YunoHost-Apps/jupyterlab_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/jupyterlab_ynh.git synced 2024-09-03 19:26:35 +02:00
Code Issues Activity Actions

fix

Browse source
This commit is contained in:
Éric Gaspar 2023-02-26 19:50:58 +01:00
parent f1c47a5942
commit c5446783ec
10 changed files with 117 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
conf/app-sudoers Normal file
View file

@ -0,0 +1 @@
__APP__ ALL=(%__APP__.main) NOPASSWD: __INSTALL_DIR__/.venv/bin/sudospawner

8
conf/jupyterhub_config.py
View file

@ -171,7 +171,7 @@ c.JupyterHub.bind_url = 'http://:__PORT____PATH__'
#c.JupyterHub.cookie_secret_file = 'jupyterhub_cookie_secret' #c.JupyterHub.cookie_secret_file = 'jupyterhub_cookie_secret'
## The location of jupyterhub data files (e.g. /usr/local/share/jupyterhub) ## The location of jupyterhub data files (e.g. /usr/local/share/jupyterhub)
#c.JupyterHub.data_files_path = '/opt/jupyterlab/.venv/share/jupyterhub' c.JupyterHub.data_files_path = '__INSTALL_DIR__/.venv/share/jupyterhub'
## Include any kwargs to pass to the database connection. See ## Include any kwargs to pass to the database connection. See
# sqlalchemy.create_engine for details. # sqlalchemy.create_engine for details.
@ -469,7 +469,7 @@ c.ConfigurableHTTPProxy.api_url = 'http://127.0.0.1:__PORT_HTTP_PROXY__'
# - default: jupyterhub.spawner.LocalProcessSpawner # - default: jupyterhub.spawner.LocalProcessSpawner
# - simple: jupyterhub.spawner.SimpleLocalProcessSpawner # - simple: jupyterhub.spawner.SimpleLocalProcessSpawner
# - localprocess: jupyterhub.spawner.LocalProcessSpawner # - localprocess: jupyterhub.spawner.LocalProcessSpawner
#c.JupyterHub.spawner_class = 'jupyterhub.spawner.LocalProcessSpawner' c.JupyterHub.spawner_class = 'sudospawner.SudoSpawner'
## Path to SSL certificate file for the public facing interface of the proxy ## Path to SSL certificate file for the public facing interface of the proxy
# #
@ -685,7 +685,7 @@ c.Spawner.default_url = '/lab'
# This whitelist is used to ensure that sensitive information in the JupyterHub # This whitelist is used to ensure that sensitive information in the JupyterHub
# process's environment (such as `CONFIGPROXY_AUTH_TOKEN`) is not passed to the # process's environment (such as `CONFIGPROXY_AUTH_TOKEN`) is not passed to the
# single-user server's process. # single-user server's process.
#c.Spawner.env_keep = ['PATH', 'PYTHONPATH', 'CONDA_ROOT', 'CONDA_DEFAULT_ENV', 'VIRTUAL_ENV', 'LANG', 'LC_ALL'] c.Spawner.env_keep = ['PATH', 'PYTHONPATH', 'CONDA_ROOT', 'CONDA_DEFAULT_ENV', 'VIRTUAL_ENV', 'LANG', 'LC_ALL', 'JUPYTERHUB_SINGLEUSER_APP']
## Extra environment variables to set for the single-user server's process. ## Extra environment variables to set for the single-user server's process.
# #
@ -762,7 +762,7 @@ c.Spawner.default_url = '/lab'
# #
# Note that this does *not* prevent users from accessing files outside of this # Note that this does *not* prevent users from accessing files outside of this
# path! They can do so with many other means. # path! They can do so with many other means.
#c.Spawner.notebook_dir = '' c.Spawner.notebook_dir = '~'
## An HTML form for options a user can specify on launching their server. ## An HTML form for options a user can specify on launching their server.
# #

12
conf/sudospawner-singleuser sudospawner-singleuser sudospawner-singleuser Normal file
View file

@ -0,0 +1,12 @@
#!/usr/bin/env bash
set -e
if [ __ENABLE_EXTENSIONS__ -eq 1 ]; then
export JUPYTERLAB_DIR="$HOME/.local/share/__APP__/lab"
export PATH="__NODEJS_PATH__:$PATH"
fi
# Delegate the notebook server launch to the jupyterhub-singleuser script.
# this is how most sudospawner-singleuser scripts should end.
exec "$(dirname "$0")/jupyterhub-singleuser" $@

