From b95ea5de25f5eb54c138ac4423f05ab01f4e6d32 Mon Sep 17 00:00:00 2001 From: Siddharth Vaish Date: Fri, 20 Dec 2024 18:39:26 +0530 Subject: [PATCH 1/6] OZ-735: Add Dockerfile and github workflow --- .github/workflows/build.yml | 18 ++++++++++++++++++ .gitignore | 2 ++ Dockerfile | 32 ++++++++++++++++++++++++++++++++ 3 files changed, 52 insertions(+) create mode 100644 .github/workflows/build.yml create mode 100644 .gitignore create mode 100644 Dockerfile diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..219da97 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,18 @@ +name: CI + +on: + push: + branches: [main] + release: + types: [published] + +jobs: + docker-release: + uses: mekomsolutions/shared-github-workflow/.github/workflows/docker-build-publish.yml@main + with: + download-artifacts: false + image-name: "orthanc" + image-version: "dev" + secrets: + DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_REGISTRY_USERNAME }} + DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_REGISTRY_PASSWORD }} \ No newline at end of file diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..8cd0df3 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.vscode +.idea \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..fda9dae --- /dev/null +++ b/Dockerfile @@ -0,0 +1,32 @@ +# Use the base Orthanc plugins image +FROM jodogne/orthanc-plugins:latest + +RUN apt-get update && apt-get install -y openjdk-17-jdk cmake build-essential python3 unzip libjsoncpp-dev \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +ENV JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64 + +WORKDIR /home/root/ +RUN wget -qO- https://orthanc.uclouvain.be/downloads/sources/orthanc-java/OrthancJava-1.0.tar.gz | tar xvz + +WORKDIR /home/root/OrthancJava-1.0 +RUN mkdir BuildPlugin && \ + cd BuildPlugin && \ + cmake ../Plugin -DCMAKE_BUILD_TYPE=Release && \ + make + +WORKDIR /home/root/OrthancJava-1.0 +RUN mkdir BuildJavaSDK && \ + cd BuildJavaSDK && \ + cmake ../JavaSDK && \ + make + +WORKDIR /home/root/ +RUN wget https://orthanc.uclouvain.be/downloads/cross-platform/orthanc-java/mainline/OrthancFHIR.jar + +# Expose Orthanc default port +EXPOSE 4242 8042 + +ENV LD_PRELOAD=/usr/lib/jvm/java-17-openjdk-amd64/lib/server/libjvm.so +ENTRYPOINT ["/usr/local/sbin/Orthanc"] \ No newline at end of file From bd7bcdc7db94540bbea0079eb17c8935d9d3fa23 Mon Sep 17 00:00:00 2001 From: Siddharth Vaish Date: Fri, 20 Dec 2024 18:43:41 +0530 Subject: [PATCH 2/6] Add readme --- README.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..892ad11 --- /dev/null +++ b/README.md @@ -0,0 +1,14 @@ +

+ Ozone +

+ +

The Instant HIS

+ +

+ Welcome to Ozone's open-source repositories! +
Engage with the Ozone community and access useful resources below: +

+ +

+ Docs    •    Forum    •    Chat Room +

From 26d65a168082bca7cc569b73caa90b8ddc7de200 Mon Sep 17 00:00:00 2001 From: Siddharth Vaish Date: Fri, 20 Dec 2024 19:02:55 +0530 Subject: [PATCH 3/6] Add orthanc config and docker-compose.yml --- docker-compose.yml | 28 ++ orthanc.json | 1007 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 1035 insertions(+) create mode 100644 docker-compose.yml create mode 100644 orthanc.json diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..672ac58 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,28 @@ +version: "3.8" + +services: + orthanc: + command: /run/secrets/ + secrets: + - orthanc.json + build: + context: ./ + image: sidvaish97/orthanc_test:v1.0 + platform: linux/amd64 + restart: always + environment: + - ORTHANC_NAME=Orthanc + - ORTHANC_AUTHENTICATION=keycloak + - KEYCLOAK_REALM=orthanc + - KEYCLOAK_CLIENT_ID=orthanc + volumes: + - orthanc-db:/var/lib/orthanc/db + ports: + - "8889:8042" + +secrets: + orthanc.json: + file: orthanc.json + +volumes: + orthanc-db: \ No newline at end of file diff --git a/orthanc.json b/orthanc.json new file mode 100644 index 0000000..3f109bb --- /dev/null +++ b/orthanc.json @@ -0,0 +1,1007 @@ +{ + /** + * General configuration of Orthanc + * + * As a general recommendation, you should always favour absolute + * paths when you need to provide a path to a file or a directory. + * This is not done in this configuration file since we don't know + * where Orthanc is going to be installed. + **/ + + // The logical name of this instance of Orthanc. This one is + // displayed in Orthanc Explorer and at the URI "/system". + "Name" : "Orthanc inside Docker", + + // Path to the directory that holds the heavyweight files (i.e. the + // raw DICOM instances). Backslashes must be either escaped by + // doubling them, or replaced by forward slashes "/". + "StorageDirectory" : "/var/lib/orthanc/db", + + // Path to the directory that holds the SQLite index (if unset, the + // value of StorageDirectory is used). This index could be stored on + // a RAM-drive or a SSD device for performance reasons. + "IndexDirectory" : "/var/lib/orthanc/db", + + // Path to the directory where Orthanc stores its large temporary + // files. The content of this folder can be safely deleted once + // Orthanc is stopped. The folder must exist. The corresponding + // filesystem must be properly sized, given that for instance a ZIP + // archive of DICOM images created by a job can weight several GBs, + // and that there might be up to "min(JobsHistorySize, + // MediaArchiveSize)" archives to be stored simultaneously. If not + // set, Orthanc will use the default temporary folder of the + // operating system (such as "/tmp/" on UNIX-like systems, or + // "C:/Temp" on Microsoft Windows). + // "TemporaryDirectory" : "/tmp/Orthanc/", + + // Enable the transparent compression of the DICOM instances + "StorageCompression" : false, + + // Maximum size of the storage in MB (a value of "0" indicates no + // limit on the storage size) + "MaximumStorageSize" : 0, + + // Maximum number of patients that can be stored at a given time + // in the storage (a value of "0" indicates no limit on the number + // of patients) + "MaximumPatientCount" : 0, + + // Action to take when the maximum storage is reached. + // By default, the patients are recycled ("Recycle" mode). + // In "Reject" mode, the sender will receive a 0xA700 DIMSE status code + // if the instance was sent through C-Store, a 507 HTTP status code + // if using the REST API and a 0xA700 Failure reason when using + // DicomWeb Stow-RS. + // Note: this value is taken into account only if you have set + // a MaximumStorageSize != 0 or a MaximumPatientCount != 0 + // Allowed values: "Recycle", "Reject" + // (new in Orthanc 1.11.2) + "MaximumStorageMode" : "Recycle", + + // Maximum size of the storage cache in MB. The storage cache + // is stored in RAM and contains a copy of recently accessed + // files (written or read). A value of "0" indicates the cache + // is disabled. (new in Orthanc 1.10.0) + "MaximumStorageCacheSize" : 128, + + // List of paths to the custom Lua scripts that are to be loaded + // into this instance of Orthanc + "LuaScripts" : [ + ], + + // The period (in seconds) between 2 calls of the "OnHeartBeat" + // lua callback. O means the heart beat is disabled. + // TODO: text below for Orthanc book: + // Note: that the period is actually not the delay between + // the end of an execution and the triggering of the next one. + // Since there is only one lua context, if other lua code is being + // executed, the heart beat might be delayed even more. + "LuaHeartBeatPeriod" : 0, + + // List of paths to the plugins that are to be loaded into this + // instance of Orthanc (e.g. "./libPluginTest.so" for Linux, or + // "./PluginTest.dll" for Windows). These paths can refer to + // folders, in which case they will be scanned non-recursively to + // find shared libraries. Backslashes must be either escaped by + // doubling them, or replaced by forward slashes "/". + "Plugins" : [ + "/usr/share/orthanc/plugins", "/usr/local/share/orthanc/plugins", + "/home/root/OrthancJava-1.0/BuildPlugin/libOrthancJava.so" + ], + + "Java" : { + "Enabled" : true, + //"Classpath" : "/home/root/java/:/home/root/OrthancJava-1.0/BuildJavaSDK/OrthancJavaSDK.jar:.", + //"InitializationClass" : "HelloWorld" + "Classpath" : "/home/root/OrthancJava-1.0/BuildJavaSDK/OrthancJavaSDK.jar:/home/root/OrthancFHIR.jar", + "InitializationClass" : "Main" + }, + + // Maximum number of processing jobs that are simultaneously running + // at any given time. A value of "0" indicates to use all the + // available CPU logical cores. To emulate Orthanc <= 1.3.2, set + // this value to "1". + "ConcurrentJobs" : 2, + + // Defines the number of threads that are used to execute each type of + // jobs (for the jobs that can be parallelized). + // A value of "0" indicates to use all the available CPU logical cores. + // (new in Orthanc 1.11.3) + "JobsEngineThreadsCount" : { + "ResourceModification": 1 // for /anonymize, /modify + }, + + /** + * Configuration of the HTTP server + **/ + + // Enable the HTTP server. If this parameter is set to "false", + // Orthanc acts as a pure DICOM server. The REST API and Orthanc + // Explorer will not be available. + "HttpServerEnabled" : true, + + // Enable/disable the Orthanc Explorer Web user interface. This + // option is only meaningful if the "HttpServerEnabled" option is + // set to "true" (new in Orthanc 1.8.2). + "OrthancExplorerEnabled" : true, + + // HTTP port for the REST services and for the GUI + "HttpPort" : 8042, + + // When the following option is "true", if an error is encountered + // while calling the REST API, a JSON message describing the error + // is put in the HTTP answer. This feature can be disabled if the + // HTTP client does not properly handles such answers. + "HttpDescribeErrors" : true, + + // Enable HTTP compression to improve network bandwidth utilization, + // at the expense of more computations on the server. Orthanc + // supports the "gzip" and "deflate" HTTP encodings. + // When working on a LAN or on localhost, you should typically set + // this configuration to false while when working on low-bandwidth, + // you should set it to true. + // Note in versions up to 1.12.1, the default value was "true" and is + // "false" since 1.12.2. + "HttpCompressionEnabled" : false, + + // Enable the publication of the content of the Orthanc server as a + // WebDAV share (new in Orthanc 1.8.0). On the localhost, the WebDAV + // share is mapped as "http://localhost:8042/webdav/". + "WebDavEnabled" : true, + + // Whether to allow deletions through the WebDAV share. This is + // disabled by default to avoid accidental loss of DICOM instances. + "WebDavDeleteAllowed" : false, + + // Whether to allow uploads through the WebDAV share. + "WebDavUploadAllowed" : true, + + + + /** + * Configuration of the DICOM server + **/ + + // Enable the DICOM server. If this parameter is set to "false", + // Orthanc acts as a pure REST server. It will not be possible to + // receive files or to do query/retrieve through the DICOM protocol. + "DicomServerEnabled" : true, + + // The DICOM Application Entity Title (cannot be longer than 16 + // characters) + "DicomAet" : "ORTHANC", + + // Check whether the called AET corresponds to the AET of Orthanc + // during an incoming DICOM SCU request + "DicomCheckCalledAet" : false, + + // The DICOM port + "DicomPort" : 4242, + + // The default encoding that is assumed for DICOM files without + // "SpecificCharacterSet" DICOM tag, and that is used when answering + // C-FIND requests (including worklists). The allowed values are + // "Ascii", "Utf8", "Latin1", "Latin2", "Latin3", "Latin4", + // "Latin5", "Cyrillic", "Windows1251", "Arabic", "Greek", "Hebrew", + // "Thai", "Japanese", "Chinese", "JapaneseKanji", "Korean", and + // "SimplifiedChinese". + "DefaultEncoding" : "Latin1", + + // The transfer syntaxes that are accepted by Orthanc C-STORE SCP. + // This is an array listing the accepted transfer syntax UIDs. Each + // entry can contain wildcards ("?" or "*"). By default, all the + // known transfer syntaxes are accepted. (new in Orthanc 1.9.0) + "AcceptedTransferSyntaxes" : [ "1.2.840.10008.1.*" ], + + // User-friendly groups of transfer syntaxes that can be enabled or + // disabled at once. These options are applied after the main + // "AcceptedTransferSyntaxes" option has been applied (if present). + /** + "DeflatedTransferSyntaxAccepted" : true, + "JpegTransferSyntaxAccepted" : true, + "Jpeg2000TransferSyntaxAccepted" : true, + "JpegLosslessTransferSyntaxAccepted" : true, + "JpipTransferSyntaxAccepted" : true, + "Mpeg2TransferSyntaxAccepted" : true, + "RleTransferSyntaxAccepted" : true, + "Mpeg4TransferSyntaxAccepted" : true, // New in Orthanc 1.6.0 + "H265TransferSyntaxAccepted" : true, // New in Orthanc 1.9.0 + **/ + + // Whether Orthanc accepts to act as C-STORE SCP for unknown storage + // SOP classes (aka. "promiscuous mode") + "UnknownSopClassAccepted" : false, + + // Set the timeout (in seconds) after which the DICOM associations + // are closed by the Orthanc SCP (server) if no further DIMSE + // command is received from the SCU (client). + // A value of 0 means "no timeout". + "DicomScpTimeout" : 30, + + + + /** + * Security-related options for the HTTP server + **/ + + // Whether remote hosts can connect to the HTTP server + "RemoteAccessAllowed" : true, + + // Whether or not SSL is enabled + "SslEnabled" : false, + + // Path to the SSL certificate used by the HTTP server. The file + // must be stored in the PEM format, and must contain both the + // certificate and the private key. This option is only meaningful + // if "SslEnabled" is true. + "SslCertificate" : "certificate.pem", + + // Sets the minimum accepted SSL protocol version for the HTTP server + // (cf. "ssl_protocol_version" option of civetweb). By default, + // require TLS 1.2 or 1.3. This option is only meaningful if "SslEnabled" + // is true. (new in Orthanc 1.8.2) + // + // Value => Protocols + // 0 SSL2+SSL3+TLS1.0+TLS1.1+TLS1.2+TLS1.3 + // 1 SSL3+TLS1.0+TLS1.1+TLS1.2+TLS1.3 + // 2 TLS1.0+TLS1.1+TLS1.2+TLS1.3 + // 3 TLS1.1+TLS1.2+TLS1.3 + // 4 TLS1.2+TLS1.3 + // 5 TLS1.3 + "SslMinimumProtocolVersion" : 4, + + // Set the accepted ciphers for SSL connections for the HTTP server. + // The ciphers must be provided as a list of strings. If not set, + // this will default to FIPS 140-2 ciphers. This option is only + // meaningful if "SslEnabled" is true. (new in Orthanc 1.8.2) + /** + "SslCiphersAccepted" : [ "AES128-GCM-SHA256" ], + **/ + + // Whether or not peer client certificates shall be checked. This + // option is only meaningful if "SslEnabled" is true. + "SslVerifyPeers" : false, + + // Path to a file containing the concatenation of the client SSL + // certificate(s) that are trusted to verify the identity of remote + // HTTP clients. The individual certificate(s) or root CAs must be + // stored in the PEM format. This option is only meaningful + // if "SslVerifyPeers" is true. + "SslTrustedClientCertificates" : "trustedClientCertificates.pem", + + // Whether or not the password protection is enabled (using HTTP + // basic access authentication). Starting with Orthanc 1.5.8, if + // "AuthenticationEnabled" is not explicitly set, authentication is + // enabled iff. remote access is allowed (i.e. the default value of + // "AuthenticationEnabled" equals that of "RemoteAccessAllowed"). + /** + "AuthenticationEnabled" : true, + **/ + + // The list of the registered users. Because Orthanc uses HTTP + // Basic Authentication, the passwords are stored as plain text. + "RegisteredUsers" : { + // "alice" : "alicePassword" + }, + + + + /** + * Security-related options for the DICOM connections (SCU/SCP) + **/ + + // Whether DICOM TLS is enabled in the Orthanc SCP (new in Orthanc 1.9.0) + "DicomTlsEnabled" : false, + + // Path to the TLS certificate file (in PEM format) to be used for + // both Orthanc SCP (incoming DICOM connections) and Orthanc SCU + // (outgoing DICOM connections). Note that contrarily to the + // "SslCertificate" option, the certificate and its private key must + // be split into two separate files. (new in Orthanc 1.9.0) + /** + "DicomTlsCertificate" : "orthanc.crt", + **/ + + // Path to the file containing the private key (in PEM format) that + // corresponds to the TLS certificate specified in option + // "DicomTlsCertificate". (new in Orthanc 1.9.0) + /** + "DicomTlsPrivateKey" : "orthanc.key", + **/ + + // Path to a file containing all the TLS certificates that Orthanc + // can trust, both for its SCP (incoming DICOM connections) and SCU + // (outgoing DICOM connections). This file must contain a sequence + // of PEM certificates. (new in Orthanc 1.9.0) + /** + "DicomTlsTrustedCertificates" : "trusted.crt", + **/ + + // Whether Orthanc rejects DICOM TLS connections to/from remote + // modalities that do not provide a certificate. Setting this option + // to "true" (resp. "false") corresponds to "--require-peer-cert" + // (resp. "--ignore-peer-cert") in the DCMTK command-line + // tools. (new in Orthanc 1.9.3) + // Once you set this configuration to true, you must provide a list of + // trusted certificates in DicomTlsTrustedCertificates. + "DicomTlsRemoteCertificateRequired" : true, + + // Sets the minimum accepted TLS protocol version for the DICOM server + // By default, require TLS 1.2 or 1.3. This option is only meaningful + // if "DicomTlsEnabled" is true (new in Orthanc 1.12.4). + // Note that, internally, Orthanc is configured to use the BCP195 profile + // by default. As soon as you switch to another protocol version, you + // must also provide the list of supported cipher suites. + // This configuration applies to Orthanc acting both as SCU and SCP. + // Value => Protocols + // 0 use default BCP 195 profile and default cipher suites + // 1 SSL3+TLS1.0+TLS1.1+TLS1.2+TLS1.3 + // 2 TLS1.0+TLS1.1+TLS1.2+TLS1.3 + // 3 TLS1.1+TLS1.2+TLS1.3 + // 4 TLS1.2+TLS1.3 + // 5 TLS1.3 + "DicomTlsMinimumProtocolVersion" : 0, + + // Set the accepted ciphers for TLS connections for the DICOM server. + // The ciphers must be provided as a list of strings. If not set, + // this will default to BCP195 ciphers if DicomTlsMinimumProtocolVersion is 0 + // or to an empty list for other values. This option is only + // meaningful if "DicomTlsEnabled" is true. (new in Orthanc 1.12.4). + // This configuration must be provided if DicomTlsMinimumProtocolVersion != 0. + // The list of valid cipher names are available in + // https://www.openssl.org/docs/man3.3/man1/openssl-ciphers.html + // The OpenSSL names are used. + /** + "DicomTlsCiphersAccepted" : [] + **/ + + // Whether the Orthanc SCP allows incoming C-ECHO requests, even + // from SCU modalities it does not know about (i.e. that are not + // listed in the "DicomModalities" option above). Orthanc 1.3.0 + // is the only version to behave as if this argument were set to "false". + "DicomAlwaysAllowEcho" : true, + + // Whether the Orthanc SCP allows incoming C-STORE requests, even + // from SCU modalities it does not know about (i.e. that are not + // listed in the "DicomModalities" option above) + "DicomAlwaysAllowStore" : true, + + // Whether the Orthanc SCP allows incoming C-FIND requests, even + // from SCU modalities it does not know about (i.e. that are not + // listed in the "DicomModalities" option above). Setting this + // option to "true" implies security risks. (new in Orthanc 1.9.0) + // Note: From Orthanc 1.10.0, this option only applies to C-FIND + // requests for patients/studies/series/instances. Use option + // "DicomAlwaysAllowFindWorklist" for worklists. + "DicomAlwaysAllowFind" : false, + + // Whether the Orthanc SCP allows incoming C-FIND requests for worklists, + // even from SCU modalities it does not know about (i.e. that are not + // listed in the "DicomModalities" option above). Setting this + // option to "true" implies security risks. (new in Orthanc 1.10.0) + "DicomAlwaysAllowFindWorklist" : false, + + // Whether the Orthanc SCP allows incoming C-GET requests, even + // from SCU modalities it does not know about (i.e. that are not + // listed in the "DicomModalities" option above). Setting this + // option to "true" implies security risks. (new in Orthanc 1.9.0) + "DicomAlwaysAllowGet" : false, + + // Whether the Orthanc SCP allows incoming C-MOVE requests, even + // from SCU modalities it does not know about (i.e. that are not + // listed in the "DicomModalities" option above). Setting this + // option to "true" implies security risks. (new in Orthanc 1.9.7) + "DicomAlwaysAllowMove" : false, + + // Whether Orthanc checks the IP/hostname address of the remote + // modality initiating a DICOM connection (as listed in the + // "DicomModalities" option above). If this option is set to + // "false", Orthanc only checks the AET of the remote modality. + "DicomCheckModalityHost" : false, + + + + /** + * Network topology + **/ + + // The list of the known DICOM modalities. This option is ignored if + // "DicomModalitiesInDatabase" is set to "true", in which case you + // must use the REST API to define modalities. + "DicomModalities" : { + /** + * Uncommenting the following line would enable Orthanc to + * connect to an instance of the "storescp" open-source DICOM + * store (shipped in the DCMTK distribution), as started by the + * command line "storescp 2000". The first parameter is the + * AET of the remote modality (cannot be longer than 16 + * characters), the second one is the remote network address, + * and the third one is the TCP port number corresponding + * to the DICOM protocol on the remote modality (usually 104). + **/ + // "sample" : [ "STORESCP", "127.0.0.1", 2000 ] + + /** + * A fourth parameter is available to enable patches for + * specific PACS manufacturers. The allowed values are currently: + * - "Generic" (default value), + * - "GenericNoWildcardInDates" (to replace "*" by "" in date fields + * in outgoing C-FIND requests originating from Orthanc), + * - "GenericNoUniversalWildcard" (to replace "*" by "" in all fields + * in outgoing C-FIND SCU requests originating from Orthanc), + * - "Vitrea", + * - "GE" (Enterprise Archive, MRI consoles and Advantage Workstation + * from GE Healthcare). + * + * This parameter is case-sensitive. + **/ + // "vitrea" : [ "VITREA", "192.168.1.1", 104, "Vitrea" ] + + /** + * By default, the Orthanc SCP accepts all DICOM commands (C-ECHO, + * C-STORE, C-FIND, C-MOVE, C-GET and storage commitment) issued by the + * registered remote SCU modalities. Starting with Orthanc 1.5.0, + * it is possible to specify which DICOM commands are allowed, + * separately for each remote modality, using the syntax + * below. + * + * The "AllowEcho" (resp. "AllowStore") option only has an effect + * respectively if global option "DicomAlwaysAllowEcho" + * (resp. "DicomAlwaysAllowStore") is set to "false". + * + * Starting with Orthanc 1.7.0, "AllowTranscoding" can be used to + * disable the transcoding to uncompressed transfer syntaxes if + * this remote modality doesn't support compressed transfer + * syntaxes. This option currently applies to Orthanc C-GET SCP + * and to Orthanc C-STORE SCU. This option only has an effect if + * the global option "EnableTranscoding" is set to "true". + * + * By default, all "Allow*" options are true. + * "AllowStorageCommitment" is actually an alias for + * "AllowNAction" & "AllowEventReport". + * + * The "UseDicomTls" option specifies whether DICOM TLS should be + * used when opening a SCU connection from Orthanc to this remote + * modality. By default, DICOM TLS is not enabled. + * + * The "LocalAet" option allows one to overwrite the global + * "DicomAet" configuration option in order to specify another AET + * for Orthanc when initiating an SCU to this very specific + * modality. Similarly, "Timeout" allows one to overwrite the + * global value "DicomScuTimeout" on a per-modality basis. + **/ + //"untrusted" : { + // "AET" : "ORTHANC", + // "Port" : 104, + // "Host" : "127.0.0.1", + // "Manufacturer" : "Generic", + // "AllowEcho" : false, + // "AllowFind" : false, + // "AllowFindWorklist" : false, // new in 1.10.0 + // "AllowGet" : false, + // "AllowMove" : false, + // "AllowStore" : true, + // "AllowStorageCommitment" : false, // new in 1.6.0 + // "AllowTranscoding" : true, // new in 1.7.0 + // "UseDicomTls" : false, // new in 1.9.0 + // "LocalAet" : "HELLO", // new in 1.9.0 + // "Timeout" : 60 // new in 1.9.1 + //} + }, + + // Whether to store the DICOM modalities in the Orthanc database + // instead of in this configuration file (new in Orthanc 1.5.0) + "DicomModalitiesInDatabase" : false, + + // Whether the C-ECHO SCU is automatically followed by a C-FIND SCU, + // while testing the connectivity from Orthanc to a remote DICOM + // modality. This allows one to check that the remote modality does + // accept C-FIND requests from Orthanc (new in Orthanc 1.8.1). + "DicomEchoChecksFind" : false, + + // The timeout (in seconds) after which the DICOM associations are + // considered as closed by the Orthanc SCU (client) if the remote + // DICOM SCP (server) does not answer. + // A value of 0 means "no timeout". + "DicomScuTimeout" : 10, + + // During a C-STORE SCU request initiated by Orthanc, if the remote + // modality doesn't support the original transfer syntax of some + // DICOM instance, specify which transfer syntax should be preferred + // to transcode this instance (provided the remote modality accepts + // this syntax). In Orthanc between 1.7.0 and 1.8.2, this parameter + // was implicitly set to "Little Endian Implicit" + // (1.2.840.10008.1.2). In Orthanc <= 1.6.1 and in Orthanc >= 1.9.0, + // this parameter is by default set to "Little Endian Explicit" + // (1.2.840.10008.1.2.1). This parameter can possibly correspond to + // a compressed transfer syntax. (new in Orthanc 1.9.0) + "DicomScuPreferredTransferSyntax" : "1.2.840.10008.1.2.1", + + // Number of threads that are used by the embedded DICOM server. + // This defines the number of concurrent DICOM operations that can + // be run when Orthanc is acting as SCP. + // Note: This is not limiting the number of concurrent connections + // but the number of concurrent DICOM operations. + // E.g, with a single thread, if a C-Find is received during + // e.g the transcoding of an incoming C-Store, the C-Find will + // be processed only at the end of the C-Store operation but both + // DICOM assocations will remain active. + // (new in Orthanc 1.10.0, before this version, the value was + // fixed to 4) + "DicomThreadsCount" : 4, + + // The list of the known Orthanc peers. This option is ignored if + // "OrthancPeersInDatabase" is set to "true", in which case you must + // use the REST API to define Orthanc peers. + "OrthancPeers" : { + /** + * Each line gives the base URL of an Orthanc peer, possibly + * followed by the username/password pair (if the password + * protection is enabled on the peer). + **/ + // "peer" : [ "http://127.0.0.1:8043/", "alice", "alicePassword" ] + // "peer2" : [ "http://127.0.0.1:8044/" ] + + /** + * This is another, more advanced format to define Orthanc + * peers. It notably allows one to specify HTTP headers, a HTTPS + * client certificate in the PEM format (as in the "--cert" option + * of curl), or to enable PKCS#11 authentication for smart cards. + * + * The "Timeout" option allows one to overwrite the global value + * "HttpTimeout" on a per-peer basis. + **/ + // "peer" : { + // "Url" : "http://127.0.0.1:8043/", + // "Username" : "alice", + // "Password" : "alicePassword", + // "HttpHeaders" : { "Token" : "Hello world" }, + // "CertificateFile" : "client.crt", + // "CertificateKeyFile" : "client.key", + // "CertificateKeyPassword" : "certpass", + // "Pkcs11" : false, + // "Timeout" : 42 // New in Orthanc 1.9.1 + // } + }, + + // Whether to store the Orthanc peers in the Orthanc database + // instead of in this configuration file (new in Orthanc 1.5.0) + "OrthancPeersInDatabase" : false, + + // Parameters of the HTTP proxy to be used by Orthanc. If set to the + // empty string, no HTTP proxy is used. For instance: + // "HttpProxy" : "192.168.0.1:3128" + // "HttpProxy" : "proxyUser:proxyPassword@192.168.0.1:3128" + "HttpProxy" : "", + + // If set to "true", debug messages from libcurl will be issued + // whenever Orthanc makes an outgoing HTTP request. This is notably + // useful to debug HTTPS-related problems. + "HttpVerbose" : false, + + // Set the timeout for HTTP requests issued by Orthanc (in seconds). + "HttpTimeout" : 60, + + // Enable the verification of the peers during HTTPS requests. This + // option must be set to "false" if using self-signed certificates. + // Pay attention that setting this option to "false" results in + // security risks! + // Reference: http://curl.haxx.se/docs/sslcerts.html + "HttpsVerifyPeers" : true, + + // Path to the CA (certification authority) certificates to validate + // peers in HTTPS requests. From curl documentation ("--cacert" + // option): "Tells curl to use the specified certificate file to + // verify the peers. The file may contain multiple CA + // certificates. The certificate(s) must be in PEM format." On + // Debian-based systems, this option can be set to + // "/etc/ssl/certs/ca-certificates.crt" + "HttpsCACertificates" : "/etc/ssl/certs/ca-certificates.crt", + + + + /** + * Advanced options + **/ + + // Dictionary of symbolic names for the user-defined metadata. Each + // entry must map an unique string to an unique number between 1024 + // and 65535. Reserved values: + // - The Orthanc whole-slide imaging plugin uses metadata 4200 + "UserMetadata" : { + // "Sample" : 1024 + }, + + // Dictionary of symbolic names for the user-defined types of + // attached files. Each entry must map an unique string to an unique + // number between 1024 and 65535. Optionally, a second argument can + // provided to specify a MIME content type for the attachment. + "UserContentType" : { + // "sample" : 1024 + // "sample2" : [ 1025, "application/pdf" ] + }, + + // Number of seconds without receiving any instance before a + // patient, a study or a series is considered as stable. + "StableAge" : 60, + + // By default, Orthanc compares AET (Application Entity Titles) in a + // case-insensitive way. Setting this option to "true" will enable + // case-sensitive matching. + "StrictAetComparison" : false, + + // When the following option is "true", the MD5 of the DICOM files + // will be computed and stored in the Orthanc database. This + // information can be used to detect disk corruption, at the price + // of a small performance overhead. + "StoreMD5ForAttachments" : true, + + // The maximum number of results for a single C-FIND request at the + // Patient, Study or Series level. Setting this option to "0" means + // no limit. + "LimitFindResults" : 0, + + // The maximum number of results for a single C-FIND request at the + // Instance level. Setting this option to "0" means no limit. + "LimitFindInstances" : 0, + + // If this option is set to "true" (default behavior until Orthanc + // 1.3.2), Orthanc will log the resources that are exported to other + // DICOM modalities or Orthanc peers, inside the URI + // "/exports". Setting this option to "false" is useful to prevent + // the index to grow indefinitely in auto-routing tasks (this is the + // default behavior since Orthanc 1.4.0). + "LogExportedResources" : false, + + // Enable or disable HTTP Keep-Alive (persistent HTTP + // connections). Setting this option to "true" prevents Orthanc + // issue #32 ("HttpServer does not support multiple HTTP requests in + // the same TCP stream"), but can possibly slow down HTTP clients + // that do not support persistent connections. The default behavior + // used to be "false" in Orthanc <= 1.5.1. Setting this option to + // "false" is also recommended if Orthanc is compiled against + // Mongoose. + "KeepAlive" : true, + + // Defines the Keep-Alive timeout in seconds. + // (new in Orthanc 1.11.3) + "KeepAliveTimeout" : 1, + + // Enable or disable Nagle's algorithm. Only taken into + // consideration if Orthanc is compiled to use CivetWeb. Experiments + // show that best performance can be obtained by setting both + // "KeepAlive" and "TcpNoDelay" to "true". Beware however of + // caveats: https://eklitzke.org/the-caveats-of-tcp-nodelay + "TcpNoDelay" : true, + + // Number of threads that are used by the embedded HTTP server. + "HttpThreadsCount" : 50, + + // If this option is set to "false", Orthanc will run in index-only + // mode. The DICOM files will not be stored on the drive: Orthanc + // only indexes the small subset of the so-called "main DICOM tags" + // in its SQL database. Note that this option might prevent the + // upgrade to newer versions of Orthanc. Also note that this + // behavior might not be available with the storage area plugins. + "StoreDicom" : true, + + // DICOM associations initiated by Lua scripts are kept open as long + // as new DICOM commands are issued. This option sets the number of + // seconds of inactivity to wait before automatically closing a + // DICOM association used by Lua. If set to 0, the connection is + // closed immediately. This option is only used in Lua scripts. + "DicomAssociationCloseDelay" : 5, + + // Maximum number of query/retrieve DICOM requests that are + // maintained by Orthanc. The least recently used requests get + // deleted as new requests are issued. + "QueryRetrieveSize" : 100, + + // When handling a C-FIND SCP request, setting this flag to "true" + // will enable case-sensitive match for PN value representation + // (such as PatientName). By default, the search is + // case-insensitive, which does not follow the DICOM standard. + "CaseSensitivePN" : false, + + // Configure PKCS#11 to use hardware security modules (HSM) and + // smart cards when carrying on HTTPS client authentication. + /** + "Pkcs11" : { + "Module" : "/usr/local/lib/libbeidpkcs11.so", + "Module" : "C:/Windows/System32/beidpkcs11.dll", + "Pin" : "1234", + "Verbose" : true + } + **/ + + // If set to "false", Orthanc will not load its default dictionary + // of private tags. This might be necessary if you cannot import a + // DICOM file encoded using the Implicit VR Endian transfer syntax, + // and containing private tags: Such an import error might stem from + // a bad dictionary. You can still list your private tags of + // interest in the "Dictionary" configuration option below. + "LoadPrivateDictionary" : true, + + // Locale to be used by Orthanc. Currently, only used if comparing + // strings in a case-insensitive way. It should be safe to keep this + // value undefined, which lets Orthanc autodetect the suitable locale. + // "Locale" : "en_US.UTF-8", + + // Register a new tag in the dictionary of DICOM tags that are known + // to Orthanc. Each line must contain the tag (formatted as 2 + // hexadecimal numbers), the value representation (2 upcase + // characters), a nickname for the tag, possibly the minimum + // multiplicity (> 0 with defaults to 1), possibly the maximum + // multiplicity (0 means arbitrary multiplicity, defaults to 1), and + // possibly the Private Creator (for private tags). + // Note: For private tags, you should only declare the lower 8 bits + // of the element since the higher 8 bits may vary from one file to + // the other. + "Dictionary" : { + // "0014,1020" : [ "DA", "ValidationExpiryDate", 1, 1 ] + // "00e1,c2" : [ "UI", "PET-CT Multi Modality Name", 1, 1, "ELSCINT1" ] + // "7053,03" : [ "ST", "Original Image Filename", 1, 1, "Philips PET Private Group" ] + // "2001,5f" : [ "SQ", "StackSequence", 1, 1, "Philips Imaging DD 001" ] + }, + + // Load a set of external DICOM dictionaries in order to replace the + // default dictionaries. This option must contain a set of files in + // the DCMTK format. The order of the dictionaries *is* + // important. This option can be used to turn Orthanc into a DICONDE + // server. (new in Orthanc 1.9.4) + /** + "ExternalDictionaries" : [ + "/usr/share/libdcmtk12/dicom.dic", + "/usr/share/libdcmtk12/diconde.dic" + ] + **/ + + // Whether to run DICOM C-MOVE operations synchronously. If set to + // "false" (asynchronous mode), each incoming C-MOVE request results + // in the creation of a new background job. Up to Orthanc 1.3.2, the + // implicit behavior was to use synchronous C-MOVE ("true"). Between + // Orthanc 1.4.0 and 1.4.2, the default behavior was set to + // asynchronous C-MOVE ("false"). Since Orthanc 1.5.0, the default + // behavior is back to synchronous C-MOVE ("true", which ensures + // backward compatibility with Orthanc <= 1.3.2). + "SynchronousCMove" : true, + + // Maximum number of completed jobs that are kept in memory. A + // processing job is considered as complete once it is tagged as + // "Success" or "Failure". Since Orthanc 1.5.0, a value of "0" + // indicates to keep no job in memory (i.e. jobs are removed from + // the history as soon as they are completed), which prevents the + // use of some features of Orthanc (typically, synchronous mode in + // REST API) and should be avoided for non-developers. + "JobsHistorySize" : 10, + + // Whether to save the jobs into the Orthanc database. If this + // option is set to "true", the pending/running/completed jobs are + // automatically reloaded from the database if Orthanc is stopped + // then restarted (except if the "--no-jobs" command-line argument + // is specified). This option should be set to "false" if multiple + // Orthanc servers are using the same database (e.g. if PostgreSQL + // or MariaDB/MySQL is used). + "SaveJobs" : true, + + // Specifies how Orthanc reacts when it receives a DICOM instance + // whose SOPInstanceUID is already stored. If set to "true", the new + // instance replaces the old one. If set to "false", the new + // instance is discarded and the old one is kept. Up to Orthanc + // 1.4.1, the implicit behavior corresponded to "false". + "OverwriteInstances" : true, + + // Maximum number of ZIP/media archives that are maintained by + // Orthanc, as a response to the asynchronous creation of archives. + // The least recently used archives get deleted as new archives are + // generated. This option was introduced in Orthanc 1.5.0, and has + // no effect on the synchronous generation of archives. + "MediaArchiveSize" : 1, + + // Performance setting to specify how Orthanc accesses the storage + // area during find operations (C-FIND, /tools/find API route and + // QIDO-RS in dicom-web). Three modes are available: (1) "Always" + // allows Orthanc to read the storage area as soon as it needs an + // information that is not present in its database (slowest mode), + // (2) "Never" prevents Orthanc from accessing the storage area, and + // makes it uses exclusively its database (fastest mode), and (3) + // "Answers" allows Orthanc to read the storage area to generate its + // answers, but not to filter the DICOM resources (balance between + // the two modes). By default, the mode is "Always", which + // corresponds to the behavior of Orthanc <= 1.5.0. + "StorageAccessOnFind" : "Always", + + // Whether Orthanc monitors its metrics (new in Orthanc 1.5.4). If + // set to "true", the metrics can be retrieved at + // "/tools/metrics-prometheus" formetted using the Prometheus + // text-based exposition format. + "MetricsEnabled" : true, + + // Whether calls to URI "/tools/execute-script" is enabled. Starting + // with Orthanc 1.5.8, this URI is disabled by default for security. + "ExecuteLuaEnabled" : false, + + // Whether the REST API can write to the filesystem (e.g. in + // /instances/../export route). Starting with Orthanc 1.12.0, + // this URI is disabled by default for security. + "RestApiWriteToFileSystemEnabled": false, + + // Set the timeout while serving HTTP requests by the embedded Web + // server, in seconds. This corresponds to option + // "request_timeout_ms" of Mongoose/Civetweb. It will set the socket + // options "SO_RCVTIMEO" and "SO_SNDTIMEO" to the specified value. + "HttpRequestTimeout" : 30, + + // Set the default private creator that is used by Orthanc when it + // looks for a private tag in its dictionary (cf. "Dictionary" + // option), or when it creates/modifies a DICOM file (new in Orthanc 1.6.0). + "DefaultPrivateCreator" : "", + + // Maximum number of storage commitment reports (i.e. received from + // remote modalities) to be kept in memory (new in Orthanc 1.6.0). + "StorageCommitmentReportsSize" : 100, + + // Whether Orthanc transcodes DICOM files to an uncompressed + // transfer syntax over the DICOM protocol, if the remote modality + // does not support compressed transfer syntaxes (new in Orthanc 1.7.0). + "TranscodeDicomProtocol" : true, + + // If some plugin to decode/transcode DICOM instances is installed, + // this option specifies whether the built-in decoder/transcoder of + // Orthanc (that uses DCMTK) is applied before or after the plugins, + // or is not applied at all (new in Orthanc 1.7.0). The allowed + // values for this option are "After" (default value, corresponding + // to the behavior of Orthanc <= 1.6.1), "Before", or "Disabled". + "BuiltinDecoderTranscoderOrder" : "After", + + // If this option is set, Orthanc will transparently transcode any + // incoming DICOM instance to the given transfer syntax before + // storing it into its database. Beware that this might result in + // high CPU usage (if transcoding to some compressed transfer + // syntax), or in higher disk consumption (if transcoding to an + // uncompressed syntax). Also, beware that transcoding to a transfer + // syntax with lossy compression (notably JPEG) will change the + // "SOPInstanceUID" DICOM tag, and thus the Orthanc identifier at + // the instance level, which might break external workflow. + /** + "IngestTranscoding" : "1.2.840.10008.1.2", + **/ + + // Whether ingest transcoding is applied to incoming DICOM instances + // that have an uncompressed transfer syntax, i.e. Little Endian + // Implicit, Little Endian Explicit or Big Endian Explicit (new in + // Orthanc 1.8.2). + "IngestTranscodingOfUncompressed" : true, + + // Whether ingest transcoding is applied to incoming DICOM instances + // that have a compressed transfer syntax (new in Orthanc 1.8.2). + "IngestTranscodingOfCompressed" : true, + + // The compression level that is used when transcoding to one of the + // lossy/JPEG transfer syntaxes (integer between 1 and 100). + "DicomLossyTranscodingQuality" : 90, + + // Whether "fsync()" is called after each write to the storage area + // (new in Orthanc 1.7.4). If this option is set to "true", Orthanc + // will run more slowly, but the DICOM are guaranteed to be + // immediately written to the disk. This option only makes sense if + // the builtin filesystem storage area is used. It defaults to + // "false" in Orthanc <= 1.7.3, and to "true" in Orthanc >= 1.7.4. + "SyncStorageArea" : true, + + // If specified, on compatible systems, call "mallopt(M_ARENA_MAX, + // ...)" while starting Orthanc. This has the same effect at setting + // the environment variable "MALLOC_ARENA_MAX". This avoids large + // growth in RES memory if the threads of the embedded HTTP server + // have to allocate large chunks of memory (typically the case with + // large DICOM files). By setting "MallocArenaMax" to "N", these + // threads share "N" memory pools (known as "arenas"). Setting this + // option to "0" doesn't call mallopt()", which was the behavior of + // Orthanc <= 1.8.1. + "MallocArenaMax" : 5, + + // Deidentify/anonymize the contents of the logs (notably C-FIND, + // C-GET, and C-MOVE queries submitted to Orthanc) according to + // Table E.1-1 of the DICOM standard (new in Orthanc 1.8.2) + "DeidentifyLogs" : true, + + // If "DeidentifyLogs" is true, this sets the DICOM standard to + // follow for the deidentification/anonymization of the query + // contents. Possible values are "2008", "2017c", "2021b" (new + // in Orthanc 1.8.2), and "2023b" (new in Orthanc 1.12.1) + "DeidentifyLogsDicomVersion" : "2023b", + + // Maximum length of the PDU (Protocol Data Unit) in the DICOM + // network protocol, expressed in bytes. This value affects both + // Orthanc SCU and Orthanc SCP. It defaults to 16KB. The allowed + // range is [4096,131072]. (new in Orthanc 1.9.0) + "MaximumPduLength" : 16384, + + // Arbitrary identifier of this Orthanc server when storing its + // global properties if a custom index plugin is used. This + // identifier is only useful in the case of multiple + // readers/writers, in order to avoid collisions between multiple + // Orthanc servers. If unset, this identifier is taken as a SHA-1 + // hash derived from the MAC addresses of the network interfaces, + // and from the AET and TCP ports used by Orthanc. Manually setting + // this option is needed in Docker/Kubernetes environments. (new in + // Orthanc 1.9.2) + /** + "DatabaseServerIdentifier" : "Orthanc1", + **/ + + // Whether Orthanc protects the modification of metadata and + // attachments using revisions, which is done using the HTTP headers + // "ETag", "If-Match" and "If-None-Match" in the calls to the REST + // API. This is needed to handle collisions between concurrent + // modifications in the case of multiple writers. The database + // back-end must support this option, which is notably *not* yet the + // case of the built-in SQLite index. (new in Orthanc 1.9.2) + "CheckRevisions" : false, + + // Whether Orthanc streams ZIP archive/media to the HTTP + // client. Setting this option to "false" corresponds to the + // behavior of Orthanc <= 1.9.3: The ZIP is first entirely written + // to a temporary file, then sent to the client (which necessitates + // disk space and might lead to HTTP timeouts on large archives). If + // set to "true", the chunks of the ZIP file are progressively sent + // as soon as one DICOM file gets compressed (new in Orthanc 1.9.4) + "SynchronousZipStream" : true, + + // Default number of loader threads when generating Zip archive/media. + // A value of 0 means reading and writing are performed in sequence + // (default behaviour). A value > 1 is meaningful only if the storage + // is a distributed network storage (e.g object storage plugin). + // (new experimental feature in Orthanc 1.10.0) + "ZipLoaderThreads": 0, + + // Extra Main Dicom tags that are stored in DB together with all default + // Main Dicom tags that are already stored. + // see https://orthanc.uclouvain.be/book/faq/main-dicom-tags.html + // (new in Orthanc 1.11.0) + // Sequences tags are not supported. + /** + "ExtraMainDicomTags" : { + "Instance" : [ + "Rows", + "Columns", + "ImageType", + "SOPClassUID", + "ContentDate", + "ContentTime", + "FrameOfReferenceUID", + "PixelSpacing", + "SpecificCharacterSet", + "BitsAllocated" + ], + "Series" : [], + "Study": [], + "Patient": [] + }, + */ + + // Enables/disables warnings in the logs. + // "true" enables a warning. All warnings