nchebrov/stellars-jupyterhub-ds
1
0
Fork 0
mirror of https://github.com/stellarshenson/stellars-jupyterhub-ds.git synced 2026-03-08 06:00:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
170 Commits 1 Branch 59 Tags
d5cfbebed539b539bf62fa85bd9ebfe0cce41127
Commit Graph

170 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
stellarshenson
d5cfbebed5 fix: URL handling in admin fetch interceptor and nav links 
- Handle URL objects (not just strings) in fetch interceptor
- Strip query params before checking isUserCreation endpoint
- Remove duplicate 'hub' prefix from authorize/change-password links
 2026-01-06 20:52:12 +01:00
stellarshenson
7ee223b193 fix: Dockerfile to copy from templates_enhanced (was reverted) 2026-01-06 20:46:04 +01:00
stellarshenson
cbf0a3c0dc docs: update journal with admin user creation feature 2026-01-06 20:40:20 +01:00
stellarshenson
6370255746 fix: handle URL objects in fetch interceptor 2026-01-06 20:39:38 +01:00
stellarshenson
139fe144fa feat: admin user creation with auto-generated credentials modal 
- Add after_insert event listener to auto-create NativeAuth UserInfo
- Generate memorable 3-word passwords for admin-created users
- Auto-approve users created by admin (is_authorized=1)
- Add after_delete listener to clean up UserInfo on user deletion
- Add GetUserCredentialsHandler API for credential retrieval
- Add password cache (5min expiry) for secure credential handoff
- Enhanced admin.html with credentials modal (copy/download)
- Add templates_enhanced directory with customized templates
- Add NativeAuth nav items (Change Password, Authorize Users)
- Bump version to 3.5.8 (manual)
 2026-01-06 20:20:05 +01:00
stellarshenson
d3fe78bb39 fix: sync NativeAuthenticator on admin panel rename 
- SQLAlchemy event listener on orm.User.name intercepts ALL renames
- Removed broken SyncedUserAPIHandler (extra_handlers doesn't override)
- Removed RenameUserHandler (redundant with event listener)
- Added version display in browser console (styled badge)
- Build scripts source project.env for VERSION
FIX_RENAME_SYNC_3.5.0 		2026-01-06 17:27:35 +01:00
stellarshenson
79393273ab fix: sync NativeAuthenticator on admin panel rename 
- Add SyncedUserAPIHandler extending UserAPIHandler
- Override /api/users/{username} to intercept rename operations
- Sync UserInfo.username after successful JupyterHub rename
- Fixes broken login after admin panel rename
 2026-01-06 16:58:35 +01:00
stellarshenson
e001169663 feat: add user rename API and ENABLE_SIGNUP env variable 
- RenameUserHandler: PATCH /hub/api/users/{username}/rename
  preserves NativeAuthenticator authorization on rename
- ENABLE_SIGNUP env var controls self-registration (default: 1)
- Updated README, compose.yml, Dockerfile with new config
3.5.1_cuda-12.9.1_jh-5.4.2 		2026-01-06 16:43:06 +01:00
stellarshenson
835742bb71 feat: added scripts / helpers for CA Root Truststore cert install CHECKPOINT_BEFORE_ADDUSER_ENHANCEMENTS 2026-01-06 14:23:35 +01:00
stellarshenson
acd62e92bf feat: add CERTIFICATE_DOMAIN_NAME env variable for cert generation 
- Add CERTIFICATE_DOMAIN_NAME to compose.yml (defaults to localhost)
- Update 00_generate_ssl_cert.sh to use env variable
- Allows custom domain names for self-signed certificates
3.4.4_cuda-12.9.1_jh-5.4.2 		2026-01-05 15:09:32 +01:00
stellarshenson
0411f34749 feat: add localhost SAN to certificate generation 2026-01-05 15:06:45 +01:00
stellarshenson
b5b00cbb6a added documentation 2026-01-05 14:40:31 +01:00
stellarshenson
292402cfeb fix: added domain for localhost 2026-01-05 14:39:44 +01:00
stellarshenson
55351ba50a chore: update journal with template refactor entry 2026-01-05 13:55:56 +01:00
stellarshenson
7515248d74 refactor: update traefik-host-based-routing template 
- Remove Makefile (use start.sh/stop.sh directly)
- Add root path routing with JUPYTERHUB_BASE_URL=/
- Update start.sh to pull images and use --no-build
- Update README to reflect simplified workflow
 2026-01-05 13:55:10 +01:00
stellarshenson
ba7cfa8121 chore: update journal with base URL fix entry 3.4.3_cuda-12.9.1_jh-5.4.2 2026-01-05 13:50:49 +01:00
stellarshenson
4e4ee47ee9 fix: normalize base URL prefix to avoid double slashes 
- Add JUPYTERHUB_BASE_URL_PREFIX that handles root path case
- When BASE_URL is '/', '', or None, prefix becomes empty string
- Prevents //hub/home redirect issue when using root path routing
 2026-01-05 13:34:39 +01:00
stellarshenson
dd0ce86add feat: add traefik host-based routing deployment template 
Add extra/traefik-host-based-routing/ template for creating local
deployments with Traefik reverse proxy and self-signed certificates:

