{"id":22819617,"url":"https://github.com/netreconlab/parse-hipaa","last_synced_at":"2026-03-04T16:05:50.577Z","repository":{"id":41837837,"uuid":"247606001","full_name":"netreconlab/parse-hipaa","owner":"netreconlab","description":"HIPAA \u0026 GDPR compliant ready parse-server with postgres/mongo, parse-hipaa-dashboard. Compatible with ParseCareKit","archived":false,"fork":false,"pushed_at":"2025-03-21T13:17:57.000Z","size":14469,"stargazers_count":103,"open_issues_count":0,"forks_count":44,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-03-29T05:07:50.752Z","etag":null,"topics":["baas","backend-as-a-service","carekit","cloud","docker","gdpr","graphql","hacktoberfest","healthcare","hipaa","mbaas","mongodb","parse-dashboard","parse-server","postgis","postgres","singularity"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/netreconlab.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["cbaker6","netreconlab"],"patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":"https://www.buymeacoffee.com/cbaker6"}},"created_at":"2020-03-16T03:54:35.000Z","updated_at":"2025-03-21T13:16:51.000Z","dependencies_parsed_at":"2024-03-29T18:24:24.246Z","dependency_job_id":"5d5e6bca-655c-469e-a119-c253485d794c","html_url":"https://github.com/netreconlab/parse-hipaa","commit_stats":{"total_commits":364,"total_committers":5,"mean_commits":72.8,"dds":0.04395604395604391,"last_synced_commit":"a4e6263cd588a2a70675c246222f809f287e68b9"},"previous_names":[],"tags_count":57,"template":true,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netreconlab%2Fparse-hipaa","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netreconlab%2Fparse-hipaa/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netreconlab%2Fparse-hipaa/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netreconlab%2Fparse-hipaa/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/netreconlab","download_url":"https://codeload.github.com/netreconlab/parse-hipaa/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247294538,"owners_count":20915340,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["baas","backend-as-a-service","carekit","cloud","docker","gdpr","graphql","hacktoberfest","healthcare","hipaa","mbaas","mongodb","parse-dashboard","parse-server","postgis","postgres","singularity"],"created_at":"2024-12-12T15:13:17.432Z","updated_at":"2026-03-04T16:05:50.567Z","avatar_url":"https://github.com/netreconlab.png","language":"JavaScript","funding_links":["https://github.com/sponsors/cbaker6","https://github.com/sponsors/netreconlab","https://www.buymeacoffee.com/cbaker6"],"categories":[],"sub_categories":[],"readme":"# parse-hipaa \n\n[![](https://dockeri.co/image/netreconlab/parse-hipaa)](https://hub.docker.com/r/netreconlab/parse-hipaa)\n[![build](https://github.com/netreconlab/parse-hipaa/actions/workflows/build.yml/badge.svg)](https://github.com/netreconlab/parse-hipaa/actions/workflows/build.yml)\n[![build](https://github.com/netreconlab/parse-hipaa/actions/workflows/build-dashboard.yml/badge.svg)](https://github.com/netreconlab/parse-hipaa/actions/workflows/build-dashboard.yml)\n[![release](https://github.com/netreconlab/parse-hipaa/actions/workflows/release.yml/badge.svg)](https://github.com/netreconlab/parse-hipaa/actions/workflows/release.yml)\n[![release](https://github.com/netreconlab/parse-hipaa/actions/workflows/release-dashboard.yml/badge.svg)](https://github.com/netreconlab/parse-hipaa/actions/workflows/release-dashboard.yml)\n\n---\n\n![dashboard](https://user-images.githubusercontent.com/8621344/102236202-38f32080-3ec1-11eb-88d7-24e38e95f68d.png)\n\nRun your own HIPAA \u0026 GDPR compliant [parse-server](https://github.com/parse-community/parse-server) with [PostgreSQL](https://www.postgresql.org) or [MongoDB](https://github.com/netreconlab/parse-hipaa/blob/main/docker-compose.mongo.yml). parse-hipaa also includes [parse-dashboard](https://github.com/parse-community/parse-dashboard) for viewing/modifying your data in the Cloud. Since [parse-hipaa](https://github.com/netreconlab/parse-hipaa) is a pare-server, it can be used for [iOS](https://docs.parseplatform.org/ios/guide/), [Android](https://docs.parseplatform.org/android/guide/), [Flutter](https://github.com/parse-community/Parse-SDK-Flutter/tree/master/packages/flutter#getting-started), and web based apps ([JS, React Native, etc](https://docs.parseplatform.org/js/guide/)). API's such as [GraphQL](https://docs.parseplatform.org/graphql/guide/) and [REST](https://docs.parseplatform.org/rest/guide/) are enabled by default in parse-hipaa and can be tested directly or via the \"API Console\" in the Parse Dashboard. See the [Parse SDK documentation](https://parseplatform.org/#sdks) for details and examples of how to leverage parse-hipaa for your language(s) of interest. parse-hipaa includes the necessary database auditing and logging for HIPAA compliance. \n\n`parse-hipaa` provides the following:\n- [x] Auditing \u0026 logging at server-admin level (Parse) and at the database level (postgres or mongo)\n- [x] The User class (and the ParseCareKit classes if you are using them) are locked down and doesn't allow unauthenticated access (the standard parse-server allows unauthenticated read access by default)\n- [x] The creation of new Parse Classes and the addition of adding fields from the client-side are disabled. These can be created/added on the server-side using Parse Dashboard (the standard parse-server allows Class and field creation on the client-side by default)\n- [x] Ready for encryption in transit - parse-hipaa and it's companion images are setup to run behind a proxy with files \u0026 directions on how to [complete the process](https://github.com/netreconlab/parse-hipaa#deploying-on-a-real-system) with Nginx and LetsEncrypt \n- [x] File uploads are only allowed by authenticated users (the standard parse-server allows unauthenticated uploads by default)\n- [x] File uploads are encrypted with AES-256-GCM by default (the standard parse-server doesn't encrypt files by default)\n- [x] ~~File uploads can be scanned for viruses and malware by [clamav](https://docs.clamav.net/manual/Installing/Docker.html) before they are saved to parse-hipaa local storage. If any virus or malware is detected the files won't be persisted to the file system~~ (this has been turned off by default. Examples of how to handle can be found in [files.js](https://github.com/netreconlab/parse-hipaa/blob/main/parse/cloud/files.js) and enabled in [main.js](https://github.com/netreconlab/parse-hipaa/blob/37f79bdb99781b634780b3af6a7e33e6beae44a0/parse/cloud/main.js#L8))\n\nYou will still need to setup the following on your own to be fully HIPAA \u0026 GDPR compliant:\n\n- [ ] Encryption in transit - you will need to [complete the process](https://github.com/netreconlab/parse-hipaa#deploying-on-a-real-system)\n- [ ] Encryption at rest - Mount to your own encrypted storage drive for your database (Linux and macOS have API's for this) and store the drive in a \"safe\" location\n- [ ] Be sure to do anything else HIPAA \u0026 GDPR requires\n- [ ] If you are hosting using a remote service like Heroku, you may need to pay for additional services such as [Shield Spaces](https://devcenter.heroku.com/articles/heroku-postgres-and-private-spaces)\n\nThe [CareKitSample-ParseCareKit](https://github.com/netreconlab/CareKitSample-ParseCareKit), uses parse-hipaa along with [ParseCareKit](https://github.com/netreconlab/ParseCareKit). \n\n**Use at your own risk. There is not promise that this is HIPAA compliant and we are not responsible for any mishandling of your data**\n\n## What is inside parse-hipaa?\n\nParse-HIPAA is derived from the [parse-server image](https://hub.docker.com/r/parseplatform/parse-server) and contains the following additional packages:\n- [parse-hipaa-dashboard](https://github.com/netreconlab/parse-hipaa-dashboard)\n- [parse-server-carekit](https://github.com/netreconlab/parse-server-carekit)\n- [clamscan](https://www.npmjs.com/package/clamscan)\n- [newrelic](https://www.npmjs.com/package/newrelic) - automatically configured with Heroku deployments, needs additional configuration if you want to use elsewhere\n- [parse-server-any-analytics-adapter](https://github.com/netreconlab/parse-server-any-analytics-adapter) - needs additional configuration if you want to use\n- [@analytics/google-analytics](https://www.npmjs.com/package/@analytics/google-analytics) - needs additional configuration if you want to use\n- [@analytics/google-analytics-v3](https://www.npmjs.com/package/@analytics/google-analytics-v3) - needs additional configuration if you want to use\n- [@parse/s3-files-adapter](https://www.npmjs.com/package/@parse/s3-files-adapter) - needs additional configuration if you want to use\n- [parse-server-api-mail-adapter](https://www.npmjs.com/package/parse-server-api-mail-adapter) - needs additional configuration if you want to use\n- [mailgun.js](https://www.npmjs.com/package/mailgun.js) - needs additional configuration if you want to use\n\n## Images\nImages of parse-hipaa are automatically built for your convenience. Images can be found at the following locations:\n- [Docker - Hosted on Docker Hub](https://hub.docker.com/r/netreconlab/parse-hipaa)\n- [Singularity - Hosted on GitHub Container Registry](https://github.com/netreconlab/parse-hipaa/pkgs/container/parse-hipaa)\n\n### Flavors and Tags\n\n#### Production\n- `latest` - Points to the newest released version. **This is smallest possible image of `parse-hipaa` and it does not contain [parse-hipaa-dashboard](https://github.com/netreconlab/parse-hipaa-dashboard)**\n- `x.x.x` - Points to a specific released version. These version numbers match their respective [parse-server](https://github.com/parse-community/parse-server#flavors--branches) released versions. **This is smallest possible image of `parse-hipaa` and it does not contain [parse-hipaa-dashboard](https://github.com/netreconlab/parse-hipaa-dashboard)**\n- `x.x.x-dashboard` - Points to a specific released version. These version numbers match their respective [parse-server](https://github.com/parse-community/parse-server#flavors--branches) released versions. This version of `parse-hipaa` is **built with [parse-hipaa-dashboard](https://github.com/netreconlab/parse-hipaa-dashboard) and is a larger image**\n\n\n#### Development\n- `main` - Points to the most up-to-date code and depends on the latest release of parse-server. This version of `parse-hipaa` is **built with [parse-hipaa-dashboard](https://github.com/netreconlab/parse-hipaa-dashboard)**. This tag can contain breaking changes\n- `x.x.x-alpha/beta` - Points to most up-to-date code and depends on the respective [alha/beta releases of parse-server](https://github.com/parse-community/parse-server#flavors--branches). This version of parse-hipaa is **built with [parse-hipaa-dashboard](https://github.com/netreconlab/parse-hipaa-dashboard)**. This tag can contain breaking changes\n\n### Recommendations\nAny/all of the tagged servers can be used in combination with each other to build a [High Availability](https://en.wikipedia.org/wiki/High-availability_cluster)(HA) server-side application. For example, your HA cluster may consist of: (1) [nginx](https://www.nginx.com/resources/glossary/nginx/) reverse proxy/load balancer, (1) `x.x.x-dashboard` `parse-hipaa` server, (2) `x.x.x` `parse-hipaa` servers,  and (1) [Percona Monitor and Management](https://www.percona.com/software/database-tools/percona-monitoring-and-management) server.\n\n#### Standard (without parse-hipaa-dashboard)\n- `latest` or `x.x.x` - Use one or more of these images if you plan to have multiple `parse-hipaa` servers working together to create [HA](https://en.wikipedia.org/wiki/High-availability_cluster) or just need a stand-alone server. Note that if all of your `parse-hipaa` servers are `x.x.x`, you may want to add a stand-alone [parse-hipaa-dashboard](https://github.com/netreconlab/parse-hipaa-dashboard) or [parse-server-dashoard](https://github.com/parse-community/parse-dashboard)\n    - See [docker-compose.yml](https://github.com/netreconlab/parse-hipaa/blob/main/docker-compose.yml) for an example\n- `-dashboard` - Use one of these images only if you plan to have one stand-alone `parse-hipaa` server or you want one of your servers to also provide [parse-hipaa-dashboard](https://github.com/netreconlab/parse-hipaa-dashboard) ability\n    - See [docker-compose-dashboard.yml](https://github.com/netreconlab/parse-hipaa/blob/main/docker-compose-dashboard.yml) for an example\n- `main` or `x.x.x-alpha/beta` - Use only as a development server for testing/debugging the latest features. It is recommended not to use these tags for deployed systems\n\n## Deployment\n`parse-hipaa` can be easily deployed or tested remote or locally.\n\n### Remote\n\n#### Heroku\n[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://www.heroku.com/deploy?template=https://github.com/netreconlab/parse-hipaa)\n\nYou can use the one-button-click deployment to quickly deploy to Heroko. **Note that this is non-HIPAA compliant when using Heroku's free services**, so you need to view [Heroku's compliance certifications](https://www.heroku.com/compliance), and upgrade your plans to [Shield Spaces](https://devcenter.heroku.com/articles/heroku-postgres-and-private-spaces). You can [view this document for detailed instructions](https://docs.google.com/document/d/1QDZ65k0DQaq33NdrYuOcC1T8RuCg1irM/edit?usp=sharing\u0026ouid=116811443756382677101\u0026rtpof=true\u0026sd=true). **If you need a Parse Server Heroku deployment for non-ParseCareKit based apps, use the Heroku button on the [snapcat](https://github.com/netreconlab/parse-hipaa/blob/snapcat/README.md#heroku) branch instead of this one.** Once you click the Heroku button do the following:\n\n1. Select your **App name**\n2. Under the **Config vars** section, fill in the following environment variables:\n    - Set the value for `NEW_RELIC_APP_NAME` to the **App name** in step 1 \n    - Add a value for `PARSE_DASHBOARD_USER_ID` so you can log into your Parse Dashboard \n    - Add the hash of your password as the value for `PARSE_DASHBOARD_USER_PASSWORD` so you can log into your Parse Dashboard. You can get the hash of your desired password from [bcrypt-generator.com](https://bcrypt-generator.com) \n    - You can leave all other **Config vars** as they are or modify them as needed\n3. If you don't plan on using `parse-hipaa` with `ParseCareKit` you should set `PARSE_SERVER_USING_PARSECAREKIT=false` under **Config vars**. This will ensure that ParseCareKit classes/tables are not created on the parse-hipaa server\n4. Scroll to the bottom of the page and press **Deploy app**\n5. When finished you can access your respective server and dashboard by visiting **https://YOUR_APP_NAME.herokuapp.com/parse** or **https://YOUR_APP_NAME.herokuapp.com/dashboard**. The mount points are based on `PARSE_SERVER_MOUNT_PATH` and `PARSE_DASHBOARD_MOUNT_PATH`\n6. Be sure to go to `Settings-\u003eReveal Config Vars` to get your `PARSE_SERVER_APPLICATION_ID`. Add the `PARSE_SERVER_APPLICATION_ID` and **https://YOUR_APP_NAME.herokuapp.com/parse** as `applicationId` and `serverURL` respectively to your client app to connect your parse-hipaa server\n\n#### Using your own files for Heroku deployment\n1. Fork the parse-hipaa repo\n2. Edit `heroku.yml` in your repo by changing `parse/Dockerfile.heroku` to `parse/Dockerfile`. This will build from your respective repo instead of using the pre-built docker image\n3. You can now edit `parse/index.js` and `parse/cloud` as you wish\n4. You can then follow the directions on heroku's site for [deployment](https://devcenter.heroku.com/articles/git) and [integration](https://devcenter.heroku.com/articles/github-integration)\n\n#### AWS Elastic Beanstalk\n\n**⚠️ IMPORTANT NOTE:** The CloudFormation one-click deployment below requires you to generate and provide security keys during setup. See the parameter descriptions in the deployment wizard. For production/HIPAA compliance, you MUST configure HTTPS/SSL after deployment.\n\n**One-Click CloudFormation Deployment:**\n\n**⚠️ IMPORTANT:** This one-click deployment is for testing/development only. For production use, follow the manual deployment method below for better security and control.\n\nGenerate your security keys first (save these securely):\n```bash\n# Generate all 7 required keys at once\necho \"ParseServerApplicationId: $(openssl rand -hex 32)\"\necho \"ParseServerPrimaryKey: $(openssl rand -hex 32)\"\necho \"ParseServerReadOnlyPrimaryKey: $(openssl rand -hex 32)\"\necho \"ParseServerMaintenanceKey: $(openssl rand -hex 32)\"\necho \"ParseServerWebhookKey: $(openssl rand -hex 32)\"\necho \"ParseServerEncryptionKey: $(openssl rand -hex 32)\"\necho \"ParseDashboardCookieSessionSecret: $(openssl rand -hex 32)\"\n```\n\nThen click the button to deploy:\n\n[![Launch Stack](https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png)](https://console.aws.amazon.com/cloudformation/home#/stacks/create/review?stackName=parse-hipaa\u0026templateURL=https://raw.githubusercontent.com/netreconlab/parse-hipaa/main/cloudformation-template.json)\n\n**Note:** The CloudFormation template URL points to the main branch. For production deployments, download the template locally and upload it to your own S3 bucket to ensure version stability.\n\n**One-Click Deployment Instructions:**\n\nOnce you click the \"Launch Stack\" button above:\n1. Review the CloudFormation template parameters\n2. Paste the 7 security keys you generated above into the corresponding parameters:\n   - ParseServerApplicationId\n   - ParseServerPrimaryKey  \n   - ParseServerReadOnlyPrimaryKey\n   - ParseServerMaintenanceKey\n   - ParseServerWebhookKey\n   - ParseServerEncryptionKey\n   - ParseDashboardCookieSessionSecret\n3. Set your **DatabasePassword** (minimum 8 characters, use letters, numbers, and special characters)\n4. Set your **DashboardPassword** for Parse Dashboard access (⚠️ stored as **plain text** - not bcrypt hashed)\n5. Optionally customize the **ApplicationName**, **EnvironmentName**, and instance types\n6. For production, set **EnableMultiAZ** to \"true\" for high availability\n7. Click **Create Stack** to deploy\n8. Wait for the stack creation to complete (typically 15-20 minutes)\n9. Find your application URL in the **Outputs** tab of the CloudFormation stack\n10. Access Parse Server at `http://YOUR_URL/parse` and Parse Dashboard at `http://YOUR_URL/dashboard`\n\n**⚠️ REQUIRED POST-DEPLOYMENT STEPS:**\n\nAfter the CloudFormation stack completes, you MUST configure the database connection and server URL:\n\n```bash\n# Install EB CLI if not already installed\npip install awsebcli\n\n# Clone the repository if you haven't already\ngit clone https://github.com/netreconlab/parse-hipaa.git\ncd parse-hipaa\n\n# Initialize EB CLI for the application created by CloudFormation\n# Replace YOUR_REGION with the region where you deployed the CloudFormation stack\neb init -p docker parse-hipaa --region YOUR_REGION\n\n# Select the environment created by CloudFormation (default: parse-hipaa-env)\n# This will be prompted interactively, or you can use:\neb use parse-hipaa-env\n\n# Get the RDS endpoint and application URL\neb printenv | grep RDS_\neb status\n\n# Set the database URI (replace YOUR_DB_PASSWORD with the password from CloudFormation step 3)\n# Replace RDS_HOSTNAME with the value from the printenv output above\neb setenv PARSE_SERVER_DATABASE_URI=\"postgres://parseuser:YOUR_DB_PASSWORD@RDS_HOSTNAME:5432/ebdb\"\n\n# Set the Parse Server URL (replace YOUR_CNAME with the CNAME from 'eb status' output)\neb setenv PARSE_SERVER_URL=\"http://YOUR_CNAME/parse\"\n```\n\n**Optional: Secure the dashboard password post-deployment**\n```bash\n# Generate a bcrypt hash of your password\nHASHED_PASSWORD=$(htpasswd -bnBC 10 \"\" \"your-password\" | tr -d ':\\n')\n\n# Update the environment to use the hashed password\neb setenv PARSE_DASHBOARD_USER_PASSWORDS=\"$HASHED_PASSWORD\" PARSE_DASHBOARD_USER_PASSWORD_ENCRYPTED=true\n```\n\n**⚠️ CRITICAL SECURITY NOTES:**\n- The deployment uses HTTP by default. You MUST configure HTTPS/SSL before exposing to the internet\n- The CloudFormation stack creates a **SingleInstance** Elastic Beanstalk environment (no load balancer by default)\n- **For HTTPS with Load Balancer:**\n  1. Convert the environment type to *LoadBalanced* in Elastic Beanstalk Configuration\n  2. Configure an **Application Load Balancer** with an SSL certificate from AWS Certificate Manager\n  3. Add HTTPS listener on port 443\n  4. Update security groups to allow HTTPS traffic\n  5. Set `PARSE_DASHBOARD_ALLOW_INSECURE_HTTP=0` after SSL is configured\n- **For HTTPS without Load Balancer (single instance):**\n  1. Follow the [Nginx + Let's Encrypt instructions](https://github.com/netreconlab/parse-hipaa#deploying-on-a-real-system) from the main documentation\n  2. Configure Nginx to terminate SSL in front of the parse-hipaa container\n- The dashboard password is stored as plain text (not bcrypt hashed) when using CloudFormation\n- Sensitive credentials are stored as plain text environment variables - for HIPAA compliance, migrate to AWS Secrets Manager\n- For HIPAA compliance: enable Multi-AZ RDS, configure SSL, review AWS HIPAA requirements, and sign a BAA with AWS\n\n**Manual Deployment (Recommended for Production):**\n\nThe manual deployment provides better security by allowing you to hash passwords and configure settings step-by-step.\n\n**Prerequisites:**\n- AWS Account with appropriate permissions\n- [AWS CLI](https://aws.amazon.com/cli/) installed and configured\n- [EB CLI](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/eb-cli3-install.html) installed\n- `apache2-utils` (Debian/Ubuntu) or `httpd-tools` (RHEL/CentOS) for `htpasswd` command\n\n**Deployment Steps:**\n\n1. **Clone the repository:**\n   ```bash\n   git clone https://github.com/netreconlab/parse-hipaa.git\n   cd parse-hipaa\n   ```\n\n2. **Initialize Elastic Beanstalk:**\n   ```bash\n   eb init -p docker parse-hipaa --region us-east-2\n   ```\n   Select your desired region during initialization.\n\n3. **Create environment and deploy:**\n   ```bash\n   eb create parse-hipaa-env --database.engine postgres --database.username parseuser\n   ```\n   \n   You'll be prompted to enter a database password interactively (recommended for security).\n   \n   **Note:** This step will take several minutes as AWS provisions the RDS database.\n\n4. **Set dashboard credentials:**\n   ```bash\n   # Read password securely (won't be displayed or stored in history)\n   read -s -p \"Enter dashboard password: \" DASHBOARD_PASSWORD\n   echo\n   \n   # Generate hashed password\n   HASHED_PASSWORD=$(htpasswd -bnBC 10 \"\" \"$DASHBOARD_PASSWORD\" | tr -d ':\\n')\n   \n   # Set the dashboard credentials\n   eb setenv PARSE_DASHBOARD_USERNAMES=admin PARSE_DASHBOARD_USER_PASSWORDS=\"$HASHED_PASSWORD\" PARSE_DASHBOARD_USER_PASSWORD_ENCRYPTED=true\n   \n   # Clear the variables from current session\n   unset DASHBOARD_PASSWORD HASHED_PASSWORD\n   ```\n   \n   **Security Note:** For production environments, consider using AWS Secrets Manager. After deployment, clear your shell history: `history -c \u0026\u0026 history -w`\n\n5. **Configure database connection:**\n   After the environment is created, get the RDS endpoint and construct the database URI:\n   ```bash\n   # Get RDS connection information\n   eb printenv | grep RDS_\n   \n   # Securely read the database password (won't be displayed or stored in history)\n   read -s -p \"Enter database password: \" DB_PASSWORD\n   echo\n   \n   # Get the RDS hostname from environment\n   RDS_HOST=$(eb printenv | grep RDS_HOSTNAME | cut -d'=' -f2 | tr -d ' ')\n   \n   # Set the database URI\n   eb setenv PARSE_SERVER_DATABASE_URI=\"postgres://parseuser:${DB_PASSWORD}@${RDS_HOST}:5432/ebdb\"\n   \n   # Clear variables\n   unset DB_PASSWORD RDS_HOST\n   ```\n   \n   **For production environments using AWS Secrets Manager:**\n   ```bash\n   # Store database password in Secrets Manager\n   aws secretsmanager create-secret \\\n     --name parse-hipaa-db-password \\\n     --secret-string \"YOUR_DB_PASSWORD\"\n   \n   # Modify your application to retrieve the secret at runtime\n   # See AWS Secrets Manager documentation for integration\n   ```\n\n6. **Set required environment variables:**\n   ```bash\n   # Generate security keys and save them securely\n   # IMPORTANT: Save these values in a secure password manager or secrets store\n   # You will need PARSE_SERVER_APPLICATION_ID for client applications\n   PARSE_SERVER_APPLICATION_ID=$(openssl rand -hex 32)\n   PARSE_SERVER_PRIMARY_KEY=$(openssl rand -hex 32)\n   PARSE_SERVER_READ_ONLY_PRIMARY_KEY=$(openssl rand -hex 32)\n   PARSE_SERVER_MAINTENANCE_KEY=$(openssl rand -hex 32)\n   PARSE_SERVER_WEBHOOK_KEY=$(openssl rand -hex 32)\n   PARSE_SERVER_ENCRYPTION_KEY=$(openssl rand -hex 32)\n   PARSE_DASHBOARD_COOKIE_SESSION_SECRET=$(openssl rand -hex 32)\n   \n   # Display keys for you to save (COPY THESE NOW!)