diff --git a/roles/jupyterhub/README.md b/roles/jupyterhub/README.md index 357d4a156..dc15b005e 100644 --- a/roles/jupyterhub/README.md +++ b/roles/jupyterhub/README.md @@ -1,10 +1,29 @@ ## JupyterHub programming environment with student Notebooks -#### High Schools may want to consider JupyterHub to integrate coding with dynamic interactive graphing — A New Way to Think About Programming — allowing students to integrate science experiment results and program output within their notebook/document/blog: +#### Secondary schools may want to consider JupyterHub to integrate coding with dynamic interactive graphing — A New Way to Think About Programming — allowing students to integrate science experiment results and program output within their own blog-like "Jupyter Notebooks." -* Jupyter Notebooks are widely used in the scientific community. -* This IIAB package permits individual users to start using their own notebook on the server (http://box.lan/jupyterhub) without needing an individual server account. -* Once a user signs in with a username and password, these credentials are stored, and are used thereafter to gain access to the user's files. -* Individual folders are created for all student work in the path `/var/lib/protected/` — individual students will only be able to see their own work in that directory. -* Students will not have any privileges outside of their own folder. -* They may upload Jupyter Notebooks from a local machine, and download the current state of their work via a normal browser download. +* Jupyter Notebooks are widely used in the scientific community: + * Intitutional FAQ: https://jupyterhub.readthedocs.io/en/stable/getting-started/institutional-faq.html + * Getting Started: https://jupyterhub.readthedocs.io/en/stable/getting-started/ +* Students create their own accounts on first use — e.g. at http://box.lan/jupyterhub — just as if they're logging in regularly (unfortunately the login screen doesn't make that clear, but the teacher _does not_ need to be involved!) + * A student can then sign in with their username and password, to gain access to their files (Jupyter Notebooks). + * The teacher should modify and protect JupyterHub's overall ``Admin`` password, just in case: http://FAQ.IIAB.IO#What_are_the_default_passwords.3F +* Individual student folders are created in ``/var/lib/private/`` on the Internet-in-a-Box (IIAB) server: + * A student will only be able to see their own work — they do not have privileges outside of their own folder. + * Students may upload Jupyter Notebooks to the IIAB server, and download the current state of their work via a normal browser. + +### Settings + +Linux administrators please see `/opt/iiab/jupyterhub/etc/jupyterhub/jupyterhub_config.py` which originates from https://github.com/iiab/iiab/blob/master/roles/jupyterhub/templates/jupyterhub_config.py + +Note that `/opt/iiab/jupyterhub` is a Python 3 virtual environment, that can be activated with the usual formula: + +``` +source /opt/iiab/jupyterhub/bin/activate +``` + +### Known Issues: + +* 2021-08-07: The page that allows you to reset/change your own password is not accessible. Likewise Admin users cannot reset/change the password of any _individual_ user at this time. + * If necessary, a Linux administrator can delete the `/passwords.dbm.db` file at the very top of your Linux filesystem, allowing all JupyterHub users to (re)create new passwords. This does work, but is very heavy-handed ([#2016](https://github.com/iiab/iiab/pull/2892#issuecomment-890551682)). +* 2021-08-07: Teachers (i.e. Admin users) cannot currently access the very helpful "administrator's page" discussed at [JupyterHub FAQ >> "How do I manage users?"](https://jupyterhub.readthedocs.io/en/stable/getting-started/institutional-faq.html#how-do-i-manage-users) and [roles/jupyterhub/templates/jupyterhub_config.py#L1049-L1054 >> "Admin users have extra privileges"](https://github.com/iiab/iiab/blob/d0e8e048347bf46c02a2cdb0da9c5cd0c489fe40/roles/jupyterhub/templates/jupyterhub_config.py#L1049-L1054). diff --git a/roles/jupyterhub/templates/jupyterhub_config.py b/roles/jupyterhub/templates/jupyterhub_config.py index d78f82f80..ee9a6a3f6 100644 --- a/roles/jupyterhub/templates/jupyterhub_config.py +++ b/roles/jupyterhub/templates/jupyterhub_config.py @@ -64,7 +64,7 @@ # # Users should be properly informed if this is enabled. # Default: False -# c.JupyterHub.admin_access = False +c.JupyterHub.admin_access = True ## DEPRECATED since version 0.7.2, use Authenticator.admin_users instead. # Default: set() @@ -1057,7 +1057,7 @@ c.JupyterHub.spawner_class = 'systemdspawner.SystemdSpawner' # # Defaults to an empty set, in which case no user has admin access. # Default: set() -c.Authenticator.admin_users = set('iiab-admin') +c.Authenticator.admin_users = set('Admin') ## Set of usernames that are allowed to log in. #