The idea of this Docker container is that you can have one or several shiny apps and at the same time can run RStudio in the container for debugging and development purposes. The idea would be to have one container for each shiny application. Updates of packages or unix shell tools in one container would then not break other shiny apps.
Having RStudio access to each shiny app container is for convenience. You can then log-in to the RStudio webinterface with the specified username and then modify stuff in the running container, e.g. install new R packages for testing purposes. To log-in into the rstudio webinterface for this container you just need to type the adress of your webserver using the port to which you have mapped rstudio (e.g. 8701 in the example below).
To run the container adapt the following command:
docker run -entrypoint="/usr/bin/with-contenv bash" --name shinyrstudio -d -p 8701:8787 -p 3801:3838 \ -e ROOT=TRUE -e USER=<YourUsername> -e PASSWORD=<YourSecurePassword> \ -e RUN_RSTUDIO=yes -e RUN_SHINY=yes \ -v ~/docker/shiny/app/:/srv/shiny-server/ \ -v ~/docker/shinyrstudio/container_home:/home/<YourUsername>/work \ -v /srv/shinylog/:/var/log/ \ skranz/shinyrstudio:latest
The -p options allows to remap ports:
We use here:
-p 8701:8787 -p 3801:3838
We remap the RStudio port from the default 8787 to 8701 and the shiny-server port from the default 3838 to 3801. If you have several rstudio shiny server container, you want to have different ports for each container. You can customize the 8701 and 3801 to your desired ports, but most keep the 8787 and 3838 in the code.
RStudio username and passwort
-e ROOT=TRUE -e USER=<YourUsername> -e PASSWORD=<YourSecurePassword>
You must replace
<YourUsername> by a user name (removing the < >)with which you can log-in to RStudio running in the container via a webbrowser. Similarly, replace
Please pick a secure password (and try to avoid a standard username like admin or rstudio). Brute-force attacks on webservers that try out common passwords and usernames are VERY VERY common.
True most attacks probably target ssh login on your server on port 22.
(If you have not disabled PasswordAuthentification on your server, try running
sudo lastb when you are logged in the shell of your webserver. On a rented webserver of mine, I saw each minute more than 10 attempts to hack the root password. For some basic security measures see e.g. the tutorial here: https://www.linux.com/learn/how-make-your-linux-server-more-secure
Yet attacks on the rstudio server port, may well happen. Picking a simple common password thus may result in your container beeing quickly hacked. So choose a secure, long password!
RUN_RSTUDIO and RUN_SHINY
By default your container starts both rstudio and shiny-server. By chaning
no in the line
-e RUN_RSTUDIO=yes -e RUN_SHINY=yes \
You can turn off one or both services. One can think of possible use cases:
Setting both to yes can be useful if you are in development and testing stage of your app and want RStudio access.
If your testing is done and your app container shall run in production, you may want to run it with the option
RUN_RSTUDIO=noto avoid the risk that someones hacks your RStudio server password and uses the RStudio server access to mess up your container or steal data.
For debugging purposes you perhaps temporarily may want to run RStudio in your container but disable outside access to your shiny app. You can do this by stopping and removing the container and run again with the options
RUN_SHINY=no. Of course, this makes mainly sense if all data generated by the shiny app is stored in a shared volume, so that stopping, removing and rerunning your container does not lead to data loss.
mounted shared volumes
-v ~/docker/shiny/app/:/srv/shiny-server/ \ -v ~/docker/shinyrstudio/container_home:/home/<YourUsername>/work \ -v /srv/shinylog/:/var/log/ \
mount different directories on your server (left of each :) to a directory in the docker container (right of each :). You can adapt the left directories but must keep the right directories as given.
The first line
-v ~/docker/shiny/app/:/srv/shiny-server/ \
specifies the shiny apps directory on your server. The second line
-v ~/docker/shinyrstudio/container_home:/home/<YourUsername>/work \
specifes the directory on your server that corresponds to the /home/<YourUsername> directory in the container. Please change <YourUsername> with your chosen username. That is the default directory, when you login into RStudio server.