bzuccaro/LLM-Labs-Local
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: bzuccaro/LLM-Labs-Local:v1.3
Branches Tags
bzuccaro/LLM-Labs-Local:main bzuccaro/LLM-Labs-Local:2080_super bzuccaro/LLM-Labs-Local:codex/transformerlab-activation-fix
bzuccaro/LLM-Labs-Local:v1.3
..
compare: bzuccaro/LLM-Labs-Local:56305680e09be28067023a93f1612efe156bdcec
Branches Tags
bzuccaro/LLM-Labs-Local:main bzuccaro/LLM-Labs-Local:2080_super bzuccaro/LLM-Labs-Local:codex/transformerlab-activation-fix
bzuccaro/LLM-Labs-Local:v1.3

4 Commits
v1.3 .. 56305680e0

Author SHA1 Message Date
c4ch3c4d3 56305680e0 Fix terminal deployment regressions 2026-04-13 21:22:16 -06:00
c4ch3c4d3 5576142aec Use host-managed SSH accounts for browser terminal 2026-04-13 19:40:38 -06:00
c4ch3c4d3 13ce59d901 Restore executable bits on deployment scripts 2026-04-13 16:40:35 -06:00
c4ch3c4d3 cbf6c3fad3 Add managed Lab 3 browser terminal deployment 2026-04-13 16:40:14 -06:00
11 changed files with 212 additions and 15 deletions
Expand all files Collapse all files
README.md
+9
View File
@@ -103,6 +103,15 @@ Default endpoints:
- Unsloth Studio: `http://127.0.0.1:8888` - Unsloth Studio: `http://127.0.0.1:8888`
- Promptfoo UI: `http://127.0.0.1:15500` - Promptfoo UI: `http://127.0.0.1:15500`
- Wiki: `http://127.0.0.1:80` - Wiki: `http://127.0.0.1:80`
- Lab 3 Terminal: `http://127.0.0.1:7681/wetty`
## Lab 3 Browser Terminal
The deployment will:
- bind `sshd` to `127.0.0.1:22` only
- install WeTTY and expose it at `http://127.0.0.1:7681/wetty`
- leave login identity management to the host, so any existing local account with password-based SSH access can sign in through the browser terminal
## Notes ## Notes
ansible/group_vars/all.yml
+6
View File
@@ -18,8 +18,10 @@ courseware_unsloth_home: "{{ courseware_state_dir }}/unsloth-home"
courseware_ollama_models_dir: "{{ courseware_models_dir }}/ollama" courseware_ollama_models_dir: "{{ courseware_models_dir }}/ollama"
courseware_node_runtime_dir: "{{ courseware_tools_dir }}/node-runtime" courseware_node_runtime_dir: "{{ courseware_tools_dir }}/node-runtime"
courseware_node_runtime_bin_dir: "{{ courseware_node_runtime_dir }}/node_modules/node/bin" courseware_node_runtime_bin_dir: "{{ courseware_node_runtime_dir }}/node_modules/node/bin"
courseware_wetty_dir: "{{ courseware_tools_dir }}/wetty"
courseware_promptfoo_dir: "{{ courseware_lab6_dir }}" courseware_promptfoo_dir: "{{ courseware_lab6_dir }}"
courseware_wiki_repo_dir: "{{ courseware_repos_dir }}/LLM-Labs" courseware_wiki_repo_dir: "{{ courseware_repos_dir }}/LLM-Labs"
courseware_wiki_runtime_config_path: "{{ courseware_wiki_repo_dir }}/public/courseware-runtime.json"
courseware_llama_cpp_bin_dir: "{{ courseware_repos_dir }}/llama.cpp/build/bin" courseware_llama_cpp_bin_dir: "{{ courseware_repos_dir }}/llama.cpp/build/bin"
courseware_bind_host: "0.0.0.0" courseware_bind_host: "0.0.0.0"
@@ -33,6 +35,7 @@ courseware_ports:
unsloth: 8888 unsloth: 8888
promptfoo: 15500 promptfoo: 15500
wiki: 80 wiki: 80
wetty: 7681
courseware_transformerlab_install_mode: "single-user-pinned" courseware_transformerlab_install_mode: "single-user-pinned"
courseware_transformerlab_version: "v0.28.2" courseware_transformerlab_version: "v0.28.2"
@@ -63,6 +66,8 @@ courseware_chunkviz_commit: "a891eacafda1f28a12373ad3b00102e68f07c57f"
courseware_promptfoo_version: "0.119.0" courseware_promptfoo_version: "0.119.0"
courseware_kiln_release_tag: "v0.18.1" courseware_kiln_release_tag: "v0.18.1"
courseware_node_runtime_version: "20.20.2" courseware_node_runtime_version: "20.20.2"
courseware_wetty_spec: "wetty@2.5.0"
courseware_wetty_base_path: "/wetty"
courseware_wiki_repo: "https://git.zuccaro.me/bzuccaro/LLM-Labs.git" courseware_wiki_repo: "https://git.zuccaro.me/bzuccaro/LLM-Labs.git"
courseware_open_webui_spec: "open-webui" courseware_open_webui_spec: "open-webui"
@@ -151,3 +156,4 @@ courseware_services:
- "unsloth" - "unsloth"
- "promptfoo" - "promptfoo"
- "wiki" - "wiki"
- "wetty"
ansible/playbooks/up.yml
+1
View File
@@ -8,6 +8,7 @@
- packages - packages
- lab_assets - lab_assets
- node_runtime - node_runtime
- { role: terminal, when: ansible_system == "Linux" }
- llama_cpp - llama_cpp
- transformerlab - transformerlab
- open_webui - open_webui
ansible/roles/terminal/tasks/main.yml
+114
View File
@@ -0,0 +1,114 @@
- name: Install terminal prerequisites
become: true
apt:
name:
- openssh-server
state: present
update_cache: true
- name: Ensure sshd drop-in directory exists
become: true
file:
path: /etc/ssh/sshd_config.d
state: directory
mode: "0755"
- name: Configure courseware loopback-only sshd policy
become: true
template:
src: sshd-courseware-terminal.conf.j2
dest: /etc/ssh/sshd_config.d/50-courseware-terminal.conf
mode: "0644"
register: courseware_terminal_sshd_config
- name: Ensure sshd runtime directory exists
become: true
file:
path: /run/sshd
state: directory
mode: "0755"
- name: Validate sshd configuration
become: true
command:
argv:
- /usr/sbin/sshd
- -t
- -f
- /etc/ssh/sshd_config
changed_when: false
- name: Start and enable sshd with systemd when available
become: true
systemd:
name: ssh
state: started
enabled: true
when: ansible_service_mgr == "systemd"
- name: Check for running sshd when systemd is unavailable
become: true
command: pgrep -x sshd
register: courseware_terminal_sshd_pid
changed_when: false
failed_when: false
when: ansible_service_mgr != "systemd"
- name: Reload running sshd when config changed outside systemd
become: true
command: pkill -HUP -x sshd
when:
- ansible_service_mgr != "systemd"
- courseware_terminal_sshd_pid.rc == 0
- courseware_terminal_sshd_config.changed
- name: Start sshd when it is not already running outside systemd
become: true
command:
argv:
- /usr/sbin/sshd
when:
- ansible_service_mgr != "systemd"
- courseware_terminal_sshd_pid.rc != 0
- name: Create contained WeTTY directory
file:
path: "{{ courseware_wetty_dir }}"
state: directory
mode: "0755"
- name: Install contained WeTTY runtime
command:
argv:
- npm
- install
- "{{ courseware_wetty_spec }}"
args:
chdir: "{{ courseware_wetty_dir }}"
creates: "{{ courseware_wetty_dir }}/node_modules/.bin/wetty"
environment:
PATH: "{{ courseware_node_runtime_bin_dir }}:{{ ansible_env.PATH }}"
- name: Check loopback sshd listener
become: true
command: ss -ltn
register: courseware_terminal_ss_listeners
changed_when: false
- name: Assert sshd is loopback-only
assert:
that:
- "'127.0.0.1:22' in courseware_terminal_ss_listeners.stdout"
- "'0.0.0.0:22' not in courseware_terminal_ss_listeners.stdout"
- "'[::]:22' not in courseware_terminal_ss_listeners.stdout"
fail_msg: "sshd must listen only on 127.0.0.1:22 for the browser terminal deployment."
- name: Assert WeTTY binary exists
stat:
path: "{{ courseware_wetty_dir }}/node_modules/.bin/wetty"
register: courseware_wetty_bin_stat
- name: Fail when WeTTY installation is incomplete
fail:
msg: "WeTTY was not installed under {{ courseware_wetty_dir }}."
when: not courseware_wetty_bin_stat.stat.exists
ansible/roles/terminal/templates/sshd-courseware-terminal.conf.j2
+11
View File
@@ -0,0 +1,11 @@
# Managed by Local Courseware Deployment.
ListenAddress 127.0.0.1
AddressFamily inet
PermitRootLogin no
PasswordAuthentication yes
KbdInteractiveAuthentication no
ChallengeResponseAuthentication no
UsePAM yes
AllowTcpForwarding no
X11Forwarding no
PrintMotd no
ansible/roles/wiki/files/referrer-policy.patch
+8 -13
View File
@@ -1,5 +1,5 @@
diff --git a/src/app/labs/[slug]/page.tsx b/src/app/labs/[slug]/page.tsx diff --git a/src/app/labs/[slug]/page.tsx b/src/app/labs/[slug]/page.tsx
index f67308f..a6aac38 100644 index eb949ae..bb3d51c 100644
--- a/src/app/labs/[slug]/page.tsx --- a/src/app/labs/[slug]/page.tsx
+++ b/src/app/labs/[slug]/page.tsx +++ b/src/app/labs/[slug]/page.tsx
@@ -462,6 +462,19 @@ function markdownToHtml(markdown: string) { @@ -462,6 +462,19 @@ function markdownToHtml(markdown: string) {
@@ -41,20 +41,15 @@ index f67308f..a6aac38 100644
return ( return (
<main className="mx-auto w-full max-w-5xl px-6 py-10"> <main className="mx-auto w-full max-w-5xl px-6 py-10">
diff --git a/src/components/labs/LabContent.tsx b/src/components/labs/LabContent.tsx diff --git a/src/components/labs/LabContent.tsx b/src/components/labs/LabContent.tsx
index 7a7ce52..8778a23 100644 index 6addccf..afdd12f 100644
--- a/src/components/labs/LabContent.tsx --- a/src/components/labs/LabContent.tsx
+++ b/src/components/labs/LabContent.tsx +++ b/src/components/labs/LabContent.tsx
@@ -277,7 +277,12 @@ export function LabContent({ className, html }: LabContentProps) { @@ -346,6 +346,7 @@ export function LabContent({ className, html }: LabContentProps) {
> <img
<div className="lab-image-modal__surface" onClick={(event) => event.stopPropagation()}> className="lab-image-modal__image"
{/* eslint-disable-next-line @next/next/no-img-element */} src={zoomedImage.src}
- <img className="lab-image-modal__image" src={zoomedImage.src} alt={zoomedImage.alt} /> alt={zoomedImage.alt}
+ <img
+ className="lab-image-modal__image"
+ src={zoomedImage.src}
+ alt={zoomedImage.alt}
+ referrerPolicy="no-referrer" + referrerPolicy="no-referrer"
+ /> />
</div> </div>
</div> </div>
) : null}
ansible/roles/wiki/tasks/main.yml
+6
View File
@@ -36,6 +36,12 @@
environment: environment:
PATH: "{{ courseware_node_runtime_bin_dir }}:{{ ansible_env.PATH }}" PATH: "{{ courseware_node_runtime_bin_dir }}:{{ ansible_env.PATH }}"
- name: Render wiki runtime config
template:
src: courseware-runtime.json.j2
dest: "{{ courseware_wiki_runtime_config_path }}"
mode: "0644"
- name: Stat wiki build output - name: Stat wiki build output
stat: stat:
path: "{{ courseware_wiki_repo_dir }}/.next/BUILD_ID" path: "{{ courseware_wiki_repo_dir }}/.next/BUILD_ID"
ansible/roles/wiki/templates/courseware-runtime.json.j2
+3
View File
@@ -0,0 +1,3 @@
{
"lab3TerminalUrl": "http://{{ courseware_url_host }}:{{ courseware_ports.wetty }}{{ courseware_wetty_base_path }}"
}
ansible/templates/runtime.env.j2
+4
View File
@@ -11,9 +11,12 @@ COURSEWARE_EMBEDDING_ATLAS_PORT="{{ courseware_ports.embedding_atlas }}"
COURSEWARE_UNSLOTH_PORT="{{ courseware_ports.unsloth }}" COURSEWARE_UNSLOTH_PORT="{{ courseware_ports.unsloth }}"
COURSEWARE_PROMPTFOO_PORT="{{ courseware_ports.promptfoo }}" COURSEWARE_PROMPTFOO_PORT="{{ courseware_ports.promptfoo }}"
COURSEWARE_WIKI_PORT="{{ courseware_ports.wiki }}" COURSEWARE_WIKI_PORT="{{ courseware_ports.wiki }}"
COURSEWARE_WETTY_PORT="{{ courseware_ports.wetty }}"
OLLAMA_BIN="{{ courseware_ollama_bin }}" OLLAMA_BIN="{{ courseware_ollama_bin }}"
OLLAMA_MODELS_DIR="{{ courseware_ollama_models_dir }}" OLLAMA_MODELS_DIR="{{ courseware_ollama_models_dir }}"
NODE_RUNTIME_BIN_DIR="{{ courseware_node_runtime_bin_dir }}" NODE_RUNTIME_BIN_DIR="{{ courseware_node_runtime_bin_dir }}"
WETTY_BIN="{{ courseware_wetty_dir }}/node_modules/.bin/wetty"
COURSEWARE_WETTY_BASE_PATH="{{ courseware_wetty_base_path }}"
OPEN_WEBUI_VENV="{{ courseware_venvs_dir }}/open-webui" OPEN_WEBUI_VENV="{{ courseware_venvs_dir }}/open-webui"
OPEN_WEBUI_DATA_DIR="{{ courseware_state_dir }}/open-webui" OPEN_WEBUI_DATA_DIR="{{ courseware_state_dir }}/open-webui"
CHUNKVIZ_DIR="{{ courseware_repos_dir }}/ChunkViz" CHUNKVIZ_DIR="{{ courseware_repos_dir }}/ChunkViz"
@@ -29,6 +32,7 @@ UNSLOTH_BIN="{{ ansible_env.HOME }}/.local/bin/unsloth"
PROMPTFOO_DIR="{{ courseware_promptfoo_dir }}" PROMPTFOO_DIR="{{ courseware_promptfoo_dir }}"
PROMPTFOO_BIN="{{ courseware_tools_dir }}/promptfoo/node_modules/.bin/promptfoo" PROMPTFOO_BIN="{{ courseware_tools_dir }}/promptfoo/node_modules/.bin/promptfoo"
WIKI_DIR="{{ courseware_wiki_repo_dir }}" WIKI_DIR="{{ courseware_wiki_repo_dir }}"
WIKI_RUNTIME_CONFIG_PATH="{{ courseware_wiki_runtime_config_path }}"
LLAMA_CPP_BIN_DIR="{{ courseware_llama_cpp_bin_dir }}" LLAMA_CPP_BIN_DIR="{{ courseware_llama_cpp_bin_dir }}"
KILN_LINUX_BIN="{{ courseware_apps_dir }}/kiln/Kiln" KILN_LINUX_BIN="{{ courseware_apps_dir }}/kiln/Kiln"
