Commit 6a351097 authored by Olivier Benz's avatar Olivier Benz
Browse files

Update Dockerfiles

- r-ver: Copy R from rsi image
- rstudio: Copy Git from gsi image
  - Update rstudio install scripts
- verse: Remove packages less and ssh
  - Packages are now part of rstudio image
parent 4c2fd517
......@@ -36,7 +36,7 @@
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: "/certs"
CRAN: https://cloud.r-project.org
R_VERSION_UPDATE: "false"
R_VERSION_UPDATE: "true"
before_script:
- *before-script-build
......
FROM debian:bullseye
ARG IMAGE=debian:bullseye
ARG R_VERSION=4.1.1
LABEL org.label-schema.license="GPL-2.0" \
org.label-schema.vcs-url="https://gitlab.b-data.ch/r/docker-stack" \
maintainer="Olivier Benz <olivier.benz@b-data.ch>"
FROM registry.gitlab.b-data.ch/r/rsi/${R_VERSION}/${IMAGE} as rsi
FROM ${IMAGE}
LABEL org.opencontainers.image.licenses="GPL-2.0" \
org.opencontainers.image.source="https://gitlab.b-data.ch/r/docker-stack" \
org.opencontainers.image.vendor="b-data GmbH" \
org.opencontainers.image.authors="Olivier Benz <olivier.benz@b-data.ch>"
ARG IMAGE=debian:bullseye
ARG DEBIAN_FRONTEND=noninteractive
ARG R_VERSION
ARG LAPACK=libopenblas-dev
ARG R_VERSION=4.1.1
ARG BUILD_DATE
ARG CRAN
ARG CRAN=https://cran.rstudio.com
## Setting a BUILD_DATE will set CRAN to the matching MRAN date
## No BUILD_DATE means that CRAN will default to latest
ENV R_VERSION=${R_VERSION:-4.1.1} \
CRAN=${CRAN:-https://cran.rstudio.com} \
ENV BASE_IMAGE=${IMAGE} \
R_VERSION=${R_VERSION} \
CRAN=${CRAN} \
LC_ALL=en_US.UTF-8 \
LANG=en_US.UTF-8 \
TERM=xterm
TERM=xterm \
TZ=Etc/UTC
COPY --from=rsi /usr/local /usr/local
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
bash-completion \
build-essential \
ca-certificates \
devscripts \
file \
fonts-texgyre \
g++ \
gfortran \
gsfonts \
libblas-dev \
libbz2-1.0 \
libcurl4 \
libicu67 \
libjpeg62-turbo \
libopenblas-dev \
libpangocairo-1.0-0 \
libpcre2-8-0 \
libpng16-16 \
libreadline8 \
libtiff5 \
liblzma5 \
libbz2-dev \
'^libcurl[3|4]$' \
libicu-dev \
'^libjpeg.*-turbo.*-dev$' \
liblzma-dev \
${LAPACK} \
libpangocairo-* \
libpaper-utils \
'^libpcre[2|3]-dev$' \
libpng-dev \
libreadline-dev \
libtiff* \
locales \
make \
pkg-config \
unzip \
zip \
zlib1g \
## Update locale
&& echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen \
&& locale-gen en_US.utf8 \
&& /usr/sbin/update-locale LANG=en_US.UTF-8 \
&& BUILDDEPS="curl \
default-jdk \
libbz2-dev \
libcairo2-dev \
libcurl4-openssl-dev \
libpango1.0-dev \
libjpeg-dev \
libicu-dev \
libpcre2-dev \
libpng-dev \
libreadline-dev \
libtiff5-dev \
liblzma-dev \
libx11-dev \
libxt-dev \
perl \
tcl8.6-dev \
tk8.6-dev \
texinfo \
texlive-extra-utils \
texlive-fonts-recommended \
texlive-fonts-extra \
texlive-latex-recommended \
x11proto-core-dev \
xauth \
xfonts-base \
xvfb \
zlib1g-dev" \
&& apt-get install -y --no-install-recommends $BUILDDEPS \
&& cd tmp/ \
## Download source code
&& curl -O https://cran.r-project.org/src/base/R-4/R-${R_VERSION}.tar.gz \
## Extract source code
&& tar -xf R-${R_VERSION}.tar.gz \
&& cd R-${R_VERSION} \
## Set compiler flags
&& R_PAPERSIZE=letter \
R_BATCHSAVE="--no-save --no-restore" \
R_BROWSER=xdg-open \
PAGER=/usr/bin/pager \
PERL=/usr/bin/perl \
R_UNZIPCMD=/usr/bin/unzip \
R_ZIPCMD=/usr/bin/zip \
R_PRINTCMD=/usr/bin/lpr \
LIBnn=lib \
AWK=/usr/bin/awk \
CFLAGS="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -g" \
CXXFLAGS="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -g" \
## Configure options
./configure --enable-R-shlib \
--enable-memory-profiling \
--with-readline \
--with-blas \
--with-tcltk \
--disable-nls \
--with-recommended-packages \
## Build and install
&& make \
&& make install \
## Add a library directory (for user-installed packages)
&& mkdir -p /usr/local/lib/R/site-library \
&& chown root:staff /usr/local/lib/R/site-library \
&& chmod g+ws /usr/local/lib/R/site-library \
## Fix library path
#&& sed -i '/^R_LIBS_USER=.*$/d' /usr/local/lib/R/etc/Renviron \
&& echo "R_LIBS_SITE=\${R_LIBS_SITE-'/usr/local/lib/R/site-library'}" >> /usr/local/lib/R/etc/Renviron \
#&& echo "R_LIBS=\${R_LIBS-'/usr/local/lib/R/site-library:/usr/local/lib/R/library:/usr/lib/R/library'}" >> /usr/local/lib/R/etc/Renviron \
## Set configured CRAN mirror
&& if [ -z "$BUILD_DATE" ]; then MRAN=$CRAN; \
else MRAN=https://mran.microsoft.com/snapshot/${BUILD_DATE}; fi \
......@@ -123,12 +78,8 @@ RUN apt-get update \
&& ln -s /usr/local/lib/R/site-library/littler/examples/install2.r /usr/local/bin/install2.r \
&& ln -s /usr/local/lib/R/site-library/littler/examples/installGithub.r /usr/local/bin/installGithub.r \
&& ln -s /usr/local/lib/R/site-library/littler/bin/r /usr/local/bin/r \
## Clean up from R source install
&& cd / \
## Clean up
&& rm -rf /tmp/* \
&& apt-get remove --purge -y $BUILDDEPS \
&& apt-get autoremove -y \
&& apt-get autoclean -y \
&& rm -rf /var/lib/apt/lists/*
CMD ["R"]
......
......@@ -5,7 +5,7 @@ services:
variables:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: "/certs"
R_VERSION_UPDATE: "false"
R_VERSION_UPDATE: "true"
before_script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
......
......@@ -2,10 +2,10 @@
ADD=${ADD:=none}
## A script to add shiny to an rstudio-based rocker image.
## A script to add shiny to an rstudio-based rocker image.
if [ "$ADD" == "shiny" ]; then
echo "Adding shiny server to container..."
echo "Adding shiny server to container..."
