hardcopy instead of symlink of build files

generate_Dockerfile.sh

@@ -15,7 +15,7 @@ cd $STACKS_DIR && git pull && cd -
 # Write the contents into the DOCKERFILE and start with the header
 cat src/Dockerfile.header > $DOCKERFILE
 cp src/jupyter_notebook_config.json .build/
-ln -sf .build/jupyter_notebook_config.json jupyter_notebook_config.json
+cp src/jupyter_notebook_config.json .
 
 echo "
 ############################################################################
@@ -24,19 +24,18 @@ echo "
 " >> $DOCKERFILE
 cat $STACKS_DIR/base-notebook/Dockerfile | grep -v BASE_CONTAINER >> $DOCKERFILE
 
-# copy files that are used during the build
+# copy files that are used during the build in two directories:
 cp $STACKS_DIR/base-notebook/jupyter_notebook_config.py .build/
 cp $STACKS_DIR/base-notebook/fix-permissions .build/
 cp $STACKS_DIR/base-notebook/start.sh .build/
 cp $STACKS_DIR/base-notebook/start-notebook.sh .build/
 cp $STACKS_DIR/base-notebook/start-singleuser.sh .build/
 
-# create softlinks for files used during the build
-ln -sf .build/jupyter_notebook_config.py jupyter_notebook_config.py
-ln -sf .build/fix-permissions fix-permissions
-ln -sf .build/start.sh start.sh
-ln -sf .build/start-notebook.sh start-notebook.sh
-ln -sf .build/start-singleuser.sh start-singleuser.sh
+cp $STACKS_DIR/base-notebook/jupyter_notebook_config.py .
+cp $STACKS_DIR/base-notebook/fix-permissions .
+cp $STACKS_DIR/base-notebook/start.sh .
+cp $STACKS_DIR/base-notebook/start-notebook.sh .
+cp $STACKS_DIR/base-notebook/start-singleuser.sh .
 
 echo "
 ############################################################################

jupyter_notebook_config.json

@@ -1 +0,0 @@
-.build/jupyter_notebook_config.json

jupyter_notebook_config.json

@@ -0,0 +1,6 @@
+
+{
+  "NotebookApp": {
+    "password": "sha1:e49e73b0eb0e:32edae7a5fd119045e699a0bd04f90819ca90cd6"
+  }
+}

jupyter_notebook_config.py

@@ -1 +0,0 @@
-.build/jupyter_notebook_config.py

jupyter_notebook_config.py

@@ -0,0 +1,55 @@
+# Copyright (c) Jupyter Development Team.
+# Distributed under the terms of the Modified BSD License.
+
+from jupyter_core.paths import jupyter_data_dir
+import subprocess
+import os
+import errno
+import stat
+
+c = get_config()
+c.NotebookApp.ip = '0.0.0.0'
+c.NotebookApp.port = 8888
+c.NotebookApp.open_browser = False
+
+# https://github.com/jupyter/notebook/issues/3130
+c.FileContentsManager.delete_to_trash = False
+
+# Generate a self-signed certificate
+if 'GEN_CERT' in os.environ:
+    dir_name = jupyter_data_dir()
+    pem_file = os.path.join(dir_name, 'notebook.pem')
+    try:
+        os.makedirs(dir_name)
+    except OSError as exc:  # Python >2.5
+        if exc.errno == errno.EEXIST and os.path.isdir(dir_name):
+            pass
+        else:
+            raise
+
+    # Generate an openssl.cnf file to set the distinguished name
+    cnf_file = os.path.join(os.getenv('CONDA_DIR', '/usr/lib'), 'ssl', 'openssl.cnf')
+    if not os.path.isfile(cnf_file):
+        with open(cnf_file, 'w') as fh:
+            fh.write('''\
+[req]
+distinguished_name = req_distinguished_name
+[req_distinguished_name]
+''')
+
+    # Generate a certificate if one doesn't exist on disk
+    subprocess.check_call(['openssl', 'req', '-new',
+                           '-newkey', 'rsa:2048',
+                           '-days', '365',
+                           '-nodes', '-x509',
+                           '-subj', '/C=XX/ST=XX/L=XX/O=generated/CN=generated',
+                           '-keyout', pem_file,
+                           '-out', pem_file])
+    # Restrict access to the file
+    os.chmod(pem_file, stat.S_IRUSR | stat.S_IWUSR)
+    c.NotebookApp.certfile = pem_file
+
+# Change default umask for all subprocesses of the notebook server if set in
+# the environment
+if 'NB_UMASK' in os.environ:
+    os.umask(int(os.environ['NB_UMASK'], 8))

start-notebook.sh

@@ -1 +0,0 @@
-.build/start-notebook.sh

start-notebook.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+# Copyright (c) Jupyter Development Team.
+# Distributed under the terms of the Modified BSD License.
+
+set -e
+
+wrapper=""
+if [[ "${RESTARTABLE}" == "yes" ]]; then
+  wrapper="run-one-constantly"
+fi
+
+if [[ ! -z "${JUPYTERHUB_API_TOKEN}" ]]; then
+  # launched by JupyterHub, use single-user entrypoint
+  exec /usr/local/bin/start-singleuser.sh "$@"
+elif [[ ! -z "${JUPYTER_ENABLE_LAB}" ]]; then
+  . /usr/local/bin/start.sh $wrapper jupyter lab "$@"
+else
+  . /usr/local/bin/start.sh $wrapper jupyter notebook "$@"
+fi

start-singleuser.sh

@@ -1 +0,0 @@
-.build/start-singleuser.sh

start-singleuser.sh

@@ -0,0 +1,43 @@
+#!/bin/bash
+# Copyright (c) Jupyter Development Team.
+# Distributed under the terms of the Modified BSD License.
+
+set -e
+
+# set default ip to 0.0.0.0
+if [[ "$NOTEBOOK_ARGS $@" != *"--ip="* ]]; then
+  NOTEBOOK_ARGS="--ip=0.0.0.0 $NOTEBOOK_ARGS"
+fi
+
+# handle some deprecated environment variables
+# from DockerSpawner < 0.8.
+# These won't be passed from DockerSpawner 0.9,
+# so avoid specifying --arg=empty-string
+if [ ! -z "$NOTEBOOK_DIR" ]; then
+  NOTEBOOK_ARGS="--notebook-dir='$NOTEBOOK_DIR' $NOTEBOOK_ARGS"
+fi
+if [ ! -z "$JPY_PORT" ]; then
+  NOTEBOOK_ARGS="--port=$JPY_PORT $NOTEBOOK_ARGS"
+fi
+if [ ! -z "$JPY_USER" ]; then
+  NOTEBOOK_ARGS="--user=$JPY_USER $NOTEBOOK_ARGS"
+fi
+if [ ! -z "$JPY_COOKIE_NAME" ]; then
+  NOTEBOOK_ARGS="--cookie-name=$JPY_COOKIE_NAME $NOTEBOOK_ARGS"
+fi
+if [ ! -z "$JPY_BASE_URL" ]; then
+  NOTEBOOK_ARGS="--base-url=$JPY_BASE_URL $NOTEBOOK_ARGS"
+fi
+if [ ! -z "$JPY_HUB_PREFIX" ]; then
+  NOTEBOOK_ARGS="--hub-prefix=$JPY_HUB_PREFIX $NOTEBOOK_ARGS"
+fi
+if [ ! -z "$JPY_HUB_API_URL" ]; then
+  NOTEBOOK_ARGS="--hub-api-url=$JPY_HUB_API_URL $NOTEBOOK_ARGS"
+fi
+if [ ! -z "$JUPYTER_ENABLE_LAB" ]; then
+  NOTEBOOK_BIN="jupyter labhub"
+else
+  NOTEBOOK_BIN="jupyterhub-singleuser"
+fi
+
+. /usr/local/bin/start.sh $NOTEBOOK_BIN $NOTEBOOK_ARGS "$@"