KILN_MAC_APP="{{ courseware_apps_dir }}/Kiln.app" KILN_MAC_APP="{{ courseware_apps_dir }}/Kiln.app"
scripts/common.sh
+17 -1
View File
@@ -17,9 +17,13 @@ load_runtime_env() {
: "${COURSEWARE_URL_HOST:=127.0.0.1}" : "${COURSEWARE_URL_HOST:=127.0.0.1}"
: "${COURSEWARE_PROMPTFOO_PORT:=15500}" : "${COURSEWARE_PROMPTFOO_PORT:=15500}"
: "${COURSEWARE_WIKI_PORT:=80}" : "${COURSEWARE_WIKI_PORT:=80}"
: "${COURSEWARE_WETTY_PORT:=7681}"
: "${COURSEWARE_WETTY_BASE_PATH:=/wetty}"
: "${NODE_RUNTIME_BIN_DIR:=$COURSEWARE_STATE_DIR/tools/node-runtime/node_modules/node/bin}" : "${NODE_RUNTIME_BIN_DIR:=$COURSEWARE_STATE_DIR/tools/node-runtime/node_modules/node/bin}"
: "${WETTY_BIN:=$COURSEWARE_STATE_DIR/tools/wetty/node_modules/.bin/wetty}"
: "${PROMPTFOO_DIR:=$COURSEWARE_STATE_DIR/lab6}" : "${PROMPTFOO_DIR:=$COURSEWARE_STATE_DIR/lab6}"
: "${WIKI_DIR:=$COURSEWARE_STATE_DIR/repos/LLM-Labs}" : "${WIKI_DIR:=$COURSEWARE_STATE_DIR/repos/LLM-Labs}"
: "${WIKI_RUNTIME_CONFIG_PATH:=$WIKI_DIR/public/courseware-runtime.json}"
: "${LLAMA_CPP_BIN_DIR:=$COURSEWARE_STATE_DIR/repos/llama.cpp/build/bin}" : "${LLAMA_CPP_BIN_DIR:=$COURSEWARE_STATE_DIR/repos/llama.cpp/build/bin}"
if [ -n "${OLLAMA_BIN:-}" ] && [[ "$OLLAMA_BIN" != */* ]] && command -v "$OLLAMA_BIN" >/dev/null 2>&1; then if [ -n "${OLLAMA_BIN:-}" ] && [[ "$OLLAMA_BIN" != */* ]] && command -v "$OLLAMA_BIN" >/dev/null 2>&1; then
@@ -43,7 +47,8 @@ service_list() {
"embedding-atlas" \ "embedding-atlas" \
"unsloth" \ "unsloth" \
"promptfoo" \ "promptfoo" \
"wiki" "wiki" \
"wetty"
} }
service_pid_file() { service_pid_file() {
@@ -64,6 +69,7 @@ service_port() {
unsloth) printf '%s\n' "${COURSEWARE_UNSLOTH_PORT}" ;; unsloth) printf '%s\n' "${COURSEWARE_UNSLOTH_PORT}" ;;
promptfoo) printf '%s\n' "${COURSEWARE_PROMPTFOO_PORT}" ;; promptfoo) printf '%s\n' "${COURSEWARE_PROMPTFOO_PORT}" ;;
wiki) printf '%s\n' "${COURSEWARE_WIKI_PORT}" ;; wiki) printf '%s\n' "${COURSEWARE_WIKI_PORT}" ;;
wetty) printf '%s\n' "${COURSEWARE_WETTY_PORT}" ;;
*) return 1 ;; *) return 1 ;;
esac esac
} }
@@ -78,6 +84,7 @@ service_url() {
unsloth) printf 'http://%s:%s\n' "$COURSEWARE_URL_HOST" "$COURSEWARE_UNSLOTH_PORT" ;; unsloth) printf 'http://%s:%s\n' "$COURSEWARE_URL_HOST" "$COURSEWARE_UNSLOTH_PORT" ;;
promptfoo) printf 'http://%s:%s\n' "$COURSEWARE_URL_HOST" "$COURSEWARE_PROMPTFOO_PORT" ;; promptfoo) printf 'http://%s:%s\n' "$COURSEWARE_URL_HOST" "$COURSEWARE_PROMPTFOO_PORT" ;;
wiki) printf 'http://%s:%s\n' "$COURSEWARE_URL_HOST" "$COURSEWARE_WIKI_PORT" ;; wiki) printf 'http://%s:%s\n' "$COURSEWARE_URL_HOST" "$COURSEWARE_WIKI_PORT" ;;
wetty) printf 'http://%s:%s%s\n' "$COURSEWARE_URL_HOST" "$COURSEWARE_WETTY_PORT" "$COURSEWARE_WETTY_BASE_PATH" ;;