\n   echo \"=================================================================\"\n   echo \"⚠️  SAVE THESE VALUES IN A SECURE LOCATION BEFORE CONTINUING ⚠️\"\n   echo \"=================================================================\"\n   echo \"PARSE_SERVER_APPLICATION_ID: $PARSE_SERVER_APPLICATION_ID\"\n   echo \"PARSE_SERVER_PRIMARY_KEY: $PARSE_SERVER_PRIMARY_KEY\"\n   echo \"PARSE_SERVER_READ_ONLY_PRIMARY_KEY: $PARSE_SERVER_READ_ONLY_PRIMARY_KEY\"\n   echo \"PARSE_SERVER_MAINTENANCE_KEY: $PARSE_SERVER_MAINTENANCE_KEY\"\n   echo \"PARSE_SERVER_WEBHOOK_KEY: $PARSE_SERVER_WEBHOOK_KEY\"\n   echo \"PARSE_SERVER_ENCRYPTION_KEY: $PARSE_SERVER_ENCRYPTION_KEY\"\n   echo \"PARSE_DASHBOARD_COOKIE_SESSION_SECRET: $PARSE_DASHBOARD_COOKIE_SESSION_SECRET\"\n   echo \"=================================================================\"\n   echo \"Press Enter after saving these values to continue...\"\n   read\n   \n   # Set the environment variables\n   eb setenv \\\n     PARSE_SERVER_APPLICATION_ID=\"$PARSE_SERVER_APPLICATION_ID\" \\\n     PARSE_SERVER_PRIMARY_KEY=\"$PARSE_SERVER_PRIMARY_KEY\" \\\n     PARSE_SERVER_READ_ONLY_PRIMARY_KEY=\"$PARSE_SERVER_READ_ONLY_PRIMARY_KEY\" \\\n     PARSE_SERVER_MAINTENANCE_KEY=\"$PARSE_SERVER_MAINTENANCE_KEY\" \\\n     PARSE_SERVER_WEBHOOK_KEY=\"$PARSE_SERVER_WEBHOOK_KEY\" \\\n     PARSE_SERVER_ENCRYPTION_KEY=\"$PARSE_SERVER_ENCRYPTION_KEY\" \\\n     PARSE_DASHBOARD_COOKIE_SESSION_SECRET=\"$PARSE_DASHBOARD_COOKIE_SESSION_SECRET\"\n   ```\n\n7. **Configure S3 file storage (optional but recommended for production):**\n   \n   **RECOMMENDED: Use IAM Instance Profile (no credentials needed):**\n   ```bash\n   # Set only the bucket name - no AWS keys needed\n   eb setenv PARSE_SERVER_S3_BUCKET=your-bucket-name\n   ```\n   \n   Then attach an IAM instance profile with S3 permissions to your Elastic Beanstalk environment:\n   - Go to the Elastic Beanstalk console\n   - Select your environment → Configuration → Security\n   - Attach an IAM instance profile with permissions to access your S3 bucket\n   - The application will automatically use the instance profile credentials\n   \n   **NOT RECOMMENDED: Using AWS Access Keys (insecure for HIPAA):**\n   ```bash\n   # Only use this for testing - NOT for production/HIPAA environments\n   eb setenv \\\n     PARSE_SERVER_S3_BUCKET=your-bucket-name \\\n     AWS_ACCESS_KEY_ID=your-access-key \\\n     AWS_SECRET_ACCESS_KEY=your-secret-key\n   ```\n\n8. **Get your application URL:**\n   ```bash\n   eb status\n   ```\n   Look for the `CNAME` field - this is your application URL.\n\n9. **Set the Parse Server URL:**\n   ```bash\n   # For testing/development (HTTP):\n   eb setenv PARSE_SERVER_URL=http://YOUR_CNAME/parse\n   \n   # For production (HTTPS - configure SSL first):\n   eb setenv PARSE_SERVER_URL=https://YOUR_CNAME/parse\n   ```\n   Replace `YOUR_CNAME` with the URL from step 8.\n\n10. **Access your Parse Server:**\n   \n   **For testing/development (HTTP):**\n   - Parse Server API: `http://YOUR_CNAME/parse`\n   - Parse Dashboard: `http://YOUR_CNAME/dashboard`\n   \n   **⚠️ For production (configure HTTPS first):**\n   - Parse Server API: `https://YOUR_CNAME/parse`\n   - Parse Dashboard: `https://YOUR_CNAME/dashboard`\n   \n   **To configure HTTPS/SSL:**\n   1. Request or upload an SSL certificate in AWS Certificate Manager\n   2. Configure a load balancer for your Elastic Beanstalk environment\n   3. Add HTTPS listener on port 443 with your SSL certificate\n   4. Update security groups to allow HTTPS traffic\n   5. Set PARSE_DASHBOARD_ALLOW_INSECURE_HTTP=0 after SSL is configured\n\n**Important Security Notes:**\n\n- **⚠️ CRITICAL:** The default configuration uses HTTP which is NOT secure. You MUST configure HTTPS/SSL before production use or exposing to the internet.\n- The default configuration creates a single-instance environment. For production/HIPAA compliance, you should:\n  - **Configure HTTPS/SSL certificates (REQUIRED for HIPAA)**\n  - Configure a load balancer with SSL termination\n  - Enable Multi-AZ RDS deployment for high availability\n  - Review and comply with [AWS HIPAA compliance requirements](https://aws.amazon.com/compliance/hipaa-compliance/)\n  - Sign a Business Associate Agreement (BAA) with AWS\n  - Enable encryption at rest for RDS\n  - Enable VPC and security groups to restrict access\n  - Use IAM instance profiles instead of AWS access keys for S3\n  - Use AWS Secrets Manager for storing sensitive credentials instead of environment variables\n  - Restrict PARSE_SERVER_MAINTENANCE_KEY_IPS and PARSE_SERVER_PRIMARY_KEY_IPS to trusted networks only\n  - Clear shell history after setting environment variables: `history -c \u0026\u0026 history -w`\n  - Regularly rotate encryption keys and passwords\n\n**Updating your deployment:**\n```bash\ngit pull origin main\neb deploy\n```\n\n**Monitoring and Logs:**\n- View logs: `eb logs`\n- View real-time logs: `eb logs --stream`\n- CloudWatch logs are enabled by default\n\n**Additional Configuration:**\n\nThe deployment includes configurations in `.ebextensions/` directory:\n- `01_environment.config` - Application environment variables\n- `02_database.config` - RDS PostgreSQL configuration\n- `03_logs.config` - CloudWatch logging configuration\n- `04_container.config` - Docker container settings\n\nYou can modify these files to customize your deployment.