Sometimes I get the site_id thing when I’m building a bunch of machines and trying new things and I still don’t get why. One login then womp-womp, just as you describe. I don’t get it when I log in with incognito and nobody else gripes so I assume there’s just something awful going on with my browser that cookie-clearing would help with.
AWS buckets are used for daily backups. Work to use S3 for first-class patient document storage is ongoing.
You’d get SSL in four ways:
- The OpenEMR container is an Apache container. Add SSL certs and configuration to it and bounce it.
- If your DNS is already correctly configured, add
DOMAINandEMAILenvironment variables to your docker-compose file and re-upthe stack to ask LEt’s Encrypt to acquire and install a cert for you. - Add a new container to the stack just to handle SSL (like https://github.com/fsouza/docker-ssl-proxy) and reverse-proxy it.
- Use a Google loadbalancer that supports SSL (something akin to Amazon’s Application Load Balancer).
You won’t be able to create a new docker container without a fresh DB, that’s correct. However, changing the version of the container in your docker-compose file (from 7.0.0 to 7.0.1, say, when the time comes) and rerunning your up will load in a new version of our container, and our containers handle database upgrades as part of the patching process.
Finally, a warning – OpenEMR Standard has spent a lot of time on the concept of HIPAA eligibility, including things like making sure we’ve got audit trails, making sure to use a unique, managed encryption key as part of that audit, and going to a lot of trouble to ensure that all of our data is encrypted at rest and in motion. If I had to guess you’re most likely to run into trouble with your SQL connection not being secure because it’s not using the SSL certificate it could be using. Please consider carefully reviewing all the parts of openemr-devops/packages/standard at master · openemr/openemr-devops · GitHub , especially including the scripts and the Python stackbuilder file, because it’s a long list of all the steps I thought were necessary for HIPAA eligibility in AWS and you may find it helpful to think about the kinds of problems I was trying to solve (and the hooks we developed to help solve them, like where you should put a SQL server’s SSL certificate for it to get found).