FROM jupyter/scipy-notebook # Set the working directory to /data WORKDIR /data # Copy the requirements file COPY requirements.txt . # Copy static files COPY public /app/public # Switch to root user to install system packages and set permissions USER root # Install sudo and other dependencies RUN apt-get update && apt-get install -y \ wget \ nginx \ sudo \ build-essential \ curl \ git \ vim \ && apt-get clean && rm -rf /var/lib/apt/lists/* # Install Python dependencies RUN pip install --no-cache-dir -r requirements.txt # Add jovyan to sudoers RUN usermod -aG sudo jovyan && \ echo "jovyan ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/jovyan && \ chmod 0440 /etc/sudoers.d/jovyan # Copy the configuration files and entrypoint script COPY jupyter_config.py /etc/jupyter/jupyter_config.py COPY nginx.conf /etc/nginx/nginx.conf COPY entrypoint.sh /app/entrypoint.sh # Set the entrypoint script as executable RUN chmod +x /app/entrypoint.sh # Create necessary directories and set permissions for Nginx RUN mkdir -p /var/lib/nginx/body /var/lib/nginx/fastcgi \ /var/lib/nginx/proxy /var/lib/nginx/scgi \ /var/lib/nginx/uwsgi /var/log/nginx \ && chown -R ${NB_UID}:${NB_GID} /var/lib/nginx /var/log/nginx /var/run /run \ && chmod 755 /var/lib/nginx /var/run /run # Ensure Nginx has permissions to write to log directory and PID file RUN touch /var/log/nginx/error.log /var/log/nginx/access.log /run/nginx.pid \ && chown -R ${NB_UID}:${NB_GID} /var/log/nginx /run/nginx.pid # Create /data directory and set permissions RUN mkdir -p /data && chown -R ${NB_UID}:${NB_GID} /data # Handle the JUPYTER_TOKEN secret at build time RUN --mount=type=secret,id=JUPYTER_TOKEN,mode=0444,required=true \ echo "JUPYTER_TOKEN=$(cat /run/secrets/JUPYTER_TOKEN)" >> /etc/environment # Switch back to the original user USER ${NB_UID} # Set the working directory to /data WORKDIR /data # Expose the port 8888 for JupyterLab EXPOSE 8888 # Expose the port 7860 for Nginx EXPOSE 7860 # Set the environment variables ENV JUPYTERLAB_PORT=8888 ENV NGINX_PORT=7860 # Run the entrypoint script when the container starts ENTRYPOINT ["/app/entrypoint.sh"]