1
conf/systemd.service
View file

@ -10,6 +10,7 @@ Group=__APP__
WorkingDirectory=__INSTALL_DIR__/ WorkingDirectory=__INSTALL_DIR__/
Environment="LC_ALL=C.UTF-8" Environment="LC_ALL=C.UTF-8"
Environment="LANG=C.UTF-8" Environment="LANG=C.UTF-8"
Environment="JUPYTERHUB_SINGLEUSER_APP=jupyter_server.serverapp.ServerApp"
Environment="__YNH_NODE_LOAD_PATH__:__INSTALL_DIR__/.venv/bin" Environment="__YNH_NODE_LOAD_PATH__:__INSTALL_DIR__/.venv/bin"
ExecStart=__INSTALL_DIR__/.venv/bin/jupyterhub -f __INSTALL_DIR__/config/jupyterhub_config.py --upgrade-db ExecStart=__INSTALL_DIR__/.venv/bin/jupyterhub -f __INSTALL_DIR__/config/jupyterhub_config.py --upgrade-db
Restart=always Restart=always

18
hooks/post_user_create Normal file
View file

@ -0,0 +1,18 @@
#!/usr/bin/env bash
set -e
source /usr/share/yunohost/helpers
app="${0//.\/50-}"
user=$1
install_dir="$(ynh_app_setting_get --app=$app --key=install_dir)"
enable_extensions="$(ynh_app_setting_get --app=$app --key=enable_extensions)"
ynh_use_nodejs
if [ $enable_extensions -eq 1 ]; then
export JUPYTERLAB_DIR="$(getent passwd $user | cut -d: -f6)/.local/share/$app/lab"
node_path="$nodejs_path:$(sudo -u $user sh -c 'echo $PATH')"
sudo -u $user env "PATH=$node_path:$PATH" "$install_dir/.venv/bin/jupyter" lab build --app-dir="$JUPYTERLAB_DIR"
fi

7
manifest.toml
View file

@ -47,6 +47,13 @@ ram.runtime = "50M"
type = "boolean" type = "boolean"
default = true default = true
[install.enable_extensions]
ask.en = "Allow users to install extensions?"
ask.fr = "Permettre aux utilisateurs d'installer des extensions ?"
type = "boolean"
default = true
[resources] [resources]
[resources.ports] [resources.ports]
main.default = 8080 main.default = 8080

16
scripts/change_url
View file

@ -34,7 +34,21 @@ ynh_change_url_nginx_config
domain=$new_domain domain=$new_domain
path=${new_path%/} path=${new_path%/}
ynh_add_config --template="../conf/jupyterhub_config.py" --destination="$install_dir/config/jupyterhub_config.py" mkdir -p "$install_dir/config"
ynh_use_nodejs
ynh_add_config --template="jupyterhub_config.py" --destination="$install_dir/config/jupyterhub_config.py"
ynh_add_config --template="jupyter_server_config.py" --destination="$install_dir/config/jupyter_server_config.py"
ynh_add_config --template="app-sudoers" --destination="/etc/sudoers.d/$app-sudoers"
ynh_add_config --template="sudospawner-singleuser" --destination="$install_dir/.venv/bin/sudospawner-singleuser"
chmod 550 "$install_dir/.venv/bin/sudospawner-singleuser"
chown -R $app:$app "$install_dir"
chmod -R g=u,g-w,o-rwx "$install_dir"
setfacl -nR -m g:$app.main:rx -m d:g:$app.main:rx "$install_dir/.venv"
setfacl -n -m g:$app.main:x "$install_dir"
chown root:root "/etc/sudoers.d/$app-sudoers"
chmod 440 "/etc/sudoers.d/$app-sudoers"
#================================================= #=================================================
# GENERIC FINALISATION # GENERIC FINALISATION

44
scripts/install
View file

@ -26,11 +26,16 @@ python3 -m pip install pipenv
#================================================= #=================================================
ynh_script_progression --message="Building app..." ynh_script_progression --message="Building app..."
mkdir -p "$install_dir" # Set permissions to app files
mkdir -p "$install_dir/.venv"
chown -R $app:$app "$install_dir"
chmod -R g=u,g-w,o-rwx "$install_dir"
setfacl -nR -m g:$app.main:rx -m d:g:$app.main:rx "$install_dir/.venv"
setfacl -n -m g:$app.main:x "$install_dir"
pushd $install_dir pushd "$install_dir"
mkdir -p .venv sudo -u $app PIPENV_VENV_IN_PROJECT="enabled" PIPENV_SKIP_LOCK=true python3 -m pipenv install jupyterlab==$jupyterlab_version jupyterhub notebook jupyter-server jupyterhub-ldapauthenticator pyzmq jupyterlab-language-pack-fr-FR sudospawner 2>&1
PIPENV_VENV_IN_PROJECT="enabled" PIPENV_SKIP_LOCK=true ynh_exec_warn_less python3 -m pipenv install jupyterlab==$jupyterlab_version jupyterhub notebook jupyterhub-ldapauthenticator pyzmq jupyterlab-language-pack-fr-FR sudo -u $app python3 -m pipenv run jupyterhub upgrade-db 2>&1
popd popd
#================================================= #=================================================
@ -39,15 +44,34 @@ popd
ynh_script_progression --message="Adding a configuration file..." ynh_script_progression --message="Adding a configuration file..."
mkdir -p "$install_dir/config" mkdir -p "$install_dir/config"
path=${path%/} path=${path%/}
ynh_add_config --template="../conf/jupyterhub_config.py" --destination="$install_dir/config/jupyterhub_config.py" ynh_add_config --template="jupyterhub_config.py" --destination="$install_dir/config/jupyterhub_config.py"
ynh_add_config --template="../conf/jupyter_notebook_config.py" --destination="$install_dir/config/jupyter_notebook_config.py" ynh_add_config --template="jupyter_server_config.py" --destination="$install_dir/config/jupyter_server_config.py"
ynh_add_config --template="app-sudoers" --destination="/etc/sudoers.d/$app-sudoers"
ynh_add_config --template="sudospawner-singleuser" --destination="$install_dir/.venv/bin/sudospawner-singleuser"
chmod 750 "$install_dir" chmod 550 "$install_dir/.venv/bin/sudospawner-singleuser"
chmod -R o-rwx "$install_dir" chown -R $app:$app "$install_dir"
chown -R $app:www-data "$install_dir" chmod -R g=u,g-w,o-rwx "$install_dir"
setfacl -nR -m g:$app.main:rx -m d:g:$app.main:rx "$install_dir/.venv"
setfacl -n -m g:$app.main:x "$install_dir"
chown root:root "/etc/sudoers.d/$app-sudoers"
chmod 440 "/etc/sudoers.d/$app-sudoers"
#=================================================
# BUILD USER LABS
#=================================================
ynh_script_progression --message="Building JupyterLab for each user..." --weight=10
if [ $enable_extensions -eq 1 ]; then
ynh_use_nodejs
for user in $(ynh_user_list); do
JUPYTERLAB_DIR="$(getent passwd $user | cut -d: -f6)/.local/share/$app/lab"
node_path="$nodejs_path:$(sudo -u $user sh -c 'echo $PATH')"
sudo -u $user env "PATH=$node_path" "$install_dir/.venv/bin/jupyter" lab build --app-dir="$JUPYTERLAB_DIR"
done
fi
#================================================= #=================================================
# SYSTEM CONFIGURATION # SYSTEM CONFIGURATION

2
scripts/remove
View file

@ -31,6 +31,8 @@ ynh_remove_nginx_config
ynh_remove_nodejs ynh_remove_nodejs
ynh_secure_remove "/etc/sudoers.d/$app-sudoers"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

25
scripts/restore
View file

@ -17,8 +17,13 @@ ynh_script_progression --message="Restoring the app main directory..." --weight=
ynh_restore_file --origin_path="$install_dir" ynh_restore_file --origin_path="$install_dir"
chown -R root: $install_dir/ mkdir -p "$install_dir/.venv"
chown -R $admin: $install_dir/.venv/
chown -R $app:$app "$install_dir"
chmod -R g=u,g-w,o-rwx "$install_dir"
setfacl -nR -m g:$app.main:rx -m d:g:$app.main:rx "$install_dir/.venv"
setfacl -n -m g:$app.main:x "$install_dir"
#================================================= #=================================================
# SPECIFIC RESTORATION # SPECIFIC RESTORATION
@ -45,6 +50,22 @@ systemctl enable $app.service --quiet
yunohost service add $app --description="$app daemon" yunohost service add $app --description="$app daemon"
#=================================================
# RESTORE SUDOERS
#=================================================
ynh_script_progression --message="Restoring sudoers configuration..." --weight=2
ynh_restore_file --origin_path="/etc/sudoers.d/$app-sudoers"
# Set permissions on app files
chmod 550 "$install_dir/.venv/bin/sudospawner-singleuser"
chown -R $app:$app "$install_dir"
chmod -R g=u,g-w,o-rwx "$install_dir"
setfacl -nR -m g:$app.main:rx -m d:g:$app.main:rx "$install_dir/.venv"
setfacl -n -m g:$app.main:x "$install_dir"
chown root:root "/etc/sudoers.d/$app-sudoers"
chmod 440 "/etc/sudoers.d/$app-sudoers"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================