lockbot 2.0.0__tar.gz

lockbot-2.0.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Jianbang Yang
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

lockbot-2.0.0/MANIFEST.in

@@ -0,0 +1,3 @@
+include README.md
+include LICENSE
+recursive-include python/lockbot/core/i18n *.py

lockbot-2.0.0/PKG-INFO

@@ -0,0 +1,193 @@
+Metadata-Version: 2.4
+Name: lockbot
+Version: 2.0.0
+Summary: Cluster resource management bot for IM platforms
+Author-email: Jianbang Yang <yangjianbang112@gmail.com>
+License: MIT
+Project-URL: Homepage, https://github.com/dynamicheart/lockbot
+Project-URL: Repository, https://github.com/dynamicheart/lockbot
+Project-URL: Issues, https://github.com/dynamicheart/lockbot/issues
+Keywords: bot,cluster,resource-management,gpu,lock
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: System Administrators
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: System :: Clustering
+Classifier: Topic :: Utilities
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: pycryptodome
+Requires-Dist: requests
+Requires-Dist: flask
+Requires-Dist: six
+Requires-Dist: fastapi
+Requires-Dist: uvicorn[standard]
+Requires-Dist: sqlalchemy
+Requires-Dist: pyjwt
+Requires-Dist: cryptography
+Requires-Dist: bcrypt
+Requires-Dist: python-multipart
+Requires-Dist: httpx
+Provides-Extra: dev
+Requires-Dist: pytest>=7.0; extra == "dev"
+Requires-Dist: ruff>=0.1.0; extra == "dev"
+Dynamic: license-file
+
+# lockbot
+
+Cluster resource management bot for IM platforms (e.g., Baidu InfoFlow).
+
+Lock and unlock GPU devices, cluster nodes, and queue slots via chat commands.
+Supports both standalone Flask deployment and a full platform mode with FastAPI + Vue.js frontend.
+
+[中文文档](README_CN.md) | [Live Demo](https://dynamicheart.github.io/lockbot/)
+
+## Features
+
+- **Device Lock Bot** — Lock/unlock individual GPUs or devices on a cluster
+- **Node Lock Bot** — Lock/unlock entire cluster nodes
+- **Queue Bot** — Manage a queue for resource allocation with booking and preemption
+- **Platform Mode** — Web UI (Vue 3 + Element Plus) for managing multiple bots, user authentication (JWT), role-based access control, and real-time logs
+- **State Persistence** — Bot state survives restarts (JSON file)
+- **Bilingual** — English and Chinese UI and bot responses
+
+## Quick Start — Platform Mode (Recommended)
+
+Full management platform with Web UI, multi-bot orchestration, user authentication, and admin panel.
+
+1. Install:
+
+```bash
+pip install lockbot
+```
+
+2. Set environment variables:
+
+```bash
+export JWT_SECRET="your-jwt-secret"
+export ENCRYPTION_KEY="your-fernet-key"    # python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
+export DEV_MODE="true"                      # dev mode, auto-create admin user
+```
+
+3. Start:
+
+```bash
+# Backend
+uvicorn lockbot.backend.app.main:app --host 0.0.0.0 --port 8000 --reload
+
+# Frontend (another terminal)
+cd frontend && npm install && npm run dev
+```
+
+4. Open `http://localhost:8000` in your browser.
+
+### Docker
+
+```bash
+docker build -f docker/Dockerfile -t lockbot .
+
+# Platform mode (default)
+docker run -d -p 8000:8000 \
+  -e JWT_SECRET=your-secret \
+  -e ENCRYPTION_KEY=your-fernet-key \
+  -v lockbot-data:/app/python/lockbot/data \
+  -v lockbot-state:/data/bots \
+  lockbot
+```
+
+## Bot Configuration
+
+| Key | Description | Default |
+|---|---|---|
+| `BOT_TYPE` | `DEVICE`, `NODE`, or `QUEUE` | (required) |
+| `BOT_NAME` | Bot instance name | `demo_bot` |
+| `CLUSTER_CONFIGS` | Cluster layout (dict or list) | `{}` |
+| `TOKEN` | Bot signature verification token | `""` |
+| `AESKEY` | Message decryption AES key | `""` |
+| `WEBHOOK_URL` | Message webhook URL | `""` |
+| `PORT` | Server listen port | `8090` |
+| `DEFAULT_DURATION` | Default lock duration (seconds) | `7200` (2h) |
+| `MAX_LOCK_DURATION` | Max lock duration (seconds) | `-1` (unlimited) |
+| `EARLY_NOTIFY` | Notify before lock expiry | `false` |
+
+See `python/lockbot/core/config.py` for the full configuration reference.
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `lock <node> [duration]` | Exclusive lock (e.g., `lock gpu0 3d`, `lock node1 30m`) |
+| `slock <node> [duration]` | Shared lock (multiple users) |
+| `unlock <node>` / `free <node>` | Release a specific node |
+| `unlock` / `free` | Release all your nodes |
+| `kickout <node>` | Force release (admin) |
+| `book <node> [duration]` | Queue: book a node for later |
+| `take <node>` | Queue: take the current lock |
+| `<node>` | Query current usage |
+| `help` | Show usage |
+
+## Development
+
+```bash
+# Install dev dependencies
+pip install -e ".[dev]"
+
+# Run tests
+pytest
+
+# Lint + format check
+ruff check python/ tests/
+ruff format --check python/ tests/
+```
+
+## Standalone Mode
+
+Single-bot deployment with a lightweight Flask webhook server.
+
+**Device Lock Bot** (per-GPU locking):
+
+```python
+from lockbot.core.bot_instance import BotInstance
+from lockbot.core.entry import create_app
+
+instance = BotInstance("DEVICE", {
+    "BOT_NAME": "my-gpu-bot",
+    "WEBHOOK_URL": "https://your-webhook-url",
+    "TOKEN": "your-bot-token",
+    "AESKEY": "your-aes-key",
+    "CLUSTER_CONFIGS": {
+        "node0": ["A800", "A800", "H100"],
+        "node1": ["A800", "H100"],
+    },
+})
+
+app = create_app(bot=instance.bot, bot_name="my-gpu-bot", port=8000)
+app.run(host="0.0.0.0", port=8000)
+```
+
+**Node Lock Bot / Queue Bot** (per-node locking or queue scheduling):
+
+```python
+from lockbot.core.bot_instance import BotInstance
+from lockbot.core.entry import create_app
+
+instance = BotInstance("NODE", {       # or "QUEUE" for queue scheduling
+    "BOT_NAME": "my-node-bot",
+    "WEBHOOK_URL": "https://your-webhook-url",
+    "TOKEN": "your-bot-token",
+    "AESKEY": "your-aes-key",
+    "CLUSTER_CONFIGS": ["node0", "node1", "node2", "node3"],
+})
+
+app = create_app(bot=instance.bot, bot_name="my-node-bot", port=8000)
+app.run(host="0.0.0.0", port=8000)
+```
+
+## License
+
+MIT