apt-get update && apt-get -y install \
gdebi-core \
libxt-dev && \
......@@ -28,5 +28,5 @@ if [ "$ADD" == "shiny" ]; then
fi
if [ $"$ADD" == "none" ]; then
echo "Nothing additional to add"
fi
echo "Nothing additional to add"
fi
......@@ -2,4 +2,3 @@
rsession-which-r=/usr/local/bin/R
auth-none=1
ARG BASE_IMAGE=debian:bullseye
ARG GIT_VERSION=2.32.0
FROM registry.gitlab.b-data.ch/git/gsi/${GIT_VERSION}/${BASE_IMAGE} as gsi
FROM registry.gitlab.b-data.ch/r/r-ver:4.1.1
ARG DEBIAN_FRONTEND=noninteractive
ARG RSTUDIO_VERSION
#ENV RSTUDIO_VERSION=${RSTUDIO_VERSION:-1.4.1717}
ARG S6_VERSION
ARG PANDOC_TEMPLATES_VERSION
ENV S6_VERSION=${S6_VERSION:-v1.21.7.0}
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
ARG RSTUDIO_VERSION=1.4.1717
ARG S6_VERSION=v1.21.7.0
ARG GIT_VERSION=2.32.0
ARG PANDOC_TEMPLATES_VERSION=2.14.2
ENV RSTUDIO_VERSION=${RSTUDIO_VERSION}
ENV PATH=/usr/lib/rstudio-server/bin:$PATH
ENV PANDOC_TEMPLATES_VERSION=${PANDOC_TEMPLATES_VERSION:-2.14.2}
ENV S6_VERSION=${S6_VERSION}
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
ENV GIT_VERSION=${GIT_VERSION}
ENV PANDOC_TEMPLATES_VERSION=${PANDOC_TEMPLATES_VERSION}
COPY --from=gsi /usr/local /usr/local
## Download and install RStudio server & dependencies
## Attempts to get detect latest version, otherwise falls back to version given in $VER
......@@ -18,7 +28,6 @@ RUN apt-get update \
&& apt-get install -y --no-install-recommends \
curl \
file \
git \
libapparmor1 \
libclang-dev \
libcurl4-openssl-dev \
......@@ -32,32 +41,33 @@ RUN apt-get update \
python-setuptools \
sudo \
wget \
## Additional git runtime dependencies
libcurl3-gnutls \
liberror-perl \
## Additional git runtime recommendations
less \
ssh-client \
&& if [ -z "$RSTUDIO_VERSION" ]; \
then RSTUDIO_URL="https://www.rstudio.org/download/latest/stable/server/bionic/rstudio-server-latest-amd64.deb"; \
else RSTUDIO_URL="http://download2.rstudio.org/server/bionic/amd64/rstudio-server-${RSTUDIO_VERSION}-amd64.deb"; fi \
&& wget -q $RSTUDIO_URL \
&& dpkg -i rstudio-server-*-amd64.deb \
&& rm rstudio-server-*-amd64.deb \
## https://github.com/rocker-org/rocker-versioned2/issues/137
rm -f /var/lib/rstudio-server/secure-cookie-key \
## Symlink pandoc & standard pandoc templates for use system-wide
&& ln -s /usr/lib/rstudio-server/bin/pandoc/pandoc /usr/local/bin \
&& ln -s /usr/lib/rstudio-server/bin/pandoc/pandoc-citeproc /usr/local/bin \
&& git clone --recursive --branch ${PANDOC_TEMPLATES_VERSION} https://github.com/jgm/pandoc-templates \
&& rm -rf /opt/pandoc/templates \
&& mkdir -p /opt/pandoc/templates \
&& cp -r pandoc-templates*/* /opt/pandoc/templates && rm -rf pandoc-templates* \
&& rm -rf /root/.pandoc \
&& mkdir /root/.pandoc && ln -s /opt/pandoc/templates /root/.pandoc/templates \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/ \
&& rm -rf /var/lib/apt/lists/* \
## RStudio wants an /etc/R, will populate from $R_HOME/etc
&& mkdir -p /etc/R \
## Write config files in $R_HOME/etc
&& echo '\n\
\n# Configure httr to perform out-of-band authentication if HTTR_LOCALHOST \
\n# is not set since a redirect to localhost may not work depending upon \
\n# where this Docker container is running. \
\nif(is.na(Sys.getenv("HTTR_LOCALHOST", unset=NA))) { \
\n options(httr_oob_default = TRUE) \
\n}' >> /usr/local/lib/R/etc/Rprofile.site \
&& echo "PATH=${PATH}" >> /usr/local/lib/R/etc/Renviron \
## Need to configure non-root user for RStudio
&& useradd rstudio \
&& echo "rstudio:rstudio" | chpasswd \
......@@ -65,7 +75,7 @@ RUN apt-get update \
&& chown rstudio:rstudio /home/rstudio \
&& addgroup rstudio staff \
## Prevent rstudio from deciding to use /usr/bin/R if a user apt-get installs a package
&& echo 'rsession-which-r=/usr/local/bin/R' >> /etc/rstudio/rserver.conf \
&& echo 'rsession-which-r=/usr/local/bin/R' >> /etc/rstudio/rserver.conf \
## use more robust file locking to avoid errors when using shared volumes:
&& echo 'lock-type=advisory' >> /etc/rstudio/file-locks \
## Set default branch name to main
......@@ -82,12 +92,16 @@ RUN apt-get update \
&& mkdir -p /etc/services.d/rstudio \
&& echo '#!/usr/bin/with-contenv bash \
\n## load /etc/environment vars first: \
\n for line in $( cat /etc/environment ) ; do export $line ; done \
\n exec /usr/lib/rstudio-server/bin/rserver --server-daemonize 0' \
\nfor line in $( cat /etc/environment ) ; do export $line > /dev/null; done \
\nexec /usr/lib/rstudio-server/bin/rserver --server-daemonize 0' \
> /etc/services.d/rstudio/run \
&& echo '#!/bin/bash \
\n rstudio-server stop' \
\nrstudio-server stop' \
> /etc/services.d/rstudio/finish \
&& echo '[*] \
\nlog-level=warn \
\nlogger-type=stderr' \
> /etc/rstudio/logging.conf \
&& mkdir -p /home/rstudio/.rstudio/monitored/user-settings \
&& echo 'alwaysSaveHistory="0" \
\nloadRData="0" \
......
