OpenCRVS Country Configuration - v1.3.5

This release is a reference implementation compatible with OpenCRVS version 1.3.5. Fundamentally this is equivalent to v1.3.4 and it's being released mainly for keeping the version in sync with OpenCRVS core.

OpenCRVS Country Configuration - v1.3.4

What's Changed

This release is a reference implementation compatible with OpenCRVS version 1.3.4.

Bugfixes

• Fix "Reason for delayed registration" not showing with single digit date or month in child's birthday (issue).
• Add missing French translations (issue).

Full Changelog: v1.3.3...v1.3.4

OpenCRVS Country Configuration - v1.4.1

An example OpenCRVS country configuration. To be used in conjunction with opencrvs-core release v1.4.1

Read the release notes!

What's changed?

• Improved logging for emails being sent
• Updated default Metabase init file so that it's compatible with the current Metabase version
• Deployment: Verifies Kibana is ready before setting up alert configuration
• Deployment: Removes depends_on configuration from docker compose files
• Deployment: Removes some deprecated deployment code around Elastalert config file formatting
• Provisioning: Creates backup user on backup servers automatically
• Provisioning: Update ansible Github action task version

Breaking changes

• Copy: All application copy is now located in src/translations as CSV files. This is so that copy would be easily editable in software like Excel and Google Sheets. After this change, AVAILABLE_LANGUAGES_SELECT doesn't need to be defined anymore by country config.

Full Changelog: v1.3.3...v1.4.1

OpenCRVS Country Configuration - v1.3.3

This release is a reference implementation compatible with OpenCRVS version 1.3.x.

What's Changed

• ocrvs-6363 use the new id handlebars with the "location" helper by @Zangetsu101 in opencrvs#815
• Change the verbiage from sms to email in Send for approval section and in introduction page by @naftis in opencrvs#868
• update password copy to suggest a 12 character long passphrase by @naftis in opencrvs#867
• Farajaland certificates updated by @euanmillar in opencrvs#891
• Make occupation field usable for deceased by @Zangetsu101 in opencrvs#888
• Farajaland form updates by @tahmidrahman-dsi in opencrvs#805
• Reason for delayed registration custom form field by @euanmillar in opencrvs#894
• [OCRVS-6520] Fix Farajaland marriage form issue by @tahmidrahman-dsi in opencrvs#906
• add handlebar of age of deceased in death certificate by @Nil20 in opencrvs#895
• ocrvs-6517 Hide fields when informantType not selected by @Zangetsu101 in opencrvs#899
• ocrvs-6204 fix date of birth unknown checkbox conditional & update CHANGELOG by @Zangetsu101 in opencrvs#898
• Fix search copy by @tahmidrahman-dsi in opencrvs#907
• Fix death certificate birthdate field by @Nil20 in opencrvs#908
• Update handlebars by @Zangetsu101 in opencrvs#905
• Allow pip to update externally-managed packages by @Zangetsu101 in opencrvs#882

Full Changelog: opencrvs/opencrvs-farajaland@v1.3.2...v1.3.3

OpenCRVS Country Configuration - v1.4.0

An example OpenCRVS country configuration. To be used in conjunction with opencrvs-core release v1.4.0

Read the release notes!
Read the v1.3.* to v1.4.* migration notes!

Breaking changes

• 🔒 Entirely reconfigured infrastructure and provisioning scripts for new servers. Each server is now SSH secured with Google Authenticator
• 🔒 Backup server now automatically provisioned. Production environments automatically back up to backup server and they are automatically restored onto staging, thus reducing monitoring and maintenance tasks.
• Added examples for configuring HTTP-01, DNS-01, and manual HTTPS certificates. By default, development and QA environments use HTTP-01, while others use DNS-01.
• All secrets & variables defined in Github Secrets are now passed automatically to the deployment script.
• The VPN_HOST_ADDRESS variable is now required for staging and production installations to ensure deployments are not publicly accessible.
• Replica limits have been removed; any number can now be deployed.
• Each environment now has a dedicated docker-compose--deploy.yml. Use environment:init to create a new environment and generate a corresponding file for customizable configurations.
• 🔒 OpenHIM console is no longer exposed via HTTP.
• Ansible playbooks are refactored into smaller task files.

