docs update [skip ci]

.gitignore

@@ -1,4 +1,4 @@
 workspace
 config/authorized_keys
 config/rclone
-
+.env

README.md

@@ -110,22 +110,24 @@ You can use the included `cloudflared` service to make secure connections withou
 
 ## Environment Variables
 
-| Variable              | Description |
-| --------------------- | ----------- |
-| `CF_TUNNEL_TOKEN`     | Cloudflare zero trust tunnel token - See [documentation](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/). |
-| `CF_QUICK_TUNNELS`    | Create ephemeral Cloudflare tunnels for web services (default `false`) |
-| `GPU_COUNT`           | Limit the number of available GPUs |
-| `JUPYTER_MODE`        | `lab` (default), `notebook` |
-| `PROVISIONING_SCRIPT` | URL of a remote script to execute on init. See [note](#provisioning-script). |
-| `RCLONE_*`            | Rclone configuration - See [rclone documentation](https://rclone.org/docs/#config-file) |
-| `SKIP_ACL`            | Set `true` to skip modifying workspace ACL |
-| `SSH_PORT`            | Set a non-standard port for SSH (default `22`) |
-| `SSH_PUBKEY`          | Your public key for SSH |
-| `WEB_ENABLE_AUTH`     | Enable password protection for web services (default `true`) |
-| `WEB_USER`            | Username for web services (default `user`) |
-| `WEB_PASSWORD`        | Password for web services (default `password`) |
-| `WORKSPACE`           | A volume path. Defaults to `/workspace/` |
-| `WORKSPACE_SYNC`      | Move mamba environments and services to workspace if mounted (default `true`) |
+| Variable                 | Description |
+| ------------------------ | ----------- |
+| `CF_TUNNEL_TOKEN`        | Cloudflare zero trust tunnel token - See [documentation](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/). |
+| `CF_QUICK_TUNNELS`       | Create ephemeral Cloudflare tunnels for web services (default `false`) |
+| `DIRECT_ADDRESS`         | IP/hostname for service portal direct links (default `localhost`) |
+| `DIRECT_ADDRESS_GET_WAN` | Use the internet facing interface for direct links (default `false`) |
+| `GPU_COUNT`              | Limit the number of available GPUs |
+| `JUPYTER_MODE`           | `lab` (default), `notebook` |
+| `PROVISIONING_SCRIPT`    | URL of a remote script to execute on init. See [note](#provisioning-script). |
+| `RCLONE_*`               | Rclone configuration - See [rclone documentation](https://rclone.org/docs/#config-file) |
+| `SKIP_ACL`               | Set `true` to skip modifying workspace ACL |
+| `SSH_PORT`               | Set a non-standard port for SSH (default `22`) |
+| `SSH_PUBKEY`             | Your public key for SSH |
+| `WEB_ENABLE_AUTH`        | Enable password protection for web services (default `true`) |
+| `WEB_USER`               | Username for web services (default `user`) |
+| `WEB_PASSWORD`           | Password for web services (default `password`) |
+| `WORKSPACE`              | A volume path. Defaults to `/workspace/` |
+| `WORKSPACE_SYNC`         | Move mamba environments and services to workspace if mounted (default `true`) |
 
 Environment variables can be specified by using any of the standard methods (`docker-compose.yaml`, `docker run -e...`). Additionally, environment variables can also be passed as parameters of `init.sh`.
 
@@ -145,6 +147,9 @@ The password is stored as a bcrypt hash. If you prefer not to pass a plain text
 
 If you are running the image locally on a trusted network, you may disable authentication by setting the environment variable `WEB_ENABLE_AUTH=false`.
 
+>[!NOTE]  
+>You can use `set-web-credentials.sh <username> <password>` change the username and password in a running container.
+
 ## Provisioning script
 
 It can be useful to perform certain actions when starting a container, such as creating directories and downloading files.
@@ -240,24 +245,15 @@ This is a simple webserver acting as a reverse proxy.
 
 Caddy is used to enable basic authentication for all sensitive web services.
 
-### Port Redirector
+### Service Portal
 
 This is a simple list of links to the web services available inside the container.
 
 The service will bind to port `1111`.
 
 For each service, you will find a direct link and, if you have set `CF_QUICK_TUNNELS=true`, a link to the service via a fast and secure Cloudflare tunnel.
 
->[!NOTE]  
->*This service will not show links to any pre-configured Cloudflare tunnels as the domains are static and already known to the user.*
-
-### Log Viewer
-
-The web based log viewer will start on port `1122`.
-
-It's a very lightweight websocket based stream of the latest updates in `/var/log/logtail.log`.
-
-This service will also be accessible on any other exposed ports until the program designated to that port is ready to use.
+A simple web-based log viewer and process manager are included for convenience.
 
 ### Cloudflared
 
@@ -342,7 +338,6 @@ Some ports need to be exposed for the services to run or for certain features of
 | --------------------- | ------------------------- |
 | `22`                  | SSH server                |
 | `1111`                | Port redirector web UI    |
-| `1122`                | Log viewer web UI         |
 | `8888`                | Jupyter server            |
 | `53682`               | Rclone interactive config |
 

docker-compose.yaml

@@ -5,11 +5,20 @@ services:
     build:
       context: ./build
       args:
-        IMAGE_BASE: ${IMAGE_BASE}
+        IMAGE_BASE: ${IMAGE_BASE:-ghcr.io/ai-dock/python:3.10-cuda-11.8.0-base-22.04}
       tags:
-        - "ghcr.io/ai-dock/jupyter-python:${IMAGE_TAG}"
+        - "ghcr.io/ai-dock/jupyter-python:${IMAGE_TAG:-3.10-cuda-11.8.0-base-22.04}"
 
-    image: ghcr.io/ai-dock/jupyter-python:${IMAGE_TAG}
+    image: ghcr.io/ai-dock/jupyter-python:${IMAGE_TAG:-3.10-cuda-11.8.0-base-22.04}
+
+    ## For Nvidia GPU's - You probably want to uncomment this
+    #deploy:
+    #  resources:
+    #    reservations:
+    #      devices:
+    #        - driver: nvidia
+    #          count: all
+    #          capabilities: [gpu]
 
     security_opt:
       # For Rclone mount
@@ -50,16 +59,15 @@ services:
         - ${SSH_PORT_HOST:-2222}:${SSH_PORT:-22}
         # Web UI for easy service access
         - ${REDIRECTOR_PORT_HOST:-1111}:1111
-        # Websocket log viewer
-        - ${LOG_VIEWER_PORT_HOST:-1122}:1122
         # Jupyter server
         - ${JUPYTER_PORT_HOST:-8888}:8888
         # Rclone webserver for interactive configuration
         - ${RCLONE_PORT_HOST:-53682}:53682
 
     environment:
         # Don't enclose values in quotes
-        # Allows running true SSH alongside provider proxy SSH
+        - DIRECT_ADDRESS=${DIRECT_ADDRESS:-127.0.0.1}
+        - DIRECT_ADDRESS_GET_WAN=${DIRECT_ADDRESS_GET_WAN:-false}
         - SSH_PORT=${SSH_PORT:-22}
         - WORKSPACE=${WORKSPACE:-/workspace}
         - WORKSPACE_SYNC=${WORKSPACE_SYNC:-true}