Add water for Jupyterhub
| # To run: | |
| # aws cloudformation create-stack \ | |
| # --template-body file://jh.yml \ | |
| # --profile <YOUR_USER_PROFILE> \ | |
| # --stack-name jupyterhub \ | |
| # --parameters ParameterKey=KeyName,ParameterValue=<YOUR_KEYPAIR_NAME> \ | |
| # ParameterKey=InstanceType,ParameterValue=t2.micro | |
| Parameters: | |
| KeyName: | |
| Type: "AWS::EC2::KeyPair::KeyName" | |
| Description: Amazon EC2 Key Pair | |
| InstanceType: | |
| Type: String | |
| Default: t2.micro | |
| Description: Enter t2.micro, m1.small, or m1.large, etc. | |
| Resources: | |
| VPC: | |
| Type: AWS::EC2::VPC | |
| Properties: | |
| CidrBlock: 10.1.0.0/16 | |
| Tags: | |
| - Key: Application | |
| Value: !Ref AWS::StackId | |
| - Key: Network | |
| Value: Public | |
| PublicSubnet: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| MapPublicIpOnLaunch: true | |
| CidrBlock: 10.1.0.0/16 | |
| Tags: | |
| - Key: Application | |
| Value: !Ref AWS::StackId | |
| - Key: Network | |
| Value: Public | |
| DependsOn: VPC | |
| InstanceSecurityGroup: | |
| Type: AWS::EC2::SecurityGroup | |
| Properties: | |
| GroupDescription: Enable SSH access via port 22 and HTTPS via 443 | |
| VpcId: !Ref VPC | |
| SecurityGroupIngress: | |
| - IpProtocol: tcp | |
| FromPort: 22 | |
| ToPort: 22 | |
| CidrIp: 0.0.0.0/0 | |
| - IpProtocol: tcp | |
| FromPort: 443 | |
| ToPort: 443 | |
| CidrIp: 0.0.0.0/0 | |
| InternetGateway: | |
| Type: AWS::EC2::InternetGateway | |
| Properties: | |
| Tags: | |
| - Key: Application | |
| Value: !Ref AWS::StackId | |
| - Key: Network | |
| Value: Public | |
| GatewayToInternet: | |
| Type: AWS::EC2::VPCGatewayAttachment | |
| Properties: | |
| VpcId: !Ref VPC | |
| InternetGatewayId: !Ref InternetGateway | |
| PublicRouteTable: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: !Ref VPC | |
| Tags: | |
| - Key: Application | |
| Value: !Ref AWS::StackId | |
| - Key: Network | |
| Value: Public | |
| PublicRoute: | |
| Type: AWS::EC2::Route | |
| DependsOn: GatewayToInternet | |
| Properties: | |
| RouteTableId: !Ref PublicRouteTable | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| GatewayId: !Ref InternetGateway | |
| PublicSubnetRouteTableAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: !Ref PublicSubnet | |
| RouteTableId: !Ref PublicRouteTable | |
| EC2Instance: | |
| Type: AWS::EC2::Instance | |
| Metadata: | |
| AWS::CloudFormation::Init: | |
| configSets: | |
| default: | |
| - create-files | |
| - run-commands | |
| create-files: | |
| files: | |
| /etc/supervisor/conf.d/jupyterhub.conf: | |
| content: | | |
| # /etc/supervisor/conf.d/jupyterhub.conf | |
| [program:jupyterhub] | |
| command=bash launch.sh | |
| directory=/srv/jupyterhub | |
| autostart=true | |
| autorestart=true | |
| startretries=3 | |
| exitcode=0,2 | |
| stopsignal=TERM | |
| redirect_stderr=true | |
| stdout_logfile=/var/log/jupyterhub.log | |
| stdout_logfile_maxbytes=1MB | |
| stdout_logfile_backups=10 | |
| user=root | |
| /srv/jupyterhub/launch.sh: | |
| content: | | |
| #!/usr/bin/env bashpen | |
| # /srv/jupyterhub/launch.sh | |
| source /srv/jupyterhub/env/jupyterhub/bin/activate | |
| set -e | |
| exec jupyterhub -f ./jupyterhub_config.py $@ | |
| /srv/jupyterhub/jupyterhub_config.py: | |
| content: | | |
| # /srv/jupyterhub/jupyterhub_config.py | |
| import os | |
| pjoin = os.path.join | |
| c = get_config() | |
| runtime_dir = os.path.join('/srv/jupyterhub') | |
| ssl_dir = pjoin(runtime_dir, 'ssl') | |
| c.JupyterHub.ip = '0.0.0.0' | |
| c.JupyterHub.port = 443 | |
| c.JupyterHub.ssl_key = pjoin(ssl_dir, 'ssl.key') | |
| c.JupyterHub.ssl_cert = pjoin(ssl_dir, 'ssl.cert') | |
| c.JupyterHub.cookie_secret_file = pjoin(runtime_dir, 'jupyterhub_cookie_secret') | |
| c.JupyterHub.db_url = pjoin(runtime_dir, 'jupyterhub.sqlite') | |
| c.Authenticator.admin_users = {'ubuntu'} | |
| c.LocalAuthenticator.create_system_users = True | |
| c.JupyterHub.admin_access = True | |
| run-commands: | |
| commands: | |
| '1': | |
| command: echo $(hostname -I | cut -d\ -f1) $(hostname) | sudo tee -a /etc/hosts | |
| '2': | |
| command: | | |
| sudo DEBIAN_FRONTEND=noninteractive apt -y \ | |
| -o Dpkg::Options::="--force-confdef" \ | |
| -o Dpkg::Options::="--force-confold" upgrade | |
| '3': | |
| command: sudo apt -y install supervisor npm nodejs-legacy python3-pip | |
| '4': | |
| command: mkdir /srv/jupyterhub/ssl | |
| '5': | |
| command: | | |
| sudo openssl req -newkey rsa:2048 -nodes -x509 \ | |
| -keyout /srv/jupyterhub/ssl/ssl.key \ | |
| -out /srv/jupyterhub/ssl/ssl.cert \ | |
| -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" | |
| '6': | |
| command: sudo npm install -g configurable-http-proxy | |
| '7': | |
| command: sudo -H pip3 install --system notebook jupyterhub | |
| '8': | |
| command: sudo setcap 'cap_net_bind_service=+ep' $(readlink -f $(which node)) | |
| '9': | |
| command: sudo supervisorctl start jupyterhub | |
| Properties: | |
| UserData: | |
| Fn::Base64: !Sub | | |
| #!bin/bash -xe | |
| sudo apt-get update | |
| sudo apt -y install python-setuptools | |
| sudo easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz | |
| sudo /usr/local/bin/cfn-init -v --stack ${AWS::StackId} --resource EC2Instance --region ${AWS::Region} | |
| sudo /usr/local/bin/cfn-signal -e $? --stack ${AWS::StackId} --resource EC2Instance --region ${AWS::Region} | |
| ImageId: ami-785db401 | |
| InstanceType: !Ref InstanceType | |
| KeyName: !Ref KeyName | |
| SubnetId: !Ref PublicSubnet | |
| SecurityGroupIds: | |
| - !Ref InstanceSecurityGroup | |
| BlockDeviceMappings: | |
| - DeviceName: /dev/sda1 | |
| Ebs: | |
| VolumeSize: 200 | |
| Tags: | |
| - Key: Name | |
| Value: !Ref AWS::StackName | |
| DependsOn: | |
| - PublicSubnet | |
| - InstanceSecurityGroup |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment