This change adds an "authorized_keys" file similar to sshd which can control
access to an Ollama server. The file itself is very simple and consists of
various entries for Ollama public keys.
The format is:
<key format> <public key> <name> [<endpoint>,...]
Examples:
ssh-ed25519 AAAAC3NzaC1lZDI1NT... bob /api/tags,/api/ps,/api/show,/api/generate,/api/chat
Use the "*" wildcard symbol to substitute any value, e.g.:
To grant full access to "bob":
ssh-ed25519 AAAAC3NzaC1lZDI1NT... bob *
To allow all callers to view tags (i.e. "ollama ls"):
* * * /api/tags
- The key format must be set to "ssh-ed25519" or set to the wildcard character.
- The public key must be an ssh based ed25519 (Ollama) public key or set to the wildcard
character.
- Name can be any string you wish to associate with the public key. Note that if a public
key is used in more than one entry in the file, the first instance of the name will be
used and subsequent name values will be ignored.
- Endpoints is a comma separated list of Ollama Server API endpoints or the wildcard
character. The HTTP method is not currently needed, but could be added in the future.
StatusError was unreachable, the client always checked for error messages in the response body first, and the server always includes error messages with HTTP error status codes.
Added unit tests to verify error handling behavior in the Client.stream and Client.do methods.
Tests cover various error scenarios including:
- Error responses with status codes >= 400
- Error messages with successful status codes
- Empty error messages
- Successful responses
Patrick Devine
Bruce MacDonald
Michael Yang
Patrick Devine