From 5ff32956584de66d46a811cb5ad3111bafdfb6cb Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 4 Jul 2023 18:58:13 +0200 Subject: [PATCH 01/93] fixed deploy docker --- .gitlab-ci.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 37ac17b..b0d67b4 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -266,9 +266,13 @@ gemnasium-python-dependency_scanning: deploy:docker: extends: .deploy + image: docker:dind stage: deploy + tags: [ docker ] before_script: - echo "Building docker image for commit $CI_COMMIT_SHA with version $CI_COMMIT_REF_NAME" + - docker buildx inspect + - docker buildx create --use script: - echo "========== GitLab-Registry ==========" - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY From fd4fa84dc5570391f285f80dc23eac3d33bebbf0 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 4 Jul 2023 19:39:06 +0200 Subject: [PATCH 02/93] fixed docker image name (gitlab registry) --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b0d67b4..ae98336 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -276,7 +276,7 @@ deploy:docker: script: - echo "========== GitLab-Registry ==========" - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY - - IMAGE=$CI_REGISTRY/$CI_PROJECT_PATH/$CI_COMMIT_REF_NAME + - IMAGE=$CI_REGISTRY/$CI_PROJECT_PATH - docker buildx build --progress=plain --platform $DOCKER_BUILDX_PLATFORM --build-arg VERSION=$CI_COMMIT_REF_NAME --build-arg COMMIT=$CI_COMMIT_SHA --tag $IMAGE:$CI_COMMIT_REF_NAME --push . - docker buildx build --progress=plain --platform $DOCKER_BUILDX_PLATFORM --build-arg VERSION=$CI_COMMIT_REF_NAME --build-arg COMMIT=$CI_COMMIT_SHA --tag $IMAGE:latest --push . - echo "========== Docker-Hub ==========" From 23ccea538f76950f87906ef7ade78cf3494f7169 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 27 Jun 2024 08:32:15 +0200 Subject: [PATCH 03/93] README reorganized --- README.md | 58 ++++++++++++++++++++++++++++--------------------------- 1 file changed, 30 insertions(+), 28 deletions(-) diff --git a/README.md b/README.md index 3834be3..0ba46d4 100644 --- a/README.md +++ b/README.md @@ -24,6 +24,35 @@ Only the clients need a connection to this service on configured port. * [vGPU_Unlock Wiki](https://docs.google.com/document/d/1pzrWJ9h-zANCtyqRgS7Vzla0Y8Ea2-5z2HEi4X75d2Q) - Guide for `vgpu_unlock` * [Proxmox All-In-One Installer Script](https://wvthoog.nl/proxmox-vgpu-v3/) - Also known as `proxmox-installer.sh` +**vGPU Software Compatibility Matrix** + +Successfully tested with this package versions. + +| vGPU Suftware | Driver Branch | Linux vGPU Manager | Linux Driver | Windows Driver | Release Date | EOL Date | +|:-------------:|:-------------:|--------------------|--------------|----------------|--------------:|--------------:| +| `17.2` | R550 | `550.90.05` | `550.90.07` | `552.55` | June 2024 | February 2025 | +| `17.1` | R550 | `550.54.16` | `550.54.15` | `551.78` | March 2024 | | +| `17.0` | R550 | `550.54.10` | `550.54.14` | `551.61` | February 2024 | | +| `16.6` | R535 | `535.183.04` | `535.183.01` | `538.67` | June 2024 | July 2026 | +| `16.5` | R535 | `535.161.05` | `535.161.08` | `538.46` | February 2024 | | +| `16.4` | R535 | `535.161.05` | `535.161.07` | `538.33` | February 2024 | | +| `16.3` | R535 | `535.154.02` | `535.154.05` | `538.15` | January 2024 | | +| `16.2` | R535 | `535.129.03` | `535.129.03` | `537.70` | October 2023 | | +| `16.1` | R535 | `535.104.06` | `535.104.05` | `537.13` | August 2023 | | +| `16.0` | R535 | `535.54.06` | `535.54.03` | `536.22` | July 2023 | | +| `15.4` | R525 | `525.147.01` | `525.147.05` | `529.19` | June 2023 | October 2023 | +| `15.3` | R525 | `525.125.03` | `525.125.06` | `529.11` | June 2023 | | +| `15.2` | R525 | `525.105.14` | `525.105.17` | `528.89` | March 2023 | | +| `15.1` | R525 | `525.85.07` | `525.85.05` | `528.24` | January 2023 | | +| `15.0` | R525 | `525.60.12` | `525.60.13` | `527.41` | December 2022 | | +| `14.4` | R510 | `510.108.03` | `510.108.03` | `514.08` | December 2022 | February 2023 | +| `14.3` | R510 | `510.108.03` | `510.108.03` | `513.91` | November 2022 | | + +- https://docs.nvidia.com/grid/index.html +- https://docs.nvidia.com/grid/gpus-supported-by-vgpu.html + +*To get the latest drivers, visit Nvidia or search in Discord-Channel `GPU Unlocking` (Server-ID: `829786927829745685`) on channel `licensing` + --- [TOC] @@ -434,33 +463,6 @@ client has 19.2 hours in which to re-establish connectivity before its license e **The token file has to be copied! It's not enough to C&P file contents, because there can be special characters.** -Successfully tested with this package versions: - -| vGPU Suftware | Driver Branch | Linux vGPU Manager | Linux Driver | Windows Driver | Release Date | EOL Date | -|:-------------:|:-------------:|--------------------|--------------|----------------|--------------:|--------------:| -| `17.2` | R550 | `550.90.05` | `550.90.07` | `552.55` | June 2024 | February 2025 | -| `17.1` | R550 | `550.54.16` | `550.54.15` | `551.78` | March 2024 | | -| `17.0` | R550 | `550.54.10` | `550.54.14` | `551.61` | February 2024 | | -| `16.6` | R535 | `535.183.04` | `535.183.01` | `538.67` | June 2024 | July 2026 | -| `16.5` | R535 | `535.161.05` | `535.161.08` | `538.46` | February 2024 | | -| `16.4` | R535 | `535.161.05` | `535.161.07` | `538.33` | February 2024 | | -| `16.3` | R535 | `535.154.02` | `535.154.05` | `538.15` | January 2024 | | -| `16.2` | R535 | `535.129.03` | `535.129.03` | `537.70` | October 2023 | | -| `16.1` | R535 | `535.104.06` | `535.104.05` | `537.13` | August 2023 | | -| `16.0` | R535 | `535.54.06` | `535.54.03` | `536.22` | July 2023 | | -| `15.4` | R525 | `525.147.01` | `525.147.05` | `529.19` | June 2023 | October 2023 | -| `15.3` | R525 | `525.125.03` | `525.125.06` | `529.11` | June 2023 | | -| `15.2` | R525 | `525.105.14` | `525.105.17` | `528.89` | March 2023 | | -| `15.1` | R525 | `525.85.07` | `525.85.05` | `528.24` | January 2023 | | -| `15.0` | R525 | `525.60.12` | `525.60.13` | `527.41` | December 2022 | | -| `14.4` | R510 | `510.108.03` | `510.108.03` | `514.08` | December 2022 | February 2023 | -| `14.3` | R510 | `510.108.03` | `510.108.03` | `513.91` | November 2022 | | - -- https://docs.nvidia.com/grid/index.html -- https://docs.nvidia.com/grid/gpus-supported-by-vgpu.html - -*To get the latest drivers, visit Nvidia or search in Discord-Channel `GPU Unlocking` (Server-ID: `829786927829745685`) on channel `licensing` `biggerthanshit` - ## Linux Download *client-token* and place it into `/etc/nvidia/ClientConfigToken`: @@ -748,7 +750,7 @@ The error message can safely be ignored (since we have no license limitation :P) Thanks to vGPU community and all who uses this project and report bugs. -Special thanks to +Special thanks to: - @samicrusader who created build file for **ArchLinux** - @cyrus who wrote the section for **openSUSE** From 1b7d8bc0dccaadcb5c6b27910210daffbd6fb609 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 27 Jun 2024 08:37:21 +0200 Subject: [PATCH 04/93] README reorganized --- README.md | 63 ++++++++++++++++++++++++++++--------------------------- 1 file changed, 32 insertions(+), 31 deletions(-) diff --git a/README.md b/README.md index 0ba46d4..63237e6 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,8 @@ Minimal Delegated License Service (DLS). -Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0. For Driver compatibility see [here](#setup-client). +Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0. For Driver compatibility +see [compatibility matrix](#vgpu-software-compatibility-matrix). This service can be used without internet connection. Only the clients need a connection to this service on configured port. @@ -24,35 +25,6 @@ Only the clients need a connection to this service on configured port. * [vGPU_Unlock Wiki](https://docs.google.com/document/d/1pzrWJ9h-zANCtyqRgS7Vzla0Y8Ea2-5z2HEi4X75d2Q) - Guide for `vgpu_unlock` * [Proxmox All-In-One Installer Script](https://wvthoog.nl/proxmox-vgpu-v3/) - Also known as `proxmox-installer.sh` -**vGPU Software Compatibility Matrix** - -Successfully tested with this package versions. - -| vGPU Suftware | Driver Branch | Linux vGPU Manager | Linux Driver | Windows Driver | Release Date | EOL Date | -|:-------------:|:-------------:|--------------------|--------------|----------------|--------------:|--------------:| -| `17.2` | R550 | `550.90.05` | `550.90.07` | `552.55` | June 2024 | February 2025 | -| `17.1` | R550 | `550.54.16` | `550.54.15` | `551.78` | March 2024 | | -| `17.0` | R550 | `550.54.10` | `550.54.14` | `551.61` | February 2024 | | -| `16.6` | R535 | `535.183.04` | `535.183.01` | `538.67` | June 2024 | July 2026 | -| `16.5` | R535 | `535.161.05` | `535.161.08` | `538.46` | February 2024 | | -| `16.4` | R535 | `535.161.05` | `535.161.07` | `538.33` | February 2024 | | -| `16.3` | R535 | `535.154.02` | `535.154.05` | `538.15` | January 2024 | | -| `16.2` | R535 | `535.129.03` | `535.129.03` | `537.70` | October 2023 | | -| `16.1` | R535 | `535.104.06` | `535.104.05` | `537.13` | August 2023 | | -| `16.0` | R535 | `535.54.06` | `535.54.03` | `536.22` | July 2023 | | -| `15.4` | R525 | `525.147.01` | `525.147.05` | `529.19` | June 2023 | October 2023 | -| `15.3` | R525 | `525.125.03` | `525.125.06` | `529.11` | June 2023 | | -| `15.2` | R525 | `525.105.14` | `525.105.17` | `528.89` | March 2023 | | -| `15.1` | R525 | `525.85.07` | `525.85.05` | `528.24` | January 2023 | | -| `15.0` | R525 | `525.60.12` | `525.60.13` | `527.41` | December 2022 | | -| `14.4` | R510 | `510.108.03` | `510.108.03` | `514.08` | December 2022 | February 2023 | -| `14.3` | R510 | `510.108.03` | `510.108.03` | `513.91` | November 2022 | | - -- https://docs.nvidia.com/grid/index.html -- https://docs.nvidia.com/grid/gpus-supported-by-vgpu.html - -*To get the latest drivers, visit Nvidia or search in Discord-Channel `GPU Unlocking` (Server-ID: `829786927829745685`) on channel `licensing` - --- [TOC] @@ -537,7 +509,6 @@ Done. For more information check [troubleshoot section](#troubleshoot). 8. Set schedule to `At First Array Start Only` 9. Click on Apply - # Endpoints
@@ -746,6 +717,36 @@ The error message can safely be ignored (since we have no license limitation :P)
+# vGPU Software Compatibility Matrix + +Successfully tested with this package versions. + +| vGPU Suftware | Driver Branch | Linux vGPU Manager | Linux Driver | Windows Driver | Release Date | EOL Date | +|:-------------:|:-------------:|--------------------|--------------|----------------|--------------:|--------------:| +| `17.2` | R550 | `550.90.05` | `550.90.07` | `552.55` | June 2024 | February 2025 | +| `17.1` | R550 | `550.54.16` | `550.54.15` | `551.78` | March 2024 | | +| `17.0` | R550 | `550.54.10` | `550.54.14` | `551.61` | February 2024 | | +| `16.6` | R535 | `535.183.04` | `535.183.01` | `538.67` | June 2024 | July 2026 | +| `16.5` | R535 | `535.161.05` | `535.161.08` | `538.46` | February 2024 | | +| `16.4` | R535 | `535.161.05` | `535.161.07` | `538.33` | February 2024 | | +| `16.3` | R535 | `535.154.02` | `535.154.05` | `538.15` | January 2024 | | +| `16.2` | R535 | `535.129.03` | `535.129.03` | `537.70` | October 2023 | | +| `16.1` | R535 | `535.104.06` | `535.104.05` | `537.13` | August 2023 | | +| `16.0` | R535 | `535.54.06` | `535.54.03` | `536.22` | July 2023 | | +| `15.4` | R525 | `525.147.01` | `525.147.05` | `529.19` | June 2023 | October 2023 | +| `15.3` | R525 | `525.125.03` | `525.125.06` | `529.11` | June 2023 | | +| `15.2` | R525 | `525.105.14` | `525.105.17` | `528.89` | March 2023 | | +| `15.1` | R525 | `525.85.07` | `525.85.05` | `528.24` | January 2023 | | +| `15.0` | R525 | `525.60.12` | `525.60.13` | `527.41` | December 2022 | | +| `14.4` | R510 | `510.108.03` | `510.108.03` | `514.08` | December 2022 | February 2023 | +| `14.3` | R510 | `510.108.03` | `510.108.03` | `513.91` | November 2022 | | + +- https://docs.nvidia.com/grid/index.html +- https://docs.nvidia.com/grid/gpus-supported-by-vgpu.html + +*To get the latest drivers, visit Nvidia or search in Discord-Channel `GPU Unlocking` (Server-ID: `829786927829745685`) +on channel `licensing` + # Credits Thanks to vGPU community and all who uses this project and report bugs. From 3c321a202cb3bf7c377f7d8987aee99be31f4826 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 27 Jun 2024 08:45:25 +0200 Subject: [PATCH 05/93] README updated --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 63237e6..634e39c 100644 --- a/README.md +++ b/README.md @@ -43,6 +43,9 @@ Tested with Ubuntu 22.10 (EOL!) (from Proxmox templates), actually its consuming - Make sure your timezone is set correct on you fastapi-dls server and your client +This guide does not show how to install vGPU host drivers! Look at the official documentation packed with the driver +releases. + ## Docker Docker-Images are available here for Intel (x86), AMD (amd64) and ARM (arm64): @@ -435,6 +438,9 @@ client has 19.2 hours in which to re-establish connectivity before its license e **The token file has to be copied! It's not enough to C&P file contents, because there can be special characters.** +This guide does not show how to install vGPU guest drivers! Look at the official documentation packed with the driver +releases. + ## Linux Download *client-token* and place it into `/etc/nvidia/ClientConfigToken`: From 8af3c8e2b34b92f767cff2bf8e9c4e04777fc2de Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 27 Jun 2024 08:47:04 +0200 Subject: [PATCH 06/93] README updated --- README.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 634e39c..be929b1 100644 --- a/README.md +++ b/README.md @@ -515,32 +515,32 @@ Done. For more information check [troubleshoot section](#troubleshoot). 8. Set schedule to `At First Array Start Only` 9. Click on Apply -# Endpoints +# API Endpoints
show -### `GET /` +**`GET /`** Redirect to `/-/readme`. -### `GET /-/health` +**`GET /-/health`** Status endpoint, used for *healthcheck*. -### `GET /-/config` +**`GET /-/config`** Shows current runtime environment variables and their values. -### `GET /-/readme` +**`GET /-/readme`** HTML rendered README.md. -### `GET /-/manage` +**`GET /-/manage`** Shows a very basic UI to delete origins or leases. -### `GET /-/origins?leases=false` +**`GET /-/origins?leases=false`** List registered origins. @@ -548,11 +548,11 @@ List registered origins. |-----------------|---------|--------------------------------------| | `leases` | `false` | Include referenced leases per origin | -### `DELETE /-/origins` +**`DELETE /-/origins`** Deletes all origins and their leases. -### `GET /-/leases?origin=false` +**`GET /-/leases?origin=false`** List current leases. @@ -560,11 +560,11 @@ List current leases. |-----------------|---------|-------------------------------------| | `origin` | `false` | Include referenced origin per lease | -### `DELETE /-/lease/{lease_ref}` +**`DELETE /-/lease/{lease_ref}`** Deletes an lease. -### `GET /-/client-token` +**`GET /-/client-token`** Generate client token, (see [installation](#installation)). From 49a24f0b68cc5e38c7978a261e84fd69f996bfab Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 27 Jun 2024 08:47:35 +0200 Subject: [PATCH 07/93] README updated --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index be929b1..f38ec9f 100644 --- a/README.md +++ b/README.md @@ -568,7 +568,7 @@ Deletes an lease. Generate client token, (see [installation](#installation)). -### Others +**Others** There are many other internal api endpoints for handling authentication and lease process.
From 8edbb25c16de6b972ace8349a671d03d00b5bd8a Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 27 Jun 2024 08:49:31 +0200 Subject: [PATCH 08/93] README updated --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index f38ec9f..aca426f 100644 --- a/README.md +++ b/README.md @@ -595,9 +595,9 @@ Logs are available in `C:\Users\Public\Documents\Nvidia\LoggingLog.NVDisplay.Con ## Linux -### `uvicorn.error:Invalid HTTP request received.` +### Invalid HTTP request -This message can be ignored. +This error message: `uvicorn.error:Invalid HTTP request received.` can be ignored. - Ref. https://github.com/encode/uvicorn/issues/441 From 4b0219b85a4bafd7efd672824ca08ec15b5333dc Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 11 Jul 2024 05:49:00 +0200 Subject: [PATCH 09/93] updated to new vgpu page ref. https://docs.nvidia.com/vgpu/index.html --- test/create_driver_matrix_json.py | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/test/create_driver_matrix_json.py b/test/create_driver_matrix_json.py index 1f31884..2047d2e 100644 --- a/test/create_driver_matrix_json.py +++ b/test/create_driver_matrix_json.py @@ -4,7 +4,7 @@ logging.basicConfig() logger = logging.getLogger(__name__) logger.setLevel(logging.INFO) -URL = 'https://docs.nvidia.com/grid/' +URL = 'https://docs.nvidia.com/vgpu/index.html' BRANCH_STATUS_KEY, SOFTWARE_BRANCH_KEY, = 'vGPU Branch Status', 'vGPU Software Branch' VGPU_KEY, GRID_KEY, DRIVER_BRANCH_KEY = 'vGPU Software', 'vGPU Software', 'Driver Branch' @@ -25,15 +25,15 @@ def __driver_versions(html: 'BeautifulSoup'): return _ # find wrapper for "DriverVersions" and find tables - data = html.find('div', {'id': 'DriverVersions'}) - tables = data.findAll('table') - for table in tables: - # parse software-branch (e.g. "vGPU software 17 Releases" and remove " Releases" for "matrix_key") - software_branch = table.parent.find_previous_sibling('button', {'class': 'accordion'}).text.strip() + data = html.find('div', {'id': 'driver-versions'}) + items = data.findAll('bsp-accordion', {'class': 'Accordion-items-item'}) + for item in items: + software_branch = item.find('div', {'class': 'Accordion-items-item-title'}).text.strip() software_branch = software_branch.replace(' Releases', '') matrix_key = software_branch.lower() # driver version info from table-heads (ths) and table-rows (trs) + table = item.find('table') ths, trs = table.find_all('th'), table.find_all('tr') headers, releases = [header.text.strip() for header in ths], [] for trs in trs: @@ -50,7 +50,7 @@ def __driver_versions(html: 'BeautifulSoup'): def __release_branches(html: 'BeautifulSoup'): # find wrapper for "AllReleaseBranches" and find table - data = html.find('div', {'id': 'AllReleaseBranches'}) + data = html.find('div', {'id': 'all-release-branches'}) table = data.find('table') # branch releases info from table-heads (ths) and table-rows (trs) From 0dc8f6c582713b9cb1f74a5c77b2c30f076fab3b Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 11 Jul 2024 05:49:13 +0200 Subject: [PATCH 10/93] refactorings --- app/main.py | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/app/main.py b/app/main.py index 60a66b2..41fb238 100644 --- a/app/main.py +++ b/app/main.py @@ -54,6 +54,14 @@ CORS_ORIGINS = str(env('CORS_ORIGINS', '')).split(',') if (env('CORS_ORIGINS')) jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256) jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256) +# Logging +LOG_LEVEL = logging.DEBUG if DEBUG else logging.INFO +logging.basicConfig(format='[{levelname:^7}] [{module:^15}] {message}', style='{') +logger = logging.getLogger(__name__) +logger.setLevel(LOG_LEVEL) +logging.getLogger('util').setLevel(LOG_LEVEL) +logging.getLogger('NV').setLevel(LOG_LEVEL) + # FastAPI @asynccontextmanager @@ -89,14 +97,6 @@ app.add_middleware( allow_headers=['*'], ) -# Logging -LOG_LEVEL = logging.DEBUG if DEBUG else logging.INFO -logging.basicConfig(format='[{levelname:^7}] [{module:^15}] {message}', style='{') -logger = logging.getLogger(__name__) -logger.setLevel(LOG_LEVEL) -logging.getLogger('util').setLevel(LOG_LEVEL) -logging.getLogger('NV').setLevel(LOG_LEVEL) - # Helper def __get_token(request: Request) -> dict: From 93cf71945405aa432245023c35b14fead8591480 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 24 Jul 2024 05:35:09 +0200 Subject: [PATCH 11/93] updated support matrix --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index aca426f..d58db25 100644 --- a/README.md +++ b/README.md @@ -729,10 +729,12 @@ Successfully tested with this package versions. | vGPU Suftware | Driver Branch | Linux vGPU Manager | Linux Driver | Windows Driver | Release Date | EOL Date | |:-------------:|:-------------:|--------------------|--------------|----------------|--------------:|--------------:| -| `17.2` | R550 | `550.90.05` | `550.90.07` | `552.55` | June 2024 | February 2025 | +| `17.3` | R550 | `550.90.05` | `550.90.07` | `552.74` | July 2024 | February 2025 | +| `17.2` | R550 | `550.90.05` | `550.90.07` | `552.55` | June 2024 | | | `17.1` | R550 | `550.54.16` | `550.54.15` | `551.78` | March 2024 | | | `17.0` | R550 | `550.54.10` | `550.54.14` | `551.61` | February 2024 | | -| `16.6` | R535 | `535.183.04` | `535.183.01` | `538.67` | June 2024 | July 2026 | +| `16.7` | R535 | `535.183.04` | `535.183.06` | `538.78` | July 2024 | July 2026 | +| `16.6` | R535 | `535.183.04` | `535.183.01` | `538.67` | June 2024 | | | `16.5` | R535 | `535.161.05` | `535.161.08` | `538.46` | February 2024 | | | `16.4` | R535 | `535.161.05` | `535.161.07` | `538.33` | February 2024 | | | `16.3` | R535 | `535.154.02` | `535.154.05` | `538.15` | January 2024 | | From a1123d54516ad9caa3e703350e118e266403b38d Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 24 Jul 2024 05:35:22 +0200 Subject: [PATCH 12/93] updated support matrix (removed EOL) --- README.md | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/README.md b/README.md index d58db25..d436965 100644 --- a/README.md +++ b/README.md @@ -741,13 +741,8 @@ Successfully tested with this package versions. | `16.2` | R535 | `535.129.03` | `535.129.03` | `537.70` | October 2023 | | | `16.1` | R535 | `535.104.06` | `535.104.05` | `537.13` | August 2023 | | | `16.0` | R535 | `535.54.06` | `535.54.03` | `536.22` | July 2023 | | -| `15.4` | R525 | `525.147.01` | `525.147.05` | `529.19` | June 2023 | October 2023 | -| `15.3` | R525 | `525.125.03` | `525.125.06` | `529.11` | June 2023 | | -| `15.2` | R525 | `525.105.14` | `525.105.17` | `528.89` | March 2023 | | -| `15.1` | R525 | `525.85.07` | `525.85.05` | `528.24` | January 2023 | | -| `15.0` | R525 | `525.60.12` | `525.60.13` | `527.41` | December 2022 | | +| `15.4` | R525 | `525.147.01` | `525.147.05` | `529.19` | June 2023 | December 2023 | | `14.4` | R510 | `510.108.03` | `510.108.03` | `514.08` | December 2022 | February 2023 | -| `14.3` | R510 | `510.108.03` | `510.108.03` | `513.91` | November 2022 | | - https://docs.nvidia.com/grid/index.html - https://docs.nvidia.com/grid/gpus-supported-by-vgpu.html From d41314e81d06127bd3b2149d55beaea4a5b7d1ee Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Fri, 9 Aug 2024 13:14:53 +0200 Subject: [PATCH 13/93] requirements.txt updated --- requirements.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/requirements.txt b/requirements.txt index 097c30b..0a6a22c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,8 +1,8 @@ -fastapi==0.111.0 -uvicorn[standard]==0.29.0 +fastapi==0.112.0 +uvicorn[standard]==0.30.5 python-jose==3.3.0 pycryptodome==3.20.0 python-dateutil==2.8.2 -sqlalchemy==2.0.30 +sqlalchemy==2.0.32 markdown==3.6 python-dotenv==1.0.1 From 7489307db83b7b166999d2d694973677eb11b3d9 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Fri, 9 Aug 2024 13:15:16 +0200 Subject: [PATCH 14/93] README.md updated --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d436965..053548b 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ Minimal Delegated License Service (DLS). -Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0. For Driver compatibility +Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0, 3.3.1. For Driver compatibility see [compatibility matrix](#vgpu-software-compatibility-matrix). This service can be used without internet connection. From 9377d5ce28d86fca1fe68453a60e59efc3d3c264 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 8 Oct 2024 14:33:44 +0200 Subject: [PATCH 15/93] requirements.txt updated --- requirements.txt | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/requirements.txt b/requirements.txt index 0a6a22c..097cfab 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,8 +1,8 @@ -fastapi==0.112.0 -uvicorn[standard]==0.30.5 +fastapi==0.115.0 +uvicorn[standard]==0.31.0 python-jose==3.3.0 -pycryptodome==3.20.0 +pycryptodome==3.21.0 python-dateutil==2.8.2 -sqlalchemy==2.0.32 -markdown==3.6 +sqlalchemy==2.0.35 +markdown==3.7 python-dotenv==1.0.1 From 9b5a387169844169fee966a751e89119b58dcad2 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 24 Oct 2024 08:09:24 +0200 Subject: [PATCH 16/93] updated support matrix --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 053548b..9cde329 100644 --- a/README.md +++ b/README.md @@ -729,11 +729,13 @@ Successfully tested with this package versions. | vGPU Suftware | Driver Branch | Linux vGPU Manager | Linux Driver | Windows Driver | Release Date | EOL Date | |:-------------:|:-------------:|--------------------|--------------|----------------|--------------:|--------------:| -| `17.3` | R550 | `550.90.05` | `550.90.07` | `552.74` | July 2024 | February 2025 | +| `17.4` | R550 | `550.127.06` | `550.127.05` | `553.24` | October 2024 | February 2025 | +| `17.3` | R550 | `550.90.05` | `550.90.07` | `552.74` | July 2024 | | | `17.2` | R550 | `550.90.05` | `550.90.07` | `552.55` | June 2024 | | | `17.1` | R550 | `550.54.16` | `550.54.15` | `551.78` | March 2024 | | | `17.0` | R550 | `550.54.10` | `550.54.14` | `551.61` | February 2024 | | -| `16.7` | R535 | `535.183.04` | `535.183.06` | `538.78` | July 2024 | July 2026 | +| `16.8` | R535 | `535.216.01` | `535.216.01` | `538.95` | October 2024 | July 2026 | +| `16.7` | R535 | `535.183.04` | `535.183.06` | `538.78` | July 2024 | | | `16.6` | R535 | `535.183.04` | `535.183.01` | `538.67` | June 2024 | | | `16.5` | R535 | `535.161.05` | `535.161.08` | `538.46` | February 2024 | | | `16.4` | R535 | `535.161.05` | `535.161.07` | `538.33` | February 2024 | | From 4245d5a5825447f2039ad6e575233ae358debd01 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 24 Oct 2024 08:09:30 +0200 Subject: [PATCH 17/93] requirements.txt updated --- requirements.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/requirements.txt b/requirements.txt index 097cfab..ca92baf 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,8 +1,8 @@ -fastapi==0.115.0 -uvicorn[standard]==0.31.0 +fastapi==0.115.3 +uvicorn[standard]==0.32.0 python-jose==3.3.0 pycryptodome==3.21.0 python-dateutil==2.8.2 -sqlalchemy==2.0.35 +sqlalchemy==2.0.36 markdown==3.7 python-dotenv==1.0.1 From 78214df9cc2b7efd31d68134f643e101e2ab0ee2 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 24 Oct 2024 10:44:31 +0200 Subject: [PATCH 18/93] updated to python 3.12 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index ca25001..7d2e448 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.11-alpine +FROM python:3.12-alpine ARG VERSION ARG COMMIT="" From 45f5108717985dd3ece4bad8ed6d433639e94aff Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 13 Nov 2024 08:25:40 +0100 Subject: [PATCH 19/93] requirements.txt updated --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index ca92baf..1fb4868 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ -fastapi==0.115.3 +fastapi==0.115.5 uvicorn[standard]==0.32.0 python-jose==3.3.0 pycryptodome==3.21.0 From 2b9d7821c02388ba79bef023a2037052e1919730 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 13 Nov 2024 08:33:28 +0100 Subject: [PATCH 20/93] improved gitlab test matrix --- .gitlab-ci.yml | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 5543e53..75b4a78 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -141,12 +141,16 @@ test: DATABASE: sqlite:///../app/db.sqlite parallel: matrix: - - IMAGE: [ 'python:3.11-slim-bookworm', 'python:3.12-slim-bullseye' ] - REQUIREMENTS: - - requirements.txt - - .DEBIAN/requirements-bookworm-12.txt - - .DEBIAN/requirements-ubuntu-23.10.txt - - .DEBIAN/requirements-ubuntu-24.04.txt + - IMAGE: [ 'python:3.12-slim-bookworm' ] + REQUIREMENTS: [ 'requirements.txt' ] + - IMAGE: [ 'debian:bookworm' ] + REQUIREMENTS: [ '.DEBIAN/requirements-bookworm-12.txt' ] + - IMAGE: [ 'ubuntu:23.10' ] + REQUIREMENTS: [ '.DEBIAN/requirements-ubuntu-23.10.txt' ] + - IMAGE: [ 'ubuntu:24.04' ] + REQUIREMENTS: [ '.DEBIAN/requirements-ubuntu-24.04.txt' ] + - IMAGE: [ 'ubuntu:24.10' ] + REQUIREMENTS: [ '.DEBIAN/requirements-ubuntu-24.10.txt' ] before_script: - apt-get update && apt-get install -y python3-dev gcc - pip install -r $REQUIREMENTS From 47624f501907fc440d0782f24edcd850a10f2378 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 13 Nov 2024 08:37:07 +0100 Subject: [PATCH 21/93] Dockerfile - updated db dependencies --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 7d2e448..4f1b1d0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,7 @@ RUN apk update \ && apk add --no-cache --virtual build-deps gcc g++ python3-dev musl-dev pkgconfig \ && apk add --no-cache curl postgresql postgresql-dev mariadb-dev sqlite-dev \ && pip install --no-cache-dir --upgrade uvicorn \ - && pip install --no-cache-dir psycopg2==2.9.9 mysqlclient==2.2.4 pysqlite3==0.5.2 \ + && pip install --no-cache-dir psycopg2==2.9.10 mysqlclient==2.2.6 pysqlite3==0.5.4 \ && pip install --no-cache-dir -r /tmp/requirements.txt \ && apk del build-deps From 0b4bb65546b486d2c0c690454580cdd42e1c4f97 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 13 Nov 2024 08:55:00 +0100 Subject: [PATCH 22/93] added python3-pip to test --- .gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 75b4a78..4eb086f 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -152,7 +152,7 @@ test: - IMAGE: [ 'ubuntu:24.10' ] REQUIREMENTS: [ '.DEBIAN/requirements-ubuntu-24.10.txt' ] before_script: - - apt-get update && apt-get install -y python3-dev gcc + - apt-get update && apt-get install -y python3-dev python3-pip gcc - pip install -r $REQUIREMENTS - pip install pytest httpx - mkdir -p app/cert @@ -254,7 +254,7 @@ semgrep-sast: test_coverage: # extends: test - image: python:3.11-slim-bookworm + image: python:3.12-slim-bookworm allow_failure: true stage: test rules: From 98ef64211bee661044b2c1ad91b545856518b993 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 13 Nov 2024 09:09:00 +0100 Subject: [PATCH 23/93] typings --- .gitlab-ci.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 4eb086f..622f7f2 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -166,7 +166,7 @@ test: dotenv: version.env junit: ['**/report.xml'] -.test:linux: +.test:apt: stage: test rules: - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH @@ -205,15 +205,15 @@ test: - apt-get purge -qq -y fastapi-dls - apt-get autoremove -qq -y && apt-get clean -qq -test:debian: - extends: .test:linux +test:apt:debian: + extends: .test:apt image: debian:bookworm-slim -test:ubuntu: - extends: .test:linux +test:apt:ubuntu: + extends: .test:apt image: ubuntu:24.04 -test:archlinux: +test:pacman:archlinux: image: archlinux:base rules: - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH From 459c0e21affdab0aa51d1e2141bee3d94d66e015 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 13 Nov 2024 10:27:52 +0100 Subject: [PATCH 24/93] debugging --- .gitlab-ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 622f7f2..b47717c 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -152,6 +152,7 @@ test: - IMAGE: [ 'ubuntu:24.10' ] REQUIREMENTS: [ '.DEBIAN/requirements-ubuntu-24.10.txt' ] before_script: + - echo "$IMAGE with $REQUIREMENTS" - apt-get update && apt-get install -y python3-dev python3-pip gcc - pip install -r $REQUIREMENTS - pip install pytest httpx From 4ab1a2ed22f00dddcd2dd651a1d4d00ebed0c4e1 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 13 Nov 2024 10:28:08 +0100 Subject: [PATCH 25/93] added requirements for ubuntu 24.10 --- .DEBIAN/requirements-ubuntu-24.10.txt | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 .DEBIAN/requirements-ubuntu-24.10.txt diff --git a/.DEBIAN/requirements-ubuntu-24.10.txt b/.DEBIAN/requirements-ubuntu-24.10.txt new file mode 100644 index 0000000..7a65314 --- /dev/null +++ b/.DEBIAN/requirements-ubuntu-24.10.txt @@ -0,0 +1,10 @@ +# https://packages.ubuntu.com +fastapi==0.110.3 +uvicorn[standard]==0.30.3 +python-jose[pycryptodome]==3.3.0 +pycryptodome==3.20.0 +python-dateutil==2.9.0 +sqlalchemy==2.0.32 +markdown==3.6 +python-dotenv==1.0.1 +jinja2==3.1.3 From 286399d79aea0800bc6b68857c541cfc479963e4 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 13 Nov 2024 10:48:11 +0100 Subject: [PATCH 26/93] fixed test matrix --- .gitlab-ci.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b47717c..d35d571 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -152,8 +152,10 @@ test: - IMAGE: [ 'ubuntu:24.10' ] REQUIREMENTS: [ '.DEBIAN/requirements-ubuntu-24.10.txt' ] before_script: - - echo "$IMAGE with $REQUIREMENTS" - - apt-get update && apt-get install -y python3-dev python3-pip gcc + - apt-get update && apt-get install -y python3-dev python3-pip python3-venv gcc + - python -m venv venv + - source venv/bin/activate + - pip install --upgrade pip - pip install -r $REQUIREMENTS - pip install pytest httpx - mkdir -p app/cert From 52dd425583962e9990869f16c5fe7aed7aa27114 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 13 Nov 2024 13:41:07 +0100 Subject: [PATCH 27/93] fixes --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d35d571..6181631 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -153,7 +153,7 @@ test: REQUIREMENTS: [ '.DEBIAN/requirements-ubuntu-24.10.txt' ] before_script: - apt-get update && apt-get install -y python3-dev python3-pip python3-venv gcc - - python -m venv venv + - python3 -m venv venv - source venv/bin/activate - pip install --upgrade pip - pip install -r $REQUIREMENTS From e4e6387b2aa1e0ac3652b7ac4b313ec8846663d5 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 13 Nov 2024 14:58:55 +0100 Subject: [PATCH 28/93] ci improvements --- .gitlab-ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6181631..71b9164 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -20,6 +20,7 @@ build:docker: changes: - app/**/* - Dockerfile + - requirements.txt - if: $CI_PIPELINE_SOURCE == 'merge_request_event' tags: [ docker ] before_script: From fa2c06972e3dca9055860871bb491f7eb487e70c Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 13 Nov 2024 15:01:33 +0100 Subject: [PATCH 29/93] sql query improvements --- app/orm.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/orm.py b/app/orm.py index 73828fd..b13ed38 100644 --- a/app/orm.py +++ b/app/orm.py @@ -66,7 +66,7 @@ class Origin(Base): if origin_refs is None: deletions = session.query(Origin).delete() else: - deletions = session.query(Origin).filter(Origin.origin_ref in origin_refs).delete() + deletions = session.query(Origin).filter(Origin.origin_ref.in_(origin_refs)).delete() session.commit() session.close() return deletions From 63c37c6334885bd50f0ce1128dd9de0fb6834a55 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 13 Nov 2024 15:03:12 +0100 Subject: [PATCH 30/93] fixed timezone in json response --- app/orm.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/app/orm.py b/app/orm.py index b13ed38..53109ed 100644 --- a/app/orm.py +++ b/app/orm.py @@ -1,4 +1,4 @@ -from datetime import datetime, timedelta +from datetime import datetime, timedelta, timezone from dateutil.relativedelta import relativedelta from sqlalchemy import Column, VARCHAR, CHAR, ForeignKey, DATETIME, update, and_, inspect, text @@ -94,10 +94,10 @@ class Lease(Base): 'lease_ref': self.lease_ref, 'origin_ref': self.origin_ref, # 'scope_ref': self.scope_ref, - 'lease_created': self.lease_created.isoformat(), - 'lease_expires': self.lease_expires.isoformat(), - 'lease_updated': self.lease_updated.isoformat(), - 'lease_renewal': lease_renewal.isoformat(), + 'lease_created': self.lease_created.replace(tzinfo=timezone.utc).isoformat(), + 'lease_expires': self.lease_expires.replace(tzinfo=timezone.utc).isoformat(), + 'lease_updated': self.lease_updated.replace(tzinfo=timezone.utc).isoformat(), + 'lease_renewal': lease_renewal.replace(tzinfo=timezone.utc).isoformat(), } @staticmethod From bc6d692f0acad620d77c9e5a0449538d0d746de1 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 13 Nov 2024 15:03:37 +0100 Subject: [PATCH 31/93] added "delete_expired" method for leases --- app/orm.py | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/app/orm.py b/app/orm.py index 53109ed..bc902df 100644 --- a/app/orm.py +++ b/app/orm.py @@ -71,6 +71,16 @@ class Origin(Base): session.close() return deletions + @staticmethod + def delete_expired(engine: Engine) -> int: + session = sessionmaker(bind=engine)() + origins = session.query(Origin).join(Lease, Origin.origin_ref == Lease.origin_ref, isouter=True).filter(Lease.lease_ref.is_(None)).all() + origin_refs = [origin.origin_ref for origin in origins] + deletions = session.query(Origin).filter(Origin.origin_ref.in_(origin_refs)).delete() + session.commit() + session.close() + return deletions + class Lease(Base): __tablename__ = "lease" From 7bad0359afe1e76382b6ffdaa54060f9aa40254c Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 21 Nov 2024 08:44:14 +0100 Subject: [PATCH 32/93] updated ci pipeline to match current eol supported systems --- .DEBIAN/requirements-ubuntu-23.04.txt | 10 ---------- .DEBIAN/requirements-ubuntu-23.10.txt | 10 ---------- .gitlab-ci.yml | 6 ++---- README.md | 10 +++++----- 4 files changed, 7 insertions(+), 29 deletions(-) delete mode 100644 .DEBIAN/requirements-ubuntu-23.04.txt delete mode 100644 .DEBIAN/requirements-ubuntu-23.10.txt diff --git a/.DEBIAN/requirements-ubuntu-23.04.txt b/.DEBIAN/requirements-ubuntu-23.04.txt deleted file mode 100644 index f2d4b05..0000000 --- a/.DEBIAN/requirements-ubuntu-23.04.txt +++ /dev/null @@ -1,10 +0,0 @@ -# https://packages.ubuntu.com -fastapi==0.91.0 -uvicorn[standard]==0.15.0 -python-jose[pycryptodome]==3.3.0 -pycryptodome==3.11.0 -python-dateutil==2.8.2 -sqlalchemy==1.4.46 -markdown==3.4.3 -python-dotenv==0.21.0 -jinja2==3.1.2 diff --git a/.DEBIAN/requirements-ubuntu-23.10.txt b/.DEBIAN/requirements-ubuntu-23.10.txt deleted file mode 100644 index 4cab03f..0000000 --- a/.DEBIAN/requirements-ubuntu-23.10.txt +++ /dev/null @@ -1,10 +0,0 @@ -# https://packages.ubuntu.com -fastapi==0.101.0 -uvicorn[standard]==0.23.2 -python-jose[pycryptodome]==3.3.0 -pycryptodome==3.11.0 -python-dateutil==2.8.2 -sqlalchemy==1.4.47 -markdown==3.4.4 -python-dotenv==1.0.0 -jinja2==3.1.2 diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f2e3b9b..a8aa3bd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -144,11 +144,9 @@ test: matrix: - IMAGE: [ 'python:3.12-slim-bookworm' ] REQUIREMENTS: [ 'requirements.txt' ] - - IMAGE: [ 'debian:bookworm' ] + - IMAGE: [ 'debian:bookworm' ] # EOL: June 06, 2026 REQUIREMENTS: [ '.DEBIAN/requirements-bookworm-12.txt' ] - - IMAGE: [ 'ubuntu:23.10' ] - REQUIREMENTS: [ '.DEBIAN/requirements-ubuntu-23.10.txt' ] - - IMAGE: [ 'ubuntu:24.04' ] + - IMAGE: [ 'ubuntu:24.04' ] # EOL: April 2036 REQUIREMENTS: [ '.DEBIAN/requirements-ubuntu-24.04.txt' ] - IMAGE: [ 'ubuntu:24.10' ] REQUIREMENTS: [ '.DEBIAN/requirements-ubuntu-24.10.txt' ] diff --git a/README.md b/README.md index 9cde329..8d14c53 100644 --- a/README.md +++ b/README.md @@ -330,11 +330,11 @@ Packages are available here: Successful tested with: -- Debian 12 (Bookworm) (EOL: tba.) -- Ubuntu 22.10 (Kinetic Kudu) (EOL: July 20, 2023) -- Ubuntu 23.04 (Lunar Lobster) (EOL: January 2024) -- Ubuntu 23.10 (Mantic Minotaur) (EOL: July 2024) -- Ubuntu 24.04 (Noble Numbat) (EOL: April 2036) +- **Debian 12 (Bookworm)** (EOL: June 06, 2026) +- *Ubuntu 22.10 (Kinetic Kudu)* (EOL: July 20, 2023) +- *Ubuntu 23.04 (Lunar Lobster)* (EOL: January 2024) +- *Ubuntu 23.10 (Mantic Minotaur)* (EOL: July 2024) +- **Ubuntu 24.04 (Noble Numbat)** (EOL: April 2036) Not working with: From 4ad15f084919a8b0f904a044c9f237e294a1893f Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 18 Nov 2024 18:52:39 +0100 Subject: [PATCH 33/93] fix malformed json on auth ref. oscar.krause/fastapi-dls#1 --- test/main.py | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/test/main.py b/test/main.py index 67856c9..1574aba 100644 --- a/test/main.py +++ b/test/main.py @@ -106,6 +106,40 @@ def test_auth_v1_origin(): assert response.json().get('origin_ref') == ORIGIN_REF +def test_auth_v1_origin_malformed_json(): + import re + + # see oscar.krause/fastapi-dls#1 + json = """{ + "registration_pending": "false", + "environment": { + "guest_driver_version": "guest_driver_version", + "hostname": "myhost", + "ip_address_list": ["192.168.1.123"], + "os_version": "os_version", + "os_platform": "os_platform", + "fingerprint": {"mac_address_list": [ff:ff:ff:ff:ff:ff"]}, + "host_driver_version": "host_driver_version" + }, + "update_pending": "false", + "candidate_origin_ref": {ORIGIN_REF}, + }""" + + # test regex (temporary, until this section is merged into main.py + + json_test = '{"environment": {"fingerprint": {"mac_address_list": [ff:ff:ff:ff:ff:ff"]}}' + regex = r'(\"mac_address_list\"\:\s?