Ben Vincent
0516f47ba5
- change to packer created alma9 instance - change docker root to use /data volume
119 lines
3.6 KiB
Puppet
119 lines
3.6 KiB
Puppet
# profiles::jupyter::jupyterhub
|
|
class profiles::jupyter::jupyterhub (
|
|
Stdlib::AbsolutePath $base_path = '/opt/jupyterhub',
|
|
Stdlib::AbsolutePath $venv_path = "${base_path}/venv",
|
|
Stdlib::AbsolutePath $config_path = "${base_path}/config.py",
|
|
Stdlib::AbsolutePath $notebook_path = '/home/jupyter/work',
|
|
Hash $vault_config = {},
|
|
String $owner = 'jupyterhub',
|
|
String $group = 'jupyterhub',
|
|
Boolean $systempkgs = false,
|
|
String $version = '3.12',
|
|
Array[String[1]] $packages = [
|
|
'jupyterhub',
|
|
'dockerspawner',
|
|
'jupyterhub-ldapauthenticator',
|
|
],
|
|
String $ldap_server_address = 'ldap://ldap.service.consul',
|
|
String $ldap_tls_strategy = 'insecure',
|
|
Array $ldap_allowed_groups = ['ou=jupyterhub_user,ou=groups,dc=main,dc=unkin,dc=net'],
|
|
Array $ldap_admin_users = [],
|
|
String $ldap_bind_user = 'cn=svc_jupyterhub,ou=services,ou=users,dc=main,dc=unkin,dc=net',
|
|
String $ldap_bind_pass = 'change-me',
|
|
String $ldap_user_search_base = 'ou=people,ou=users,dc=main,dc=unkin,dc=net',
|
|
String $ldap_user_search_filter = '({login_attr}={login})',
|
|
String $ldap_group_search_filter = '(uniqueMember={userdn})',
|
|
String $ldap_user_attribute = 'uid',
|
|
String $ldap_user_dn_attribute = 'cn',
|
|
String $docker_image = 'git.query.consul/unkin/almalinux9-jupyterlab:latest',
|
|
String $docker_network = 'bridge',
|
|
){
|
|
|
|
# ensure nodejs:20 is installed
|
|
package { 'nodejs_module':
|
|
ensure => '20',
|
|
name => 'nodejs',
|
|
provider => 'dnfmodule',
|
|
enable_only => true,
|
|
}
|
|
-> package { 'nodejs':
|
|
ensure => 'installed',
|
|
provider => 'dnf',
|
|
}
|
|
-> package { 'npm':
|
|
ensure => 'installed',
|
|
provider => 'dnf',
|
|
}
|
|
-> package { 'configurable-http-proxy':
|
|
ensure => installed,
|
|
provider => 'npm',
|
|
}
|
|
|
|
# ensure python3.12 is installed
|
|
if $::facts['python3_version'] {
|
|
|
|
$python_version = $version ? {
|
|
'system' => $::facts['python3_version'],
|
|
default => $version,
|
|
}
|
|
|
|
# ensure the base_path exists
|
|
file { $base_path:
|
|
ensure => directory,
|
|
mode => '0755',
|
|
owner => $owner,
|
|
group => $group,
|
|
require => Profiles::Base::Account['jupyterhub'],
|
|
}
|
|
|
|
# create a venv
|
|
python::pyvenv { $venv_path :
|
|
ensure => present,
|
|
version => $python_version,
|
|
systempkgs => $systempkgs,
|
|
venv_dir => $venv_path,
|
|
owner => $owner,
|
|
group => $group,
|
|
require => File[$base_path],
|
|
}
|
|
|
|
# install the required pip packages
|
|
$packages.each |String $package| {
|
|
python::pip { "${venv_path}_${package}":
|
|
ensure => present,
|
|
pkgname => $package,
|
|
virtualenv => $venv_path,
|
|
}
|
|
}
|
|
|
|
# create the config from a template
|
|
file { $config_path:
|
|
ensure => file,
|
|
mode => '0660',
|
|
owner => $owner,
|
|
group => $group,
|
|
content => Sensitive(template('profiles/jupyterhub/config.py.erb')),
|
|
require => Python::Pyvenv[$venv_path],
|
|
}
|
|
|
|
profiles::base::account {$owner:
|
|
username => $owner,
|
|
uid => 1101,
|
|
gid => 1101,
|
|
groups => ['systemd-journal', 'docker'],
|
|
system => true,
|
|
}
|
|
|
|
systemd::unit_file { 'jupyterhub.service':
|
|
content => template('profiles/jupyterhub/jupyterhub.service.erb'),
|
|
enable => true,
|
|
active => true,
|
|
subscribe => File[$config_path],
|
|
require => [
|
|
File[$config_path],
|
|
],
|
|
}
|
|
|
|
}
|
|
}
|