are enabled by default + // see https://orthanc.uclouvain.be/book/faq/main-dicom-tags.html#warnings + // (new in Orthanc 1.11.0) + "Warnings" : { + // A "RequestedTags" has been read from storage which is slower than + // reading it from DB. + // You might want to store this tag in ExtraMainDicomTags to build + // the response faster. + "W001_TagsBeingReadFromStorage": true, + + // Retrieving a list of Main dicom tags from a resource that has been + // saved with another "ExtraMainDicomTags" configuration which means that + // your response might be incomplete/inconsistent. + // You should call patients|studies|series|instances/../reconstruct to rebuild + // the DB. You may also check for the "Housekeeper" plugin + "W002_InconsistentDicomTagsInDb": true, + + // Display a warning message when Orthanc and its plugins are unable + // to decode a frame (new in Orthanc 1.12.5). + "W003_DecoderFailure": true + } + +, "OrthancExplorer2" : { "IsDefaultOrthancUI": false } +} From 3bb33cb7ac8051894313d514cbb72de63943c143 Mon Sep 17 00:00:00 2001 From: Siddharth Vaish Date: Mon, 6 Jan 2025 15:47:24 +0530 Subject: [PATCH 4/6] Remove docker-compose.yml --- docker-compose.yml | 28 ---------------------------- 1 file changed, 28 deletions(-) delete mode 100644 docker-compose.yml diff --git a/docker-compose.yml b/docker-compose.yml deleted file mode 100644 index 672ac58..0000000 --- a/docker-compose.yml +++ /dev/null @@ -1,28 +0,0 @@ -version: "3.8" - -services: - orthanc: - command: /run/secrets/ - secrets: - - orthanc.json - build: - context: ./ - image: sidvaish97/orthanc_test:v1.0 - platform: linux/amd64 - restart: always - environment: - - ORTHANC_NAME=Orthanc - - ORTHANC_AUTHENTICATION=keycloak - - KEYCLOAK_REALM=orthanc - - KEYCLOAK_CLIENT_ID=orthanc - volumes: - - orthanc-db:/var/lib/orthanc/db - ports: - - "8889:8042" - -secrets: - orthanc.json: - file: orthanc.json - -volumes: - orthanc-db: \ No newline at end of file From ac2b89007de60c6e519087ee84bc65b7b59c9868 Mon Sep 17 00:00:00 2001 From: Siddharth Vaish Date: Mon, 6 Jan 2025 15:48:09 +0530 Subject: [PATCH 5/6] Remove orthanc.json --- orthanc.json | 1007 -------------------------------------------------- 1 file changed, 1007 deletions(-) delete mode 100644 orthanc.json diff --git a/orthanc.json b/orthanc.json deleted file mode 100644 index 3f109bb..0000000 --- a/orthanc.json +++ /dev/null @@ -1,1007 +0,0 @@ -{ - /** - * General configuration of Orthanc - * - * As a general recommendation, you should always favour absolute - * paths when you need to provide a path to a file or a directory. - * This is not done in this configuration file since we don't know - * where Orthanc is going to be installed. - **/ - - // The logical name of this instance of Orthanc. This one is - // displayed in Orthanc Explorer and at the URI "/system". - "Name" : "Orthanc inside Docker", - - // Path to the directory that holds the heavyweight files (i.e. the - // raw DICOM instances). Backslashes must be either escaped by - // doubling them, or replaced by forward slashes "/". - "StorageDirectory" : "/var/lib/orthanc/db", - - // Path to the directory that holds the SQLite index (if unset, the - // value of StorageDirectory is used). This index could be stored on - // a RAM-drive or a SSD device for performance reasons. - "IndexDirectory" : "/var/lib/orthanc/db", - - // Path to the directory where Orthanc stores its large temporary - // files. The content of this folder can be safely deleted once - // Orthanc is stopped. The folder must exist. The corresponding - // filesystem must be properly sized, given that for instance a ZIP - // archive of DICOM images created by a job can weight several GBs, - // and that there might be up to "min(JobsHistorySize, - // MediaArchiveSize)" archives to be stored simultaneously. If not - // set, Orthanc will use the default temporary folder of the - // operating system (such as "/tmp/" on UNIX-like systems, or - // "C:/Temp" on Microsoft Windows). - // "TemporaryDirectory" : "/tmp/Orthanc/", - - // Enable the transparent compression of the DICOM instances - "StorageCompression" : false, - - // Maximum size of the storage in MB (a value of "0" indicates no - // limit on the storage size) - "MaximumStorageSize" : 0, - - // Maximum number of patients that can be stored at a given time - // in the storage (a value of "0" indicates no limit on the number - // of patients) - "MaximumPatientCount" : 0, - - // Action to take when the maximum storage is reached. - // By default, the patients are recycled ("Recycle" mode). - // In "Reject" mode, the sender will receive a 0xA700 DIMSE status code - // if the instance was sent through C-Store, a 507 HTTP status code - // if using the REST API and a 0xA700 Failure reason when using - // DicomWeb Stow-RS. - // Note: this value is taken into account only if you have set - // a MaximumStorageSize != 0 or a MaximumPatientCount != 0 - // Allowed values: "Recycle", "Reject" - // (new in Orthanc 1.11.2) - "MaximumStorageMode" : "Recycle", - - // Maximum size of the storage cache in MB. The storage cache - // is stored in RAM and contains a copy of recently accessed - // files (written or read). A value of "0" indicates the cache - // is disabled. (new in Orthanc 1.10.0) - "MaximumStorageCacheSize" : 128, - - // List of paths to the custom Lua scripts that are to be loaded - // into this instance of Orthanc - "LuaScripts" : [ - ], - - // The period (in seconds) between 2 calls of the "OnHeartBeat" - // lua callback. O means the heart beat is disabled. - // TODO: text below for Orthanc book: - // Note: that the period is actually not the delay between - // the end of an execution and the triggering of the next one. - // Since there is only one lua context, if other lua code is being - // executed, the heart beat might be delayed even more. - "LuaHeartBeatPeriod" : 0, - - // List of paths to the plugins that are to be loaded into this - // instance of Orthanc (e.g. "./libPluginTest.so" for Linux, or - // "./PluginTest.dll" for Windows). These paths can refer to - // folders, in which case they will be scanned non-recursively to - // find shared libraries. Backslashes must be either escaped by - // doubling them, or replaced by forward slashes "/". - "Plugins" : [ - "/usr/share/orthanc/plugins", "/usr/local/share/orthanc/plugins", - "/home/root/OrthancJava-1.0/BuildPlugin/libOrthancJava.so" - ], - - "Java" : { - "Enabled" : true, - //"Classpath" : "/home/root/java/:/home/root/OrthancJava-1.0/BuildJavaSDK/OrthancJavaSDK.jar:.", - //"InitializationClass" : "HelloWorld" - "Classpath" : "/home/root/OrthancJava-1.0/BuildJavaSDK/OrthancJavaSDK.jar:/home/root/OrthancFHIR.jar", - "InitializationClass" : "Main" - }, - - // Maximum number of processing jobs that are simultaneously running - // at any given time. A value of "0" indicates to use all the - // available CPU logical cores. To emulate Orthanc <= 1.3.2, set - // this value to "1". - "ConcurrentJobs" : 2, - - // Defines the number of threads that are used to execute each type of - // jobs (for the jobs that can be parallelized). - // A value of "0" indicates to use all the available CPU logical cores. - // (new in Orthanc 1.11.3) - "JobsEngineThreadsCount" : { - "ResourceModification": 1 // for /anonymize, /modify - }, - - /** - * Configuration of the HTTP server - **/ - - // Enable the HTTP server. If this parameter is set to "false", - // Orthanc acts as a pure DICOM server. The REST API and Orthanc - // Explorer will not be available. - "HttpServerEnabled" : true, - - // Enable/disable the Orthanc Explorer Web user interface. This - // option is only meaningful if the "HttpServerEnabled" option is - // set to "true" (new in Orthanc 1.8.2). - "OrthancExplorerEnabled" : true, - - // HTTP port for the REST services and for the GUI - "HttpPort" : 8042, - - // When the following option is "true", if an error is encountered - // while calling the REST API, a JSON message describing the error - // is put in the HTTP answer. This feature can be disabled if the - // HTTP client does not properly handles such answers. - "HttpDescribeErrors" : true, - - // Enable HTTP compression to improve network bandwidth utilization, - // at the expense of more computations on the server. Orthanc - // supports the "gzip" and "deflate" HTTP encodings. - // When working on a LAN or on localhost, you should typically set - // this configuration to false while when working on low-bandwidth, - // you should set it to true. - // Note in versions up to 1.12.1, the default value was "true" and is - // "false" since 1.12.2. - "HttpCompressionEnabled" : false, - - // Enable the publication of the content of the Orthanc server as a - // WebDAV share (new in Orthanc 1.8.0). On the localhost, the WebDAV - // share is mapped as "http://localhost:8042/webdav/". - "WebDavEnabled" : true, - - // Whether to allow deletions through the WebDAV share. This is - // disabled by default to avoid accidental loss of DICOM instances. - "WebDavDeleteAllowed" : false, - - // Whether to allow uploads through the WebDAV share. - "WebDavUploadAllowed" : true, - - - - /** - * Configuration of the DICOM server - **/ - - // Enable the DICOM server. If this parameter is set to "false", - // Orthanc acts as a pure REST server. It will not be possible to - // receive files or to do query/retrieve through the DICOM protocol. - "DicomServerEnabled" : true, - - // The DICOM Application Entity Title (cannot be longer than 16 - // characters) - "DicomAet" : "ORTHANC", - - // Check whether the called AET corresponds to the AET of Orthanc - // during an incoming DICOM SCU request - "DicomCheckCalledAet" : false, - - // The DICOM port - "DicomPort" : 4242, - - // The default encoding that is assumed for DICOM files without - // "SpecificCharacterSet" DICOM tag, and that is used when answering - // C-FIND requests (including worklists). The allowed values are - // "Ascii", "Utf8", "Latin1", "Latin2", "Latin3", "Latin4", - // "Latin5", "Cyrillic", "Windows1251", "Arabic", "Greek", "Hebrew", - // "Thai", "Japanese", "Chinese", "JapaneseKanji", "Korean", and - // "SimplifiedChinese". - "DefaultEncoding" : "Latin1", - - // The transfer syntaxes that are accepted by Orthanc C-STORE SCP. - // This is an array listing the accepted transfer syntax UIDs. Each - // entry can contain wildcards ("?" or "*"). By default, all the - // known transfer syntaxes are accepted. (new in Orthanc 1.9.0) - "AcceptedTransferSyntaxes" : [ "1.2.840.10008.1.*" ], - - // User-friendly groups of transfer syntaxes that can be enabled or - // disabled at once. These options are applied after the main - // "AcceptedTransferSyntaxes" option has been applied (if present). - /** - "DeflatedTransferSyntaxAccepted" : true, - "JpegTransferSyntaxAccepted" : true, - "Jpeg2000TransferSyntaxAccepted" : true, - "JpegLosslessTransferSyntaxAccepted" : true, - "JpipTransferSyntaxAccepted" : true, - "Mpeg2TransferSyntaxAccepted" : true, - "RleTransferSyntaxAccepted" : true, - "Mpeg4TransferSyntaxAccepted" : true, // New in Orthanc 1.6.0 - "H265TransferSyntaxAccepted" : true, // New in Orthanc 1.9.0 - **/ - - // Whether Orthanc accepts to act as C-STORE SCP for unknown storage - // SOP classes (aka. "promiscuous mode") - "UnknownSopClassAccepted" : false, - - // Set the timeout (in seconds) after which the DICOM associations - // are closed by the Orthanc SCP (server) if no further DIMSE - // command is received from the SCU (client). - // A value of 0 means "no timeout". - "DicomScpTimeout" : 30, - - - - /** - * Security-related options for the HTTP server - **/ - - // Whether remote hosts can connect to the HTTP server - "RemoteAccessAllowed" : true, - - // Whether or not SSL is enabled - "SslEnabled" : false, - - // Path to the SSL certificate used by the HTTP server. The file - // must be stored in the PEM format, and must contain both the - // certificate and the private key. This option is only meaningful - // if "SslEnabled" is true. - "SslCertificate" : "certificate.pem", - - // Sets the minimum accepted SSL protocol version for the HTTP server - // (cf. "ssl_protocol_version" option of civetweb). By default, - // require TLS 1.2 or 1.3. This option is only meaningful if "SslEnabled" - // is true. (new in Orthanc 1.8.2) - // - // Value => Protocols - // 0 SSL2+SSL3+TLS1.0+TLS1.1+TLS1.2+TLS1.3 - // 1 SSL3+TLS1.0+TLS1.1+TLS1.2+TLS1.3 - // 2 TLS1.0+TLS1.1+TLS1.2+TLS1.3 - // 3 TLS1.1+TLS1.2+TLS1.3 - // 4 TLS1.2+TLS1.3 - // 5 TLS1.3 - "SslMinimumProtocolVersion" : 4, - - // Set the accepted ciphers for SSL connections for the HTTP server. - // The ciphers must be provided as a list of strings. If not set, - // this will default to FIPS 140-2 ciphers. This option is only - // meaningful if "SslEnabled" is true. (new in Orthanc 1.8.2) - /** - "SslCiphersAccepted" : [ "AES128-GCM-SHA256" ], - **/ - - // Whether or not peer client certificates shall be checked. This - // option is only meaningful if "SslEnabled" is true. - "SslVerifyPeers" : false, - - // Path to a file containing the concatenation of the client SSL - // certificate(s) that are trusted to verify the identity of remote - // HTTP clients. The individual certificate(s) or root CAs must be - // stored in the PEM format. This option is only meaningful - // if "SslVerifyPeers" is true. - "SslTrustedClientCertificates" : "trustedClientCertificates.pem", - - // Whether or not the password protection is enabled (using HTTP - // basic access authentication). Starting with Orthanc 1.5.8, if - // "AuthenticationEnabled" is not explicitly set, authentication is - // enabled iff. remote access is allowed (i.e. the default value of - // "AuthenticationEnabled" equals that of "RemoteAccessAllowed"). - /** - "AuthenticationEnabled" : true, - **/ - - // The list of the registered users. Because Orthanc uses HTTP - // Basic Authentication, the passwords are stored as plain text. - "RegisteredUsers" : { - // "alice" : "alicePassword" - }, - - - - /** - * Security-related options for the DICOM connections (SCU/SCP) - **/ - - // Whether DICOM TLS is enabled in the Orthanc SCP (new in Orthanc 1.9.0) - "DicomTlsEnabled" : false, - - // Path to the TLS certificate file (in PEM format) to be used for - // both Orthanc SCP (incoming DICOM connections) and Orthanc SCU - // (outgoing DICOM connections). Note that contrarily to the - // "SslCertificate" option, the certificate and its private key must - // be split into two separate files. (new in Orthanc 1.9.0) - /** - "DicomTlsCertificate" : "orthanc.crt", - **/ - - // Path to the file containing the private key (in PEM format) that - // corresponds to the TLS certificate specified in option - // "DicomTlsCertificate". (new in Orthanc 1.9.0) - /** - "DicomTlsPrivateKey" : "orthanc.key", - **/ - - // Path to a file containing all the TLS certificates that Orthanc - // can trust, both for its SCP (incoming DICOM connections) and SCU - // (outgoing DICOM connections). This file must contain a sequence - // of PEM certificates. (new in Orthanc 1.9.0) - /** - "DicomTlsTrustedCertificates" : "trusted.crt", - **/ - - // Whether Orthanc rejects DICOM TLS connections to/from remote - // modalities that do not provide a certificate. Setting this option - // to "true" (resp. "false") corresponds to "--require-peer-cert" - // (resp. "--ignore-peer-cert") in the DCMTK command-line - // tools. (new in Orthanc 1.9.3) - // Once you set this configuration to true, you must provide a list of - // trusted certificates in DicomTlsTrustedCertificates. - "DicomTlsRemoteCertificateRequired" : true, - - // Sets the minimum accepted TLS protocol version for the DICOM server - // By default, require TLS 1.2 or 1.3. This option is only meaningful - // if "DicomTlsEnabled" is true (new in Orthanc 1.12.4). - // Note that, internally, Orthanc is configured to use the BCP195 profile - // by default. As soon as you switch to another protocol version, you - // must also provide the list of supported cipher suites. - // This configuration applies to Orthanc acting both as SCU and SCP. - // Value => Protocols - // 0 use default BCP 195 profile and default cipher suites - // 1 SSL3+TLS1.0+TLS1.1+TLS1.2+TLS1.3 - // 2 TLS1.0+TLS1.1+TLS1.2+TLS1.3 - // 3 TLS1.1+TLS1.2+TLS1.3 - // 4 TLS1.2+TLS1.3 - // 5 TLS1.3 - "DicomTlsMinimumProtocolVersion" : 0, - - // Set the accepted ciphers for TLS connections for the DICOM server. - // The ciphers must be provided as a list of strings. If not set, - // this will default to BCP195 ciphers if DicomTlsMinimumProtocolVersion is 0 - // or to an empty list for other values. This option is only - // meaningful if "DicomTlsEnabled" is true. (new in Orthanc 1.12.4). - // This configuration must be provided if DicomTlsMinimumProtocolVersion != 0. - // The list of valid cipher names are available in - // https://www.openssl.org/docs/man3.3/man1/openssl-ciphers.html - // The OpenSSL names are used. - /** - "DicomTlsCiphersAccepted" : [] - **/ - - // Whether the Orthanc SCP allows incoming C-ECHO requests, even - // from SCU modalities it does not know about (i.e. that are not - // listed in the "DicomModalities" option above). Orthanc 1.3.0 - // is the only version to behave as if this argument were set to "false". - "DicomAlwaysAllowEcho" : true, - - // Whether the Orthanc SCP allows incoming C-STORE requests, even - // from SCU modalities it does not know about (i.e. that are not - // listed in the "DicomModalities" option above) - "DicomAlwaysAllowStore" : true, - - // Whether the Orthanc SCP allows incoming C-FIND requests, even - // from SCU modalities it does not know about (i.e. that are not - // listed in the "DicomModalities" option above). Setting this - // option to "true" implies security risks. (new in Orthanc 1.9.0) - // Note: From Orthanc 1.10.0, this option only applies to C-FIND - // requests for patients/studies/series/instances. Use option - // "DicomAlwaysAllowFindWorklist" for worklists. - "DicomAlwaysAllowFind" : false, - - // Whether the Orthanc SCP allows incoming C-FIND requests for worklists, - // even from SCU modalities it does not know about (i.e. that are not - // listed in the "DicomModalities" option above). Setting this - // option to "true" implies security risks. (new in Orthanc 1.10.0) - "DicomAlwaysAllowFindWorklist" : false, - - // Whether the Orthanc SCP allows incoming C-GET requests, even - // from SCU modalities it does not know about (i.e. that are not - // listed in the "DicomModalities" option above). Setting this - // option to "true" implies security risks. (new in Orthanc 1.9.0) - "DicomAlwaysAllowGet" : false, - - // Whether the Orthanc SCP allows incoming C-MOVE requests, even - // from SCU modalities it does not know about (i.e. that are not - // listed in the "DicomModalities" option above). Setting this - // option to "true" implies security risks. (new in Orthanc 1.9.7) - "DicomAlwaysAllowMove" : false, - - // Whether Orthanc checks the IP/hostname address of the remote - // modality initiating a DICOM connection (as listed in the - // "DicomModalities" option above). If this option is set to - // "false", Orthanc only checks the AET of the remote modality. - "DicomCheckModalityHost" : false, - - - - /** - * Network topology - **/ - - // The list of the known DICOM modalities. This option is ignored if - // "DicomModalitiesInDatabase" is set to "true", in which case you - // must use the REST API to define modalities. - "DicomModalities" : { - /** - * Uncommenting the following line would enable Orthanc to - * connect to an instance of the "storescp" open-source DICOM - * store (shipped in the DCMTK distribution), as started by the - * command line "storescp 2000". The first parameter is the - * AET of the remote modality (cannot be longer than 16 - * characters), the second one is the remote network address, - * and the third one is the TCP port number corresponding - * to the DICOM protocol on the remote modality (usually 104). - **/ - // "sample" : [ "STORESCP", "127.0.0.1", 2000 ] - - /** - * A fourth parameter is available to enable patches for - * specific PACS manufacturers. The allowed values are currently: - * - "Generic" (default value), - * - "GenericNoWildcardInDates" (to replace "*" by "" in date fields - * in outgoing C-FIND requests originating from Orthanc), - * - "GenericNoUniversalWildcard" (to replace "*" by "" in all fields - * in outgoing C-FIND SCU requests originating from Orthanc), - * - "Vitrea", - * - "GE" (Enterprise Archive, MRI consoles and Advantage Workstation - * from GE Healthcare). - * - * This parameter is case-sensitive. - **/ - // "vitrea" : [ "VITREA", "192.168.1.1", 104, "Vitrea" ] - - /** - * By default, the Orthanc SCP accepts all DICOM commands (C-ECHO, - * C-STORE, C-FIND, C-MOVE, C-GET and storage commitment) issued by the - * registered remote SCU modalities. Starting with Orthanc 1.5.0, - * it is possible to specify which DICOM commands are allowed, - * separately for each remote modality, using the syntax - * below. - * - * The "AllowEcho" (resp. "AllowStore") option only has an effect - * respectively if global option "DicomAlwaysAllowEcho" - * (resp. "DicomAlwaysAllowStore") is set to "false". - * - * Starting with Orthanc 1.7.0, "AllowTranscoding" can be used to - * disable the transcoding to uncompressed transfer syntaxes if - * this remote modality doesn't support compressed transfer - * syntaxes. This option currently applies to Orthanc C-GET SCP - * and to Orthanc C-STORE SCU. This option only has an effect if - * the global option "EnableTranscoding" is set to "true". - * - * By default, all "Allow*" options are true. - * "AllowStorageCommitment" is actually an alias for - * "AllowNAction" & "AllowEventReport". - * - * The "UseDicomTls" option specifies whether DICOM TLS should be - * used when opening a SCU connection from Orthanc to this remote - * modality. By default, DICOM TLS is not enabled. - * - * The "LocalAet" option allows one to overwrite the global - * "DicomAet" configuration option in order to specify another AET - * for Orthanc when initiating an SCU to this very specific - * modality. Similarly, "Timeout" allows one to overwrite the - * global value "DicomScuTimeout" on a per-modality basis. - **/ - //"untrusted" : { - // "AET" : "ORTHANC", - // "Port" : 104, - // "Host" : "127.0.0.1", - // "Manufacturer" : "Generic", - // "AllowEcho" : false, - // "AllowFind" : false, - // "AllowFindWorklist" : false, // new in 1.10.0 - // "AllowGet" : false, - // "AllowMove" : false, - // "AllowStore" : true, - // "AllowStorageCommitment" : false, // new in 1.6.0 - // "AllowTranscoding" : true, // new in 1.7.0 - // "UseDicomTls" : false, // new in 1.9.0 - // "LocalAet" : "HELLO", // new in 1.9.0 - // "Timeout" : 60 // new in 1.9.1 - //} - }, - - // Whether to store the DICOM modalities in the Orthanc database - // instead of in this configuration file (new in Orthanc 1.5.0) - "DicomModalitiesInDatabase" : false, - - // Whether the C-ECHO SCU is automatically followed by a C-FIND SCU, - // while testing the connectivity from Orthanc to a remote DICOM - // modality. This allows one to check that the remote modality does - // accept C-FIND requests from Orthanc (new in Orthanc 1.8.1). - "DicomEchoChecksFind" : false, - - // The timeout (in seconds) after which the DICOM associations are - // considered as closed by the Orthanc SCU (client) if