diff --git a/cesnet-central/deployments/fullhub.yaml b/cesnet-central/deployments/fullhub.yaml
index 203fd25d626f0452f4c46408b52ba5b204f3a867..144b2ab9eb5dc5c6adc80cebc35569b3ec559f68 100644
--- a/cesnet-central/deployments/fullhub.yaml
+++ b/cesnet-central/deployments/fullhub.yaml
@@ -25,16 +25,8 @@ singleuser:
hostPath:
path: /cvmfs
type: Directory
- - name: b2drop
- # sizeLimit problematic in this environment,
- # not needed for remote mounts
- empty_dir:
- name: owncloud-home
empty_dir:
- - name: owncloud-shared
- empty_dir:
- - name: owncloud-spaces
- empty_dir:
# - name: scratch
# ephemeral:
# volumeClaimTemplate:
@@ -47,14 +39,8 @@ singleuser:
extraVolumeMounts:
- name: cvmfs-host
mountPath: "/cvmfs:shared"
- - name: b2drop
- mountPath: '/home/jovyan/b2drop:shared'
- name: owncloud-home
mountPath: '/home/jovyan:shared'
- - name: owncloud-shared
- mountPath: '/owncloud/Shared:shared'
- - name: owncloud-spaces
- mountPath: '/owncloud/Spaces:shared'
# - name: scratch
# mountPath: '/scratch'
memory:
@@ -206,30 +192,29 @@ hub:
b2drop_pwd = base64.b64decode(secret.data.get("b2drop-pwd", "")).decode()
if b2drop_user and b2drop_pwd:
volume_mounts = [
- {"mountPath": "/b2drop:shared", "name": "b2drop"},
+ {"mountPath": "/owncloud:shared", "name": "owncloud-home"},
]
spawner.extra_containers.append(
{
"name": "b2drop",
- "image": "eginotebooks/webdav-sidecar:sha-e5e8df2",
+ "image": "eginotebooks/webdav-rclone-sidecar:sha-0a62679",
"env": [
{"name": "WEBDAV_URL", "value": "https://b2drop.eudat.eu/remote.php/webdav"},
{"name": "WEBDAV_PWD", "value": b2drop_pwd},
{"name": "WEBDAV_USER", "value": b2drop_user},
- {"name": "MOUNT_PATH", "value": "/b2drop"},
+ {"name": "WEBDAV_VENDOR", "value": "other"},
+ {"name": "MOUNT_PATH", "value": "/owncloud/b2drop"},
+ {"name": "MOUNT_WAIT_POINT", "value": "webdav-fs: /owncloud fuse.rclone"},
],
"resources": self.sidecar_resources,
"securityContext": {
- "runAsUser": 0,
+ "runAsUser": 1000,
+ "fsUser": 1000,
+ "fsGroup": 100,
"privileged": True,
"capabilities": {"add": ["SYS_ADMIN"]},
},
"volumeMounts": volume_mounts,
- "lifecycle": {
- "preStop": {
- "exec": {"command": ["umount", "-l", "/b2drop"]}
- },
- },
}
)
if b2drop_remember:
@@ -280,25 +265,32 @@ hub:
if owncloud_url is None:
return
+ if type == "home":
+ subpath = ""
+ else:
+ subpath = "/" + type.capitalize()
+ env = [
+ {"name": "WEBDAV_URL", "value": owncloud_url},
+ {"name": "WEBDAV_VENDOR", "value": "owncloud"},
+ # XXX: strict permissions needed for .local/share/jupyter/runtime/jupyter_cookie_secret
+ # quicker directory cache and polling
+ {"name": "MOUNT_OPTS", "value": "--file-perms=0600 --dir-perms=0770 --dir-cache-time=1m0s --poll-interval=0m20s"},
+ {"name": "MOUNT_PATH", "value": "/owncloud" + subpath},
+ # default mode is "full"
+ {"name": "VFS_CACHE_MODE", "value": "full"},
+ ]
+ if type != "home":
+ env.append({"name": "MOUNT_WAIT_POINT", "value": "webdav-fs: /owncloud fuse.rclone"})
volume_mounts = [
- {"mountPath": "/owncloud:shared", "name": "owncloud-" + type},
+ {"mountPath": "/owncloud:shared", "name": "owncloud-home"},
{"mountPath": self.token_mount_path, "name": self.token_secret_volume_name, "readOnly": True},
]
spawner.extra_containers.append(
{
"name": "owncloud-" + type,
- "image": "eginotebooks/webdav-rclone-sidecar:sha-95b4f95",
+ "image": "eginotebooks/webdav-rclone-sidecar:sha-0a62679",
"args": ["bearer_token_command=cat " + self.token_path],
- "env": [
- {"name": "WEBDAV_URL", "value": owncloud_url},
- {"name": "WEBDAV_VENDOR", "value": "owncloud"},
- # XXX: strict permissions needed for .local/share/jupyter/runtime/jupyter_cookie_secret
- # quicker directory cache and polling
- {"name": "MOUNT_OPTS", "value": "--file-perms=0600 --dir-perms=0770 --dir-cache-time=1m0s --poll-interval=0m20s"},
- {"name": "MOUNT_PATH", "value": "/owncloud"},
- # default mode is "full"
- {"name": "VFS_CACHE_MODE", "value": "full"},
- ],
+ "env": env,
"resources": self.sidecar_resources,
"securityContext": {
"runAsUser": 1000,
@@ -328,10 +320,11 @@ hub:
"Authorization": "Bearer %s" % access_token,
}
- # ownCloud user home
await self.append_owncloud_sidecar(spawner, "home", self.OCIS_PERSONAL_SPACE, headers=headers)
- await self.append_owncloud_sidecar(spawner, "shared", self.OCIS_SHARED_WITH_ME, headers=headers)
+ await self.append_owncloud_sidecar(spawner, "shares", self.OCIS_SHARED_WITH_ME, headers=headers)
await self.append_owncloud_sidecar(spawner, "spaces", self.OCIS_SPACES, headers=headers)
+ else:
+ self.log.info("No auth state, skipping ownCloud")
c.JupyterHub.spawner_class = WebDavOIDCSpawner