zhangyiss/the-littlest-jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/the-littlest-jupyterhub.git synced 2025-12-18 21:54:05 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
f90a0fa5409a98c5a235cf3ea67e119db7e3d049
the-littlest-jupyterhub/tljh/installer.py
yuvipanda f90a0fa540 Use classic unix users rather than systemd dynamic users 
Dynamic Users are neat and probably very useful for a tmpnb
style situation. However, for regular use they have the following
problems:

1. Can't set ProtectHome=no, so you can never apt install or
   similar from inside admin accounts.
2. Dynamic uid / gid makes it hard to write sudo rules. We want
   admin users to have sudo.
3. Persistent uids / gids are very useful for ad-hoc ACLs between
   users. gid sharing isn't the most flexible sharing mechanism,
   but it is well known & quite useful.
4. /etc/skel is pretty useful!
2018-06-26 23:50:07 -07:00

58 lines
1.7 KiB
Python
Raw Blame History

import sys
import os
import tljh.systemd as systemd
import tljh.conda as conda
from tljh import user
INSTALL_PREFIX = os.environ.get('TLJH_INSTALL_PREFIX', '/opt/tljh')
HUB_ENV_PREFIX = os.path.join(INSTALL_PREFIX, 'hub')
USER_ENV_PREFIX = os.path.join(INSTALL_PREFIX, 'user')
HERE = os.path.abspath(os.path.dirname(__file__))
def ensure_jupyterhub_service(prefix):
with open(os.path.join(HERE, 'systemd-units', 'jupyterhub.service')) as f:
unit_template = f.read()
unit = unit_template.format(
python_interpreter_path=sys.executable,
jupyterhub_config_path=os.path.join(HERE, 'jupyterhub_config.py'),
install_prefix=INSTALL_PREFIX
)
systemd.install_unit('jupyterhub.service', unit)
def ensure_jupyterhub_package(prefix):
"""
Install JupyterHub into our conda environment if needed.
Conda constructor does not play well with conda-forge, so we can ship this
with constructor
"""
# FIXME: Use fully deterministic package lists here
conda.ensure_conda_packages(prefix, ['jupyterhub==0.9.0'])
conda.ensure_pip_packages(prefix, [
'jupyterhub-dummyauthenticator==0.3.1',
'jupyterhub-systemdspawner==0.9.12',
'escapism'
])
ensure_jupyterhub_package(HUB_ENV_PREFIX)
ensure_jupyterhub_service(HUB_ENV_PREFIX)
user.ensure_group('jupyterhub-admins')
user.ensure_group('jupyterhub-users')
with open('/etc/sudoers.d/jupyterhub-admins', 'w') as f:
f.write('%jupyterhub-admins ALL = (ALL) NOPASSWD: ALL')
conda.ensure_conda_env(USER_ENV_PREFIX)
conda.ensure_conda_packages(USER_ENV_PREFIX, [
'jupyterhub==0.9.0',
'notebook==5.5.0'
])
systemd.reload_daemon()
systemd.start_service('jupyterhub')
Reference in New Issue View Git Blame Copy Permalink