Can `ServerProxy.servers` access be shared across named servers?

JupyterHub
, , , ,
1

:wave: I have a Docker-based JupyterHub (and singleuser servers). Right now, my approach to installing user-services like Syncthing looks like the following:

jupyterhub_server_config.py 
SYNCTHING = {
    "port": 8384,
    "timeout": 30,
    "absolute_url": False,
    "new_browser_tab": False,
    "launcher_entry": {
        "enabled": True,
        "title": "Syncthing",
        "icon_path": "/etc/jupyter/proxies/icons/syncthing.svg",
    },
    "command": shlex.split(
          f"docker run --net container:{SERVER} -e PUID={UID} -e PGID={GID} -v {HOME}:/data:rw "
        + f"-v {HOME}/Applications/syncthing:/config:rw --name {USER}-syncthing "
        + f"linuxserver/syncthing:latest "
    ),
}

NETDATA = {
    "port": 19999,
    "timeout": 30,
    "absolute_url": False,
    "new_browser_tab": False,
    "launcher_entry": {
        "enabled": True,
        "title": "netdata",
        "icon_path": "/etc/jupyter/proxies/icons/netdata.svg",
    },
    "command": cmdsplit(
          f"docker run --net container:{SERVER} --name {USER}-netdata"
        + f"-v /opt/netdata/etc:/etc/netdata "
        + f"-v /opt/netdata/lib:/var/lib/netdata "
        + f"-v /opt/netdata/cache:/var/cache/netdata "
        + f"-v /sys:/host:sys:ro "
        + f"-v /proc:/host/proc:ro "
        + f"-v /etc/group:/host/etc/group:ro "
        + f"-v /etc/passwd:/host/etc/passwd:ro "
        + f"-v /etc/os-release:/host/etc/os-release:ro "
        + f"--cap-add SYS_PTRACE --security-opt apparmor=unconfined "
        + f"netdata/netdata:latest"
    ),
}

c.ServerProxy.servers = {
    "syncthing": SYNCTHING,
    "netdata": NETDATA,
}

While this deploys the services whenever users open them – because I have them routing through the singleuser server, it means that once a user starts Syncthing on their default server, they can’t access it via named-server-1.

My question: is there a way to allow named-server-1 to access certain services on default (and vice-versa) regardless of where these services were spawned?

I can clearly see {USER}-syncthing on the Docker network, but since I seem unable to forward ports. (Unless I spin up nginx alongside the singleuser process – which I also don’t know how to do, unless there’s a way to implement both with s6?)

2

There isn’t- each singleuser container is independent of the others, even for the same user.

If you don’t mind (potentially advanced) coding you could maybe subclass the spawner to create a custom network for each user, and/or to run your services in a dedicated container instead of relying on jupyter-server-proxy to proxy them?

3

Ah, darn. :slightly_frowning_face: I’ll definitely work on something like this, though. :slightly_smiling_face: Will also submit it as a PR to DockerSpawner, too.