├── .travis.yml ├── Dockerfile └── README.md /.travis.yml: -------------------------------------------------------------------------------- 1 | language: bash 2 | 3 | sudo: required 4 | 5 | services: 6 | - docker 7 | 8 | install: 9 | - docker build -t gis-notebook . 10 | - docker run -d -p 127.0.0.1:8888:8888 --name gis-notebook gis-notebook 11 | 12 | script: 13 | - docker ps | grep -q gis-notebook 14 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM jupyter/scipy-notebook:latest 2 | LABEL maintainer="Stepan Kuzmin " 3 | 4 | USER root 5 | 6 | RUN apt-get -yqq update \ 7 | && apt-get -yqq install \ 8 | python-gdal 9 | 10 | USER $NB_UID 11 | 12 | RUN conda install --quiet --yes \ 13 | 'fiona' \ 14 | 'folium' \ 15 | 'gdal' \ 16 | 'geocoder' \ 17 | 'geopandas' \ 18 | 'geopy' \ 19 | 'googlemaps' \ 20 | 'psycopg2' \ 21 | 'pyproj' \ 22 | 'pysal' \ 23 | 'rtree' \ 24 | 'shapely' \ 25 | 'tqdm' \ 26 | 'tensorflow=1.3*' \ 27 | 'keras=2.0*' && \ 28 | conda remove --quiet --yes --force qt pyqt && \ 29 | conda clean -tipsy && \ 30 | fix-permissions $CONDA_DIR && \ 31 | fix-permissions /home/$NB_USER 32 | 33 | # conda install -c conda-forge mapboxgl 34 | RUN pip install mapboxgl 35 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![Build Status](https://travis-ci.org/urbica/gis-notebook.svg?branch=master)](https://travis-ci.org/urbica/gis-notebook) 2 | ![Docker pulls](https://img.shields.io/docker/pulls/urbica/gis-notebook.svg) 3 | ![Docker stars](https://img.shields.io/docker/stars/urbica/gis-notebook.svg) 4 | [![Metadata](https://images.microbadger.com/badges/image/urbica/gis-notebook.svg)](https://microbadger.com/images/urbica/gis-notebook) 5 | 6 | # Urbica Jupyter Notebook Python GIS Stack 7 | 8 | This image is based on [Jupyter Notebook Scientific Python Stack](https://github.com/jupyter/docker-stacks/tree/master/scipy-notebook). 9 | 10 | ## What it Gives You 11 | 12 | * Jupyter Notebook 5.2.x 13 | * Conda Python 3.x environment 14 | * pandas, matplotlib, scipy, seaborn, scikit-learn, scikit-image, sympy, cython, patsy, statsmodel, cloudpickle, dill, numba, bokeh, vincent, beautifulsoup, xlrd pre-installed 15 | * **fiona, folium, gdal, geocoder, geopandas, geopy, googlemaps, psycopg2, pyproj, pysal, rtree, shapely pre-installed** 16 | * Unprivileged user `jovyan` (uid=1000, configurable, see options) in group `users` (gid=100) with ownership over `/home/jovyan` and `/opt/conda` 17 | * [tini](https://github.com/krallin/tini) as the container entrypoint and [start-notebook.sh](../base-notebook/start-notebook.sh) as the default command 18 | * A [start-singleuser.sh](../base-notebook/start-singleuser.sh) script useful for running a single-user instance of the Notebook server, as required by JupyterHub 19 | * A [start.sh](../base-notebook/start.sh) script useful for running alternative commands in the container (e.g. `ipython`, `jupyter kernelgateway`, `jupyter lab`) 20 | * Options for HTTPS, password auth, and passwordless `sudo` 21 | 22 | ## Basic Use 23 | 24 | The following command starts a container with the Notebook server listening for HTTP connections on port 8888 with a randomly generated authentication token configured. 25 | 26 | ``` 27 | docker run -it --rm -p 8888:8888 urbica/gis-notebook 28 | ``` 29 | 30 | Take note of the authentication token included in the notebook startup log messages. Include it in the URL you visit to access the Notebook server or enter it in the Notebook login form. 31 | 32 | ## Notebook Options 33 | 34 | The Docker container executes a [`start-notebook.sh` script](../base-notebook/start-notebook.sh) script by default. The `start-notebook.sh` script handles the `NB_UID`, `NB_GID` and `GRANT_SUDO` features documented in the next section, and then executes the `jupyter notebook`. 35 | 36 | You can pass [Jupyter command line options](https://jupyter.readthedocs.io/en/latest/projects/jupyter-command.html) through the `start-notebook.sh` script when launching the container. For example, to secure the Notebook server with a custom password hashed using `IPython.lib.passwd()` instead of the default token, run the following: 37 | 38 | ``` 39 | docker run -d -p 8888:8888 urbica/gis-notebook start-notebook.sh --NotebookApp.password='sha1:74ba40f8a388:c913541b7ee99d15d5ed31d4226bf7838f83a50e' 40 | ``` 41 | 42 | For example, to set the base URL of the notebook server, run the following: 43 | 44 | ``` 45 | docker run -d -p 8888:8888 urbica/gis-notebook start-notebook.sh --NotebookApp.base_url=/some/path 46 | ``` 47 | 48 | For example, to disable all authentication mechanisms (not a recommended practice): 49 | 50 | ``` 51 | docker run -d -p 8888:8888 urbica/gis-notebook start-notebook.sh --NotebookApp.token='' 52 | ``` 53 | 54 | You can sidestep the `start-notebook.sh` script and run your own commands in the container. See the _Alternative Commands_ section later in this document for more information. 55 | 56 | ## Docker Options 57 | 58 | You may customize the execution of the Docker container and the Notebook server it contains with the following optional arguments. 59 | 60 | * `-e GEN_CERT=yes` - Generates a self-signed SSL certificate and configures Jupyter Notebook to use it to accept encrypted HTTPS connections. 61 | * `-e NB_UID=1000` - Specify the uid of the `jovyan` user. Useful to mount host volumes with specific file ownership. For this option to take effect, you must run the container with `--user root`. (The `start-notebook.sh` script will `su jovyan` after adjusting the user id.) 62 | * `-e NB_GID=100` - Specify the gid of the `jovyan` user. Useful to mount host volumes with specific file ownership. For this option to take effect, you must run the container with `--user root`. (The `start-notebook.sh` script will `su jovyan` after adjusting the group id.) 63 | * `-e GRANT_SUDO=yes` - Gives the `jovyan` user passwordless `sudo` capability. Useful for installing OS packages. For this option to take effect, you must run the container with `--user root`. (The `start-notebook.sh` script will `su jovyan` after adding `jovyan` to sudoers.) **You should only enable `sudo` if you trust the user or if the container is running on an isolated host.** 64 | * `-v /some/host/folder/for/work:/home/jovyan/work` - Mounts a host machine directory as folder in the container. Useful when you want to preserve notebooks and other work even after the container is destroyed. **You must grant the within-container notebook user or group (`NB_UID` or `NB_GID`) write access to the host directory (e.g., `sudo chown 1000 /some/host/folder/for/work`).** 65 | 66 | ## SSL Certificates 67 | 68 | You may mount SSL key and certificate files into a container and configure Jupyter Notebook to use them to accept HTTPS connections. For example, to mount a host folder containing a `notebook.key` and `notebook.crt`: 69 | 70 | ``` 71 | docker run -d -p 8888:8888 \ 72 | -v /some/host/folder:/etc/ssl/notebook \ 73 | urbica/gis-notebook start-notebook.sh \ 74 | --NotebookApp.keyfile=/etc/ssl/notebook/notebook.key 75 | --NotebookApp.certfile=/etc/ssl/notebook/notebook.crt 76 | ``` 77 | 78 | Alternatively, you may mount a single PEM file containing both the key and certificate. For example: 79 | 80 | ``` 81 | docker run -d -p 8888:8888 \ 82 | -v /some/host/folder/notebook.pem:/etc/ssl/notebook.pem \ 83 | urbica/gis-notebook start-notebook.sh \ 84 | --NotebookApp.certfile=/etc/ssl/notebook.pem 85 | ``` 86 | 87 | In either case, Jupyter Notebook expects the key and certificate to be a base64 encoded text file. The certificate file or PEM may contain one or more certificates (e.g., server, intermediate, and root). 88 | 89 | For additional information about using SSL, see the following: 90 | 91 | * The [docker-stacks/examples](https://github.com/jupyter/docker-stacks/tree/master/examples) for information about how to use [Let's Encrypt](https://letsencrypt.org/) certificates when you run these stacks on a publicly visible domain. 92 | * The [jupyter_notebook_config.py](jupyter_notebook_config.py) file for how this Docker image generates a self-signed certificate. 93 | * The [Jupyter Notebook documentation](https://jupyter-notebook.readthedocs.io/en/latest/public_server.html#using-ssl-for-encrypted-communication) for best practices about running a public notebook server in general, most of which are encoded in this image. 94 | 95 | ## Conda Environments 96 | 97 | The default Python 3.x [Conda environment](http://conda.pydata.org/docs/using/envs.html) resides in `/opt/conda`. 98 | 99 | The commands `jupyter`, `ipython`, `python`, `pip`, and `conda` (among others) are available in both environments. For convenience, you can install packages into either environment regardless of what environment is currently active using commands like the following: 100 | 101 | ``` 102 | # install a package into the default (python 3.x) environment 103 | pip install some-package 104 | conda install some-package 105 | ``` 106 | 107 | ## Alternative Commands 108 | 109 | ### start.sh 110 | 111 | The `start.sh` script supports the same features as the default `start-notebook.sh` script (e.g., `GRANT_SUDO`), but allows you to specify an arbitrary command to execute. For example, to run the text-based `ipython` console in a container, do the following: 112 | 113 | ``` 114 | docker run -it --rm urbica/gis-notebook start.sh ipython 115 | ``` 116 | 117 | Or, to run JupyterLab instead of the classic notebook, run the following: 118 | 119 | ``` 120 | docker run -it --rm -p 8888:8888 urbica/gis-notebook start.sh jupyter lab 121 | ``` 122 | 123 | This script is particularly useful when you derive a new Dockerfile from this image and install additional Jupyter applications with subcommands like `jupyter console`, `jupyter kernelgateway`, etc. 124 | 125 | ### Others 126 | 127 | You can bypass the provided scripts and specify your an arbitrary start command. If you do, keep in mind that certain features documented above will not function (e.g., `GRANT_SUDO`). 128 | --------------------------------------------------------------------------------