mirror of
https://github.com/balkian/jupyterhub-oauth.git
synced 2024-12-21 19:48:13 +00:00
First commit
This commit is contained in:
commit
7be39b76cd
1
.dockerignore
Normal file
1
.dockerignore
Normal file
@ -0,0 +1 @@
|
|||||||
|
env
|
26
Dockerfile
Normal file
26
Dockerfile
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
# Designed to be run as
|
||||||
|
#
|
||||||
|
# docker run -it -p 8000:8000 jupyter/oauthenticator
|
||||||
|
|
||||||
|
FROM jupyter/jupyterhub
|
||||||
|
|
||||||
|
MAINTAINER Project Jupyter <ipython-dev@scipy.org>
|
||||||
|
|
||||||
|
# Install oauthenticator from git
|
||||||
|
RUN pip install git+git://github.com/jupyter/oauthenticator.git
|
||||||
|
RUN pip install git+git://github.com/jupyter/dockerspawner.git
|
||||||
|
|
||||||
|
# Create oauthenticator directory and put necessary files in it
|
||||||
|
RUN mkdir /srv/oauthenticator
|
||||||
|
WORKDIR /srv/oauthenticator
|
||||||
|
ENV OAUTHENTICATOR_DIR /srv/oauthenticator
|
||||||
|
ADD addusers.sh /srv/oauthenticator/addusers.sh
|
||||||
|
ADD userlist /srv/oauthenticator/userlist
|
||||||
|
ADD ssl /srv/oauthenticator/ssl
|
||||||
|
RUN chmod 700 /srv/oauthenticator
|
||||||
|
RUN groupadd hubadmin
|
||||||
|
RUN echo "%hubadmin ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
|
||||||
|
|
||||||
|
VOLUME /home
|
||||||
|
|
||||||
|
RUN ["sh", "/srv/oauthenticator/addusers.sh"]
|
42
README.md
Normal file
42
README.md
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
# OAuthenticator
|
||||||
|
|
||||||
|
Example of running [JupyterHub](https://github.com/jupyter/jupyterhub)
|
||||||
|
with [GitHub OAuth](https://developer.github.com/v3/oauth/) for authentication.
|
||||||
|
|
||||||
|
## setup
|
||||||
|
|
||||||
|
Edit the file called `userlist` to include one GitHub user name per line.
|
||||||
|
If that user should be an admin (you!), add `admin` after a space.
|
||||||
|
|
||||||
|
For example:
|
||||||
|
|
||||||
|
```
|
||||||
|
mal admin
|
||||||
|
zoe admin
|
||||||
|
wash
|
||||||
|
inara admin
|
||||||
|
kaylee
|
||||||
|
jayne
|
||||||
|
simon
|
||||||
|
river
|
||||||
|
```
|
||||||
|
|
||||||
|
## build
|
||||||
|
|
||||||
|
Build the container with:
|
||||||
|
|
||||||
|
docker build -t jupyter/oauthenticator .
|
||||||
|
|
||||||
|
### ssl
|
||||||
|
|
||||||
|
To run the server on HTTPS, put your ssl key and cert in ssl/ssl.key and
|
||||||
|
ssl/ssl.cert.
|
||||||
|
|
||||||
|
## run
|
||||||
|
|
||||||
|
Add your oauth client id, client secret, and callback URL to the `env file`.
|
||||||
|
Once you have built the container, you can run it with:
|
||||||
|
|
||||||
|
docker run -it -p 8000:8000 --env-file=env jupyter/oauthenticator
|
||||||
|
|
||||||
|
Which will run the Jupyter server.