lockbot-2.0.0/README.md

@@ -0,0 +1,153 @@
+# lockbot
+
+Cluster resource management bot for IM platforms (e.g., Baidu InfoFlow).
+
+Lock and unlock GPU devices, cluster nodes, and queue slots via chat commands.
+Supports both standalone Flask deployment and a full platform mode with FastAPI + Vue.js frontend.
+
+[中文文档](README_CN.md) | [Live Demo](https://dynamicheart.github.io/lockbot/)
+
+## Features
+
+- **Device Lock Bot** — Lock/unlock individual GPUs or devices on a cluster
+- **Node Lock Bot** — Lock/unlock entire cluster nodes
+- **Queue Bot** — Manage a queue for resource allocation with booking and preemption
+- **Platform Mode** — Web UI (Vue 3 + Element Plus) for managing multiple bots, user authentication (JWT), role-based access control, and real-time logs
+- **State Persistence** — Bot state survives restarts (JSON file)
+- **Bilingual** — English and Chinese UI and bot responses
+
+## Quick Start — Platform Mode (Recommended)
+
+Full management platform with Web UI, multi-bot orchestration, user authentication, and admin panel.
+
+1. Install:
+
+```bash
+pip install lockbot
+```
+
+2. Set environment variables:
+
+```bash
+export JWT_SECRET="your-jwt-secret"
+export ENCRYPTION_KEY="your-fernet-key"    # python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
+export DEV_MODE="true"                      # dev mode, auto-create admin user
+```
+
+3. Start:
+
+```bash
+# Backend
+uvicorn lockbot.backend.app.main:app --host 0.0.0.0 --port 8000 --reload
+
+# Frontend (another terminal)
+cd frontend && npm install && npm run dev
+```
+
+4. Open `http://localhost:8000` in your browser.
+
+### Docker
+
+```bash
+docker build -f docker/Dockerfile -t lockbot .
+
+# Platform mode (default)
+docker run -d -p 8000:8000 \
+  -e JWT_SECRET=your-secret \
+  -e ENCRYPTION_KEY=your-fernet-key \
+  -v lockbot-data:/app/python/lockbot/data \
+  -v lockbot-state:/data/bots \
+  lockbot
+```
+
+## Bot Configuration
+
+| Key | Description | Default |
+|---|---|---|
+| `BOT_TYPE` | `DEVICE`, `NODE`, or `QUEUE` | (required) |
+| `BOT_NAME` | Bot instance name | `demo_bot` |
+| `CLUSTER_CONFIGS` | Cluster layout (dict or list) | `{}` |
+| `TOKEN` | Bot signature verification token | `""` |
+| `AESKEY` | Message decryption AES key | `""` |
+| `WEBHOOK_URL` | Message webhook URL | `""` |
+| `PORT` | Server listen port | `8090` |
+| `DEFAULT_DURATION` | Default lock duration (seconds) | `7200` (2h) |
+| `MAX_LOCK_DURATION` | Max lock duration (seconds) | `-1` (unlimited) |
+| `EARLY_NOTIFY` | Notify before lock expiry | `false` |
+
+See `python/lockbot/core/config.py` for the full configuration reference.
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `lock <node> [duration]` | Exclusive lock (e.g., `lock gpu0 3d`, `lock node1 30m`) |
+| `slock <node> [duration]` | Shared lock (multiple users) |
+| `unlock <node>` / `free <node>` | Release a specific node |
+| `unlock` / `free` | Release all your nodes |
+| `kickout <node>` | Force release (admin) |
+| `book <node> [duration]` | Queue: book a node for later |
+| `take <node>` | Queue: take the current lock |
+| `<node>` | Query current usage |
+| `help` | Show usage |
+
+## Development
+
+```bash
+# Install dev dependencies
+pip install -e ".[dev]"
+
+# Run tests
+pytest
+
+# Lint + format check
+ruff check python/ tests/
+ruff format --check python/ tests/
+```
+
+## Standalone Mode
+
+Single-bot deployment with a lightweight Flask webhook server.
+
+**Device Lock Bot** (per-GPU locking):
+
+```python
+from lockbot.core.bot_instance import BotInstance
+from lockbot.core.entry import create_app
+
+instance = BotInstance("DEVICE", {
+    "BOT_NAME": "my-gpu-bot",
+    "WEBHOOK_URL": "https://your-webhook-url",
+    "TOKEN": "your-bot-token",
+    "AESKEY": "your-aes-key",
+    "CLUSTER_CONFIGS": {
+        "node0": ["A800", "A800", "H100"],
+        "node1": ["A800", "H100"],
+    },
+})
+
+app = create_app(bot=instance.bot, bot_name="my-gpu-bot", port=8000)
+app.run(host="0.0.0.0", port=8000)
+```
+
+**Node Lock Bot / Queue Bot** (per-node locking or queue scheduling):
+
+```python
+from lockbot.core.bot_instance import BotInstance
+from lockbot.core.entry import create_app
+
+instance = BotInstance("NODE", {       # or "QUEUE" for queue scheduling
+    "BOT_NAME": "my-node-bot",
+    "WEBHOOK_URL": "https://your-webhook-url",
+    "TOKEN": "your-bot-token",
+    "AESKEY": "your-aes-key",
+    "CLUSTER_CONFIGS": ["node0", "node1", "node2", "node3"],
+})
+
+app = create_app(bot=instance.bot, bot_name="my-node-bot", port=8000)
+app.run(host="0.0.0.0", port=8000)
+```
+
+## License
+
+MIT

lockbot-2.0.0/pyproject.toml

@@ -0,0 +1,78 @@
+[build-system]
+requires = ["setuptools>=68.0", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "lockbot"
+version = "2.0.0"
+description = "Cluster resource management bot for IM platforms"
+readme = "README.md"
+license = {text = "MIT"}
+requires-python = ">=3.10"
+authors = [
+    {name = "Jianbang Yang", email = "yangjianbang112@gmail.com"},
+]
+keywords = ["bot", "cluster", "resource-management", "gpu", "lock"]
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "Intended Audience :: Developers",
+    "Intended Audience :: System Administrators",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Topic :: System :: Clustering",
+    "Topic :: Utilities",
+]
+
+dependencies = [
+    # Core (standalone bot)
+    "pycryptodome",
+    "requests",
+    "flask",
+    "six",
+    # Backend (platform mode)
+    "fastapi",
+    "uvicorn[standard]",
+    "sqlalchemy",
+    "pyjwt",
+    "cryptography",
+    "bcrypt",
+    "python-multipart",
+    "httpx",
+]
+
+[project.optional-dependencies]
+dev = [
+    "pytest>=7.0",
+    "ruff>=0.1.0",
+]
+
+[project.urls]
+Homepage = "https://github.com/dynamicheart/lockbot"
+Repository = "https://github.com/dynamicheart/lockbot"
+Issues = "https://github.com/dynamicheart/lockbot/issues"
+
+[tool.setuptools.packages.find]
+where = ["python"]
+
+[tool.setuptools.package-data]
+lockbot = ["core/i18n/*.py"]
+
+[tool.ruff]
+target-version = "py310"
+line-length = 120
+
+[tool.ruff.lint]
+select = ["E", "F", "W", "I", "UP", "B", "SIM"]
+ignore = ["SIM108"]
+
+[tool.ruff.lint.per-file-ignores]
+"python/lockbot/backend/**" = ["B008"]  # FastAPI Depends() in defaults is idiomatic
+
+[tool.ruff.format]
+quote-style = "double"
+
+[tool.pytest.ini_options]
+testpaths = ["tests"]

lockbot-2.0.0/python/lockbot/backend/app/admin/router.py

@@ -0,0 +1,224 @@
+"""
+Admin API routes.
+"""
+
+import contextlib
+import os
+import shutil
+import tempfile
+from datetime import datetime
+
+from fastapi import APIRouter, Depends, HTTPException
+from fastapi.responses import FileResponse
+from sqlalchemy.orm import Session
+from starlette.background import BackgroundTask
+
+from lockbot.backend.app.auth.dependencies import can_manage_user, require_admin, require_super_admin
+from lockbot.backend.app.auth.models import User
+from lockbot.backend.app.auth.router import _generate_password, _hash_password
+from lockbot.backend.app.auth.schemas import (
+    AdminCreateUser,
+    AdminEditUser,
+    PasswordResetOut,
+    UserOut,
+)
+from lockbot.backend.app.bots.models import Bot
+from lockbot.backend.app.database import get_db
+
+router = APIRouter(prefix="/api/admin", tags=["admin"])
+
+ADMIN_VISIBLE_ROLES = ("admin", "user")
+SUPER_ADMIN_VISIBLE_ROLES = ("super_admin", "admin", "user")
+ADMIN_CREATABLE_ROLES = ("user",)
+
+
+@router.post("/users", response_model=PasswordResetOut, status_code=201)
+def admin_create_user(
+    body: AdminCreateUser,
+    operator: User = Depends(require_admin),
+    db: Session = Depends(get_db),
+):
+    """Admin creates a user. Super_admin can create admin/user; admin can only create user."""
+    # Non-super_admin can only create regular users
+    if operator.role != "super_admin" and body.role not in ADMIN_CREATABLE_ROLES:
+        raise HTTPException(status_code=403, detail="Cannot create user with this role")
+
+    if body.role not in SUPER_ADMIN_VISIBLE_ROLES:
+        raise HTTPException(status_code=400, detail=f"Invalid role, must be one of {SUPER_ADMIN_VISIBLE_ROLES}")
+
+    exists = db.query(User).filter(User.username == body.username).first()
+    if exists:
+        raise HTTPException(status_code=409, detail="Username already taken")
+    dup_email = db.query(User).filter(User.email == body.email).first()
+    if dup_email:
+        raise HTTPException(status_code=409, detail="Email already taken")
+
+    raw_password = _generate_password()
+    user = User(
+        username=body.username,
+        email=body.email,
+        password_hash=_hash_password(raw_password),
+        role=body.role,
+        max_running_bots=body.max_running_bots,
+        must_change_password=True,
+    )
+    db.add(user)
+    db.commit()
+    db.refresh(user)
+    return PasswordResetOut(id=user.id, username=user.username, new_password=raw_password)
+
+
+@router.get("/users", response_model=list[UserOut])
+def list_users(
+    operator: User = Depends(require_admin),
+    db: Session = Depends(get_db),
+):
+    """List users visible to the operator.
+    Super_admin sees all; admin sees only users (not admins/super_admins)."""
+    if operator.role == "super_admin":
+        return db.query(User).all()
+
+    # admin: see regular users + self
+    return db.query(User).filter((User.role == "user") | (User.id == operator.id)).all()
+
+
+@router.put("/users/{user_id}", response_model=UserOut)
+def admin_edit_user(
+    user_id: int,
+    body: AdminEditUser,
+    operator: User = Depends(require_admin),
+    db: Session = Depends(get_db),
+):
+    """Admin edits user profile."""
+    target = db.get(User, user_id)
+    if not target:
+        raise HTTPException(status_code=404, detail="User not found")
+
+    # Cannot edit users at or above your own level
+    if not can_manage_user(operator, target.role):
+        raise HTTPException(status_code=403, detail="Cannot manage this user")
+
+    if body.username is not None and body.username != target.username:
+        dup = db.query(User).filter(User.username == body.username).first()
+        if dup:
+            raise HTTPException(status_code=409, detail="Username already taken")
+        target.username = body.username
+
+    if body.email is not None and body.email != target.email:
+        dup = db.query(User).filter(User.email == body.email).first()
+        if dup:
+            raise HTTPException(status_code=409, detail="Email already taken")
+        target.email = body.email
+
+    if body.role is not None:
+        if body.role not in SUPER_ADMIN_VISIBLE_ROLES:
+            raise HTTPException(status_code=400, detail="Invalid role")
+        # Only super_admin can promote to admin
+        if body.role in ("admin", "super_admin") and operator.role != "super_admin":
+            raise HTTPException(status_code=403, detail="Only super admin can set this role")
+        target.role = body.role
+
+    if body.max_running_bots is not None:
+        target.max_running_bots = body.max_running_bots
+
+    db.commit()
+    db.refresh(target)
+    return target
+
+
+@router.put("/users/{user_id}/max-bots")
+def set_max_bots(
+    user_id: int,
+    body: dict,
+    operator: User = Depends(require_admin),
+    db: Session = Depends(get_db),
+):
+    user = db.get(User, user_id)
+    if not user:
+        raise HTTPException(status_code=404, detail="User not found")
+    if not can_manage_user(operator, user.role):
+        raise HTTPException(status_code=403, detail="Cannot manage this user")
+    user.max_running_bots = body["max_running_bots"]
+    db.commit()
+    db.refresh(user)
+    return {"id": user.id, "max_running_bots": user.max_running_bots}
+
+
+@router.post("/users/{user_id}/reset-password", response_model=PasswordResetOut)
+def admin_reset_password(
+    user_id: int,
+    operator: User = Depends(require_admin),
+    db: Session = Depends(get_db),
+):
+    """Admin resets a user's password. Returns the new plaintext password."""
+    target = db.get(User, user_id)
+    if not target:
+        raise HTTPException(status_code=404, detail="User not found")
+    if not can_manage_user(operator, target.role):
+        raise HTTPException(status_code=403, detail="Cannot manage this user")
+    raw_password = _generate_password()
+    target.password_hash = _hash_password(raw_password)
+    target.must_change_password = True
+    db.commit()
+    db.refresh(target)
+    return PasswordResetOut(id=target.id, username=target.username, new_password=raw_password)
+
+
+@router.get("/bots")
+def list_all_bots(
+    _admin: User = Depends(require_admin),
+    db: Session = Depends(get_db),
+):
+    rows = db.query(Bot, User.username).join(User, Bot.user_id == User.id).all()
+    return [
+        {c.name: getattr(bot, c.name) for c in bot.__table__.columns} | {"owner": username} for bot, username in rows
+    ]
+
+
+@router.get("/stats")
+def platform_stats(
+    _admin: User = Depends(require_admin),
+    db: Session = Depends(get_db),
+):
+    total_users = db.query(User).count()
+    bots = db.query(Bot).all()
+    return {
+        "totalUsers": total_users,
+        "totalBots": len(bots),
+        "running": sum(1 for b in bots if b.status == "running"),
+        "errors": sum(1 for b in bots if b.status == "error"),
+    }
+
+
+@router.get("/backup")
+def download_backup(
+    _admin: User = Depends(require_super_admin),
+):
+    """Download full SQLite database backup (super_admin only)."""
+    from lockbot.backend.app.config import DATABASE_URL
+
+    db_url = DATABASE_URL
+    if not db_url.startswith("sqlite:///"):
+        raise HTTPException(status_code=400, detail="Backup only supported for SQLite")
+
+    db_path = db_url[len("sqlite:///") :]
+    if not os.path.exists(db_path):
+        raise HTTPException(status_code=404, detail="Database file not found")
+
+    # Copy to temp file to avoid sending a mid-write database
+    fd, tmp_path = tempfile.mkstemp(suffix=".db")
+    os.close(fd)
+    try:
+        shutil.copy2(db_path, tmp_path)
+    except BaseException:
+        with contextlib.suppress(OSError):
+            os.unlink(tmp_path)
+        raise
+
+    filename = f"lockbot_backup_{datetime.now().strftime('%Y%m%d_%H%M%S')}.db"
+    return FileResponse(
+        path=tmp_path,
+        filename=filename,
+        media_type="application/x-sqlite3",
+        background=BackgroundTask(os.unlink, tmp_path),
+    )