diff --git a/README.md b/README.md index e6f36e7..9de11f4 100644 --- a/README.md +++ b/README.md @@ -107,21 +107,11 @@ Default endpoints: ## Lab 3 Browser Terminal -Linux and WSL deployments now require a managed `student` password hash before `./labctl up` or `./labctl preflight`. - -Example: - -```bash -export COURSEWARE_STUDENT_PASSWORD_HASH="$(openssl passwd -6 'student-password')" -./labctl up -``` - The deployment will: -- create the managed `student` account -- create `/home/student/lab3` - bind `sshd` to `127.0.0.1:22` only - install WeTTY and expose it at `http://127.0.0.1:7681/wetty` +- leave login identity management to the host, so any existing local account with password-based SSH access can sign in through the browser terminal ## Notes diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index bda65b1..e38ef24 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -23,7 +23,6 @@ courseware_promptfoo_dir: "{{ courseware_lab6_dir }}" courseware_wiki_repo_dir: "{{ courseware_repos_dir }}/LLM-Labs" courseware_wiki_runtime_config_path: "{{ courseware_wiki_repo_dir }}/public/courseware-runtime.json" courseware_llama_cpp_bin_dir: "{{ courseware_repos_dir }}/llama.cpp/build/bin" -courseware_lab3_dir: "/home/student/lab3" courseware_bind_host: "0.0.0.0" courseware_url_host: "127.0.0.1" @@ -70,8 +69,6 @@ courseware_node_runtime_version: "20.20.2" courseware_wetty_spec: "wetty@2.5.0" courseware_wetty_base_path: "/wetty" courseware_wiki_repo: "https://git.zuccaro.me/bzuccaro/LLM-Labs.git" -courseware_student_username: "student" -courseware_student_password_hash: "{{ lookup('env', 'COURSEWARE_STUDENT_PASSWORD_HASH') | default('', true) }}" courseware_open_webui_spec: "open-webui" courseware_embedding_atlas_spec: "embedding-atlas" diff --git a/ansible/roles/terminal/tasks/main.yml b/ansible/roles/terminal/tasks/main.yml index 883983b..6eb031d 100644 --- a/ansible/roles/terminal/tasks/main.yml +++ b/ansible/roles/terminal/tasks/main.yml @@ -1,11 +1,3 @@ -- name: Fail when student password hash is not configured - fail: - msg: >- - Set COURSEWARE_STUDENT_PASSWORD_HASH in the environment before running ./labctl up. - Example: - export COURSEWARE_STUDENT_PASSWORD_HASH="$(openssl passwd -6 'student-password')" - when: courseware_student_password_hash | trim | length == 0 - - name: Install terminal prerequisites become: true apt: @@ -79,84 +71,6 @@ - ansible_service_mgr != "systemd" - courseware_terminal_sshd_pid.rc != 0 -- name: Ensure managed terminal user exists - become: true - user: - name: "{{ courseware_student_username }}" - password: "{{ courseware_student_password_hash }}" - shell: /bin/bash - create_home: true - state: present - -- name: Ensure lab 3 workspace root exists - become: true - file: - path: "{{ courseware_lab3_dir }}" - state: directory - owner: "{{ courseware_student_username }}" - group: "{{ courseware_student_username }}" - mode: "0755" - -- name: Ensure lab 3 WhiteRabbitNeo workspace exists - become: true - file: - path: "{{ courseware_lab3_dir }}/WhiteRabbitNeo" - state: directory - owner: "{{ courseware_student_username }}" - group: "{{ courseware_student_username }}" - mode: "0755" - -- name: Write lab 3 workspace README - become: true - template: - src: lab3-workspace-readme.txt.j2 - dest: "{{ courseware_lab3_dir }}/README.txt" - owner: "{{ courseware_student_username }}" - group: "{{ courseware_student_username }}" - mode: "0644" - -- name: Check for repo-local WhiteRabbitNeo base repo - stat: - path: "{{ courseware_root }}/assets/lab2/WhiteRabbitNeo-V3-7B" - register: courseware_lab3_base_repo_stat - -- name: Check for repo-local WhiteRabbitNeo GGUF directory - stat: - path: "{{ courseware_root }}/assets/lab2/WhiteRabbitNeo_WhiteRabbitNeo-V3-7B-GGUF" - register: courseware_lab3_gguf_repo_stat - -- name: Link WhiteRabbitNeo base repo into the student workspace when repo-local assets exist - become: true - file: - src: "{{ courseware_root }}/assets/lab2/WhiteRabbitNeo-V3-7B" - dest: "{{ courseware_lab3_dir }}/WhiteRabbitNeo/WhiteRabbitNeo-V3-7B" - state: link - force: true - owner: "{{ courseware_student_username }}" - group: "{{ courseware_student_username }}" - when: courseware_lab3_base_repo_stat.stat.exists - -- name: Link WhiteRabbitNeo GGUF directory into the student workspace when repo-local assets exist - become: true - file: - src: "{{ courseware_root }}/assets/lab2/WhiteRabbitNeo_WhiteRabbitNeo-V3-7B-GGUF" - dest: "{{ courseware_lab3_dir }}/WhiteRabbitNeo/WhiteRabbitNeo_WhiteRabbitNeo-V3-7B-GGUF" - state: link - force: true - owner: "{{ courseware_student_username }}" - group: "{{ courseware_student_username }}" - when: courseware_lab3_gguf_repo_stat.stat.exists - -- name: Link WhiteRabbitNeo download helper into the student workspace - become: true - file: - src: "{{ courseware_lab2_dir }}/download_whiterabbitneo-gguf.sh" - dest: "{{ courseware_lab3_dir }}/download_whiterabbitneo-gguf.sh" - state: link - force: true - owner: "{{ courseware_student_username }}" - group: "{{ courseware_student_username }}" - - name: Create contained WeTTY directory file: path: "{{ courseware_wetty_dir }}" diff --git a/ansible/roles/terminal/templates/lab3-workspace-readme.txt.j2 b/ansible/roles/terminal/templates/lab3-workspace-readme.txt.j2 deleted file mode 100644 index 249aa41..0000000 --- a/ansible/roles/terminal/templates/lab3-workspace-readme.txt.j2 +++ /dev/null @@ -1,14 +0,0 @@ -This workspace is managed for the Lab 3 browser terminal. - -You should log in as: -- username: {{ courseware_student_username }} - -Start here: -- working directory: {{ courseware_lab3_dir }} - -Helpful paths: -- WhiteRabbitNeo helper: {{ courseware_lab3_dir }}/download_whiterabbitneo-gguf.sh -- repo-local base repo symlink: {{ courseware_lab3_dir }}/WhiteRabbitNeo/WhiteRabbitNeo-V3-7B -- repo-local GGUF symlink: {{ courseware_lab3_dir }}/WhiteRabbitNeo/WhiteRabbitNeo_WhiteRabbitNeo-V3-7B-GGUF - -Some symlinks only appear after the corresponding repo-local lab assets are present. diff --git a/ansible/roles/terminal/templates/sshd-courseware-terminal.conf.j2 b/ansible/roles/terminal/templates/sshd-courseware-terminal.conf.j2 index 527bd9c..6d98cb4 100644 --- a/ansible/roles/terminal/templates/sshd-courseware-terminal.conf.j2 +++ b/ansible/roles/terminal/templates/sshd-courseware-terminal.conf.j2 @@ -6,7 +6,6 @@ PasswordAuthentication yes KbdInteractiveAuthentication no ChallengeResponseAuthentication no UsePAM yes -AllowUsers {{ courseware_student_username }} AllowTcpForwarding no X11Forwarding no PrintMotd no diff --git a/ansible/roles/wiki/templates/courseware-runtime.json.j2 b/ansible/roles/wiki/templates/courseware-runtime.json.j2 index 4a77805..4ce1cd8 100644 --- a/ansible/roles/wiki/templates/courseware-runtime.json.j2 +++ b/ansible/roles/wiki/templates/courseware-runtime.json.j2 @@ -1,5 +1,3 @@ { - "lab3TerminalUrl": "http://{{ courseware_url_host }}:{{ courseware_ports.wetty }}{{ courseware_wetty_base_path }}", - "lab3Username": "{{ courseware_student_username }}", - "lab3WorkingDirectory": "{{ courseware_lab3_dir }}" + "lab3TerminalUrl": "http://{{ courseware_url_host }}:{{ courseware_ports.wetty }}{{ courseware_wetty_base_path }}" } diff --git a/ansible/templates/runtime.env.j2 b/ansible/templates/runtime.env.j2 index fe6b56a..21f833b 100644 --- a/ansible/templates/runtime.env.j2 +++ b/ansible/templates/runtime.env.j2 @@ -28,8 +28,6 @@ TRANSFORMERLAB_DEFAULT_USER_EMAIL="{{ courseware_transformerlab_default_user_ema TRANSFORMERLAB_DEFAULT_USER_PASSWORD="{{ courseware_transformerlab_default_user_password }}" TRANSFORMERLAB_DEFAULT_USER_FIRST_NAME="{{ courseware_transformerlab_default_user_first_name }}" TRANSFORMERLAB_DEFAULT_USER_LAST_NAME="{{ courseware_transformerlab_default_user_last_name }}" -COURSEWARE_STUDENT_USERNAME="{{ courseware_student_username }}" -COURSEWARE_LAB3_DIR="{{ courseware_lab3_dir }}" UNSLOTH_BIN="{{ ansible_env.HOME }}/.local/bin/unsloth" PROMPTFOO_DIR="{{ courseware_promptfoo_dir }}" PROMPTFOO_BIN="{{ courseware_tools_dir }}/promptfoo/node_modules/.bin/promptfoo" diff --git a/labctl b/labctl index f40ca82..a66a38d 100755 --- a/labctl +++ b/labctl @@ -49,31 +49,6 @@ Pinned component versions: EOF } -require_student_password_hash() { - local current_host_profile - - current_host_profile=$(host_profile) - if [ "$current_host_profile" = "macos" ]; then - return - fi - - if [ -n "${COURSEWARE_STUDENT_PASSWORD_HASH:-}" ]; then - return - fi - - cat <<'EOF' >&2 -Missing COURSEWARE_STUDENT_PASSWORD_HASH. - -Set a password hash for the managed `student` login before running this command. Example: - - export COURSEWARE_STUDENT_PASSWORD_HASH="$(openssl passwd -6 'student-password')" - -Then rerun: - ./labctl up -EOF - exit 1 -} - confirm_installation() { local response local tlab_version @@ -552,7 +527,6 @@ main() { case "$cmd" in up) confirm_installation - require_student_password_hash run_playbook up.yml run_project_script "$ROOT_DIR/scripts/service_manager.sh" start all ;; @@ -562,7 +536,6 @@ main() { ;; preflight) confirm_installation - require_student_password_hash run_playbook up.yml --tags preflight ;; versions) diff --git a/scripts/common.sh b/scripts/common.sh index a5b2f59..c9bd218 100644 --- a/scripts/common.sh +++ b/scripts/common.sh @@ -19,8 +19,6 @@ load_runtime_env() { : "${COURSEWARE_WIKI_PORT:=80}" : "${COURSEWARE_WETTY_PORT:=7681}" : "${COURSEWARE_WETTY_BASE_PATH:=/wetty}" - : "${COURSEWARE_STUDENT_USERNAME:=student}" - : "${COURSEWARE_LAB3_DIR:=/home/student/lab3}" : "${NODE_RUNTIME_BIN_DIR:=$COURSEWARE_STATE_DIR/tools/node-runtime/node_modules/node/bin}" : "${WETTY_BIN:=$COURSEWARE_STATE_DIR/tools/wetty/node_modules/.bin/wetty}" : "${PROMPTFOO_DIR:=$COURSEWARE_STATE_DIR/lab6}" diff --git a/scripts/service_manager.sh b/scripts/service_manager.sh index 658dc12..eae827f 100755 --- a/scripts/service_manager.sh +++ b/scripts/service_manager.sh @@ -29,11 +29,6 @@ ensure_transformerlab_default_user() { } check_wetty_prereqs() { - if ! id "$COURSEWARE_STUDENT_USERNAME" >/dev/null 2>&1; then - echo "Missing terminal user '$COURSEWARE_STUDENT_USERNAME'. Re-run ./labctl up after setting COURSEWARE_STUDENT_PASSWORD_HASH." >&2 - exit 1 - fi - if [ ! -x "$WETTY_BIN" ]; then echo "Missing WeTTY binary at $WETTY_BIN. Re-run ./labctl up." >&2 exit 1 @@ -44,11 +39,6 @@ check_wetty_prereqs() { exit 1 fi - if [ ! -d "$COURSEWARE_LAB3_DIR" ]; then - echo "Missing lab workspace at $COURSEWARE_LAB3_DIR. Re-run ./labctl up." >&2 - exit 1 - fi - if ! python3 - <<'PY' import socket, sys sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)