generated from gCubeCI/Pipeline-Docker-Template
Add jupyterhub compatibility
This commit is contained in:
parent
8de2d983da
commit
b1f328d200
GPG Key ID:
147ABE6CEB9E20FF
56
Dockerfile
56
Dockerfile
|
|
@ -6,12 +6,31 @@ LABEL org.d4science.image.licenses="EUPL-1.2" \
|
|||
org.d4science.image.authors="Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>, Roberto Cirillo <roberto.cirillo@isti.cnr.it>" \
|
||||
org.d4science.image.r_version="2022.02.1+461"
|
||||
|
||||
ARG NB_USER="jovyan"
|
||||
ARG NB_UID="1000"
|
||||
ARG NB_GID="100"
|
||||
ENV S6_VERSION=v2.1.0.2
|
||||
ENV RSTUDIO_VERSION=2022.02.1+461
|
||||
ENV DEFAULT_USER=rstudio
|
||||
ENV DEFAULT_USER="jovyan"
|
||||
ENV USERID="1000"
|
||||
ENV GROUPID="100"
|
||||
ENV PANDOC_VERSION=default
|
||||
ENV PATH=/usr/lib/rstudio-server/bin:$PATH
|
||||
ENV DEBIAN_FRONTEND=noninteractive
|
||||
# Configure environment
|
||||
ENV SHELL=/bin/bash \
|
||||
NB_USER="${NB_USER}" \
|
||||
NB_UID=${NB_UID} \
|
||||
NB_GID=${NB_GID} \
|
||||
LC_ALL=en_US.UTF-8 \
|
||||
LANG=en_US.UTF-8 \
|
||||
LANGUAGE=en_US.UTF-8
|
||||
ENV HOME="/home/${NB_USER}"
|
||||
|
||||
RUN apt-get update --yes && \
|
||||
apt-get upgrade --yes && \
|
||||
apt-get install --yes --no-install-recommends \
|
||||
python3 python3-pip
|
||||
RUN /rocker_scripts/install_rstudio.sh
|
||||
|
||||
# This part comes from https://github.com/openanalytics/shinyproxy-rstudio-ide-demo/blob/master/Dockerfile
|
||||
|
|
@ -24,15 +43,38 @@ ADD 03_setup_root_path.sh /etc/cont-init.d/03_setup_root_path
|
|||
|
||||
# By default RStudio does not give access to all enviornment variables defined in the container (e.g. using ShinyProxy).
|
||||
# Uncomment the next line, to change this behavior.
|
||||
#ADD 04_copy_env.sh /etc/cont-init.d/04_copy_env
|
||||
ADD 04_copy_env.sh /etc/cont-init.d/04_copy_env
|
||||
ADD 05_setup_rsession_parameters.sh /etc/cont-init.d/05_setup_rsession_parameters
|
||||
|
||||
# Install the jupiterhub proxy
|
||||
RUN pip3 install jupyter-rsession-proxy
|
||||
RUN apt-get clean && rm -rf /var/lib/apt/lists/* && \
|
||||
echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && \
|
||||
locale-gen
|
||||
|
||||
# Copy a script that we will use to correct permissions after running certain commands
|
||||
COPY fix-permissions /usr/local/bin/fix-permissions
|
||||
RUN chmod a+rx /usr/local/bin/fix-permissions
|
||||
|
||||
# Enable prompt color in the skeleton .bashrc before creating the default NB_USER
|
||||
# hadolint ignore=SC2016
|
||||
RUN sed -i 's/^#force_color_prompt=yes/force_color_prompt=yes/' /etc/skel/.bashrc
|
||||
|
||||
# Create NB_USER with name jovyan user with UID=1000 and in the 'users' group
|
||||
# and make sure these dirs are writable by the `users` group.
|
||||
RUN echo "auth requisite pam_deny.so" >> /etc/pam.d/su && \
|
||||
sed -i.bak -e 's/^%admin/#%admin/' /etc/sudoers && \
|
||||
sed -i.bak -e 's/^%sudo/#%sudo/' /etc/sudoers && \
|
||||
useradd -l -m -s /bin/bash -N -u "${NB_UID}" "${NB_USER}" && \
|
||||
chmod g+w /etc/passwd && \
|
||||
fix-permissions "${HOME}"
|
||||
|
||||
# Prepare the workspace environment
|
||||
RUN mkdir -p /opt/workspace-lib
|
||||
RUN mkdir /var/log/workspace-lib
|
||||
ADD https://maven.d4science.org/nexus/content/repositories/gcube-snapshots/org/gcube/data-access/sh-fuse-integration/2.0.0-SNAPSHOT/sh-fuse-integration-2.0.0-20211005.090627-1-jar-with-dependencies.jar /opt/workspace-lib/fuse-workspace.jar
|
||||
ADD 06_workspace_mount.sh /etc/cont-init.d/06_workspace_mount
|
||||
ADD 06-fuse-logback.xml /opt/workspace-lib/logback.xml
|
||||
# RUN mkdir -p /opt/workspace-lib
|
||||
# RUN mkdir /var/log/workspace-lib
|
||||
# ADD https://maven.d4science.org/nexus/content/repositories/gcube-snapshots/org/gcube/data-access/sh-fuse-integration/2.0.0-SNAPSHOT/sh-fuse-integration-2.0.0-20211005.090627-1-jar-with-dependencies.jar /opt/workspace-lib/fuse-workspace.jar
|
||||
# ADD 06_workspace_mount.sh /etc/cont-init.d/06_workspace_mount
|
||||
# ADD 06-fuse-logback.xml /opt/workspace-lib/logback.xml
|
||||
|
||||
EXPOSE 8787
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,36 @@
|
|||
#!/bin/bash
|
||||
# From https://github.com/jupyter/docker-stacks/blob/main/docker-stacks-foundation/fix-permissions
|
||||
# set permissions on a directory
|
||||
# after any installation, if a directory needs to be (human) user-writable,
|
||||
# run this script on it.
|
||||
# It will make everything in the directory owned by the group ${NB_GID}
|
||||
# and writable by that group.
|
||||
# Deployments that want to set a specific user id can preserve permissions
|
||||
# by adding the `--group-add users` line to `docker run`.
|
||||
|
||||
# uses find to avoid touching files that already have the right permissions,
|
||||
# which would cause massive image explosion
|
||||
|
||||
# right permissions are:
|
||||
# group=${NB_GID}
|
||||
# AND permissions include group rwX (directory-execute)
|
||||
# AND directories have setuid,setgid bits set
|
||||
|
||||
set -e
|
||||
|
||||
for d in "$@"; do
|
||||
find "${d}" \
|
||||
! \( \
|
||||
-group "${NB_GID}" \
|
||||
-a -perm -g+rwX \
|
||||
\) \
|
||||
-exec chgrp "${NB_GID}" -- {} \+ \
|
||||
-exec chmod g+rwX -- {} \+
|
||||
# setuid, setgid *on directories only*
|
||||
find "${d}" \
|
||||
\( \
|
||||
-type d \
|
||||
-a ! -perm -6000 \
|
||||
\) \
|
||||
-exec chmod +6000 -- {} \+
|
||||
done
|
||||
Loading…
Reference in New Issue