New features

• We now recommend creating a new Ubuntu user provision with passwordless sudo rights for all automated operations on the server, instead of using the root user. New users for different operations will be created in future releases.
• All human users on all servers now have their own Linux users with mandatory 2-factor authentication.
• OpenCRVS now has an interactive script environment:init for creating new Github environments and defining secrets. This script should also be run for existing environments to ensure all variables and secrets are defined, especially important when pulling the latest changes from the repository to your own country resource package.
• The environment creator script also manages the known hosts file automatically.
• 🚰 New pipeline for automatic provisioning of Ubuntu servers (all environments).
• 🚰 New pipeline for resetting data from an environment (non-production environments).
• 🚰 New pipeline for resetting SSH 2FA for all environments.
• 🚰 Development deploy pipeline now includes a "debug" option for SSHing into the action runner (non-production environments).
• A new "staging" environment has been introduced, acting as a production environment clone that resets its data nightly to match the production environment.
• The deployment script can now verify if there are undefined environment variables referred to in your compose files. All secrets and variables defined in Github Environments are automatically passed down to the deployment script.
• 🔒 Backup archives are now secured with a passphrase.
• HTTPS setup now offers three options: HTTP challenge, DNS challenge, and using a pre-issued certificate file.
• There's now a generic purpose POST /email endpoint only available from the internal network. Elastalert2 is configured to use this endpoint instead of directly using SMTP details or the Sendgrid API key.
• 🔒 QA environment now hosts a Wireguard server and admin panel (wg-easy). After deploying, you can access the admin panel at vpn..
• Allow configuring additional SSH parameters globally using SSH_ARGS Github variable.

Breaking changes

• Known hosts are now defined in the infrastructure/known-hosts file. You can clear the file and use bash infrastructure/environments/update-known-hosts.sh <domain> to add your own domains.
• Ansible inventory files are now in .yml format. Please convert your old production.ini and similar files to this new format.
• The authorized_keys file has been removed, and keys should now be defined in the inventory yaml files.
• The DOCKER_PASSWORD secret has been replaced with DOCKER_TOKEN.

Note

In the next OpenCRVS release v1.5.0, there will be two significant changes:

• The infrastructure directory and related pipelines will be moved to a new repository.
• Both the new infrastructure repository and the OpenCRVS country resource package repositories will start following their own release cycles, mostly independent from the core's release cycle. From this release forward, both packages are released as "OpenCRVS minor compatible" releases, meaning that the OpenCRVS countryconfig 1.3.0- is compatible with OpenCRVS 1.3.0, 1.3.1, 1.3.2, etc. This allows for the release of new hotfix versions of the core without having to publish a new version of the infrastructure or countryconfig.

See Releases for release notes of older releases.

OpenCRVS Country Configuration - v1.3.2

An example OpenCRVS country configuration. To be used in conjunction with opencrvs-core release v1.3.2

Read the release notes!
Read the v1.3.0 to v1.3.* migration notes!

Changes - country configuration

• Added new email templates: correction approved, correction rejected
• Remove unused files and unused dependencies by @rikukissa in #14
• Remove duplicate id check of informant for bride groom by @Nil20 in opencrvs#796
• Update deceased age label & conditionals by @Zangetsu101 in opencrvs#792
• Review section message update for incomplete declaration by @Nil20 in opencrvs#791
• Remove unsupported font from marriage certificate by @Zangetsu101 in opencrvs#852

Full Changelog: v1.3.1...v1.3.2

OpenCRVS Country Configuration - v1.3.1

An example OpenCRVS country configuration. To be used in conjunction with opencrvs-core release v1.3.1

Read the release notes!
Read the v1.3.0 to v1.3.* migration notes!

Changes - country configuration

1. Certificate handlebars now enable custom formatting via offering the possibility to create custom helper functions. An endpoint exists in the country config repository to load in handlebar helper functions. These must be common JS functions with no library dependencies. A basic example is given. Thanks to this discussion: opencrvs/opencrvs-core#5927

2. Dashboard configuration is now possible in Metabase without the requirement to fork Core. A new endpoint exists in the country config repository to load in a customisable query to populate the performance database and additionally, the Metabase .sql file can be customised to allow any UI change required.

3. A new environment variable must be added to Github Actions during deployment: CONTENT_SECURITY_POLICY_WILDCARD. This is supplied to the clients and nginx config like this: *. and ensures that the format of your domain can be configurable. Previously it was hardcoded in nginx to assume that hostname is the domain name concatenating beyond a dot separated subdomain. Resolved in: opencrvs/opencrvs-core#6123. In addition, these environment secrets in Github Actions are now environment variables: DOMAIN, REPLICAS

OpenCRVS Country Configuration - v1.3.0

An example OpenCRVS country configuration. To be used in conjunction with opencrvs-core release v1.3.0

Read the release notes!
v1.2 to v1.3.* migration notes

Breaking changes - country configuration

The country confguration repository has been entirely refactored. Please contact us at team@opencrvs.org if you need any help rebasing changes in this repository.

Refer to the documentation

• Form configuration now takes place entirely by using code in this repository.
• All databases are now seeded using the configuration and APIs here and the old backup zips have been deprecated.
• Directory structure has been refactored entirely
• All server configuration can now be amended in this repository without forking opencrvs-core
• Many content keys have been created for translation requirements for the new features. These are documented below.

"buttons.editRecord": "No, make correction",
"buttons.issue": "Issue",
"buttons.saving": "Saving...",
"buttons.sendForUpdates": "Send for updates",
"certificate.receipt.amountDue": "Fee",
"certificate.receipt.deathService.before": "Death registration before {target} days of date of death",
"certificate.receipt.marriageService.after": "Marriage registration after {target} days of date of marriage",
"certificate.receipt.marriageService.before": "Marriage registration before {target} days of date of marriage",
"certificate.receipt.service": "Service",
"changeEmail.validation.msg": "Must be a valid email address",
"config.application.marriageTabTitle": "Marriage",
"config.application.marriageLegallySpecifiedDialogTitle": "Legally specified time period for marriage registration",
"config.application.marriageDelayedFeeChangeNotification": "Marriage delayed fee updated",
"config.application.marriageOnTimeFeeChangeNotification": "Marriage on time fee updated",
"config.application.marriageRegTargetChangeNotification": "Marriage registration target days updated",
"config.informantNotification.title": "Informant notifications",
"config.informantNotification.subtitle": "Select the notifications to send to the informant to keep them informed of the progress to their declaration. Your system is configured to send {communicationType}.",
"config.informantNotification.inProgressSMS": "Notification sent to Office",
"config.informantNotification.declarationSMS": "Declaration sent for review",
"config.informantNotification.registrationSMS": "Declaration registered",
"config.informantNotification.rejectionSMS": "Declaration rejected",
"config.informantNotification.success": "Informant notifications updated",
"config.userRoles.title": "User roles",
"config.userRoles.subtitle": "Map user roles to each system role so that specific permissions and privileges are correctly assigned. To learn more about the different system roles see ... {link}",
"config.userRoles.systemRoles": "SYSTEM ROLES",
"config.userRoles.systemRoleSuccessMsg": "System role updated successfully",
"config.userRoles.role": "ROLE",
"config.userRoles.roleUpdateInstruction": "Add the roles to be assigned the system role of {systemRole}",
"config.application.vsExportDownloadFailed": "Sorry! Something went wrong",
"config.certificate.template": "Template",
"config.certificate.allowPrinting": "Allow printing in advanced of issuance",
"config.certificate.options": "Options",
"config.certificate.printDescription": "Records printed off in advance of collections will be added to the ready to issue work-queue",
"config.certificate.allowPrintingNotification": "Allow printing in advance of issuance updated",
"config.certTemplate": "Certificate Template",
"config.marriageDefaultTempDesc": "Default marriage certificate template",
"config.marriageTemplate": "Marriage certificate",
"config.listTitle": "Certification",
"config.application.backgroundImageError": "Unable to change image. Please try again.",
"config.application.loginBackgroundLabel": "Login Background",
"config.application.loginImageText": "Upload an image and set how you would like it to display in the background",
"config.application.imageTabTitle": "Image",
"config.application.colourTabTitle": "Colour",
"config.application.colourTabText": "Hex code",
"config.application.backgroundImageChangeNotification": "Background image updated",
"config.application.backgroundImageFileLimitError": "Background image file must be less than 2mb",
"constants.marriage": "Marriage",
"constants.marriages": "Marriages",
"constants.duplicateOf": "Duplicate of",
"constants.matchedTo": "Matched to",
"constants.registeredAt": "Registered at",
"constants.registeredBy": "Registered by",
"constants.emailAddress": "Email Address",
"constants.user.role": "Role",
"constants.user.systemRole": "System Role",
"constants.registrationNumber": "Reg no.",
"constants.issueCertificate": "Issue Certificate",
"constants.collectorDetails": "Collector Details",
"constants.issueToMother": "Issue to informant (Mother)",
"constants.issueToFather": "Issue to informant (Father)",
