diff --git a/Dockerfile b/Dockerfile index fbe5600b..812720b2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,6 +2,16 @@ # Based on Ubuntu 18.04 since v0.11 FROM phusion/baseimage:0.11 +LABEL maintainer="Materials Cloud Team " + + +# Note: The following config can be changed at build time: +# docker build --build-arg NB_UID=200 +ARG NB_USER="scientist" +ARG NB_UID="1000" +ARG NB_GID="1000" + + USER root # Add switch mirror to fix issue #9 @@ -53,6 +63,19 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ zip \ && rm -rf /var/lib/apt/lists/* +# needed for jupyterlab +RUN apt-get update && apt-get install -y \ + nodejs \ + npm \ + && rm -rf /var/lib/apt/lists/* + +# Add repo for postgres-9.6 +RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ bionic-pgdg main" >> /etc/apt/sources.list.d/pgdg.list +RUN wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | apt-key add - +RUN apt-get update && apt-get install -y --no-install-recommends \ + postgresql-9.6 \ + && rm -rf /var/lib/apt/lists/* + # fix locales RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen ENV LC_ALL en_US.UTF-8 @@ -76,9 +99,19 @@ RUN pip2 install ipykernel # install packages that are not in the aiidalab meta package # 'fastentrypoints' is to fix problems with aiida-quantumespresso plugin installation RUN pip3 install --upgrade \ + 'fastentrypoints' \ + 'tornado==5.1.1' \ 'jupyterhub==0.9.4' \ - 'nbserverproxy==0.8.3' \ - 'fastentrypoints' + 'notebook==5.7.4' \ + 'nbserverproxy==0.8.8' \ + 'jupyterlab==0.35.4' \ + 'appmode-aiidalab==0.5.0.1' + +# enable nbserverproxy extension +RUN jupyter serverextension enable --sys-prefix --py nbserverproxy + +# workaround to fix pymatgen installation +RUN pip install numpy==1.15.4 # This already enables jupyter notebook and server extensions RUN pip3 install aiidalab==v19.09.0a1 @@ -95,6 +128,21 @@ RUN jupyter nbextension install --sys-prefix --py fileupload # enable nbserverproxy extension RUN jupyter serverextension enable --sys-prefix --py nbserverproxy +# enables better integration with jupyterhub +# https://jupyterlab.readthedocs.io/en/stable/user/jupyterhub.html#further-integration +RUN jupyter labextension install @jupyterlab/hub-extension + + +# Install jupyterlab theme +WORKDIR /opt/jupyterlab-theme +RUN git clone https://github.com/aiidalab/jupyterlab-theme && \ + cd jupyterlab-theme && \ + npm install && \ + npm run build && \ + npm run build:webpack && \ + npm pack ./ && \ + jupyter labextension install *.tgz && \ + cd .. # install MolPad WORKDIR /opt @@ -108,9 +156,10 @@ RUN git clone https://github.com/oschuett/molview-ipywidget.git && \ RUN reentry scan #=============================================================================== +ADD fix-permissions /usr/local/bin/fix-permissions RUN mkdir /project && \ - useradd --home /project --uid 1234 --shell /bin/bash scientist && \ - chown -R scientist:scientist /project + useradd --home /project --uid $NB_UID --shell /bin/bash $NB_USER +RUN fix-permissions /project # launch postgres server COPY opt/postgres.sh /opt/ @@ -135,6 +184,9 @@ COPY service/aiida /etc/service/aiida/run EXPOSE 8888 -CMD ["/sbin/my_init"] +# remove when the following issue is fixed: https://github.com/jupyterhub/dockerspawner/issues/319 +COPY my_my_init /sbin/my_my_init + +CMD ["/sbin/my_my_init"] #EOF diff --git a/LICENSE.txt b/LICENSE.txt index a6a72773..d676dbb9 100644 --- a/LICENSE.txt +++ b/LICENSE.txt @@ -18,4 +18,39 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. \ No newline at end of file +SOFTWARE. + +--- + +The 'fix-permissions' script is licensed under the terms of the Modified BSD License +(also known as New or Revised or 3-Clause BSD), as follows: + +- Copyright (c) 2001-2015, IPython Development Team +- Copyright (c) 2015-, Jupyter Development Team + +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +Redistributions of source code must retain the above copyright notice, this +list of conditions and the following disclaimer. + +Redistributions in binary form must reproduce the above copyright notice, this +list of conditions and the following disclaimer in the documentation and/or +other materials provided with the distribution. + +Neither the name of the Jupyter Development Team nor the names of its +contributors may be used to endorse or promote products derived from this +software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/README.md b/README.md index 9900dc01..c71c38c3 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,8 @@ This repo contains the Docker file used in the [AiiDA lab](https://aiidalab.materialscloud.org). +Docker images are available from Dockerhub via `docker pull aiidalab/aiidalab-docker-stack:latest`. + ## Deploy To deploy changes, log into the AiiDA lab server and execute the following commands: ``` diff --git a/activate.sh b/activate.sh index 44bbcd00..a5aeb795 100755 --- a/activate.sh +++ b/activate.sh @@ -2,6 +2,6 @@ set -x -docker tag aiidalab-docker-stack:master aiidalab-docker-stack:latest +docker tag aiidalab-docker-stack:develop aiidalab-docker-stack:latest #EOF diff --git a/build.sh b/build.sh index 9004a32b..36d28426 100755 --- a/build.sh +++ b/build.sh @@ -2,6 +2,6 @@ set -x -docker build -t aiidalab-docker-stack:master ./ +docker build -t aiidalab-docker-stack:develop ./ #EOF diff --git a/fix-permissions b/fix-permissions new file mode 100755 index 00000000..659b2763 --- /dev/null +++ b/fix-permissions @@ -0,0 +1,35 @@ +#!/bin/bash +# set permissions on a directory +# after any installation, if a directory needs to be (human) user-writable, +# run this script on it. +# It will make everything in the directory owned by the group $NB_GID +# and writable by that group. +# Deployments that want to set a specific user id can preserve permissions +# by adding the `--group-add users` line to `docker run`. + +# uses find to avoid touching files that already have the right permissions, +# which would cause massive image explosion + +# right permissions are: +# group=$NB_GID +# AND permissions include group rwX (directory-execute) +# AND directories have setuid,setgid bits set + +set -e + +for d in "$@"; do + find "$d" \ + ! \( \ + -group $NB_GID \ + -a -perm -g+rwX \ + \) \ + -exec chgrp $NB_GID {} \; \ + -exec chmod g+rwX {} \; + # setuid,setgid *on directories only* + find "$d" \ + \( \ + -type d \ + -a ! -perm -6000 \ + \) \ + -exec chmod +6000 {} \; +done diff --git a/inspect.sh b/inspect.sh index 38f9dd78..b1d3dbf8 100755 --- a/inspect.sh +++ b/inspect.sh @@ -2,8 +2,6 @@ set -x -#docker run --init --user 0 -ti aiidalab-docker-stack:develop /bin/bash - # login as scientist docker run --init --user scientist -ti aiidalab-docker-stack:develop /bin/bash diff --git a/my_my_init b/my_my_init new file mode 100755 index 00000000..edcdc77f --- /dev/null +++ b/my_my_init @@ -0,0 +1,3 @@ +#!/bin/bash + +/sbin/my_init