Updated on | | 2 User comments

RStudio - RStudio Server and Shiny

RStudio is an integrated development environment (IDE) for R. It includes a console, syntax-highlighting editor that supports direct code execution, as well as tools for plotting, history, debugging and workspace management. With Shiny it is possible to build interactive web applications by using R, or it can be written directly in HTML, CSS, and JavaScript for more flexibility. Here you can find some tips and tricks about RStudio Server and Shiny.

Install RStudio

RStudio is using R-Base, where you need to add cran servers to your sources.list:

  1. sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 51716619E084DAB9
  2. sudo add-apt-repository "deb http://cran.rstudio.com/bin/linux/ubuntu $(lsb_release -s -c)/"

After this you can start to install R-base:

  1. sudo apt-get update && sudo apt-get install r-base r-base-dev libssl-dev libcurl4-openssl-dev

From here you can download your files and install via apt-get:

  1. sudo apt-get install gdebi-core
  2. cd /tmp && wget https://download2.rstudio.org/rstudio-server-1.0.44-amd64.deb
  3. sudo gdebi rstudio-server-1.0.44-amd64.deb
....
Dez 21 13:21:46 server systemd[1]: Starting RStudio Server...
Dez 21 13:21:46 server systemd[1]: Started RStudio Server.

Login for Rstudio

Rstudio is using Pluggable Authentication Modules (PAM) for user authentication. Its primary function is to provide access to identity and authentication remote resource. If you are using the Rstudio-Server Open Source Edition, it is not intended to use LDAP function via Samba4. By using PAM you are able to link Samba4 accounts with RStudio-Server in the Open Source Edition. In my case, I don't need for every user a working directory, because I'm using it alone. Therefore, I created a user called rstudio, which I can use to login.

Create a User Rstudio with:

  1. sudo adduser --gecos "Rstudio Workspace" rstudio --home /home/rstudio --ingroup rstudio-server

After this, you can check if pam is working successfully:

  1. id rstudio
uid=1000(rstudio) gid=997(rstudio-server) groups=997(rstudio-server)

So, if this is working you are able to create a PAM configuration file. Create /etc/pam.d/rstudio and insert the following content.

  1. sudo cp /etc/pam.d/login /etc/pam.d/rstudio

In order to use shiny server you don't need to create a new configuration file for PAM. Use SymLink to create the file:

  1. sudo ln -s /etc/pam.d/rstudio /etc/pam.d/shiny-server

Config files

You can always test your config with:

  1. sudo rstudio-server test-config

My ression config file looks like this

  1. sudo nano /etc/rstudio/rsession.conf
# R Session Configuration File
r-cran-repos = https://cran.rstudio.com/
r-libs-user = ~/R/library

session-timeout-minutes = 30
session-default-working-dir=~/workspace
session-default-new-project-dir=~/projects

limit-file-upload-size-mb = 10000
limit-xfs-disk-quota = 0

and my rstudio config file like this:

  1. sudo nano /etc/rstudio/rserver.conf
# Server Configuration File
www-port = 8787
www-address = 127.0.0.1

# Authentication
auth-required-user-group = rstudio-server

# Configuration Administrator
server-daemonize = on
server-user = rstudio-server

# AppAmor for Ubuntu/Debian
server-app-armor-enabled = 0

# R Session
rsession-which-r=/usr/bin/R

Furthermore, you can use ip-rules to manage IP access with:

  1. sudo nano /etc/rstudio/ip-rules
allow 127.0.0.1
allow 192.168.2.0/24
deny 192.168.2.1
deny all

Update R-Base

  1. sudo su - rstudio
  2. R -e "update.packages(checkBuilt = TRUE, ask = FALSE, repos='http://cran.rstudio.com/')"

HAProxy for RStudio-Server with SSL

HAProxy is a very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. Over the years it has become the de-facto standard opensource load balancer, is now shipped with most mainstream Linux distributions, and is often deployed by default in cloud platforms. If you want to use RStudio-Server and Shiny together with SSL, HAProxy is a great solution. In principle it is working like this:

HAPROXY (Port 443) -> Identify Rstudio-Server Request -> Forward to 127.0.0.1:8787

HAPROXY (Port 443) -> Identify Shiny Request -> Forward to 127.0.0.1:3838

In my case, I want to use a subdomain together with a folder path in the URL:

https://subdomain.domain.tld/rstudio

This is not so easy to solve in the community edition, because there is no option for a subdomain or a special path name (or it is not official).

Rstudio-Server and Shiny Frontend

At first, you need to configure the frontend, where you can use your existent SSL frontent on port 443.

  1. sudo nano /etc/haproxy/haproxy.cfg
frontend ssl_server_443

    ...

    # Cloud Apps
    acl rstudio_server ssl_fc_sni -i SUBDOMAIN.DOMAIN.TLD

    acl rstudio_path url_beg /rstudio/
    acl rstudio_signin_path1 url_beg /auth-sign-in
    acl rstudio_signin_path2 url_beg /rstudio/auth-sign-in

    acl shiny_path url_beg /shiny/

    # Rstudio and Shiny
    redirect location https://SUBDOMAIN.DOMAIN.TLD/rstudio/auth-sign-in?appUri=rstudio/ if rstudio_signin_path1 !rstudio_signin_path2
    use_backend bk_rstudioHAProxyId_8787 if rstudio_server rstudio_path !shiny_path
    use_backend bk_shinyHAProxyId_3838 if rstudio_server shiny_path

    ...
    default_backend bk_apacheHAProxyId_62080 check

It is working like this:

  1. You go to https://subdomain.domain.tld/rstudio/
  2. Rstudio is fowarding you to https://subdomain.domain.tld/auth-sign-in to the login page. Yes, there is no rstudio in the path!
  3. HaProxy is checking this and forward you to https://subdomain.domain.tld/rstudio/auth-sign-in
  4. After a successful login it is only using https://subdomain.domain.tld/rstudio/

RStudio-Server Backend

The RStudio-Server backend receives forwarded requests from the SSL-frontend.

  1. sudo nano /etc/haproxy/haproxy.cfg
backend bk_rstudioHAProxyId_8787
        mode http
        option forwardfor
        option httpclose
        option redispatch
        option originalto
        option  http-pretend-keepalive
        option  http-server-close

        # replace "/rstudio/" with "/" at the beginning of any request path:
        reqrep ^([^\ :]*)\ /rstudio/(.*)     \1\ /\2
        reqadd X-Script-Name:\ /rstudio
        reqadd X-RStudio-Username:\ %[ssl_c_s_dn(cn)]

        server srv_rstudioHAProxyId 127.0.0.1:8787 check

Shiny Backend

The Shiny backend receives forwarded requests from the SSL-frontend.

  1. sudo nano /etc/haproxy/haproxy.cfg
backend bk_shinyHAProxyId_3838
        mode http
        option forwardfor

        # Fake connection:close, required in this setup.
        option http-server-close
        option http-pretend-keepalive

        balance uri depth 2

        server srv_shinyHAProxyId 127.0.0.1:3838 check

Well, what do you think?

gmat said
Hi,
did you update your server to the 0.99.896 version ? The last version I use is the 0.99.484. If I do the update I am not able to connect any more. I use a different rstudio pam.d file than your but even with your I get the same issue.
Thks
Thomas Ludwig said
Hi gmat,

nope, still using Version 0.99.467. Good to know, that it would be good to change a little bit later :-)

Cheers,

Thomas
Comments powered by LudwigDisqus for ModX