"constants.issueToGroom": "Issue to informant (Groom)",
"constants.issueToBride": "Issue to informant (Bride)",
"constants.issueToSomeoneElse": "Issue to someone else",
"constants.issueToInformant": "Issue to informant",
"constants.issueConfirmationMessage": "Please confirm that the certificate has been issued to the informant or collector.",
"constants.idCheckWithoutVerify": "Continue without proof of ID?",
"constants.systemrole": "System Role",
"constants.draft": "Draft",
"verifyCertificate.loading": "Verifying certificate",
"verifyCertificate.timeOut": "You been timed out",
"verifyCertificate.successTitle": "Valid QR code",
"verifyCertificate.successMessage": "Compare the partial details of the record below against those against those recorded on the certificate",
"verifyCertificate.errorTitle": "Invalid QR code",
"verifyCertificate.errorMessage": "The certificate is a potential forgery please...",
"verifyCertificate.successUrl": "URL Verification",
"verifyCertificate.fullname": "Full name",
"verifyCertificate.dateOfBirth": "Date of birth",
"verifyCertificate.dateOfDeath": "Date of death",
"verifyCertificate.sex": "Sex",
"verifyCertificate.placeOfBirth": "Place of birth",
"verifyCertificate.placeOfDeath": "Place of death",
"verifyCertificate.registrationCenter": "Registration Center",
"verifyCertificate.registar": "Name of registar",
"verifyCertificate.createdAt": "Date of certification",
"verifyCertificate.brn": "BRN",
"verifyCertificate.drn": "DRN",
"verifyCertificate.toastMessage": "After verifying the certificate, please close the browser window",
"verifyCertificate.sexFemale": "Female",
"verifyCertificate.sexMale": "Male",
"correction.corrector.bride": "Bride",
"correction.corrector.groom": "Groom",
"correction.summary.required": "Required for correction",
"correction.summary.idCheckForCorrection": "Correct without proof of ID?",
"dashboard.noContent": "No content to show. Make sure the following variables are configured in the <strong>client-config.js</strong> provided by your country config package:<br /><ul><li><strong>LEADERBOARDS_DASHBOARD_URL</strong></li><li><strong>REGISTRATIONS_DASHBOARD_URL</strong></li><li><strong>STATISTICS_DASHBOARD_URL</strong></li></ul>",
"dashboard.dashboardTitle": "Dashboard",
"dashboard.leaderboardTitle": "Leaderboards",
"dashboard.statisticTitle": "Statistics",
"custom.field.form.unit": "Unit",
"custom.field.form.unitOptionG": "Gram (G)",
"custom.field.form.unitOptionKg": "Kilogram (Kg)",
"custom.field.form.unitOptionCm": "Centimeter (Cm)",
"custom.field.form.unitOptionM": "Meter (M)",
"custom.field.form.unitOptionEmpty": "None",
"custom.field.form.inputWidth": "Input width",
"config.form.settings.time": "Time input",
"config.form.tools.input.customSelectWithDynamicOptions": "Custom select with dynamic options",
"duplicates.warning": "Potential duplicate of record {trackingId}",
"duplicates.review.header": "Potential {event} duplicate review",
"duplicates.content.title": "Is {name} ({trackingId}) a duplicate?",
"duplicates.content.subtitle": "This record was flagged as a potential duplicate of: {trackingIds}. Please review these by clicking on each tracking ID in the tab section to view a side-by-side comparison below, and confirm if this record is a duplicate",
"duplicates.button.notDuplicate": "Not a duplicate",
"duplicates.button.markAsDuplicate": "Mark as duplicate",
"duplicates.content.notDuplicateConfirmationTitle": "Are you sure {name} ({trackingId}) is not duplicate?",
"duplicates.content.markAsDuplicate": "Mark {trackingId} as duplicate?",
"duplicates.content.duplicateDropdownMessage": "Duplicate of",
"duplicates.content.markAsDuplicateReason": "Please describe your reason",
"duplicates.compare.title": "Review {actualTrackingId} against {duplicateTrackingId}",
"duplicates.compare.supportingDocuments": "Supporting documents",
"duplicates.content.header": "Declaration details",
"form.field.nidNotVerified": "Authenticate",
"form.field.nidVerified": "Authenticated",
"form.field.nidOffline": "National ID authentication is currently not available offline.",
"form.field.nidNotVerifiedReviewSection": "Unauthenticated",
"form.field.label.addressLine1RuralOption": "Village",
"form.field.label.addressLine1UrbanOption": "Residential Area",
"form.field.label.app.certifyRecordTo.mother": "Print and issue to informant (Mother)",
"form.field.label.app.certifyRecordTo.father": "Print and issue to informant (Father)",
"form.field.label.exactDateOfBirthUnknown": "Exact date of birth unknown",
"form.field.label.fileSizeErr...