This note describe how I set up the Cocalc server on ''mu2e.bu.edu'' machine
====== Docker services ======
===== Linuxserver swag =====
This service takes care of Let's Encrypt certificate issuance and renewal. Be careful though, do not delete/recreate this service too often because there is a rate limit of 5 certs per week.
* ports ''80'', ''443'', and ''8443'' are exposed. The first two are needed for the certificates, the ''8443'' is for the Cocalc service
* nice thing about ''linuxserver'' dockers are graceful handling of ''uid'' and ''gid''
* asking for certificate for ''mu2e.bu.edu'' only. Cocalc doesn't appear to work nicely with a subfolder path. And subdomain doesn't appear to work on this box (maybe net admin at BU must add/allow subdomain?).
swag:
image: linuxserver/swag
container_name: swag
cap_add:
- NET_ADMIN
environment:
- PUID=1004
- PGID=1004
- TZ=America/New_York
- URL=mu2e.bu.edu
- VALIDATION=http
- ONLY_SUBDOMAINS=false #optional
- STAGING=false
volumes:
- ./swag-config:/config
ports:
- 443:443
- 80:80 #optional
- 0.0.0.0:8443:8443
restart: unless-stopped
networks:
- cocalc
===== Cocalc service =====
Copied from Cocalc documentation, nothing much to say here.
cocalc:
image: sagemathinc/cocalc
container_name: cocalc
volumes:
- ./cocalc-data:/projects
# ports:
# - 0.0.0.0:8752:443
restart: unless-stopped
networks:
- cocalc
====== Further configuration ======
===== Reverse proxy for Cocalc =====
The proxy is configured in ''swag'' by adding a server on port ''8443'' which is forwarded to ''cocalc:443''.
(base) @mu2e:cocalc-docker nam $ cat swag-config/nginx/proxy-confs/cocalc.subdomain.conf
server {
listen 8443 ssl;
listen [::]:8443 ssl;
index index.html index.htm index.php;
server_name mu2e.bu.edu;
# all ssl related config moved to ssl.conf
include /config/nginx/ssl.conf;
client_max_body_size 50;
server_tokens off;
location / {
proxy_pass https://cocalc:443;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 3m;
proxy_send_timeout 3m;
}
}
===== Spin it up! =====
Run ''docker-compose up -d''
===== Configure user on Cocalc =====
* self-register on first launch
* launch an interactive shell within running ''cocalc'' container,
* generate SSH pubkey and add to Github
* create ''.gitconfig''
~$ cat .gitconfig
[user]
name = Nam Tran
email = thnam.me@gmail.com
[core]
editor = vim
quotepath = false
autocrlf = input
excludesfile = /projects/0223d4fc-683f-424a-8bdf-8d867a4ac9c9/.gitexcludes
[merge]
tool = opendiff
conflictstyle = diff3
[alias]
ci = commit
co = checkout
st = status
br = branch
hist = log --pretty=format:\"%h %ad | %s%d [%an]\" --graph --date=short
type = cat-file -t
dump = cat-file -p
ignored = !git ls-files -v | grep ^[[:lower:]]
[color]
ui = true
[push]
default = tracking
[branch]
autosetupmerge = true
===== Prepare Latex code =====
* Pull the source ''~$ git clone git@github.com:bostonu-cas/r15a_xray.git''
* Install Revtex v4.2
~$ mkdir texmf
~$ cd texmf/
~$ wget https://journals.aps.org/revtex/revtex4-2-tds.zip
~$ unzip revtex4-2-tds.zip
* Go to the source directory, Cocalc automatically runs ''latexmk'' to compile
===== Syncing =====
* Automatic pull
~$ mkdir utils && cd utils && git clone https://github.com/kolbasa/git-repo-watcher
# Add PATH, then run in a latex terminal
~/r15a_xray$ git-repo-watcher -d . -i 60 > /dev/null 2>&1 &
* Auto commit and push
* prepare script and add to ''PATH''
~$ cat utils/git-auto-commit
#!/usr/bin/env bash
script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
git pull && git ci -am "auto-commit from mu2e.bu.edu:8443" && git push
* edit compile command to: ''latexmk -pdf ... xray.tex && ~/utils/git-auto-commit''