ClearML/clearml-server
1
0
Fork 0
mirror of https://github.com/clearml/clearml-server synced 2025-05-01 18:55:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fileserver authorization is enabled by default

Browse Source
This commit is contained in:
allegroai 2024-06-20 17:50:02 +03:00
parent 7c9889605a
commit cdc668e3c8
5 changed files with 20 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apiserver/config/default/secure.conf
View File

@ -17,6 +17,11 @@
user_key: "62T8CP7HGBC6647XF9314C2VY67RJO" user_key: "62T8CP7HGBC6647XF9314C2VY67RJO"
user_secret: "gaOfhDX2-bpkeI7-cwEcaMuGijxaG2UG3jbIvg4DxmVGF0LNI7rgvCb1-ne38IlBo1w" user_secret: "gaOfhDX2-bpkeI7-cwEcaMuGijxaG2UG3jbIvg4DxmVGF0LNI7rgvCb1-ne38IlBo1w"
} }
fileserver {
role: "system"
user_key: "GSQWPEKSKNKF354LC9V6BHXKTYFD5I"
user_secret: "tuBXcGQBECsEhcNiK2kiWi750z9r8Z85XrQ9V0c24huTuCb2xf2X1nKG"
}
webserver { webserver {
role: "system" role: "system"
user_key: "EYVQ385RW7Y2QQUH88CZ7DWIQ1WUHP" user_key: "EYVQ385RW7Y2QQUH88CZ7DWIQ1WUHP"

3
fileserver/config/default/fileserver.conf
View File

@ -16,11 +16,10 @@ cors {
auth { auth {
# enable/disable auth validation on upload/download # enable/disable auth validation on upload/download
enabled: false enabled: true
# names of cookies in which authorization token can be found # names of cookies in which authorization token can be found
cookie_names: ["clearml_token_basic"] cookie_names: ["clearml_token_basic"]
tokens_cache_threshold_sec: 43200 tokens_cache_threshold_sec: 43200
} }

2
fileserver/config/default/hosts.conf
View File

@ -1,3 +1,5 @@
api_server: "http://apiserver:8008"
redis { redis {
fileserver { fileserver {
host: "redis" host: "redis"

4
fileserver/config/default/secure.conf
View File

@ -1,7 +1,7 @@
credentials { credentials {
# system credentials as they appear in the auth DB, used for intra-service communications # system credentials as they appear in the auth DB, used for intra-service communications
fileserver { fileserver {
user_key: "" user_key: "GSQWPEKSKNKF354LC9V6BHXKTYFD5I"
user_secret: "" user_secret: "tuBXcGQBECsEhcNiK2kiWi750z9r8Z85XrQ9V0c24huTuCb2xf2X1nKG"
} }
} }

13
fileserver/redis_manager.py
View File

@ -4,8 +4,7 @@ from boltons.iterutils import first
from redis import StrictRedis from redis import StrictRedis
from redis.cluster import RedisCluster from redis.cluster import RedisCluster
from apiserver.apierrors.errors.server_error import ConfigError, GeneralError from config import config
from apiserver.config_repo import config
log = config.logger(__file__) log = config.logger(__file__)
@ -36,6 +35,14 @@ if OVERRIDE_PORT:
OVERRIDE_PASSWORD = first(filter(None, map(getenv, OVERRIDE_PASSWORD_ENV_KEY))) OVERRIDE_PASSWORD = first(filter(None, map(getenv, OVERRIDE_PASSWORD_ENV_KEY)))
class ConfigError(Exception):
pass
class GeneralError(Exception):
pass
class RedisManager(object): class RedisManager(object):
def __init__(self, redis_config_dict): def __init__(self, redis_config_dict):
self.aliases = {} self.aliases = {}
@ -62,7 +69,7 @@ class RedisManager(object):
if not port or not host: if not port or not host:
raise ConfigError( raise ConfigError(
"Redis configuration is invalid. missing port or host", alias=alias f"Redis configuration is invalid. missing port or host (alias={alias})"
) )
if is_cluster: if is_cluster: