diff --git a/minimal-notebook/Dockerfile b/minimal-notebook/Dockerfile index 59fae1b2..6048df20 100644 --- a/minimal-notebook/Dockerfile +++ b/minimal-notebook/Dockerfile @@ -20,7 +20,6 @@ RUN apt-get update && apt-get install -yq --no-install-recommends \ texlive-latex-extra \ texlive-fonts-extra \ texlive-fonts-recommended \ - supervisor \ sudo \ && apt-get clean @@ -34,21 +33,12 @@ RUN echo export PATH=$CONDA_DIR/bin:'$PATH' > /etc/profile.d/conda.sh && \ rm Miniconda3-3.9.1-Linux-x86_64.sh && \ $CONDA_DIR/bin/conda install --yes conda==3.14.1 -# Create non-root user -RUN useradd -m -s /bin/bash $NB_USER -RUN chown -R $NB_USER:$NB_USER $CONDA_DIR -RUN chown $NB_USER:$NB_USER /home/$NB_USER -R - -# Configure user environment -USER $NB_USER -ENV HOME /home/$NB_USER -ENV SHELL /bin/bash -ENV USER $NB_USER +# Configure docker environment ENV PATH $CONDA_DIR/bin:$PATH # Setup a work directory rooted in home for ease of volume mounting -ENV WORK $HOME/work -RUN mkdir -p $WORK +ENV WORK /notebooks +RUN mkdir -p $WORK && chown root.users $WORK && chmod g+w $WORK WORKDIR $WORK # Install Jupyter notebook @@ -57,16 +47,10 @@ RUN conda install --yes \ terminado \ && conda clean -yt -# Configure Jupyter -RUN jupyter notebook --generate-config - # Configure container startup EXPOSE 8888 -USER root -CMD ["supervisord", "-n", "-c", "/etc/supervisor/supervisord.conf"] +CMD [ "start-notebook.sh" ] # Add local files as late as possible to avoid cache busting -COPY jupyter_notebook_config.py $HOME/.jupyter/ -COPY notebook.conf /etc/supervisor/conf.d/ -COPY enable_sudo.sh /usr/local/bin/ -RUN chown $NB_USER:$NB_USER $HOME/.jupyter/jupyter_notebook_config.py \ No newline at end of file +COPY start-notebook.sh /usr/local/bin/ +COPY jupyter_notebook_config.py /etc/skel/.jupyter/ diff --git a/minimal-notebook/enable_sudo.sh b/minimal-notebook/enable_sudo.sh deleted file mode 100755 index fb2a7771..00000000 --- a/minimal-notebook/enable_sudo.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -if [ ! -z "$GRANT_SUDO" ]; then - echo "$NB_USER ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/notebook -fi \ No newline at end of file diff --git a/minimal-notebook/notebook.conf b/minimal-notebook/notebook.conf deleted file mode 100644 index 1246fb93..00000000 --- a/minimal-notebook/notebook.conf +++ /dev/null @@ -1,18 +0,0 @@ -[program:notebook] -user=jovyan -umask=0002 -directory=/home/jovyan/work -command=ipython notebook -autostart=true -autorestart=true -stdout_logfile=/var/log/supervisor/%(program_name)s.log -redirect_stderr=true - -[program:sudoers] -command=enable_sudo.sh -autostart=true -autorestart=false -stdout_logfile=/var/log/supervisor/%(program_name)s.log -redirect_stderr=true -startretries=0 -startsecs=0 diff --git a/minimal-notebook/start-notebook.sh b/minimal-notebook/start-notebook.sh new file mode 100755 index 00000000..757e1d06 --- /dev/null +++ b/minimal-notebook/start-notebook.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +# Create non-root NB_USER, member of group "users" +useradd -m -s /bin/bash -u ${NB_UID:-1000} -G users $NB_USER + +# Allow "users" group to update conda root env +chown -R root.users $CONDA_DIR +chmod -R g+w $CONDA_DIR + +# Enable sudo if requested +if [ ! -z "$GRANT_SUDO" ]; then + echo "$NB_USER ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/notebook +fi + +# Run Notebook server as $NB_USER +su -l $NB_USER << EOF +cd $WORK +jupyter notebook +EOF