diff --git a/README.md b/README.md index 222afed..fe5e213 100644 --- a/README.md +++ b/README.md @@ -111,21 +111,23 @@ You can use the included `cloudflared` service to make secure connections withou ## Environment Variables -| Variable | Description | -| --------------------- | ----------- | -| `CF_TUNNEL_TOKEN` | Cloudflare zero trust tunnel token - See [documentation](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/). | -| `CF_QUICK_TUNNELS` | Create ephemeral Cloudflare tunnels for web services (default `false`) | -| `GPU_COUNT` | Limit the number of available GPUs | -| `PROVISIONING_SCRIPT` | URL of a remote script to execute on init. See [note](#provisioning-script). | -| `RCLONE_*` | Rclone configuration - See [rclone documentation](https://rclone.org/docs/#config-file) | -| `SKIP_ACL` | Set `true` to skip modifying workspace ACL | -| `SSH_PORT` | Set a non-standard port for SSH (default `22`) | -| `SSH_PUBKEY` | Your public key for SSH | -| `WEB_ENABLE_AUTH` | Enable password protection for web services (default `true`) | -| `WEB_USER` | Username for web services (default `user`) | -| `WEB_PASSWORD` | Password for web services (default `password`) | -| `WORKSPACE` | A volume path. Defaults to `/workspace/` | -| `WORKSPACE_SYNC` | Move mamba environments and services to workspace if mounted (default `true`) | +| Variable | Description | +| ------------------------ | ----------- | +| `CF_TUNNEL_TOKEN` | Cloudflare zero trust tunnel token - See [documentation](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/). | +| `CF_QUICK_TUNNELS` | Create ephemeral Cloudflare tunnels for web services (default `false`) | +| `DIRECT_ADDRESS` | IP/hostname for service portal direct links (default `localhost`) | +| `DIRECT_ADDRESS_GET_WAN` | Use the internet facing interface for direct links (default `false`) | +| `GPU_COUNT` | Limit the number of available GPUs | +| `PROVISIONING_SCRIPT` | URL of a remote script to execute on init. See [note](#provisioning-script). | +| `RCLONE_*` | Rclone configuration - See [rclone documentation](https://rclone.org/docs/#config-file) | +| `SKIP_ACL` | Set `true` to skip modifying workspace ACL | +| `SSH_PORT` | Set a non-standard port for SSH (default `22`) | +| `SSH_PUBKEY` | Your public key for SSH | +| `WEB_ENABLE_AUTH` | Enable password protection for web services (default `true`) | +| `WEB_USER` | Username for web services (default `user`) | +| `WEB_PASSWORD` | Password for web services (default `password`) | +| `WORKSPACE` | A volume path. Defaults to `/workspace/` | +| `WORKSPACE_SYNC` | Move mamba environments and services to workspace if mounted (default `true`) | Environment variables can be specified by using any of the standard methods (`docker-compose.yaml`, `docker run -e...`). Additionally, environment variables can also be passed as parameters of `init.sh`. @@ -145,6 +147,9 @@ The password is stored as a bcrypt hash. If you prefer not to pass a plain text If you are running the image locally on a trusted network, you may disable authentication by setting the environment variable `WEB_ENABLE_AUTH=false`. +>[!NOTE] +>You can use `set-web-credentials.sh ` change the username and password in a running container. + ## Provisioning script It can be useful to perform certain actions when starting a container, such as creating directories and downloading files. @@ -226,7 +231,7 @@ This is a simple webserver acting as a reverse proxy. Caddy is used to enable basic authentication for all sensitive web services. -### Port Redirector +### Service Portal This is a simple list of links to the web services available inside the container. @@ -234,16 +239,7 @@ The service will bind to port `1111`. For each service, you will find a direct link and, if you have set `CF_QUICK_TUNNELS=true`, a link to the service via a fast and secure Cloudflare tunnel. ->[!NOTE] ->*This service will not show links to any pre-configured Cloudflare tunnels as the domains are static and already known to the user.* - -### Log Viewer - -The web based log viewer will start on port `1122`. - -It's a very lightweight websocket based stream of the latest updates in `/var/log/logtail.log`. - -This service will also be accessible on any other exposed ports until the program designated to that port is ready to use. +A simple web-based log viewer and process manager are included for convenience. ### Cloudflared @@ -327,8 +323,7 @@ Some ports need to be exposed for the services to run or for certain features of | Open Port | Service / Description | | --------------------- | ------------------------- | | `22` | SSH server | -| `1111` | Port redirector web UI | -| `1122` | Log viewer web UI | +| `1111` | Service Portal web UI | | `53682` | Rclone interactive config | ## Pre-Configured Templates diff --git a/docker-compose.yaml b/docker-compose.yaml index de23e6d..2a495c9 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -5,12 +5,12 @@ services: build: context: ./build args: - IMAGE_BASE: ${IMAGE_BASE} - PYTORCH_VERSION: ${PYTORCH_VERSION} + IMAGE_BASE: ${IMAGE_BASE:-ghcr.io/ai-dock/python:3.10-cuda-11.8.0-base-22.04} + PYTORCH_VERSION: ${PYTORCH_VERSION:-2.1.0} tags: - - "ghcr.io/ai-dock/pytorch:${IMAGE_TAG}" + - "ghcr.io/ai-dock/pytorch:${IMAGE_TAG:-2.1.0-py3.10-cuda-11.8.0-base-22.04}" - image: ghcr.io/ai-dock/pytorch:${IMAGE_TAG} + image: ghcr.io/ai-dock/pytorch:${IMAGE_TAG:-2.1.0-py3.10-cuda-11.8.0-base-22.04} security_opt: # For Rclone mount @@ -51,14 +51,13 @@ services: - ${SSH_PORT_HOST}:${SSH_PORT} # Web UI for easy service access - ${REDIRECTOR_PORT_HOST:-1111}:1111 - # Websocket log viewer - - ${LOG_VIEWER_PORT_HOST:-1122}:1122 # Rclone webserver for interactive configuration - ${RCLONE_PORT_HOST:-53682}:53682 environment: # Don't enclose values in quotes - # Allows running true SSH alongside provider proxy SSH + - DIRECT_ADDRESS=${DIRECT_ADDRESS:-127.0.0.1} + - DIRECT_ADDRESS_GET_WAN=${DIRECT_ADDRESS_GET_WAN:-false} - SSH_PORT=${SSH_PORT:-22} - WORKSPACE=${WORKSPACE:-/workspace} - WORKSPACE_SYNC=${WORKSPACE_SYNC:-true}