hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-17 15:03:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,050 Commits 8 Branches 89 Tags
67f19a65b7b24cda3aa9ce40edd10b1df6fa206c
Commit Graph

3050 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thomas Mendoza
67f19a65b7 Use Certipy's trust graph to set up internal_ssl 
With changes to CHP requiring a second, different
authority, the complexity of managing trust within
JupyterHub has risen. To solve this, Certipy now
has a feature to specify what components should
trust what and builds trust bundles accordingly.
 2018-09-12 17:46:39 -07:00
Thomas Mendoza
ca33ccd66d Add longer internal_ssl documentation to main docs 2018-09-04 15:51:26 -07:00
Thomas Mendoza
84deb1fa7a Update doc strings for create_certs and move_certs 2018-09-04 15:50:45 -07:00
Thomas Mendoza
2a0e5d90e6 Add the ability to generate JupyterHub's certificates 
This is used to be able to access JupyterHub's CA
information and (manually) move it to components
that need them (like externally managed proxies).
 2018-09-04 15:22:49 -07:00
Thomas Mendoza
3c05033481 Update cert generation to use Certipy's new API 
To better accommodate external certificate management
as well as building of trust, Certipy was refactored.
This included general improvements to file and
record handling. In the process, some of Certipy's
APIs changed slightly, but should be more stable now
going forward.
 2018-09-04 15:08:12 -07:00
Thomas Mendoza
9607edcc23 Return a dict instead of a tuple from move_certs 2018-07-27 17:03:12 -07:00
Thomas Mendoza
e082b923e0 Clarify output directory name for user certs 2018-07-27 16:44:24 -07:00
Thomas Mendoza
dd4df873b4 Move internal_ssl init into an init function 2018-07-27 16:41:33 -07:00
Thomas Mendoza
3adbfe315e Pass certfile info via env instead of args 2018-07-26 17:05:50 -07:00
Thomas Mendoza
6000a84ffc Remove certs from the Server orm 2018-07-26 14:29:58 -07:00
Thomas Mendoza
d429433bb2 Add Certipy to requirements now that its in PyPI 2018-07-23 13:41:34 -07:00
Thomas Mendoza
5de870be41 Fix docstring 2018-07-23 13:41:20 -07:00
Thomas Mendoza
1fc75086aa Remove vague try-catch 2018-07-23 13:41:20 -07:00
Thomas Mendoza
fa3437c09a Add db migration for ssl changes to servers 2018-07-23 13:41:20 -07:00
Thomas Mendoza
01b27645fb Set http[s] as appropriate for the singleuser url 2018-07-23 13:41:19 -07:00
Thomas Mendoza
373c3f82dd SSL setup for testing 
Setup general ssl request, not just to api

Basic tests comprised of non-ssl test copies

Create the context only when request is http

Refactor ssl key, cert, ca names

Configure the AsyncHTTPClient at app start

Change tests to import existing ones with ssl on

Override __new__ in MockHub to turn on SSL
 2018-07-23 13:41:09 -07:00
Thomas Mendoza
5c39325104 Only import certipy if internal_ssl is turned on 2018-07-18 16:02:57 -07:00
Thomas Mendoza
0304dd0040 Allow option to specify ssl_context in wait_up 2018-07-18 16:02:57 -07:00
Thomas Mendoza
a549edfd75 Testing internal ssl modifications 2018-07-18 16:02:57 -07:00
Thomas Mendoza
25e6b31a5f Only internal_ssl kwargs if internal_ssl is enabled 2018-07-18 16:02:57 -07:00
Thomas Mendoza
3c21e7d45b Server cert info into objects and orm 2018-07-18 16:02:57 -07:00
Thomas Mendoza
7c6972df7e Remove unnecessary flag, forward-ssl 
Import socket when needed

Move pwd import since more than one thing uses it.
 2018-07-18 16:02:57 -07:00
Thomas Mendoza
753bd0701f Create and move certs for use with spawned notebooks 
Add Localhost to trusted alt names