- compose_override.yml with YOURDOMAIN placeholder
- Makefile with start/stop/pull/logs/status targets
- start.sh (clone/pull + start services)
- stop.sh (stop services)
- generate-certs.sh (creates wildcard cert for given domain)
- certs/tls.yml template for Traefik file provider
- .gitignore (excludes certs and cloned repo)

Usage: copy folder, run generate-certs.sh, edit compose_override.yml,
run start.sh to clone repo and start services
 2026-01-05 09:39:51 +00:00
stellarshenson
30e21709ec updated 2025-12-19 02:21:28 +01:00
stellarshenson
d089283b5a docs: update journal with watchtower self-update exclusion 2025-12-19 02:19:45 +01:00
stellarshenson
0bc9e28d5d chore: exclude watchtower from self-updates 
Added com.centurylinklabs.watchtower.enable=false label to prevent
watchtower from updating itself during scheduled runs.
 2025-12-19 02:19:19 +01:00
stellarshenson
de7496d4b4 docs: update journal with privileged container fix 2025-12-12 16:10:33 +01:00
stellarshenson
14734c0961 fix: use extra_host_config for privileged container mode 
DockerSpawner requires extra_host_config['privileged'] = True instead of
spawner.privileged. Bumped version to 3.4.1.
 2025-12-12 16:10:02 +01:00
stellarshenson
2674703317 feat: split docker access into docker-sock and docker-privileged groups 
- docker-sock: mounts /var/run/docker.sock (container orchestration)
- docker-privileged: runs with --privileged flag (hardware access)

Updated pre_spawn_hook to check both groups and set spawner.volumes
or spawner.privileged accordingly. Documentation updated.
 2025-12-12 15:54:47 +01:00
stellarshenson
e6ef8b46df fix: correct watchtower cron to 6-field format with seconds 
Changed from '0 0 * * *' (5-field, ran hourly) to '0 0 0 * * *'
(6-field with seconds, runs daily at midnight UTC).
CHECKPOINT_BEFORE_PRIVILEGED_DOCKER_GROUP 		2025-12-08 17:14:34 +01:00
stellarshenson
5bfcbb358d docs: update journal with watchtower flag fix 2025-12-08 17:12:13 +01:00
stellarshenson
17d60ae85b fix: remove unsupported --no-startup flag from watchtower 
nickfedor/watchtower fork doesn't have --no-startup flag.
Default behavior (without --update-on-start) is to not check on startup.
 2025-12-08 17:11:31 +01:00
stellarshenson
d46e0c1c28 chore: bump version to 3.3.4 2025-12-08 17:08:48 +01:00
stellarshenson
65e0f96abd chore: update version comment to reflect 3.3.x features 2025-12-08 17:07:34 +01:00
stellarshenson
6328ffbc65 chore: bump version to 3.3.3 with watchtower fix 2025-12-08 17:06:56 +01:00
stellarshenson
861ea0cd8c fix: prevent watchtower from checking images on container restart 
Added --no-startup flag to Watchtower command in compose.yml.
Previously, Watchtower would check for image updates on every container
startup/restart. Now only runs at scheduled time (midnight daily).
 2025-12-08 17:06:23 +01:00
stellarshenson
25efd91bb6 docs: clarify GPU detection uses separate container in journal 
Updated journal entry #16 to specify nvidia/cuda container spawning.
Version bump: 3.3.2 -> 3.3.3
 2025-12-04 19:10:37 +01:00
stellarshenson
dea9e75fbb chore: cleanup startup scripts and bump version to 3.3.2 
Removed obsolete 01_nvidia-smi.sh (GPU detection handled in jupyterhub_config.py).
Renamed 02_ensure_groups.py to 01_ensure_groups.py for sequential ordering.
 2025-12-04 19:01:11 +01:00
stellarshenson
2ced4851c8 chore: add compose_override.yml to gitignore 2025-11-27 00:03:02 +01:00
stellarshenson
9357d8bdd6 chore: update watchtower to maintained fork (nickfedor/watchtower) 
Changed from containrrr/watchtower:latest to nickfedor/watchtower:latest.
New image is actively maintained and compatible with latest Docker versions.

Version bump: 3.2.11 -> 3.3.1
 2025-11-27 00:00:36 +01:00
stellarshenson
d8bf7fb67b docs: add paypal donation badge 2025-11-15 17:38:14 +00:00
stellarshenson
af15336364 docs: update badges with github actions, jupyterlab 4, and kolomolo branding 2025-11-13 15:55:56 +00:00
stellarshenson
dacb0ee223 chore: update journal with volume architecture diagram work 2025-11-12 11:47:10 +00:00
stellarshenson
8f2670eb39 docs: add note about user volume reset capability 2025-11-12 11:46:12 +00:00
stellarshenson
5954db2ef0 docs: improve arrow alignment for shared volume in diagram 2025-11-12 11:42:42 +00:00
stellarshenson
01ddabf9ee fix: represent /mnt/shared as single shared resource across containers 2025-11-12 11:40:54 +00:00
stellarshenson
18de422fea docs: show multiple users sharing jupyterhub_shared volume in diagram 2025-11-12 11:40:02 +00:00
stellarshenson
f01aa75979 docs: simplify user container label in volume diagram 2025-11-12 11:39:25 +00:00
stellarshenson
57be9a0911 fix: escape underscores in volume architecture diagram node IDs 2025-11-12 11:36:21 +00:00
stellarshenson
2380c33252 docs: add volume architecture diagram 
Added Volume Architecture diagram showing four persistent volumes per user with Docker host to container mount mapping. Diagram illustrates jupyterlab-{username}_* naming pattern for user-specific volumes (home, workspace, cache) and shared jupyterhub_shared volume. Shows mount points and example contents for each volume type, with note about CIFS mount capability for NAS integration.
 2025-11-12 11:35:55 +00:00
stellarshenson
b10b685138 docs: add configuration flow, gpu auto-detection, and user workflow diagrams 
Added three mermaid diagrams to README documenting system architecture and workflows. Configuration Flow diagram shows how environment variables from compose.yml flow through jupyterhub_config.py to spawned user containers, including DOCKER_SPAWNER_VOLUMES, VOLUME_DESCRIPTIONS, BUILTIN_GROUPS, pre_spawn_hook, extra_handlers, and template_paths. GPU Auto-Detection diagram illustrates the auto-detect mechanism with temporary CUDA container spawning nvidia-smi for detection. User Self-Service Workflow diagram demonstrates home page state management for restart server and manage volumes features. Converted HTML alert divs to GitHub-style WARNING blocks for better rendering.
 2025-11-12 10:48:56 +00:00
stellarshenson
8e3315eff2 chore: enhanced gitignore to encompass more 2025-11-12 09:57:23 +00:00
stellarshenson
ca9f163365 updated gitignore 2025-11-12 00:32:31 +00:00
stellarshenson
9d0c04562a doc: updated links in the README 2025-11-11 17:49:34 +00:00
stellarshenson
2d84024624 docs: update journal and clarify docker-privileged group in README 
Added journal entry #13 documenting release v3.2.11 preparation:
- Git tag creation with annotations
- RELEASE.md delta notes
- Documentation simplification (docker-socket-permissions.md from 66 to 19 lines)
- project.env update with release metadata
- Security warning corrections (host system -> Docker host)
- HTML alert styling for warnings

Updated README.md to explicitly name 'docker-privileged' group in opening
description of privileged access section for clarity.
 2025-11-10 00:19:21 +01:00