7880ea8d79
Organize podman/ directory into logical subdirectories: New structure: - docs/ - ML_TOOLS_GUIDE.md, jupyter_workflow.md - configs/ - environment*.yml, security_policy.json - containers/ - *.dockerfile, *.podfile - scripts/ - *.sh, *.py (secure_runner, cli_integration, etc.) - jupyter/ - jupyter_cookie_secret (flattened from jupyter_runtime/runtime/) - workspace/ - Example projects (cleaned of temp files) Cleaned workspace: - Removed .DS_Store, mlflow.db, cache/ - Removed duplicate cli_integration.py Removed unnecessary nesting: - Flattened jupyter_runtime/runtime/ to just jupyter/ Improves maintainability by grouping files by purpose and eliminating root directory clutter.
39 lines
707 B
JSON
39 lines
707 B
JSON
{
|
|
"allow_network": true,
|
|
"allowed_network_tools": [
|
|
"mlflow",
|
|
"wandb",
|
|
"streamlit",
|
|
"dash",
|
|
"panel",
|
|
"bokeh"
|
|
],
|
|
"network_whitelist": [
|
|
"localhost",
|
|
"127.0.0.1",
|
|
"0.0.0.0"
|
|
],
|
|
"blocked_packages": [
|
|
"requests",
|
|
"urllib3",
|
|
"httpx",
|
|
"aiohttp",
|
|
"socket",
|
|
"telnetlib",
|
|
"ftplib"
|
|
],
|
|
"max_execution_time": 3600,
|
|
"max_memory_gb": 16,
|
|
"gpu_devices": ["/dev/dri"],
|
|
"allow_file_writes": true,
|
|
"resource_limits": {
|
|
"cpu_count": 4,
|
|
"memory_gb": 16,
|
|
"gpu_memory_gb": 12
|
|
},
|
|
"rootless_mode": true,
|
|
"user_namespace": "keep-id",
|
|
"selinux_context": "disable",
|
|
"no_new_privileges": true,
|
|
"drop_capabilities": "ALL"
|
|
}
|