This setup seems to work even without the CORS magic headers but I’ll need to test further:
NGINX default.conf. It listens only on 443, but note that the proxy to ohif is still http within the container. The proxy to Orthanc is https because I configured Orthanc with SSL, which is what I want anyways.
server {
# listen 80;
# listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /sslcerts/cert.pem;
ssl_certificate_key /sslcerts/privkey.pem;
server_name default_server;
location / {
return 403;
}
location /orthanc/ {
proxy_pass https://orthanc:8042;
rewrite /orthanc(.*) $1 break;
proxy_set_header Host $http_host;
proxy_request_buffering off;
proxy_max_temp_file_size 0;
client_max_body_size 0;
}
location /ohif/ {
proxy_pass http://ohif;
rewrite /ohif(.*) $1 break;
proxy_set_header Host $http_host;
proxy_request_buffering off;
proxy_max_temp_file_size 0;
client_max_body_size 0;
}
}
ohif-nginx-http.conf:
server {
listen 80;
listen [::]:80;
# listen 443 ssl http2;
# listen [::]:443 ssl http2;
# ssl_certificate /sslcerts/cert.pem;
# ssl_certificate_key /sslcerts/privkey.pem;
server_name default_server;
include /etc/nginx/enabled-sites/*.conf;
}
ohif-static.conf:
location / {
alias /usr/share/nginx/html/;
index index.html;
try_files $uri $uri/ /index.html;
# next 3 configs are required to enable SharedArrayBuffer (https://web.dev/coop-coep/)
add_header Cross-Origin-Opener-Policy same-origin;
add_header Cross-Origin-Embedder-Policy require-corp;
add_header Cross-Origin-Resource-Policy same-origin;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /ohif-dist;
}
orthanc.json
// Whether or not SSL is enabled
"SslEnabled" : true,
// Path to the SSL certificate used by the HTTP server. The file
// must be stored in the PEM format, and must contain both the
// certificate and the private key. This option is only meaningful
// if "SslEnabled" is true.
"SslCertificate" : "/sslcerts/combined.pem",
explorer2.json, there is a difference for OHIF2 vs. OHIF3 with the URL’s to open a study directly. I actually ended up changing showStudyList: true in the app-config.js for OHIF to discover that:
"EnableOpenInOhifViewer": false,
"EnableOpenInOhifViewer3": true,
"OhifViewer3PublicRoot" : "https://www.medinformatics.eu/ohif/",
"OhifViewerPublicRoot": "https://www.medinformatics.eu/ohif/",