\[)([\w\d])' + replaced = re.sub(regex, r'\1"\2', json_test) + assert replaced == '{"environment": {"fingerprint": {"mac_address_list": ["ff:ff:ff:ff:ff:ff"]}}' + + json = re.sub(regex, r'\1"\2', json) + # + + response = client.post('/auth/v1/origin', json=payload) + assert response.status_code == 200 + assert response.json().get('origin_ref') == ORIGIN_REF + + def auth_v1_origin_update(): payload = { "registration_pending": False, From e33024db868246d33aa241ebe3b453c1b965d41c Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 18 Nov 2024 19:58:15 +0100 Subject: [PATCH 34/93] fixed variable names ref. oscar.krause/fastapi-dls#1 --- test/main.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/main.py b/test/main.py index 1574aba..fa96c30 100644 --- a/test/main.py +++ b/test/main.py @@ -110,7 +110,7 @@ def test_auth_v1_origin_malformed_json(): import re # see oscar.krause/fastapi-dls#1 - json = """{ + payload = """{ "registration_pending": "false", "environment": { "guest_driver_version": "guest_driver_version", @@ -132,7 +132,7 @@ def test_auth_v1_origin_malformed_json(): replaced = re.sub(regex, r'\1"\2', json_test) assert replaced == '{"environment": {"fingerprint": {"mac_address_list": ["ff:ff:ff:ff:ff:ff"]}}' - json = re.sub(regex, r'\1"\2', json) + payload = re.sub(regex, r'\1"\2', payload) # response = client.post('/auth/v1/origin', json=payload) From a6b2f2a942cded76ea94b2bf75c175d534e773da Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 18 Nov 2024 20:30:37 +0100 Subject: [PATCH 35/93] fixed json payload --- test/main.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/main.py b/test/main.py index fa96c30..2384570 100644 --- a/test/main.py +++ b/test/main.py @@ -108,6 +108,7 @@ def test_auth_v1_origin(): def test_auth_v1_origin_malformed_json(): import re + import json # see oscar.krause/fastapi-dls#1 payload = """{ @@ -133,6 +134,7 @@ def test_auth_v1_origin_malformed_json(): assert replaced == '{"environment": {"fingerprint": {"mac_address_list": ["ff:ff:ff:ff:ff:ff"]}}' payload = re.sub(regex, r'\1"\2', payload) + payload = json.loads(payload) # response = client.post('/auth/v1/origin', json=payload) From 1aee423120bf3b9e7a70febbd5f7e6b516b37415 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 18 Nov 2024 21:00:14 +0100 Subject: [PATCH 36/93] fixes --- test/main.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/main.py b/test/main.py index 2384570..c564208 100644 --- a/test/main.py +++ b/test/main.py @@ -111,7 +111,7 @@ def test_auth_v1_origin_malformed_json(): import json # see oscar.krause/fastapi-dls#1 - payload = """{ + payload = f"""{ "registration_pending": "false", "environment": { "guest_driver_version": "guest_driver_version", @@ -123,7 +123,7 @@ def test_auth_v1_origin_malformed_json(): "host_driver_version": "host_driver_version" }, "update_pending": "false", - "candidate_origin_ref": {ORIGIN_REF}, + "candidate_origin_ref": "{ORIGIN_REF}" }""" # test regex (temporary, until this section is merged into main.py From 018d7c34fcdc95898ea4ed97847a93579015f76a Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 18 Nov 2024 21:24:00 +0100 Subject: [PATCH 37/93] fixes --- test/main.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/test/main.py b/test/main.py index c564208..4265aeb 100644 --- a/test/main.py +++ b/test/main.py @@ -111,20 +111,20 @@ def test_auth_v1_origin_malformed_json(): import json # see oscar.krause/fastapi-dls#1 - payload = f"""{ + payload = f'''{{ "registration_pending": "false", - "environment": { + "environment": {{ "guest_driver_version": "guest_driver_version", "hostname": "myhost", "ip_address_list": ["192.168.1.123"], "os_version": "os_version", "os_platform": "os_platform", - "fingerprint": {"mac_address_list": [ff:ff:ff:ff:ff:ff"]}, + "fingerprint": {{"mac_address_list": [ff:ff:ff:ff:ff:ff"]}}, "host_driver_version": "host_driver_version" - }, + }}, "update_pending": "false", "candidate_origin_ref": "{ORIGIN_REF}" - }""" + }}''' # test regex (temporary, until this section is merged into main.py From 15f14cac1176174f64a603c1a3fdc43fd37eb0f3 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 19 Nov 2024 09:18:12 +0100 Subject: [PATCH 38/93] implemented "SUPPORT_MALFORMED_JSON" variable --- .PKGBUILD/PKGBUILD | 1 + .gitlab-ci.yml | 1 + README.md | 31 ++++++++++++++++--------------- app/main.py | 5 +++++ app/middleware.py | 40 ++++++++++++++++++++++++++++++++++++++++ test/main.py | 39 ++++++++------------------------------- 6 files changed, 71 insertions(+), 46 deletions(-) create mode 100644 app/middleware.py diff --git a/.PKGBUILD/PKGBUILD b/.PKGBUILD/PKGBUILD index 09f606b..820d8cc 100644 --- a/.PKGBUILD/PKGBUILD +++ b/.PKGBUILD/PKGBUILD @@ -48,6 +48,7 @@ package() { install -Dm755 "$srcdir/$pkgname/app/main.py" "$pkgdir/opt/$pkgname/main.py" install -Dm755 "$srcdir/$pkgname/app/orm.py" "$pkgdir/opt/$pkgname/orm.py" install -Dm755 "$srcdir/$pkgname/app/util.py" "$pkgdir/opt/$pkgname/util.py" + install -Dm755 "$srcdir/$pkgname/app/middleware.py" "$pkgdir/opt/$pkgname/middleware.py" install -Dm644 "$srcdir/$pkgname.default" "$pkgdir/etc/default/$pkgname" install -Dm644 "$srcdir/$pkgname.service" "$pkgdir/usr/lib/systemd/system/$pkgname.service" install -Dm644 "$srcdir/$pkgname.tmpfiles" "$pkgdir/usr/lib/tmpfiles.d/$pkgname.conf" diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index a8aa3bd..898d06b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -140,6 +140,7 @@ test: - test/**/* variables: DATABASE: sqlite:///../app/db.sqlite + SUPPORT_MALFORMED_JSON: true parallel: matrix: - IMAGE: [ 'python:3.12-slim-bookworm' ] diff --git a/README.md b/README.md index 8d14c53..b0e9e01 100644 --- a/README.md +++ b/README.md @@ -410,21 +410,22 @@ After first success you have to replace `--issue` with `--renew`. # Configuration -| Variable | Default | Usage | -|------------------------|----------------------------------------|------------------------------------------------------------------------------------------------------| -| `DEBUG` | `false` | Toggles `fastapi` debug mode | -| `DLS_URL` | `localhost` | Used in client-token to tell guest driver where dls instance is reachable | -| `DLS_PORT` | `443` | Used in client-token to tell guest driver where dls instance is reachable | -| `TOKEN_EXPIRE_DAYS` | `1` | Client auth-token validity (used for authenticate client against api, **not `.tok` file!**) | -| `LEASE_EXPIRE_DAYS` | `90` | Lease time in days | -| `LEASE_RENEWAL_PERIOD` | `0.15` | The percentage of the lease period that must elapse before a licensed client can renew a license \*1 | -| `DATABASE` | `sqlite:///db.sqlite` | See [official SQLAlchemy docs](https://docs.sqlalchemy.org/en/14/core/engines.html) | -| `CORS_ORIGINS` | `https://{DLS_URL}` | Sets `Access-Control-Allow-Origin` header (comma separated string) \*2 | -| `SITE_KEY_XID` | `00000000-0000-0000-0000-000000000000` | Site identification uuid | -| `INSTANCE_REF` | `10000000-0000-0000-0000-000000000001` | Instance identification uuid | -| `ALLOTMENT_REF` | `20000000-0000-0000-0000-000000000001` | Allotment identification uuid | -| `INSTANCE_KEY_RSA` | `/cert/instance.private.pem` | Site-wide private RSA key for singing JWTs \*3 | -| `INSTANCE_KEY_PUB` | `/cert/instance.public.pem` | Site-wide public key \*3 | +| Variable | Default | Usage | +|--------------------------|----------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------| +| `DEBUG` | `false` | Toggles `fastapi` debug mode | +| `DLS_URL` | `localhost` | Used in client-token to tell guest driver where dls instance is reachable | +| `DLS_PORT` | `443` | Used in client-token to tell guest driver where dls instance is reachable | +| `TOKEN_EXPIRE_DAYS` | `1` | Client auth-token validity (used for authenticate client against api, **not `.tok` file!**) | +| `LEASE_EXPIRE_DAYS` | `90` | Lease time in days | +| `LEASE_RENEWAL_PERIOD` | `0.15` | The percentage of the lease period that must elapse before a licensed client can renew a license \*1 | +| `DATABASE` | `sqlite:///db.sqlite` | See [official SQLAlchemy docs](https://docs.sqlalchemy.org/en/14/core/engines.html) | +| `CORS_ORIGINS` | `https://{DLS_URL}` | Sets `Access-Control-Allow-Origin` header (comma separated string) \*2 | +| `SITE_KEY_XID` | `00000000-0000-0000-0000-000000000000` | Site identification uuid | +| `INSTANCE_REF` | `10000000-0000-0000-0000-000000000001` | Instance identification uuid | +| `ALLOTMENT_REF` | `20000000-0000-0000-0000-000000000001` | Allotment identification uuid | +| `INSTANCE_KEY_RSA` | `/cert/instance.private.pem` | Site-wide private RSA key for singing JWTs \*3 | +| `INSTANCE_KEY_PUB` | `/cert/instance.public.pem` | Site-wide public key \*3 | +| `SUPPORT_MALFORMED_JSON` | `false` | Support parsing for mal formatted "mac_address_list" ([Issue](https://git.collinwebdesigns.de/oscar.krause/fastapi-dls/-/issues/1)) | \*1 For example, if the lease period is one day and the renewal period is 20%, the client attempts to renew its license every 4.8 hours. If network connectivity is lost, the loss of connectivity is detected during license renewal and the diff --git a/app/main.py b/app/main.py index 41fb238..3ad688f 100644 --- a/app/main.py +++ b/app/main.py @@ -96,6 +96,11 @@ app.add_middleware( allow_methods=['*'], allow_headers=['*'], ) +if bool(env('SUPPORT_MALFORMED_JSON', False)): + from middleware import PatchMalformedJsonMiddleware + + logger.info(f'Enabled "PatchMalformedJsonMiddleware"!') + app.add_middleware(PatchMalformedJsonMiddleware, enabled=True) # Helper diff --git a/app/middleware.py b/app/middleware.py new file mode 100644 index 0000000..c96e520 --- /dev/null +++ b/app/middleware.py @@ -0,0 +1,40 @@ +import json +import logging +import re + +from starlette.middleware.base import BaseHTTPMiddleware +from starlette.requests import Request + +logger = logging.getLogger(__name__) + + +class PatchMalformedJsonMiddleware(BaseHTTPMiddleware): + # see oscar.krause/fastapi-dls#1 + + def __init__(self, app, enabled: bool): + super().__init__(app) + self.enabled = enabled + + async def dispatch(self, request: Request, call_next): + body = await request.body() + content_type = request.headers.get('Content-Type') + + if self.enabled and content_type == 'application/json': + body = body.decode() + try: + json.loads(body) + except json.decoder.JSONDecodeError: + logger.warning(f'Malformed json received! Try to fix it, "PatchMalformedJsonMiddleware" is enabled.') + body = body.replace('\t', '') + body = body.replace('\n', '') + + regex = '(\"mac_address_list\"\:\s?\[)([\w\d])' + s = re.sub(regex, r'\1"\2', body) + logger.debug(f'Fixed JSON: "{s}"') + s = json.loads(s) # ensure json is now valid + + # set new body + request._body = json.dumps(s).encode('utf-8') + + response = await call_next(request) + return response diff --git a/test/main.py b/test/main.py index 4265aeb..3aa229b 100644 --- a/test/main.py +++ b/test/main.py @@ -1,7 +1,8 @@ +import sys from base64 import b64encode as b64enc -from hashlib import sha256 from calendar import timegm from datetime import datetime +from hashlib import sha256 from os.path import dirname, join from uuid import uuid4, UUID @@ -9,7 +10,8 @@ from dateutil.relativedelta import relativedelta from jose import jwt, jwk from jose.constants import ALGORITHMS from starlette.testclient import TestClient -import sys + +from middleware import PatchMalformedJsonMiddleware # add relative path to use packages as they were in the app/ dir sys.path.append('../') @@ -18,6 +20,7 @@ sys.path.append('../app') from app import main from app.util import load_key +main.app.add_middleware(PatchMalformedJsonMiddleware, enabled=True) client = TestClient(main.app) ORIGIN_REF, ALLOTMENT_REF, SECRET = str(uuid4()), '20000000-0000-0000-0000-000000000001', 'HelloWorld' @@ -106,40 +109,14 @@ def test_auth_v1_origin(): assert response.json().get('origin_ref') == ORIGIN_REF -def test_auth_v1_origin_malformed_json(): +def test_auth_v1_origin_malformed_json(): # see oscar.krause/fastapi-dls#1 import re - import json - - # see oscar.krause/fastapi-dls#1 - payload = f'''{{ - "registration_pending": "false", - "environment": {{ - "guest_driver_version": "guest_driver_version", - "hostname": "myhost", - "ip_address_list": ["192.168.1.123"], - "os_version": "os_version", - "os_platform": "os_platform", - "fingerprint": {{"mac_address_list": [ff:ff:ff:ff:ff:ff"]}}, - "host_driver_version": "host_driver_version" - }}, - "update_pending": "false", - "candidate_origin_ref": "{ORIGIN_REF}" - }}''' - + # test regex (temporary, until this section is merged into main.py - json_test = '{"environment": {"fingerprint": {"mac_address_list": [ff:ff:ff:ff:ff:ff"]}}' - regex = r'(\"mac_address_list\"\:\s?\[)([\w\d])' + regex = '(\"mac_address_list\"\:\s?\[)([\w\d])' replaced = re.sub(regex, r'\1"\2', json_test) assert replaced == '{"environment": {"fingerprint": {"mac_address_list": ["ff:ff:ff:ff:ff:ff"]}}' - - payload = re.sub(regex, r'\1"\2', payload) - payload = json.loads(payload) - # - - response = client.post('/auth/v1/origin', json=payload) - assert response.status_code == 200 - assert response.json().get('origin_ref') == ORIGIN_REF def auth_v1_origin_update(): From fb3ac4291fbc7fe810d820d7269e382bb7e98d41 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 19 Nov 2024 09:40:59 +0100 Subject: [PATCH 39/93] code styling --- app/middleware.py | 5 +++-- test/main.py | 6 +++--- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/app/middleware.py b/app/middleware.py index c96e520..7e3d20d 100644 --- a/app/middleware.py +++ b/app/middleware.py @@ -11,6 +11,8 @@ logger = logging.getLogger(__name__) class PatchMalformedJsonMiddleware(BaseHTTPMiddleware): # see oscar.krause/fastapi-dls#1 + REGEX = '(\"mac_address_list\"\:\s?\[)([\w\d])' + def __init__(self, app, enabled: bool): super().__init__(app) self.enabled = enabled @@ -28,8 +30,7 @@ class PatchMalformedJsonMiddleware(BaseHTTPMiddleware): body = body.replace('\t', '') body = body.replace('\n', '') - regex = '(\"mac_address_list\"\:\s?\[)([\w\d])' - s = re.sub(regex, r'\1"\2', body) + s = re.sub(PatchMalformedJsonMiddleware.REGEX, r'\1"\2', body) logger.debug(f'Fixed JSON: "{s}"') s = json.loads(s) # ensure json is now valid diff --git a/test/main.py b/test/main.py index 3aa229b..2e70558 100644 --- a/test/main.py +++ b/test/main.py @@ -111,11 +111,11 @@ def test_auth_v1_origin(): def test_auth_v1_origin_malformed_json(): # see oscar.krause/fastapi-dls#1 import re + from middleware import PatchMalformedJsonMiddleware # test regex (temporary, until this section is merged into main.py - json_test = '{"environment": {"fingerprint": {"mac_address_list": [ff:ff:ff:ff:ff:ff"]}}' - regex = '(\"mac_address_list\"\:\s?\[)([\w\d])' - replaced = re.sub(regex, r'\1"\2', json_test) + body = '{"environment": {"fingerprint": {"mac_address_list": [ff:ff:ff:ff:ff:ff"]}}' + replaced = re.sub(PatchMalformedJsonMiddleware.REGEX, r'\1"\2', body) assert replaced == '{"environment": {"fingerprint": {"mac_address_list": ["ff:ff:ff:ff:ff:ff"]}}' From 88c78efcd987d3d5c275358ce55148e3ee3dce0c Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 19 Nov 2024 09:53:31 +0100 Subject: [PATCH 40/93] fixes --- test/main.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/test/main.py b/test/main.py index 2e70558..2cfacf4 100644 --- a/test/main.py +++ b/test/main.py @@ -11,14 +11,13 @@ from jose import jwt, jwk from jose.constants import ALGORITHMS from starlette.testclient import TestClient -from middleware import PatchMalformedJsonMiddleware - # add relative path to use packages as they were in the app/ dir sys.path.append('../') sys.path.append('../app') from app import main from app.util import load_key +from middleware import PatchMalformedJsonMiddleware main.app.add_middleware(PatchMalformedJsonMiddleware, enabled=True) client = TestClient(main.app) From 55446f7d9c37113960293db10fa824001f0c002e Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 19 Nov 2024 14:14:06 +0100 Subject: [PATCH 41/93] fixes --- .gitlab-ci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 898d06b..a8aa3bd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -140,7 +140,6 @@ test: - test/**/* variables: DATABASE: sqlite:///../app/db.sqlite - SUPPORT_MALFORMED_JSON: true parallel: matrix: - IMAGE: [ 'python:3.12-slim-bookworm' ] From 317699ff582736c33275b6d9c975d49a149f6d5d Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 20 Nov 2024 09:10:43 +0100 Subject: [PATCH 42/93] code styling --- app/middleware.py | 12 +++++++----- test/main.py | 8 +++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/app/middleware.py b/app/middleware.py index 7e3d20d..998474b 100644 --- a/app/middleware.py +++ b/app/middleware.py @@ -27,15 +27,17 @@ class PatchMalformedJsonMiddleware(BaseHTTPMiddleware): json.loads(body) except json.decoder.JSONDecodeError: logger.warning(f'Malformed json received! Try to fix it, "PatchMalformedJsonMiddleware" is enabled.') - body = body.replace('\t', '') - body = body.replace('\n', '') - - s = re.sub(PatchMalformedJsonMiddleware.REGEX, r'\1"\2', body) + s = PatchMalformedJsonMiddleware.fix_json(body) logger.debug(f'Fixed JSON: "{s}"') s = json.loads(s) # ensure json is now valid - # set new body request._body = json.dumps(s).encode('utf-8') response = await call_next(request) return response + + @staticmethod + def fix_json(s: str) -> str: + s = s.replace('\t', '') + s = s.replace('\n', '') + return re.sub(PatchMalformedJsonMiddleware.REGEX, r'\1"\2', s) diff --git a/test/main.py b/test/main.py index 2cfacf4..8f2e2c7 100644 --- a/test/main.py +++ b/test/main.py @@ -17,9 +17,8 @@ sys.path.append('../app') from app import main from app.util import load_key -from middleware import PatchMalformedJsonMiddleware -main.app.add_middleware(PatchMalformedJsonMiddleware, enabled=True) +# main.app.add_middleware(PatchMalformedJsonMiddleware, enabled=True) client = TestClient(main.app) ORIGIN_REF, ALLOTMENT_REF, SECRET = str(uuid4()), '20000000-0000-0000-0000-000000000001', 'HelloWorld' @@ -109,12 +108,11 @@ def test_auth_v1_origin(): def test_auth_v1_origin_malformed_json(): # see oscar.krause/fastapi-dls#1 - import re from middleware import PatchMalformedJsonMiddleware # test regex (temporary, until this section is merged into main.py - body = '{"environment": {"fingerprint": {"mac_address_list": [ff:ff:ff:ff:ff:ff"]}}' - replaced = re.sub(PatchMalformedJsonMiddleware.REGEX, r'\1"\2', body) + s = '{"environment": {"fingerprint": {"mac_address_list": [ff:ff:ff:ff:ff:ff"]}}' + replaced = PatchMalformedJsonMiddleware.fix_json(s) assert replaced == '{"environment": {"fingerprint": {"mac_address_list": ["ff:ff:ff:ff:ff:ff"]}}' From a43ddf79c3f9a3a63a62db1910ebcdf0f5f65f27 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 21 Nov 2024 08:46:27 +0100 Subject: [PATCH 43/93] updated supported os --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index b0e9e01..ed8c646 100644 --- a/README.md +++ b/README.md @@ -335,6 +335,7 @@ Successful tested with: - *Ubuntu 23.04 (Lunar Lobster)* (EOL: January 2024) - *Ubuntu 23.10 (Mantic Minotaur)* (EOL: July 2024) - **Ubuntu 24.04 (Noble Numbat)** (EOL: April 2036) +- *Ubuntu 24.10 (Oracular Oriole)* (EOL: tba.) Not working with: From 53c88a79ac9ff169b86fdf7330b8620a1b5b177d Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Fri, 22 Nov 2024 14:16:10 +0100 Subject: [PATCH 44/93] improved logging and implemented method to reduce response mac_address_length --- app/middleware.py | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/app/middleware.py b/app/middleware.py index 998474b..db97bb0 100644 --- a/app/middleware.py +++ b/app/middleware.py @@ -22,20 +22,40 @@ class PatchMalformedJsonMiddleware(BaseHTTPMiddleware): content_type = request.headers.get('Content-Type') if self.enabled and content_type == 'application/json': + logger.debug(f'Using Request-Patch because "PatchMalformedJsonMiddleware" is enabled!') + + # try to fix json body = body.decode() try: - json.loads(body) + j = json.loads(body) + self.fix_mac_address_list_length(j=j, size=1) except json.decoder.JSONDecodeError: - logger.warning(f'Malformed json received! Try to fix it, "PatchMalformedJsonMiddleware" is enabled.') + logger.warning(f'Malformed json received! Try to fix it.') s = PatchMalformedJsonMiddleware.fix_json(body) logger.debug(f'Fixed JSON: "{s}"') - s = json.loads(s) # ensure json is now valid + j = json.loads(s) # ensure json is now valid + j = self.fix_mac_address_list_length(j=j, size=1) # set new body - request._body = json.dumps(s).encode('utf-8') + request._body = json.dumps(j).encode('utf-8') response = await call_next(request) return response + def fix_mac_address_list_length(self, j: dict, size: int = 1) -> dict: + if not self.enabled: + return j + + # reduce "mac_address_list" to + environment = j.get('environment', {}) + fingerprint = environment.get('fingerprint', {}) + mac_address = fingerprint.get('mac_address_list', []) + + if len(mac_address) > 0: + logger.info(f'Transforming "mac_address_list" to length of {size}.') + j['environment']['fingerprint']['mac_address_list'] = mac_address[:size] + + return j + @staticmethod def fix_json(s: str) -> str: s = s.replace('\t', '') From afb38d628be6467031ee8c15f9106a2e54331911 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Fri, 22 Nov 2024 14:19:51 +0100 Subject: [PATCH 45/93] typos --- app/middleware.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/app/middleware.py b/app/middleware.py index db97bb0..2e7ce27 100644 --- a/app/middleware.py +++ b/app/middleware.py @@ -23,17 +23,17 @@ class PatchMalformedJsonMiddleware(BaseHTTPMiddleware): if self.enabled and content_type == 'application/json': logger.debug(f'Using Request-Patch because "PatchMalformedJsonMiddleware" is enabled!') + body = body.decode() # try to fix json - body = body.decode() try: j = json.loads(body) self.fix_mac_address_list_length(j=j, size=1) except json.decoder.JSONDecodeError: logger.warning(f'Malformed json received! Try to fix it.') - s = PatchMalformedJsonMiddleware.fix_json(body) - logger.debug(f'Fixed JSON: "{s}"') - j = json.loads(s) # ensure json is now valid + body = PatchMalformedJsonMiddleware.fix_json(body) + logger.debug(f'Fixed JSON: "{body}"') + j = json.loads(body) # ensure json is now valid j = self.fix_mac_address_list_length(j=j, size=1) # set new body request._body = json.dumps(j).encode('utf-8') From 1daa365df9afdd08ef27ce5684be1b27db1241e8 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Fri, 22 Nov 2024 15:00:16 +0100 Subject: [PATCH 46/93] code styling --- app/middleware.py | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/app/middleware.py b/app/middleware.py index 2e7ce27..4f66ced 100644 --- a/app/middleware.py +++ b/app/middleware.py @@ -28,23 +28,21 @@ class PatchMalformedJsonMiddleware(BaseHTTPMiddleware): # try to fix json try: j = json.loads(body) - self.fix_mac_address_list_length(j=j, size=1) + self.__fix_mac_address_list_length(j=j, size=1) except json.decoder.JSONDecodeError: logger.warning(f'Malformed json received! Try to fix it.') body = PatchMalformedJsonMiddleware.fix_json(body) logger.debug(f'Fixed JSON: "{body}"') j = json.loads(body) # ensure json is now valid - j = self.fix_mac_address_list_length(j=j, size=1) + j = self.__fix_mac_address_list_length(j=j, size=1) # set new body request._body = json.dumps(j).encode('utf-8') response = await call_next(request) return response - def fix_mac_address_list_length(self, j: dict, size: int = 1) -> dict: - if not self.enabled: - return j - + @staticmethod + def __fix_mac_address_list_length(j: dict, size: int = 1) -> dict: # reduce "mac_address_list" to environment = j.get('environment', {}) fingerprint = environment.get('fingerprint', {}) From 1b6f142cb58b913636f54ae90619ff6f3b9f5cf6 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Fri, 22 Nov 2024 15:07:54 +0100 Subject: [PATCH 47/93] marked regex with 'r' --- app/middleware.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/middleware.py b/app/middleware.py index 4f66ced..e765f3b 100644 --- a/app/middleware.py +++ b/app/middleware.py @@ -11,7 +11,7 @@ logger = logging.getLogger(__name__) class PatchMalformedJsonMiddleware(BaseHTTPMiddleware): # see oscar.krause/fastapi-dls#1 - REGEX = '(\"mac_address_list\"\:\s?\[)([\w\d])' + REGEX = r'(\"mac_address_list\"\:\s?\[)([\w\d])' def __init__(self, app, enabled: bool): super().__init__(app) From e20a9f4b325523884d01c42ca221f96a6935ebc1 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 25 Nov 2024 07:21:57 +0100 Subject: [PATCH 48/93] added "NixOS" section from mrzenc ref. https://github.com/mrzenc/fastapi-dls-nixos --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index ed8c646..c5c3c44 100644 --- a/README.md +++ b/README.md @@ -393,6 +393,10 @@ Now you have to edit `/etc/default/fastapi-dls` as needed. Continue [here](#unraid-guest) for docker guest setup. +## NixOS + +Tanks to [@mrzenc](https://github.com/mrzenc) for [fastapi-dls-nixos](https://github.com/mrzenc/fastapi-dls-nixos). + ## Let's Encrypt Certificate (optional) If you're using installation via docker, you can use `traefik`. Please refer to their documentation. @@ -767,5 +771,6 @@ Special thanks to: - @DualCoder who creates the `vgpu_unlock` functionality [vgpu_unlock](https://github.com/DualCoder/vgpu_unlock) - Krutav Shah who wrote the [vGPU_Unlock Wiki](https://docs.google.com/document/d/1pzrWJ9h-zANCtyqRgS7Vzla0Y8Ea2-5z2HEi4X75d2Q/) - Wim van 't Hoog for the [Proxmox All-In-One Installer Script](https://wvthoog.nl/proxmox-vgpu-v3/) +- @mrzenc who wrote [fastapi-dls-nixos](https://github.com/mrzenc/fastapi-dls-nixos) And thanks to all people who contributed to all these libraries! From 991a35ef1a11f36bfc158a391cfd82a74b3dfc43 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Fri, 29 Nov 2024 13:04:10 +0100 Subject: [PATCH 49/93] implemented "fix_ip_address_list_length" --- app/middleware.py | 20 +++++++++++++++++--- test/main.py | 16 +++++++++++++++- 2 files changed, 32 insertions(+), 4 deletions(-) diff --git a/app/middleware.py b/app/middleware.py index e765f3b..30bdd22 100644 --- a/app/middleware.py +++ b/app/middleware.py @@ -28,13 +28,15 @@ class PatchMalformedJsonMiddleware(BaseHTTPMiddleware): # try to fix json try: j = json.loads(body) - self.__fix_mac_address_list_length(j=j, size=1) + PatchMalformedJsonMiddleware.fix_mac_address_list_length(j=j, size=1) + PatchMalformedJsonMiddleware.fix_ip_address_list_length(j=j, size=1) except json.decoder.JSONDecodeError: logger.warning(f'Malformed json received! Try to fix it.') body = PatchMalformedJsonMiddleware.fix_json(body) logger.debug(f'Fixed JSON: "{body}"') j = json.loads(body) # ensure json is now valid - j = self.__fix_mac_address_list_length(j=j, size=1) + PatchMalformedJsonMiddleware.fix_mac_address_list_length(j=j, size=1) + PatchMalformedJsonMiddleware.fix_ip_address_list_length(j=j, size=1) # set new body request._body = json.dumps(j).encode('utf-8') @@ -42,7 +44,7 @@ class PatchMalformedJsonMiddleware(BaseHTTPMiddleware): return response @staticmethod - def __fix_mac_address_list_length(j: dict, size: int = 1) -> dict: + def fix_mac_address_list_length(j: dict, size: int = 1) -> dict: # reduce "mac_address_list" to environment = j.get('environment', {}) fingerprint = environment.get('fingerprint', {}) @@ -54,6 +56,18 @@ class PatchMalformedJsonMiddleware(BaseHTTPMiddleware): return j + @staticmethod + def fix_ip_address_list_length(j: dict, size: int = 1) -> dict: + # reduce "ip_address_list" to + environment = j.get('environment', {}) + ip_addresses = environment.get('ip_address_list', []) + + if len(ip_addresses) > 0: + logger.info(f'Transforming "ip_address_list" to length of {size}.') + j['environment']['ip_address_list'] = ip_addresses[:size] + + return j + @staticmethod def fix_json(s: str) -> str: s = s.replace('\t', '') diff --git a/test/main.py b/test/main.py index 8f2e2c7..f35f371 100644 --- a/test/main.py +++ b/test/main.py @@ -114,7 +114,21 @@ def test_auth_v1_origin_malformed_json(): # see oscar.krause/fastapi-dls#1 s = '{"environment": {"fingerprint": {"mac_address_list": [ff:ff:ff:ff:ff:ff"]}}' replaced = PatchMalformedJsonMiddleware.fix_json(s) assert replaced == '{"environment": {"fingerprint": {"mac_address_list": ["ff:ff:ff:ff:ff:ff"]}}' - + + +def test_auth_v1_origin_middleware(): # see oscar.krause/fastapi-dls#1 + import json + from middleware import PatchMalformedJsonMiddleware + + # test regex (temporary, until this section is merged into main.py + s = '{"environment": {"fingerprint": {"mac_address_list": ["aa:aa:aa:aa:aa:aa", "bb:bb:bb:bb:bb:bb"]}, "ip_address_list": ["127.0.0.1", "127.0.0.2"]}}' + j = json.loads(s) + PatchMalformedJsonMiddleware.fix_mac_address_list_length(j=j, size=1) + PatchMalformedJsonMiddleware.fix_ip_address_list_length(j=j, size=1) + s = json.dumps(j) + assert s == '{"environment": {"fingerprint": {"mac_address_list": ["aa:aa:aa:aa:aa:aa"]}, "ip_address_list": ["127.0.0.1"]}}' + + def auth_v1_origin_update(): payload = { From ea8a66d4490cd872679bec2f33801f935568ec8c Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 2 Dec 2024 08:37:01 +0100 Subject: [PATCH 50/93] removed "PatchMalformedJsonMiddleware" because its not working on driver site ref. oscar.krause/fastapi-dls#1 --- .PKGBUILD/PKGBUILD | 1 - README.md | 1 - app/main.py | 5 ---- app/middleware.py | 75 ---------------------------------------------- test/main.py | 23 -------------- 5 files changed, 105 deletions(-) delete mode 100644 app/middleware.py diff --git a/.PKGBUILD/PKGBUILD b/.PKGBUILD/PKGBUILD index 820d8cc..09f606b 100644 --- a/.PKGBUILD/PKGBUILD +++ b/.PKGBUILD/PKGBUILD @@ -48,7 +48,6 @@ package() { install -Dm755 "$srcdir/$pkgname/app/main.py" "$pkgdir/opt/$pkgname/main.py" install -Dm755 "$srcdir/$pkgname/app/orm.py" "$pkgdir/opt/$pkgname/orm.py" install -Dm755 "$srcdir/$pkgname/app/util.py" "$pkgdir/opt/$pkgname/util.py" - install -Dm755 "$srcdir/$pkgname/app/middleware.py" "$pkgdir/opt/$pkgname/middleware.py" install -Dm644 "$srcdir/$pkgname.default" "$pkgdir/etc/default/$pkgname" install -Dm644 "$srcdir/$pkgname.service" "$pkgdir/usr/lib/systemd/system/$pkgname.service" install -Dm644 "$srcdir/$pkgname.tmpfiles" "$pkgdir/usr/lib/tmpfiles.d/$pkgname.conf" diff --git a/README.md b/README.md index c5c3c44..e2e30a6 100644 --- a/README.md +++ b/README.md @@ -430,7 +430,6 @@ After first success you have to replace `--issue` with `--renew`. | `ALLOTMENT_REF` | `20000000-0000-0000-0000-000000000001` | Allotment identification uuid | | `INSTANCE_KEY_RSA` | `/cert/instance.private.pem` | Site-wide private RSA key for singing JWTs \*3 | | `INSTANCE_KEY_PUB` | `/cert/instance.public.pem` | Site-wide public key \*3 | -| `SUPPORT_MALFORMED_JSON` | `false` | Support parsing for mal formatted "mac_address_list" ([Issue](https://git.collinwebdesigns.de/oscar.krause/fastapi-dls/-/issues/1)) | \*1 For example, if the lease period is one day and the renewal period is 20%, the client attempts to renew its license every 4.8 hours. If network connectivity is lost, the loss of connectivity is detected during license renewal and the diff --git a/app/main.py b/app/main.py index 3ad688f..41fb238 100644 --- a/app/main.py +++ b/app/main.py @@ -96,11 +96,6 @@ app.add_middleware( allow_methods=['*'], allow_headers=['*'], ) -if bool(env('SUPPORT_MALFORMED_JSON', False)): - from middleware import PatchMalformedJsonMiddleware - - logger.info(f'Enabled "PatchMalformedJsonMiddleware"!') - app.add_middleware(PatchMalformedJsonMiddleware, enabled=True) # Helper diff --git a/app/middleware.py b/app/middleware.py deleted file mode 100644 index 30bdd22..0000000 --- a/app/middleware.py +++ /dev/null @@ -1,75 +0,0 @@ -import json -import logging -import re - -from starlette.middleware.base import BaseHTTPMiddleware -from starlette.requests import Request - -logger = logging.getLogger(__name__) - - -class PatchMalformedJsonMiddleware(BaseHTTPMiddleware): - # see oscar.krause/fastapi-dls#1 - - REGEX = r'(\"mac_address_list\"\:\s?\[)([\w\d])' - - def __init__(self, app, enabled: bool): - super().__init__(app) - self.enabled = enabled - - async def dispatch(self, request: Request, call_next): - body = await request.body() - content_type = request.headers.get('Content-Type') - - if self.enabled and content_type == 'application/json': - logger.debug(f'Using Request-Patch because "PatchMalformedJsonMiddleware" is enabled!') - body = body.decode() - - # try to fix json - try: - j = json.loads(body) - PatchMalformedJsonMiddleware.fix_mac_address_list_length(j=j, size=1) - PatchMalformedJsonMiddleware.fix_ip_address_list_length(j=j, size=1) - except json.decoder.JSONDecodeError: - logger.warning(f'Malformed json received! Try to fix it.') - body = PatchMalformedJsonMiddleware.fix_json(body) - logger.debug(f'Fixed JSON: "{body}"') - j = json.loads(body) # ensure json is now valid - PatchMalformedJsonMiddleware.fix_mac_address_list_length(j=j, size=1) - PatchMalformedJsonMiddleware.fix_ip_address_list_length(j=j, size=1) - # set new body - request._body = json.dumps(j).encode('utf-8') - - response = await call_next(request) - return response - - @staticmethod - def fix_mac_address_list_length(j: dict, size: int = 1) -> dict: - # reduce "mac_address_list" to - environment = j.get('environment', {}) - fingerprint = environment.get('fingerprint', {}) - mac_address = fingerprint.get('mac_address_list', []) - - if len(mac_address) > 0: - logger.info(f'Transforming "mac_address_list" to length of {size}.') - j['environment']['fingerprint']['mac_address_list'] = mac_address[:size] - - return j - - @staticmethod - def fix_ip_address_list_length(j: dict, size: int = 1) -> dict: - # reduce "ip_address_list" to - environment = j.get('environment', {}) - ip_addresses = environment.get('ip_address_list', []) - - if len(ip_addresses) > 0: - logger.info(f'Transforming "ip_address_list" to length of {size}.') - j['environment']['ip_address_list'] = ip_addresses[:size] - - return j - - @staticmethod - def fix_json(s: str) -> str: - s = s.replace('\t', '') - s = s.replace('\n', '') - return re.sub(PatchMalformedJsonMiddleware.REGEX, r'\1"\2', s) diff --git a/test/main.py b/test/main.py index f35f371..3a30421 100644 --- a/test/main.py +++ b/test/main.py @@ -18,7 +18,6 @@ sys.path.append('../app') from app import main from app.util import load_key -# main.app.add_middleware(PatchMalformedJsonMiddleware, enabled=True) client = TestClient(main.app) ORIGIN_REF, ALLOTMENT_REF, SECRET = str(uuid4()), '20000000-0000-0000-0000-000000000001', 'HelloWorld' @@ -107,28 +106,6 @@ def test_auth_v1_origin(): assert response.json().get('origin_ref') == ORIGIN_REF -def test_auth_v1_origin_malformed_json(): # see oscar.krause/fastapi-dls#1 - from middleware import PatchMalformedJsonMiddleware - - # test regex (temporary, until this section is merged into main.py - s = '{"environment": {"fingerprint": {"mac_address_list": [ff:ff:ff:ff:ff:ff"]}}' - replaced = PatchMalformedJsonMiddleware.fix_json(s) - assert replaced == '{"environment": {"fingerprint": {"mac_address_list": ["ff:ff:ff:ff:ff:ff"]}}' - - -def test_auth_v1_origin_middleware(): # see oscar.krause/fastapi-dls#1 - import json - from middleware import PatchMalformedJsonMiddleware - - # test regex (temporary, until this section is merged into main.py - s = '{"environment": {"fingerprint": {"mac_address_list": ["aa:aa:aa:aa:aa:aa", "bb:bb:bb:bb:bb:bb"]}, "ip_address_list": ["127.0.0.1", "127.0.0.2"]}}' - j = json.loads(s) - PatchMalformedJsonMiddleware.fix_mac_address_list_length(j=j, size=1) - PatchMalformedJsonMiddleware.fix_ip_address_list_length(j=j, size=1) - s = json.dumps(j) - assert s == '{"environment": {"fingerprint": {"mac_address_list": ["aa:aa:aa:aa:aa:aa"]}, "ip_address_list": ["127.0.0.1"]}}' - - def auth_v1_origin_update(): payload = { From 03b9b4a598104e96f8bac06a52c510b7c8c02d06 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 2 Dec 2024 09:42:41 +0100 Subject: [PATCH 51/93] moved from deprecated "datetime.utcnow()" to "datetime.now(UTC)" --- app/main.py | 24 ++++++++++++------------ app/orm.py | 4 ++-- test/main.py | 4 ++-- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/app/main.py b/app/main.py index 41fb238..c1897a7 100644 --- a/app/main.py +++ b/app/main.py @@ -2,7 +2,7 @@ import logging from base64 import b64encode as b64enc from calendar import timegm from contextlib import asynccontextmanager -from datetime import datetime, timedelta +from datetime import datetime, timedelta, UTC from hashlib import sha256 from json import loads as json_loads from os import getenv as env @@ -238,7 +238,7 @@ async def _lease_delete(request: Request, lease_ref: str): # venv/lib/python3.9/site-packages/nls_core_service_instance/service_instance_token_manager.py @app.get('/-/client-token', summary='* Client-Token', description='creates a new messenger token for this service instance') async def _client_token(): - cur_time = datetime.utcnow() + cur_time = datetime.now(UTC) exp_time = cur_time + CLIENT_TOKEN_EXPIRE_DELTA payload = { @@ -284,7 +284,7 @@ async def _client_token(): # venv/lib/python3.9/site-packages/nls_services_auth/test/test_origins_controller.py @app.post('/auth/v1/origin', description='find or create an origin') async def auth_v1_origin(request: Request): - j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow() + j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) origin_ref = j.get('candidate_origin_ref') logging.info(f'> [ origin ]: {origin_ref}: {j}') @@ -314,7 +314,7 @@ async def auth_v1_origin(request: Request): # venv/lib/python3.9/site-packages/nls_services_auth/test/test_origins_controller.py @app.post('/auth/v1/origin/update', description='update an origin evidence') async def auth_v1_origin_update(request: Request): - j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow() + j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) origin_ref = j.get('origin_ref') logging.info(f'> [ update ]: {origin_ref}: {j}') @@ -341,7 +341,7 @@ async def auth_v1_origin_update(request: Request): # venv/lib/python3.9/site-packages/nls_core_auth/auth.py - CodeResponse @app.post('/auth/v1/code', description='get an authorization code') async def auth_v1_code(request: Request): - j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow() + j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) origin_ref = j.get('origin_ref') logging.info(f'> [ code ]: {origin_ref}: {j}') @@ -373,7 +373,7 @@ async def auth_v1_code(request: Request): # venv/lib/python3.9/site-packages/nls_core_auth/auth.py - TokenResponse @app.post('/auth/v1/token', description='exchange auth code and verifier for token') async def auth_v1_token(request: Request): - j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow() + j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) try: payload = jwt.decode(token=j.get('auth_code'), key=jwt_decode_key) @@ -415,7 +415,7 @@ async def auth_v1_token(request: Request): # venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py @app.post('/leasing/v1/lessor', description='request multiple leases (borrow) for current origin') async def leasing_v1_lessor(request: Request): - j, token, cur_time = json_loads((await request.body()).decode('utf-8')), __get_token(request), datetime.utcnow() + j, token, cur_time = json_loads((await request.body()).decode('utf-8')), __get_token(request), datetime.now(UTC) try: token = __get_token(request) @@ -463,7 +463,7 @@ async def leasing_v1_lessor(request: Request): # venv/lib/python3.9/site-packages/nls_dal_service_instance_dls/schema/service_instance/V1_0_21__product_mapping.sql @app.get('/leasing/v1/lessor/leases', description='get active leases for current origin') async def leasing_v1_lessor_lease(request: Request): - token, cur_time = __get_token(request), datetime.utcnow() + token, cur_time = __get_token(request), datetime.now(UTC) origin_ref = token.get('origin_ref') @@ -483,7 +483,7 @@ async def leasing_v1_lessor_lease(request: Request): # venv/lib/python3.9/site-packages/nls_core_lease/lease_single.py @app.put('/leasing/v1/lease/{lease_ref}', description='renew a lease') async def leasing_v1_lease_renew(request: Request, lease_ref: str): - token, cur_time = __get_token(request), datetime.utcnow() + token, cur_time = __get_token(request), datetime.now(UTC) origin_ref = token.get('origin_ref') logging.info(f'> [ renew ]: {origin_ref}: renew {lease_ref}') @@ -510,7 +510,7 @@ async def leasing_v1_lease_renew(request: Request, lease_ref: str): # venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_single_controller.py @app.delete('/leasing/v1/lease/{lease_ref}', description='release (return) a lease') async def leasing_v1_lease_delete(request: Request, lease_ref: str): - token, cur_time = __get_token(request), datetime.utcnow() + token, cur_time = __get_token(request), datetime.now(UTC) origin_ref = token.get('origin_ref') logging.info(f'> [ return ]: {origin_ref}: return {lease_ref}') @@ -536,7 +536,7 @@ async def leasing_v1_lease_delete(request: Request, lease_ref: str): # venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py @app.delete('/leasing/v1/lessor/leases', description='release all leases') async def leasing_v1_lessor_lease_remove(request: Request): - token, cur_time = __get_token(request), datetime.utcnow() + token, cur_time = __get_token(request), datetime.now(UTC) origin_ref = token.get('origin_ref') @@ -556,7 +556,7 @@ async def leasing_v1_lessor_lease_remove(request: Request): @app.post('/leasing/v1/lessor/shutdown', description='shutdown all leases') async def leasing_v1_lessor_shutdown(request: Request): - j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow() + j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) token = j.get('token') token = jwt.decode(token=token, key=jwt_decode_key, algorithms=ALGORITHMS.RS256, options={'verify_aud': False}) diff --git a/app/orm.py b/app/orm.py index bc902df..e2dd0bc 100644 --- a/app/orm.py +++ b/app/orm.py @@ -1,4 +1,4 @@ -from datetime import datetime, timedelta, timezone +from datetime import datetime, timedelta, timezone, UTC from dateutil.relativedelta import relativedelta from sqlalchemy import Column, VARCHAR, CHAR, ForeignKey, DATETIME, update, and_, inspect, text @@ -178,7 +178,7 @@ class Lease(Base): @staticmethod def delete_expired(engine: Engine) -> int: session = sessionmaker(bind=engine)() - deletions = session.query(Lease).filter(Lease.lease_expires <= datetime.utcnow()).delete() + deletions = session.query(Lease).filter(Lease.lease_expires <= datetime.now(UTC)).delete() session.commit() session.close() return deletions diff --git a/test/main.py b/test/main.py index 3a30421..5cf9c42 100644 --- a/test/main.py +++ b/test/main.py @@ -1,7 +1,7 @@ import sys from base64 import b64encode as b64enc from calendar import timegm -from datetime import datetime +from datetime import datetime, UTC from hashlib import sha256 from os.path import dirname, join from uuid import uuid4, UUID @@ -142,7 +142,7 @@ def test_auth_v1_code(): def test_auth_v1_token(): - cur_time = datetime.utcnow() + cur_time = datetime.now(UTC) access_expires_on = cur_time + relativedelta(hours=1) payload = { From f5943cd6365b30b17f15a8952ac1741fcc21535f Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 2 Dec 2024 09:42:56 +0100 Subject: [PATCH 52/93] removed return statement on tests --- test/main.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/test/main.py b/test/main.py index 5cf9c42..dd457cc 100644 --- a/test/main.py +++ b/test/main.py @@ -188,8 +188,6 @@ def test_leasing_v1_lessor(): assert len(lease_result_list[0]['lease']['ref']) == 36 assert str(UUID(lease_result_list[0]['lease']['ref'])) == lease_result_list[0]['lease']['ref'] - return lease_result_list[0]['lease']['ref'] - def test_leasing_v1_lessor_lease(): response = client.get('/leasing/v1/lessor/leases', headers={'authorization': __bearer_token(ORIGIN_REF)}) From 025b88926b4b70166c6c313f9c66840ebbddfca9 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 2 Dec 2024 10:02:54 +0100 Subject: [PATCH 53/93] fixes --- test/main.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/main.py b/test/main.py index dd457cc..5cf9c42 100644 --- a/test/main.py +++ b/test/main.py @@ -188,6 +188,8 @@ def test_leasing_v1_lessor(): assert len(lease_result_list[0]['lease']['ref']) == 36 assert str(UUID(lease_result_list[0]['lease']['ref'])) == lease_result_list[0]['lease']['ref'] + return lease_result_list[0]['lease']['ref'] + def test_leasing_v1_lessor_lease(): response = client.get('/leasing/v1/lessor/leases', headers={'authorization': __bearer_token(ORIGIN_REF)}) From 4a501da27b3dae653c6c44f1f08954b19a20202a Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 2 Dec 2024 10:03:35 +0100 Subject: [PATCH 54/93] code styling --- test/main.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/test/main.py b/test/main.py index 5cf9c42..a10f2c7 100644 --- a/test/main.py +++ b/test/main.py @@ -154,8 +154,7 @@ def test_auth_v1_token(): "kid": "00000000-0000-0000-0000-000000000000" } payload = { - "auth_code": jwt.encode(payload, key=jwt_encode_key, headers={'kid': payload.get('kid')}, - algorithm=ALGORITHMS.RS256), + "auth_code": jwt.encode(payload, key=jwt_encode_key, headers={'kid': payload.get('kid')}, algorithm=ALGORITHMS.RS256), "code_verifier": SECRET, } From 3659aec4b290f91b38f06319ade9241ef8942aa1 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 12 Dec 2024 12:34:19 +0100 Subject: [PATCH 55/93] refactored gitlab-ci --- .gitlab-ci.yml | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index a8aa3bd..6f2dd73 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -127,7 +127,7 @@ build:pacman: - "*.pkg.tar.zst" test: - image: $IMAGE + image: python:3.12-slim-bookworm stage: test interruptible: true rules: @@ -142,14 +142,11 @@ test: DATABASE: sqlite:///../app/db.sqlite parallel: matrix: - - IMAGE: [ 'python:3.12-slim-bookworm' ] - REQUIREMENTS: [ 'requirements.txt' ] - - IMAGE: [ 'debian:bookworm' ] # EOL: June 06, 2026 - REQUIREMENTS: [ '.DEBIAN/requirements-bookworm-12.txt' ] - - IMAGE: [ 'ubuntu:24.04' ] # EOL: April 2036 - REQUIREMENTS: [ '.DEBIAN/requirements-ubuntu-24.04.txt' ] - - IMAGE: [ 'ubuntu:24.10' ] - REQUIREMENTS: [ '.DEBIAN/requirements-ubuntu-24.10.txt' ] + - REQUIREMENTS: + - 'requirements.txt' + - '.DEBIAN/requirements-bookworm-12.txt' + - '.DEBIAN/requirements-ubuntu-24.04.txt' + - '.DEBIAN/requirements-ubuntu-24.10.txt' before_script: - apt-get update && apt-get install -y python3-dev python3-pip python3-venv gcc - python3 -m venv venv @@ -207,13 +204,15 @@ test: - apt-get purge -qq -y fastapi-dls - apt-get autoremove -qq -y && apt-get clean -qq -test:apt:debian: +test:apt: extends: .test:apt - image: debian:bookworm-slim - -test:apt:ubuntu: - extends: .test:apt - image: ubuntu:24.04 + image: $IMAGE + parallel: + matrix: + - IMAGE: + - debian:bookworm-slim # EOL: June 06, 2026 + - ubuntu:24.04 # EOL: April 2036 + - ubuntu:24.10 test:pacman:archlinux: image: archlinux:base From f72c64dcb36ef26d1800fbc5f882f39fbdb6a815 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 12 Dec 2024 12:54:39 +0100 Subject: [PATCH 56/93] renamed "python3-jose" dependency to alias of "python3-josepy" to match apt packages on debian/ubuntu --- .DEBIAN/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.DEBIAN/control b/.DEBIAN/control index 1bab5e2..c2f6ccd 100644 --- a/.DEBIAN/control +++ b/.DEBIAN/control @@ -2,7 +2,7 @@ Package: fastapi-dls Version: 0.0 Architecture: all Maintainer: Oscar Krause oscar.krause@collinwebdesigns.de -Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-jose, python3-sqlalchemy, python3-pycryptodome, python3-markdown, uvicorn, openssl +Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-josepy, python3-sqlalchemy, python3-pycryptodome, python3-markdown, uvicorn, openssl Recommends: curl Installed-Size: 10240 Homepage: https://git.collinwebdesigns.de/oscar.krause/fastapi-dls From e5fc60763891f35d0e9f84d5f2a0879b8ae6807e Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Fri, 13 Dec 2024 07:18:14 +0100 Subject: [PATCH 57/93] added explicit "algorithms" argument applied patch from https://github.com/mrzenc/fastapi-dls-nixos/blob/main/add-algorithms-argument.patch from https://github.com/mrzenc/fastapi-dls-nixos --- app/main.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/main.py b/app/main.py index c1897a7..d0a79f6 100644 --- a/app/main.py +++ b/app/main.py @@ -376,7 +376,7 @@ async def auth_v1_token(request: Request): j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) try: - payload = jwt.decode(token=j.get('auth_code'), key=jwt_decode_key) + payload = jwt.decode(token=j.get('auth_code'), key=jwt_decode_key, algorithms=ALGORITHMS.RS256) except JWTError as e: return JSONr(status_code=400, content={'status': 400, 'title': 'invalid token', 'detail': str(e)}) From 32f1be95994d58d4a18556b4242edb49fc5fc4d8 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Sat, 14 Dec 2024 12:02:48 +0100 Subject: [PATCH 58/93] updated DLS --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e2e30a6..bc0cdf1 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ Minimal Delegated License Service (DLS). -Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0, 3.3.1. For Driver compatibility +Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0, 3.3.1, 3.4.0. For Driver compatibility see [compatibility matrix](#vgpu-software-compatibility-matrix). This service can be used without internet connection. From dcc3654131503da037354d678ad871f8103f46c6 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 16 Dec 2024 07:34:55 +0100 Subject: [PATCH 59/93] disabled matrix tests for python (covered by apt jobs) --- .gitlab-ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6f2dd73..69c3c8a 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -144,9 +144,9 @@ test: matrix: - REQUIREMENTS: - 'requirements.txt' - - '.DEBIAN/requirements-bookworm-12.txt' - - '.DEBIAN/requirements-ubuntu-24.04.txt' - - '.DEBIAN/requirements-ubuntu-24.10.txt' +# - '.DEBIAN/requirements-bookworm-12.txt' +# - '.DEBIAN/requirements-ubuntu-24.04.txt' +# - '.DEBIAN/requirements-ubuntu-24.10.txt' before_script: - apt-get update && apt-get install -y python3-dev python3-pip python3-venv gcc - python3 -m venv venv From d7598a37c6523b287c1267dd1d934971e96f9937 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 21 Jan 2025 07:00:13 +0100 Subject: [PATCH 60/93] added another further reading link --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index bc0cdf1..e06f778 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,7 @@ Only the clients need a connection to this service on configured port. * [NVIDIA vGPU Guide](https://gitlab.com/polloloco/vgpu-proxmox) - This document serves as a guide to install NVIDIA vGPU host drivers on the latest Proxmox VE version * [vgpu_unlock](https://github.com/DualCoder/vgpu_unlock) - Unlock vGPU functionality for consumer-grade Nvidia GPUs. * [vGPU_Unlock Wiki](https://docs.google.com/document/d/1pzrWJ9h-zANCtyqRgS7Vzla0Y8Ea2-5z2HEi4X75d2Q) - Guide for `vgpu_unlock` +* [Proxmox 8 vGPU in VMs and LXC Containers](https://medium.com/@dionisievldulrincz/proxmox-8-vgpu-in-vms-and-lxc-containers-4146400207a3) - Install *Merged Drivers* for using in Proxmox VMs and LXCs * [Proxmox All-In-One Installer Script](https://wvthoog.nl/proxmox-vgpu-v3/) - Also known as `proxmox-installer.sh` --- From 7db43cf61eb39ae30baad1999968cc152d154a49 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 21 Jan 2025 07:02:04 +0100 Subject: [PATCH 61/93] dependencies updated --- Dockerfile | 2 +- requirements.txt | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4f1b1d0..07feb70 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,7 @@ RUN apk update \ && apk add --no-cache --virtual build-deps gcc g++ python3-dev musl-dev pkgconfig \ && apk add --no-cache curl postgresql postgresql-dev mariadb-dev sqlite-dev \ && pip install --no-cache-dir --upgrade uvicorn \ - && pip install --no-cache-dir psycopg2==2.9.10 mysqlclient==2.2.6 pysqlite3==0.5.4 \ + && pip install --no-cache-dir psycopg2==2.9.10 mysqlclient==2.2.7 pysqlite3==0.5.4 \ && pip install --no-cache-dir -r /tmp/requirements.txt \ && apk del build-deps diff --git a/requirements.txt b/requirements.txt index 1fb4868..20e0e53 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,8 +1,8 @@ -fastapi==0.115.5 -uvicorn[standard]==0.32.0 +fastapi==0.115.6 +uvicorn[standard]==0.34.0 python-jose==3.3.0 pycryptodome==3.21.0 python-dateutil==2.8.2 -sqlalchemy==2.0.36 +sqlalchemy==2.0.37 markdown==3.7 python-dotenv==1.0.1 From 0f4d0eea340a2a0c1e7526c834940fad45389e73 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 21 Jan 2025 07:58:13 +0100 Subject: [PATCH 62/93] updated driver releases --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e06f778..3c63005 100644 --- a/README.md +++ b/README.md @@ -735,12 +735,14 @@ Successfully tested with this package versions. | vGPU Suftware | Driver Branch | Linux vGPU Manager | Linux Driver | Windows Driver | Release Date | EOL Date | |:-------------:|:-------------:|--------------------|--------------|----------------|--------------:|--------------:| -| `17.4` | R550 | `550.127.06` | `550.127.05` | `553.24` | October 2024 | February 2025 | +| `17.5` | R550 | `550.144.02` | `550.144.03` | `553.62` | January 2025 | June 2025 | +| `17.4` | R550 | `550.127.06` | `550.127.05` | `553.24` | October 2024 | | | `17.3` | R550 | `550.90.05` | `550.90.07` | `552.74` | July 2024 | | | `17.2` | R550 | `550.90.05` | `550.90.07` | `552.55` | June 2024 | | | `17.1` | R550 | `550.54.16` | `550.54.15` | `551.78` | March 2024 | | | `17.0` | R550 | `550.54.10` | `550.54.14` | `551.61` | February 2024 | | -| `16.8` | R535 | `535.216.01` | `535.216.01` | `538.95` | October 2024 | July 2026 | +| `16.9` | R535 | `535.230.02` | `535.216.01` | `539.19` | October 2024 | July 2026 | +| `16.8` | R535 | `535.216.01` | `535.216.01` | `538.95` | October 2024 | | | `16.7` | R535 | `535.183.04` | `535.183.06` | `538.78` | July 2024 | | | `16.6` | R535 | `535.183.04` | `535.183.01` | `538.67` | June 2024 | | | `16.5` | R535 | `535.161.05` | `535.161.08` | `538.46` | February 2024 | | From 262312b5122ce7914e9a73f6a1dd1f9421de2da4 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 25 Feb 2025 11:21:59 +0100 Subject: [PATCH 63/93] requirements.txt updated --- requirements.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/requirements.txt b/requirements.txt index 20e0e53..6faecca 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,8 +1,8 @@ -fastapi==0.115.6 +fastapi==0.115.8 uvicorn[standard]==0.34.0 -python-jose==3.3.0 +python-jose==3.4.0 pycryptodome==3.21.0 python-dateutil==2.8.2 -sqlalchemy==2.0.37 +sqlalchemy==2.0.38 markdown==3.7 python-dotenv==1.0.1 From ca25349a6875002d1b98aa6b95a54d4298583a0e Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Sun, 9 Mar 2025 21:37:29 +0100 Subject: [PATCH 64/93] added notes about 18.x branch --- README.md | 5 ++++- doc/Reverse Engineering Notes.md | 4 ++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 3c63005..77e69cc 100644 --- a/README.md +++ b/README.md @@ -2,8 +2,9 @@ Minimal Delegated License Service (DLS). -Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0, 3.3.1, 3.4.0. For Driver compatibility +> Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0, 3.3.1, 3.4.0. For Driver compatibility see [compatibility matrix](#vgpu-software-compatibility-matrix). +Drivers are only supported until **17.x releases**. This service can be used without internet connection. Only the clients need a connection to this service on configured port. @@ -731,6 +732,8 @@ The error message can safely be ignored (since we have no license limitation :P) # vGPU Software Compatibility Matrix +**18.x Drivers are not supported on FastAPI-DLS Versions < 1.6.0** + Successfully tested with this package versions. | vGPU Suftware | Driver Branch | Linux vGPU Manager | Linux Driver | Windows Driver | Release Date | EOL Date | diff --git a/doc/Reverse Engineering Notes.md b/doc/Reverse Engineering Notes.md index 0233a64..b2624be 100644 --- a/doc/Reverse Engineering Notes.md +++ b/doc/Reverse Engineering Notes.md @@ -1,5 +1,7 @@ # Reverse Engineering Notes +[[_TOC_]] + # Usefully commands ## Check licensing status @@ -29,6 +31,8 @@ nvidia-gridd[2986]: License acquired successfully. (Info: license.nvidia.space, # DLS-Container File-System (Docker) +- More about Docker Images https://git.collinwebdesigns.de/nvidia/nls + ## Configuration data Most variables and configs are stored in `/var/lib/docker/volumes/configurations/_data`. From 5b61d0a40e5ead936872d8d9e965405fe515e99c Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 10 Mar 2025 21:21:40 +0100 Subject: [PATCH 65/93] Reverse Engineering Notes.md bearbeiten --- doc/Reverse Engineering Notes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/Reverse Engineering Notes.md b/doc/Reverse Engineering Notes.md index b2624be..533ff45 100644 --- a/doc/Reverse Engineering Notes.md +++ b/doc/Reverse Engineering Notes.md @@ -80,13 +80,13 @@ base64-content... ## DB Password - `/etc/dls/config/dls_db_password.bin` ``` +# docker cp -a :/etc/dls/config/dls_db_password.bin /tmp/dls_db_password.bin base64-content... ``` **Decrypt database password** ``` -cd /var/lib/docker/volumes/configurations/_data cat dls_db_password.bin | base64 -d > dls_db_password.bin.raw openssl rsautl -decrypt -inkey /tmp/private-key.pem -in dls_db_password.bin.raw ``` From d30dbced39e76a88080f4f233eeb9053e11f98cd Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 10 Mar 2025 23:47:55 +0100 Subject: [PATCH 66/93] Reverse Engineering Notes.md bearbeiten --- doc/Reverse Engineering Notes.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/doc/Reverse Engineering Notes.md b/doc/Reverse Engineering Notes.md index 533ff45..5fbfe98 100644 --- a/doc/Reverse Engineering Notes.md +++ b/doc/Reverse Engineering Notes.md @@ -96,6 +96,12 @@ openssl rsautl -decrypt -inkey /tmp/private-key.pem -in dls_db_password.bin.raw - It's enough to manipulate database licenses. There must not be changed any line of code to bypass licensing validations. +Valid users are `dls_writer` and `postgres`. + +```shell +docker exec -it psql -h localhost -U postgres +``` + # Logging / Stack Trace - https://docs.nvidia.com/license-system/latest/nvidia-license-system-user-guide/index.html#troubleshooting-dls-instance From 3fdd4390356058e0cf2063b036f3b61dd2c6eac7 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 11 Mar 2025 13:40:21 +0100 Subject: [PATCH 67/93] Reverse Engineering Notes.md bearbeiten --- doc/Reverse Engineering Notes.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/Reverse Engineering Notes.md b/doc/Reverse Engineering Notes.md index 5fbfe98..9be40ab 100644 --- a/doc/Reverse Engineering Notes.md +++ b/doc/Reverse Engineering Notes.md @@ -40,6 +40,8 @@ Most variables and configs are stored in `/var/lib/docker/volumes/configurations Files can be modified with `docker cp :/venv/... /opt/localfile/...` and back. (May you need to fix permissions with `docker exec -u 0 chown nonroot:nonroot /venv/...`) +Config-Variables are in `etc/dls/config/service_env.conf`. + ## Dive / Docker image inspector - `dive dls:appliance` From 3f5fcbebb332af4a68a5f9ef8036b0f937c2099f Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 11 Mar 2025 22:04:35 +0100 Subject: [PATCH 68/93] fixed logging --- app/main.py | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/app/main.py b/app/main.py index d0a79f6..850a6a2 100644 --- a/app/main.py +++ b/app/main.py @@ -287,7 +287,7 @@ async def auth_v1_origin(request: Request): j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) origin_ref = j.get('candidate_origin_ref') - logging.info(f'> [ origin ]: {origin_ref}: {j}') + logger.info(f'> [ origin ]: {origin_ref}: {j}') data = Origin( origin_ref=origin_ref, @@ -317,7 +317,7 @@ async def auth_v1_origin_update(request: Request): j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) origin_ref = j.get('origin_ref') - logging.info(f'> [ update ]: {origin_ref}: {j}') + logger.info(f'> [ update ]: {origin_ref}: {j}') data = Origin( origin_ref=origin_ref, @@ -344,7 +344,7 @@ async def auth_v1_code(request: Request): j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC) origin_ref = j.get('origin_ref') - logging.info(f'> [ code ]: {origin_ref}: {j}') + logger.info(f'> [ code ]: {origin_ref}: {j}') delta = relativedelta(minutes=15) expires = cur_time + delta @@ -381,7 +381,7 @@ async def auth_v1_token(request: Request): return JSONr(status_code=400, content={'status': 400, 'title': 'invalid token', 'detail': str(e)}) origin_ref = payload.get('origin_ref') - logging.info(f'> [ auth ]: {origin_ref}: {j}') + logger.info(f'> [ auth ]: {origin_ref}: {j}') # validate the code challenge challenge = b64enc(sha256(j.get('code_verifier').encode('utf-8')).digest()).rstrip(b'=').decode('utf-8') @@ -424,7 +424,7 @@ async def leasing_v1_lessor(request: Request): origin_ref = token.get('origin_ref') scope_ref_list = j.get('scope_ref_list') - logging.info(f'> [ create ]: {origin_ref}: create leases for scope_ref_list {scope_ref_list}') + logger.info(f'> [ create ]: {origin_ref}: create leases for scope_ref_list {scope_ref_list}') lease_result_list = [] for scope_ref in scope_ref_list: @@ -468,7 +468,7 @@ async def leasing_v1_lessor_lease(request: Request): origin_ref = token.get('origin_ref') active_lease_list = list(map(lambda x: x.lease_ref, Lease.find_by_origin_ref(db, origin_ref))) - logging.info(f'> [ leases ]: {origin_ref}: found {len(active_lease_list)} active leases') + logger.info(f'> [ leases ]: {origin_ref}: found {len(active_lease_list)} active leases') response = { "active_lease_list": active_lease_list, @@ -486,7 +486,7 @@ async def leasing_v1_lease_renew(request: Request, lease_ref: str): token, cur_time = __get_token(request), datetime.now(UTC) origin_ref = token.get('origin_ref') - logging.info(f'> [ renew ]: {origin_ref}: renew {lease_ref}') + logger.info(f'> [ renew ]: {origin_ref}: renew {lease_ref}') entity = Lease.find_by_origin_ref_and_lease_ref(db, origin_ref, lease_ref) if entity is None: @@ -513,7 +513,7 @@ async def leasing_v1_lease_delete(request: Request, lease_ref: str): token, cur_time = __get_token(request), datetime.now(UTC) origin_ref = token.get('origin_ref') - logging.info(f'> [ return ]: {origin_ref}: return {lease_ref}') + logger.info(f'> [ return ]: {origin_ref}: return {lease_ref}') entity = Lease.find_by_lease_ref(db, lease_ref) if entity.origin_ref != origin_ref: @@ -542,7 +542,7 @@ async def leasing_v1_lessor_lease_remove(request: Request): released_lease_list = list(map(lambda x: x.lease_ref, Lease.find_by_origin_ref(db, origin_ref))) deletions = Lease.cleanup(db, origin_ref) - logging.info(f'> [ remove ]: {origin_ref}: removed {deletions} leases') + logger.info(f'> [ remove ]: {origin_ref}: removed {deletions} leases') response = { "released_lease_list": released_lease_list, @@ -564,7 +564,7 @@ async def leasing_v1_lessor_shutdown(request: Request): released_lease_list = list(map(lambda x: x.lease_ref, Lease.find_by_origin_ref(db, origin_ref))) deletions = Lease.cleanup(db, origin_ref) - logging.info(f'> [ shutdown ]: {origin_ref}: removed {deletions} leases') + logger.info(f'> [ shutdown ]: {origin_ref}: removed {deletions} leases') response = { "released_lease_list": released_lease_list, @@ -587,7 +587,7 @@ if __name__ == '__main__': # ### - logging.info(f'> Starting dev-server ...') + logger.info(f'> Starting dev-server ...') ssl_keyfile = join(dirname(__file__), 'cert/webserver.key') ssl_certfile = join(dirname(__file__), 'cert/webserver.crt') From 9c0cd21e71ac554c6f2e212e72457774612f0cbb Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 11 Mar 2025 22:32:13 +0100 Subject: [PATCH 69/93] Reverse Engineering Notes.md bearbeiten --- doc/Reverse Engineering Notes.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/Reverse Engineering Notes.md b/doc/Reverse Engineering Notes.md index 9be40ab..d028a01 100644 --- a/doc/Reverse Engineering Notes.md +++ b/doc/Reverse Engineering Notes.md @@ -104,6 +104,8 @@ Valid users are `dls_writer` and `postgres`. docker exec -it psql -h localhost -U postgres ``` +Or you can modify `docker-compose.yaml` to forward Postgres port. + # Logging / Stack Trace - https://docs.nvidia.com/license-system/latest/nvidia-license-system-user-guide/index.html#troubleshooting-dls-instance From a953e62bcb5141d0afe730c215257894f63afde0 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 11 Mar 2025 22:51:45 +0100 Subject: [PATCH 70/93] Reverse Engineering Notes.md bearbeiten --- doc/Reverse Engineering Notes.md | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/doc/Reverse Engineering Notes.md b/doc/Reverse Engineering Notes.md index d028a01..f417209 100644 --- a/doc/Reverse Engineering Notes.md +++ b/doc/Reverse Engineering Notes.md @@ -59,19 +59,6 @@ Command: #(nop) ADD file:c1900d3e3a29c29a743a8da86c437006ec5d2aa873fb24e48033b6bf492bb37b in / ``` -## Private Key (Site-Key) - -- `/etc/dls/config/decryptor/decryptor` - -```shell - docker exec -it /etc/dls/config/decryptor/decryptor > /tmp/private-key.pem -``` - -``` ------BEGIN RSA PRIVATE KEY----- -... ------END RSA PRIVATE KEY----- -``` ## Site Key Uri - `/etc/dls/config/site_key_uri.bin` From 43fdf1170cd5454a20bb57281255c062c760fef3 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 12 Mar 2025 08:44:37 +0100 Subject: [PATCH 71/93] Reverse Engineering Notes.md bearbeiten --- doc/Reverse Engineering Notes.md | 48 +++++++++++++++++++------------- 1 file changed, 28 insertions(+), 20 deletions(-) diff --git a/doc/Reverse Engineering Notes.md b/doc/Reverse Engineering Notes.md index f417209..fd1f67f 100644 --- a/doc/Reverse Engineering Notes.md +++ b/doc/Reverse Engineering Notes.md @@ -29,7 +29,7 @@ nvidia-gridd[2986]: Acquiring license. (Info: license.nvidia.space; NVIDIA RTX V nvidia-gridd[2986]: License acquired successfully. (Info: license.nvidia.space, NVIDIA RTX Virtual Workstation; Expiry: 2023-1-29 22:3:0 GMT) ``` -# DLS-Container File-System (Docker) +# Docker DLS-Container File-System - More about Docker Images https://git.collinwebdesigns.de/nvidia/nls @@ -42,23 +42,6 @@ Files can be modified with `docker cp :/venv/... /opt/localfile/.. Config-Variables are in `etc/dls/config/service_env.conf`. -## Dive / Docker image inspector - -- `dive dls:appliance` - -The source code is stored in `/venv/lib/python3.9/site-packages/nls_*`. - -Image-Reference: - -``` -Tags: (unavailable) -Id: d1c7976a5d2b3681ff6c5a30f8187e4015187a83f3f285ba4a37a45458bd6b98 -Digest: sha256:311223c5af7a298ec1104f5dc8c3019bfb0e1f77256dc3d995244ffb295a97 -1f -Command: -#(nop) ADD file:c1900d3e3a29c29a743a8da86c437006ec5d2aa873fb24e48033b6bf492bb37b in / -``` - ## Site Key Uri - `/etc/dls/config/site_key_uri.bin` @@ -80,18 +63,43 @@ cat dls_db_password.bin | base64 -d > dls_db_password.bin.raw openssl rsautl -decrypt -inkey /tmp/private-key.pem -in dls_db_password.bin.raw ``` -# Database +# Docker Postgres-Container - It's enough to manipulate database licenses. There must not be changed any line of code to bypass licensing validations. +## Inspect + Valid users are `dls_writer` and `postgres`. ```shell docker exec -it psql -h localhost -U postgres ``` -Or you can modify `docker-compose.yaml` to forward Postgres port. +## External Access + +Or you can modify `docker-compose.yaml` to forward Postgres port. To create a superuser for external access, use `docker exec` from above and rund the following: + +```sql +CREATE USER admin WITH LOGIN SUPERUSER PASSWORD 'admin'; +``` + +# Dive / Docker image inspector + +- `dive dls:appliance` + +The source code is stored in `/venv/lib/python3.9/site-packages/nls_*`. + +Image-Reference: + +``` +Tags: (unavailable) +Id: d1c7976a5d2b3681ff6c5a30f8187e4015187a83f3f285ba4a37a45458bd6b98 +Digest: sha256:311223c5af7a298ec1104f5dc8c3019bfb0e1f77256dc3d995244ffb295a97 +1f +Command: +#(nop) ADD file:c1900d3e3a29c29a743a8da86c437006ec5d2aa873fb24e48033b6bf492bb37b in / +``` # Logging / Stack Trace From 25658cb1fb103779e7be1321b06218f082dd662c Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 12 Mar 2025 11:41:58 +0100 Subject: [PATCH 72/93] code styling --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index 77e69cc..3d18a01 100644 --- a/README.md +++ b/README.md @@ -734,6 +734,9 @@ The error message can safely be ignored (since we have no license limitation :P) **18.x Drivers are not supported on FastAPI-DLS Versions < 1.6.0** +
+ Show Table + Successfully tested with this package versions. | vGPU Suftware | Driver Branch | Linux vGPU Manager | Linux Driver | Windows Driver | Release Date | EOL Date | @@ -757,6 +760,8 @@ Successfully tested with this package versions. | `15.4` | R525 | `525.147.01` | `525.147.05` | `529.19` | June 2023 | December 2023 | | `14.4` | R510 | `510.108.03` | `510.108.03` | `514.08` | December 2022 | February 2023 | +
+ - https://docs.nvidia.com/grid/index.html - https://docs.nvidia.com/grid/gpus-supported-by-vgpu.html From 6607756c089259b2e6df3817aef28a13207dea6e Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 13 Mar 2025 20:29:16 +0100 Subject: [PATCH 73/93] updated Reverse Engineering Notes.md --- doc/Reverse Engineering Notes.md | 243 ++++++++++--------------------- 1 file changed, 76 insertions(+), 167 deletions(-) diff --git a/doc/Reverse Engineering Notes.md b/doc/Reverse Engineering Notes.md index 9be40ab..ae1ba25 100644 --- a/doc/Reverse Engineering Notes.md +++ b/doc/Reverse Engineering Notes.md @@ -2,7 +2,75 @@ [[_TOC_]] -# Usefully commands +# NLS Docker Stack + +- More about Docker Images https://git.collinwebdesigns.de/nvidia/nls + +## Appliance + +### Configuration data + +- Most variables and configs are stored in `/var/lib/docker/volumes/configurations/_data`. +- Config-Variables are in `etc/dls/config/service_env.conf`. + +### NLS Logs + +Logs are found in `/var/lib/docker/volumes/logs/_data`. + +Most interesting logs are: + +- `fileInstallation.log` +- `serviceInstance.log` + +### File manipulation and copy + +- Files can be copied with `docker cp :/venv/... /opt/localfile/...`. +- Files can be directly edited via Docker-Volume mounts + - see `df -h` (one is nls, the other postgres container) + ``` + overlay 16G 11G 5.6G 66% /var/lib/docker/overlay2//merged + overlay 16G 11G 5.6G 66% /var/lib/docker/overlay2//merged + ``` + - then you can edit files with e.g. `nano venv/lib/python3.12/site-packages/...` + +### Other tools / files + +Other tools / files which may can helpful, but not known for what they are used. + +- `/etc/dls/config/decryptor/decryptor` +- `/etc/dls/config/site_key_uri.bin` +- `/etc/dls/config/dls_db_password.bin` + +## Database + +- It's enough to manipulate database licenses. There must not be changed any line of code to bypass licensing + validations. + +Valid users are `dls_writer` and `postgres`. + +```shell +docker exec -it psql -h localhost -U postgres +``` + +If you want external access to database, you have to add `ports: [ 5432:5432 ]` to postgres section in +`docker-compose.yml`. +Then you can *exec* into container with `psql` and add a new superuser: + +```sql +CREATE +USER admin WITH LOGIN SUPERUSER PASSWORD 'admin'; +``` + +# Logging / Stack Trace + +- https://docs.nvidia.com/license-system/latest/nvidia-license-system-user-guide/index.html#troubleshooting-dls-instance + + +# Nginx + +- NGINX uses `/opt/certs/cert.pem` and `/opt/certs/key.pem` + +# Usefully commands on Client ## Check licensing status @@ -20,170 +88,11 @@ vGPU Software Licensed Product - NVIDIA Grid Log: `journalctl -u nvidia-gridd -f` ``` -systemd[1]: Started NVIDIA Grid Daemon. -nvidia-gridd[2986]: Configuration parameter ( ServerAddress ) not set -nvidia-gridd[2986]: vGPU Software package (0) -nvidia-gridd[2986]: Ignore service provider and node-locked licensing -nvidia-gridd[2986]: NLS initialized -nvidia-gridd[2986]: Acquiring license. (Info: license.nvidia.space; NVIDIA RTX Virtual Workstation) -nvidia-gridd[2986]: License acquired successfully. (Info: license.nvidia.space, NVIDIA RTX Virtual Workstation; Expiry: 2023-1-29 22:3:0 GMT) +systemd: Started NVIDIA Grid Daemon. +nvidia-gridd: Configuration parameter ( ServerAddress ) not set +nvidia-gridd: vGPU Software package (0) +nvidia-gridd: Ignore service provider and node-locked licensing +nvidia-gridd: NLS initialized +nvidia-gridd: Acquiring license. (Info: license.nvidia.space; NVIDIA RTX Virtual Workstation) +nvidia-gridd: License acquired successfully. (Info: license.nvidia.space, NVIDIA RTX Virtual Workstation; Expiry: 2023-1-29 22:3:0 GMT) ``` - -# DLS-Container File-System (Docker) - -- More about Docker Images https://git.collinwebdesigns.de/nvidia/nls - -## Configuration data - -Most variables and configs are stored in `/var/lib/docker/volumes/configurations/_data`. - -Files can be modified with `docker cp :/venv/... /opt/localfile/...` and back. -(May you need to fix permissions with `docker exec -u 0 chown nonroot:nonroot /venv/...