHub

@jesdynf and @brady.miller, the thing I’m having quite a bit of difficulty with is getting the Hylafax interface to work from within the container. I had been able to use the Hylafax interface quite well (with some customization of faxq.php, fax_view.php, and fax_dispatch.php which I never finished submitting to the community but will circle back to at some point) with OpenEMR on bare metal – but not so here. I felt close to the finish line but now feel close to abandoning ship. Perhaps you can talk me back from walking off the plank!

My general setup before:

  1. OpenEMR on Ubuntu 18.04
  2. Two independent clinics with multi-site setup
  3. Hylafax server on same machine as OpenEMR
  4. 2-line Mainpine modem on machine
  5. Customization of faxing php files so that incoming faxes for one clinic get put in the archives folder, which then gets called by faxstat -a instead of -r for presentation on the interface (I used SESSION[‘site_id’] to help make the switch).

Using containers currently:

  1. Two openemr containers, one for each clinic (I felt like separating them, since it was so easy for me to deploy them independently and access them through different ports). Platform is Debian 10.
  2. The Debian 10 machine has no modem port for Mainpine modem. So Hylafax server is on a different machine in the same network.
  3. That different machine has openemr containers for the two clinics running as well. The idea was to mirror the instances, for physical redundancy. (The Hylafax server machine is much slower, so I want it to be the backup).

So far so good. The problem is the Hylafax interface. Everything works through faxstat calls. I installed Hylafax INSIDE the containers to get faxstat, and faxstat works when called from containers on the SAME machine as the Hylafax server. But it hangs when called from containers on the DIFFERENT machine. Output from faxstat -v:

Trying 192.168.10.28 [2] (192.168.10.28) at port 4559…
Connected to 192.168.10.28.
220 openemrhost server (HylaFAX ™ Version 7.0.3) ready.
-> USER root
230 User root logged in.
-> MDMFMT
200 Modem %m (%n): %s
-> EPRT |1|192.168.250.4|42835|
200 EPRT command successful.
-> LIST status

It just hangs there and times out. The strace output says this:

read(3, “425 Cannot build data connection”…, 1024) = 57
writev(1, [{iov_base=“425 Cannot build data connection”…, iov_len=55}, {iov_base="\n", iov_len=1}], 2) = 56

The only difference from one machine to the other is that I’m using a Docker socket proxy on the one that’s not working. I tried to run again on that machine without using the socket proxy, but that didn’t fix the problem.

My questions:

  1. What could be going on with above?
  2. Enscript doesn’t exist in the openemr container. With all these missing dependencies (faxstat, enscript,etc.), must I end up needing to learn how to build my own custom image to get all this to work and easily deploy?
  3. My custom solution for separation of faxes via site_id is now broken, since site_id is default for both. They come through different modem devices, so is that a variable I can use to separate?
  4. Related question: is there ONE place where I can see all the different environment variables used in OpenEMR? That gets back to the original thread.

Apologize for the long-windedness, but would appreciate guidance. I need to get faxes working again before the people who rely on the EMR hurt me. : )

–Venu

Hi, Venu.

It sounds like you’ve got a fairly complicated networking situation going. My hunch is that if it all works on the same machine, this isn’t an OpenEMR-specific problem. I’d consider pulling a tool like nmap out and proving that the ports you expect to be open are open, both locally and across the network.

As for building an image with HylaFax onboard, I could easily see that as being worthwhile. Two options suggest themselves – either modifying our production Docker (see openemr-devops/docker/openemr at master · openemr/openemr-devops · GitHub ) or extending the one from the hub. The latter will prove easier, if it works.

Thank for the advice, @jesdynf. You’re right, it’s not an OpenEMR-specific problem. It had to do with ports that actively/passively open up when doing faxstat calls with Hylafax (it basically does it like ftp) not syncing up. I brought down the entire firewalls on both ends, but it still didn’t work. It seems Docker does not play easy with networking (at least, not for me, on this project).

I decided to change direction and use Proxmox to virtualize OpenEMR. Now I have an instance (non-Docker) running in a LXC container, and I can now just clone the whole thing for backups and redeployments from one machine to the other.

In the end, dockerizing the deployment proved too unwieldy for me. Which defeats the whole point of Docker, yes? I also worry a bit about security and Docker. At least now I have OpenEMR running in an unprivileged container. I may even want to deploy it in its own VM, to isolate it even further. I could be wrong, but this seems more secure than Docker.

Thanks again,
Venu

Hi, Venu.

I wouldn’t call it insecure, but a fully virtualized environment may better suit you than a lighter-weight container, certainly – and I can certainly understand something being grabby with ports as a poor fit for Docker. My advice would be to take a look at our Dockerfiles, just to make sure that you have a chance to see what we thought was best-practice for an installation, and what you should mirror in your own work.

That said, I haven’t encountered Proxmox before, and any notes you have about how you set things up with it would be really appreciated. Glad it worked out!