From 2a3e39a86bc19a28b1c72137a0e737c547781a6d Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Wed, 22 Oct 2025 16:41:09 -0600 Subject: [PATCH 01/21] virtual desktop first pass: nasa-veda, minus qgis, plus geolab-default environment.yml --- virtual_desktop/Dockerfile | 35 ++++++++++++++ virtual_desktop/environment.yml | 31 ++++++++++++ .../setup_scripts/setup-linux-desktop.bash | 48 +++++++++++++++++++ .../startup_scripts/setup-mime-files.bash | 19 ++++++++ 4 files changed, 133 insertions(+) create mode 100644 virtual_desktop/Dockerfile create mode 100644 virtual_desktop/environment.yml create mode 100644 virtual_desktop/setup_scripts/setup-linux-desktop.bash create mode 100644 virtual_desktop/startup_scripts/setup-mime-files.bash diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile new file mode 100644 index 0000000..f1abd1c --- /dev/null +++ b/virtual_desktop/Dockerfile @@ -0,0 +1,35 @@ +FROM quay.io/jupyter/minimal-notebook:2024-06-24 + +USER root + +COPY setup-scripts /opt/setup-scripts/ + +# Set DISPLAY env variable, so processes know where to open GUI windows. +# Allows python processes running in notebooks to open windows in the GUI. +ENV DISPLAY=":1.0" + +# Setup Linux Desktop +RUN /opt/setup-scripts/setup-linux-desktop.bash + +COPY startup-scripts /usr/local/bin/start-notebook.d/ + +# env variables used by downstream images for setting up desktop files or +# mime associations. Consumed by the startup-scripts in startup-scripts/ +ENV DESKTOP_FILES_DIR /opt/desktop-files +ENV MIME_FILES_DIR /opt/mime-files +RUN mkdir -p ${DESKTOP_FILES_DIR} ${MIME_FILES_DIR} + +USER ${NB_UID} + +COPY environment.yml /tmp/ + +RUN mamba env update --name ${CONDA_ENV} -f /tmp/environment.yml \ + && pip cache purge \ + && mamba clean -afy +RUN conda install awscli==2.27.0 + +# Pin jupyterhub and pydantic to older version +# because of https://github.com/NASA-IMPACT/veda-jupyterhub/issues/52#issuecomment-2277453902 +RUN python -m pip install --no-cache "jupyterhub<5.0.0" "pydantic<2.0" +RUN python -m pip install --no-cache jupyter-remote-desktop-proxy +# RUN python -m pip install --no-cache git+https://github.com/sunu/jupyter-remote-qgis-proxy@e1a49e0ba98700c2f49fc092d5fc1e43ca5442eb \ No newline at end of file diff --git a/virtual_desktop/environment.yml b/virtual_desktop/environment.yml new file mode 100644 index 0000000..bbe966c --- /dev/null +++ b/virtual_desktop/environment.yml @@ -0,0 +1,31 @@ +# Environment we need *on top* of base PANGEO stack +# Get list of pangeo packages from https://github.com/pangeo-data/pangeo-docker-images/blob/master/pangeo-notebook/packages.txt +# BUT REMEMBER TO PICK THE HASH THAT CORRESPONDS TO OUR BASE IMAGE +channels: + - conda-forge + +dependencies: + # Packages required by ES + - tiledb + - pip + - pip: + # Pin jupyterhub and pydantic to older version because of https://github.com/NASA-IMPACT/veda-jupyterhub/issues/52#issuecomment-2277453902 + - awswrangler + - dascore + - earthscope-sdk==1.2.0b0 + - earthscope-cli==1.0.1 + - earthscopestraintools + - hypoinvpy + - gnssrefl + - jupyter_contrib_nbextensions + - jupyterlab_jupyterbook_navigation + - jupyter-remote-desktop-proxy + - jupyter-resource-usage + # - jupyterhub<5.0.0 + - obspy==1.4.1 + # - pydantic<2.0 + - pygmt==0.14.2 + - pynlloc + - pyocto + - pyrocko + \ No newline at end of file diff --git a/virtual_desktop/setup_scripts/setup-linux-desktop.bash b/virtual_desktop/setup_scripts/setup-linux-desktop.bash new file mode 100644 index 0000000..682307b --- /dev/null +++ b/virtual_desktop/setup_scripts/setup-linux-desktop.bash @@ -0,0 +1,48 @@ +#!/bin/bash +set -exuo pipefail +# Requirements: +# - Run as the root user + +# Install baseline packages to get X and xfce working +apt-get update -qq --yes > /dev/null +apt-get install --yes --no-install-recommends -qq \ + xfce4 \ + xorg \ + dbus-x11 \ + xubuntu-icon-theme \ + > /dev/null + +# Install tigervnc from apt repos - these are newer and more architecture +# appropriate than whatever is bundled with jupyter-remote-desktop-proxy +apt-get install --yes --no-install-recommends -qq \ + tigervnc-standalone-server \ + tigervnc-xorg-extension > /dev/null + +# Install add-apt-repositories so we can add PPA for latest firefox +apt-get install --yes --no-install-recommends -qq \ + software-properties-common gpg-agent > /dev/null + +# Install Firefox from a PPA - default Ubuntu's Firefox no longer +# provides it via apt, using snap instead. That does not work inside +# containers. We do this before our apt update in the script so that +# needs to run only once. +add-apt-repository ppa:mozillateam/ppa + +# Install Firefox from the PPA explicitly +apt-get update -qq --yes > /dev/null +apt-get install -qq --yes -t 'o=LP-PPA-mozillateam' --yes firefox + +# Cleanup apt-get update side effects +rm -rf /var/lib/apt/lists/* + +# Install packages required for linux desktop VPN setup to work +# websockify and jupyter-server-proxy available from conda-forge, but +# jupyter-remote-desktop-proxy is not. +# Temporarily install nbgitpuller too, while we work on getting it upstream +mamba install -c conda-forge --yes \ + websockify \ + jupyter-server-proxy \ + nbgitpuller + +fix-permissions "${CONDA_DIR}" +fix-permissions "/home/${NB_USER}" \ No newline at end of file diff --git a/virtual_desktop/startup_scripts/setup-mime-files.bash b/virtual_desktop/startup_scripts/setup-mime-files.bash new file mode 100644 index 0000000..5123b4d --- /dev/null +++ b/virtual_desktop/startup_scripts/setup-mime-files.bash @@ -0,0 +1,19 @@ +#!/bin/bash -l +set -euo pipefail +# This script is run on container startup, as a non-root user +# It copies any .xml files it may find in a MIME_FILES_DIR to the user's +# mime associations directory, allowing image authors to allow users to launch +# a specific application by double clicking files of a specific type. +# It's done at startup time because $HOME is often mounted over by a +# persistent remote filesystem, hiding whatever is in the directory. + +# Set nullglob, so we don't error out if there are no MIME files to be found +shopt -s nullglob + +MIME_DIR="${HOME}/.local/share/mime" +MIME_PACKAGES_DIR="${MIME_DIR}/packages" +mkdir -p "${MIME_PACKAGES_DIR}" +for mime_file_path in ${MIME_FILES_DIR}/*.xml; do + cp "${mime_file_path}" "${MIME_PACKAGES_DIR}/." +done +update-mime-database "${MIME_DIR}" \ No newline at end of file From d35293ab422f19edf5c9c94a791d9b511d01bec2 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Wed, 22 Oct 2025 16:53:33 -0600 Subject: [PATCH 02/21] gitlab-ci, build the right image please --- .gitlab-ci.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index aae5121..db7e2f6 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -16,9 +16,10 @@ include: - when: never .images_matrix: - - DOCKERFILE_RELPATH: "geolab-default" + # - DOCKERFILE_RELPATH: "geolab-default" # - DOCKERFILE_RELPATH: "mspass_shortcourse" # - DOCKERFILE_RELPATH: "mt_shortcourse" + - DOCKERFILE_RELPATH: "virtual_desktop" variables: CONTAINER_REGISTRY_PLATFORM: "AWS-PUB" From f7429da6f2b53bdb4bffbc4cd033ae81c9b26b44 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Thu, 23 Oct 2025 09:02:29 -0600 Subject: [PATCH 03/21] file rename --- virtual_desktop/Dockerfile | 10 +++++----- .../setup-linux-desktop.bash | 0 .../setup-mime-files.bash | 0 3 files changed, 5 insertions(+), 5 deletions(-) rename virtual_desktop/{setup_scripts => setup-scripts}/setup-linux-desktop.bash (100%) rename virtual_desktop/{startup_scripts => startup-scripts}/setup-mime-files.bash (100%) diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index f1abd1c..7ec7e62 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -28,8 +28,8 @@ RUN mamba env update --name ${CONDA_ENV} -f /tmp/environment.yml \ && mamba clean -afy RUN conda install awscli==2.27.0 -# Pin jupyterhub and pydantic to older version -# because of https://github.com/NASA-IMPACT/veda-jupyterhub/issues/52#issuecomment-2277453902 -RUN python -m pip install --no-cache "jupyterhub<5.0.0" "pydantic<2.0" -RUN python -m pip install --no-cache jupyter-remote-desktop-proxy -# RUN python -m pip install --no-cache git+https://github.com/sunu/jupyter-remote-qgis-proxy@e1a49e0ba98700c2f49fc092d5fc1e43ca5442eb \ No newline at end of file +# # Pin jupyterhub and pydantic to older version +# # because of https://github.com/NASA-IMPACT/veda-jupyterhub/issues/52#issuecomment-2277453902 +# RUN python -m pip install --no-cache "jupyterhub<5.0.0" "pydantic<2.0" +# RUN python -m pip install --no-cache jupyter-remote-desktop-proxy +# # RUN python -m pip install --no-cache git+https://github.com/sunu/jupyter-remote-qgis-proxy@e1a49e0ba98700c2f49fc092d5fc1e43ca5442eb \ No newline at end of file diff --git a/virtual_desktop/setup_scripts/setup-linux-desktop.bash b/virtual_desktop/setup-scripts/setup-linux-desktop.bash similarity index 100% rename from virtual_desktop/setup_scripts/setup-linux-desktop.bash rename to virtual_desktop/setup-scripts/setup-linux-desktop.bash diff --git a/virtual_desktop/startup_scripts/setup-mime-files.bash b/virtual_desktop/startup-scripts/setup-mime-files.bash similarity index 100% rename from virtual_desktop/startup_scripts/setup-mime-files.bash rename to virtual_desktop/startup-scripts/setup-mime-files.bash From 8b622b40d9bdd000d8989d8bce35278fdd8499ec Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Fri, 24 Oct 2025 08:15:46 -0600 Subject: [PATCH 04/21] sudo permissions on setup script --- virtual_desktop/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index 7ec7e62..d9e6bd6 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -9,7 +9,7 @@ COPY setup-scripts /opt/setup-scripts/ ENV DISPLAY=":1.0" # Setup Linux Desktop -RUN /opt/setup-scripts/setup-linux-desktop.bash +RUN sudo /opt/setup-scripts/setup-linux-desktop.bash COPY startup-scripts /usr/local/bin/start-notebook.d/ From 5b09a1271d5dd13f3271ed72d785397e691c433b Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Fri, 24 Oct 2025 12:14:01 -0600 Subject: [PATCH 05/21] try moving everything froms setup-linux-desktop to dockerfile --- virtual_desktop/Dockerfile | 56 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 54 insertions(+), 2 deletions(-) diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index d9e6bd6..5085943 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -2,14 +2,66 @@ FROM quay.io/jupyter/minimal-notebook:2024-06-24 USER root -COPY setup-scripts /opt/setup-scripts/ +# COPY setup-scripts /opt/setup-scripts/ # Set DISPLAY env variable, so processes know where to open GUI windows. # Allows python processes running in notebooks to open windows in the GUI. ENV DISPLAY=":1.0" # Setup Linux Desktop -RUN sudo /opt/setup-scripts/setup-linux-desktop.bash +# RUN /opt/setup-scripts/setup-linux-desktop.bash +## Move everything from the setup scrip to this Dockerfile +RUN set -exuo pipefail +# Requirements: +# - Run as the root user + +# Install baseline packages to get X and xfce working +RUN apt-get update -qq --yes > /dev/null +RUN apt-get install --yes --no-install-recommends -qq \ + xfce4 \ + xorg \ + dbus-x11 \ + xubuntu-icon-theme \ + > /dev/null + +# Install tigervnc from apt repos - these are newer and more architecture +# appropriate than whatever is bundled with jupyter-remote-desktop-proxy +RUN apt-get install --yes --no-install-recommends -qq \ + tigervnc-standalone-server \ + tigervnc-xorg-extension > /dev/null + +# Install add-apt-repositories so we can add PPA for latest firefox +RUN apt-get install --yes --no-install-recommends -qq \ + software-properties-common gpg-agent > /dev/null + +# Install Firefox from a PPA - default Ubuntu's Firefox no longer +# provides it via apt, using snap instead. That does not work inside +# containers. We do this before our apt update in the script so that +# needs to run only once. +RUN add-apt-repository ppa:mozillateam/ppa + +# Install Firefox from the PPA explicitly +RUN apt-get update -qq --yes > /dev/null +RUN apt-get install -qq --yes -t 'o=LP-PPA-mozillateam' --yes firefox + +# Cleanup apt-get update side effects +RUN rm -rf /var/lib/apt/lists/* + +# Install packages required for linux desktop VPN setup to work +# websockify and jupyter-server-proxy available from conda-forge, but +# jupyter-remote-desktop-proxy is not. +# Temporarily install nbgitpuller too, while we work on getting it upstream +RUN mamba install -c conda-forge --yes \ + websockify \ + jupyter-server-proxy \ + nbgitpuller + +RUN fix-permissions "${CONDA_DIR}" +RUN fix-permissions "/home/${NB_USER}" + + + + COPY startup-scripts /usr/local/bin/start-notebook.d/ From 132ed50845bb21327f9005b4a89f6ddaed3991e3 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Fri, 24 Oct 2025 12:58:50 -0600 Subject: [PATCH 06/21] consolidate all conda installs to environment.yml --- virtual_desktop/Dockerfile | 12 ++++-------- virtual_desktop/environment.yml | 4 +++- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index 5085943..59fa90b 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -51,18 +51,14 @@ RUN rm -rf /var/lib/apt/lists/* # websockify and jupyter-server-proxy available from conda-forge, but # jupyter-remote-desktop-proxy is not. # Temporarily install nbgitpuller too, while we work on getting it upstream -RUN mamba install -c conda-forge --yes \ - websockify \ - jupyter-server-proxy \ - nbgitpuller +# RUN mamba install -c conda-forge --yes \ +# websockify \ +# jupyter-server-proxy \ +# nbgitpuller RUN fix-permissions "${CONDA_DIR}" RUN fix-permissions "/home/${NB_USER}" - - - - COPY startup-scripts /usr/local/bin/start-notebook.d/ # env variables used by downstream images for setting up desktop files or diff --git a/virtual_desktop/environment.yml b/virtual_desktop/environment.yml index bbe966c..c85d58e 100644 --- a/virtual_desktop/environment.yml +++ b/virtual_desktop/environment.yml @@ -21,11 +21,13 @@ dependencies: - jupyterlab_jupyterbook_navigation - jupyter-remote-desktop-proxy - jupyter-resource-usage + - jupyter-server-proxy # - jupyterhub<5.0.0 + - nbgitpuller - obspy==1.4.1 # - pydantic<2.0 - pygmt==0.14.2 - pynlloc - pyocto - pyrocko - \ No newline at end of file + - websockify From 9c60a2ee33190608109fb8328defeb38590b2b83 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Fri, 24 Oct 2025 16:24:45 -0600 Subject: [PATCH 07/21] switch docker base to pangeo --- virtual_desktop/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index 59fa90b..f11215f 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -1,4 +1,4 @@ -FROM quay.io/jupyter/minimal-notebook:2024-06-24 +FROM pangeo/base-notebook USER root @@ -59,6 +59,7 @@ RUN rm -rf /var/lib/apt/lists/* RUN fix-permissions "${CONDA_DIR}" RUN fix-permissions "/home/${NB_USER}" + COPY startup-scripts /usr/local/bin/start-notebook.d/ # env variables used by downstream images for setting up desktop files or From d0e7629c7919a5aeff06944304f2638fdc3fa2b4 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Fri, 24 Oct 2025 16:55:49 -0600 Subject: [PATCH 08/21] remove extraneous pipefail --- virtual_desktop/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index f11215f..49e33a1 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -11,7 +11,7 @@ ENV DISPLAY=":1.0" # Setup Linux Desktop # RUN /opt/setup-scripts/setup-linux-desktop.bash ## Move everything from the setup scrip to this Dockerfile -RUN set -exuo pipefail +# RUN set -exuo pipefail # Requirements: # - Run as the root user From b5418790c89df65400a43f2ff05053f8ea787186 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Mon, 27 Oct 2025 11:25:41 -0600 Subject: [PATCH 09/21] Revert "file rename" This reverts commit f7429da6f2b53bdb4bffbc4cd033ae81c9b26b44. --- virtual_desktop/Dockerfile | 10 +++++----- .../setup-linux-desktop.bash | 0 .../setup-mime-files.bash | 0 3 files changed, 5 insertions(+), 5 deletions(-) rename virtual_desktop/{setup-scripts => setup_scripts}/setup-linux-desktop.bash (100%) rename virtual_desktop/{startup-scripts => startup_scripts}/setup-mime-files.bash (100%) diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index 49e33a1..0728515 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -77,8 +77,8 @@ RUN mamba env update --name ${CONDA_ENV} -f /tmp/environment.yml \ && mamba clean -afy RUN conda install awscli==2.27.0 -# # Pin jupyterhub and pydantic to older version -# # because of https://github.com/NASA-IMPACT/veda-jupyterhub/issues/52#issuecomment-2277453902 -# RUN python -m pip install --no-cache "jupyterhub<5.0.0" "pydantic<2.0" -# RUN python -m pip install --no-cache jupyter-remote-desktop-proxy -# # RUN python -m pip install --no-cache git+https://github.com/sunu/jupyter-remote-qgis-proxy@e1a49e0ba98700c2f49fc092d5fc1e43ca5442eb \ No newline at end of file +# Pin jupyterhub and pydantic to older version +# because of https://github.com/NASA-IMPACT/veda-jupyterhub/issues/52#issuecomment-2277453902 +RUN python -m pip install --no-cache "jupyterhub<5.0.0" "pydantic<2.0" +RUN python -m pip install --no-cache jupyter-remote-desktop-proxy +# RUN python -m pip install --no-cache git+https://github.com/sunu/jupyter-remote-qgis-proxy@e1a49e0ba98700c2f49fc092d5fc1e43ca5442eb \ No newline at end of file diff --git a/virtual_desktop/setup-scripts/setup-linux-desktop.bash b/virtual_desktop/setup_scripts/setup-linux-desktop.bash similarity index 100% rename from virtual_desktop/setup-scripts/setup-linux-desktop.bash rename to virtual_desktop/setup_scripts/setup-linux-desktop.bash diff --git a/virtual_desktop/startup-scripts/setup-mime-files.bash b/virtual_desktop/startup_scripts/setup-mime-files.bash similarity index 100% rename from virtual_desktop/startup-scripts/setup-mime-files.bash rename to virtual_desktop/startup_scripts/setup-mime-files.bash From 8c6c764601627fec42e9816533512a8194982e2c Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Mon, 27 Oct 2025 11:32:31 -0600 Subject: [PATCH 10/21] revert to bash script version, add chmod on file permissions --- virtual_desktop/Dockerfile | 54 ++----------------- .../setup-scripts/setup-linux-desktop.bash | 48 +++++++++++++++++ .../startup-scripts/setup-mime-files.bash | 19 +++++++ 3 files changed, 70 insertions(+), 51 deletions(-) create mode 100644 virtual_desktop/setup-scripts/setup-linux-desktop.bash create mode 100644 virtual_desktop/startup-scripts/setup-mime-files.bash diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index 0728515..e2b1304 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -2,63 +2,15 @@ FROM pangeo/base-notebook USER root -# COPY setup-scripts /opt/setup-scripts/ +COPY setup-scripts /opt/setup-scripts/ # Set DISPLAY env variable, so processes know where to open GUI windows. # Allows python processes running in notebooks to open windows in the GUI. ENV DISPLAY=":1.0" # Setup Linux Desktop -# RUN /opt/setup-scripts/setup-linux-desktop.bash -## Move everything from the setup scrip to this Dockerfile -# RUN set -exuo pipefail -# Requirements: -# - Run as the root user - -# Install baseline packages to get X and xfce working -RUN apt-get update -qq --yes > /dev/null -RUN apt-get install --yes --no-install-recommends -qq \ - xfce4 \ - xorg \ - dbus-x11 \ - xubuntu-icon-theme \ - > /dev/null - -# Install tigervnc from apt repos - these are newer and more architecture -# appropriate than whatever is bundled with jupyter-remote-desktop-proxy -RUN apt-get install --yes --no-install-recommends -qq \ - tigervnc-standalone-server \ - tigervnc-xorg-extension > /dev/null - -# Install add-apt-repositories so we can add PPA for latest firefox -RUN apt-get install --yes --no-install-recommends -qq \ - software-properties-common gpg-agent > /dev/null - -# Install Firefox from a PPA - default Ubuntu's Firefox no longer -# provides it via apt, using snap