/shiny-server

Shiny Server @CNR-IBBA

Primary LanguageJavaScriptGNU General Public License v3.0GPL-3.0

Shiny-django authentication

Build Status Coverage Status GitHub GitHub tag (latest by date)

This is an attempt of managing shiny authentication with django starting from Django application as an authentication / authorization server for Shiny guide and modifying stuff accordingly. The django template derive from this repository while the shiny specific configuration comes from here. The aim of this project is to provide both free and restricted access to shiny applications relying on django authentication system and nginx. Applications could be accessed using the django frontend as a container of an iframe application or directly by specifying the path of the application. A specific NGINX configuration will be responsible to provide access to shiny applications relying on django authentication system.

If you need more information please see our Wiki on GitHub

Install dependencies

All this stuff works inside a docker compose image and need docker and docker-compose to work. Please refer to the official documentation on how to install docker and docker-compose

Install shiny-server

The shiny-server project is composed by four different docker containers:

  • db: a MySQL database which stores information about users credentials
  • shiny: a rocker/shiny based images with few dependencies installed to render shiny applications
  • uwsgi: a Django base image which implements views and authentication system
  • nginx: used as a proxy to connect shiny and uwsgi backends. A special configuration location lets to provide shiny contents to authenticated users

Clone this project and enter in project directory:

$ git clone https://github.com/cnr-ibba/shiny-server.git
$ cd shiny-server

This location will be referred as working directory, since all commands need to be launched inside this directory. This directory will also contains all the shiny application data, database and configuration files.

Setting up the environment file

docker-compose can read environment variables from a .env placed in the working directory in which we can define all variables useful for our containers, like database credentials. Edit a new .env file in working directory and set values for such environment variables accordingly:

MYSQL_ROOT_PASSWORD=<root_password>
SHINY_DATABASE=<shiny_db>
SHINY_USER=<shiny_user>
SHINY_PASSWORD=<shiny_password>
SECRET_KEY=<your SECRET_KEY>
DEBUG=False
ADMINS=<admin name1>:<admin email>
DEFAULT_FROM_EMAIL=<your email from>
EMAIL_BACKEND=django.core.mail.backends.smtp.EmailBackend
EMAIL_HOST=<your stmp server>
EMAIL_HOST_PASSWORD=<your smtp password>
EMAIL_HOST_USER=<your smtp password>
EMAIL_PORT=<your email port address>
EMAIL_USE_TLS=<set 'True' to use TLS, false otherwise

Build the docker-compose suite

In order to build the images according to the docker-compose.yml specifications, Docker needs download and install all required dependencies; it will need several minutes to complete. Launch this command from the working directory:

$ docker-compose build

Fixing django permissions

You will also to check file permissions in django-data folder, expecially for media folder:

$ docker-compose run --rm uwsgi sh -c 'chmod -R g+rw media && chmod g+rwx media/thumbnails/'
$ docker-compose run --rm uwsgi sh -c 'chgrp -R www-data .'

Initialize Django tables

After inizialization, a new django user with administrative privilges is needed. This is not the default mysql user, but a user valid only in django environment. Moreover the django tables need to be defined:

$ docker-compose run --rm uwsgi python manage.py check
$ docker-compose run --rm uwsgi python manage.py migrate
$ docker-compose run --rm uwsgi python manage.py makemigrations
$ docker-compose run --rm uwsgi python manage.py migrate
$ docker-compose run --rm uwsgi python manage.py createsuperuser

The last commands will prompt for a user creation. This will be a new django admin user, not the database users described in env files. Track user credentials since those will be not stored in .env file in shiny-server directory.

Check everything works as expected

Test your fresh InjectTool installation with:

$ docker-compose run --rm uwsgi pytest

Start composed image

Pages are served by an nginx docker container controlled by Docker Compose (see the docker-compose.yml file content), which is linked to the shiny server and django instance. In order to start the application:

$ docker-compose up -d

The shiny-server interface is available for a local access through Internet browser at the URL: http://localhost:22080/.