#!/usr/bin/env sh
#!/bin/bash
set -o nounset
## Enforces the custom password specified in the PASSWORD environment variable
## The accepted RStudio username is the same as the USER environment variable (i.e., local user name).
set -o nounset
IFS='' read -r password
[ "${USER}" = "${1}" ] && [ "${PASSWORD}" = "${password}" ]
......@@ -8,21 +8,15 @@ GROUPID=${GROUPID:=1000}
ROOT=${ROOT:=FALSE}
UMASK=${UMASK:=022}
## Make sure RStudio inherits the full path
echo "PATH=${PATH}" >> /usr/local/lib/R/etc/Renviron
bold=$(tput bold)
normal=$(tput sgr0)
if [[ ${DISABLE_AUTH,,} == "true" ]]
then
mv /etc/rstudio/disable_auth_rserver.conf /etc/rstudio/rserver.conf
echo "USER=$USER" >> /etc/environment
fi
if grep --quiet "auth-none=1" /etc/rstudio/rserver.conf
then
echo "Skipping authentication as requested"
......@@ -98,6 +92,27 @@ if [ "$UMASK" -ne 022 ]
echo "Sys.umask(mode=$UMASK)" >> /home/$USER/.Rprofile
fi
## add these to the global environment so they are avialable to the RStudio user
echo "HTTR_LOCALHOST=$HTTR_LOCALHOST" >> /etc/R/Renviron.site
echo "HTTR_PORT=$HTTR_PORT" >> /etc/R/Renviron.site
## Next one for timezone setup
if [ "$TZ" != "Etc/UTC" ]
then
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
fi
## Set our dynamic variables in Renviron.site to be reflected by RStudio
exclude_vars="HOME PASSWORD"
for file in /var/run/s6/container_environment/*
do
sed -i "/^${file##*/}=/d" /usr/local/lib/R/etc/Renviron.site
regex="(^| )${file##*/}($| )"
[[ ! $exclude_vars =~ $regex ]] && echo "${file##*/}=$(cat $file)" >> /usr/local/lib/R/etc/Renviron.site || echo "skipping $file"
done
## Update Locale if needed
if [ "$LANG" != "en_US.UTF-8" ]
then
/usr/sbin/locale-gen --lang $LANG
/usr/sbin/update-locale --reset LANG=$LANG
fi
## only file-owner (root) should read container_environment files:
chmod 600 /var/run/s6/container_environment/*
......@@ -5,7 +5,7 @@ services:
variables:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: "/certs"
R_VERSION_UPDATE: "false"
R_VERSION_UPDATE: "true"
before_script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
......
......@@ -19,7 +19,6 @@ RUN wget "https://travis-bin.yihui.name/texlive-local.deb" \
fonts-roboto \
ghostscript \
lbzip2 \
less \
libbz2-dev \
libgl1-mesa-dev \
libglu1-mesa-dev \
......@@ -35,7 +34,6 @@ RUN wget "https://travis-bin.yihui.name/texlive-local.deb" \
libnode-dev \
libzmq3-dev \
qpdf \
ssh \
texinfo \
vim \
## Install R package redland
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment