RUN apt-get install -qqy \
procps postgresql postgresql-server-dev-9.1 apache2 slurm-llnl munge \
supervisor sudo libwww-perl libio-socket-ssl-perl libcrypt-ssleay-perl \
- libjson-perl cron
+ libjson-perl cron openssh-server
ADD munge.key /etc/munge/
RUN chown munge:munge /etc/munge/munge.key && chmod 600 /etc/munge/munge.key
# Supervisor.
ADD supervisor.conf /etc/supervisor/conf.d/arvados.conf
-ADD ssh.sh /usr/local/bin/ssh.sh
ADD generated/setup.sh /usr/local/bin/setup.sh
ADD generated/setup-gitolite.sh /usr/local/bin/setup-gitolite.sh
ADD crunch-dispatch-run.sh /usr/local/bin/crunch-dispatch-run.sh
+++ /dev/null
-#!/bin/bash
-
-echo $ENABLE_SSH
-
-# Start ssh daemon if requested via the ENABLE_SSH env variable
-if [[ ! "$ENABLE_SSH" =~ (0|false|no|f|^$) ]]; then
-echo "STARTING"
- /etc/init.d/ssh start
-fi
-
[program:ssh]
user=root
-command=/usr/local/bin/ssh.sh
+command=/etc/init.d/ssh start
startsecs=0
[program:postgres]
#!/bin/bash
-ENABLE_SSH=false
DOCKER=`which docker.io`
if [[ "$DOCKER" == "" ]]; then
echo >&2 " -v, --vm Shell server"
echo >&2 " -n, --nameserver Nameserver"
echo >&2 " -k, --keep Keep servers"
- echo >&2 " --ssh Enable SSH access to server containers"
echo >&2 " -h, --help Display this help and exit"
echo >&2
echo >&2 " If no options are given, the action is applied to all servers."
fi
local image=$5
- if $ENABLE_SSH
- then
- args="$args -e ENABLE_SSH=$ENABLE_SSH"
- fi
-
`$DOCKER ps |grep -P "$name[^/]" -q`
if [[ "$?" == "0" ]]; then
echo "You have a running container with name $name -- skipping."
if [ "$?" != "0" -o "$container" = "" ]; then
echo "Unable to start container"
exit 1
- fi
- if [ "$name" == "compute" -o "$ENABLE_SSH" != "false" ];
- then
- ip=$(ip_address $container )
- echo
- echo "You can ssh into the container with:"
- echo
- echo " ssh root@$ip"
- echo
else
echo "Started container: $container"
fi
# NOTE: This requires GNU getopt (part of the util-linux package on Debian-based distros).
local TEMP=`getopt -o d::s::a::cw::nkvh \
- --long doc::,sso::,api::,compute,workbench::,nameserver,keep,vm,help,ssh \
+ --long doc::,sso::,api::,compute,workbench::,nameserver,keep,vm,help \
-n "$0" -- "$@"`
if [ $? != 0 ] ; then echo "Use -h for help"; exit 1 ; fi
start_keep=true
shift
;;
- --ssh)
- # ENABLE_SSH is a global variable
- ENABLE_SSH=true
- shift
- ;;
--)
shift
break
RUN apt-key adv --keyserver pool.sks-keyservers.net --recv 1078ECD7
RUN apt-get update -qq
-RUN apt-get install -qqy openssh-server apt-utils git curl \
+RUN apt-get install -qqy apt-utils git curl \
libcurl3 libcurl3-gnutls libcurl4-openssl-dev locales \
postgresql-server-dev-9.1 python-arvados-python-client
RUN gpg --keyserver pool.sks-keyservers.net --recv-keys D39DC0E3 && \
- /bin/mkdir -p /root/.ssh && \
/bin/sed -ri 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
/usr/sbin/locale-gen && \
curl -L https://get.rvm.io | bash -s stable && \
/usr/local/rvm/bin/rvm-exec default bundle install --gemfile=/usr/src/arvados/apps/workbench/Gemfile && \
/usr/local/rvm/bin/rvm-exec default bundle install --gemfile=/usr/src/arvados/services/api/Gemfile && \
/usr/local/rvm/bin/rvm-exec default bundle install --gemfile=/usr/src/arvados/doc/Gemfile
-
-ADD generated/id_rsa.pub /root/.ssh/authorized_keys
-RUN chown root:root /root/.ssh/authorized_keys
config['ARVADOS_USER_NAME'] = user_name
config['API_HOSTNAME'] = generate_api_hostname
config['API_WORKBENCH_ADDRESS'] = 'false'
- config['PUBLIC_KEY_PATH'] = find_or_create_ssh_key(config['API_HOSTNAME'])
config.each_key do |var|
config_out.write "#{var}: #{config[var]}\n"
end
return system "#{docker_path} images > /dev/null 2>&1"
end
-# find_or_create_ssh_key arvados_name
-# Returns the SSH public key appropriate for this Arvados instance,
-# generating one if necessary.
-#
-def find_or_create_ssh_key arvados_name
- ssh_key_file = "#{ENV['HOME']}/.ssh/arvados_#{arvados_name}_id_rsa"
- unless File.exists? ssh_key_file
- system 'ssh-keygen',
- '-f', ssh_key_file,
- '-C', "arvados@#{arvados_name}",
- '-P', ''
- end
-
- return "#{ssh_key_file}.pub"
-end
-
# install_docker
# Determines which Docker package is suitable for this Linux distro
# and installs it, resolving any dependencies.
end
end
end
-
-# Copy the ssh public key file to base/generated (if a path is given)
-generated_dir = File.join('base/generated')
-Dir.mkdir(generated_dir) unless Dir.exists? generated_dir
-if (!config['PUBLIC_KEY_PATH'].nil? and
- File.readable? config['PUBLIC_KEY_PATH'])
- FileUtils.cp(config['PUBLIC_KEY_PATH'],
- File.join(generated_dir, 'id_rsa.pub'))
-end
# Supervisor.
ADD supervisor.conf /etc/supervisor/conf.d/arvados.conf
-ADD ssh.sh /usr/local/bin/ssh.sh
ADD generated/setup.sh /usr/local/bin/setup.sh
ADD wrapdocker /usr/local/bin/wrapdocker.sh
+++ /dev/null
-#!/bin/bash
-
-echo $ENABLE_SSH
-
-# Start ssh daemon if requested via the ENABLE_SSH env variable
-if [[ ! "$ENABLE_SSH" =~ (0|false|no|f|^$) ]]; then
-echo "STARTING"
- /etc/init.d/ssh start
-fi
-
-[program:ssh]
-user=root
-command=/usr/local/bin/ssh.sh
-startsecs=0
-
[program:munge]
user=root
command=/etc/init.d/munge start
# Configuration for the Rails databases (database names,
# usernames and passwords).
-# Path to a public ssh key you would like to have installed in the
-# root account of the generated images. This is useful for debugging.
-# To enable the SSH server, set the ENABLE_SSH environment variable to
-# true when starting the container.
-PUBLIC_KEY_PATH:
-
# Username for your Arvados user. This will be used as your shell login name
# as well as the name for your git repository.
ARVADOS_USER_NAME:
read pid cmd state ppid pgrp session tty_nr tpgid rest < /proc/self/stat
trap "kill -TERM -$pgrp; exit" EXIT TERM KILL SIGKILL SIGTERM SIGQUIT
-# Start ssh daemon if requested via the ENABLE_SSH env variable
-if [[ ! "$ENABLE_SSH" =~ (0|false|no|f|^$) ]]; then
- /etc/init.d/ssh start
-fi
-
source /etc/apache2/envvars
/usr/sbin/apache2 -D FOREGROUND
RUN apt-get install -qqy \
python-pip python-pyvcf python-gflags python-google-api-python-client \
python-virtualenv libattr1-dev libfuse-dev python-dev python-llfuse fuse \
- crunchstat python-arvados-fuse cron vim supervisor
+ crunchstat python-arvados-fuse cron vim supervisor openssh-server
ADD fuse.conf /etc/fuse.conf
RUN chmod 644 /etc/fuse.conf
useradd $USER_NAME -s /bin/bash
mkdir /home/$USER_NAME/.ssh -p
-cp ~root/.ssh/authorized_keys /home/$USER_NAME/.ssh/authorized_keys
-
# Install our token
mkdir -p /home/$USER_NAME/.config/arvados;
echo "ARVADOS_API_HOST=api" >> /home/$USER_NAME/.config/arvados/settings.conf
-[program:ssh]
-user=root
-command=/usr/local/bin/ssh.sh
-startsecs=0
-
[program:munge]
user=root
command=/etc/init.d/munge start
[program:slurm]
user=root
command=/etc/init.d/slurm-llnl start
-
-
read pid cmd state ppid pgrp session tty_nr tpgid rest < /proc/self/stat
trap "kill -TERM -$pgrp; exit" EXIT TERM KILL SIGKILL SIGTERM SIGQUIT
-# Start ssh daemon if requested via the ENABLE_SSH env variable
-if [[ ! "$ENABLE_SSH" =~ (0|false|no|f|^$) ]]; then
- /etc/init.d/ssh start
-fi
-
source /etc/apache2/envvars
/usr/sbin/apache2 -D FOREGROUND
read pid cmd state ppid pgrp session tty_nr tpgid rest < /proc/self/stat
trap "kill -TERM -$pgrp; exit" EXIT TERM KILL SIGKILL SIGTERM SIGQUIT
-# Start ssh daemon if requested via the ENABLE_SSH env variable
-if [[ ! "$ENABLE_SSH" =~ (0|false|no|f|^$) ]]; then
- /etc/init.d/ssh start
-fi
-
# Override the default API server address if necessary.
-if [[ "$API_PORT_443_TCP_ADDR" != "" ]]; then
+if [[ "$API_PORT_443_TCP_ADDR" != "" ]]; then
sed -i "s/localhost:9900/$API_PORT_443_TCP_ADDR/" /usr/src/arvados/apps/workbench/config/application.yml
fi