From 6a2283bef83b1529992528809209e5b8b58d398d Mon Sep 17 00:00:00 2001 From: George Hunt Date: Wed, 10 Mar 2021 03:10:49 +0000 Subject: [PATCH] systemd spawner is working writing to /var/lib/private --- roles/jupyter/tasks/install.yml | 17 +++++++++++++++-- roles/jupyter/templates/jupyter.service | 2 +- roles/jupyter/templates/jupyterhub_config.py | 13 ++++++++++--- 3 files changed, 26 insertions(+), 6 deletions(-) diff --git a/roles/jupyter/tasks/install.yml b/roles/jupyter/tasks/install.yml index 0c2526856..353f78cae 100644 --- a/roles/jupyter/tasks/install.yml +++ b/roles/jupyter/tasks/install.yml @@ -1,4 +1,9 @@ -- name: Make the directories to hold notebooks +- name: We need a non-privileged user to write all the notebooks + ansible.builtin.user: + name: web-user + home: /opt/iiab/notebooks + +- name: Make the directories to hold jupyter config file: state: directory path: '{{ item }}' @@ -7,6 +12,12 @@ - '{{ jupyter_venv }}/etc/jupyterhub' - '{{ jupyter_venv }}/etc/systemd' +- name: Make a directory to hold notebooks + file: + state: directory + path: /opt/iiab/notebooks + owner: web-user + - name: "Set 'nodejs_install: True' and 'nodejs_enabled: True'" set_fact: nodejs_install: True @@ -35,6 +46,8 @@ - ipywidgets - jupyterhub - jupyterlab + - jupyterhub_firstuseauthenticator + - jupyterhub-systemdspawner virtualenv: "{{ jupyter_venv }}" # /opt/iiab/jupyter virtualenv_site_packages: no virtualenv_command: /usr/bin/virtualenv @@ -45,7 +58,7 @@ - name: Install the config file for jupyterhub template: src: jupyterhub_config.py - dest: '{{ jupyter_venv }}/env/jupyterhub/' + dest: '{{ jupyter_venv }}/etc/jupyterhub/' - name: Use systemd to start jupyterhub template: src: jupyter.service diff --git a/roles/jupyter/templates/jupyter.service b/roles/jupyter/templates/jupyter.service index 363390a9f..f9e5aa798 100644 --- a/roles/jupyter/templates/jupyter.service +++ b/roles/jupyter/templates/jupyter.service @@ -3,7 +3,7 @@ Description=JupyterHub After=syslog.target network.target [Service] -User=hubuser +User=root Environment="PATH=/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:{{ jupyter_venv }}/bin" ExecStart={{ jupyter_venv }}/bin/jupyterhub -f {{ jupyter_venv }}/etc/jupyterhub/jupyterhub_config.py diff --git a/roles/jupyter/templates/jupyterhub_config.py b/roles/jupyter/templates/jupyterhub_config.py index 00c70a126..71d81dbb9 100644 --- a/roles/jupyter/templates/jupyterhub_config.py +++ b/roles/jupyter/templates/jupyterhub_config.py @@ -114,7 +114,7 @@ # - dummy: jupyterhub.auth.DummyAuthenticator # - pam: jupyterhub.auth.PAMAuthenticator # Default: 'jupyterhub.auth.PAMAuthenticator' -# c.JupyterHub.authenticator_class = 'jupyterhub.auth.PAMAuthenticator' +c.JupyterHub.authenticator_class = 'firstuseauthenticator.FirstUseAuthenticator' ## The base URL of the entire application. # @@ -194,7 +194,7 @@ # # Should be exactly 256 bits (32 bytes). # Default: b'' -# c.JupyterHub.cookie_secret = b'' +c.JupyterHub.cookie_secret = b'helloiiabitsrainingb123456789012' ## File in which to store the cookie secret. # Default: 'jupyterhub_cookie_secret' @@ -589,7 +589,7 @@ # - localprocess: jupyterhub.spawner.LocalProcessSpawner # - simple: jupyterhub.spawner.SimpleLocalProcessSpawner # Default: 'jupyterhub.spawner.LocalProcessSpawner' -# c.JupyterHub.spawner_class = 'jupyterhub.spawner.LocalProcessSpawner' +c.JupyterHub.spawner_class = 'systemdspawner.SystemdSpawner' ## Path to SSL certificate file for the public facing interface of the proxy # @@ -1229,3 +1229,10 @@ ## Maximum number of entries per page for paginated results. # Default: 250 # c.Pagination.max_per_page = 250 + +#------------------------------------------------------------------------------ +# Systemdspawner config +#------------------------------------------------------------------------------ +c.SystemdSpawner.dynamic_users = True +c.SystemdSpawner.user_workingdir = '/opt/iiab/notebooks/{USERNAME}' +