Add jupyter site

2024-03-18 15:15:38 +01:00 · 2024-03-18 15:15:38 +01:00 · b4ce0046de
parent 65abea7daa
commit b4ce0046de
2 changed files with 107 additions and 0 deletions
--- a/manifests/jupyter_site.pp
+++ b/manifests/jupyter_site.pp
@ -0,0 +1,38 @@
 #Class for SUNET-Drive-portal-Server
 class sunetdrive::jupyter_site (
  String $site_version = '0.0.1-1'
 ) {
  $domain = 'jupyter.sunet.dev'
  sunet::docker_compose { 'portal_compose':
    content          => template('sunetdrive/jupyter_site/docker-compose.erb.yaml'),
    service_name     => 'jupyter_site',
    compose_dir      => '/opt/',
    compose_filename => 'docker-compose.yml',
    description      => 'Web server',
  }
  exec { 'workaround_docker_compose_dir':
    command => 'mkdir -p /opt/jupyter_site/nginx',
    unless  => 'test -d /opt/jupyter_site/nginx',
  }
  $nginx_dirs = ['acme', 'certs', 'conf', 'dhparam', 'html', 'vhost']
  $nginx_dirs.each | $dir| {
    file { "/opt/jupyter_site/nginx/${dir}":
      ensure => directory,
      owner  => 'root',
      group  => 'root',
      mode   => '0751',
    }
  }
  sunet::misc::ufw_allow { 'https':
    from => '0.0.0.0/0',
    port => 443,
  }
  # For acme and redirect
  sunet::misc::ufw_allow { 'http':
    from => '0.0.0.0/0',
    port => 80,
  }
 }
--- a/templates/jupyter_site/docker-compose.erb.yaml
+++ b/templates/jupyter_site/docker-compose.erb.yaml
@ -0,0 +1,69 @@
 version: "3.7"
 services:
  nginx:
    image: docker.io/nginxproxy/nginx-proxy:latest
    container_name: nginx
    networks:
      - internal_network
      - external_network
    dns:
      - 89.32.32.32
    ports:
      - "80:80"
      - "443:443"
    labels:
      com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"
    volumes:
      - /opt/jupyter_site/nginx/certs:/etc/nginx/certs:ro
      - /opt/jupyter_site/nginx/conf:/etc/nginx/conf.d
      - /opt/jupyter_site/nginx/dhparam:/etc/nginx/dhparam
      - /opt/jupyter_site/nginx/html:/usr/share/nginx/html
      - /opt/jupyter_site/nginx/vhost:/etc/nginx/vhost.d
      - /var/run/docker.sock:/tmp/docker.sock:ro
    environment:
      - ENABLE_IPV6=true
    restart: unless-stopped
  acme:
    image: docker.io/nginxproxy/acme-companion:latest
    container_name: acme
    networks:
      - external_network
    dns:
      - 89.32.32.32
    volumes:
      - /opt/jupyter_site/nginx/acme:/etc/acme.sh
      - /opt/jupyter_site/nginx/certs:/etc/nginx/certs:rw
      - /opt/jupyter_site/nginx/conf:/etc/nginx/conf.d
      - /opt/jupyter_site/nginx/dhparam:/etc/nginx/dhparam
      - /opt/jupyter_site/nginx/html:/usr/share/nginx/html
      - /opt/jupyter_site/nginx/vhost:/etc/nginx/vhost.d:rw
      - /var/run/docker.sock:/var/run/docker.sock:ro
    environment:
      - NGINX_PROXY_CONTAINER=nginx
      - DEFAULT_EMAIL=drive@sunet.se
    depends_on:
      - nginx
    restart: unless-stopped
  web:
    image: docker.sunet.se/drive/jupyter-site:<%= @site_version %>
    container_name: web
    restart: always
    networks:
      - internal_network
    ports:
      - "127.0.0.1:3000:3000"
    dns:
      - 89.32.32.32
    environment:
      - VIRTUAL_HOST=<%= @domain %>
      - VIRTUAL_PATH=/
      - VIRTUAL_PORT=3000
      - LETSENCRYPT_HOST=<%= @domain %>
 networks:
  external_network:
  internal_network:
    internal: true