JupyterLab is the next-generation web-based IDE for the Jupyter ecosystem, with notebook editing, file browsing, a terminal, and rich interactive outputs in one workspace. This guide deploys JupyterLab using Docker Compose with Traefik handling automatic HTTPS, backed by persistent notebook and data volumes. By the end, you'll have JupyterLab running securely at your domain, ready for Python development.
Set Up the Directory Structure
1. Create the project directory structure:
$ mkdir -p ~/jupyter-lab/{notebooks,data}
$ cd ~/jupyter-lab
2. Set ownership for the notebook and data directories:
$ sudo chown -R 1000:1000 notebooks data
3. Create the environment file:
$ nano .env
DOMAIN=jupyter.example.com
LETSENCRYPT_EMAIL=admin@example.com
Deploy with Docker Compose
1. Create the Docker Compose manifest:
$ nano docker-compose.yaml
services:
traefik:
image: traefik:v3.6
container_name: traefik
command:
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.http.redirections.entrypoint.to=websecure"
- "--entrypoints.web.http.redirections.entrypoint.scheme=https"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencrypt.acme.email=${LETSENCRYPT_EMAIL}"
- "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
volumes:
- "letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
restart: unless-stopped
jupyter:
image: jupyter/scipy-notebook:latest
container_name: jupyter
hostname: jupyter
expose:
- "8888"
volumes:
- "./notebooks:/home/jovyan/work"
- "./data:/home/jovyan/data"
environment:
- JUPYTER_ENABLE_LAB=yes
command: start-notebook.sh --NotebookApp.token='' --NotebookApp.password=''
labels:
- "traefik.enable=true"
- "traefik.http.routers.jupyter.rule=Host(`${DOMAIN}`)"
- "traefik.http.routers.jupyter.entrypoints=websecure"
- "traefik.http.routers.jupyter.tls.certresolver=letsencrypt"
- "traefik.http.services.jupyter.loadbalancer.server.port=8888"
restart: unless-stopped
volumes:
letsencrypt:
2. Start the services:
$ docker compose up -d
3. Verify the services are running:
$ docker compose ps
$ docker compose logs
Access JupyterLab
Open https://jupyter.example.com in a browser. JupyterLab loads directly into the workspace. Try a quick plot in a new notebook to verify the kernel is healthy:
import numpy as np
import matplotlib.pyplot as plt
x = np.linspace(0, 10, 100)
plt.plot(x, np.sin(x))
plt.title('Test Plot')
plt.show()
Note: The Compose file above disables the token for simplicity. In production, set
--NotebookApp.token=$(openssl rand -hex 32)and share the token only with authorized users, or front JupyterLab with HTTP basic auth at the Traefik layer.
Next Steps
JupyterLab is running and served securely over HTTPS. From here you can:
-
pip installextra packages directly in a notebook with!pip install <pkg> - Mount additional data sources or S3 buckets as
/home/jovyan/datasubfolders - Re-enable token or password auth and run multi-user instances via JupyterHub
For the full guide with additional tips, visit the original article on Vultr Docs.
Top comments (0)