feat: add jupyterhub role
- add nodejs module to use npm package provider - add jupyterhub role - add class to configure the jupyterhub instance - add ldap groups - add nginx simpleproxy
This commit is contained in:
@@ -0,0 +1,115 @@
|
||||
# profiles::jupyter::jupyterhub
|
||||
class profiles::jupyter::jupyterhub (
|
||||
Stdlib::AbsolutePath $base_path = '/opt/jupyterhub',
|
||||
Stdlib::AbsolutePath $venv_path = "${base_path}/venv",
|
||||
Stdlib::AbsolutePath $config_path = "${base_path}/config.py",
|
||||
Hash $vault_config = {},
|
||||
String $owner = 'jupyterhub',
|
||||
String $group = 'jupyterhub',
|
||||
Boolean $systempkgs = false,
|
||||
String $version = '3.12',
|
||||
Array[String[1]] $packages = [
|
||||
'jupyterhub',
|
||||
'dockerspawner',
|
||||
'jupyterhub-ldapauthenticator',
|
||||
],
|
||||
String $ldap_server_address = 'ldap://ldap.service.consul',
|
||||
String $ldap_bind_dn_template = 'cn={username},ou=people,ou=users,dc=main,dc=unkin,dc=net',
|
||||
Boolean $ldap_use_ssl = false,
|
||||
Array $ldap_allowed_groups = ['ou=jupyterhub_user,ou=groups,dc=main,dc=unkin,dc=net'],
|
||||
Array $ldap_admin_groups = ['ou=jupyterhub_admin,ou=groups,dc=main,dc=unkin,dc=net'],
|
||||
){
|
||||
|
||||
# ensure nodejs:20 is installed
|
||||
package { 'nodejs_module':
|
||||
ensure => '20',
|
||||
name => 'nodejs',
|
||||
provider => 'dnfmodule',
|
||||
enable_only => true,
|
||||
}
|
||||
-> package { 'nodejs':
|
||||
ensure => 'installed',
|
||||
provider => 'dnf',
|
||||
}
|
||||
-> package { 'npm':
|
||||
ensure => 'installed',
|
||||
provider => 'dnf',
|
||||
}
|
||||
-> package { 'configurable-http-proxy':
|
||||
ensure => installed,
|
||||
provider => 'npm',
|
||||
}
|
||||
|
||||
# ensure python3.12 is installed
|
||||
if $::facts['python3_version'] {
|
||||
|
||||
$python_version = $version ? {
|
||||
'system' => $::facts['python3_version'],
|
||||
default => $version,
|
||||
}
|
||||
|
||||
# ensure the base_path exists
|
||||
file { $base_path:
|
||||
ensure => directory,
|
||||
mode => '0755',
|
||||
owner => $owner,
|
||||
group => $group,
|
||||
require => Profiles::Base::Account['jupyterhub'],
|
||||
}
|
||||
|
||||
# create a venv
|
||||
python::pyvenv { $venv_path :
|
||||
ensure => present,
|
||||
version => $python_version,
|
||||
systempkgs => $systempkgs,
|
||||
venv_dir => $venv_path,
|
||||
owner => $owner,
|
||||
group => $group,
|
||||
require => File[$base_path],
|
||||
}
|
||||
|
||||
# install the required pip packages
|
||||
$packages.each |String $package| {
|
||||
python::pip { "${venv_path}_${package}":
|
||||
ensure => present,
|
||||
pkgname => $package,
|
||||
virtualenv => $venv_path,
|
||||
}
|
||||
}
|
||||
|
||||
# create the config from a template
|
||||
file { $config_path:
|
||||
ensure => file,
|
||||
mode => '0660',
|
||||
owner => $owner,
|
||||
group => $group,
|
||||
content => Sensitive(template('profiles/jupyterhub/config.py.erb')),
|
||||
require => Python::Pyvenv[$venv_path],
|
||||
}
|
||||
|
||||
profiles::base::account {$owner:
|
||||
username => $owner,
|
||||
uid => 1101,
|
||||
gid => 1101,
|
||||
groups => ['systemd-journal'],
|
||||
system => true,
|
||||
}
|
||||
|
||||
systemd::unit_file { 'jupyterhub.service':
|
||||
content => template('profiles/jupyterhub/jupyterhub.service.erb'),
|
||||
enable => true,
|
||||
active => true,
|
||||
subscribe => File[$config_path],
|
||||
require => [
|
||||
File[$config_path],
|
||||
],
|
||||
}
|
||||
|
||||
## create symbolic link in $PATH
|
||||
#file { "/usr/local/bin/${script_name}":
|
||||
# ensure => 'link',
|
||||
# target => "${base_path}/${script_name}",
|
||||
# require => File["${base_path}/${script_name}"],
|
||||
#}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user