the remote - // DICOM SCP (server) does not answer. - // A value of 0 means "no timeout". - "DicomScuTimeout" : 10, - - // During a C-STORE SCU request initiated by Orthanc, if the remote - // modality doesn't support the original transfer syntax of some - // DICOM instance, specify which transfer syntax should be preferred - // to transcode this instance (provided the remote modality accepts - // this syntax). In Orthanc between 1.7.0 and 1.8.2, this parameter - // was implicitly set to "Little Endian Implicit" - // (1.2.840.10008.1.2). In Orthanc <= 1.6.1 and in Orthanc >= 1.9.0, - // this parameter is by default set to "Little Endian Explicit" - // (1.2.840.10008.1.2.1). This parameter can possibly correspond to - // a compressed transfer syntax. (new in Orthanc 1.9.0) - "DicomScuPreferredTransferSyntax" : "1.2.840.10008.1.2.1", - - // Number of threads that are used by the embedded DICOM server. - // This defines the number of concurrent DICOM operations that can - // be run when Orthanc is acting as SCP. - // Note: This is not limiting the number of concurrent connections - // but the number of concurrent DICOM operations. - // E.g, with a single thread, if a C-Find is received during - // e.g the transcoding of an incoming C-Store, the C-Find will - // be processed only at the end of the C-Store operation but both - // DICOM assocations will remain active. - // (new in Orthanc 1.10.0, before this version, the value was - // fixed to 4) - "DicomThreadsCount" : 4, - - // The list of the known Orthanc peers. This option is ignored if - // "OrthancPeersInDatabase" is set to "true", in which case you must - // use the REST API to define Orthanc peers. - "OrthancPeers" : { - /** - * Each line gives the base URL of an Orthanc peer, possibly - * followed by the username/password pair (if the password - * protection is enabled on the peer). - **/ - // "peer" : [ "http://127.0.0.1:8043/", "alice", "alicePassword" ] - // "peer2" : [ "http://127.0.0.1:8044/" ] - - /** - * This is another, more advanced format to define Orthanc - * peers. It notably allows one to specify HTTP headers, a HTTPS - * client certificate in the PEM format (as in the "--cert" option - * of curl), or to enable PKCS#11 authentication for smart cards. - * - * The "Timeout" option allows one to overwrite the global value - * "HttpTimeout" on a per-peer basis. - **/ - // "peer" : { - // "Url" : "http://127.0.0.1:8043/", - // "Username" : "alice", - // "Password" : "alicePassword", - // "HttpHeaders" : { "Token" : "Hello world" }, - // "CertificateFile" : "client.crt", - // "CertificateKeyFile" : "client.key", - // "CertificateKeyPassword" : "certpass", - // "Pkcs11" : false, - // "Timeout" : 42 // New in Orthanc 1.9.1 - // } - }, - - // Whether to store the Orthanc peers in the Orthanc database - // instead of in this configuration file (new in Orthanc 1.5.0) - "OrthancPeersInDatabase" : false, - - // Parameters of the HTTP proxy to be used by Orthanc. If set to the - // empty string, no HTTP proxy is used. For instance: - // "HttpProxy" : "192.168.0.1:3128" - // "HttpProxy" : "proxyUser:proxyPassword@192.168.0.1:3128" - "HttpProxy" : "", - - // If set to "true", debug messages from libcurl will be issued - // whenever Orthanc makes an outgoing HTTP request. This is notably - // useful to debug HTTPS-related problems. - "HttpVerbose" : false, - - // Set the timeout for HTTP requests issued by Orthanc (in seconds). - "HttpTimeout" : 60, - - // Enable the verification of the peers during HTTPS requests. This - // option must be set to "false" if using self-signed certificates. - // Pay attention that setting this option to "false" results in - // security risks! - // Reference: http://curl.haxx.se/docs/sslcerts.html - "HttpsVerifyPeers" : true, - - // Path to the CA (certification authority) certificates to validate - // peers in HTTPS requests. From curl documentation ("--cacert" - // option): "Tells curl to use the specified certificate file to - // verify the peers. The file may contain multiple CA - // certificates. The certificate(s) must be in PEM format." On - // Debian-based systems, this option can be set to - // "/etc/ssl/certs/ca-certificates.crt" - "HttpsCACertificates" : "/etc/ssl/certs/ca-certificates.crt", - - - - /** - * Advanced options - **/ - - // Dictionary of symbolic names for the user-defined metadata. Each - // entry must map an unique string to an unique number between 1024 - // and 65535. Reserved values: - // - The Orthanc whole-slide imaging plugin uses metadata 4200 - "UserMetadata" : { - // "Sample" : 1024 - }, - - // Dictionary of symbolic names for the user-defined types of - // attached files. Each entry must map an unique string to an unique - // number between 1024 and 65535. Optionally, a second argument can - // provided to specify a MIME content type for the attachment. - "UserContentType" : { - // "sample" : 1024 - // "sample2" : [ 1025, "application/pdf" ] - }, - - // Number of seconds without receiving any instance before a - // patient, a study or a series is considered as stable. - "StableAge" : 60, - - // By default, Orthanc compares AET (Application Entity Titles) in a - // case-insensitive way. Setting this option to "true" will enable - // case-sensitive matching. - "StrictAetComparison" : false, - - // When the following option is "true", the MD5 of the DICOM files - // will be computed and stored in the Orthanc database. This - // information can be used to detect disk corruption, at the price - // of a small performance overhead. - "StoreMD5ForAttachments" : true, - - // The maximum number of results for a single C-FIND request at the - // Patient, Study or Series level. Setting this option to "0" means - // no limit. - "LimitFindResults" : 0, - - // The maximum number of results for a single C-FIND request at the - // Instance level. Setting this option to "0" means no limit. - "LimitFindInstances" : 0, - - // If this option is set to "true" (default behavior until Orthanc - // 1.3.2), Orthanc will log the resources that are exported to other - // DICOM modalities or Orthanc peers, inside the URI - // "/exports". Setting this option to "false" is useful to prevent - // the index to grow indefinitely in auto-routing tasks (this is the - // default behavior since Orthanc 1.4.0). - "LogExportedResources" : false, - - // Enable or disable HTTP Keep-Alive (persistent HTTP - // connections). Setting this option to "true" prevents Orthanc - // issue #32 ("HttpServer does not support multiple HTTP requests in - // the same TCP stream"), but can possibly slow down HTTP clients - // that do not support persistent connections. The default behavior - // used to be "false" in Orthanc <= 1.5.1. Setting this option to - // "false" is also recommended if Orthanc is compiled against - // Mongoose. - "KeepAlive" : true, - - // Defines the Keep-Alive timeout in seconds. - // (new in Orthanc 1.11.3) - "KeepAliveTimeout" : 1, - - // Enable or disable Nagle's algorithm. Only taken into - // consideration if Orthanc is compiled to use CivetWeb. Experiments - // show that best performance can be obtained by setting both - // "KeepAlive" and "TcpNoDelay" to "true". Beware however of - // caveats: https://eklitzke.org/the-caveats-of-tcp-nodelay - "TcpNoDelay" : true, - - // Number of threads that are used by the embedded HTTP server. - "HttpThreadsCount" : 50, - - // If this option is set to "false", Orthanc will run in index-only - // mode. The DICOM files will not be stored on the drive: Orthanc - // only indexes the small subset of the so-called "main DICOM tags" - // in its SQL database. Note that this option might prevent the - // upgrade to newer versions of Orthanc. Also note that this - // behavior might not be available with the storage area plugins. - "StoreDicom" : true, - - // DICOM associations initiated by Lua scripts are kept open as long - // as new DICOM commands are issued. This option sets the number of - // seconds of inactivity to wait before automatically closing a - // DICOM association used by Lua. If set to 0, the connection is - // closed immediately. This option is only used in Lua scripts. - "DicomAssociationCloseDelay" : 5, - - // Maximum number of query/retrieve DICOM requests that are - // maintained by Orthanc. The least recently used requests get - // deleted as new requests are issued. - "QueryRetrieveSize" : 100, - - // When handling a C-FIND SCP request, setting this flag to "true" - // will enable case-sensitive match for PN value representation - // (such as PatientName). By default, the search is - // case-insensitive, which does not follow the DICOM standard. - "CaseSensitivePN" : false, - - // Configure PKCS#11 to use hardware security modules (HSM) and - // smart cards when carrying on HTTPS client authentication. - /** - "Pkcs11" : { - "Module" : "/usr/local/lib/libbeidpkcs11.so", - "Module" : "C:/Windows/System32/beidpkcs11.dll", - "Pin" : "1234", - "Verbose" : true - } - **/ - - // If set to "false", Orthanc will not load its default dictionary - // of private tags. This might be necessary if you cannot import a - // DICOM file encoded using the Implicit VR Endian transfer syntax, - // and containing private tags: Such an import error might stem from - // a bad dictionary. You can still list your private tags of - // interest in the "Dictionary" configuration option below. - "LoadPrivateDictionary" : true, - - // Locale to be used by Orthanc. Currently, only used if comparing - // strings in a case-insensitive way. It should be safe to keep this - // value undefined, which lets Orthanc autodetect the suitable locale. - // "Locale" : "en_US.UTF-8", - - // Register a new tag in the dictionary of DICOM tags that are known - // to Orthanc. Each line must contain the tag (formatted as 2 - // hexadecimal numbers), the value representation (2 upcase - // characters), a nickname for the tag, possibly the minimum - // multiplicity (> 0 with defaults to 1), possibly the maximum - // multiplicity (0 means arbitrary multiplicity, defaults to 1), and - // possibly the Private Creator (for private tags). - // Note: For private tags, you should only declare the lower 8 bits - // of the element since the higher 8 bits may vary from one file to - // the other. - "Dictionary" : { - // "0014,1020" : [ "DA", "ValidationExpiryDate", 1, 1 ] - // "00e1,c2" : [ "UI", "PET-CT Multi Modality Name", 1, 1, "ELSCINT1" ] - // "7053,03" : [ "ST", "Original Image Filename", 1, 1, "Philips PET Private Group" ] - // "2001,5f" : [ "SQ", "StackSequence", 1, 1, "Philips Imaging DD 001" ] - }, - - // Load a set of external DICOM dictionaries in order to replace the - // default dictionaries. This option must contain a set of files in - // the DCMTK format. The order of the dictionaries *is* - // important. This option can be used to turn Orthanc into a DICONDE - // server. (new in Orthanc 1.9.4) - /** - "ExternalDictionaries" : [ - "/usr/share/libdcmtk12/dicom.dic", - "/usr/share/libdcmtk12/diconde.dic" - ] - **/ - - // Whether to run DICOM C-MOVE operations synchronously. If set to - // "false" (asynchronous mode), each incoming C-MOVE request results - // in the creation of a new background job. Up to Orthanc 1.3.2, the - // implicit behavior was to use synchronous C-MOVE ("true"). Between - // Orthanc 1.4.0 and 1.4.2, the default behavior was set to - // asynchronous C-MOVE ("false"). Since Orthanc 1.5.0, the default - // behavior is back to synchronous C-MOVE ("true", which ensures - // backward compatibility with Orthanc <= 1.3.2). - "SynchronousCMove" : true, - - // Maximum number of completed jobs that are kept in memory. A - // processing job is considered as complete once it