|
17
addusers.sh
Normal file
17
addusers.sh
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
IFS="
|
||||||
|
"
|
||||||
|
for line in `cat userlist`; do
|
||||||
|
test -z "$line" && continue
|
||||||
|
user=`echo $line | cut -f 1 -d' '`
|
||||||
|
admin=`echo $line | cut -f 2 -d' '`
|
||||||
|
echo "adding user $user"
|
||||||
|
useradd -m -s /bin/bash $user
|
||||||
|
if [ "$admin" = "admin" ]; then
|
||||||
|
echo "Making $user admin"
|
||||||
|
usermod -a -G hubadmin $user
|
||||||
|
fi
|
||||||
|
#cp -r /srv/ipython/examples /shared/$user/examples
|
||||||
|
#chown -R $user /home/$user/examples
|
||||||
|
done
|
5
env
Normal file
5
env
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
# add your github oauth config to this file,
|
||||||
|
# and run the container with `docker run -it -p 9000:8000 --env-file=env jupyter/oauthenticator`
|
||||||
|
GITHUB_CLIENT_ID=
|
||||||
|
GITHUB_CLIENT_SECRET=
|
||||||
|
OAUTH_CALLBACK_URL=
|
51
jupyterhub_config.py
Normal file
51
jupyterhub_config.py
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
# Configuration file for Jupyter Hub
|
||||||
|
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
|
||||||
|
c = get_config()
|
||||||
|
|
||||||
|
c.JupyterHub.log_level = 10
|
||||||
|
c.JupyterHub.spawner_class = 'dockerspawner.SystemUserSpawner'
|
||||||
|
c.DockerSpawner.container_image = 'jupyter/scipy-singleuser'
|
||||||
|
c.DockerSpawner.use_internal_ip = True
|
||||||
|
|
||||||
|
c.SystemUserSpawner.host_homedir_format_string = '/data/shared/{username}'
|
||||||
|
|
||||||
|
import socket
|
||||||
|
ips = ([ip for ip in socket.gethostbyname_ex(socket.gethostname())[2] if not ip.startswith("127.")][:1])
|
||||||
|
c.JupyterHub.hub_ip = ips[0]
|
||||||
|
|
||||||
|
|
||||||
|
c.JupyterHub.authenticator_class = 'oauthenticator.LocalGitHubOAuthenticator'
|
||||||
|
c.LocalGitHubOAuthenticator.create_system_users = True
|
||||||
|
|
||||||
|
c.Authenticator.whitelist = whitelist = set()
|
||||||
|
c.Authenticator.admin_users = admin = set()
|
||||||
|
|
||||||
|
join = os.path.join
|
||||||
|
|
||||||
|
here = os.path.dirname(__file__)
|
||||||
|
root = os.environ.get('OAUTHENTICATOR_DIR', here)
|
||||||
|
sys.path.insert(0, root)
|
||||||
|
|
||||||
|
with open(join(root, 'userlist')) as f:
|
||||||
|
for line in f:
|
||||||
|
if not line:
|
||||||
|
continue
|
||||||
|
parts = line.split()
|
||||||
|
name = parts[0]
|
||||||
|
whitelist.add(name)
|
||||||
|
if len(parts) > 1 and parts[1] == 'admin':
|
||||||
|
admin.add(name)
|
||||||
|
|
||||||
|
c.GitHubOAuthenticator.oauth_callback_url = os.environ['OAUTH_CALLBACK_URL']
|
||||||
|
|
||||||
|
# ssl config
|
||||||
|
ssl = join(root, 'ssl')
|
||||||
|
keyfile = join(ssl, 'ssl.key')
|
||||||
|
certfile = join(ssl, 'ssl.cert')
|
||||||
|
if os.path.exists(keyfile):
|
||||||
|
c.JupyterHub.ssl_key = keyfile
|
||||||
|
if os.path.exists(certfile):
|
||||||
|
c.JupyterHub.ssl_cert = certfile
|
3
ssl/README.md
Normal file
3
ssl/README.md
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
If you want the server to run with SSL,
|
||||||
|
put an SSL cert here in `ssl.cert`
|
||||||
|
and an SSL key in `ssl.key`
|
36
userlist
Normal file
36
userlist
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
balkian admin
|
||||||
|
cif2cif admin
|
||||||
|
nachtkatze admin
|
||||||
|
adri87
|
||||||
|
AlbertoED
|
||||||
|
alejandroSaura
|
||||||
|
allopezf
|
||||||
|
alvarocarrera
|
||||||
|
amardomingo
|
||||||
|
antoniom-diaz
|
||||||
|
arturomtm
|
||||||
|
Batlin
|
||||||
|
carloscrespog
|
||||||
|
constanr
|
||||||
|
DanielLara
|
||||||
|
dmorenob
|
||||||
|
emilioserra
|
||||||
|
enriquecs
|
||||||
|
gpoveda
|
||||||
|
gsi-bot
|
||||||
|
hopple
|
||||||
|
javiherrera
|
||||||
|
JesusMSM
|
||||||
|
Krun
|
||||||
|
ladvan
|
||||||
|
miguelcb84
|
||||||
|
mtorresl
|
||||||
|
NachoCP
|
||||||
|
neburdv
|
||||||
|
neoner2002
|
||||||
|
pmoncadaisla
|
||||||
|
RBermejo
|
||||||
|
rmaestre
|
||||||
|
rongil
|
||||||
|
sunshengjing
|
||||||
|
toniprada
|
Loading…
Reference in New Issue
Block a user