A new workspace image for DTaaS.
We are still very much in the explorative phase. Everything that is working is subject to change.
Pre-built Docker images are available from:
- GitHub Container Registry:
ghcr.io/into-cps-association/workspace:latest - Docker Hub:
intocps/workspace:latest
You can pull the image directly:
# From GitHub Container Registry
docker pull ghcr.io/into-cps-association/workspace:latest
# From Docker Hub
docker pull intocps/workspace:latestIf you want to build the image locally instead of using pre-built images, then:
Either
Using plain docker command:
docker build -t workspace:latest -f workspaces/Dockerfile.ubuntu.noble.gnome ./workspacesOr
using docker compose:
docker compose -f workspaces/test/dtaas/compose.yml buildEither
Using plain docker command:
docker run -d --shm-size=512m \
-p 8080:8080 \
-e MAIN_USER=user1 --name workspace workspace:latestπ You can change the MAIN_USER variable to any other username of your choice.
An active container provides the following services.
:warning: please remember to change user1 to the username (USERNAME1) set in
the .env file.
- Open workspace - http://localhost:8080/user1/tools/vnc?path=user1%2Ftools%2Fvnc%2Fwebsockify
- Open VSCode - http://localhost:8080/user1/tools/vscode
- Open Jupyter Notebook - http://localhost:8080
- Open Jupyter Lab - http://localhost:8080/user1/lab
The workspace provides a /services endpoint that returns a JSON list of
available services. This enables dynamic service discovery for frontend
applications.
Example: Get service list for user1
curl http://localhost:8080/user1/servicesResponse:
{
"desktop": {
"name": "Desktop",
"description": "Virtual Desktop Environment",
"endpoint": "tools/vnc?path=user1%2Ftools%2Fvnc%2Fwebsockify"
},
"vscode": {
"name": "VS Code",
"description": "VS Code IDE",
"endpoint": "tools/vscode"
},
"notebook": {
"name": "Jupyter Notebook",
"description": "Jupyter Notebook",
"endpoint": ""
},
"lab": {
"name": "Jupyter Lab",
"description": "Jupyter Lab IDE",
"endpoint": "lab"
}
}The endpoint values are dynamically populated with the user's username from the
MAIN_USER environment variable.
Either
Using plain docker command:
docker stop workspace
docker rm workspaceThis workspace supports multiple deployment configurations depending
on your needs. All deployment-relevant files can be found in
workspaces/test/dtaas/.
File: compose.yml
Use case: Local development, single user
Features: Basic workspace without reverse proxy
Documentation: SINGLE_USER.md
File: compose.traefik.yml
Use case: Multi-user development/testing without authentication
Features: Traefik reverse proxy, multiple workspaces
Documentation: TRAEFIK.md
File: compose.traefik.secure.yml
Use case: Development/testing with OAuth2 authentication
Features: Traefik reverse proxy, OAuth2 authentication, HTTP only
Documentation: TRAEFIK_SECURE.md
File: compose.traefik.secure.tls.yml
Use case: Production deployment with full security
Features: Traefik reverse proxy, OAuth2 authentication, TLS/HTTPS
Documentation: TRAEFIK_TLS.md
Choose the configuration that best matches your deployment requirements.
| Feature | compose.yml | compose.traefik.yml | compose.traefik.secure.yml | compose.traefik.secure.tls.yml |
|---|---|---|---|---|
| Reverse Proxy | β | β | β | β |
| Multi-user | β | β | β | β |
| OAuth2 Auth | β | β | β | β |
| TLS/HTTPS | β | β | β | β |
| Production Ready | β | β | β | β |
| Use Case | Local dev | Multi-user dev | Secure dev/test | Production |
For information about publishing Docker images to registries, see PUBLISHING.md.
This project enforces strict code quality checks via GitHub Actions:
- Dockerfile: Linted with hadolint - all errors must be fixed
- Shell scripts: Checked with shellcheck - all warnings must be addressed
- Python scripts: Linted with flake8 and pylint - all errors must be resolved
- YAML files: Validated with yamllint - all issues must be corrected
- Markdown files: Checked with markdownlint - all style violations must be fixed
All quality checks must pass before code can be merged. The workflows will fail if any linting errors are detected.
Linting behavior is configured through:
.shellcheckrc- shellcheck configuration.pylintrc- pylint configuration.yamllint.yml- yamllint configuration.markdownlint.yaml- markdownlint configuration