is tagged as - // "Success" or "Failure". Since Orthanc 1.5.0, a value of "0" - // indicates to keep no job in memory (i.e. jobs are removed from - // the history as soon as they are completed), which prevents the - // use of some features of Orthanc (typically, synchronous mode in - // REST API) and should be avoided for non-developers. - "JobsHistorySize" : 10, - - // Whether to save the jobs into the Orthanc database. If this - // option is set to "true", the pending/running/completed jobs are - // automatically reloaded from the database if Orthanc is stopped - // then restarted (except if the "--no-jobs" command-line argument - // is specified). This option should be set to "false" if multiple - // Orthanc servers are using the same database (e.g. if PostgreSQL - // or MariaDB/MySQL is used). - "SaveJobs" : true, - - // Specifies how Orthanc reacts when it receives a DICOM instance - // whose SOPInstanceUID is already stored. If set to "true", the new - // instance replaces the old one. If set to "false", the new - // instance is discarded and the old one is kept. Up to Orthanc - // 1.4.1, the implicit behavior corresponded to "false". - "OverwriteInstances" : true, - - // Maximum number of ZIP/media archives that are maintained by - // Orthanc, as a response to the asynchronous creation of archives. - // The least recently used archives get deleted as new archives are - // generated. This option was introduced in Orthanc 1.5.0, and has - // no effect on the synchronous generation of archives. - "MediaArchiveSize" : 1, - - // Performance setting to specify how Orthanc accesses the storage - // area during find operations (C-FIND, /tools/find API route and - // QIDO-RS in dicom-web). Three modes are available: (1) "Always" - // allows Orthanc to read the storage area as soon as it needs an - // information that is not present in its database (slowest mode), - // (2) "Never" prevents Orthanc from accessing the storage area, and - // makes it uses exclusively its database (fastest mode), and (3) - // "Answers" allows Orthanc to read the storage area to generate its - // answers, but not to filter the DICOM resources (balance between - // the two modes). By default, the mode is "Always", which - // corresponds to the behavior of Orthanc <= 1.5.0. - "StorageAccessOnFind" : "Always", - - // Whether Orthanc monitors its metrics (new in Orthanc 1.5.4). If - // set to "true", the metrics can be retrieved at - // "/tools/metrics-prometheus" formetted using the Prometheus - // text-based exposition format. - "MetricsEnabled" : true, - - // Whether calls to URI "/tools/execute-script" is enabled. Starting - // with Orthanc 1.5.8, this URI is disabled by default for security. - "ExecuteLuaEnabled" : false, - - // Whether the REST API can write to the filesystem (e.g. in - // /instances/../export route). Starting with Orthanc 1.12.0, - // this URI is disabled by default for security. - "RestApiWriteToFileSystemEnabled": false, - - // Set the timeout while serving HTTP requests by the embedded Web - // server, in seconds. This corresponds to option - // "request_timeout_ms" of Mongoose/Civetweb. It will set the socket - // options "SO_RCVTIMEO" and "SO_SNDTIMEO" to the specified value. - "HttpRequestTimeout" : 30, - - // Set the default private creator that is used by Orthanc when it - // looks for a private tag in its dictionary (cf. "Dictionary" - // option), or when it creates/modifies a DICOM file (new in Orthanc 1.6.0). - "DefaultPrivateCreator" : "", - - // Maximum number of storage commitment reports (i.e. received from - // remote modalities) to be kept in memory (new in Orthanc 1.6.0). - "StorageCommitmentReportsSize" : 100, - - // Whether Orthanc transcodes DICOM files to an uncompressed - // transfer syntax over the DICOM protocol, if the remote modality - // does not support compressed transfer syntaxes (new in Orthanc 1.7.0). - "TranscodeDicomProtocol" : true, - - // If some plugin to decode/transcode DICOM instances is installed, - // this option specifies whether the built-in decoder/transcoder of - // Orthanc (that uses DCMTK) is applied before or after the plugins, - // or is not applied at all (new in Orthanc 1.7.0). The allowed - // values for this option are "After" (default value, corresponding - // to the behavior of Orthanc <= 1.6.1), "Before", or "Disabled". - "BuiltinDecoderTranscoderOrder" : "After", - - // If this option is set, Orthanc will transparently transcode any - // incoming DICOM instance to the given transfer syntax before - // storing it into its database. Beware that this might result in - // high CPU usage (if transcoding to some compressed transfer - // syntax), or in higher disk consumption (if transcoding to an - // uncompressed syntax). Also, beware that transcoding to a transfer - // syntax with lossy compression (notably JPEG) will change the - // "SOPInstanceUID" DICOM tag, and thus the Orthanc identifier at - // the instance level, which might break external workflow. - /** - "IngestTranscoding" : "1.2.840.10008.1.2", - **/ - - // Whether ingest transcoding is applied to incoming DICOM instances - // that have an uncompressed transfer syntax, i.e. Little Endian - // Implicit, Little Endian Explicit or Big Endian Explicit (new in - // Orthanc 1.8.2). - "IngestTranscodingOfUncompressed" : true, - - // Whether ingest transcoding is applied to incoming DICOM instances - // that have a compressed transfer syntax (new in Orthanc 1.8.2). - "IngestTranscodingOfCompressed" : true, - - // The compression level that is used when transcoding to one of the - // lossy/JPEG transfer syntaxes (integer between 1 and 100). - "DicomLossyTranscodingQuality" : 90, - - // Whether "fsync()" is called after each write to the storage area - // (new in Orthanc 1.7.4). If this option is set to "true", Orthanc - // will run more slowly, but the DICOM are guaranteed to be - // immediately written to the disk. This option only makes sense if - // the builtin filesystem storage area is used. It defaults to - // "false" in Orthanc <= 1.7.3, and to "true" in Orthanc >= 1.7.4. - "SyncStorageArea" : true, - - // If specified, on compatible systems, call "mallopt(M_ARENA_MAX, - // ...)" while starting Orthanc. This has the same effect at setting - // the environment variable "MALLOC_ARENA_MAX". This avoids large - // growth in RES memory if the threads of the embedded HTTP server - // have to allocate large chunks of memory (typically the case with - // large DICOM files). By setting "MallocArenaMax" to "N", these - // threads share "N" memory pools (known as "arenas"). Setting this - // option to "0" doesn't call mallopt()", which was the behavior of - // Orthanc <= 1.8.1. - "MallocArenaMax" : 5, - - // Deidentify/anonymize the contents of the logs (notably C-FIND, - // C-GET, and C-MOVE queries submitted to Orthanc) according to - // Table E.1-1 of the DICOM standard (new in Orthanc 1.8.2) - "DeidentifyLogs" : true, - - // If "DeidentifyLogs" is true, this sets the DICOM standard to - // follow for the deidentification/anonymization of the query - // contents. Possible values are "2008", "2017c", "2021b" (new - // in Orthanc 1.8.2), and "2023b" (new in Orthanc 1.12.1) - "DeidentifyLogsDicomVersion" : "2023b", - - // Maximum length of the PDU (Protocol Data Unit) in the DICOM - // network protocol, expressed in bytes. This value affects both - // Orthanc SCU and Orthanc SCP. It defaults to 16KB. The allowed - // range is [4096,131072]. (new in Orthanc 1.9.0) - "MaximumPduLength" : 16384, - - // Arbitrary identifier of this Orthanc server when storing its - // global properties if a custom index plugin is used. This - // identifier is only useful in the case of multiple - // readers/writers, in order to avoid collisions between multiple - // Orthanc servers. If unset, this identifier is taken as a SHA-1 - // hash derived from the MAC addresses of the network interfaces, - // and from the AET and TCP ports used by Orthanc. Manually setting - // this option is needed in Docker/Kubernetes environments. (new in - // Orthanc 1.9.2) - /** - "DatabaseServerIdentifier" : "Orthanc1", - **/ - - // Whether Orthanc protects the modification of metadata and - // attachments using revisions, which is done using the HTTP headers - // "ETag", "If-Match" and "If-None-Match" in the calls to the REST - // API. This is needed to handle collisions between concurrent - // modifications in the case of multiple writers. The database - // back-end must support this option, which is notably *not* yet the - // case of the built-in SQLite index. (new in Orthanc 1.9.2) - "CheckRevisions" : false, - - // Whether Orthanc streams ZIP archive/media to the HTTP - // client. Setting this option to "false" corresponds to the - // behavior of Orthanc <= 1.9.3: The ZIP is first entirely written - // to a temporary file, then sent to the client (which necessitates - // disk space and might lead to HTTP timeouts on large archives). If - // set to "true", the chunks of the ZIP file are progressively sent - // as soon as one DICOM file gets compressed (new in Orthanc 1.9.4) - "SynchronousZipStream" : true, - - // Default number of loader threads when generating Zip archive/media. - // A value of 0 means reading and writing are performed in sequence - // (default behaviour). A value > 1 is meaningful only if the storage - // is a distributed network storage (e.g object storage plugin). - // (new experimental feature in Orthanc 1.10.0) - "ZipLoaderThreads": 0, - - // Extra Main Dicom tags that are stored in DB together with all default - // Main Dicom tags that are already stored. - // see https://orthanc.uclouvain.be/book/faq/main-dicom-tags.html - // (new in Orthanc 1.11.0) - // Sequences tags are not supported. - /** - "ExtraMainDicomTags" : { - "Instance" : [ - "Rows", - "Columns", - "ImageType", - "SOPClassUID", - "ContentDate", - "ContentTime", - "FrameOfReferenceUID", - "PixelSpacing", - "SpecificCharacterSet", - "BitsAllocated" - ], - "Series" : [], - "Study": [], - "Patient": [] - }, - */ - - // Enables/disables warnings in the logs. - // "true" enables a warning. All warnings are enabled by default - // see https://orthanc.uclouvain.be/book/faq/main-dicom-tags.html#warnings - // (new in Orthanc 1.11.0) - "Warnings" : { - // A "RequestedTags" has been read from storage which is slower than - // reading it from DB. - // You might want to store this tag in ExtraMainDicomTags to build - // the response faster. - "W001_TagsBeingReadFromStorage": true, - - // Retrieving a list of Main dicom tags from a resource that has been - // saved with another "ExtraMainDicomTags" configuration which means that - // your response might be incomplete/inconsistent. - // You should call patients|studies|series|instances/../reconstruct to rebuild - // the DB. You may also check for the "Housekeeper" plugin - "W002_InconsistentDicomTagsInDb": true, - - // Display a warning message when Orthanc and its plugins are unable - // to decode a frame (new in Orthanc 1.12.5). - "W003_DecoderFailure": true - } - -, "OrthancExplorer2" : { "IsDefaultOrthancUI": false } -} From 373a471ba76b314f991a64850636ff58dccc897e Mon Sep 17 00:00:00 2001 From: Siddharth Vaish Date: Thu, 16 Jan 2025 15:28:48 +0530 Subject: [PATCH 6/6] Address comments --- .github/workflows/build.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 219da97..96d0425 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -7,10 +7,9 @@ on: types: [published] jobs: - docker-release: + docker-build-publish: uses: mekomsolutions/shared-github-workflow/.github/workflows/docker-build-publish.yml@main with: - download-artifacts: false image-name: "orthanc" image-version: "dev" secrets: