[ARVADOS] created: 778769180b6f907cda7e53981317cf764eb1fce7

Git user git at public.curoverse.com
Tue Mar 1 16:18:16 EST 2016


        at  778769180b6f907cda7e53981317cf764eb1fce7 (commit)


commit 778769180b6f907cda7e53981317cf764eb1fce7
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Tue Mar 1 16:18:03 2016 -0500

    8231: Move arvbox README into install guide.

diff --git a/doc/_config.yml b/doc/_config.yml
index 05b7437..e628520 100644
--- a/doc/_config.yml
+++ b/doc/_config.yml
@@ -144,6 +144,8 @@ navbar:
   installguide:
     - Overview:
       - install/index.html.textile.liquid
+    - Docker quick start:
+      - install/arvbox.html.md.liquid
     - Manual installation:
       - install/install-manual-prerequisites.html.textile.liquid
       - install/install-sso.html.textile.liquid
diff --git a/tools/arvbox/README.md b/doc/install/arvbox.html.md.liquid
similarity index 91%
rename from tools/arvbox/README.md
rename to doc/install/arvbox.html.md.liquid
index 8098686..97bb40c 100644
--- a/tools/arvbox/README.md
+++ b/doc/install/arvbox.html.md.liquid
@@ -1,11 +1,16 @@
-# Arvados-in-a-box
+---
+layout: default
+navsection: installguide
+title: Arvados-in-a-box
+...
 
-Self-contained development, demonstration and testing environment for Arvados.
+Arvbox is a Docker-based self-contained development, demonstration and testing
+environment for Arvados.  It is not intended for production use.
 
 ## Quick start
 
 ```
-$ bin/arvbox reboot localdemo
+arvados/tools/arvbox/bin$ ./arvbox start localdemo
 ```
 
 ## Usage
@@ -20,13 +25,14 @@ start|run <config>  start arvbox container
 open       open arvbox workbench in a web browser
 shell      enter arvbox shell
 ip         print arvbox ip address
+status     print some information about current arvbox
 stop       stop arvbox container
 restart <config>  stop, then run again
 reboot  <config>  stop, build arvbox Docker image, run
 reset      delete arvbox arvados data (be careful!)
 destroy    delete all arvbox code and data (be careful!)
 log       <service> tail log of specified service
-svrestart <service> restart specified service inside arvbox
+sv        <start|stop|restart> <service> change state of service inside arvbox
 clone <from> <to>   clone an arvbox
 ```
 

commit f4ca9ad94a6bb006d1f3c7ba207837f1736d1247
Merge: d77bf0c d3d3687
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Tue Mar 1 15:48:14 2016 -0500

    Add 'tools/arvbox/' from commit 'd3d368758db1f4a9fa5b89f77b5ee61d68ef5b72'
    
    git-subtree-dir: tools/arvbox
    git-subtree-mainline: d77bf0c67422a259afacc17660698729328a1ed3
    git-subtree-split: d3d368758db1f4a9fa5b89f77b5ee61d68ef5b72

diff --cc tools/arvbox/README.md
index 0000000,8098686..8098686
mode 000000,100644..100644
--- a/tools/arvbox/README.md
+++ b/tools/arvbox/README.md
diff --cc tools/arvbox/bin/arvbox
index 0000000,d790cb6..d790cb6
mode 000000,100755..100755
--- a/tools/arvbox/bin/arvbox
+++ b/tools/arvbox/bin/arvbox
diff --cc tools/arvbox/lib/arvbox/docker/Dockerfile.base
index 0000000,280ac68..280ac68
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/Dockerfile.base
+++ b/tools/arvbox/lib/arvbox/docker/Dockerfile.base
diff --cc tools/arvbox/lib/arvbox/docker/Dockerfile.demo
index 0000000,1f13415..1f13415
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/Dockerfile.demo
+++ b/tools/arvbox/lib/arvbox/docker/Dockerfile.demo
diff --cc tools/arvbox/lib/arvbox/docker/Dockerfile.dev
index 0000000,051c274..051c274
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/Dockerfile.dev
+++ b/tools/arvbox/lib/arvbox/docker/Dockerfile.dev
diff --cc tools/arvbox/lib/arvbox/docker/application_yml_override.py
index 0000000,98a8e48..98a8e48
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/application_yml_override.py
+++ b/tools/arvbox/lib/arvbox/docker/application_yml_override.py
diff --cc tools/arvbox/lib/arvbox/docker/common.sh
index 0000000,4c2de47..4c2de47
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/common.sh
+++ b/tools/arvbox/lib/arvbox/docker/common.sh
diff --cc tools/arvbox/lib/arvbox/docker/createusers.sh
index 0000000,b77c9c2..b77c9c2
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/createusers.sh
+++ b/tools/arvbox/lib/arvbox/docker/createusers.sh
diff --cc tools/arvbox/lib/arvbox/docker/crunch-setup.sh
index 0000000,178fec1..178fec1
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/crunch-setup.sh
+++ b/tools/arvbox/lib/arvbox/docker/crunch-setup.sh
diff --cc tools/arvbox/lib/arvbox/docker/fuse.conf
index 0000000,a439ab8..a439ab8
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/fuse.conf
+++ b/tools/arvbox/lib/arvbox/docker/fuse.conf
diff --cc tools/arvbox/lib/arvbox/docker/gitolite.rc
index 0000000,03c4b29..03c4b29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/gitolite.rc
+++ b/tools/arvbox/lib/arvbox/docker/gitolite.rc
diff --cc tools/arvbox/lib/arvbox/docker/keep-setup.sh
index 0000000,b66463f..b66463f
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/keep-setup.sh
+++ b/tools/arvbox/lib/arvbox/docker/keep-setup.sh
diff --cc tools/arvbox/lib/arvbox/docker/logger
index 0000000,a79a518..a79a518
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/logger
+++ b/tools/arvbox/lib/arvbox/docker/logger
diff --cc tools/arvbox/lib/arvbox/docker/runit-docker/.gitignore
index 0000000,bbf313b..bbf313b
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/runit-docker/.gitignore
+++ b/tools/arvbox/lib/arvbox/docker/runit-docker/.gitignore
diff --cc tools/arvbox/lib/arvbox/docker/runit-docker/LICENSE
index 0000000,d158667..d158667
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/runit-docker/LICENSE
+++ b/tools/arvbox/lib/arvbox/docker/runit-docker/LICENSE
diff --cc tools/arvbox/lib/arvbox/docker/runit-docker/Makefile
index 0000000,9a28963..9a28963
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/runit-docker/Makefile
+++ b/tools/arvbox/lib/arvbox/docker/runit-docker/Makefile
diff --cc tools/arvbox/lib/arvbox/docker/runit-docker/README.md
index 0000000,1bcb8cc..1bcb8cc
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/runit-docker/README.md
+++ b/tools/arvbox/lib/arvbox/docker/runit-docker/README.md
diff --cc tools/arvbox/lib/arvbox/docker/runit-docker/debian/changelog
index 0000000,7d8689f..7d8689f
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/runit-docker/debian/changelog
+++ b/tools/arvbox/lib/arvbox/docker/runit-docker/debian/changelog
diff --cc tools/arvbox/lib/arvbox/docker/runit-docker/debian/compat
index 0000000,ec63514..ec63514
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/runit-docker/debian/compat
+++ b/tools/arvbox/lib/arvbox/docker/runit-docker/debian/compat
diff --cc tools/arvbox/lib/arvbox/docker/runit-docker/debian/control
index 0000000,4060915..4060915
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/runit-docker/debian/control
+++ b/tools/arvbox/lib/arvbox/docker/runit-docker/debian/control
diff --cc tools/arvbox/lib/arvbox/docker/runit-docker/debian/copyright
index 0000000,8679a6a..8679a6a
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/runit-docker/debian/copyright
+++ b/tools/arvbox/lib/arvbox/docker/runit-docker/debian/copyright
diff --cc tools/arvbox/lib/arvbox/docker/runit-docker/debian/docs
index 0000000,b43bf86..b43bf86
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/runit-docker/debian/docs
+++ b/tools/arvbox/lib/arvbox/docker/runit-docker/debian/docs
diff --cc tools/arvbox/lib/arvbox/docker/runit-docker/debian/rules
index 0000000,ce15cce..ce15cce
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/runit-docker/debian/rules
+++ b/tools/arvbox/lib/arvbox/docker/runit-docker/debian/rules
diff --cc tools/arvbox/lib/arvbox/docker/runit-docker/debian/source/format
index 0000000,163aaf8..163aaf8
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/runit-docker/debian/source/format
+++ b/tools/arvbox/lib/arvbox/docker/runit-docker/debian/source/format
diff --cc tools/arvbox/lib/arvbox/docker/runit-docker/runit-docker
index 0000000,fdbaad5..fdbaad5
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/runit-docker/runit-docker
+++ b/tools/arvbox/lib/arvbox/docker/runit-docker/runit-docker
diff --cc tools/arvbox/lib/arvbox/docker/runit-docker/runit-docker.c
index 0000000,825a35f..825a35f
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/runit-docker/runit-docker.c
+++ b/tools/arvbox/lib/arvbox/docker/runit-docker/runit-docker.c
diff --cc tools/arvbox/lib/arvbox/docker/runsu.sh
index 0000000,1557d09..1557d09
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/runsu.sh
+++ b/tools/arvbox/lib/arvbox/docker/runsu.sh
diff --cc tools/arvbox/lib/arvbox/docker/service/api/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/api/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/api/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/api/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/api/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/api/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/api/run
index 0000000,a388c8b..a388c8b
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/api/run
+++ b/tools/arvbox/lib/arvbox/docker/service/api/run
diff --cc tools/arvbox/lib/arvbox/docker/service/api/run-service
index 0000000,058939c..058939c
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/api/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/api/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/arv-git-httpd/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/arv-git-httpd/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/arv-git-httpd/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/arv-git-httpd/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/arv-git-httpd/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/arv-git-httpd/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/arv-git-httpd/run
index 0000000,a388c8b..a388c8b
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/arv-git-httpd/run
+++ b/tools/arvbox/lib/arvbox/docker/service/arv-git-httpd/run
diff --cc tools/arvbox/lib/arvbox/docker/service/arv-git-httpd/run-service
index 0000000,854464e..854464e
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/arv-git-httpd/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/arv-git-httpd/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/run
index 0000000,a388c8b..a388c8b
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/run
+++ b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/run
diff --cc tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/run-service
index 0000000,211b438..211b438
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch-local/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/crunch-dispatch0/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch0/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch0/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/crunch-dispatch0/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch0/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch0/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/crunch-dispatch0/run
index 0000000,a388c8b..a388c8b
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch0/run
+++ b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch0/run
diff --cc tools/arvbox/lib/arvbox/docker/service/crunch-dispatch0/run-service
index 0000000,fa3a73a..fa3a73a
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch0/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch0/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/crunch-dispatch1/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch1/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch1/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/crunch-dispatch1/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch1/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch1/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/crunch-dispatch1/run
index 0000000,a388c8b..a388c8b
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch1/run
+++ b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch1/run
diff --cc tools/arvbox/lib/arvbox/docker/service/crunch-dispatch1/run-service
index 0000000,6430e9c..6430e9c
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch1/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/crunch-dispatch1/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/doc/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/doc/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/doc/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/doc/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/doc/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/doc/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/doc/run
index 0000000,a388c8b..a388c8b
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/doc/run
+++ b/tools/arvbox/lib/arvbox/docker/service/doc/run
diff --cc tools/arvbox/lib/arvbox/docker/service/doc/run-service
index 0000000,acbe21c..acbe21c
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/doc/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/doc/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/docker/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/docker/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/docker/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/docker/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/docker/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/docker/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/docker/run
index 0000000,1ecdc16..1ecdc16
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/docker/run
+++ b/tools/arvbox/lib/arvbox/docker/service/docker/run
diff --cc tools/arvbox/lib/arvbox/docker/service/gitolite/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/gitolite/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/gitolite/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/gitolite/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/gitolite/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/gitolite/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/gitolite/run
index 0000000,a388c8b..a388c8b
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/gitolite/run
+++ b/tools/arvbox/lib/arvbox/docker/service/gitolite/run
diff --cc tools/arvbox/lib/arvbox/docker/service/gitolite/run-service
index 0000000,e0e8771..e0e8771
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/gitolite/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/gitolite/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/keep-web/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/keep-web/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/keep-web/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/keep-web/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/keep-web/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/keep-web/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/keep-web/run
index 0000000,a388c8b..a388c8b
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/keep-web/run
+++ b/tools/arvbox/lib/arvbox/docker/service/keep-web/run
diff --cc tools/arvbox/lib/arvbox/docker/service/keep-web/run-service
index 0000000,a2c6aa1..a2c6aa1
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/keep-web/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/keep-web/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/keepproxy/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/keepproxy/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/keepproxy/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/keepproxy/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/keepproxy/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/keepproxy/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/keepproxy/run
index 0000000,a388c8b..a388c8b
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/keepproxy/run
+++ b/tools/arvbox/lib/arvbox/docker/service/keepproxy/run
diff --cc tools/arvbox/lib/arvbox/docker/service/keepproxy/run-service
index 0000000,413a67e..413a67e
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/keepproxy/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/keepproxy/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/keepstore0/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/keepstore0/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/keepstore0/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/keepstore0/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/keepstore0/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/keepstore0/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/keepstore0/run
index 0000000,a388c8b..a388c8b
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/keepstore0/run
+++ b/tools/arvbox/lib/arvbox/docker/service/keepstore0/run
diff --cc tools/arvbox/lib/arvbox/docker/service/keepstore0/run-service
index 0000000,cf411e4..cf411e4
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/keepstore0/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/keepstore0/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/keepstore1/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/keepstore1/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/keepstore1/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/keepstore1/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/keepstore1/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/keepstore1/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/keepstore1/run
index 0000000,a388c8b..a388c8b
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/keepstore1/run
+++ b/tools/arvbox/lib/arvbox/docker/service/keepstore1/run
diff --cc tools/arvbox/lib/arvbox/docker/service/keepstore1/run-service
index 0000000,8d34d06..8d34d06
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/keepstore1/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/keepstore1/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/postgres/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/postgres/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/postgres/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/postgres/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/postgres/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/postgres/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/postgres/run
index 0000000,4918bd7..4918bd7
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/postgres/run
+++ b/tools/arvbox/lib/arvbox/docker/service/postgres/run
diff --cc tools/arvbox/lib/arvbox/docker/service/postgres/run-service
index 0000000,a05be62..a05be62
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/postgres/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/postgres/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/ready/run
index 0000000,a388c8b..a388c8b
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/ready/run
+++ b/tools/arvbox/lib/arvbox/docker/service/ready/run
diff --cc tools/arvbox/lib/arvbox/docker/service/ready/run-service
index 0000000,f560de0..f560de0
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/ready/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/ready/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/sdk/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/sdk/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/sdk/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/sdk/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/sdk/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/sdk/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/sdk/run
index 0000000,816b166..816b166
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/sdk/run
+++ b/tools/arvbox/lib/arvbox/docker/service/sdk/run
diff --cc tools/arvbox/lib/arvbox/docker/service/sdk/run-service
index 0000000,b51f0fc..b51f0fc
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/sdk/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/sdk/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/slurmctld/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/slurmctld/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/slurmctld/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/slurmctld/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/slurmctld/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/slurmctld/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/slurmctld/run
index 0000000,bd75bd0..bd75bd0
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/slurmctld/run
+++ b/tools/arvbox/lib/arvbox/docker/service/slurmctld/run
diff --cc tools/arvbox/lib/arvbox/docker/service/slurmd/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/slurmd/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/slurmd/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/slurmd/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/slurmd/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/slurmd/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/slurmd/run
index 0000000,865a7e6..865a7e6
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/slurmd/run
+++ b/tools/arvbox/lib/arvbox/docker/service/slurmd/run
diff --cc tools/arvbox/lib/arvbox/docker/service/ssh/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/ssh/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/ssh/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/ssh/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/ssh/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/ssh/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/ssh/run
index 0000000,0f23542..0f23542
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/ssh/run
+++ b/tools/arvbox/lib/arvbox/docker/service/ssh/run
diff --cc tools/arvbox/lib/arvbox/docker/service/sso/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/sso/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/sso/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/sso/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/sso/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/sso/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/sso/run
index 0000000,a388c8b..a388c8b
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/sso/run
+++ b/tools/arvbox/lib/arvbox/docker/service/sso/run
diff --cc tools/arvbox/lib/arvbox/docker/service/sso/run-service
index 0000000,da413e0..da413e0
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/sso/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/sso/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/vm/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/vm/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/vm/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/vm/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/vm/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/vm/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/vm/run
index 0000000,0c10cb0..0c10cb0
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/vm/run
+++ b/tools/arvbox/lib/arvbox/docker/service/vm/run
diff --cc tools/arvbox/lib/arvbox/docker/service/vm/run-service
index 0000000,fb209f5..fb209f5
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/vm/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/vm/run-service
diff --cc tools/arvbox/lib/arvbox/docker/service/workbench/log/main/.gitstub
index 0000000,e69de29..e69de29
mode 000000,100644..100644
--- a/tools/arvbox/lib/arvbox/docker/service/workbench/log/main/.gitstub
+++ b/tools/arvbox/lib/arvbox/docker/service/workbench/log/main/.gitstub
diff --cc tools/arvbox/lib/arvbox/docker/service/workbench/log/run
index 0000000,d6aef4a..d6aef4a
mode 000000,120000..120000
--- a/tools/arvbox/lib/arvbox/docker/service/workbench/log/run
+++ b/tools/arvbox/lib/arvbox/docker/service/workbench/log/run
diff --cc tools/arvbox/lib/arvbox/docker/service/workbench/run
index 0000000,6ac0476..6ac0476
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/workbench/run
+++ b/tools/arvbox/lib/arvbox/docker/service/workbench/run
diff --cc tools/arvbox/lib/arvbox/docker/service/workbench/run-service
index 0000000,850022a..850022a
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/service/workbench/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/workbench/run-service
diff --cc tools/arvbox/lib/arvbox/docker/waitforpostgres.sh
index 0000000,84d9904..84d9904
mode 000000,100755..100755
--- a/tools/arvbox/lib/arvbox/docker/waitforpostgres.sh
+++ b/tools/arvbox/lib/arvbox/docker/waitforpostgres.sh

commit d3d368758db1f4a9fa5b89f77b5ee61d68ef5b72
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Thu Feb 25 11:15:47 2016 -0500

    Tweak slurm configuration to run as non-root user.