\n\n### Local: Using Docker Image with Postgres or Mongo\nBy default, the `docker-compose.yml` uses [hipaa-postgres](https://github.com/netreconlab/hipaa-postgres/). The `docker-compose.mongo.yml` uses [hipaa-mongo](https://github.com/netreconlab/hipaa-mongo/). \n\n#### Postgres\nTo use the Postgres HIPAA compliant variant of parse-hipaa, simply type:\n\n```docker-compose up```\n\n#### Mongo\nTo use the Mongo HIPAA compliant variant of parse-hipaa, simply type:\n\n```docker-compose -f docker-compose.mongo.yml up```\n\n#### Postgres (Non-HIPAA Compliant)\nIf you would like to use a non-HIPAA compliant postgres version:\n\n```docker-compose -f docker-compose.no.hipaa.yml up```\n\n#### Mongo (Non-HIPAA Compliant)\nA non-HIPAA compliant mongo version isn't provided as this is the default [parse-server](https://github.com/parse-community/parse-server#inside-a-docker-container) deployment and many examples of how to set this up already exist.\n\n#### Getting started\nparse-hipaa is made up of four (4) seperate docker images (you use 3 of them at a time) that work together as one system. It's important to set the environment variables for your parse-hipaa server. \n\n##### Environment Variables\n\nFor a complete list of enviroment variables, look at [app.json](https://github.com/netreconlab/parse-hipaa/blob/main/app.json).\n\n###### netreconlab/parse-hipaa\n```bash\nPARSE_SERVER_APPLICATION_ID # Unique string value\nPARSE_SERVER_PRIMARY_KEY # Unique string value\nPARSE_SERVER_READ_ONLY_PRIMARY_KEY # Unique string value\nPARSE_SERVER_ENCRYPTION_KEY # Unique string used for encrypting files stored by parse-hipaa\nPARSE_SERVER_OBJECT_ID_SIZE # Integer value, parse defaults to 10, 32 is probably better for medical apps and large tables\nPARSE_SERVER_DATABASE_URI # URI to connect to parse-hipaa. postgres://${PG_PARSE_USER}:${PG_PARSE_PASSWORD}@db:5432/${PG_PARSE_DB} or mongodb://${MONGO_PARSE_USER}:${MONGO_PARSE_PASSWORD}@db:27017/${MONGO_PARSE_DB}\nPORT # Port for parse-hipaa, default is 1337\nPARSE_SERVER_MOUNT_PATH: # Mounting path for parse-hipaa, default is /parse\nPARSE_SERVER_URL # Server URL, default is http://parse:${PORT}/parse\nPARSE_SERVER_PUBLIC_URL # Public Server URL, default is http://localhost:${PORT}/parse\nPARSE_SERVER_CLOUD # Path to cloud code, default is /parse/cloud/main.js\nPARSE_SERVER_MOUNT_GRAPHQL # Enable graphql, default is 'true'\nPARSE_SET_USER_CLP # Set the Class Level Permissios of the _User schema so only authenticated users can access, default 1\nPARSE_SERVER_ALLOW_CLIENT_CLASS_CREATION # String value of 'false' or 'true'. Prohibits class creation on the client side. Classes can still be created using Parse Dashboard by `useMasterKey`, default 'false'\nPARSE_SERVER_ALLOW_CUSTOM_OBJECTID # Required to be true for ParseCareKit\nPARSE_SERVER_ENABLE_SCHEMA_HOOKS # Keeps the schema in sync across all instances\nPARSE_SERVER_DIRECT_ACCESS # Known to cause crashes when true on single instance of server and not behind public server\nPARSE_SERVER_ENABLE_PRIVATE_USERS # Set to 'true' if new users should be created without public read and write access\nPARSE_SERVER_USING_PARSECAREKIT # If you are not using ParseCareKit, set this to 'false', or else enable with 'true'. The default value is 'true'\nPARSE_VERBOSE # Enable verbose output on the server\nPOSTGRES_PASSWORD: # Needed for wait-for-postgres.sh. Should be the same as POSTGRES_PASSWORD in netreconlab/hipaa-postgres\n```\n\n###### netreconlab/hipaa-postgres\n```bash\nPOSTGRES_PASSWORD # Password for postgress db cluster\nPG_PARSE_USER # Username for logging into PG_PARSE_DB\nPG_PARSE_PASSWORD # Password for logging into PG_PARSE_DB\nPG_PARSE_DB # Name of parse-hipaa database\n```\n\n###### netreconlab/hipaa-mongo\n```bash\n# Warning, if you want to make changes to the vars below they need to be changed manually in /scripts/mongo-init.js as the env vars are not passed to the script\nMONGO_INITDB_ROOT_USERNAME # Username for mongo db. Username for logging into mongo db for parse-hipaa.\nMONGO_INITDB_ROOT_PASSWORD # Password for mongo db. Password for logging into mongo db for parse-hipaa.\nMONGO_INITDB_DATABASE # Name of mongo db for parse-hipaa\n```\n\n###### netreconlab/parse-hipaa-dashboard\n```bash\nPARSE_DASHBOARD_TRUST_PROXY: # Set this to 1 (or anything) if the dashboard is behind a proxy. Otherwise leave empty\nPARSE_DASHBOARD_ALLOW_INSECURE_HTTP: # Set this to 1 (or anything) if not behind proxy and using the dashboard in docker. Note that either PARSE_DASHBOARD_ALLOW_INSECURE_HTTP or PARSE_DASHBOARD_TRUST_PROXY should be set at the same time, choose one or the other. Otherwise leave empty\nPARSE_DASHBOARD_COOKIE_SESSION_SECRET: # Unique string. This should be constant across all deployments on your system\nPARSE_DASHBOARD_MOUNT_PATH: # The default is \"/dashboard\". This needs to be exactly what you plan it to be behind the proxy, i.e. If you want to access cs.uky.edu/dashboard it should be \"/dashboard\"\n```\n\n###### parseplatform/parse-dashboard\n```bash\nPARSE_DASHBOARD_TRUST_PROXY: # Set this to 1 (or anything) if the dashboard is behind a proxy. Otherwise leave empty\nPARSE_DASHBOARD_ALLOW_INSECURE_HTTP: # Set this to 1 (or anything) if not behind proxy and using the dashboard in docker. Note that either PARSE_DASHBOARD_ALLOW_INSECURE_HTTP or PARSE_DASHBOARD_TRUST_PROXY should be set at the same time, choose one or the other. Otherwise leave empty\nPARSE_DASHBOARD_COOKIE_SESSION_SECRET: # Unique string. This should be constant across all deployments on your system\nMOUNT_PATH: # The default is \"/dashboard\". This needs to be exactly what you plan it to be behind the proxy, i.e. If you want to access cs.uky.edu/dashboard it should be \"/dashboard\"\n```\n\n##### Starting up parse-hipaa\n\n- For the default HIPAA compliant postgres version: ```docker-compose up```\n- or for the HIPAA compliant mongo version: ```docker-compose -f docker-compose.mongo.yml up```\n- or for the non-HIPAA compliant postgres version: ```docker-compose -f docker-compose.no.hipaa.yml up```\n- A non-HIPAA compliant mongo version isn't provided in this repo as that's just a standard parse-server\n\nImporant Note: On the very first run, the \"parse-server\"(which will show up as \"parse_1\" in the console) will sleep and error a few times because it can't connect to postgres (the \"db\") container. This is suppose to happen and is due to postgres needing to configure and initialize, install the necessary extensions, and setup it's databases. Let it keep running and eventually you will see something like:\n\n```bash\ndb_1         | PostgreSQL init process complete; ready for start up.