I would like to run a public jupyter notebook server. I only want few people able to use it. I see on Jupyter documentation to set the password but did not set the ssl items.
After setting the password:
Everything is as before setting the password, I can do whatever i please like before so can everybody.
I want user able to have own account password to use the notebook web.
Anyone having same view able to help me ?
Unfortunately, Jupyter is not designed to support this out of the box.
One possible solution would be to put your Jupyter instance behind an apache web server:
configure jupyter to listen only on 127.0.0.1. This is the default configuration, but it sounds as if you've already changed this.
configure apache with the appropriate authentication modules (LDAP, local passwords, basic auth, etc).
configure apache's mod_proxy to pass connections from the apache server to jupyter on localhost.
Unfortunately, steps 2 and 3 are beyond the scope of what I can cover here since it depends on your OS, version of apache, and other aspects of your environment. It may be enough for me to point out that this is no different than putting apache in front of another web application server such as Jetty or tomcat, which is documented extensively on other sites on the internet.
https://wiki.eclipse.org/Jetty/Tutorial/Apache
Related
Current state
I'm currently setting up a Datascience/ML Environment for my research team.
I use a Synology NAS as a reverse Proxy to forward requests to our workstations. These host several different Jupyter Labs for projects (located on the NAS), so we can distribute our workload on several machines, while modifying the same data source.
This allows everyone to work on the same projects, while choosing the code executing machine via a subdomain (routed through the Reverse Proxy).
Issue
My current issue is, that I am quite restricted with my authentication options, since all labs are just password secured (+ SSL over Let's Encrypt certificates).
My solution idea
I'm currently investigating Jupyter Hub and its option for OAuth logins.
Additionally I found, that it can use systemd to spawn Notebooks / Labs.
Can anyone tell me if it's possible to just integrate running Labs on different machines into the Hub ,that would run on the NAS (in a docker container)? Or provide any alternative that could do that?
My goal
My wish setup would be:
option for different users to login on a central page with their unique credentials (preferably OAuth)
then selecting their prefered project on their prefered machine
option for admins to create / authorize new users and assign them access to the running labs / machines
I'm glad for any solutions / tips / ideas for improvement / security concerns.
Cheers!
I have a Python application that's that has been working correctly as backend for my website, up to now I have been running it using "python manage.py runserver IP:8000" in CMD. However I would like it to start using HTTPS, but when I try to access through my browser on https://IP:PORT I get the following error:
You're accessing the development server over HTTPS, but it only
supports HTTP.
The server I am running all of this is a Windows Center 2019 DataCenter, normally on a linux environment I would just use NGINX+GUNICORN.
I was browsing possible solutions and stumbled upon this, however I already am using IIS to host a website (My frontend), so I needed to figure out how to host several websites for the same IP, I have now found this.
Long story short, I configured the new IIS website for it to access my django, I then changed the hostname since both frontend and the new backend will using the same ip and ports (80, 443).
But now I have hit a spot where I'm confused due to my lack of experience in IIS and networking. I can't seem to understand how the request will go through to my Python-Django APP.
Something important to mention on how I access the Django APP in the past.
Lets say my front end is https://pr.app.com, whenever any request needed to be made to the backend. I would ask for said information in http://pr.app.com:8000/APIService/..../
This is how the binding for my frontend looks like
And this is the binding for the new backend where I changed the hostname as the second guide linked said
Any guidance or help would be most appreciated,
Thanks in advance
*Update
So I tried pausing my frontend website and used these bindings on the new backend website, I was able to get a screen of Django meaning it seems to be working or at least communicating.
Now I would need to have the hostname of the backend (pr.abcapi.com) somehow refer or redirect to the hostname of the frontend (pr.abc.com).
How could I achieve this?
I have created a python notebook with many widgets connected to many dataframes and I can deploy it fine with Voilà on my local host. I would like to understand what is in the simplest way possible I can share the link with people on my internal network and also outside.
I read my articles suggesting to use Heroku, Binder (with GitHub), Google App Engine, PythonAnywhere...
So my question is what do you suggest for my needs? I would like to keep the interface generated with Voilà and I was hooping not to share it public or at least not to everyone.
Thank you
There are services which allow you to 'essentially' put your localhost on the web i.e. they allow people to remotely access a website hosted as localhost on your machine. I have personally used https://ngrok.io. I've also heard of localhost.run which is a recently launched service. With these services, you will get a URL that you can now send to the folks who you would like to access your service. If you do this, your local machine (the one hosting the service) has to be on.
You can also go with the option of deploying to a host like Google App Engine (GAE), PythonAnywhere, Heroku, etc. But you should add some form of authentication so that access is only granted to those who provide that authentication.
My post has been considered as a duplicate, but this is not...
This question How to access mongodb on GCE with GAE does not answer to how can I edit firewall rules of GCE for an GAE application. It mentioned only about how can how to get te URI to set on an app running on GAE.
This is not my issue. I'd like to make a firewall rule for a deployed GAE application, I already have the external IP of my GCE set on my GAE app.
For example : on my GAE server I can make a dig to get the local server IP (for example : 35.187.8.45), so I can add it to my GCE firewall rules, then in my GAE shell I can make a "python main.py" and access to my mongodb on GCE.
But when I run a "gcloud app deploy", it does not run on the same server anymore. So I have to know on which one to edit a new firewall rules and allow the deployed application.
Hope to be clearer this time...
Well, I finally find a way to achieve what I wanted.
The way to go is to create a GAE flexible, thus, I can find under Instances my diffent VM which have an IP and add them to my GCE (where is my MongoDB) firewall rules.
What I understand of it, but maybe I'm wrong, is in flexible environement, application of GAE is deployed in several VM, running on compute engine, which is not the case for standard environement.
So, for people needs same, and doesn't want to expose their app to whole internet (0.0.0.0/0), go to a flexible environement
Basically i'm looking for an alternative of https://github.com/einfallstoll/express-ntlm for Python/Tornado
I could just add node.js as another layer in the application but I'd rather not
A way to get the windows user of the client acessing a url
This will be used in a web app only available on a corporate network
When deploying on IIS with IIS handling Windows authentication, you can retrieve the remote user from the environment variables. This assumes you have Windows authentication enabled and configured.
Then you can simply get the variables out of the environment. As noted in the Microsoft documentation applicable environment variables include REMOTE_USER, AUTH_USER, LOGON_USER, and UNMAPPED_REMOTE_USER. Check the docs for specific usages.
In Python, these can be retrieved with os.environ
Tested this using IIS 7.5 running a simple script and was able to get the username with Python simply by os.environ.get("REMOTE_USER")
If you're using a proxy, the environment variable may be different, such as 'HTTP_X_PROXY_REMOTE_USER'. The server may also need to be configured to pass those environment variables along if that's the case.
express-ntlm is based on an Apache Python project that does the very same: https://github.com/Legrandin/PyAuthenNTLM2/