diff --git a/lib/arvbox/docker/service/slurmctld/run b/lib/arvbox/docker/service/slurmctld/run
index 7b3c6e1..bd75bd0 100755
--- a/lib/arvbox/docker/service/slurmctld/run
+++ b/lib/arvbox/docker/service/slurmctld/run
@@ -9,9 +9,11 @@ cat > /etc/slurm-llnl/slurm.conf  <<EOF
 ControlMachine=$HOSTNAME
 ControlAddr=$HOSTNAME
 AuthType=auth/munge
-DefaultStorageLoc=/var/log/slurm
+DefaultStorageLoc=/var/log/slurm-llnl
 SelectType=select/cons_res
+SelectTypeParameters=CR_CPU_Memory
 SlurmUser=arvbox
+SlurmdUser=arvbox
 SlurmctldPort=7002
 SlurmctldTimeout=300
 SlurmdPort=7003
diff --git a/lib/arvbox/docker/service/slurmd/run b/lib/arvbox/docker/service/slurmd/run
index 697f7a2..865a7e6 100755
--- a/lib/arvbox/docker/service/slurmd/run
+++ b/lib/arvbox/docker/service/slurmd/run
@@ -3,4 +3,4 @@
 exec 2>&1
 set -eux -o pipefail
 
-exec /usr/sbin/slurmd -v -D
+exec /usr/local/lib/arvbox/runsu.sh /usr/sbin/slurmd -v -D

commit 6800e714e8c3b503c6c91f88a56b1a6205f265d3
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Thu Feb 25 11:14:21 2016 -0500

    Fix arvados-login-sync for vm account creation

diff --git a/lib/arvbox/docker/service/vm/run b/lib/arvbox/docker/service/vm/run
index b7fb9cc..0c10cb0 100755
--- a/lib/arvbox/docker/service/vm/run
+++ b/lib/arvbox/docker/service/vm/run
@@ -6,4 +6,16 @@ set -e
 git config --system "credential.http://$localip:${services[arv-git-httpd]}/.username" none
 git config --system "credential.http://$localip:${services[arv-git-httpd]}/.helper" '!cred(){ cat >/dev/null; if [ "$1" = get ]; then echo password=$ARVADOS_API_TOKEN; fi; };cred'
 
-exec /usr/local/lib/arvbox/runsu.sh $0-service
+/usr/local/lib/arvbox/runsu.sh $0-service
+
+cd /usr/src/arvados/services/login-sync
+
+export ARVADOS_API_HOST=$localip:${services[api]}
+export ARVADOS_API_HOST_INSECURE=1
+export ARVADOS_API_TOKEN=$(cat /var/lib/arvados/superuser_token)
+export ARVADOS_VIRTUAL_MACHINE_UUID=$(cat /var/lib/arvados/vm-uuid)
+
+while true ; do
+      bundle exec arvados-login-sync
+      sleep 120
+done
diff --git a/lib/arvbox/docker/service/vm/run-service b/lib/arvbox/docker/service/vm/run-service
index 5bb6825..fb209f5 100755
--- a/lib/arvbox/docker/service/vm/run-service
+++ b/lib/arvbox/docker/service/vm/run-service
@@ -34,8 +34,3 @@ if arv virtual_machine get --uuid $ARVADOS_VIRTUAL_MACHINE_UUID ; then
 else
     arv virtual_machine create --virtual-machine "$vm"
 fi
-
-while true ; do
-      bundle exec arvados-login-sync
-      sleep 120
-done

commit 508321196bb55f7d2dd09f27c2a1b90cfe1b0e18
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Thu Feb 25 11:12:00 2016 -0500

    Generalize arvbox 'svrestart' to 'sv' no issue #

diff --git a/bin/arvbox b/bin/arvbox
index 7be361b..d790cb6 100755
--- a/bin/arvbox
+++ b/bin/arvbox
@@ -358,10 +358,9 @@ case "$subcmd" in
         fi
         ;;
 
-    svrestart)
+    sv)
         if test -n "$1" ; then
-            docker exec -ti $ARVBOX_CONTAINER sv restart "$1"
-            docker exec -ti $ARVBOX_CONTAINER sv restart ready
+            docker exec -ti $ARVBOX_CONTAINER sv "$1" "$2"
         else
             echo "Usage: $0 $subcmd <service>"
             echo "Available services:"
@@ -397,7 +396,7 @@ case "$subcmd" in
         echo "reset      delete arvbox arvados data (be careful!)"
         echo "destroy    delete all arvbox code and data (be careful!)"
         echo "log       <service> tail log of specified service"
-        echo "svrestart <service> restart specified service inside arvbox"
+        echo "sv        <start|stop|restart> <service> change state of service inside arvbox"
         echo "clone <from> <to>   clone an arvbox"
         ;;
 esac

commit 2669dd050b2b9ef92c5af308ae79d4c61cdb9529
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Thu Feb 18 16:28:29 2016 -0500

    Run slurmctld and slurmd inside arvbox. refs #6518

diff --git a/lib/arvbox/docker/Dockerfile.base b/lib/arvbox/docker/Dockerfile.base
index 160afee..280ac68 100644
--- a/lib/arvbox/docker/Dockerfile.base
+++ b/lib/arvbox/docker/Dockerfile.base
@@ -10,7 +10,7 @@ RUN apt-get update && \
     pkg-config libattr1-dev python-llfuse python-pycurl \
     libwww-perl libio-socket-ssl-perl libcrypt-ssleay-perl \
     libjson-perl nginx gitolite3 lsof python-epydoc graphviz \
-    apt-transport-https ca-certificates
+    apt-transport-https ca-certificates slurm-wlm
 
 VOLUME /var/lib/docker
 VOLUME /var/log/nginx
@@ -38,8 +38,5 @@ ADD crunch-setup.sh gitolite.rc \
     application_yml_override.py \
     /usr/local/lib/arvbox/
 
-ADD service/ /var/lib/arvbox/service
-RUN rmdir /etc/service && ln -sf /var/lib/arvbox/service /etc
-
 # Start the supervisor.
 CMD ["/usr/local/bin/runsvinit"]
diff --git a/lib/arvbox/docker/Dockerfile.demo b/lib/arvbox/docker/Dockerfile.demo
index d3e36c6..1f13415 100644
--- a/lib/arvbox/docker/Dockerfile.demo
+++ b/lib/arvbox/docker/Dockerfile.demo
@@ -4,6 +4,9 @@ RUN cd /usr/src && \
     git clone https://github.com/curoverse/arvados.git && \
     git clone https://github.com/curoverse/sso-devise-omniauth-provider.git sso
 
+ADD service/ /var/lib/arvbox/service
+RUN rmdir /etc/service && ln -sf /var/lib/arvbox/service /etc
+
 RUN chown -R 1000:1000 /usr/src && /usr/local/lib/arvbox/createusers.sh
 
 RUN sudo -u arvbox /var/lib/arvbox/service/sso/run-service --only-deps
diff --git a/lib/arvbox/docker/Dockerfile.dev b/lib/arvbox/docker/Dockerfile.dev
index 5ec73bb..051c274 100644
--- a/lib/arvbox/docker/Dockerfile.dev
+++ b/lib/arvbox/docker/Dockerfile.dev
@@ -10,4 +10,7 @@ RUN set -e && \
  tar -C /usr/local -xjf /tmp/$PJS.tar.bz2 && \
  ln -s ../$PJS/bin/phantomjs /usr/local/bin/
 
+ADD service/ /var/lib/arvbox/service
+RUN rmdir /etc/service && ln -sf /var/lib/arvbox/service /etc
+
 RUN mkdir /etc/test-service && ln -sf /var/lib/arvbox/service/postgres /etc/test-service
diff --git a/lib/arvbox/docker/service/slurmctld/log/main/.gitstub b/lib/arvbox/docker/service/slurmctld/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/slurmctld/log/run b/lib/arvbox/docker/service/slurmctld/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/slurmctld/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/slurmctld/run b/lib/arvbox/docker/service/slurmctld/run
new file mode 100755
index 0000000..7b3c6e1
--- /dev/null
+++ b/lib/arvbox/docker/service/slurmctld/run
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+exec 2>&1
+set -eux -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+cat > /etc/slurm-llnl/slurm.conf  <<EOF
+ControlMachine=$HOSTNAME
+ControlAddr=$HOSTNAME
+AuthType=auth/munge
+DefaultStorageLoc=/var/log/slurm
+SelectType=select/cons_res
+SlurmUser=arvbox
+SlurmctldPort=7002
+SlurmctldTimeout=300
+SlurmdPort=7003
+SlurmdSpoolDir=/var/tmp/slurmd.spool
+SlurmdTimeout=300
+StateSaveLocation=/var/tmp/slurm.state
+NodeName=$HOSTNAME
+PartitionName=compute State=UP Default=YES Nodes=$HOSTNAME
+EOF
+
+mkdir -p /var/run/munge
+
+/usr/sbin/munged -f
+
+exec /usr/sbin/slurmctld -v -D
diff --git a/lib/arvbox/docker/service/slurmd/log/main/.gitstub b/lib/arvbox/docker/service/slurmd/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/slurmd/log/run b/lib/arvbox/docker/service/slurmd/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/slurmd/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/slurmd/run b/lib/arvbox/docker/service/slurmd/run
new file mode 100755
index 0000000..697f7a2
--- /dev/null
+++ b/lib/arvbox/docker/service/slurmd/run
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+exec 2>&1
+set -eux -o pipefail
+
+exec /usr/sbin/slurmd -v -D

commit 60b39c50f95bb2ba92c8ed4c4974f5bb3d700342
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Tue Feb 16 10:16:55 2016 -0500

    Move services to /var/lib/arvbox/services because they include logs and logs
    don't go in /usr. no issue #

diff --git a/bin/arvbox b/bin/arvbox
index 10fac0d..7be361b 100755
--- a/bin/arvbox
+++ b/bin/arvbox
@@ -181,12 +181,12 @@ run() {
             docker exec -ti \
                    $ARVBOX_CONTAINER \
                    /usr/local/lib/arvbox/runsu.sh \
-                   /usr/local/lib/arvbox/service/sso/run-service --only-setup
+                   /var/lib/arvbox/service/sso/run-service --only-setup
 
             docker exec -ti \
                    $ARVBOX_CONTAINER \
                    /usr/local/lib/arvbox/runsu.sh \
-                   /usr/local/lib/arvbox/service/api/run-service --only-setup
+                   /var/lib/arvbox/service/api/run-service --only-setup
 
             docker exec -ti \
                    $ARVBOX_CONTAINER \
diff --git a/lib/arvbox/docker/Dockerfile.demo b/lib/arvbox/docker/Dockerfile.demo
index 1085abc..d3e36c6 100644
--- a/lib/arvbox/docker/Dockerfile.demo
+++ b/lib/arvbox/docker/Dockerfile.demo
@@ -6,9 +6,9 @@ RUN cd /usr/src && \
 
 RUN chown -R 1000:1000 /usr/src && /usr/local/lib/arvbox/createusers.sh
 
-RUN sudo -u arvbox /usr/local/lib/arvbox/service/sso/run-service --only-deps
-RUN sudo -u arvbox /usr/local/lib/arvbox/service/api/run-service --only-deps
-RUN sudo -u arvbox /usr/local/lib/arvbox/service/workbench/run-service --only-deps
-RUN sudo -u arvbox /usr/local/lib/arvbox/service/doc/run-service --only-deps
-RUN sudo -u arvbox /usr/local/lib/arvbox/service/vm/run-service --only-deps
-RUN sudo -u arvbox /usr/local/lib/arvbox/service/sdk/run-service
+RUN sudo -u arvbox /var/lib/arvbox/service/sso/run-service --only-deps
+RUN sudo -u arvbox /var/lib/arvbox/service/api/run-service --only-deps
+RUN sudo -u arvbox /var/lib/arvbox/service/workbench/run-service --only-deps
+RUN sudo -u arvbox /var/lib/arvbox/service/doc/run-service --only-deps
+RUN sudo -u arvbox /var/lib/arvbox/service/vm/run-service --only-deps
+RUN sudo -u arvbox /var/lib/arvbox/service/sdk/run-service
diff --git a/lib/arvbox/docker/Dockerfile.dev b/lib/arvbox/docker/Dockerfile.dev
index 408e2de..5ec73bb 100644
--- a/lib/arvbox/docker/Dockerfile.dev
+++ b/lib/arvbox/docker/Dockerfile.dev
@@ -10,4 +10,4 @@ RUN set -e && \
  tar -C /usr/local -xjf /tmp/$PJS.tar.bz2 && \
  ln -s ../$PJS/bin/phantomjs /usr/local/bin/
 
-RUN mkdir /etc/test-service && ln -sf /usr/local/lib/arvbox/service/postgres /etc/test-service
+RUN mkdir /etc/test-service && ln -sf /var/lib/arvbox/service/postgres /etc/test-service
diff --git a/lib/arvbox/docker/tests-service/docker b/lib/arvbox/docker/tests-service/docker
deleted file mode 120000
index 9374f25..0000000
--- a/lib/arvbox/docker/tests-service/docker
+++ /dev/null
@@ -1 +0,0 @@
-../service/docker
\ No newline at end of file
diff --git a/lib/arvbox/docker/tests-service/logger b/lib/arvbox/docker/tests-service/logger
deleted file mode 120000
index b30194b..0000000
--- a/lib/arvbox/docker/tests-service/logger
+++ /dev/null
@@ -1 +0,0 @@
-../service/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/tests-service/postgres b/lib/arvbox/docker/tests-service/postgres
deleted file mode 120000
index 9b2d8a0..0000000
--- a/lib/arvbox/docker/tests-service/postgres
+++ /dev/null
@@ -1 +0,0 @@
-../service/postgres
\ No newline at end of file
diff --git a/lib/arvbox/docker/tests-service/runsu.sh b/lib/arvbox/docker/tests-service/runsu.sh
deleted file mode 120000
index 22030b0..0000000
--- a/lib/arvbox/docker/tests-service/runsu.sh
+++ /dev/null
@@ -1 +0,0 @@
-../service/runsu.sh
\ No newline at end of file

commit 4785b536f9ddfcf37605465264ab9ab22efa92d2
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Mon Feb 15 16:37:00 2016 -0500

    Explicitly install Docker 1.9.1 instead of using get.dockerproject.org (which gets the latest). no issue #

diff --git a/lib/arvbox/docker/Dockerfile.base b/lib/arvbox/docker/Dockerfile.base
index c0dc767..160afee 100644
--- a/lib/arvbox/docker/Dockerfile.base
+++ b/lib/arvbox/docker/Dockerfile.base
@@ -9,13 +9,21 @@ RUN apt-get update && \
     libpython-dev fuse libfuse-dev python-pip python-yaml \
     pkg-config libattr1-dev python-llfuse python-pycurl \
     libwww-perl libio-socket-ssl-perl libcrypt-ssleay-perl \
-    libjson-perl nginx gitolite3 lsof python-epydoc graphviz
+    libjson-perl nginx gitolite3 lsof python-epydoc graphviz \
+    apt-transport-https ca-certificates
 
-RUN curl -sSL https://get.docker.com/ | sh
 VOLUME /var/lib/docker
 VOLUME /var/log/nginx
 VOLUME /etc/ssl/private
 
+RUN apt-key adv --keyserver hkp://pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D || \
+    apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
+
+RUN mkdir -p /etc/apt/sources.list.d && \
+    echo deb https://apt.dockerproject.org/repo debian-jessie main > /etc/apt/sources.list.d/docker.list && \
+    apt-get update && \
+    DEBIAN_FRONTEND=noninteractive apt-get -yq install docker-engine=1.9.1-0~jessie
+
 RUN rm -rf /var/lib/postgresql && mkdir -p /var/lib/postgresql
 
 RUN cd /root && \
@@ -30,8 +38,8 @@ ADD crunch-setup.sh gitolite.rc \
     application_yml_override.py \
     /usr/local/lib/arvbox/
 
-ADD service/ /usr/local/lib/arvbox/service
-RUN rmdir /etc/service && ln -sf /usr/local/lib/arvbox/service /etc
+ADD service/ /var/lib/arvbox/service
+RUN rmdir /etc/service && ln -sf /var/lib/arvbox/service /etc
 
 # Start the supervisor.
 CMD ["/usr/local/bin/runsvinit"]

commit bba82c3bfbc6be4ee828f356c9bca4aba0280ee0
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Sat Feb 13 23:18:27 2016 -0500

    Add crunch-dispatch-local to arvbox.  no issue #

diff --git a/lib/arvbox/docker/service/crunch-dispatch-local/log/main/.gitstub b/lib/arvbox/docker/service/crunch-dispatch-local/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/crunch-dispatch-local/log/run b/lib/arvbox/docker/service/crunch-dispatch-local/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/crunch-dispatch-local/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/crunch-dispatch-local/run b/lib/arvbox/docker/service/crunch-dispatch-local/run
new file mode 120000
index 0000000..a388c8b
--- /dev/null
+++ b/lib/arvbox/docker/service/crunch-dispatch-local/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/crunch-dispatch-local/run-service b/lib/arvbox/docker/service/crunch-dispatch-local/run-service
new file mode 100755
index 0000000..211b438
--- /dev/null
+++ b/lib/arvbox/docker/service/crunch-dispatch-local/run-service
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+exec 2>&1
+set -eux -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+mkdir -p /var/lib/arvados/gostuff
+cd /var/lib/arvados/gostuff
+
+export GOPATH=$PWD
+mkdir -p "$GOPATH/src/git.curoverse.com"
+ln -sfn "/usr/src/arvados" "$GOPATH/src/git.curoverse.com/arvados.git"
+flock /var/lib/arvados/gostuff.lock go get -t "git.curoverse.com/arvados.git/services/crunch-run"
+flock /var/lib/arvados/gostuff.lock go get -t "git.curoverse.com/arvados.git/services/crunch-dispatch-local"
+install bin/crunch-run bin/crunch-dispatch-local /usr/local/bin
+
+export ARVADOS_API_HOST=$localip:${services[api]}
+export ARVADOS_API_HOST_INSECURE=1
+export ARVADOS_API_TOKEN=$(cat /var/lib/arvados/superuser_token)
+
+exec /usr/local/bin/crunch-dispatch-local -crunch-run-command=/usr/local/bin/crunch-run

commit 311ea6f113bf7c9c6e35b573ef808d754dd361bb
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Fri Feb 12 15:14:01 2016 -0500

    Add arvbox support for overriding settings in application.yml
    no issue #

diff --git a/README.md b/README.md
index 9ced1d1..8098686 100644
--- a/README.md
+++ b/README.md
@@ -46,6 +46,11 @@ are bind mounted from the host file system for easy access and persistence
 across container rebuilds.  Services are bound to the Docker container's
 network IP address and can only be accessed on the local host.
 
+In "dev" mode, you can override the default autogenerated settings of Rails
+projects by adding "application.yml.override" to any Rails project (sso, api,
+workbench).  This can be used to test out API server settings or point
+Workbench at an alternate API server.
+
 ### localdemo
 Demo configuration.  Boots a complete Arvados environment inside the container.
 Unlike the development configuration, code directories are included in the demo
diff --git a/bin/arvbox b/bin/arvbox
index d60c354..10fac0d 100755
--- a/bin/arvbox
+++ b/bin/arvbox
@@ -196,7 +196,7 @@ run() {
                    WORKSPACE=/usr/src/arvados \
                    GEM_HOME=/var/lib/gems \
                    "$@"
-        else
+        elif echo "$1" | grep 'dev$' ; then
             docker run \
                    --detach \
                    --name=$ARVBOX_CONTAINER \
@@ -212,6 +212,8 @@ run() {
             updateconf
             wait_for_arvbox
             echo "The Arvados source code is checked out at: $ARVADOS_ROOT"
+        else
+            echo "Unknown configuration '$1'"
         fi
     fi
 }
@@ -348,15 +350,18 @@ case "$subcmd" in
         fi
         ;;
 
-    log|svrestart)
+    log)
         if test -n "$1" ; then
-            if test "$subcmd" = log ; then
-                docker exec -ti $ARVBOX_CONTAINER /usr/bin/env TERM=$TERM less --follow-name +GF "/etc/service/$1/log/main/current"
-            fi
-            if test "$subcmd" = svrestart ; then
-                docker exec -ti $ARVBOX_CONTAINER sv restart "$1"
-                docker exec -ti $ARVBOX_CONTAINER sv restart ready
-            fi
+            docker exec -ti $ARVBOX_CONTAINER /usr/bin/env TERM=$TERM less --follow-name +GF "/etc/service/$1/log/main/current"
+        else
+            docker exec -ti $ARVBOX_CONTAINER /usr/bin/env TERM=$TERM tail $(docker exec -ti $ARVBOX_CONTAINER find -L /etc -path '/etc/service/*/log/main/current' -printf " %p")
+        fi
+        ;;
+
+    svrestart)
+        if test -n "$1" ; then
+            docker exec -ti $ARVBOX_CONTAINER sv restart "$1"
+            docker exec -ti $ARVBOX_CONTAINER sv restart ready
         else
             echo "Usage: $0 $subcmd <service>"
             echo "Available services:"
diff --git a/lib/arvbox/docker/Dockerfile.base b/lib/arvbox/docker/Dockerfile.base
index 108ed53..c0dc767 100644
--- a/lib/arvbox/docker/Dockerfile.base
+++ b/lib/arvbox/docker/Dockerfile.base
@@ -6,7 +6,7 @@ RUN apt-get update && \
     ruby rake bundler curl libpq-dev \
     libcurl4-openssl-dev libssl-dev zlib1g-dev libpcre3-dev \
     openssh-server python-setuptools netcat-traditional \
-    libpython-dev fuse libfuse-dev python-pip \
+    libpython-dev fuse libfuse-dev python-pip python-yaml \
     pkg-config libattr1-dev python-llfuse python-pycurl \
     libwww-perl libio-socket-ssl-perl libcrypt-ssleay-perl \
     libjson-perl nginx gitolite3 lsof python-epydoc graphviz
@@ -27,7 +27,9 @@ ADD fuse.conf /etc/
 ADD crunch-setup.sh gitolite.rc \
     keep-setup.sh common.sh createusers.sh \
     logger runsu.sh waitforpostgres.sh \
+    application_yml_override.py \
     /usr/local/lib/arvbox/
+
 ADD service/ /usr/local/lib/arvbox/service
 RUN rmdir /etc/service && ln -sf /usr/local/lib/arvbox/service /etc
 
diff --git a/lib/arvbox/docker/application_yml_override.py b/lib/arvbox/docker/application_yml_override.py
new file mode 100755
index 0000000..98a8e48
--- /dev/null
+++ b/lib/arvbox/docker/application_yml_override.py
@@ -0,0 +1,24 @@
+#!/usr/bin/env python
+
+import yaml
+
+try:
+    with open("application.yml.override") as f:
+        b = yaml.load(f)
+except IOError:
+    exit()
+
+with open("application.yml") as f:
+    a = yaml.load(f)
+
+def recursiveMerge(a, b):
+    if isinstance(a, dict) and isinstance(b, dict):
+        for k in b:
+            print k
+            a[k] = recursiveMerge(a.get(k), b[k])
+        return a
+    else:
+        return b
+
+with open("application.yml", "w") as f:
+    yaml.dump(recursiveMerge(a, b), f)
diff --git a/lib/arvbox/docker/service/api/run-service b/lib/arvbox/docker/service/api/run-service
index 530a039..058939c 100755
--- a/lib/arvbox/docker/service/api/run-service
+++ b/lib/arvbox/docker/service/api/run-service
@@ -64,6 +64,8 @@ development:
   default_collection_replication: 1
 EOF
 
+(cd config && /usr/local/lib/arvbox/application_yml_override.py)
+
 if ! test -f /var/lib/arvados/api_database_pw ; then
     ruby -e 'puts rand(2**128).to_s(36)' > /var/lib/arvados/api_database_pw
 fi
diff --git a/lib/arvbox/docker/service/sso/run-service b/lib/arvbox/docker/service/sso/run-service
index 2f501a4..da413e0 100755
--- a/lib/arvbox/docker/service/sso/run-service
+++ b/lib/arvbox/docker/service/sso/run-service
@@ -39,6 +39,8 @@ development:
   allow_account_registration: true
 EOF
 
+(cd config && /usr/local/lib/arvbox/application_yml_override.py)
+
 if ! test -f /var/lib/arvados/sso_database_pw ; then
     ruby -e 'puts rand(2**128).to_s(36)' > /var/lib/arvados/sso_database_pw
 fi
diff --git a/lib/arvbox/docker/service/workbench/run-service b/lib/arvbox/docker/service/workbench/run-service
index 7f0542f..850022a 100755
--- a/lib/arvbox/docker/service/workbench/run-service
+++ b/lib/arvbox/docker/service/workbench/run-service
@@ -36,3 +36,5 @@ development:
   keep_web_url: http://$localip:${services[keep-web]}/c=%{uuid_or_pdh}
   arvados_docsite: http://$localip:${services[doc]}/
 EOF
+
+(cd config && /usr/local/lib/arvbox/application_yml_override.py)

commit 290dfcf6e6f8c72b86a8a75e64cba32c5e7075fa
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Thu Jan 28 14:55:29 2016 -0500

    Use volumes for /var/log/nginx and /etc/ssl/private so that changing ownership
    sticks. refs #8080

diff --git a/lib/arvbox/docker/Dockerfile.base b/lib/arvbox/docker/Dockerfile.base
index cdbface..108ed53 100644
--- a/lib/arvbox/docker/Dockerfile.base
+++ b/lib/arvbox/docker/Dockerfile.base
@@ -13,6 +13,8 @@ RUN apt-get update && \
 
 RUN curl -sSL https://get.docker.com/ | sh
 VOLUME /var/lib/docker
+VOLUME /var/log/nginx
+VOLUME /etc/ssl/private
 
 RUN rm -rf /var/lib/postgresql && mkdir -p /var/lib/postgresql
 
diff --git a/lib/arvbox/docker/createusers.sh b/lib/arvbox/docker/createusers.sh
index 4a8abfd..b77c9c2 100755
--- a/lib/arvbox/docker/createusers.sh
+++ b/lib/arvbox/docker/createusers.sh
@@ -21,21 +21,12 @@ if ! grep "^arvbox:" /etc/passwd >/dev/null 2>/dev/null ; then
     useradd --groups docker,fuse crunch
 
     chown arvbox:arvbox -R /usr/local /var/lib/arvados /var/lib/gems \
-          /var/lib/passenger /var/lib/postgresql /etc/ssl/private
+          /var/lib/passenger /var/lib/postgresql \
+          /var/lib/nginx /var/log/nginx /etc/ssl/private
 
     mkdir -p /var/lib/gems/ruby/2.1.0
     chown arvbox:arvbox -R /var/lib/gems/ruby/2.1.0
 
-    chown arvbox:arvbox -R /var/lib/nginx
-
-    # There's something weird about /var/log/nginx that prevents a non-root
-    # arvbox user from writing to it, even after the ownership has been
-    # changed.  As a workaround, delete it and recreate it.
-
-    rm -r /var/log/nginx
-    mkdir -p /var/log/nginx
-    chown arvbox:arvbox -R /var/log/nginx
-
     mkdir -p /tmp/crunch0 /tmp/crunch1
     chown crunch:crunch -R /tmp/crunch0 /tmp/crunch1
 

commit 80438258da621451d461ed64dd1dfc00e32a0fa7
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Thu Jan 28 14:22:23 2016 -0500

    Arvbox fixes: use 'postgres' database when testing if a user exists.  Copy
    gitolite.rc to the right place.  Print out what is being deleted when using
    "reset" or "destroy". refs #8080

diff --git a/bin/arvbox b/bin/arvbox
index 4f1d94a..d60c354 100755
--- a/bin/arvbox
+++ b/bin/arvbox
@@ -325,6 +325,7 @@ case "$subcmd" in
                     echo "Use destroy -f if you really mean it."
                     exit 1
                 fi
+                set -x
                 rm -rf "$ARVBOX_DATA"
             else
                 if test "$1" != -f ; then
@@ -333,6 +334,7 @@ case "$subcmd" in
                     echo "Use reset -f if you really mean it."
                     exit 1
                 fi
+                set -x
                 rm -rf "$ARVBOX_DATA/postgres"
                 rm -rf "$ARVBOX_DATA/var"
             fi
@@ -341,6 +343,7 @@ case "$subcmd" in
                 echo "WARNING!  This will delete your data container $ARVBOX_CONTAINER-data.  Use -f if you really mean it."
                 exit 1
             fi
+            set -x
             docker rm "$ARVBOX_CONTAINER-data"
         fi
         ;;
diff --git a/lib/arvbox/docker/service/api/run-service b/lib/arvbox/docker/service/api/run-service
index 31f90d1..530a039 100755
--- a/lib/arvbox/docker/service/api/run-service
+++ b/lib/arvbox/docker/service/api/run-service
@@ -69,9 +69,9 @@ if ! test -f /var/lib/arvados/api_database_pw ; then
 fi
 database_pw=$(cat /var/lib/arvados/api_database_pw)
 
-if ! (psql -c "\du" | grep "^ arvados ") >/dev/null ; then
-    psql -c "create user arvados with password '$database_pw'"
-    psql -c "ALTER USER arvados CREATEDB;"
+if ! (psql postgres -c "\du" | grep "^ arvados ") >/dev/null ; then
+    psql postgres -c "create user arvados with password '$database_pw'"
+    psql postgres -c "ALTER USER arvados CREATEDB;"
 fi
 
 sed "s/password:.*/password: $database_pw/" <config/database.yml.example >config/database.yml
diff --git a/lib/arvbox/docker/service/gitolite/run-service b/lib/arvbox/docker/service/gitolite/run-service
index 8e6cb0e..e0e8771 100755
--- a/lib/arvbox/docker/service/gitolite/run-service
+++ b/lib/arvbox/docker/service/gitolite/run-service
@@ -40,7 +40,7 @@ if ! test -f /var/lib/arvados/gitolite-setup ; then
     ssh -o stricthostkeychecking=no git at localhost true
     rm .ssh/authorized_keys
 
-    cp -r /usr/local/lib/arvbox/gitolite.rc .
+    cp /usr/local/lib/arvbox/gitolite.rc .gitolite.rc
 
     gitolite setup -pk .ssh/id_rsa.pub
 
diff --git a/lib/arvbox/docker/service/postgres/run-service b/lib/arvbox/docker/service/postgres/run-service
index ecb0aa6..a05be62 100755
--- a/lib/arvbox/docker/service/postgres/run-service
+++ b/lib/arvbox/docker/service/postgres/run-service
@@ -5,7 +5,7 @@ set -eux -o pipefail
 
 if ! test -d /var/lib/postgresql/9.4/main ; then
     /usr/lib/postgresql/9.4/bin/initdb -D /var/lib/postgresql/9.4/main
-    sh -c "while ! (psql -c'\du' | grep '^ arvbox ') >/dev/null ; do createuser -s arvbox ; sleep 1 ; done" &
+    sh -c "while ! (psql postgres -c'\du' | grep '^ arvbox ') >/dev/null ; do createuser -s arvbox ; sleep 1 ; done" &
 fi
 mkdir -p /var/run/postgresql/9.4-main.pg_stat_tmp
 
diff --git a/lib/arvbox/docker/service/sso/run-service b/lib/arvbox/docker/service/sso/run-service
index 8a96d47..2f501a4 100755
--- a/lib/arvbox/docker/service/sso/run-service
+++ b/lib/arvbox/docker/service/sso/run-service
@@ -44,9 +44,9 @@ if ! test -f /var/lib/arvados/sso_database_pw ; then
 fi
 database_pw=$(cat /var/lib/arvados/sso_database_pw)
 
-if ! (psql -c "\du" | grep "^ arvados_sso ") >/dev/null ; then
-    psql -c "create user arvados_sso with password '$database_pw'"
-    psql -c "ALTER USER arvados_sso CREATEDB;"
+if ! (psql postgres -c "\du" | grep "^ arvados_sso ") >/dev/null ; then
+    psql postgres -c "create user arvados_sso with password '$database_pw'"
+    psql postgres -c "ALTER USER arvados_sso CREATEDB;"
 fi
 
 sed "s/password:.*/password: $database_pw/" <config/database.yml.example >config/database.yml
diff --git a/lib/arvbox/docker/waitforpostgres.sh b/lib/arvbox/docker/waitforpostgres.sh
index a07fa8c..84d9904 100755
--- a/lib/arvbox/docker/waitforpostgres.sh
+++ b/lib/arvbox/docker/waitforpostgres.sh
@@ -1,4 +1,4 @@
 #!/bin/sh
-while ! psql -c\\du >/dev/null 2>/dev/null ; do
+while ! psql postgres -c\\du >/dev/null 2>/dev/null ; do
     sleep 1
 done

commit 98006086761059dedf7ba35f8bbb468a74aa709d
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Wed Jan 27 16:40:53 2016 -0500

    chown /etc/ssl/private to arvbox refs #8080

diff --git a/lib/arvbox/docker/createusers.sh b/lib/arvbox/docker/createusers.sh
index 1e6c95d..4a8abfd 100755
--- a/lib/arvbox/docker/createusers.sh
+++ b/lib/arvbox/docker/createusers.sh
@@ -20,7 +20,8 @@ if ! grep "^arvbox:" /etc/passwd >/dev/null 2>/dev/null ; then
     useradd --home-dir /var/lib/arvados/git --uid $HOSTUID --gid $HOSTGID --non-unique git
     useradd --groups docker,fuse crunch
 
-    chown arvbox:arvbox -R /usr/local /var/lib/arvados /var/lib/gems /var/lib/passenger /var/lib/postgresql
+    chown arvbox:arvbox -R /usr/local /var/lib/arvados /var/lib/gems \
+          /var/lib/passenger /var/lib/postgresql /etc/ssl/private
 
     mkdir -p /var/lib/gems/ruby/2.1.0
     chown arvbox:arvbox -R /var/lib/gems/ruby/2.1.0

commit 0bf166a618c7dafcffa3cf0602dc7f09f521e3b7
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Mon Jan 25 12:14:44 2016 -0500

    Fix markdown for arvbox README.md refs #8080

diff --git a/README.md b/README.md
index cdb3914..9ced1d1 100644
--- a/README.md
+++ b/README.md
@@ -4,10 +4,13 @@ Self-contained development, demonstration and testing environment for Arvados.
 
 ## Quick start
 
+```
 $ bin/arvbox reboot localdemo
+```
 
 ## Usage
 
+```
 Arvados-in-a-box
 
 arvbox (build|start|run|open|shell|ip|stop|reboot|reset|destroy|log|svrestart)
@@ -25,12 +28,13 @@ destroy    delete all arvbox code and data (be careful!)
 log       <service> tail log of specified service
 svrestart <service> restart specified service inside arvbox
 clone <from> <to>   clone an arvbox
+```
 
 ## Requirements
 
-Linux 3.x+ and Docker 1.9+
-Minimum of 3 GiB of RAM  + additional memory to run jobs
-Minimum of 3 GiB of disk + storage for actual data
+* Linux 3.x+ and Docker 1.9+
+* Minimum of 3 GiB of RAM  + additional memory to run jobs
+* Minimum of 3 GiB of disk + storage for actual data
 
 ## Configs
 

commit b99400a619d1f78d74b1a7564f00e18ea8efd251
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Mon Jan 25 10:34:02 2016 -0500

    Add "status" command, refs #8080

diff --git a/bin/arvbox b/bin/arvbox
index 284f0ef..4f1d94a 100755
--- a/bin/arvbox
+++ b/bin/arvbox
@@ -299,6 +299,23 @@ case "$subcmd" in
         fi
         ;;
 
+    status)
+        echo "Selected: $ARVBOX_CONTAINER"
+        if docker ps -a --filter "status=running" | grep -E "$ARVBOX_CONTAINER$" -q ; then
+            echo "Status: running"
+            echo "IP: $(getip)"
+        else
+            echo "Status: not running"
+        fi
+        if test -d "$ARVBOX_DATA" ; then
+            echo "Data: $ARVBOX_DATA"
+        elif docker ps -a | grep -E "$ARVBOX_CONTAINER-data$" -q ; then
+            echo "Data: $ARVBOX_CONTAINER-data"
+        else
+            echo "Data: none"
+        fi
+        ;;
+
     reset|destroy)
         stop
         if test -d "$ARVBOX_DATA" ; then
@@ -365,6 +382,7 @@ case "$subcmd" in
         echo "open       open arvbox workbench in a web browser"
         echo "shell      enter arvbox shell"
         echo "ip         print arvbox ip address"
+        echo "status     print some information about current arvbox"
         echo "stop       stop arvbox container"
         echo "restart <config>  stop, then run again"
         echo "reboot  <config>  stop, build arvbox Docker image, run"

commit 486acacdac6d3281429ced13245e34f34164b97d
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Mon Jan 25 10:21:22 2016 -0500

    Just create arvbox superuser instead of creating a whole useless database.
    Check directly whether creating the arvbox is required. refs #8080

diff --git a/lib/arvbox/docker/service/postgres/run-service b/lib/arvbox/docker/service/postgres/run-service
index dd2eb1a..ecb0aa6 100755
--- a/lib/arvbox/docker/service/postgres/run-service
+++ b/lib/arvbox/docker/service/postgres/run-service
@@ -5,7 +5,7 @@ set -eux -o pipefail
 
 if ! test -d /var/lib/postgresql/9.4/main ; then
     /usr/lib/postgresql/9.4/bin/initdb -D /var/lib/postgresql/9.4/main
-    sh -c "while ! psql -c'\du' >/dev/null 2>/dev/null ; do createdb ; sleep 1 ; done" &
+    sh -c "while ! (psql -c'\du' | grep '^ arvbox ') >/dev/null ; do createuser -s arvbox ; sleep 1 ; done" &
 fi
 mkdir -p /var/run/postgresql/9.4-main.pg_stat_tmp
 

commit 4843665bfc63727b3a3944cf8135f6539de9918d
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Wed Jan 20 12:10:26 2016 -0500

    Document some arvbox hw/sw requirements refs #8080

diff --git a/README.md b/README.md
index b4a9c25..cdb3914 100644
--- a/README.md
+++ b/README.md
@@ -26,6 +26,11 @@ log       <service> tail log of specified service
 svrestart <service> restart specified service inside arvbox
 clone <from> <to>   clone an arvbox
 
+## Requirements
+
+Linux 3.x+ and Docker 1.9+
+Minimum of 3 GiB of RAM  + additional memory to run jobs
+Minimum of 3 GiB of disk + storage for actual data
 
 ## Configs
 

commit bbc1ea28d200cbc79a45868a888c7c039c6f52dc
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Wed Jan 20 11:43:10 2016 -0500

    Enable arvbox user to sudo to crunch user.  refs #8080

diff --git a/lib/arvbox/docker/createusers.sh b/lib/arvbox/docker/createusers.sh
index cc7e11f..1e6c95d 100755
--- a/lib/arvbox/docker/createusers.sh
+++ b/lib/arvbox/docker/createusers.sh
@@ -37,4 +37,6 @@ if ! grep "^arvbox:" /etc/passwd >/dev/null 2>/dev/null ; then
 
     mkdir -p /tmp/crunch0 /tmp/crunch1
     chown crunch:crunch -R /tmp/crunch0 /tmp/crunch1
+
+    echo "arvbox    ALL=(crunch) NOPASSWD: ALL" >> /etc/sudoers
 fi

commit b7be9ca88d0b396471fa39cf3d514914046d0038
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Wed Jan 20 10:38:43 2016 -0500

    Fix gitolite-shell path refs #8080

diff --git a/lib/arvbox/docker/service/arv-git-httpd/run-service b/lib/arvbox/docker/service/arv-git-httpd/run-service
index 7bd6a7c..854464e 100755
--- a/lib/arvbox/docker/service/arv-git-httpd/run-service
+++ b/lib/arvbox/docker/service/arv-git-httpd/run-service
@@ -23,5 +23,5 @@ cd ~git
 
 exec /usr/local/bin/arv-git-httpd \
      -address=:${services[arv-git-httpd]} \
-     -git-command=/var/lib/arvados/git/gitolite/src/gitolite-shell \
+     -git-command=/usr/share/gitolite3/gitolite-shell \
      -repo-root=/var/lib/arvados/git/repositories

commit e78db692cc81900b0ac5c522a3903f6baf894c3c
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Tue Jan 19 13:09:31 2016 -0500

    Merge branch '8080-arvbox' closes #8080

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..b4a9c25
--- /dev/null
+++ b/README.md
@@ -0,0 +1,107 @@
+# Arvados-in-a-box
+
+Self-contained development, demonstration and testing environment for Arvados.
+
+## Quick start
+
+$ bin/arvbox reboot localdemo
+
+## Usage
+
+Arvados-in-a-box
+
+arvbox (build|start|run|open|shell|ip|stop|reboot|reset|destroy|log|svrestart)
+
+build <config>      build arvbox Docker image
+start|run <config>  start arvbox container
+open       open arvbox workbench in a web browser
+shell      enter arvbox shell
+ip         print arvbox ip address
+stop       stop arvbox container
+restart <config>  stop, then run again
+reboot  <config>  stop, build arvbox Docker image, run
+reset      delete arvbox arvados data (be careful!)
+destroy    delete all arvbox code and data (be careful!)
+log       <service> tail log of specified service
+svrestart <service> restart specified service inside arvbox
+clone <from> <to>   clone an arvbox
+
+
+## Configs
+
+### dev
+Development configuration.  Boots a complete Arvados environment inside the
+container.  The "arvados", "arvado-dev" and "sso-devise-omniauth-provider" code
+directories along data directories "postgres", "var", "passenger" and "gems"
+are bind mounted from the host file system for easy access and persistence
+across container rebuilds.  Services are bound to the Docker container's
+network IP address and can only be accessed on the local host.
+
+### localdemo
+Demo configuration.  Boots a complete Arvados environment inside the container.
+Unlike the development configuration, code directories are included in the demo
+image, and data directories are stored in a separate data volume container.
+Services are bound to the Docker container's network IP address and can only be
+accessed on the local host.
+
+### test
+Run the test suite.
+
+### publicdev
+Publicly accessible development configuration.  Similar to 'dev' except that
+service ports are published to the host's IP address and can accessed by anyone
+who can connect to the host system.  WARNING! The public arvbox configuration
+is NOT SECURE and must not be placed on a public IP address or used for
+production work.
+
+### publicdemo
+Publicly accessible development configuration.  Similar to 'localdemo' except
+that service ports are published to the host's IP address and can accessed by
+anyone who can connect to the host system.  WARNING! The public arvbox configuration
+is NOT SECURE and must not be placed on a public IP address or used for
+production work.
+
+## Environment variables
+
+### ARVBOX_DOCKER
+The location of Dockerfile.base and associated files used by "arvbox build".
+default: result of $(readlink -f $(dirname $0)/../lib/arvbox/docker)
+
+### ARVBOX_CONTAINER
+The name of the Docker container to manipulate.
+default: arvbox
+
+### ARVBOX_BASE
+The base directory to store persistent data for arvbox containers.
+default: $HOME/.arvbox
+
+### ARVBOX_DATA
+The base directory to store persistent data for the current container.
+default: $ARVBOX_BASE/$ARVBOX_CONTAINER
+
+### ARVADOS_ROOT
+The root directory of the Arvados source tree
+default: $ARVBOX_DATA/arvados
+
+### ARVADOS_DEV_ROOT
+The root directory of the Arvados-dev source tree
+default: $ARVBOX_DATA/arvados-dev
+
+### SSO_ROOT
+The root directory of the SSO source tree
+default: $ARVBOX_DATA/sso-devise-omniauth-provider
+
+### ARVBOX_PUBLISH_IP
+The IP address on which to publish services when running in public
+configuration.  Overrides default detection of the host's IP address.
+
+## Notes
+
+Services are designed to install and auto-configure on start or restart.  For
+example, the service script for keepstore always compiles keepstore from source
+and registers the daemon with the API server.
+
+Services are run with process supervision, so a service which exits will be
+restarted.  Dependencies between services are handled by repeatedly trying and
+failing the service script until dependencies are fulfilled (by other service
+scripts) enabling the service script to complete.
diff --git a/bin/arvbox b/bin/arvbox
new file mode 100755
index 0000000..284f0ef
--- /dev/null
+++ b/bin/arvbox
@@ -0,0 +1,377 @@
+#!/bin/sh
+
+set -e
+
+if ! test -d /sys/fs/cgroup ; then
+     echo "Arvbox requires cgroups to be mounted at /sys/fs/cgroup in order to use"
+     echo "Docker-in-Docker.  Older operating systems that put cgroups in other"
+     echo "places (such as /cgroup) are not supported."
+     exit 1
+fi
+
+if ! which docker >/dev/null 2>/dev/null ; then
+  echo "Arvbox requires Docker.  To install, run the following command as root:"
+  echo "curl -sSL https://get.docker.com/ | sh"
+  exit 1
+fi
+
+if test -z "$ARVBOX_DOCKER" ; then
+    if which greadlink >/dev/null 2>/dev/null ; then
+        ARVBOX_DOCKER=$(greadlink -f $(dirname $0)/../lib/arvbox/docker)
+    else
+        ARVBOX_DOCKER=$(readlink -f $(dirname $0)/../lib/arvbox/docker)
+    fi
+fi
+
+if test -z "$ARVBOX_CONTAINER" ; then
+    ARVBOX_CONTAINER=arvbox
+fi
+
+if test -z "$ARVBOX_BASE" ; then
+    ARVBOX_BASE="$HOME/.arvbox"
+fi
+
+if test -z "$ARVBOX_DATA" ; then
+    ARVBOX_DATA="$ARVBOX_BASE/$ARVBOX_CONTAINER"
+fi
+
+if test -z "$ARVADOS_ROOT" ; then
+    ARVADOS_ROOT="$ARVBOX_DATA/arvados"
+fi
+
+if test -z "$ARVADOS_DEV_ROOT" ; then
+    ARVADOS_DEV_ROOT="$ARVBOX_DATA/arvados-dev"
+fi
+
+if test -z "$SSO_ROOT" ; then
+    SSO_ROOT="$ARVBOX_DATA/sso-devise-omniauth-provider"
+fi
+
+PG_DATA="$ARVBOX_DATA/postgres"
+VAR_DATA="$ARVBOX_DATA/var"
+PASSENGER="$ARVBOX_DATA/passenger"
+GEMS="$ARVBOX_DATA/gems"
+
+getip() {
+    docker inspect $ARVBOX_CONTAINER | grep \"IPAddress\" | head -n1 | tr -d ' ":,\n' | cut -c10-
+}
+
+updateconf() {
+    if test -f ~/.config/arvados/$ARVBOX_CONTAINER.conf ; then
+        sed "s/ARVADOS_API_HOST=.*/ARVADOS_API_HOST=$(getip):8000/" <$HOME/.config/arvados/$ARVBOX_CONTAINER.conf >$HOME/.config/arvados/$ARVBOX_CONTAINER.conf.tmp
+        mv ~/.config/arvados/$ARVBOX_CONTAINER.conf.tmp ~/.config/arvados/$ARVBOX_CONTAINER.conf
+    else
+        mkdir -p $HOME/.config/arvados
+        cat >$HOME/.config/arvados/$ARVBOX_CONTAINER.conf <<EOF
+ARVADOS_API_HOST=$(getip):8000
+ARVADOS_API_TOKEN=
+ARVADOS_API_HOST_INSECURE=true
+EOF
+    fi
+}
+
+wait_for_arvbox() {
+    FF=/tmp/arvbox-fifo-$$
+    mkfifo $FF
+    docker logs -f $ARVBOX_CONTAINER > $FF &
+    LOGPID=$!
+    while read line ; do
+        echo $line
+        if echo $line | grep "Workbench is running at" >/dev/null ; then
+            kill $LOGPID
+        fi
+    done < $FF
+    rm $FF
+    echo
+    if test -n "$localip" ; then
+        echo "export ARVADOS_API_HOST=$localip:8000"
+    else
+        echo "export ARVADOS_API_HOST=$(getip):8000"
+    fi
+}
+
+run() {
+    if docker ps -a | grep -E "$ARVBOX_CONTAINER$" -q ; then
+        echo "Container $ARVBOX_CONTAINER is already running, use stop, restart or reboot"
+        exit 0
+    fi
+
+    if echo "$1" | grep '^public' ; then
+        if test -n "$ARVBOX_PUBLISH_IP" ; then
+            localip=$ARVBOX_PUBLISH_IP
+        else
+            defaultdev=$(/sbin/ip route|awk '/default/ { print $5 }')
+            localip=$(ip addr show $defaultdev | grep 'inet ' | sed 's/ *inet \(.*\)\/.*/\1/')
+        fi
+        iptemp=$(tempfile)
+        echo $localip > $iptemp
+        chmod og+r $iptemp
+        PUBLIC="--volume=$iptemp:/var/run/localip_override
+              --publish=80:80
+              --publish=8000:8000
+              --publish=8900:8900
+              --publish=9001:9001
+              --publish=9002:9002
+              --publish=25100:25100
+              --publish=25107:25107
+              --publish=25108:25108
+              --publish=8001:8001"
+    else
+        PUBLIC=""
+    fi
+
+    if echo "$1" | grep 'demo$' ; then
+        if test -d "$ARVBOX_DATA" ; then
+            echo "It looks like you already have a development container named $ARVBOX_CONTAINER."
+            echo "Set ARVBOX_CONTAINER to set a different name for your demo container"
+            exit 1
+        fi
+
+        if ! (docker ps -a | grep -E "$ARVBOX_CONTAINER-data$" -q) ; then
+            docker create -v /var/lib/postgresql -v /var/lib/arvados --name $ARVBOX_CONTAINER-data arvados/arvbox-demo /bin/true
+        fi
+
+        docker run \
+               --detach \
+               --name=$ARVBOX_CONTAINER \
+               --privileged \
+               --volumes-from $ARVBOX_CONTAINER-data \
+               $PUBLIC \
+               arvados/arvbox-demo
+        updateconf
+        wait_for_arvbox
+    else
+        mkdir -p "$PG_DATA" "$VAR_DATA" "$PASSENGER" "$GEMS"
+
+        if ! test -d "$ARVADOS_ROOT" ; then
+            git clone https://github.com/curoverse/arvados.git "$ARVADOS_ROOT"
+        fi
+        if ! test -d "$SSO_ROOT" ; then
+            git clone https://github.com/curoverse/sso-devise-omniauth-provider.git "$SSO_ROOT"
+        fi
+
+        if test "$1" = test ; then
+            shift
+
+            if ! test -d "$ARVADOS_DEV_ROOT" ; then
+                git clone https://github.com/curoverse/arvados-dev.git "$ARVADOS_DEV_ROOT"
+            fi
+
+            mkdir -p $VAR_DATA/test
+
+            docker run \
+                   --detach \
+                   --name=$ARVBOX_CONTAINER \
+                   --privileged \
+                   "--volume=$ARVADOS_ROOT:/usr/src/arvados:rw" \
+                   "--volume=$ARVADOS_DEV_ROOT:/usr/src/arvados-dev:rw" \
+                   "--volume=$SSO_ROOT:/usr/src/sso:rw" \
+                   "--volume=$PG_DATA:/var/lib/postgresql:rw" \
+                   "--volume=$VAR_DATA:/var/lib/arvados:rw" \
+                   "--volume=$PASSENGER:/var/lib/passenger:rw" \
+                   "--volume=$GEMS:/var/lib/gems:rw" \
+                   arvados/arvbox-dev \
+                   /usr/local/bin/runsvinit -svdir=/etc/test-service
+
+            docker exec -ti \
+                    $ARVBOX_CONTAINER \
+                    /usr/local/lib/arvbox/runsu.sh \
+                    /usr/local/lib/arvbox/waitforpostgres.sh
+
+            docker exec -ti \
+                   $ARVBOX_CONTAINER \
+                   /usr/local/lib/arvbox/runsu.sh \
+                   /usr/local/lib/arvbox/service/sso/run-service --only-setup
+
+            docker exec -ti \
+                   $ARVBOX_CONTAINER \
+                   /usr/local/lib/arvbox/runsu.sh \
+                   /usr/local/lib/arvbox/service/api/run-service --only-setup
+
+            docker exec -ti \
+                   $ARVBOX_CONTAINER \
+                   /usr/local/lib/arvbox/runsu.sh \
+                   /usr/src/arvados-dev/jenkins/run-tests.sh \
+                   --temp /var/lib/arvados/test \
+                   WORKSPACE=/usr/src/arvados \
+                   GEM_HOME=/var/lib/gems \
+                   "$@"
+        else
+            docker run \
+                   --detach \
+                   --name=$ARVBOX_CONTAINER \
+                   --privileged \
+                   "--volume=$ARVADOS_ROOT:/usr/src/arvados:rw" \
+                   "--volume=$SSO_ROOT:/usr/src/sso:rw" \
+                   "--volume=$PG_DATA:/var/lib/postgresql:rw" \
+                   "--volume=$VAR_DATA:/var/lib/arvados:rw" \
+                   "--volume=$PASSENGER:/var/lib/passenger:rw" \
+                   "--volume=$GEMS:/var/lib/gems:rw" \
+                   $PUBLIC \
+                   arvados/arvbox-dev
+            updateconf
+            wait_for_arvbox
+            echo "The Arvados source code is checked out at: $ARVADOS_ROOT"
+        fi
+    fi
+}
+
+stop() {
+    if docker ps -a --filter "status=running" | grep -E "$ARVBOX_CONTAINER$" -q ; then
+        docker stop $ARVBOX_CONTAINER
+    fi
+
+    VOLUMES=--volumes=true
+    if docker ps -a --filter "status=created" | grep -E "$ARVBOX_CONTAINER$" -q ; then
+        docker rm $VOLUMES $ARVBOX_CONTAINER
+    fi
+    if docker ps -a --filter "status=exited" | grep -E "$ARVBOX_CONTAINER$" -q ; then
+        docker rm $VOLUMES $ARVBOX_CONTAINER
+    fi
+}
+
+build() {
+    if ! test -f "$ARVBOX_DOCKER/Dockerfile.base" ;  then
+        echo "Could not find Dockerfile ($ARVBOX_DOCKER/Dockerfile.base)"
+        exit 1
+    fi
+    docker build -t arvados/arvbox-base -f "$ARVBOX_DOCKER/Dockerfile.base" "$ARVBOX_DOCKER"
+    if test "$1" = localdemo -o "$1" = publicdemo ; then
+        docker build -t arvados/arvbox-demo -f "$ARVBOX_DOCKER/Dockerfile.demo" "$ARVBOX_DOCKER"
+    else
+        docker build -t arvados/arvbox-dev -f "$ARVBOX_DOCKER/Dockerfile.dev" "$ARVBOX_DOCKER"
+    fi
+}
+
+check() {
+    case "$1" in
+        localdemo|publicdemo|dev|publicdev|test)
+            true
+            ;;
+        *)
+            echo "Argument to $subcmd must be one of localdemo, publicdemo, dev, publicdev, test"
+            exit 1
+        ;;
+    esac
+}
+
+subcmd="$1"
+if test -n "$subcmd" ; then
+    shift
+fi
+case "$subcmd" in
+    build)
+        check $@
+        build $@
+        ;;
+
+    start|run)
+        check $@
+        run $@
+        ;;
+
+    sh*)
+        docker exec -ti $ARVBOX_CONTAINER /usr/bin/env TERM=$TERM GEM_HOME=/var/lib/gems /bin/bash
+        ;;
+
+    stop)
+        stop
+        ;;
+
+    restart)
+        check $@
+        stop
+        run $@
+        ;;
+
+    reboot)
+        check $@
+        stop
+        build $@
+        run $@
+        ;;
+
+    ip|open)
+        if test "$subcmd" = 'ip' ; then
+            echo $(getip)
+        else
+            xdg-open http://$(getip)
+        fi
+        ;;
+
+    reset|destroy)
+        stop
+        if test -d "$ARVBOX_DATA" ; then
+            if test "$subcmd" = destroy ; then
+                if test "$1" != -f ; then
+                    echo "WARNING!  This will delete your entire arvbox ($ARVBOX_DATA)."
+                    echo "Use destroy -f if you really mean it."
+                    exit 1
+                fi
+                rm -rf "$ARVBOX_DATA"
+            else
+                if test "$1" != -f ; then
+                    echo "WARNING!  This will delete your arvbox data ($ARVBOX_DATA)."
+                    echo "Code and downloaded packages will be preserved."
+                    echo "Use reset -f if you really mean it."
+                    exit 1
+                fi
+                rm -rf "$ARVBOX_DATA/postgres"
+                rm -rf "$ARVBOX_DATA/var"
+            fi
+        else
+            if test "$1" != -f ; then
+                echo "WARNING!  This will delete your data container $ARVBOX_CONTAINER-data.  Use -f if you really mean it."
+                exit 1
+            fi
+            docker rm "$ARVBOX_CONTAINER-data"
+        fi
+        ;;
+
+    log|svrestart)
+        if test -n "$1" ; then
+            if test "$subcmd" = log ; then
+                docker exec -ti $ARVBOX_CONTAINER /usr/bin/env TERM=$TERM less --follow-name +GF "/etc/service/$1/log/main/current"
+            fi
+            if test "$subcmd" = svrestart ; then
+                docker exec -ti $ARVBOX_CONTAINER sv restart "$1"
+                docker exec -ti $ARVBOX_CONTAINER sv restart ready
+            fi
+        else
+            echo "Usage: $0 $subcmd <service>"
+            echo "Available services:"
+            docker exec -ti $ARVBOX_CONTAINER ls /etc/service
+        fi
+        ;;
+
+    clone)
+        if test -n "$2" ; then
+            cp -r "$ARVBOX_BASE/$1" "$ARVBOX_BASE/$2"
+            echo "Created new arvbox $2"
+            echo "export ARVBOX_CONTAINER=$2"
+        else
+            echo "clone <from> <to>   clone an arvbox"
+            echo "available arvboxes: $(ls $ARVBOX_BASE)"
+        fi
+        ;;
+
+    *)
+        echo "Arvados-in-a-box"
+        echo
+        echo "$(basename $0) (build|start|run|open|shell|ip|stop|reboot|reset|destroy|log|svrestart)"
+        echo
+        echo "build <config>      build arvbox Docker image"
+        echo "start|run <config>  start $ARVBOX_CONTAINER container"
+        echo "open       open arvbox workbench in a web browser"
+        echo "shell      enter arvbox shell"
+        echo "ip         print arvbox ip address"
+        echo "stop       stop arvbox container"
+        echo "restart <config>  stop, then run again"
+        echo "reboot  <config>  stop, build arvbox Docker image, run"
+        echo "reset      delete arvbox arvados data (be careful!)"
+        echo "destroy    delete all arvbox code and data (be careful!)"
+        echo "log       <service> tail log of specified service"
+        echo "svrestart <service> restart specified service inside arvbox"
+        echo "clone <from> <to>   clone an arvbox"
+        ;;
+esac
diff --git a/lib/arvbox/docker/Dockerfile.base b/lib/arvbox/docker/Dockerfile.base
new file mode 100644
index 0000000..cdbface
--- /dev/null
+++ b/lib/arvbox/docker/Dockerfile.base
@@ -0,0 +1,33 @@
+FROM debian:8
+
+RUN apt-get update && \
+    DEBIAN_FRONTEND=noninteractive apt-get -yq install \
+    postgresql-9.4 git gcc golang-go runit \
+    ruby rake bundler curl libpq-dev \
+    libcurl4-openssl-dev libssl-dev zlib1g-dev libpcre3-dev \
+    openssh-server python-setuptools netcat-traditional \
+    libpython-dev fuse libfuse-dev python-pip \
+    pkg-config libattr1-dev python-llfuse python-pycurl \
+    libwww-perl libio-socket-ssl-perl libcrypt-ssleay-perl \
+    libjson-perl nginx gitolite3 lsof python-epydoc graphviz
+
+RUN curl -sSL https://get.docker.com/ | sh
+VOLUME /var/lib/docker
+
+RUN rm -rf /var/lib/postgresql && mkdir -p /var/lib/postgresql
+
+RUN cd /root && \
+    GOPATH=$PWD go get github.com/curoverse/runsvinit && \
+    install bin/runsvinit /usr/local/bin
+
+ADD fuse.conf /etc/
+
+ADD crunch-setup.sh gitolite.rc \
+    keep-setup.sh common.sh createusers.sh \
+    logger runsu.sh waitforpostgres.sh \
+    /usr/local/lib/arvbox/
+ADD service/ /usr/local/lib/arvbox/service
+RUN rmdir /etc/service && ln -sf /usr/local/lib/arvbox/service /etc
+
+# Start the supervisor.
+CMD ["/usr/local/bin/runsvinit"]
diff --git a/lib/arvbox/docker/Dockerfile.demo b/lib/arvbox/docker/Dockerfile.demo
new file mode 100644
index 0000000..1085abc
--- /dev/null
+++ b/lib/arvbox/docker/Dockerfile.demo
@@ -0,0 +1,14 @@
+FROM arvados/arvbox-base
+
+RUN cd /usr/src && \
+    git clone https://github.com/curoverse/arvados.git && \
+    git clone https://github.com/curoverse/sso-devise-omniauth-provider.git sso
+
+RUN chown -R 1000:1000 /usr/src && /usr/local/lib/arvbox/createusers.sh
+
+RUN sudo -u arvbox /usr/local/lib/arvbox/service/sso/run-service --only-deps
+RUN sudo -u arvbox /usr/local/lib/arvbox/service/api/run-service --only-deps
+RUN sudo -u arvbox /usr/local/lib/arvbox/service/workbench/run-service --only-deps
+RUN sudo -u arvbox /usr/local/lib/arvbox/service/doc/run-service --only-deps
+RUN sudo -u arvbox /usr/local/lib/arvbox/service/vm/run-service --only-deps
+RUN sudo -u arvbox /usr/local/lib/arvbox/service/sdk/run-service
diff --git a/lib/arvbox/docker/Dockerfile.dev b/lib/arvbox/docker/Dockerfile.dev
new file mode 100644
index 0000000..408e2de
--- /dev/null
+++ b/lib/arvbox/docker/Dockerfile.dev
@@ -0,0 +1,13 @@
+FROM arvados/arvbox-base
+
+RUN apt-get update && \
+    DEBIAN_FRONTEND=noninteractive apt-get -yq install \
+    python-virtualenv python3-virtualenv linkchecker xvfb iceweasel
+
+RUN set -e && \
+ PJS=phantomjs-1.9.7-linux-x86_64 && \
+ curl -L -o/tmp/$PJS.tar.bz2 https://bitbucket.org/ariya/phantomjs/downloads/$PJS.tar.bz2 && \
+ tar -C /usr/local -xjf /tmp/$PJS.tar.bz2 && \
+ ln -s ../$PJS/bin/phantomjs /usr/local/bin/
+
+RUN mkdir /etc/test-service && ln -sf /usr/local/lib/arvbox/service/postgres /etc/test-service
diff --git a/lib/arvbox/docker/common.sh b/lib/arvbox/docker/common.sh
new file mode 100644
index 0000000..4c2de47
--- /dev/null
+++ b/lib/arvbox/docker/common.sh
@@ -0,0 +1,62 @@
+
+if test -s /var/run/localip_override ; then
+    localip=$(cat /var/run/localip_override)
+else
+    defaultdev=$(/sbin/ip route|awk '/default/ { print $5 }')
+    localip=$(ip addr show $defaultdev | grep 'inet ' | sed 's/ *inet \(.*\)\/.*/\1/')
+fi
+
+export GEM_HOME=/var/lib/gems
+export GEM_PATH=/var/lib/gems
+
+declare -A services
+services=(
+  [workbench]=80
+  [api]=8000
+  [sso]=8900
+  [arv-git-httpd]=9001
+  [keep-web]=9002
+  [keepproxy]=25100
+  [keepstore0]=25107
+  [keepstore1]=25108
+  [ssh]=22
+  [doc]=8001
+)
+
+if test "$(id arvbox -u 2>/dev/null)" = 0 ; then
+    PGUSER=postgres
+    PGGROUP=postgres
+else
+    PGUSER=arvbox
+    PGGROUP=arvbox
+fi
+
+run_bundler() {
+    if test -f Gemfile.lock ; then
+        frozen=--frozen
+    else
+        frozen=""
+    fi
+    if ! flock /var/lib/arvados/gems.lock bundle install --path $GEM_HOME --local --no-deployment $frozen "$@" ; then
+        flock /var/lib/arvados/gems.lock bundle install --path $GEM_HOME --no-deployment $frozen "$@"
+    fi
+}
+
+pip_install() {
+    pushd /var/lib/arvados/pip
+    for p in $(ls http*.tar.gz) ; do
+        if test -f $p ; then
+            ln -sf $p $(echo $p | sed 's/.*%2F\(.*\)/\1/')
+        fi
+    done
+    for p in $(ls http*.whl) ; do
+        if test -f $p ; then
+            ln -sf $p $(echo $p | sed 's/.*%2F\(.*\)/\1/')
+        fi
+    done
+    popd
+
+    if ! pip install --no-index --find-links /var/lib/arvados/pip $1 ; then
+        pip install $1
+    fi
+}
diff --git a/lib/arvbox/docker/createusers.sh b/lib/arvbox/docker/createusers.sh
new file mode 100755
index 0000000..cc7e11f
--- /dev/null
+++ b/lib/arvbox/docker/createusers.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+set -e -o pipefail
+
+if ! grep "^arvbox:" /etc/passwd >/dev/null 2>/dev/null ; then
+    HOSTUID=$(ls -nd /usr/src/arvados | sed 's/ */ /' | cut -d' ' -f4)
+    HOSTGID=$(ls -nd /usr/src/arvados | sed 's/ */ /' | cut -d' ' -f5)
+    FUSEGID=$(ls -nd /dev/fuse | sed 's/ */ /' | cut -d' ' -f5)
+
+    mkdir -p /var/lib/arvados/git /var/lib/gems /var/lib/passenger
+
+    groupadd --gid $HOSTGID --non-unique arvbox
+    groupadd --gid $FUSEGID --non-unique fuse
+    groupadd --gid $HOSTGID --non-unique git
+    useradd --home-dir /var/lib/arvados \
+            --uid $HOSTUID --gid $HOSTGID \
+            --non-unique \
+            --groups docker,fuse \
+            arvbox
+    useradd --home-dir /var/lib/arvados/git --uid $HOSTUID --gid $HOSTGID --non-unique git
+    useradd --groups docker,fuse crunch
+
+    chown arvbox:arvbox -R /usr/local /var/lib/arvados /var/lib/gems /var/lib/passenger /var/lib/postgresql
+
+    mkdir -p /var/lib/gems/ruby/2.1.0
+    chown arvbox:arvbox -R /var/lib/gems/ruby/2.1.0
+
+    chown arvbox:arvbox -R /var/lib/nginx
+
+    # There's something weird about /var/log/nginx that prevents a non-root
+    # arvbox user from writing to it, even after the ownership has been
+    # changed.  As a workaround, delete it and recreate it.
+
+    rm -r /var/log/nginx
+    mkdir -p /var/log/nginx
+    chown arvbox:arvbox -R /var/log/nginx
+
+    mkdir -p /tmp/crunch0 /tmp/crunch1
+    chown crunch:crunch -R /tmp/crunch0 /tmp/crunch1
+fi
diff --git a/lib/arvbox/docker/crunch-setup.sh b/lib/arvbox/docker/crunch-setup.sh
new file mode 100755
index 0000000..178fec1
--- /dev/null
+++ b/lib/arvbox/docker/crunch-setup.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+exec 2>&1
+set -eux -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+mkdir -p /var/lib/arvados/gostuff
+cd /var/lib/arvados/gostuff
+
+export GOPATH=$PWD
+mkdir -p "$GOPATH/src/git.curoverse.com"
+ln -sfn "/usr/src/arvados" "$GOPATH/src/git.curoverse.com/arvados.git"
+flock /var/lib/arvados/gostuff.lock go get -t "git.curoverse.com/arvados.git/services/crunchstat"
+install bin/crunchstat /usr/local/bin
+
+export ARVADOS_API_HOST=$localip:${services[api]}
+export ARVADOS_API_HOST_INSECURE=1
+export ARVADOS_API_TOKEN=$(cat /usr/src/arvados/services/api/superuser_token)
+export CRUNCH_JOB_BIN=/usr/src/arvados/sdk/cli/bin/crunch-job
+export PERLLIB=/usr/src/arvados/sdk/perl/lib
+export CRUNCH_TMP=/tmp/$1
+export CRUNCH_DISPATCH_LOCKFILE=/var/lock/$1-dispatch
+export CRUNCH_JOB_DOCKER_BIN=docker
+export HOME=/tmp/$1
+
+cd /usr/src/arvados/services/api
+exec bundle exec ./script/crunch-dispatch.rb development
diff --git a/lib/arvbox/docker/fuse.conf b/lib/arvbox/docker/fuse.conf
new file mode 100644
index 0000000..a439ab8
--- /dev/null
+++ b/lib/arvbox/docker/fuse.conf
@@ -0,0 +1 @@
+user_allow_other
diff --git a/lib/arvbox/docker/gitolite.rc b/lib/arvbox/docker/gitolite.rc
new file mode 100644
index 0000000..03c4b29
--- /dev/null
+++ b/lib/arvbox/docker/gitolite.rc
@@ -0,0 +1,213 @@
+# This is based on the default Gitolite configuration file with the following
+# changes applied as described here:
+# http://doc.arvados.org/install/install-arv-git-httpd.html
+
+# configuration variables for gitolite
+
+# This file is in perl syntax.  But you do NOT need to know perl to edit it --
+# just mind the commas, use single quotes unless you know what you're doing,
+# and make sure the brackets and braces stay matched up!
+
+# (Tip: perl allows a comma after the last item in a list also!)
+
+# HELP for commands can be had by running the command with "-h".
+
+# HELP for all the other FEATURES can be found in the documentation (look for
+# "list of non-core programs shipped with gitolite" in the master index) or
+# directly in the corresponding source file.
+
+my $repo_aliases;
+my $aliases_src = "$ENV{HOME}/.gitolite/arvadosaliases.pl";
+if ($ENV{HOME} && (-e $aliases_src)) {
+    $repo_aliases = do $aliases_src;
+}
+$repo_aliases ||= {};
+
+%RC = (
+
+    REPO_ALIASES => $repo_aliases,
+
+    # ------------------------------------------------------------------
+
+    # default umask gives you perms of '0700'; see the rc file docs for
+    # how/why you might change this
+    UMASK                           =>  0022,
+
+    # look for "git-config" in the documentation
+    GIT_CONFIG_KEYS                 =>  '',
+
+    # comment out if you don't need all the extra detail in the logfile
+    LOG_EXTRA                       =>  1,
+    # logging options
+    # 1. leave this section as is for 'normal' gitolite logging (default)
+    # 2. uncomment this line to log ONLY to syslog:
+    # LOG_DEST                      => 'syslog',
+    # 3. uncomment this line to log to syslog and the normal gitolite log:
+    # LOG_DEST                      => 'syslog,normal',
+    # 4. prefixing "repo-log," to any of the above will **also** log just the
+    #    update records to "gl-log" in the bare repo directory:
+    # LOG_DEST                      => 'repo-log,normal',
+    # LOG_DEST                      => 'repo-log,syslog',
+    # LOG_DEST                      => 'repo-log,syslog,normal',
+
+    # roles.  add more roles (like MANAGER, TESTER, ...) here.
+    #   WARNING: if you make changes to this hash, you MUST run 'gitolite
+    #   compile' afterward, and possibly also 'gitolite trigger POST_COMPILE'
+    ROLES => {
+        READERS                     =>  1,
+        WRITERS                     =>  1,
+    },
+
+    # enable caching (currently only Redis).  PLEASE RTFM BEFORE USING!!!
+    # CACHE                         =>  'Redis',
+
+    # ------------------------------------------------------------------
+
+    # rc variables used by various features
+
+    # the 'info' command prints this as additional info, if it is set
+        # SITE_INFO                 =>  'Please see http://blahblah/gitolite for more help',
+
+    # the CpuTime feature uses these
+        # display user, system, and elapsed times to user after each git operation
+        # DISPLAY_CPU_TIME          =>  1,
+        # display a warning if total CPU times (u, s, cu, cs) crosses this limit
+        # CPU_TIME_WARN_LIMIT       =>  0.1,
+
+    # the Mirroring feature needs this
+        # HOSTNAME                  =>  "foo",
+
+    # TTL for redis cache; PLEASE SEE DOCUMENTATION BEFORE UNCOMMENTING!
+        # CACHE_TTL                 =>  600,
+
+    # ------------------------------------------------------------------
+
+    # suggested locations for site-local gitolite code (see cust.html)
+
+        # this one is managed directly on the server
+        # LOCAL_CODE                =>  "$ENV{HOME}/local",
+
+        # or you can use this, which lets you put everything in a subdirectory
+        # called "local" in your gitolite-admin repo.  For a SECURITY WARNING
+        # on this, see http://gitolite.com/gitolite/non-core.html#pushcode
+        # LOCAL_CODE                =>  "$rc{GL_ADMIN_BASE}/local",
+
+    # ------------------------------------------------------------------
+
+    # List of commands and features to enable
+
+    ENABLE => [
+
+        # COMMANDS
+
+            # These are the commands enabled by default
+            'help',
+            'desc',
+            'info',
+            'perms',
+            'writable',
+
+            # Uncomment or add new commands here.
+            # 'create',
+            # 'fork',
+            # 'mirror',
+            # 'readme',
+            # 'sskm',
+            # 'D',
+
+        # These FEATURES are enabled by default.
+
+            # essential (unless you're using smart-http mode)
+            'ssh-authkeys',
+
+            # creates git-config enties from gitolite.conf file entries like 'config foo.bar = baz'
+            'git-config',
+
+            # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out
+            'daemon',
+
+            # creates projects.list file; if you don't use gitweb, comment this out
+            'gitweb',
+
+        # These FEATURES are disabled by default; uncomment to enable.  If you
+        # need to add new ones, ask on the mailing list :-)
+
+        # user-visible behaviour
+
+            # prevent wild repos auto-create on fetch/clone
+            # 'no-create-on-read',
+            # no auto-create at all (don't forget to enable the 'create' command!)
+            # 'no-auto-create',
+
+            # access a repo by another (possibly legacy) name
+            'Alias',
+
+            # give some users direct shell access.  See documentation in
+            # sts.html for details on the following two choices.
+            # "Shell $ENV{HOME}/.gitolite.shell-users",
+            # 'Shell alice bob',
+
+            # set default roles from lines like 'option default.roles-1 = ...', etc.
+            # 'set-default-roles',
+
+            # show more detailed messages on deny
+            # 'expand-deny-messages',
+
+            # show a message of the day
+            # 'Motd',
+
+        # system admin stuff
+
+            # enable mirroring (don't forget to set the HOSTNAME too!)
+            # 'Mirroring',
+
+            # allow people to submit pub files with more than one key in them
+            # 'ssh-authkeys-split',
+
+            # selective read control hack
+            # 'partial-copy',
+
+            # manage local, gitolite-controlled, copies of read-only upstream repos
+            # 'upstream',
+
+            # updates 'description' file instead of 'gitweb.description' config item
+            # 'cgit',
+
+            # allow repo-specific hooks to be added
+            # 'repo-specific-hooks',
+
+        # performance, logging, monitoring...
+
+            # be nice
+            # 'renice 10',
+
+            # log CPU times (user, system, cumulative user, cumulative system)
+            # 'CpuTime',
+
+        # syntactic_sugar for gitolite.conf and included files
+
+            # allow backslash-escaped continuation lines in gitolite.conf
+            # 'continuation-lines',
+
+            # create implicit user groups from directory names in keydir/
+            # 'keysubdirs-as-groups',
+
+            # allow simple line-oriented macros
+            # 'macros',
+
+        # Kindergarten mode
+
+            # disallow various things that sensible people shouldn't be doing anyway
+            # 'Kindergarten',
+    ],
+
+);
+
+# ------------------------------------------------------------------------------
+# per perl rules, this should be the last line in such a file:
+1;
+
+# Local variables:
+# mode: perl
+# End:
+# vim: set syn=perl:
diff --git a/lib/arvbox/docker/keep-setup.sh b/lib/arvbox/docker/keep-setup.sh
new file mode 100755
index 0000000..b66463f
--- /dev/null
+++ b/lib/arvbox/docker/keep-setup.sh
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+exec 2>&1
+sleep 2
+set -eux -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+mkdir -p /var/lib/arvados/gostuff
+cd /var/lib/arvados/gostuff
+
+export GOPATH=$PWD
+mkdir -p "$GOPATH/src/git.curoverse.com"
+ln -sfn "/usr/src/arvados" "$GOPATH/src/git.curoverse.com/arvados.git"
+flock /var/lib/arvados/gostuff.lock go get -t "git.curoverse.com/arvados.git/services/keepstore"
+install bin/keepstore /usr/local/bin
+
+mkdir -p /var/lib/arvados/$1
+
+export ARVADOS_API_HOST=$localip:${services[api]}
+export ARVADOS_API_HOST_INSECURE=1
+export ARVADOS_API_TOKEN=$(cat /var/lib/arvados/superuser_token)
+
+set +e
+read -rd $'\000' keepservice <<EOF
+{
+ "service_host":"$localip",
+ "service_port":$2,
+ "service_ssl_flag":false,
+ "service_type":"disk"
+}
+EOF
+set -e
+
+if test -s /var/lib/arvados/$1-uuid ; then
+    keep_uuid=$(cat /var/lib/arvados/$1-uuid)
+    arv keep_service update --uuid $keep_uuid --keep-service "$keepservice"
+else
+    UUID=$(arv --format=uuid keep_service create --keep-service "$keepservice")
+    echo $UUID > /var/lib/arvados/$1-uuid
+fi
+
+set +e
+killall -HUP keepproxy
+
+exec /usr/local/bin/keepstore \
+     -listen=:$2 \
+     -enforce-permissions=true \
+     -blob-signing-key-file=/var/lib/arvados/blob_signing_key \
+     -max-buffers=20 \
+     -volume=/var/lib/arvados/$1
diff --git a/lib/arvbox/docker/logger b/lib/arvbox/docker/logger
new file mode 100755
index 0000000..a79a518
--- /dev/null
+++ b/lib/arvbox/docker/logger
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec svlogd -tt ./main
diff --git a/lib/arvbox/docker/runit-docker/.gitignore b/lib/arvbox/docker/runit-docker/.gitignore
new file mode 100644
index 0000000..bbf313b
--- /dev/null
+++ b/lib/arvbox/docker/runit-docker/.gitignore
@@ -0,0 +1,32 @@
+# Object files
+*.o
+*.ko
+*.obj
+*.elf
+
+# Precompiled Headers
+*.gch
+*.pch
+
+# Libraries
+*.lib
+*.a
+*.la
+*.lo
+
+# Shared objects (inc. Windows DLLs)
+*.dll
+*.so
+*.so.*
+*.dylib
+
+# Executables
+*.exe
+*.out
+*.app
+*.i*86
+*.x86_64
+*.hex
+
+# Debug files
+*.dSYM/
diff --git a/lib/arvbox/docker/runit-docker/LICENSE b/lib/arvbox/docker/runit-docker/LICENSE
new file mode 100644
index 0000000..d158667
--- /dev/null
+++ b/lib/arvbox/docker/runit-docker/LICENSE
@@ -0,0 +1,28 @@
+Copyright (c) 2015, Kosma Moczek
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+* Neither the name of runit-docker nor the names of its
+  contributors may be used to endorse or promote products derived from
+  this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
diff --git a/lib/arvbox/docker/runit-docker/Makefile b/lib/arvbox/docker/runit-docker/Makefile
new file mode 100644
index 0000000..9a28963
--- /dev/null
+++ b/lib/arvbox/docker/runit-docker/Makefile
@@ -0,0 +1,18 @@
+CFLAGS=-std=c99 -Wall -O2 -fPIC -D_POSIX_SOURCE -D_GNU_SOURCE
+LDLIBS=-ldl
+
+PROGNAME=runit-docker
+
+all: $(PROGNAME).so
+
+%.so: %.c
+	gcc -shared $(CFLAGS) $(LDLIBS) -o $@ $^
+
+install: runit-docker.so
+	mkdir -p $(DESTDIR)/sbin
+	mkdir -p $(DESTDIR)/lib
+	install -m 755 $(PROGNAME) $(DESTDIR)/sbin/
+	install -m 755 $(PROGNAME).so $(DESTDIR)/lib/
+
+clean:
+	$(RM) $(PROGNAME).so
diff --git a/lib/arvbox/docker/runit-docker/README.md b/lib/arvbox/docker/runit-docker/README.md
new file mode 100644
index 0000000..1bcb8cc
--- /dev/null
+++ b/lib/arvbox/docker/runit-docker/README.md
@@ -0,0 +1,24 @@
+# runit-docker
+
+Docker and `runsvdir` don't quite agree on what each signal means, causing
+TONS of frustration when attempting to use `runsvdir` as init under Docker.
+`runit-docker` is a plug'n'play adapter library which does signal translation
+without the overhead and nuisance of running a nanny process.
+
+## Features
+
+* Pressing Ctrl-C does a clean shutdown.
+* `docker stop` does a clean shutdown.
+
+Under the hood, `runit-docker` translates `SIGTERM` and `SIGINT` to `SIGHUP`.
+
+## Usage
+
+* Build with `make`, install with `make install`.
+* Add `CMD ["/sbin/runit-docker"]` to your `Dockerfile`.
+* Run `debian/rules clean build binary` to build a Debian package.
+
+## Author
+
+runit-docker was written by Kosma Moczek <kosma.moczek at pixers.pl> during a single Scrum
+planning meeting. Damn meetings.
diff --git a/lib/arvbox/docker/runit-docker/debian/changelog b/lib/arvbox/docker/runit-docker/debian/changelog
new file mode 100644
index 0000000..7d8689f
--- /dev/null
+++ b/lib/arvbox/docker/runit-docker/debian/changelog
@@ -0,0 +1,12 @@
+runit-docker (1.1) unstable; urgency=low
+
+  * Simplify logic.
+  * Install for SIGINT as well.
+
+ -- Kosma Moczek <kosma at kosma.pl>  Mon, 11 May 2015 12:23:59 +0000
+
+runit-docker (1.0) unstable; urgency=low
+
+  * Initial release
+
+ -- Kosma Moczek <kosma at kosma.pl>  Mon, 11 May 2015 12:23:59 +0000
diff --git a/lib/arvbox/docker/runit-docker/debian/compat b/lib/arvbox/docker/runit-docker/debian/compat
new file mode 100644
index 0000000..ec63514
--- /dev/null
+++ b/lib/arvbox/docker/runit-docker/debian/compat
@@ -0,0 +1 @@
+9
diff --git a/lib/arvbox/docker/runit-docker/debian/control b/lib/arvbox/docker/runit-docker/debian/control
new file mode 100644
index 0000000..4060915
--- /dev/null
+++ b/lib/arvbox/docker/runit-docker/debian/control
@@ -0,0 +1,14 @@
+Source: runit-docker
+Section: contrib/admin
+Priority: optional
+Maintainer: Kosma Moczek <kosma at kosma.pl>
+Build-Depends: debhelper (>= 9)
+Standards-Version: 3.9.5
+Homepage: https://github.com/kosma/runit-docker
+#Vcs-Git: git://anonscm.debian.org/collab-maint/runit-docker.git
+#Vcs-Browser: http://anonscm.debian.org/?p=collab-maint/runit-docker.git;a=summary
+
+Package: runit-docker
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: painlessly use runit in Docker containers
diff --git a/lib/arvbox/docker/runit-docker/debian/copyright b/lib/arvbox/docker/runit-docker/debian/copyright
new file mode 100644
index 0000000..8679a6a
--- /dev/null
+++ b/lib/arvbox/docker/runit-docker/debian/copyright
@@ -0,0 +1,31 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: runit-docker
+Source: https://github.com/kosma/runit-docker
+
+Files: *
+Copyright: 2015 Kosma Moczek <kosma at kosma.pl>
+License: MIT
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+ 
+ * Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+ 
+ * Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+ 
+ * Neither the name of runit-docker nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+ 
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/lib/arvbox/docker/runit-docker/debian/docs b/lib/arvbox/docker/runit-docker/debian/docs
new file mode 100644
index 0000000..b43bf86
--- /dev/null
+++ b/lib/arvbox/docker/runit-docker/debian/docs
@@ -0,0 +1 @@
+README.md
diff --git a/lib/arvbox/docker/runit-docker/debian/rules b/lib/arvbox/docker/runit-docker/debian/rules
new file mode 100755
index 0000000..ce15cce
--- /dev/null
+++ b/lib/arvbox/docker/runit-docker/debian/rules
@@ -0,0 +1,32 @@
+#!/usr/bin/make -f
+# See debhelper(7) (uncomment to enable)
+# output every command that modifies files on the build system.
+#DH_VERBOSE = 1
+
+# see EXAMPLES in dpkg-buildflags(1) and read /usr/share/dpkg/*
+DPKG_EXPORT_BUILDFLAGS = 1
+include /usr/share/dpkg/default.mk
+
+# see FEATURE AREAS in dpkg-buildflags(1)
+#export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+
+# see ENVIRONMENT in dpkg-buildflags(1)
+# package maintainers to append CFLAGS
+#export DEB_CFLAGS_MAINT_APPEND  = -Wall -pedantic
+# package maintainers to append LDFLAGS
+#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed
+
+
+# main packaging script based on dh7 syntax
+%:
+	dh $@ 
+
+# debmake generated override targets
+# This is example for Cmake (See http://bugs.debian.org/641051 )
+#override_dh_auto_configure:
+#	dh_auto_configure -- \
+#	-DCMAKE_LIBRARY_PATH=$(DEB_HOST_MULTIARCH)
+
+
+
+
diff --git a/lib/arvbox/docker/runit-docker/debian/source/format b/lib/arvbox/docker/runit-docker/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/lib/arvbox/docker/runit-docker/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/lib/arvbox/docker/runit-docker/runit-docker b/lib/arvbox/docker/runit-docker/runit-docker
new file mode 100755
index 0000000..fdbaad5
--- /dev/null
+++ b/lib/arvbox/docker/runit-docker/runit-docker
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+export LD_PRELOAD=/lib/runit-docker.so
+exec runsvdir /etc/service
diff --git a/lib/arvbox/docker/runit-docker/runit-docker.c b/lib/arvbox/docker/runit-docker/runit-docker.c
new file mode 100644
index 0000000..825a35f
--- /dev/null
+++ b/lib/arvbox/docker/runit-docker/runit-docker.c
@@ -0,0 +1,32 @@
+#include <signal.h>
+#include <dlfcn.h>
+#include <stdlib.h>
+
+
+int sigaction(int signum, const struct sigaction *act, struct sigaction *oldact)
+{
+  static int (*real_sigaction)(int signum, const struct sigaction *act, struct sigaction *oldact) = NULL;
+
+  // Retrieve the real sigaction we just shadowed.
+  if (real_sigaction == NULL) {
+    real_sigaction = (void *) dlsym(RTLD_NEXT, "sigaction");
+    // Prevent further shadowing in children.
+    unsetenv("LD_PRELOAD");
+  }
+
+  if (signum == SIGTERM) {
+    // Skip this handler, it doesn't do what we want.
+    return 0;
+  }
+
+  if (signum == SIGHUP) {
+    // Install this handler for others as well.
+    real_sigaction(SIGTERM, act, oldact);
+    real_sigaction(SIGINT, act, oldact);
+  }
+
+  // Forward the call the the real sigaction.
+  return real_sigaction(signum, act, oldact);
+}
+
+// vim: ts=2 sw=2 et
diff --git a/lib/arvbox/docker/runsu.sh b/lib/arvbox/docker/runsu.sh
new file mode 100755
index 0000000..1557d09
--- /dev/null
+++ b/lib/arvbox/docker/runsu.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+HOSTUID=$(ls -nd /usr/src/arvados | sed 's/ */ /' | cut -d' ' -f4)
+HOSTGID=$(ls -nd /usr/src/arvados | sed 's/ */ /' | cut -d' ' -f5)
+
+flock /var/lib/arvados/createusers.lock /usr/local/lib/arvbox/createusers.sh
+
+export HOME=/var/lib/arvados
+
+if test -z "$1" ; then
+    exec chpst -u arvbox:arvbox:docker $0-service
+else
+    exec chpst -u arvbox:arvbox:docker $@
+fi
diff --git a/lib/arvbox/docker/service/api/log/main/.gitstub b/lib/arvbox/docker/service/api/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/api/log/run b/lib/arvbox/docker/service/api/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/api/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/api/run b/lib/arvbox/docker/service/api/run
new file mode 120000
index 0000000..a388c8b
--- /dev/null
+++ b/lib/arvbox/docker/service/api/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/api/run-service b/lib/arvbox/docker/service/api/run-service
new file mode 100755
index 0000000..31f90d1
--- /dev/null
+++ b/lib/arvbox/docker/service/api/run-service
@@ -0,0 +1,100 @@
+#!/bin/bash
+
+exec 2>&1
+set -ex -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+cd /usr/src/arvados/services/api
+export RAILS_ENV=development
+
+run_bundler --without=development
+bundle exec passenger start --runtime-check-only --runtime-dir=/var/lib/passenger
+
+if test "$1" = "--only-deps" ; then
+    exit
+fi
+
+set -u
+
+if ! test -s /var/lib/arvados/api_uuid_prefix ; then
+    ruby -e 'puts "#{rand(2**64).to_s(36)[0,5]}"' > /var/lib/arvados/api_uuid_prefix
+fi
+uuid_prefix=$(cat /var/lib/arvados/api_uuid_prefix)
+
+if ! test -s /var/lib/arvados/api_secret_token ; then
+    ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/api_secret_token
+fi
+secret_token=$(cat /var/lib/arvados/api_secret_token)
+
+if ! test -s /var/lib/arvados/blob_signing_key ; then
+    ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/blob_signing_key
+fi
+blob_signing_key=$(cat /var/lib/arvados/blob_signing_key)
+
+# self signed key will be created by SSO server script.
+test -s /var/lib/arvados/self-signed.key
+
+sso_app_secret=$(cat /var/lib/arvados/sso_app_secret)
+
+if test -s /var/lib/arvados/vm-uuid ; then
+    vm_uuid=$(cat /var/lib/arvados/vm-uuid)
+else
+    vm_uuid=$uuid_prefix-2x53u-$(ruby -e 'puts rand(2**400).to_s(36)[0,15]')
+    echo $vm_uuid > /var/lib/arvados/vm-uuid
+fi
+
+cat >config/application.yml <<EOF
+development:
+  uuid_prefix: $uuid_prefix
+  secret_token: $secret_token
+  blob_signing_key: $blob_signing_key
+  sso_app_secret: $sso_app_secret
+  sso_app_id: arvados-server
+  sso_provider_url: "https://$localip:${services[sso]}"
+  sso_insecure: true
+  workbench_address: "http://$localip/"
+  git_repo_ssh_base: "git@$localip:"
+  git_repo_https_base: "http://$localip:${services[arv-git-httpd]}/"
+  new_users_are_active: true
+  auto_admin_first_user: true
+  auto_setup_new_users: true
+  auto_setup_new_users_with_vm_uuid: $vm_uuid
+  auto_setup_new_users_with_repository: true
+  default_collection_replication: 1
+EOF
+
+if ! test -f /var/lib/arvados/api_database_pw ; then
+    ruby -e 'puts rand(2**128).to_s(36)' > /var/lib/arvados/api_database_pw
+fi
+database_pw=$(cat /var/lib/arvados/api_database_pw)
+
+if ! (psql -c "\du" | grep "^ arvados ") >/dev/null ; then
+    psql -c "create user arvados with password '$database_pw'"
+    psql -c "ALTER USER arvados CREATEDB;"
+fi
+
+sed "s/password:.*/password: $database_pw/" <config/database.yml.example >config/database.yml
+
+if ! test -f /var/lib/arvados/api_database_setup ; then
+   bundle exec rake db:setup
+   touch /var/lib/arvados/api_database_setup
+fi
+
+if ! test -s /var/lib/arvados/superuser_token ; then
+    bundle exec ./script/create_superuser_token.rb > /var/lib/arvados/superuser_token
+fi
+
+rm -rf tmp
+
+bundle exec rake db:migrate
+
+set +u
+if test "$1" = "--only-setup" ; then
+    exit
+fi
+
+ARVADOS_WEBSOCKETS=1 exec bundle exec passenger start --port=${services[api]} \
+                  --runtime-dir=/var/lib/passenger \
+                  --ssl --ssl-certificate=/var/lib/arvados/self-signed.pem \
+                  --ssl-certificate-key=/var/lib/arvados/self-signed.key
diff --git a/lib/arvbox/docker/service/arv-git-httpd/log/main/.gitstub b/lib/arvbox/docker/service/arv-git-httpd/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/arv-git-httpd/log/run b/lib/arvbox/docker/service/arv-git-httpd/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/arv-git-httpd/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/arv-git-httpd/run b/lib/arvbox/docker/service/arv-git-httpd/run
new file mode 120000
index 0000000..a388c8b
--- /dev/null
+++ b/lib/arvbox/docker/service/arv-git-httpd/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/arv-git-httpd/run-service b/lib/arvbox/docker/service/arv-git-httpd/run-service
new file mode 100755
index 0000000..7bd6a7c
--- /dev/null
+++ b/lib/arvbox/docker/service/arv-git-httpd/run-service
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+exec 2>&1
+set -eux -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+mkdir -p /var/lib/arvados/gostuff
+cd /var/lib/arvados/gostuff
+
+export GOPATH=$PWD
+mkdir -p "$GOPATH/src/git.curoverse.com"
+ln -sfn "/usr/src/arvados" "$GOPATH/src/git.curoverse.com/arvados.git"
+flock /var/lib/arvados/gostuff.lock go get -t "git.curoverse.com/arvados.git/services/arv-git-httpd"
+install bin/arv-git-httpd /usr/local/bin
+
+export ARVADOS_API_HOST=$localip:${services[api]}
+export ARVADOS_API_HOST_INSECURE=1
+export GITOLITE_HTTP_HOME=/var/lib/arvados/git
+export GL_BYPASS_ACCESS_CHECKS=1
+export PATH="$PATH:/var/lib/arvados/git/bin"
+cd ~git
+
+exec /usr/local/bin/arv-git-httpd \
+     -address=:${services[arv-git-httpd]} \
+     -git-command=/var/lib/arvados/git/gitolite/src/gitolite-shell \
+     -repo-root=/var/lib/arvados/git/repositories
diff --git a/lib/arvbox/docker/service/crunch-dispatch0/log/main/.gitstub b/lib/arvbox/docker/service/crunch-dispatch0/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/crunch-dispatch0/log/run b/lib/arvbox/docker/service/crunch-dispatch0/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/crunch-dispatch0/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/crunch-dispatch0/run b/lib/arvbox/docker/service/crunch-dispatch0/run
new file mode 120000
index 0000000..a388c8b
--- /dev/null
+++ b/lib/arvbox/docker/service/crunch-dispatch0/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/crunch-dispatch0/run-service b/lib/arvbox/docker/service/crunch-dispatch0/run-service
new file mode 100755
index 0000000..fa3a73a
--- /dev/null
+++ b/lib/arvbox/docker/service/crunch-dispatch0/run-service
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec /usr/local/lib/arvbox/crunch-setup.sh crunch0
diff --git a/lib/arvbox/docker/service/crunch-dispatch1/log/main/.gitstub b/lib/arvbox/docker/service/crunch-dispatch1/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/crunch-dispatch1/log/run b/lib/arvbox/docker/service/crunch-dispatch1/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/crunch-dispatch1/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/crunch-dispatch1/run b/lib/arvbox/docker/service/crunch-dispatch1/run
new file mode 120000
index 0000000..a388c8b
--- /dev/null
+++ b/lib/arvbox/docker/service/crunch-dispatch1/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/crunch-dispatch1/run-service b/lib/arvbox/docker/service/crunch-dispatch1/run-service
new file mode 100755
index 0000000..6430e9c
--- /dev/null
+++ b/lib/arvbox/docker/service/crunch-dispatch1/run-service
@@ -0,0 +1,3 @@
+#!/bin/sh
+sleep 1
+exec /usr/local/lib/arvbox/crunch-setup.sh crunch1
diff --git a/lib/arvbox/docker/service/doc/log/main/.gitstub b/lib/arvbox/docker/service/doc/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/doc/log/run b/lib/arvbox/docker/service/doc/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/doc/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/doc/run b/lib/arvbox/docker/service/doc/run
new file mode 120000
index 0000000..a388c8b
--- /dev/null
+++ b/lib/arvbox/docker/service/doc/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/doc/run-service b/lib/arvbox/docker/service/doc/run-service
new file mode 100755
index 0000000..acbe21c
--- /dev/null
+++ b/lib/arvbox/docker/service/doc/run-service
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+exec 2>&1
+set -ex -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+cd /usr/src/arvados/doc
+run_bundler --without=development
+
+if test "$1" = "--only-deps" ; then
+    exit
+fi
+
+set -u
+
+cat <<EOF >/var/lib/arvados/doc-nginx.conf
+worker_processes auto;
+pid /var/lib/arvados/doc-nginx.pid;
+daemon off;
+
+events {
+	worker_connections 64;
+}
+
+http {
+     include /etc/nginx/mime.types;
+     default_type application/octet-stream;
+     server {
+            listen ${services[doc]} default_server;
+            listen [::]:${services[doc]} default_server;
+            root /usr/src/arvados/doc/.site;
+            index index.html;
+            server_name _;
+     }
+}
+EOF
+
+bundle exec rake generate baseurl=http://$localip:${services[doc]} arvados_api_host=$localip:${services[api]} arvados_workbench_host=http://$localip
+
+exec nginx -c /var/lib/arvados/doc-nginx.conf
diff --git a/lib/arvbox/docker/service/docker/log/main/.gitstub b/lib/arvbox/docker/service/docker/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/docker/log/run b/lib/arvbox/docker/service/docker/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/docker/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/docker/run b/lib/arvbox/docker/service/docker/run
new file mode 100755
index 0000000..1ecdc16
--- /dev/null
+++ b/lib/arvbox/docker/service/docker/run
@@ -0,0 +1,102 @@
+#!/bin/bash
+
+# Taken from https://github.com/jpetazzo/dind
+
+exec 2>&1
+
+# Ensure that all nodes in /dev/mapper correspond to mapped devices currently loaded by the device-mapper kernel driver
+dmsetup mknodes
+
+: {LOG:=stdio}
+
+# First, make sure that cgroups are mounted correctly.
+CGROUP=/sys/fs/cgroup
+[ -d $CGROUP ] || mkdir $CGROUP
+
+if mountpoint -q $CGROUP ; then
+    break
+else
+    mount -n -t tmpfs -o uid=0,gid=0,mode=0755 cgroup $CGROUP
+fi
+
+if ! mountpoint -q $CGROUP ; then
+    echo "Could not find or mount cgroups. Tried /sys/fs/cgroup and /cgroup.  Did you use --privileged?"
+    exit 1
+fi
+
+if [ -d /sys/kernel/security ] && ! mountpoint -q /sys/kernel/security
+then
+    mount -t securityfs none /sys/kernel/security || {
+        echo "Could not mount /sys/kernel/security."
+        echo "AppArmor detection and --privileged mode might break."
+    }
+fi
+
+# Mount the cgroup hierarchies exactly as they are in the parent system.
+for SUBSYS in $(cut -d: -f2 /proc/1/cgroup)
+do
+        [ -d $CGROUP/$SUBSYS ] || mkdir $CGROUP/$SUBSYS
+        mountpoint -q $CGROUP/$SUBSYS ||
+                mount -n -t cgroup -o $SUBSYS cgroup $CGROUP/$SUBSYS
+
+        # The two following sections address a bug which manifests itself
+        # by a cryptic "lxc-start: no ns_cgroup option specified" when
+        # trying to start containers withina container.
+        # The bug seems to appear when the cgroup hierarchies are not
+        # mounted on the exact same directories in the host, and in the
+        # container.
+
+        # Named, control-less cgroups are mounted with "-o name=foo"
+        # (and appear as such under /proc/<pid>/cgroup) but are usually
+        # mounted on a directory named "foo" (without the "name=" prefix).
+        # Systemd and OpenRC (and possibly others) both create such a
+        # cgroup. To avoid the aforementioned bug, we symlink "foo" to
+        # "name=foo". This shouldn't have any adverse effect.
+        echo $SUBSYS | grep -q ^name= && {
+                NAME=$(echo $SUBSYS | sed s/^name=//)
+                ln -s $SUBSYS $CGROUP/$NAME
+        }
+
+        # Likewise, on at least one system, it has been reported that
+        # systemd would mount the CPU and CPU accounting controllers
+        # (respectively "cpu" and "cpuacct") with "-o cpuacct,cpu"
+        # but on a directory called "cpu,cpuacct" (note the inversion
+        # in the order of the groups). This tries to work around it.
+        [ $SUBSYS = cpuacct,cpu ] && ln -s $SUBSYS $CGROUP/cpu,cpuacct
+done
+
+# Note: as I write those lines, the LXC userland tools cannot setup
+# a "sub-container" properly if the "devices" cgroup is not in its
+# own hierarchy. Let's detect this and issue a warning.
+grep -q :devices: /proc/1/cgroup ||
+	echo "WARNING: the 'devices' cgroup should be in its own hierarchy."
+grep -qw devices /proc/1/cgroup ||
+	echo "WARNING: it looks like the 'devices' cgroup is not mounted."
+
+# Now, close extraneous file descriptors.
+pushd /proc/self/fd >/dev/null
+for FD in *
+do
+	case "$FD" in
+	# Keep stdin/stdout/stderr
+	[012])
+		;;
+	# Nuke everything else
+	*)
+		eval exec "$FD>&-"
+		;;
+	esac
+done
+popd >/dev/null
+
+
+# If a pidfile is still around (for example after a container restart),
+# delete it so that docker can start.
+rm -rf /var/run/docker.pid
+
+read pid cmd state ppid pgrp session tty_nr tpgid rest < /proc/self/stat
+trap "kill -TERM -$pgrp; exit" EXIT TERM KILL SIGKILL SIGTERM SIGQUIT
+
+if ! docker daemon --storage-driver=overlay $DOCKER_DAEMON_ARGS ; then
+    docker daemon $DOCKER_DAEMON_ARGS
+fi
diff --git a/lib/arvbox/docker/service/gitolite/log/main/.gitstub b/lib/arvbox/docker/service/gitolite/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/gitolite/log/run b/lib/arvbox/docker/service/gitolite/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/gitolite/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/gitolite/run b/lib/arvbox/docker/service/gitolite/run
new file mode 120000
index 0000000..a388c8b
--- /dev/null
+++ b/lib/arvbox/docker/service/gitolite/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/gitolite/run-service b/lib/arvbox/docker/service/gitolite/run-service
new file mode 100755
index 0000000..8e6cb0e
--- /dev/null
+++ b/lib/arvbox/docker/service/gitolite/run-service
@@ -0,0 +1,116 @@
+#!/bin/bash
+
+exec 2>&1
+set -eux -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+mkdir -p /var/lib/arvados/git
+
+export ARVADOS_API_HOST=$localip:${services[api]}
+export ARVADOS_API_HOST_INSECURE=1
+export ARVADOS_API_TOKEN=$(cat /var/lib/arvados/superuser_token)
+
+export USER=git
+export USERNAME=git
+export LOGNAME=git
+export HOME=/var/lib/arvados/git
+
+cd ~arvbox
+
+mkdir -p ~arvbox/.ssh ~git/.ssh
+chmod 0700 ~arvbox/.ssh ~git/.ssh
+
+if ! test -s ~arvbox/.ssh/id_rsa ; then
+    ssh-keygen -t rsa -P '' -f .ssh/id_rsa
+    cp ~arvbox/.ssh/id_rsa ~arvbox/.ssh/id_rsa.pub ~git/.ssh
+fi
+
+if test -s ~arvbox/.ssh/known_hosts ; then
+    ssh-keygen -f ".ssh/known_hosts" -R localhost
+fi
+
+if ! test -f /var/lib/arvados/gitolite-setup ; then
+    cd ~git
+
+    # Do a no-op login to populate known_hosts
+    # with the hostkey, so it won't try to ask
+    # about it later.
+    cp .ssh/id_rsa.pub .ssh/authorized_keys
+    ssh -o stricthostkeychecking=no git at localhost true
+    rm .ssh/authorized_keys
+
+    cp -r /usr/local/lib/arvbox/gitolite.rc .
+
+    gitolite setup -pk .ssh/id_rsa.pub
+
+    if ! test -d gitolite-admin ; then
+        git clone git at localhost:gitolite-admin
+    fi
+
+    cd gitolite-admin
+    git config user.email arvados
+    git config user.name arvados
+    git config push.default simple
+    git push
+
+    touch /var/lib/arvados/gitolite-setup
+else
+    # Do a no-op login to populate known_hosts
+    # with the hostkey, so it won't try to ask
+    # about it later.  Don't run anything,
+    # get the default gitolite behavior.
+    ssh -o stricthostkeychecking=no git at localhost
+fi
+
+prefix=$(arv --format=uuid user current | cut -d- -f1)
+
+if ! test -s /var/lib/arvados/arvados-git-uuid ; then
+    repo_uuid=$(arv --format=uuid repository create --repository "{\"owner_uuid\":\"$prefix-tpzed-000000000000000\", \"name\":\"arvados\"}")
+    echo $repo_uuid > /var/lib/arvados/arvados-git-uuid
+fi
+
+repo_uuid=$(cat /var/lib/arvados/arvados-git-uuid)
+
+if ! test -s /var/lib/arvados/arvados-git-link-uuid ; then
+    all_users_group_uuid="$prefix-j7d0g-fffffffffffffff"
+
+    set +e
+    read -rd $'\000' newlink <<EOF
+{
+ "tail_uuid":"$all_users_group_uuid",
+ "head_uuid":"$repo_uuid",
+ "link_class":"permission",
+ "name":"can_read"
+}
+EOF
+    set -e
+    link_uuid=$(arv --format=uuid link create --link "$newlink")
+    echo $link_uuid > /var/lib/arvados/arvados-git-link-uuid
+fi
+
+if ! test -d /var/lib/arvados/git/repositories/$repo_uuid.git ; then
+    git clone --bare /usr/src/arvados /var/lib/arvados/git/repositories/$repo_uuid.git
+else
+    git --git-dir=/var/lib/arvados/git/repositories/$repo_uuid.git fetch -f /usr/src/arvados master:master
+fi
+
+cd /usr/src/arvados/services/api
+export RAILS_ENV=development
+
+git_user_key=$(cat ~git/.ssh/id_rsa.pub)
+
+cat > config/arvados-clients.yml <<EOF
+development:
+  gitolite_url: /var/lib/arvados/git/repositories/gitolite-admin.git
+  gitolite_tmp: /var/lib/arvados/git
+  arvados_api_host: $localip:${services[api]}
+  arvados_api_token: "$ARVADOS_API_TOKEN"
+  arvados_api_host_insecure: true
+  gitolite_arvados_git_user_key: "$git_user_key"
+EOF
+
+while true ; do
+    bundle exec script/arvados-git-sync.rb development
+    sleep 120
+done
diff --git a/lib/arvbox/docker/service/keep-web/log/main/.gitstub b/lib/arvbox/docker/service/keep-web/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/keep-web/log/run b/lib/arvbox/docker/service/keep-web/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/keep-web/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/keep-web/run b/lib/arvbox/docker/service/keep-web/run
new file mode 120000
index 0000000..a388c8b
--- /dev/null
+++ b/lib/arvbox/docker/service/keep-web/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/keep-web/run-service b/lib/arvbox/docker/service/keep-web/run-service
new file mode 100755
index 0000000..a2c6aa1
--- /dev/null
+++ b/lib/arvbox/docker/service/keep-web/run-service
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+exec 2>&1
+set -eux -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+mkdir -p /var/lib/arvados/gostuff
+cd /var/lib/arvados/gostuff
+
+export GOPATH=$PWD
+mkdir -p "$GOPATH/src/git.curoverse.com"
+ln -sfn "/usr/src/arvados" "$GOPATH/src/git.curoverse.com/arvados.git"
+flock /var/lib/arvados/gostuff.lock go get -t "git.curoverse.com/arvados.git/services/keep-web"
+install bin/keep-web /usr/local/bin
+
+export ARVADOS_API_HOST=$localip:${services[api]}
+export ARVADOS_API_HOST_INSECURE=1
+export ARVADOS_API_TOKEN=$(cat /var/lib/arvados/superuser_token)
+
+exec /usr/local/bin/keep-web -trust-all-content -listen=:${services[keep-web]}
diff --git a/lib/arvbox/docker/service/keepproxy/log/main/.gitstub b/lib/arvbox/docker/service/keepproxy/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/keepproxy/log/run b/lib/arvbox/docker/service/keepproxy/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/keepproxy/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/keepproxy/run b/lib/arvbox/docker/service/keepproxy/run
new file mode 120000
index 0000000..a388c8b
--- /dev/null
+++ b/lib/arvbox/docker/service/keepproxy/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/keepproxy/run-service b/lib/arvbox/docker/service/keepproxy/run-service
new file mode 100755
index 0000000..413a67e
--- /dev/null
+++ b/lib/arvbox/docker/service/keepproxy/run-service
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+exec 2>&1
+sleep 2
+set -eux -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+mkdir -p /var/lib/arvados/gostuff
+cd /var/lib/arvados/gostuff
+
+export GOPATH=$PWD
+mkdir -p "$GOPATH/src/git.curoverse.com"
+ln -sfn "/usr/src/arvados" "$GOPATH/src/git.curoverse.com/arvados.git"
+flock /var/lib/arvados/gostuff.lock go get -t "git.curoverse.com/arvados.git/services/keepproxy"
+install bin/keepproxy /usr/local/bin
+
+export ARVADOS_API_HOST=$localip:${services[api]}
+export ARVADOS_API_HOST_INSECURE=1
+export ARVADOS_API_TOKEN=$(cat /var/lib/arvados/superuser_token)
+
+set +e
+read -rd $'\000' keepservice <<EOF
+{
+ "service_host":"$localip",
+ "service_port":${services[keepproxy]},
+ "service_ssl_flag":false,
+ "service_type":"proxy"
+}
+EOF
+set -e
+
+if test -s /var/lib/arvados/keepproxy-uuid ; then
+    keep_uuid=$(cat /var/lib/arvados/keepproxy-uuid)
+    arv keep_service update --uuid $keep_uuid --keep-service "$keepservice"
+else
+    UUID=$(arv --format=uuid keep_service create --keep-service "$keepservice")
+    echo $UUID > /var/lib/arvados/keepproxy-uuid
+fi
+
+exec /usr/local/bin/keepproxy -listen=:${services[keepproxy]}
diff --git a/lib/arvbox/docker/service/keepstore0/log/main/.gitstub b/lib/arvbox/docker/service/keepstore0/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/keepstore0/log/run b/lib/arvbox/docker/service/keepstore0/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/keepstore0/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/keepstore0/run b/lib/arvbox/docker/service/keepstore0/run
new file mode 120000
index 0000000..a388c8b
--- /dev/null
+++ b/lib/arvbox/docker/service/keepstore0/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/keepstore0/run-service b/lib/arvbox/docker/service/keepstore0/run-service
new file mode 100755
index 0000000..cf411e4
--- /dev/null
+++ b/lib/arvbox/docker/service/keepstore0/run-service
@@ -0,0 +1,3 @@
+#!/bin/bash
+. /usr/local/lib/arvbox/common.sh
+exec /usr/local/lib/arvbox/keep-setup.sh keep0 ${services[keepstore0]}
diff --git a/lib/arvbox/docker/service/keepstore1/log/main/.gitstub b/lib/arvbox/docker/service/keepstore1/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/keepstore1/log/run b/lib/arvbox/docker/service/keepstore1/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/keepstore1/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/keepstore1/run b/lib/arvbox/docker/service/keepstore1/run
new file mode 120000
index 0000000..a388c8b
--- /dev/null
+++ b/lib/arvbox/docker/service/keepstore1/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/keepstore1/run-service b/lib/arvbox/docker/service/keepstore1/run-service
new file mode 100755
index 0000000..8d34d06
--- /dev/null
+++ b/lib/arvbox/docker/service/keepstore1/run-service
@@ -0,0 +1,3 @@
+#!/bin/bash
+. /usr/local/lib/arvbox/common.sh
+exec /usr/local/lib/arvbox/keep-setup.sh keep1 ${services[keepstore1]}
diff --git a/lib/arvbox/docker/service/postgres/log/main/.gitstub b/lib/arvbox/docker/service/postgres/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/postgres/log/run b/lib/arvbox/docker/service/postgres/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/postgres/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/postgres/run b/lib/arvbox/docker/service/postgres/run
new file mode 100755
index 0000000..4918bd7
--- /dev/null
+++ b/lib/arvbox/docker/service/postgres/run
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+flock /var/lib/arvados/createusers.lock /usr/local/lib/arvbox/createusers.sh
+
+. /usr/local/lib/arvbox/common.sh
+
+chown -R $PGUSER:$PGGROUP /var/lib/postgresql
+chown -R $PGUSER:$PGGROUP /var/run/postgresql
+chown -R $PGUSER:$PGGROUP /etc/postgresql
+chown -R $PGUSER:$PGGROUP /etc/ssl/private
+
+exec chpst -u $PGUSER:$PGGROUP $0-service
diff --git a/lib/arvbox/docker/service/postgres/run-service b/lib/arvbox/docker/service/postgres/run-service
new file mode 100755
index 0000000..dd2eb1a
--- /dev/null
+++ b/lib/arvbox/docker/service/postgres/run-service
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+exec 2>&1
+set -eux -o pipefail
+
+if ! test -d /var/lib/postgresql/9.4/main ; then
+    /usr/lib/postgresql/9.4/bin/initdb -D /var/lib/postgresql/9.4/main
+    sh -c "while ! psql -c'\du' >/dev/null 2>/dev/null ; do createdb ; sleep 1 ; done" &
+fi
+mkdir -p /var/run/postgresql/9.4-main.pg_stat_tmp
+
+rm -f /var/lib/postgresql/9.4/main/postmaster.pid
+
+exec /usr/lib/postgresql/9.4/bin/postgres -D /var/lib/postgresql/9.4/main -c config_file=/etc/postgresql/9.4/main/postgresql.conf
diff --git a/lib/arvbox/docker/service/ready/run b/lib/arvbox/docker/service/ready/run
new file mode 120000
index 0000000..a388c8b
--- /dev/null
+++ b/lib/arvbox/docker/service/ready/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/ready/run-service b/lib/arvbox/docker/service/ready/run-service
new file mode 100755
index 0000000..f560de0
--- /dev/null
+++ b/lib/arvbox/docker/service/ready/run-service
@@ -0,0 +1,96 @@
+#!/bin/bash
+
+. /usr/local/lib/arvbox/common.sh
+
+set -eu -o pipefail
+
+if ! [[ -d /tmp/arvbox-ready ]] ; then
+   echo
+   echo "Arvados-in-a-box starting"
+   echo
+   echo "Note: if this is a fresh arvbox installation, it may take 10-15 minutes (or longer) to download and"
+   echo "install dependencies.  Use \"arvbox log\" to monitor the progress of specific services."
+   echo
+   mkdir -p /tmp/arvbox-ready
+fi
+
+sleep 3
+
+waiting=""
+
+for s in "${!services[@]}"
+do
+  if ! [[ -f /tmp/arvbox-ready/$s ]] ; then
+    if nc -z localhost ${services[$s]} ; then
+      echo "$s is ready at $localip:${services[$s]}"
+      touch /tmp/arvbox-ready/$s
+    else
+      waiting="$waiting $s"
+    fi
+  fi
+done
+
+if ! docker version >/dev/null 2>/dev/null ; then
+  waiting="$waiting docker"
+fi
+
+if ! which arv >/dev/null ; then
+  waiting="$waiting sdk"
+elif ! which arv-get >/dev/null ; then
+  waiting="$waiting sdk"
+fi
+
+if ! (ps x | grep -v grep | grep "crunch-dispatch") > /dev/null ; then
+    waiting="$waiting crunch-dispatch"
+fi
+
+export ARVADOS_API_HOST=$localip:${services[api]}
+export ARVADOS_API_HOST_INSECURE=1
+
+vm_ok=0
+if test -s /var/lib/arvados/vm-uuid -a -s /var/lib/arvados/superuser_token; then
+    vm_uuid=$(cat /var/lib/arvados/vm-uuid)
+    export ARVADOS_API_TOKEN=$(cat /var/lib/arvados/superuser_token)
+    if (which arv && arv virtual_machine get --uuid $vm_uuid) >/dev/null 2>/dev/null ; then
+        vm_ok=1
+    fi
+fi
+
+if test $vm_ok = 0 ; then
+    waiting="$waiting vm"
+fi
+
+if ! [[ -z "$waiting" ]] ; then
+    if ps x | grep -v grep | grep "bundle install" > /dev/null; then
+        gemcount=$(ls /var/lib/gems/ruby/2.1.0/gems 2>/dev/null | wc -l)
+
+        gemlockcount=0
+        for l in /usr/src/arvados/services/api/Gemfile.lock \
+                     /usr/src/arvados/apps/workbench/Gemfile.lock \
+                     /usr/src/sso/Gemfile.lock ; do
+            gc=$(cat $l \
+                        | grep -vE "(GEM|PLATFORMS|DEPENDENCIES|$^|remote:|specs:)" \
+                        | sed 's/^ *//' | sed 's/(.*)//' | sed 's/ *$//' | sort | uniq | wc -l)
+            gemlockcount=$(($gemlockcount + $gc))
+        done
+        waiting="$waiting (installing ruby gems $gemcount/$gemlockcount)"
+    fi
+
+    if ps x | grep -v grep | grep "c++.*/var/lib/passenger" > /dev/null ; then
+        waiting="$waiting (compiling passenger)"
+    fi
+
+    if ps x | grep -v grep | grep "pip install" > /dev/null; then
+        waiting="$waiting (installing python packages)"
+    fi
+    echo "    Waiting for$waiting ..."
+    exit 1
+fi
+
+echo
+echo "Your Arvados-in-a-box is ready!"
+echo "Workbench is running at http://$localip"
+
+rm -r /tmp/arvbox-ready
+
+sv stop ready >/dev/null
diff --git a/lib/arvbox/docker/service/sdk/log/main/.gitstub b/lib/arvbox/docker/service/sdk/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/sdk/log/run b/lib/arvbox/docker/service/sdk/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/sdk/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/sdk/run b/lib/arvbox/docker/service/sdk/run
new file mode 100755
index 0000000..816b166
--- /dev/null
+++ b/lib/arvbox/docker/service/sdk/run
@@ -0,0 +1,5 @@
+#!/bin/sh
+set -e
+
+/usr/local/lib/arvbox/runsu.sh $0-service
+sv stop sdk
diff --git a/lib/arvbox/docker/service/sdk/run-service b/lib/arvbox/docker/service/sdk/run-service
new file mode 100755
index 0000000..b51f0fc
--- /dev/null
+++ b/lib/arvbox/docker/service/sdk/run-service
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+exec 2>&1
+set -eux -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+mkdir -p ~/.pip /var/lib/arvados/pip
+cat > ~/.pip/pip.conf <<EOF
+[global]
+download_cache = /var/lib/arvados/pip
+EOF
+
+cd /usr/src/arvados/sdk/cli
+run_bundler --binstubs=$PWD/binstubs
+ln -sf /usr/src/arvados/sdk/cli/binstubs/arv /usr/local/bin/arv
+
+cd /usr/src/arvados/sdk/python
+python setup.py sdist
+pip_install $(ls dist/arvados-python-client-*.tar.gz | tail -n1)
+
+cd /usr/src/arvados/services/fuse
+python setup.py sdist
+pip_install $(ls dist/arvados_fuse-*.tar.gz | tail -n1)
diff --git a/lib/arvbox/docker/service/ssh/log/main/.gitstub b/lib/arvbox/docker/service/ssh/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/ssh/log/run b/lib/arvbox/docker/service/ssh/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/ssh/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/ssh/run b/lib/arvbox/docker/service/ssh/run
new file mode 100755
index 0000000..0f23542
--- /dev/null
+++ b/lib/arvbox/docker/service/ssh/run
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+exec 2>&1
+set -eux -o pipefail
+
+if ! test -d /var/run/sshd ; then
+   mkdir /var/run/sshd
+   chmod 0755 /var/run/sshd
+fi
+/usr/sbin/sshd -D
diff --git a/lib/arvbox/docker/service/sso/log/main/.gitstub b/lib/arvbox/docker/service/sso/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/sso/log/run b/lib/arvbox/docker/service/sso/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/sso/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/sso/run b/lib/arvbox/docker/service/sso/run
new file mode 120000
index 0000000..a388c8b
--- /dev/null
+++ b/lib/arvbox/docker/service/sso/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/sso/run-service b/lib/arvbox/docker/service/sso/run-service
new file mode 100755
index 0000000..8a96d47
--- /dev/null
+++ b/lib/arvbox/docker/service/sso/run-service
@@ -0,0 +1,85 @@
+#!/bin/bash
+
+exec 2>&1
+set -ex -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+cd /usr/src/sso
+export RAILS_ENV=development
+
+run_bundler --without=development
+bundle exec passenger start --runtime-check-only --runtime-dir=/var/lib/passenger
+
+if test "$1" = "--only-deps" ; then
+    exit
+fi
+
+set -u
+
+if ! test -s /var/lib/arvados/sso_uuid_prefix ; then
+  ruby -e 'puts "#{rand(2**64).to_s(36)[0,5]}"' > /var/lib/arvados/sso_uuid_prefix
+fi
+uuid_prefix=$(cat /var/lib/arvados/sso_uuid_prefix)
+
+if ! test -s /var/lib/arvados/sso_secret_token ; then
+  ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/sso_secret_token
+fi
+secret_token=$(cat /var/lib/arvados/sso_secret_token)
+
+if ! test -s /var/lib/arvados/self-signed.key ; then
+  openssl req -new -x509 -nodes -out /var/lib/arvados/self-signed.pem -keyout /var/lib/arvados/self-signed.key -days 365 -subj '/CN=localhost'
+fi
+
+cat >config/application.yml <<EOF
+development:
+  uuid_prefix: $uuid_prefix
+  secret_token: $secret_token
+  default_link_url: "http://$localip"
+  allow_account_registration: true
+EOF
+
+if ! test -f /var/lib/arvados/sso_database_pw ; then
+    ruby -e 'puts rand(2**128).to_s(36)' > /var/lib/arvados/sso_database_pw
+fi
+database_pw=$(cat /var/lib/arvados/sso_database_pw)
+
+if ! (psql -c "\du" | grep "^ arvados_sso ") >/dev/null ; then
+    psql -c "create user arvados_sso with password '$database_pw'"
+    psql -c "ALTER USER arvados_sso CREATEDB;"
+fi
+
+sed "s/password:.*/password: $database_pw/" <config/database.yml.example >config/database.yml
+
+if ! test -f /var/lib/arvados/sso_database_setup ; then
+   bundle exec rake db:setup
+
+   if ! test -s /var/lib/arvados/sso_app_secret ; then
+       ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/sso_app_secret
+   fi
+   app_secret=$(cat /var/lib/arvados/sso_app_secret)
+
+   bundle exec rails console <<EOF
+c = Client.new
+c.name = "joshid"
+c.app_id = "arvados-server"
+c.app_secret = "$app_secret"
+c.save!
+EOF
+
+   touch /var/lib/arvados/sso_database_setup
+fi
+
+rm -rf tmp
+
+bundle exec rake db:migrate
+
+set +u
+if test "$1" = "--only-setup" ; then
+    exit
+fi
+
+exec bundle exec passenger start --port=${services[sso]} \
+     --runtime-dir=/var/lib/passenger \
+     --ssl --ssl-certificate=/var/lib/arvados/self-signed.pem \
+     --ssl-certificate-key=/var/lib/arvados/self-signed.key
diff --git a/lib/arvbox/docker/service/vm/log/main/.gitstub b/lib/arvbox/docker/service/vm/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/vm/log/run b/lib/arvbox/docker/service/vm/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/vm/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/vm/run b/lib/arvbox/docker/service/vm/run
new file mode 100755
index 0000000..b7fb9cc
--- /dev/null
+++ b/lib/arvbox/docker/service/vm/run
@@ -0,0 +1,9 @@
+#!/bin/bash
+set -e
+
+. /usr/local/lib/arvbox/common.sh
+
+git config --system "credential.http://$localip:${services[arv-git-httpd]}/.username" none
+git config --system "credential.http://$localip:${services[arv-git-httpd]}/.helper" '!cred(){ cat >/dev/null; if [ "$1" = get ]; then echo password=$ARVADOS_API_TOKEN; fi; };cred'
+
+exec /usr/local/lib/arvbox/runsu.sh $0-service
diff --git a/lib/arvbox/docker/service/vm/run-service b/lib/arvbox/docker/service/vm/run-service
new file mode 100755
index 0000000..5bb6825
--- /dev/null
+++ b/lib/arvbox/docker/service/vm/run-service
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+exec 2>&1
+sleep 2
+set -ex -o pipefail
+
+. /usr/local/lib/arvbox/common.sh
+
+cd /usr/src/arvados/services/login-sync
+run_bundler
+
+if test "$1" = "--only-deps" ; then
+    exit
+fi
+
+set -u
+
+export ARVADOS_API_HOST=$localip:${services[api]}
+export ARVADOS_API_HOST_INSECURE=1
+export ARVADOS_API_TOKEN=$(cat /var/lib/arvados/superuser_token)
+export ARVADOS_VIRTUAL_MACHINE_UUID=$(cat /var/lib/arvados/vm-uuid)
+
+set +e
+read -rd $'\000' vm <<EOF
+{
+ "uuid": "$ARVADOS_VIRTUAL_MACHINE_UUID",
+ "hostname":"$localip"
+}
+EOF
+set -e
+
+if arv virtual_machine get --uuid $ARVADOS_VIRTUAL_MACHINE_UUID ; then
+    arv virtual_machine update --uuid $ARVADOS_VIRTUAL_MACHINE_UUID --virtual-machine "$vm"
+else
+    arv virtual_machine create --virtual-machine "$vm"
+fi
+
+while true ; do
+      bundle exec arvados-login-sync
+      sleep 120
+done
diff --git a/lib/arvbox/docker/service/workbench/log/main/.gitstub b/lib/arvbox/docker/service/workbench/log/main/.gitstub
new file mode 100644
index 0000000..e69de29
diff --git a/lib/arvbox/docker/service/workbench/log/run b/lib/arvbox/docker/service/workbench/log/run
new file mode 120000
index 0000000..d6aef4a
--- /dev/null
+++ b/lib/arvbox/docker/service/workbench/log/run
@@ -0,0 +1 @@
+/usr/local/lib/arvbox/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/service/workbench/run b/lib/arvbox/docker/service/workbench/run
new file mode 100755
index 0000000..6ac0476
--- /dev/null
+++ b/lib/arvbox/docker/service/workbench/run
@@ -0,0 +1,15 @@
+#!/bin/sh
+set -e
+
+/usr/local/lib/arvbox/runsu.sh $0-service $1
+
+cd /usr/src/arvados/apps/workbench
+
+rm -rf tmp
+mkdir tmp
+chown arvbox:arvbox tmp
+
+if test "$1" != "--only-deps" ; then
+    exec bundle exec passenger start --port 80 \
+         --user arvbox --runtime-dir=/var/lib/passenger
+fi
diff --git a/lib/arvbox/docker/service/workbench/run-service b/lib/arvbox/docker/service/workbench/run-service
new file mode 100755
index 0000000..7f0542f
--- /dev/null
+++ b/lib/arvbox/docker/service/workbench/run-service
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+exec 2>&1
+set -ex -o pipefail
+
+.  /usr/local/lib/arvbox/common.sh
+
+cd /usr/src/arvados/apps/workbench
+export RAILS_ENV=development
+
+run_bundler --without=development
+bundle exec passenger start --runtime-check-only --runtime-dir=/var/lib/passenger
+
+if test "$1" = "--only-deps" ; then
+    exit
+fi
+
+set -u
+
+if ! test -s /var/lib/arvados/workbench_secret_token ; then
+  ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/workbench_secret_token
+fi
+secret_token=$(cat /var/lib/arvados/workbench_secret_token)
+
+if ! test -s self-signed.key ; then
+  openssl req -new -x509 -nodes -out self-signed.pem -keyout self-signed.key -days 365 -subj '/CN=localhost'
+fi
+
+cat >config/application.yml <<EOF
+development:
+  secret_token: $secret_token
+  arvados_login_base: https://$localip:${services[api]}/login
+  arvados_v1_base: https://$localip:${services[api]}/arvados/v1
+  arvados_insecure_https: true
+  keep_web_download_url: http://$localip:${services[keep-web]}/c=%{uuid_or_pdh}
+  keep_web_url: http://$localip:${services[keep-web]}/c=%{uuid_or_pdh}
+  arvados_docsite: http://$localip:${services[doc]}/
+EOF
diff --git a/lib/arvbox/docker/tests-service/docker b/lib/arvbox/docker/tests-service/docker
new file mode 120000
index 0000000..9374f25
--- /dev/null
+++ b/lib/arvbox/docker/tests-service/docker
@@ -0,0 +1 @@
+../service/docker
\ No newline at end of file
diff --git a/lib/arvbox/docker/tests-service/logger b/lib/arvbox/docker/tests-service/logger
new file mode 120000
index 0000000..b30194b
--- /dev/null
+++ b/lib/arvbox/docker/tests-service/logger
@@ -0,0 +1 @@
+../service/logger
\ No newline at end of file
diff --git a/lib/arvbox/docker/tests-service/postgres b/lib/arvbox/docker/tests-service/postgres
new file mode 120000
index 0000000..9b2d8a0
--- /dev/null
+++ b/lib/arvbox/docker/tests-service/postgres
@@ -0,0 +1 @@
+../service/postgres
\ No newline at end of file
diff --git a/lib/arvbox/docker/tests-service/runsu.sh b/lib/arvbox/docker/tests-service/runsu.sh
new file mode 120000
index 0000000..22030b0
--- /dev/null
+++ b/lib/arvbox/docker/tests-service/runsu.sh
@@ -0,0 +1 @@
+../service/runsu.sh
\ No newline at end of file
diff --git a/lib/arvbox/docker/waitforpostgres.sh b/lib/arvbox/docker/waitforpostgres.sh
new file mode 100755
index 0000000..a07fa8c
--- /dev/null
+++ b/lib/arvbox/docker/waitforpostgres.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+while ! psql -c\\du >/dev/null 2>/dev/null ; do
+    sleep 1
+done

-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list