\n```\n\nThe parse-server container will automatically keep attempting to connect to the postgres container and when it's connected you will see: \n\n```bash\nparse_1      | parse-server running on port 1337.\nparse_1      | publicServerURL: http://localhost:1337/parse, serverURL: http://parse:1337/parse\nparse_1      | GraphQL API running on http://localhost:1337/parsegraphql\nparse_1      | info: Parse LiveQuery Server starts running\n```\n\nYou may also see output such as the following in the console or log files: \n\n```bash\ndb_1         | 2020-03-18 21:59:21.550 UTC [105] ERROR:  duplicate key value violates unique constraint \"pg_type_typname_nsp_index\"\ndb_1         | 2020-03-18 21:59:21.550 UTC [105] DETAIL:  Key (typname, typnamespace)=(_SCHEMA, 2200) already exists.\ndb_1         | 2020-03-18 21:59:21.550 UTC [105] STATEMENT:  CREATE TABLE IF NOT EXISTS \"_SCHEMA\" ( \"className\" varChar(120), \"schema\" jsonb, \"isParseClass\" bool, PRIMARY KEY (\"className\") )\ndb_1         | 2020-03-18 21:59:21.550 UTC [106] ERROR:  duplicate key value violates unique constraint \"pg_type_typname_nsp_index\"\n...\n```\n\nThe lines above are console output from parse because they attempt to check and configure the postgres database if necessary. They doesn't hurt or slow down your parse-hipaa server.\n\n### Local: Using Singularity Image with Postgres\nThere are equivalent [Singularity](https://sylabs.io/singularity/) images that can be configured in a similar fashion to Docker. The singularity images are hosted on GitHub Container Registry and can be found [here](https://github.com/netreconlab/parse-hipaa/pkgs/container/parse-hipaa). An example of of how to use this image can be found in [singularity-compose.yml](https://github.com/netreconlab/parse-hipaa/blob/main/singularity-compose.yml).\n\n## Parse Server\nYour parse-server is binded to all of your interfaces on port 1337/parse and be can be accessed as such, e.g. `http://localhost:1337/parse`.\n\nThe standard configuration can be modified to your liking by editing [index.js](https://github.com/netreconlab/parse-hipaa/blob/main/index.js). Here you can add/modify things like push notifications, password resets, [adapters](https://github.com/parse-community/parse-server#available-adapters), etc. This file as an express app and some examples provided from parse can be found [here](https://github.com/parse-community/parse-server#using-expressjs). Note that there is no need to rebuild your image when modifying files in the \"index.js\" file since it is volume mounted, but you will need to restart the parse container for your changes to take effect.\n\n### Configuring\nDefault values for environment variables: `PARSE_SERVER_APPLICATION_ID` and `PARSE_SERVER_PRIMARY_KEY` are provided in [docker-compose.yml](https://github.com/netreconlab/parse-hipaa/blob/main/docker-compose.yml) for quick local deployment. If you plan on using this image to deploy in production, you should definitely change both values. Environment variables, `PARSE_SERVER_DATABASE_URI, PARSE_SERVER_URL, PORT, PARSE_SERVER_PUBLIC_URL, PARSE_SERVER_CLOUD, and PARSE_SERVER_MOUNT_GRAPHQL` should not be changed unles you are confident with configuring parse-server or else you image may not work properly. In particular, changing `PORT` should only be done in [.env](https://github.com/netreconlab/parse-hipaa/blob/main/.env) and will also require you to change the port manually in the [parse-dashboard-config.json](https://github.com/netreconlab/parse-hipaa/blob/main/parse/parse-dashboard-config.json#L4) for both \"serverURL\" and \"graphQLServerURL\" to have the Parse Dashboard work correctly.\n\n#### Running in production for ParseCareKit\nIf you are plan on using parse-hipaa in production. You should run the additional scripts to create the rest of the indexes for optimized queries.\n\n##### Postgres\nIf you are using `hipaa_postgres`, the `setup-parse-index.sh` is already in the container. You just have to run it. \n\n1. Log into your docker container, type: ```docker exec -u postgres -ti parse-hipaa_db_1 bash```\n2. Run the script, type: ```./usr/local/bin/setup-parse-index.h```\n\nIf you are using your own postgres image, you should copy [setup-parse-index.sh](https://github.com/netreconlab/hipaa-postgres/blob/main/scripts/setup-parse-index.sh) to your container and complete the login and run steps above (be sure to switch `parse-hipaa_db_1` to your actual running container name on your system).\n\nMore information about configuring can be found on [hipaa-postgres](https://github.com/netreconlab/hipaa-postgres#configuring).\n\n###### Idempotency\nYou most likely want to enable Idempotency. Read more about how to configure on [Parse Server](https://github.com/parse-community/parse-server#idempotency-enforcement). For Postgres, you can setup a [cron](https://en.wikipedia.org/wiki/Cron) or scheduler to run [parse_idempotency_delete_expired_records.sh](https://github.com/netreconlab/parse-hipaa/blob/main/parse/scripts/parse_idempotency_delete_expired_records.sh) at a desired frequency to remove stale data.\n\n##### Mongo\nInformation about configuring can be found on [hipaa-mongo](https://github.com/netreconlab/hipaa-mongo).\n\n###### Idempotency\nYou most likely want to enable Idempotency. Read more about how to configure on [Parse Server](https://github.com/parse-community/parse-server#idempotency-enforcement). For Postgres, you can setup a [cron](https://en.wikipedia.org/wiki/Cron) or scheduler to run [parse_idempotency_delete_expired_records.sh](https://github.com/netreconlab/parse-hipaa/blob/main/parse/scripts/parse_idempotency_delete_expired_records.sh) at a desired frequency to remove stale data.\n\n#### Cloud Code\nFor verfying and cleaning your data along with other added functionality, you can add [Cloud Code](https://docs.parseplatform.org/cloudcode/guide/) to the [cloud](https://github.com/netreconlab/parse-hipaa/tree/main/parse/cloud) folder. Note that there is no need to rebuild your image when modifying files in the \"cloud\" folder since this is volume mounted, but you may need to restart the parse container for your changes to take effect.\n\n## Viewing Your Data via Parse Dashboard\n\n### Dashboard on Heroku\nFollow the directions in the [parse-hipaa-dashboard](https://github.com/netreconlab/parse-hipaa-dashboard#remote) repo for one-button deployment of dashboard.\n\n### Local (Docker or Singularity)\n\n#### parseplatform/parse-dashboard (docker-compose.yml, docker-compose.no.hipaa.yml, docker-compose.mongo.yml)\nParse-Dashboard is binded to your `localhost` on port `4040` and can be accessed as such, e.g. http://localhost:4040/dashboard. The default login for the parse dashboard is username: \"parse\", password: \"1234\". For production you should change the usernames and passwords in the [postgres-dashboard-config.json](https://github.com/netreconlab/parse-hipaa/blob/main/parse/parse-dashboard-config.json#L13-L21). Note that the password is hashed by using [bcrypt-generator](https://bcrypt-generator.com) or similar. Authentication can also occur through [multi factor authentication](https://github.com/parse-community/parse-dashboard#multi-factor-authentication-one-time-password).\n\n#### netreconlab/parse-hipaa-dashboard (docker-compose.dashboard.yml and docker-compose.mongo.dashboard.yml)\nParse-Hipaa-Dashboard is binded to your `localhost` on port `1337`, mounted to the `/dashboard` endpoint, and can be accessed as such, e.g. http://localhost:1337/dashboard. The default login for the parse dashboard is username: \"parse\", password: \"1234\". For production you should change the usernames and passwords in the [docker-compose.yml](https://github.com/netreconlab/parse-hipaa/blob/37f79bdb99781b634780b3af6a7e33e6beae44a0/docker-compose.yml#L30-L32) along with setting `PARSE_DASHBOARD_USER_PASSWORD_ENCRYPTED: 'true'`. Note that the password should be hashed using a [bcrypt-generator](https://bcrypt-generator.com) or similar. Authentication can also occur through [multi factor authentication](https://github.com/parse-community/parse-dashboard#multi-factor-authentication-one-time-password).\n\n1. Open your browser and and depending on how your dashboard is mounted, go to http://localhost:4040/dashboard or http://localhost:1337/dashboard\n2. Username: `parse` # You can use `parseRead` to login as a read only user\n3. Password: `1234`\n4. Be sure to refresh your browser to see new changes synched from your CareKitSample app\n\n#### Configuring\nIf you plan on using this image to deploy in production, it is recommended to run this behind a proxy and add the environment variable `PARSE_DASHBOARD_TRUST_PROXY=1` to the dashboard container.\n\n## Postgres\nThe image used is [postgis](https://hub.docker.com/r/postgis/postgis) which is an extention built on top of the [official postgres image](https://hub.docker.com/_/postgres). Note that postgres is not binded to your interfaces and is only local to the docker virtual network. This was done on purpose as the parse and parse-desktop is already exposed. \n\nIf you want to persist the data in the database, you can uncomment the volume lines in [docker-compose](https://github.com/netreconlab/parse-hipaa/blob/main/docker-compose.yml#L41)\n\n### Configuring\nDefault values for environment variables: `POSTGRES_PASSWORD, PG_PARSE_USER, PG_PARSE_PASSWORD, PG_PARSE_DB` are provided in [docker-compose.yml](https://github.com/netreconlab/parse-hipaa/blob/main/docker-compose.yml) for quick local deployment. If you plan on using this image to deploy in production, you should definitely change `POSTGRES_PASSWORD, PG_PARSE_USER, PG_PARSE_PASSWORD`. Note that the postgres image provides a default user of \"postgres\" to configure the database cluster, you can change the password for the \"postgres\" user by changing `POSTGRES_PASSWORD`. There are plenty of [postgres environment variables](https://hub.docker.com/_/postgres) that can be modified. Environment variables should not be changed unles you are confident with configuring postgres or else you image may not work properly. Note that changes to the aforementioned paramaters will only take effect if you do them before the first build and run of the image. Afterwards, you will need to make all changes by connecting to the image typing:\n\n```docker exec -u postgres -ti parse-hipaa_db_1 bash```\n\nYou can then make modifications using [psql](http://postgresguide.com/utilities/psql.html). Through psql, you can also add multiple databases and users to support a number of parse apps. Note that you will also need to add the respecting parse-server containers (copy parse container in the .yml and rename to your new app) along with the added app in [postgres-dashboard-config.json](https://github.com/netreconlab/parse-hipaa/blob/main/parse/parse-dashboard-config.json).\n\n## Deploying on a real system\nThe docker yml's here are intended to run behind a proxy that properly has ssl configured to encrypt data in transit. To create a proxy to parse-hipaa, nginx files are provided [here](https://github.com/netreconlab/parse-hipaa/tree/main/nginx/sites-enabled). Simply add the [sites-available](https://github.com/netreconlab/parse-hipaa/tree/main/nginx/sites-enabled) folder to your nginx directory and add the following to \"http\" in your nginx.conf:\n\n```bash\nhttp {\n    include /usr/local/etc/nginx/sites-enabled/*.conf; # Add this line to end. This is for macOS, do whatever is appropriate on your system\n}\n```\n\nSetup your free certificates using [LetsEncrypt](https://letsencrypt.org), follow the directions [here](https://www.nginx.com/blog/using-free-ssltls-certificates-from-lets-encrypt-with-nginx/). Be sure to change the certificate and key lines to point to correct location in [default-ssl.conf](https://github.com/netreconlab/parse-hipaa/blob/main/nginx/sites-enabled/default-ssl.conf).\n\n## Is there a mongo version available?\nThe mongo equivalent is available in this repo. The same steps as above. but use:\n\n```docker-compose -f docker-compose.mongo.yml up```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetreconlab%2Fparse-hipaa","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnetreconlab%2Fparse-hipaa","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetreconlab%2Fparse-hipaa/lists"}