Update to match refactored certipy names

Add the FQDN to cert alt names for hub

Ensure notebooks do not trust each other

Drop certs in user's home directory

Refactor cert creation and movement

Make alt names configurable

Make attaching alt names more generic

Setup ssl_context for the singleuser hub check
 2018-07-18 16:02:57 -07:00
Thomas Mendoza
c5faf2c5ea Use certipy to automate cert creation 2018-07-18 16:02:57 -07:00
Thomas Mendoza
c50cd1ba7f Propagate certs to everything that needs them 2018-07-18 16:02:57 -07:00
Thomas Mendoza
a69e906c6e Add config and wiring for enabling internal ssl in app 2018-07-18 16:02:57 -07:00
Thomas Mendoza
f7f4759bde Build ssl_context as util, wait_up with context 2018-07-18 16:02:57 -07:00
Min RK
727356870a Merge pull request #2027 from adelcast/dev/adelcast/fix_services_windows 
_ServiceSpawner: add 'SYSTEMROOT' to environment if Windows
 2018-07-13 13:24:49 -05:00
Alejandro del Castillo
39aed3a5a0 _ServiceSpawner: add 'SYSTEMROOT' to environment if Windows 
Python 3 cannot be started without SYSTEMROOT environment variable.
Otherwise, CryptAcquireContext() is unable to find a dll.

https://bugs.python.org/issue20614

Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
 2018-07-06 14:47:19 -05:00
Min RK
ed26578717 back to dev 2018-07-04 11:59:43 +02:00
Min RK
22863f765f 0.9.1 0.9.1 2018-07-04 11:55:42 +02:00
Min RK
b500bd002b Merge pull request #2014 from willingc/bump-testing 
add python 3.7 to travis
 2018-07-04 11:02:55 +02:00
Carol Willing
aca40b24c3 remove env 2018-07-03 16:32:05 -07:00
Carol Willing
b5fe5a80c6 remove 3.7 from python list but leave in matrix 2018-07-03 14:57:58 -07:00
Carol Willing
ad073dd5dd add 3.7 to travis matrix 2018-07-03 14:44:09 -07:00
Carol Willing
7b815558c6 Merge pull request #2021 from minrk/091-changes 
Prepare changelog for 0.9.1
 2018-07-03 14:27:01 -07:00
Min RK
55f58b3ba7 review, note proxy prefix fix 2018-07-03 15:12:30 +02:00
Min RK
e1f93a4721 Merge pull request #2009 from BerserkerTroll/patch-2 
proxy.py: Respect base_url in add_hub_route
 2018-07-03 13:36:48 +02:00
Min RK
2e95f3c039 Merge branch 'master' into patch-2 2018-07-03 13:29:54 +02:00
Min RK
b0ba51f209 host-based routing doesn't support wildcards 2018-07-03 12:27:24 +02:00
Min RK
89e6c2110e add hub.routespec 
this is the routespec for sending requests to the hub

It is [host]/prefix/ (not /hub/) so it receives all
requests, not just those destined for the hub
 2018-07-03 12:05:21 +02:00
Min RK
7dfdc23b4e Prepare changelog for 0.9.1 2018-07-03 11:44:37 +02:00
Min RK
4c7df53a8a Merge pull request #2020 from weatherforce/master 
Fix a couple of typos in the technical reference documentation
 2018-07-03 11:23:36 +02:00
Alex Marandon
678afd3783 Fix a couple of typos 2018-07-03 11:16:55 +02:00
Carol Willing
0185a08f32 Merge pull request #2015 from minrk/allow_remote 
disable host checking in upcoming notebook app
 2018-07-02 08:45:41 -07:00
Tim Head
f3787dd2c8 Merge pull request #2016 from minrk/spawner-docs 
mention get_env and get_args in spawner reference
 2018-06-30 09:59:38 +02:00
Min RK
30f19cfc8c mention get_env and get_args in spawner reference 
these are important and usually required (especially get_env) for custom Spawner implementations
 2018-06-29 14:46:08 +02:00
Min RK
a84fa38c6b ensure prefix is on next_url in test_pages 2018-06-29 14:21:32 +02:00
Min RK
867ce4c213 use app.base_url in Proxy.check_routes 
rather than assuming '/'
 2018-06-29 14:19:20 +02:00
Min RK
005118e09d disable upcoming host checking in single-user notebook application 2018-06-29 11:55:47 +02:00