start.sh

@@ -1 +0,0 @@
-.build/start.sh

start.sh

@@ -0,0 +1,147 @@
+#!/bin/bash
+# Copyright (c) Jupyter Development Team.
+# Distributed under the terms of the Modified BSD License.
+
+set -e
+
+# Exec the specified command or fall back on bash
+if [ $# -eq 0 ]; then
+    cmd=( "bash" )
+else
+    cmd=( "$@" )
+fi
+
+run-hooks () {
+    # Source scripts or run executable files in a directory
+    if [[ ! -d "$1" ]] ; then
+        return
+    fi
+    echo "$0: running hooks in $1"
+    for f in "$1/"*; do
+        case "$f" in
+            *.sh)
+                echo "$0: running $f"
+                source "$f"
+                ;;
+            *)
+                if [[ -x "$f" ]] ; then
+                    echo "$0: running $f"
+                    "$f"
+                else
+                    echo "$0: ignoring $f"
+                fi
+                ;;
+        esac
+    done
+    echo "$0: done running hooks in $1"
+}
+
+run-hooks /usr/local/bin/start-notebook.d
+
+# Handle special flags if we're root
+if [ $(id -u) == 0 ] ; then
+
+    # Only attempt to change the jovyan username if it exists
+    if id jovyan &> /dev/null ; then
+        echo "Set username to: $NB_USER"
+        usermod -d /home/$NB_USER -l $NB_USER jovyan
+    fi
+
+    # Handle case where provisioned storage does not have the correct permissions by default
+    # Ex: default NFS/EFS (no auto-uid/gid)
+    if [[ "$CHOWN_HOME" == "1" || "$CHOWN_HOME" == 'yes' ]]; then
+        echo "Changing ownership of /home/$NB_USER to $NB_UID:$NB_GID with options '${CHOWN_HOME_OPTS}'"
+        chown $CHOWN_HOME_OPTS $NB_UID:$NB_GID /home/$NB_USER
+    fi
+    if [ ! -z "$CHOWN_EXTRA" ]; then
+        for extra_dir in $(echo $CHOWN_EXTRA | tr ',' ' '); do
+            echo "Changing ownership of ${extra_dir} to $NB_UID:$NB_GID with options '${CHOWN_EXTRA_OPTS}'"
+            chown $CHOWN_EXTRA_OPTS $NB_UID:$NB_GID $extra_dir
+        done
+    fi
+
+    # handle home and working directory if the username changed
+    if [[ "$NB_USER" != "jovyan" ]]; then
+        # changing username, make sure homedir exists
+        # (it could be mounted, and we shouldn't create it if it already exists)
+        if [[ ! -e "/home/$NB_USER" ]]; then
+            echo "Relocating home dir to /home/$NB_USER"
+            mv /home/jovyan "/home/$NB_USER" || ln -s /home/jovyan "/home/$NB_USER"
+        fi
+        # if workdir is in /home/jovyan, cd to /home/$NB_USER
+        if [[ "$PWD/" == "/home/jovyan/"* ]]; then
+            newcwd="/home/$NB_USER/${PWD:13}"
+            echo "Setting CWD to $newcwd"
+            cd "$newcwd"
+        fi
+    fi
+
+    # Change UID:GID of NB_USER to NB_UID:NB_GID if it does not match
+    if [ "$NB_UID" != $(id -u $NB_USER) ] || [ "$NB_GID" != $(id -g $NB_USER) ]; then
+        echo "Set user $NB_USER UID:GID to: $NB_UID:$NB_GID"
+        if [ "$NB_GID" != $(id -g $NB_USER) ]; then
+            groupadd -g $NB_GID -o ${NB_GROUP:-${NB_USER}}
+        fi
+        userdel $NB_USER
+        useradd --home /home/$NB_USER -u $NB_UID -g $NB_GID -G 100 -l $NB_USER
+    fi
+
+    # Enable sudo if requested
+    if [[ "$GRANT_SUDO" == "1" || "$GRANT_SUDO" == 'yes' ]]; then
+        echo "Granting $NB_USER sudo access and appending $CONDA_DIR/bin to sudo PATH"
+        echo "$NB_USER ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/notebook
+    fi
+
+    # Add $CONDA_DIR/bin to sudo secure_path
+    sed -r "s#Defaults\s+secure_path=\"([^\"]+)\"#Defaults secure_path=\"\1:$CONDA_DIR/bin\"#" /etc/sudoers | grep secure_path > /etc/sudoers.d/path
+
+    # Exec the command as NB_USER with the PATH and the rest of
+    # the environment preserved
+    run-hooks /usr/local/bin/before-notebook.d
+    echo "Executing the command: ${cmd[@]}"
+    exec sudo -E -H -u $NB_USER PATH=$PATH XDG_CACHE_HOME=/home/$NB_USER/.cache PYTHONPATH=${PYTHONPATH:-} "${cmd[@]}"
+else
+    if [[ "$NB_UID" == "$(id -u jovyan)" && "$NB_GID" == "$(id -g jovyan)" ]]; then
+        # User is not attempting to override user/group via environment
+        # variables, but they could still have overridden the uid/gid that
+        # container runs as. Check that the user has an entry in the passwd
+        # file and if not add an entry.
+        STATUS=0 && whoami &> /dev/null || STATUS=$? && true
+        if [[ "$STATUS" != "0" ]]; then
+            if [[ -w /etc/passwd ]]; then
+                echo "Adding passwd file entry for $(id -u)"
+                cat /etc/passwd | sed -e "s/^jovyan:/nayvoj:/" > /tmp/passwd
+                echo "jovyan:x:$(id -u):$(id -g):,,,:/home/jovyan:/bin/bash" >> /tmp/passwd
+                cat /tmp/passwd > /etc/passwd
+                rm /tmp/passwd
+            else
+                echo 'Container must be run with group "root" to update passwd file'
+            fi
+        fi
+
+        # Warn if the user isn't going to be able to write files to $HOME.
+        if [[ ! -w /home/jovyan ]]; then
+            echo 'Container must be run with group "users" to update files'
+        fi
+    else
+        # Warn if looks like user want to override uid/gid but hasn't
+        # run the container as root.
+        if [[ ! -z "$NB_UID" && "$NB_UID" != "$(id -u)" ]]; then
+            echo 'Container must be run as root to set $NB_UID'
+        fi
+        if [[ ! -z "$NB_GID" && "$NB_GID" != "$(id -g)" ]]; then
+            echo 'Container must be run as root to set $NB_GID'
+        fi
+    fi
+
+    # Warn if looks like user want to run in sudo mode but hasn't run
+    # the container as root.
+    if [[ "$GRANT_SUDO" == "1" || "$GRANT_SUDO" == 'yes' ]]; then
+        echo 'Container must be run as root to grant sudo permissions'
+    fi
+
+    # Execute the command
+    run-hooks /usr/local/bin/before-notebook.d
+    echo "Executing the command: ${cmd[@]}"
+    exec "${cmd[@]}"
+fi