*) return 1 ;; *) return 1 ;;
esac esac
} }
@@ -144,6 +151,15 @@ service_command() {
"$COURSEWARE_BIND_HOST" \ "$COURSEWARE_BIND_HOST" \
"$COURSEWARE_WIKI_PORT" "$COURSEWARE_WIKI_PORT"
;; ;;
wetty)
printf 'cd "%s" && PATH="%s:$PATH" exec "%s" --host %s --port %s --base %s --allow-iframe --ssh-host 127.0.0.1 --ssh-port 22 --ssh-auth password' \
"$COURSEWARE_ROOT" \
"$NODE_RUNTIME_BIN_DIR" \
"$WETTY_BIN" \
"$COURSEWARE_BIND_HOST" \
"$COURSEWARE_WETTY_PORT" \
"$COURSEWARE_WETTY_BASE_PATH"
;;
*) *)
return 1 return 1
;; ;;
scripts/service_manager.sh
+33 -1
View File
@@ -28,6 +28,34 @@ ensure_transformerlab_default_user() {
--last-name "${TRANSFORMERLAB_DEFAULT_USER_LAST_NAME:-}" >>"$STATE_DIR/logs/transformerlab_default_user.log" 2>&1 || true --last-name "${TRANSFORMERLAB_DEFAULT_USER_LAST_NAME:-}" >>"$STATE_DIR/logs/transformerlab_default_user.log" 2>&1 || true
} }
check_wetty_prereqs() {
if [ ! -x "$WETTY_BIN" ]; then
echo "Missing WeTTY binary at $WETTY_BIN. Re-run ./labctl up." >&2
exit 1
fi
if [ ! -f "$WIKI_RUNTIME_CONFIG_PATH" ]; then
echo "Missing wiki runtime config at $WIKI_RUNTIME_CONFIG_PATH. Re-run ./labctl up." >&2
exit 1
fi
if ! python3 - <<'PY'
import socket, sys
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(1)
try:
sock.connect(("127.0.0.1", 22))
except OSError:
sys.exit(1)
finally:
sock.close()
PY
then
echo "Loopback sshd is not reachable on 127.0.0.1:22." >&2
exit 1
fi
}
resolve_targets() { resolve_targets() {
if [ $# -eq 0 ]; then if [ $# -eq 0 ]; then
echo "No target specified." >&2 echo "No target specified." >&2
@@ -82,7 +110,7 @@ service_ready() {
promptfoo) promptfoo)
curl -fsS "$(service_url "$service")/health" >/dev/null 2>&1 curl -fsS "$(service_url "$service")/health" >/dev/null 2>&1
;; ;;
open-webui|chunkviz|embedding-atlas|unsloth|wiki) open-webui|chunkviz|embedding-atlas|unsloth|wiki|wetty)
curl -fsS "$(service_url "$service")" >/dev/null 2>&1 curl -fsS "$(service_url "$service")" >/dev/null 2>&1
;; ;;
*) *)
@@ -176,6 +204,9 @@ start_one() {
--required-support "batched" >>"$STATE_DIR/logs/transformerlab_plugin_supports.log" 2>&1 || true --required-support "batched" >>"$STATE_DIR/logs/transformerlab_plugin_supports.log" 2>&1 || true
fi fi
;; ;;
wetty)
check_wetty_prereqs
;;
*) *)
;; ;;
esac esac
@@ -289,6 +320,7 @@ Unsloth Studio: $(service_url unsloth)
Promptfoo CLI: $PROMPTFOO_BIN Promptfoo CLI: $PROMPTFOO_BIN
Promptfoo UI: $(service_url promptfoo) Promptfoo UI: $(service_url promptfoo)
Wiki: $(service_url wiki) Wiki: $(service_url wiki)
Lab 3 Terminal: $(service_url wetty)
Kiln app: ${KILN_LAUNCH_PATH:-not installed} Kiln app: ${KILN_LAUNCH_PATH:-not installed}
EOF EOF
} }