Installation of the SanteDB Disconnected Gateway and related services is designed to be performed in the field, or in a regional/district office prior to machines leaving for the field. Installing the dCG is broken into three steps:
Installation of the Software
Configuring / Joining the Central Domain
Verification of Software Connectivity
In order to install SanteDB's dCG platform you'll need one of the following environments:
2-Core x86 CPU
2-Core x86 CPU
2-Core x86 CPU
RPi 3b+ or better
1 GB Min
These specifications represent the minimum specifications on which SanteDB's dCG will operate. Depending on the size of the clinic in which the software will be serving (number of connected tablets, computers, software applications, etc.) these will change.
For Windows based installations, you can obtain the most recent copy of the SanteDB dCG software at the disconnected gateway releases page: https://github.com/santedb/santedb-dcg/releases .
For other operating systems and environments, you will currently have to manually compile the dCG software from source. This requires the installation and proper setup of the SanteDB SDK as well as compiler tools for Mono. We are working on more installation options.
The installation wizard on the Windows installer simply requires pressing the Next button until the process completes. The installation process on Windows will:
Install the software into C:\Program Files\SanteSuite\SanteDB\DCG
Register the DCG as a Windows Service to be started automatically
Open firewall ports 12100 (HL7v2), 11514 (ATNA), and 9200 (HTTP)
Forward you to the configuration tool
After installation is completed, you can configure the service:
SanteDB's dCG software is designed to run remotely on a "server" laptop in a clinic. This server laptop really acts like an entire CDR complete with standards based messaging interfaces, administrative user interfaces, etc. The setup procedure is broken into these stages:
Joining the dCG to the central security domain
Configuring the Synchronization settings
Configuring the local database
Configuring local security settings
Configuring the standards-based interfaces
When you first configure the SanteDB dCG you'll be asked which security domain you'd like to join. There may be several security domains in your jurisdiction depending on different projects, or uses of SanteDB.
The configuration settings are:
Device ID: The name of the device which you are configuring. This should be reflective of where the device is located (for example: HOSPITAL_A_HIV_PROGRAM_OFFICE)
Address: The address of the domain that you'd like to join
Secret Mode: If you're connecting to a domain which uses a different client secret mode than in the request body you can change it here.
Override Application Secret: By default , the dcg will authenticate itself as org.santedb.disconnectedClient.gateway , if your administrator has changed this you may override the defaults here.
Port: If SanteDB server is running on a different port than the 8080 or 8443 you may enter the correct port
Use TLS: For most production environment you'll check this box to ensure the communication is over TLS.
Once you press Join Realm you'll be prompted with an elevation prompt. Enter your username and password for the target domain:
If successful you'll be welcomed to the domain:
After you've joined the domain you'll be asked to select a role for the gateway. A SanteDB server may have multiple roles (for example: one SanteDB instance may be an MPI, an Immunization Registry and a Master Facility Registry all at the same time). Selecting a role will restrict the local gateway user interface to whatever role has been selected.
You may also select whether you'd like automatic updates to be downloaded when the device is connected to the internet.
You can configure the frequency of synchronization and the conflict resolution mechanism on the next screen.
When the disconnected gateway is online, it has the opportunity to download a subset of the information from the central server. This is called a subscription. Subscriptions can be to:
The Entire Database : Where the dCG will download a complete copy of the central server (not recommended)
Place : Where the dCG will only download information about patients who live in the specified place.
Facility : Where the dCG can establish a relationship between a patient or event and a facility
Identifier : Where the dCG will only download information which has an identifier from the specified domain.
Current SanteDB's dCG only supports SQLite as a storage mechanism, however PostgreSQL and FirebirdSQL are on our roadmap for support. You can configure which database system you'd like to use for your dCG on this screen (for smaller clinics we recommend SQLite).
Because the dCG operates offline, it must maintain security settings which dictate how it should operate while not connected to the central server. Here you can set:
The password storage strength
How long local audits should be retained on the device
Where the device will operate
Whether only users assigned to that facility can log in
Who is the administrative contact for the device
The network configuration page allows you to specify parameters about your local network and how it connects to the master server. Here you can specify how heavily you would like to compress traffic (to save bandwidth and time), as well as any proxy settings
If you're using a system to communicate with the dCG which uses HL7v2 messaging (such as OpenMRS or VistA) you can setup your LLP traffic settings including the sending facility and device name, and the bind port:
The dCG comes with a lightweight IHE ATNA compliant audit repository. This is used to track audits against the dCG from local clinic traffic while offline. You can configure the transport and enterprise site ID of the local audit repository:
After you're done, you can press the Save button. You should be greeted with a notification instructing you to restart the service:
This is done from the start menu:
After waiting a few seconds, you can login to the main administrative user interface from the local device or from another device on the local network by visiting : http://localhost:9200
To confirm connectivity, login to the portal and check the synchronization centre status