instead. That does not work inside -# containers. We do this before our apt update in the script so that -# needs to run only once. -RUN add-apt-repository ppa:mozillateam/ppa - -# Install Firefox from the PPA explicitly -RUN apt-get update -qq --yes > /dev/null -RUN apt-get install -qq --yes -t 'o=LP-PPA-mozillateam' --yes firefox - -# Cleanup apt-get update side effects -RUN rm -rf /var/lib/apt/lists/* - -# Install packages required for linux desktop VPN setup to work -# websockify and jupyter-server-proxy available from conda-forge, but -# jupyter-remote-desktop-proxy is not. -# Temporarily install nbgitpuller too, while we work on getting it upstream -# RUN mamba install -c conda-forge --yes \ -# websockify \ -# jupyter-server-proxy \ -# nbgitpuller - -RUN fix-permissions "${CONDA_DIR}" -RUN fix-permissions "/home/${NB_USER}" - +RUN chmod a+x /opt/setup-scripts/setup-linux-desktop.bash +RUN /opt/setup-scripts/setup-linux-desktop.bash COPY startup-scripts /usr/local/bin/start-notebook.d/ diff --git a/virtual_desktop/setup-scripts/setup-linux-desktop.bash b/virtual_desktop/setup-scripts/setup-linux-desktop.bash new file mode 100644 index 0000000..682307b --- /dev/null +++ b/virtual_desktop/setup-scripts/setup-linux-desktop.bash @@ -0,0 +1,48 @@ +#!/bin/bash +set -exuo pipefail +# Requirements: +# - Run as the root user + +# Install baseline packages to get X and xfce working +apt-get update -qq --yes > /dev/null +apt-get install --yes --no-install-recommends -qq \ + xfce4 \ + xorg \ + dbus-x11 \ + xubuntu-icon-theme \ + > /dev/null + +# Install tigervnc from apt repos - these are newer and more architecture +# appropriate than whatever is bundled with jupyter-remote-desktop-proxy +apt-get install --yes --no-install-recommends -qq \ + tigervnc-standalone-server \ + tigervnc-xorg-extension > /dev/null + +# Install add-apt-repositories so we can add PPA for latest firefox +apt-get install --yes --no-install-recommends -qq \ + software-properties-common gpg-agent > /dev/null + +# Install Firefox from a PPA - default Ubuntu's Firefox no longer +# provides it via apt, using snap instead. That does not work inside +# containers. We do this before our apt update in the script so that +# needs to run only once. +add-apt-repository ppa:mozillateam/ppa + +# Install Firefox from the PPA explicitly +apt-get update -qq --yes > /dev/null +apt-get install -qq --yes -t 'o=LP-PPA-mozillateam' --yes firefox + +# Cleanup apt-get update side effects +rm -rf /var/lib/apt/lists/* + +# Install packages required for linux desktop VPN setup to work +# websockify and jupyter-server-proxy available from conda-forge, but +# jupyter-remote-desktop-proxy is not. +# Temporarily install nbgitpuller too, while we work on getting it upstream +mamba install -c conda-forge --yes \ + websockify \ + jupyter-server-proxy \ + nbgitpuller + +fix-permissions "${CONDA_DIR}" +fix-permissions "/home/${NB_USER}" \ No newline at end of file diff --git a/virtual_desktop/startup-scripts/setup-mime-files.bash b/virtual_desktop/startup-scripts/setup-mime-files.bash new file mode 100644 index 0000000..5123b4d --- /dev/null +++ b/virtual_desktop/startup-scripts/setup-mime-files.bash @@ -0,0 +1,19 @@ +#!/bin/bash -l +set -euo pipefail +# This script is run on container startup, as a non-root user +# It copies any .xml files it may find in a MIME_FILES_DIR to the user's +# mime associations directory, allowing image authors to allow users to launch +# a specific application by double clicking files of a specific type. +# It's done at startup time because $HOME is often mounted over by a +# persistent remote filesystem, hiding whatever is in the directory. + +# Set nullglob, so we don't error out if there are no MIME files to be found +shopt -s nullglob + +MIME_DIR="${HOME}/.local/share/mime" +MIME_PACKAGES_DIR="${MIME_DIR}/packages" +mkdir -p "${MIME_PACKAGES_DIR}" +for mime_file_path in ${MIME_FILES_DIR}/*.xml; do + cp "${mime_file_path}" "${MIME_PACKAGES_DIR}/." +done +update-mime-database "${MIME_DIR}" \ No newline at end of file From 6e19f46c032b906d9c286244d63e36a3ab64f695 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Mon, 27 Oct 2025 13:37:11 -0600 Subject: [PATCH 11/21] filename confusion --- .../setup_scripts/setup-linux-desktop.bash | 48 ------------------- .../startup_scripts/setup-mime-files.bash | 19 -------- 2 files changed, 67 deletions(-) delete mode 100644 virtual_desktop/setup_scripts/setup-linux-desktop.bash delete mode 100644 virtual_desktop/startup_scripts/setup-mime-files.bash diff --git a/virtual_desktop/setup_scripts/setup-linux-desktop.bash b/virtual_desktop/setup_scripts/setup-linux-desktop.bash deleted file mode 100644 index 682307b..0000000 --- a/virtual_desktop/setup_scripts/setup-linux-desktop.bash +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -set -exuo pipefail -# Requirements: -# - Run as the root user - -# Install baseline packages to get X and xfce working -apt-get update -qq --yes > /dev/null -apt-get install --yes --no-install-recommends -qq \ - xfce4 \ - xorg \ - dbus-x11 \ - xubuntu-icon-theme \ - > /dev/null - -# Install tigervnc from apt repos - these are newer and more architecture -# appropriate than whatever is bundled with jupyter-remote-desktop-proxy -apt-get install --yes --no-install-recommends -qq \ - tigervnc-standalone-server \ - tigervnc-xorg-extension > /dev/null - -# Install add-apt-repositories so we can add PPA for latest firefox -apt-get install --yes --no-install-recommends -qq \ - software-properties-common gpg-agent > /dev/null - -# Install Firefox from a PPA - default Ubuntu's Firefox no longer -# provides it via apt, using snap instead. That does not work inside -# containers. We do this before our apt update in the script so that -# needs to run only once. -add-apt-repository ppa:mozillateam/ppa - -# Install Firefox from the PPA explicitly -apt-get update -qq --yes > /dev/null -apt-get install -qq --yes -t 'o=LP-PPA-mozillateam' --yes firefox - -# Cleanup apt-get update side effects -rm -rf /var/lib/apt/lists/* - -# Install packages required for linux desktop VPN setup to work -# websockify and jupyter-server-proxy available from conda-forge, but -# jupyter-remote-desktop-proxy is not. -# Temporarily install nbgitpuller too, while we work on getting it upstream -mamba install -c conda-forge --yes \ - websockify \ - jupyter-server-proxy \ - nbgitpuller - -fix-permissions "${CONDA_DIR}" -fix-permissions "/home/${NB_USER}" \ No newline at end of file diff --git a/virtual_desktop/startup_scripts/setup-mime-files.bash b/virtual_desktop/startup_scripts/setup-mime-files.bash deleted file mode 100644 index 5123b4d..0000000 --- a/virtual_desktop/startup_scripts/setup-mime-files.bash +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -l -set -euo pipefail -# This script is run on container startup, as a non-root user -# It copies any .xml files it may find in a MIME_FILES_DIR to the user's -# mime associations directory, allowing image authors to allow users to launch -# a specific application by double clicking files of a specific type. -# It's done at startup time because $HOME is often mounted over by a -# persistent remote filesystem, hiding whatever is in the directory. - -# Set nullglob, so we don't error out if there are no MIME files to be found -shopt -s nullglob - -MIME_DIR="${HOME}/.local/share/mime" -MIME_PACKAGES_DIR="${MIME_DIR}/packages" -mkdir -p "${MIME_PACKAGES_DIR}" -for mime_file_path in ${MIME_FILES_DIR}/*.xml; do - cp "${mime_file_path}" "${MIME_PACKAGES_DIR}/." -done -update-mime-database "${MIME_DIR}" \ No newline at end of file From 5c21770290db34ee9c24850beb4198c9b245376b Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Tue, 28 Oct 2025 14:18:40 -0600 Subject: [PATCH 12/21] add fix-permissions --- virtual_desktop/Dockerfile | 4 ++- .../setup-scripts/fix-permissions.bash | 33 +++++++++++++++++++ 2 files changed, 36 insertions(+), 1 deletion(-) create mode 100644 virtual_desktop/setup-scripts/fix-permissions.bash diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index e2b1304..42babe0 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -2,7 +2,8 @@ FROM pangeo/base-notebook USER root -COPY setup-scripts /opt/setup-scripts/ +COPY setup-scripts/setup-linux-desktop.bash /opt/setup-scripts/setup-linux-desktop.bash +COPY setup-scripts/fix-permissions.bash /usr/local/bin/fix-permissions.bash # Set DISPLAY env variable, so processes know where to open GUI windows. # Allows python processes running in notebooks to open windows in the GUI. @@ -10,6 +11,7 @@ ENV DISPLAY=":1.0" # Setup Linux Desktop RUN chmod a+x /opt/setup-scripts/setup-linux-desktop.bash +RUN chmod a+x /usr/local/bin/fix-permissions.bash RUN /opt/setup-scripts/setup-linux-desktop.bash COPY startup-scripts /usr/local/bin/start-notebook.d/ diff --git a/virtual_desktop/setup-scripts/fix-permissions.bash b/virtual_desktop/setup-scripts/fix-permissions.bash new file mode 100644 index 0000000..d540462 --- /dev/null +++ b/virtual_desktop/setup-scripts/fix-permissions.bash @@ -0,0 +1,33 @@ +#!/bin/bash +# Set permissions on a directory +# After any installation, if a directory needs to be (human) user-writable, run this script on it. +# It will make everything in the directory owned by the group ${NB_GID} and writable by that group. +# Deployments that want to set a specific user id can preserve permissions +# by adding the `--group-add users` line to `docker run`. + +# Uses find to avoid touching files that already have the right permissions, +# which would cause a massive image explosion + +# Right permissions are: +# group=${NB_GID} +# AND permissions include group rwX (directory-execute) +# AND directories have setuid,setgid bits set + +set -e + +for d in "$@"; do + find "${d}" \ + ! \( \ + -group "${NB_GID}" \ + -a -perm -g+rwX \ + \) \ + -exec chgrp "${NB_GID}" -- {} \+ \ + -exec chmod g+rwX -- {} \+ + # setuid, setgid *on directories only* + find "${d}" \ + \( \ + -type d \ + -a ! -perm -6000 \ + \) \ + -exec chmod +6000 -- {} \+ +done \ No newline at end of file From a2496dfc514c1e5b4b8f565b9ae2a204cd6672d3 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Tue, 28 Oct 2025 15:24:28 -0600 Subject: [PATCH 13/21] increase fix-permissions permissions and filepath specificity --- virtual_desktop/Dockerfile | 2 ++ virtual_desktop/setup-scripts/setup-linux-desktop.bash | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index 42babe0..4a767b0 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -13,6 +13,8 @@ ENV DISPLAY=":1.0" RUN chmod a+x /opt/setup-scripts/setup-linux-desktop.bash RUN chmod a+x /usr/local/bin/fix-permissions.bash RUN /opt/setup-scripts/setup-linux-desktop.bash +RUN /usr/local/bin/fix-permissions.bash "${CONDA_DIR}" +RUN /usr/local/bin/fix-permissions.bash "/home/${NB_USER}" COPY startup-scripts /usr/local/bin/start-notebook.d/ diff --git a/virtual_desktop/setup-scripts/setup-linux-desktop.bash b/virtual_desktop/setup-scripts/setup-linux-desktop.bash index 682307b..3d1e34e 100644 --- a/virtual_desktop/setup-scripts/setup-linux-desktop.bash +++ b/virtual_desktop/setup-scripts/setup-linux-desktop.bash @@ -44,5 +44,5 @@ mamba install -c conda-forge --yes \ jupyter-server-proxy \ nbgitpuller -fix-permissions "${CONDA_DIR}" -fix-permissions "/home/${NB_USER}" \ No newline at end of file +/usr/local/bin/fix-permissions.bash "${CONDA_DIR}" +/usr/local/bin/fix-permissions.bash "/home/${NB_USER}" \ No newline at end of file From 9139b8aa9f3e81b0e80447e8e91d339ceb1e000f Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Tue, 28 Oct 2025 15:37:14 -0600 Subject: [PATCH 14/21] add chmod -r --- virtual_desktop/Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index 4a767b0..20ba2d9 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -11,10 +11,10 @@ ENV DISPLAY=":1.0" # Setup Linux Desktop RUN chmod a+x /opt/setup-scripts/setup-linux-desktop.bash -RUN chmod a+x /usr/local/bin/fix-permissions.bash +RUN chmod a+rx /usr/local/bin/fix-permissions.bash RUN /opt/setup-scripts/setup-linux-desktop.bash -RUN /usr/local/bin/fix-permissions.bash "${CONDA_DIR}" -RUN /usr/local/bin/fix-permissions.bash "/home/${NB_USER}" +# RUN /usr/local/bin/fix-permissions.bash "${CONDA_DIR}" +# RUN /usr/local/bin/fix-permissions.bash "/home/${NB_USER}" COPY startup-scripts /usr/local/bin/start-notebook.d/ @@ -24,7 +24,7 @@ ENV DESKTOP_FILES_DIR /opt/desktop-files ENV MIME_FILES_DIR /opt/mime-files RUN mkdir -p ${DESKTOP_FILES_DIR} ${MIME_FILES_DIR} -USER ${NB_UID} +USER ${NB_USER} COPY environment.yml /tmp/ From c6b4a6a3fef428d62ddb867ec6650b33129652fc Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Sat, 1 Nov 2025 06:34:03 -0600 Subject: [PATCH 15/21] shift to multistage build with geolab-default base --- virtual_desktop/Dockerfile | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index 20ba2d9..42851e0 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -1,4 +1,8 @@ -FROM pangeo/base-notebook +FROM public.ecr.aws/earthscope-dev/geolab/geolab-default:default_pytorch_split-f59cda68 AS stage + +ENV NB_GID=1000 + +FROM stage USER root @@ -11,27 +15,20 @@ ENV DISPLAY=":1.0" # Setup Linux Desktop RUN chmod a+x /opt/setup-scripts/setup-linux-desktop.bash -RUN chmod a+rx /usr/local/bin/fix-permissions.bash +RUN chmod a+x /usr/local/bin/fix-permissions.bash + RUN /opt/setup-scripts/setup-linux-desktop.bash -# RUN /usr/local/bin/fix-permissions.bash "${CONDA_DIR}" -# RUN /usr/local/bin/fix-permissions.bash "/home/${NB_USER}" COPY startup-scripts /usr/local/bin/start-notebook.d/ # env variables used by downstream images for setting up desktop files or # mime associations. Consumed by the startup-scripts in startup-scripts/ -ENV DESKTOP_FILES_DIR /opt/desktop-files -ENV MIME_FILES_DIR /opt/mime-files -RUN mkdir -p ${DESKTOP_FILES_DIR} ${MIME_FILES_DIR} - -USER ${NB_USER} +ENV DESKTOP_FILES_DIR=/opt/desktop-files +ENV MIME_FILES_DIR=/opt/mime-files -COPY environment.yml /tmp/ +RUN mkdir -p ${DESKTOP_FILES_DIR} ${MIME_FILES_DIR} -RUN mamba env update --name ${CONDA_ENV} -f /tmp/environment.yml \ - && pip cache purge \ - && mamba clean -afy -RUN conda install awscli==2.27.0 +USER ${NB_UID} # Pin jupyterhub and pydantic to older version # because of https://github.com/NASA-IMPACT/veda-jupyterhub/issues/52#issuecomment-2277453902 From 95cc5021d99c92db24d3be37146926433fc4b873 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Thu, 4 Dec 2025 11:46:27 -0700 Subject: [PATCH 16/21] add gmt, gedit, man-db --- virtual_desktop/Dockerfile | 13 +++++++++++++ .../setup-scripts/setup-linux-desktop.bash | 8 +++++++- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index 42851e0..9b8948c 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -28,6 +28,19 @@ ENV MIME_FILES_DIR=/opt/mime-files RUN mkdir -p ${DESKTOP_FILES_DIR} ${MIME_FILES_DIR} +#install GMT +RUN apt-get update -qq --yes > /dev/null \ + && apt-get install --yes -qq gnupg2 > /dev/null \ + && apt-get install gcc --yes \ + && apt-get install gfortran --yes \ + && apt-get install g++ --yes \ + && apt-get install make \ + && apt-get install ftp --yes \ + # && apt-get install gmt gmt-dcw gmt-gshhg --yes\ + # && apt-get install gedit --yes \ + # && apt-get install man-db --yes \ + && apt-get clean + USER ${NB_UID} # Pin jupyterhub and pydantic to older version diff --git a/virtual_desktop/setup-scripts/setup-linux-desktop.bash b/virtual_desktop/setup-scripts/setup-linux-desktop.bash index 3d1e34e..ad8523f 100644 --- a/virtual_desktop/setup-scripts/setup-linux-desktop.bash +++ b/virtual_desktop/setup-scripts/setup-linux-desktop.bash @@ -4,7 +4,7 @@ set -exuo pipefail # - Run as the root user # Install baseline packages to get X and xfce working -apt-get update -qq --yes > /dev/null +apt-get update -qq --yes > /dev/null apt-get install --yes --no-install-recommends -qq \ xfce4 \ xorg \ @@ -32,6 +32,12 @@ add-apt-repository ppa:mozillateam/ppa apt-get update -qq --yes > /dev/null apt-get install -qq --yes -t 'o=LP-PPA-mozillateam' --yes firefox +#install GMT +apt-get install gmt gmt-dcw gmt-gshhg --yes +apt-get install gedit --yes +apt-get install man-db --yes + + # Cleanup apt-get update side effects rm -rf /var/lib/apt/lists/* From b192b79480cf329b2177a6c1bedc36bd191ffd25 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Thu, 4 Dec 2025 12:06:19 -0700 Subject: [PATCH 17/21] fix docs issues --- docs/.readthedocs.yaml | 1 + virtual_desktop/environment.yml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/.readthedocs.yaml b/docs/.readthedocs.yaml index 1cca7cb..b5f292f 100644 --- a/docs/.readthedocs.yaml +++ b/docs/.readthedocs.yaml @@ -4,6 +4,7 @@ build: os: ubuntu-22.04 tools: python: "3.12" + nodejs: "20" jobs: pre_build: # Generate the Sphinx configuration for this Jupyter Book so it builds. diff --git a/virtual_desktop/environment.yml b/virtual_desktop/environment.yml index c85d58e..3603735 100644 --- a/virtual_desktop/environment.yml +++ b/virtual_desktop/environment.yml @@ -18,7 +18,7 @@ dependencies: - hypoinvpy - gnssrefl - jupyter_contrib_nbextensions - - jupyterlab_jupyterbook_navigation + # - jupyterlab_jupyterbook_navigation - jupyter-remote-desktop-proxy - jupyter-resource-usage - jupyter-server-proxy From 27201d76720931dce27fd1ff99941efa23a16a31 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Thu, 4 Dec 2025 12:21:41 -0700 Subject: [PATCH 18/21] pin JB version --- docs/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/requirements.txt b/docs/requirements.txt index 0027694..aabfd4c 100644 --- a/docs/requirements.txt +++ b/docs/requirements.txt @@ -1,4 +1,4 @@ -jupyter-book +jupyter-book<2.0.0 matplotlib numpy sphinx == 6.2.1 \ No newline at end of file From 2b523b5cd0dc2d56efa802fb87a90325863a72e9 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Fri, 5 Dec 2025 15:56:23 -0700 Subject: [PATCH 19/21] update base image --- virtual_desktop/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index 9b8948c..b17c384 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -1,4 +1,4 @@ -FROM public.ecr.aws/earthscope-dev/geolab/geolab-default:default_pytorch_split-f59cda68 AS stage +FROM public.ecr.aws/earthscope-dev/geolab/geolab-default:agu_wkshp-dc9cd124 AS stage ENV NB_GID=1000 From b709bc346253330f95b799a2f83fb6ed0745dc47 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Tue, 9 Dec 2025 10:49:23 -0700 Subject: [PATCH 20/21] add TauP --- virtual_desktop/Dockerfile | 1 + virtual_desktop/setup-scripts/setup-linux-desktop.bash | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/virtual_desktop/Dockerfile b/virtual_desktop/Dockerfile index b17c384..58ef15d 100644 --- a/virtual_desktop/Dockerfile +++ b/virtual_desktop/Dockerfile @@ -39,6 +39,7 @@ RUN apt-get update -qq --yes > /dev/null \ # && apt-get install gmt gmt-dcw gmt-gshhg --yes\ # && apt-get install gedit --yes \ # && apt-get install man-db --yes \ + # && apt-get install taup \ && apt-get clean USER ${NB_UID} diff --git a/virtual_desktop/setup-scripts/setup-linux-desktop.bash b/virtual_desktop/setup-scripts/setup-linux-desktop.bash index ad8523f..afcd8ce 100644 --- a/virtual_desktop/setup-scripts/setup-linux-desktop.bash +++ b/virtual_desktop/setup-scripts/setup-linux-desktop.bash @@ -37,6 +37,11 @@ apt-get install gmt gmt-dcw gmt-gshhg --yes apt-get install gedit --yes apt-get install man-db --yes +#install java and taup +apt-get install -y openjdk-11-jre-headless +wget https://zenodo.org/records/16884103/files/TauP-3.1.0.zip +unzip TauP-3.1.0.zip +export PATH="$PATH:TauP-3.1.0/bin" # Cleanup apt-get update side effects rm -rf /var/lib/apt/lists/* From 3cb6b63e28b873ed80af3203f62f6fe65aaabae0 Mon Sep 17 00:00:00 2001 From: sarahwilson523 Date: Tue, 9 Dec 2025 11:05:56 -0700 Subject: [PATCH 21/21] Trigger checks