`) - -Config-Variables are in `etc/dls/config/service_env.conf`. - -## Dive / Docker image inspector - -- `dive dls:appliance` - -The source code is stored in `/venv/lib/python3.9/site-packages/nls_*`. - -Image-Reference: - -``` -Tags: (unavailable) -Id: d1c7976a5d2b3681ff6c5a30f8187e4015187a83f3f285ba4a37a45458bd6b98 -Digest: sha256:311223c5af7a298ec1104f5dc8c3019bfb0e1f77256dc3d995244ffb295a97 -1f -Command: -#(nop) ADD file:c1900d3e3a29c29a743a8da86c437006ec5d2aa873fb24e48033b6bf492bb37b in / -``` - -## Private Key (Site-Key) - -- `/etc/dls/config/decryptor/decryptor` - -```shell - docker exec -it /etc/dls/config/decryptor/decryptor > /tmp/private-key.pem -``` - -``` ------BEGIN RSA PRIVATE KEY----- -... ------END RSA PRIVATE KEY----- -``` - -## Site Key Uri - `/etc/dls/config/site_key_uri.bin` - -``` -base64-content... -``` - -## DB Password - `/etc/dls/config/dls_db_password.bin` - -``` -# docker cp -a :/etc/dls/config/dls_db_password.bin /tmp/dls_db_password.bin -base64-content... -``` - -**Decrypt database password** - -``` -cat dls_db_password.bin | base64 -d > dls_db_password.bin.raw -openssl rsautl -decrypt -inkey /tmp/private-key.pem -in dls_db_password.bin.raw -``` - -# Database - -- It's enough to manipulate database licenses. There must not be changed any line of code to bypass licensing - validations. - -Valid users are `dls_writer` and `postgres`. - -```shell -docker exec -it psql -h localhost -U postgres -``` - -# Logging / Stack Trace - -- https://docs.nvidia.com/license-system/latest/nvidia-license-system-user-guide/index.html#troubleshooting-dls-instance - -**Failed licensing log** - -``` -{ - "activity": 100, - "context": { - "SERVICE_INSTANCE_ID": "b43d6e46-d6d0-4943-8b8d-c66a5f6e0d38", - "SERVICE_INSTANCE_NAME": "DEFAULT_2022-12-14_12:48:30", - "description": "borrow failed: NotFoundError(no pool features found for: NVIDIA RTX Virtual Workstation)", - "event_type": null, - "function_name": "_evt", - "lineno": 54, - "module_name": "nls_dal_lease_dls.event", - "operation_id": "e72a8ca7-34cc-4e11-b80c-273592085a24", - "origin_ref": "3f7f5a50-a26b-425b-8d5e-157f63e72b1c", - "service_name": "nls_services_lease" - }, - "detail": { - "oc": { - "license_allotment_xid": "10c4317f-7c4c-11ed-a524-0e4252a7e5f1", - "origin_ref": "3f7f5a50-a26b-425b-8d5e-157f63e72b1c", - "service_instance_xid": "b43d6e46-d6d0-4943-8b8d-c66a5f6e0d38" - }, - "operation_id": "e72a8ca7-34cc-4e11-b80c-273592085a24" - }, - "id": "0cc9e092-3b92-4652-8d9e-7622ef85dc79", - "metadata": {}, - "ts": "2022-12-15T10:25:36.827661Z" -} - -{ - "activity": 400, - "context": { - "SERVICE_INSTANCE_ID": "b43d6e46-d6d0-4943-8b8d-c66a5f6e0d38", - "SERVICE_INSTANCE_NAME": "DEFAULT_2022-12-14_12:48:30", - "description": "lease_multi_create failed: no pool features found for: NVIDIA RTX Virtual Workstation", - "event_by": "system", - "function_name": "lease_multi_create", - "level": "warning", - "lineno": 157, - "module_name": "nls_services_lease.controllers.lease_multi_controller", - "operation_id": "e72a8ca7-34cc-4e11-b80c-273592085a24", - "service_name": "nls_services_lease" - }, - "detail": { - "_msg": "lease_multi_create failed: no pool features found for: NVIDIA RTX Virtual Workstation", - "exec_info": ["NotFoundError", "NotFoundError(no pool features found for: NVIDIA RTX Virtual Workstation)", " File \"/venv/lib/python3.9/site-packages/nls_services_lease/controllers/lease_multi_controller.py\", line 127, in lease_multi_create\n data = _leaseMulti.lease_multi_create(event_args)\n File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 208, in lease_multi_create\n raise e\n File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 184, in lease_multi_create\n self._try_proposals(oc, mlr, results, detail)\n File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 219, in _try_proposals\n lease = self._leases.create(creator)\n File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 230, in create\n features = self._get_features(creator)\n File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 148, in _get_features\n self._explain_not_available(cur, creator)\n File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 299, in _explain_not_available\n raise NotFoundError(f'no pool features found for: {lcc.product_name}')\n"], - "operation_id": "e72a8ca7-34cc-4e11-b80c-273592085a24" - }, - "id": "282801b9-d612-40a5-9145-b56d8e420dac", - "metadata": {}, - "ts": "2022-12-15T10:25:36.831673Z" -} - -``` - -**Stack Trace** - -``` -"NotFoundError", "NotFoundError(no pool features found for: NVIDIA RTX Virtual Workstation)", " File \"/venv/lib/python3.9/site-packages/nls_services_lease/controllers/lease_multi_controller.py\", line 127, in lease_multi_create - data = _leaseMulti.lease_multi_create(event_args) - File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 208, in lease_multi_create - raise e - File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 184, in lease_multi_create - self._try_proposals(oc, mlr, results, detail) - File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 219, in _try_proposals - lease = self._leases.create(creator) - File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 230, in create - features = self._get_features(creator) - File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 148, in _get_features - self._explain_not_available(cur, creator) - File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 299, in _explain_not_available - raise NotFoundError(f'no pool features found for: {lcc.product_name}') -" -``` - -# Nginx - -- NGINX uses `/opt/certs/cert.pem` and `/opt/certs/key.pem` From 0bdd3a6ac281a8501f43600fbf0d8e79f52b5c21 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 17 Mar 2025 14:05:26 +0100 Subject: [PATCH 74/93] migrated from "pycryptodome" to "cryptography" --- .DEBIAN/control | 2 +- .DEBIAN/requirements-bookworm-12.txt | 4 +- .DEBIAN/requirements-ubuntu-24.04.txt | 4 +- .DEBIAN/requirements-ubuntu-24.10.txt | 4 +- .PKGBUILD/PKGBUILD | 2 +- app/main.py | 16 ++++---- app/util.py | 56 ++++++++++++++++++--------- requirements.txt | 4 +- test/main.py | 10 ++--- 9 files changed, 61 insertions(+), 41 deletions(-) diff --git a/.DEBIAN/control b/.DEBIAN/control index c2f6ccd..b58c41c 100644 --- a/.DEBIAN/control +++ b/.DEBIAN/control @@ -2,7 +2,7 @@ Package: fastapi-dls Version: 0.0 Architecture: all Maintainer: Oscar Krause oscar.krause@collinwebdesigns.de -Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-josepy, python3-sqlalchemy, python3-pycryptodome, python3-markdown, uvicorn, openssl +Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-josepy, python3-sqlalchemy, python3-cryptography, python3-markdown, uvicorn, openssl Recommends: curl Installed-Size: 10240 Homepage: https://git.collinwebdesigns.de/oscar.krause/fastapi-dls diff --git a/.DEBIAN/requirements-bookworm-12.txt b/.DEBIAN/requirements-bookworm-12.txt index 223c64c..c3fe52e 100644 --- a/.DEBIAN/requirements-bookworm-12.txt +++ b/.DEBIAN/requirements-bookworm-12.txt @@ -1,8 +1,8 @@ # https://packages.debian.org/hu/ fastapi==0.92.0 uvicorn[standard]==0.17.6 -python-jose[pycryptodome]==3.3.0 -pycryptodome==3.11.0 +python-jose[cryptography]==3.3.0 +cryptography==38.0.4 python-dateutil==2.8.2 sqlalchemy==1.4.46 markdown==3.4.1 diff --git a/.DEBIAN/requirements-ubuntu-24.04.txt b/.DEBIAN/requirements-ubuntu-24.04.txt index 7cb653b..0ba3025 100644 --- a/.DEBIAN/requirements-ubuntu-24.04.txt +++ b/.DEBIAN/requirements-ubuntu-24.04.txt @@ -1,8 +1,8 @@ # https://packages.ubuntu.com fastapi==0.101.0 uvicorn[standard]==0.27.1 -python-jose[pycryptodome]==3.3.0 -pycryptodome==3.20.0 +python-jose[cryptography]==3.3.0 +cryptography==41.0.7 python-dateutil==2.8.2 sqlalchemy==1.4.50 markdown==3.5.2 diff --git a/.DEBIAN/requirements-ubuntu-24.10.txt b/.DEBIAN/requirements-ubuntu-24.10.txt index 7a65314..59f9361 100644 --- a/.DEBIAN/requirements-ubuntu-24.10.txt +++ b/.DEBIAN/requirements-ubuntu-24.10.txt @@ -1,8 +1,8 @@ # https://packages.ubuntu.com fastapi==0.110.3 uvicorn[standard]==0.30.3 -python-jose[pycryptodome]==3.3.0 -pycryptodome==3.20.0 +python-jose[cryptography]==3.3.0 +cryptography==42.0.5 python-dateutil==2.9.0 sqlalchemy==2.0.32 markdown==3.6 diff --git a/.PKGBUILD/PKGBUILD b/.PKGBUILD/PKGBUILD index 09f606b..44d36c9 100644 --- a/.PKGBUILD/PKGBUILD +++ b/.PKGBUILD/PKGBUILD @@ -8,7 +8,7 @@ pkgdesc='NVIDIA DLS server implementation with FastAPI' arch=('any') url='https://git.collinwebdesigns.de/oscar.krause/fastapi-dls' license=('MIT') -depends=('python' 'python-jose' 'python-starlette' 'python-httpx' 'python-fastapi' 'python-dotenv' 'python-dateutil' 'python-sqlalchemy' 'python-pycryptodome' 'uvicorn' 'python-markdown' 'openssl') +depends=('python' 'python-jose' 'python-starlette' 'python-httpx' 'python-fastapi' 'python-dotenv' 'python-dateutil' 'python-sqlalchemy' 'python3-cryptography' 'uvicorn' 'python-markdown' 'openssl') provider=("$pkgname") install="$pkgname.install" backup=('etc/default/fastapi-dls') diff --git a/app/main.py b/app/main.py index 850a6a2..60f8c60 100644 --- a/app/main.py +++ b/app/main.py @@ -21,7 +21,7 @@ from starlette.middleware.cors import CORSMiddleware from starlette.responses import StreamingResponse, JSONResponse as JSONr, HTMLResponse as HTMLr, Response, RedirectResponse from orm import Origin, Lease, init as db_init, migrate -from util import load_key, load_file +from util import load_private_key, load_public_key, get_pem, load_file # Load variables load_dotenv('../version.env') @@ -42,8 +42,8 @@ DLS_PORT = int(env('DLS_PORT', '443')) SITE_KEY_XID = str(env('SITE_KEY_XID', '00000000-0000-0000-0000-000000000000')) INSTANCE_REF = str(env('INSTANCE_REF', '10000000-0000-0000-0000-000000000001')) ALLOTMENT_REF = str(env('ALLOTMENT_REF', '20000000-0000-0000-0000-000000000001')) -INSTANCE_KEY_RSA = load_key(str(env('INSTANCE_KEY_RSA', join(dirname(__file__), 'cert/instance.private.pem')))) -INSTANCE_KEY_PUB = load_key(str(env('INSTANCE_KEY_PUB', join(dirname(__file__), 'cert/instance.public.pem')))) +INSTANCE_KEY_RSA = load_private_key(str(env('INSTANCE_KEY_RSA', join(dirname(__file__), 'cert/instance.private.pem')))) +INSTANCE_KEY_PUB = load_public_key(str(env('INSTANCE_KEY_PUB', join(dirname(__file__), 'cert/instance.public.pem')))) TOKEN_EXPIRE_DELTA = relativedelta(days=int(env('TOKEN_EXPIRE_DAYS', 1)), hours=int(env('TOKEN_EXPIRE_HOURS', 0))) LEASE_EXPIRE_DELTA = relativedelta(days=int(env('LEASE_EXPIRE_DAYS', 90)), hours=int(env('LEASE_EXPIRE_HOURS', 0))) LEASE_RENEWAL_PERIOD = float(env('LEASE_RENEWAL_PERIOD', 0.15)) @@ -51,8 +51,8 @@ LEASE_RENEWAL_DELTA = timedelta(days=int(env('LEASE_EXPIRE_DAYS', 90)), hours=in CLIENT_TOKEN_EXPIRE_DELTA = relativedelta(years=12) CORS_ORIGINS = str(env('CORS_ORIGINS', '')).split(',') if (env('CORS_ORIGINS')) else [f'https://{DLS_URL}'] -jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256) -jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256) +jwt_encode_key = jwk.construct(get_pem(INSTANCE_KEY_RSA), algorithm=ALGORITHMS.RS256) +jwt_decode_key = jwk.construct(get_pem(INSTANCE_KEY_PUB), algorithm=ALGORITHMS.RS256) # Logging LOG_LEVEL = logging.DEBUG if DEBUG else logging.INFO @@ -264,10 +264,10 @@ async def _client_token(): }, "service_instance_public_key_configuration": { "service_instance_public_key_me": { - "mod": hex(INSTANCE_KEY_PUB.public_key().n)[2:], - "exp": int(INSTANCE_KEY_PUB.public_key().e), + "mod": hex(INSTANCE_KEY_PUB.public_numbers().n)[2:], + "exp": int(INSTANCE_KEY_PUB.public_numbers().e), }, - "service_instance_public_key_pem": INSTANCE_KEY_PUB.export_key().decode('utf-8'), + "service_instance_public_key_pem": get_pem(INSTANCE_KEY_PUB).decode('utf-8'), "key_retention_mode": "LATEST_ONLY" }, } diff --git a/app/util.py b/app/util.py index b5b1ff1..f2b1be4 100644 --- a/app/util.py +++ b/app/util.py @@ -11,31 +11,51 @@ def load_file(filename: str) -> bytes: return content -def load_key(filename: str) -> "RsaKey": - try: - # Crypto | Cryptodome on Debian - from Crypto.PublicKey import RSA - from Crypto.PublicKey.RSA import RsaKey - except ModuleNotFoundError: - from Cryptodome.PublicKey import RSA - from Cryptodome.PublicKey.RSA import RsaKey +def load_private_key(filename: str) -> "RSAPrivateKey": + from cryptography.hazmat.primitives.serialization import load_pem_private_key log = logging.getLogger(__name__) log.debug(f'Importing RSA-Key from "{filename}"') - return RSA.import_key(extern_key=load_file(filename), passphrase=None) + + with open(filename, 'rb') as f: + data = f.read() + return load_pem_private_key(data.strip(), password=None) -def generate_key() -> "RsaKey": - try: - # Crypto | Cryptodome on Debian - from Crypto.PublicKey import RSA - from Crypto.PublicKey.RSA import RsaKey - except ModuleNotFoundError: - from Cryptodome.PublicKey import RSA - from Cryptodome.PublicKey.RSA import RsaKey +def load_public_key(filename: str) -> "RSAPublicKey": + from cryptography.hazmat.primitives.serialization import load_pem_public_key + + log = logging.getLogger(__name__) + log.debug(f'Importing RSA-Key from "{filename}"') + + with open(filename, 'rb') as f: + data = f.read() + return load_pem_public_key(data.strip()) + + +def get_pem(key) -> bytes | None: + from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey, RSAPublicKey + from cryptography.hazmat.primitives import serialization + + if isinstance(key, RSAPrivateKey): + return key.private_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PrivateFormat.TraditionalOpenSSL, + encryption_algorithm=serialization.NoEncryption() + ) + if isinstance(key, RSAPublicKey): + return key.public_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PublicFormat.SubjectPublicKeyInfo + ) + + +def generate_private_key() -> "RSAPrivateKey": + from cryptography.hazmat.primitives.asymmetric import rsa + log = logging.getLogger(__name__) log.debug(f'Generating RSA-Key') - return RSA.generate(bits=2048) + return rsa.generate_private_key(public_exponent=65537, key_size=2048) class NV: diff --git a/requirements.txt b/requirements.txt index 6faecca..e13bedc 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,7 +1,7 @@ fastapi==0.115.8 uvicorn[standard]==0.34.0 -python-jose==3.4.0 -pycryptodome==3.21.0 +python-jose[cryptography]==3.4.0 +cryptography==44.0.2 python-dateutil==2.8.2 sqlalchemy==2.0.38 markdown==3.7 diff --git a/test/main.py b/test/main.py index a10f2c7..b63601e 100644 --- a/test/main.py +++ b/test/main.py @@ -16,7 +16,7 @@ sys.path.append('../') sys.path.append('../app') from app import main -from app.util import load_key +from util import load_private_key, load_public_key, get_pem client = TestClient(main.app) @@ -25,11 +25,11 @@ ORIGIN_REF, ALLOTMENT_REF, SECRET = str(uuid4()), '20000000-0000-0000-0000-00000 # INSTANCE_KEY_RSA = generate_key() # INSTANCE_KEY_PUB = INSTANCE_KEY_RSA.public_key() -INSTANCE_KEY_RSA = load_key(str(join(dirname(__file__), '../app/cert/instance.private.pem'))) -INSTANCE_KEY_PUB = load_key(str(join(dirname(__file__), '../app/cert/instance.public.pem'))) +INSTANCE_KEY_RSA = load_private_key(str(join(dirname(__file__), '../app/cert/instance.private.pem'))) +INSTANCE_KEY_PUB = load_public_key(str(join(dirname(__file__), '../app/cert/instance.public.pem'))) -jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256) -jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256) +jwt_encode_key = jwk.construct(get_pem(INSTANCE_KEY_RSA), algorithm=ALGORITHMS.RS256) +jwt_decode_key = jwk.construct(get_pem(INSTANCE_KEY_PUB), algorithm=ALGORITHMS.RS256) def __bearer_token(origin_ref: str) -> str: From 958f23f79d274e220c7710fd6b1f745c30a741c6 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 17 Mar 2025 14:09:55 +0100 Subject: [PATCH 75/93] fixed "cryptography" dependency --- .PKGBUILD/PKGBUILD | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.PKGBUILD/PKGBUILD b/.PKGBUILD/PKGBUILD index 44d36c9..bee4a12 100644 --- a/.PKGBUILD/PKGBUILD +++ b/.PKGBUILD/PKGBUILD @@ -8,7 +8,7 @@ pkgdesc='NVIDIA DLS server implementation with FastAPI' arch=('any') url='https://git.collinwebdesigns.de/oscar.krause/fastapi-dls' license=('MIT') -depends=('python' 'python-jose' 'python-starlette' 'python-httpx' 'python-fastapi' 'python-dotenv' 'python-dateutil' 'python-sqlalchemy' 'python3-cryptography' 'uvicorn' 'python-markdown' 'openssl') +depends=('python' 'python-jose' 'python-starlette' 'python-httpx' 'python-fastapi' 'python-dotenv' 'python-dateutil' 'python-sqlalchemy' 'python-cryptography' 'uvicorn' 'python-markdown' 'openssl') provider=("$pkgname") install="$pkgname.install" backup=('etc/default/fastapi-dls') From fd46eecfb391ae371a138ffdaf85241d2dc01e22 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 18 Mar 2025 09:43:44 +0100 Subject: [PATCH 76/93] created PrivateKey / PublicKey wrapper classes --- app/main.py | 16 ++++----- app/util.py | 99 +++++++++++++++++++++++++++------------------------- test/main.py | 10 +++--- 3 files changed, 65 insertions(+), 60 deletions(-) diff --git a/app/main.py b/app/main.py index 60f8c60..30d2ed1 100644 --- a/app/main.py +++ b/app/main.py @@ -21,7 +21,7 @@ from starlette.middleware.cors import CORSMiddleware from starlette.responses import StreamingResponse, JSONResponse as JSONr, HTMLResponse as HTMLr, Response, RedirectResponse from orm import Origin, Lease, init as db_init, migrate -from util import load_private_key, load_public_key, get_pem, load_file +from util import PrivateKey, PublicKey, load_file # Load variables load_dotenv('../version.env') @@ -42,8 +42,8 @@ DLS_PORT = int(env('DLS_PORT', '443')) SITE_KEY_XID = str(env('SITE_KEY_XID', '00000000-0000-0000-0000-000000000000')) INSTANCE_REF = str(env('INSTANCE_REF', '10000000-0000-0000-0000-000000000001')) ALLOTMENT_REF = str(env('ALLOTMENT_REF', '20000000-0000-0000-0000-000000000001')) -INSTANCE_KEY_RSA = load_private_key(str(env('INSTANCE_KEY_RSA', join(dirname(__file__), 'cert/instance.private.pem')))) -INSTANCE_KEY_PUB = load_public_key(str(env('INSTANCE_KEY_PUB', join(dirname(__file__), 'cert/instance.public.pem')))) +INSTANCE_KEY_RSA = PrivateKey(str(env('INSTANCE_KEY_RSA', join(dirname(__file__), 'cert/instance.private.pem')))) +INSTANCE_KEY_PUB = PublicKey(str(env('INSTANCE_KEY_PUB', join(dirname(__file__), 'cert/instance.public.pem')))) TOKEN_EXPIRE_DELTA = relativedelta(days=int(env('TOKEN_EXPIRE_DAYS', 1)), hours=int(env('TOKEN_EXPIRE_HOURS', 0))) LEASE_EXPIRE_DELTA = relativedelta(days=int(env('LEASE_EXPIRE_DAYS', 90)), hours=int(env('LEASE_EXPIRE_HOURS', 0))) LEASE_RENEWAL_PERIOD = float(env('LEASE_RENEWAL_PERIOD', 0.15)) @@ -51,8 +51,8 @@ LEASE_RENEWAL_DELTA = timedelta(days=int(env('LEASE_EXPIRE_DAYS', 90)), hours=in CLIENT_TOKEN_EXPIRE_DELTA = relativedelta(years=12) CORS_ORIGINS = str(env('CORS_ORIGINS', '')).split(',') if (env('CORS_ORIGINS')) else [f'https://{DLS_URL}'] -jwt_encode_key = jwk.construct(get_pem(INSTANCE_KEY_RSA), algorithm=ALGORITHMS.RS256) -jwt_decode_key = jwk.construct(get_pem(INSTANCE_KEY_PUB), algorithm=ALGORITHMS.RS256) +jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.pem(), algorithm=ALGORITHMS.RS256) +jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.pem(), algorithm=ALGORITHMS.RS256) # Logging LOG_LEVEL = logging.DEBUG if DEBUG else logging.INFO @@ -264,10 +264,10 @@ async def _client_token(): }, "service_instance_public_key_configuration": { "service_instance_public_key_me": { - "mod": hex(INSTANCE_KEY_PUB.public_numbers().n)[2:], - "exp": int(INSTANCE_KEY_PUB.public_numbers().e), + "mod": hex(INSTANCE_KEY_PUB.raw().public_numbers().n)[2:], + "exp": int(INSTANCE_KEY_PUB.raw().public_numbers().e), }, - "service_instance_public_key_pem": get_pem(INSTANCE_KEY_PUB).decode('utf-8'), + "service_instance_public_key_pem": INSTANCE_KEY_PUB.pem().decode('utf-8'), "key_retention_mode": "LATEST_ONLY" }, } diff --git a/app/util.py b/app/util.py index f2b1be4..dd07f50 100644 --- a/app/util.py +++ b/app/util.py @@ -1,8 +1,60 @@ import logging +from cryptography.hazmat.primitives import serialization +from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey, RSAPublicKey, generate_private_key +from cryptography.hazmat.primitives.serialization import load_pem_private_key, load_pem_public_key + logging.basicConfig() +class PrivateKey: + + def __init__(self, filename: str): + log = logging.getLogger(__name__) + log.debug(f'Importing RSA-Key from "{filename}"') + + with open(filename, 'rb') as f: + data = f.read() + + self.key = load_pem_private_key(data.strip(), password=None) + + def raw(self) -> RSAPrivateKey: + return self.key + + def pem(self) -> bytes: + return self.key.private_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PrivateFormat.TraditionalOpenSSL, + encryption_algorithm=serialization.NoEncryption() + ) + + @staticmethod + def generate(public_exponent: int = 65537, key_size: int = 2048) -> RSAPrivateKey: + log = logging.getLogger(__name__) + log.debug(f'Generating RSA-Key') + return generate_private_key(public_exponent=public_exponent, key_size=key_size) + + +class PublicKey: + + def __init__(self, filename: str): + log = logging.getLogger(__name__) + log.debug(f'Importing RSA-Key from "{filename}"') + + with open(filename, 'rb') as f: + data = f.read() + + self.key = load_pem_public_key(data.strip()) + + def raw(self) -> RSAPublicKey: + return self.key + + def pem(self) -> bytes: + return self.key.public_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PublicFormat.SubjectPublicKeyInfo + ) + def load_file(filename: str) -> bytes: log = logging.getLogger(f'{__name__}') log.debug(f'Loading contents of file "{filename}') @@ -11,53 +63,6 @@ def load_file(filename: str) -> bytes: return content -def load_private_key(filename: str) -> "RSAPrivateKey": - from cryptography.hazmat.primitives.serialization import load_pem_private_key - - log = logging.getLogger(__name__) - log.debug(f'Importing RSA-Key from "{filename}"') - - with open(filename, 'rb') as f: - data = f.read() - return load_pem_private_key(data.strip(), password=None) - - -def load_public_key(filename: str) -> "RSAPublicKey": - from cryptography.hazmat.primitives.serialization import load_pem_public_key - - log = logging.getLogger(__name__) - log.debug(f'Importing RSA-Key from "{filename}"') - - with open(filename, 'rb') as f: - data = f.read() - return load_pem_public_key(data.strip()) - - -def get_pem(key) -> bytes | None: - from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey, RSAPublicKey - from cryptography.hazmat.primitives import serialization - - if isinstance(key, RSAPrivateKey): - return key.private_bytes( - encoding=serialization.Encoding.PEM, - format=serialization.PrivateFormat.TraditionalOpenSSL, - encryption_algorithm=serialization.NoEncryption() - ) - if isinstance(key, RSAPublicKey): - return key.public_bytes( - encoding=serialization.Encoding.PEM, - format=serialization.PublicFormat.SubjectPublicKeyInfo - ) - - -def generate_private_key() -> "RSAPrivateKey": - from cryptography.hazmat.primitives.asymmetric import rsa - - log = logging.getLogger(__name__) - log.debug(f'Generating RSA-Key') - return rsa.generate_private_key(public_exponent=65537, key_size=2048) - - class NV: __DRIVER_MATRIX_FILENAME = 'static/driver_matrix.json' __DRIVER_MATRIX: None | dict = None # https://docs.nvidia.com/grid/ => "Driver Versions" diff --git a/test/main.py b/test/main.py index b63601e..a56a84a 100644 --- a/test/main.py +++ b/test/main.py @@ -16,7 +16,7 @@ sys.path.append('../') sys.path.append('../app') from app import main -from util import load_private_key, load_public_key, get_pem +from util import PrivateKey, PublicKey client = TestClient(main.app) @@ -25,11 +25,11 @@ ORIGIN_REF, ALLOTMENT_REF, SECRET = str(uuid4()), '20000000-0000-0000-0000-00000 # INSTANCE_KEY_RSA = generate_key() # INSTANCE_KEY_PUB = INSTANCE_KEY_RSA.public_key() -INSTANCE_KEY_RSA = load_private_key(str(join(dirname(__file__), '../app/cert/instance.private.pem'))) -INSTANCE_KEY_PUB = load_public_key(str(join(dirname(__file__), '../app/cert/instance.public.pem'))) +INSTANCE_KEY_RSA = PrivateKey(str(join(dirname(__file__), '../app/cert/instance.private.pem'))) +INSTANCE_KEY_PUB = PublicKey(str(join(dirname(__file__), '../app/cert/instance.public.pem'))) -jwt_encode_key = jwk.construct(get_pem(INSTANCE_KEY_RSA), algorithm=ALGORITHMS.RS256) -jwt_decode_key = jwk.construct(get_pem(INSTANCE_KEY_PUB), algorithm=ALGORITHMS.RS256) +jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.pem(), algorithm=ALGORITHMS.RS256) +jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.pem(), algorithm=ALGORITHMS.RS256) def __bearer_token(origin_ref: str) -> str: From e6a2de40c9a9cacc8ec4650a3d6f995bc927c2da Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 18 Mar 2025 10:33:52 +0100 Subject: [PATCH 77/93] fixed test deprecations --- test/main.py | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/test/main.py b/test/main.py index a56a84a..9e4de54 100644 --- a/test/main.py +++ b/test/main.py @@ -187,8 +187,6 @@ def test_leasing_v1_lessor(): assert len(lease_result_list[0]['lease']['ref']) == 36 assert str(UUID(lease_result_list[0]['lease']['ref'])) == lease_result_list[0]['lease']['ref'] - return lease_result_list[0]['lease']['ref'] - def test_leasing_v1_lessor_lease(): response = client.get('/leasing/v1/lessor/leases', headers={'authorization': __bearer_token(ORIGIN_REF)}) @@ -231,7 +229,23 @@ def test_leasing_v1_lease_delete(): def test_leasing_v1_lessor_lease_remove(): - lease_ref = test_leasing_v1_lessor() + # see "test_leasing_v1_lessor()" + payload = { + 'fulfillment_context': { + 'fulfillment_class_ref_list': [] + }, + 'lease_proposal_list': [{ + 'license_type_qualifiers': {'count': 1}, + 'product': {'name': 'NVIDIA RTX Virtual Workstation'} + }], + 'proposal_evaluation_mode': 'ALL_OF', + 'scope_ref_list': [ALLOTMENT_REF] + } + + response = client.post('/leasing/v1/lessor', json=payload, headers={'authorization': __bearer_token(ORIGIN_REF)}) + lease_result_list = response.json().get('lease_result_list') + lease_ref = lease_result_list[0]['lease']['ref'] + # response = client.delete('/leasing/v1/lessor/leases', headers={'authorization': __bearer_token(ORIGIN_REF)}) assert response.status_code == 200 From 85623d1a653884703eef81a47a4afb7024bf8882 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 18 Mar 2025 14:47:33 +0100 Subject: [PATCH 78/93] code styling --- app/main.py | 4 ++-- app/util.py | 45 +++++++++++++++++++++++++++++++++------------ 2 files changed, 35 insertions(+), 14 deletions(-) diff --git a/app/main.py b/app/main.py index 30d2ed1..f11ba5c 100644 --- a/app/main.py +++ b/app/main.py @@ -42,8 +42,8 @@ DLS_PORT = int(env('DLS_PORT', '443')) SITE_KEY_XID = str(env('SITE_KEY_XID', '00000000-0000-0000-0000-000000000000')) INSTANCE_REF = str(env('INSTANCE_REF', '10000000-0000-0000-0000-000000000001')) ALLOTMENT_REF = str(env('ALLOTMENT_REF', '20000000-0000-0000-0000-000000000001')) -INSTANCE_KEY_RSA = PrivateKey(str(env('INSTANCE_KEY_RSA', join(dirname(__file__), 'cert/instance.private.pem')))) -INSTANCE_KEY_PUB = PublicKey(str(env('INSTANCE_KEY_PUB', join(dirname(__file__), 'cert/instance.public.pem')))) +INSTANCE_KEY_RSA = PrivateKey.from_file(str(env('INSTANCE_KEY_RSA', join(dirname(__file__), 'cert/instance.private.pem')))) +INSTANCE_KEY_PUB = PublicKey.from_file(str(env('INSTANCE_KEY_PUB', join(dirname(__file__), 'cert/instance.public.pem')))) TOKEN_EXPIRE_DELTA = relativedelta(days=int(env('TOKEN_EXPIRE_DAYS', 1)), hours=int(env('TOKEN_EXPIRE_HOURS', 0))) LEASE_EXPIRE_DELTA = relativedelta(days=int(env('LEASE_EXPIRE_DAYS', 90)), hours=int(env('LEASE_EXPIRE_HOURS', 0))) LEASE_RENEWAL_PERIOD = float(env('LEASE_RENEWAL_PERIOD', 0.15)) diff --git a/app/util.py b/app/util.py index dd07f50..1aae17b 100644 --- a/app/util.py +++ b/app/util.py @@ -9,48 +9,69 @@ logging.basicConfig() class PrivateKey: - def __init__(self, filename: str): + def __init__(self, data: bytes): + self.__key = load_pem_private_key(data, password=None) + + @staticmethod + def from_file(filename: str) -> "PrivateKey": log = logging.getLogger(__name__) - log.debug(f'Importing RSA-Key from "{filename}"') + log.debug(f'Importing RSA-Private-Key from "{filename}"') with open(filename, 'rb') as f: data = f.read() - self.key = load_pem_private_key(data.strip(), password=None) + return PrivateKey(data=data.strip()) def raw(self) -> RSAPrivateKey: - return self.key + return self.__key def pem(self) -> bytes: - return self.key.private_bytes( + return self.__key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption() ) + def public_key(self) -> "PublicKey": + data = self.__key.public_key().public_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PublicFormat.SubjectPublicKeyInfo + ) + return PublicKey(data=data) + @staticmethod - def generate(public_exponent: int = 65537, key_size: int = 2048) -> RSAPrivateKey: + def generate(public_exponent: int = 65537, key_size: int = 2048) -> "PrivateKey": log = logging.getLogger(__name__) log.debug(f'Generating RSA-Key') - return generate_private_key(public_exponent=public_exponent, key_size=key_size) + key = generate_private_key(public_exponent=public_exponent, key_size=key_size) + data = key.private_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PrivateFormat.TraditionalOpenSSL, + encryption_algorithm=serialization.NoEncryption() + ) + return PrivateKey(data=data) class PublicKey: - def __init__(self, filename: str): + def __init__(self, data: bytes): + self.__key = load_pem_public_key(data) + + @staticmethod + def from_file(filename: str) -> "PublicKey": log = logging.getLogger(__name__) - log.debug(f'Importing RSA-Key from "{filename}"') + log.debug(f'Importing RSA-Public-Key from "{filename}"') with open(filename, 'rb') as f: data = f.read() - self.key = load_pem_public_key(data.strip()) + return PublicKey(data=data.strip()) def raw(self) -> RSAPublicKey: - return self.key + return self.__key def pem(self) -> bytes: - return self.key.public_bytes( + return self.__key.public_bytes( encoding=serialization.Encoding.PEM, format=serialization.PublicFormat.SubjectPublicKeyInfo ) From 26248a4ea56d8458a16962fdeee501e98da95605 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 19 Mar 2025 21:01:58 +0100 Subject: [PATCH 79/93] fixed tests --- test/main.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/main.py b/test/main.py index 9e4de54..653548f 100644 --- a/test/main.py +++ b/test/main.py @@ -25,8 +25,8 @@ ORIGIN_REF, ALLOTMENT_REF, SECRET = str(uuid4()), '20000000-0000-0000-0000-00000 # INSTANCE_KEY_RSA = generate_key() # INSTANCE_KEY_PUB = INSTANCE_KEY_RSA.public_key() -INSTANCE_KEY_RSA = PrivateKey(str(join(dirname(__file__), '../app/cert/instance.private.pem'))) -INSTANCE_KEY_PUB = PublicKey(str(join(dirname(__file__), '../app/cert/instance.public.pem'))) +INSTANCE_KEY_RSA = PrivateKey.from_file(str(join(dirname(__file__), '../app/cert/instance.private.pem'))) +INSTANCE_KEY_PUB = PublicKey.from_file(str(join(dirname(__file__), '../app/cert/instance.public.pem'))) jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.pem(), algorithm=ALGORITHMS.RS256) jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.pem(), algorithm=ALGORITHMS.RS256) From 951fc352031258aab21c36d7248faaccb64ff11c Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 19 Mar 2025 21:03:54 +0100 Subject: [PATCH 80/93] moved Reverse Engineering Notes to separate project ref.: https://git.collinwebdesigns.de/nvidia/nls --- doc/Database.md | 26 --------- doc/Reverse Engineering Notes.md | 98 -------------------------------- 2 files changed, 124 deletions(-) delete mode 100644 doc/Database.md delete mode 100644 doc/Reverse Engineering Notes.md diff --git a/doc/Database.md b/doc/Database.md deleted file mode 100644 index 5a838a3..0000000 --- a/doc/Database.md +++ /dev/null @@ -1,26 +0,0 @@ -# Database structure - -## `request_routing.service_instance` - -| xid | org_name | -|----------------------------------------|--------------------------| -| `10000000-0000-0000-0000-000000000000` | `lic-000000000000000000` | - -- `xid` is used as `SERVICE_INSTANCE_XID` - -## `request_routing.license_allotment_service_instance` - -| xid | service_instance_xid | license_allotment_xid | -|----------------------------------------|----------------------------------------|----------------------------------------| -| `90000000-0000-0000-0000-000000000001` | `10000000-0000-0000-0000-000000000000` | `80000000-0000-0000-0000-000000000001` | - -- `xid` is only a primary-key and never used as foreign-key or reference -- `license_allotment_xid` must be used to fetch `xid`'s from `request_routing.license_allotment_reference` - -## `request_routing.license_allotment_reference` - -| xid | license_allotment_xid | -|----------------------------------------|----------------------------------------| -| `20000000-0000-0000-0000-000000000001` | `80000000-0000-0000-0000-000000000001` | - -- `xid` is used as `scope_ref_list` on token request diff --git a/doc/Reverse Engineering Notes.md b/doc/Reverse Engineering Notes.md deleted file mode 100644 index ae1ba25..0000000 --- a/doc/Reverse Engineering Notes.md +++ /dev/null @@ -1,98 +0,0 @@ -# Reverse Engineering Notes - -[[_TOC_]] - -# NLS Docker Stack - -- More about Docker Images https://git.collinwebdesigns.de/nvidia/nls - -## Appliance - -### Configuration data - -- Most variables and configs are stored in `/var/lib/docker/volumes/configurations/_data`. -- Config-Variables are in `etc/dls/config/service_env.conf`. - -### NLS Logs - -Logs are found in `/var/lib/docker/volumes/logs/_data`. - -Most interesting logs are: - -- `fileInstallation.log` -- `serviceInstance.log` - -### File manipulation and copy - -- Files can be copied with `docker cp :/venv/... /opt/localfile/...`. -- Files can be directly edited via Docker-Volume mounts - - see `df -h` (one is nls, the other postgres container) - ``` - overlay 16G 11G 5.6G 66% /var/lib/docker/overlay2//merged - overlay 16G 11G 5.6G 66% /var/lib/docker/overlay2//merged - ``` - - then you can edit files with e.g. `nano venv/lib/python3.12/site-packages/...` - -### Other tools / files - -Other tools / files which may can helpful, but not known for what they are used. - -- `/etc/dls/config/decryptor/decryptor` -- `/etc/dls/config/site_key_uri.bin` -- `/etc/dls/config/dls_db_password.bin` - -## Database - -- It's enough to manipulate database licenses. There must not be changed any line of code to bypass licensing - validations. - -Valid users are `dls_writer` and `postgres`. - -```shell -docker exec -it psql -h localhost -U postgres -``` - -If you want external access to database, you have to add `ports: [ 5432:5432 ]` to postgres section in -`docker-compose.yml`. -Then you can *exec* into container with `psql` and add a new superuser: - -```sql -CREATE -USER admin WITH LOGIN SUPERUSER PASSWORD 'admin'; -``` - -# Logging / Stack Trace - -- https://docs.nvidia.com/license-system/latest/nvidia-license-system-user-guide/index.html#troubleshooting-dls-instance - - -# Nginx - -- NGINX uses `/opt/certs/cert.pem` and `/opt/certs/key.pem` - -# Usefully commands on Client - -## Check licensing status - -- `nvidia-smi -q | grep "License"` - -**Output** - -``` -vGPU Software Licensed Product - License Status : Licensed (Expiry: 2023-1-14 12:59:52 GMT) -``` - -## Track licensing progress - -- NVIDIA Grid Log: `journalctl -u nvidia-gridd -f` - -``` -systemd: Started NVIDIA Grid Daemon. -nvidia-gridd: Configuration parameter ( ServerAddress ) not set -nvidia-gridd: vGPU Software package (0) -nvidia-gridd: Ignore service provider and node-locked licensing -nvidia-gridd: NLS initialized -nvidia-gridd: Acquiring license. (Info: license.nvidia.space; NVIDIA RTX Virtual Workstation) -nvidia-gridd: License acquired successfully. (Info: license.nvidia.space, NVIDIA RTX Virtual Workstation; Expiry: 2023-1-29 22:3:0 GMT) -``` From 9ed178098bf3212360ad6ace23d73be1eba8c272 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 20 Mar 2025 07:11:01 +0100 Subject: [PATCH 81/93] removed doc directory --- .PKGBUILD/PKGBUILD | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.PKGBUILD/PKGBUILD b/.PKGBUILD/PKGBUILD index bee4a12..2504aaa 100644 --- a/.PKGBUILD/PKGBUILD +++ b/.PKGBUILD/PKGBUILD @@ -39,7 +39,7 @@ check() { package() { install -d "$pkgdir/usr/share/doc/$pkgname" install -d "$pkgdir/var/lib/$pkgname/cert" - cp -r "$srcdir/$pkgname/doc"/* "$pkgdir/usr/share/doc/$pkgname/" + #cp -r "$srcdir/$pkgname/doc"/* "$pkgdir/usr/share/doc/$pkgname/" install -Dm644 "$srcdir/$pkgname/README.md" "$pkgdir/usr/share/doc/$pkgname/README.md" install -Dm644 "$srcdir/$pkgname/version.env" "$pkgdir/usr/share/doc/$pkgname/version.env" From 490720f2d64f3c970fae4c1e500b04b17cdd3404 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 20 Mar 2025 20:09:13 +0100 Subject: [PATCH 82/93] code styling --- README.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3d18a01..91cd157 100644 --- a/README.md +++ b/README.md @@ -2,9 +2,12 @@ Minimal Delegated License Service (DLS). +> [!note] > Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0, 3.3.1, 3.4.0. For Driver compatibility see [compatibility matrix](#vgpu-software-compatibility-matrix). -Drivers are only supported until **17.x releases**. + +> [!alert] 18.x Drivers are not yet supported! +> Drivers are only supported until **17.x releases**. This service can be used without internet connection. Only the clients need a connection to this service on configured port. @@ -83,7 +86,7 @@ docker run -e DLS_URL=`hostname -i` -e DLS_PORT=443 -p 443:443 -v $WORKING_DIR:/ See [`examples`](examples) directory for more advanced examples (with reverse proxy usage). -> Adjust *REQUIRED* variables as needed +> Adjust `REQUIRED` variables as needed ```yaml version: '3.9' From e0c9bb46eebc78e4bc286af63a8e2d51835346e3 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 20 Mar 2025 20:09:20 +0100 Subject: [PATCH 83/93] requirements.txt updated --- requirements.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/requirements.txt b/requirements.txt index e13bedc..78e826b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,8 +1,8 @@ -fastapi==0.115.8 +fastapi==0.115.11 uvicorn[standard]==0.34.0 python-jose[cryptography]==3.4.0 cryptography==44.0.2 -python-dateutil==2.8.2 -sqlalchemy==2.0.38 +python-dateutil==2.9.0 +sqlalchemy==2.0.39 markdown==3.7 python-dotenv==1.0.1 From b26704646dd98cc93b3068aa2d5e4e727565723b Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Thu, 20 Mar 2025 20:24:43 +0100 Subject: [PATCH 84/93] fixes --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index 91cd157..83b9fc0 100644 --- a/README.md +++ b/README.md @@ -2,11 +2,10 @@ Minimal Delegated License Service (DLS). -> [!note] > Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0, 3.3.1, 3.4.0. For Driver compatibility see [compatibility matrix](#vgpu-software-compatibility-matrix). -> [!alert] 18.x Drivers are not yet supported! +> **18.x Drivers are not yet supported!** > Drivers are only supported until **17.x releases**. This service can be used without internet connection. From cc2a11d07bc93e27f981562ab619be8c4635dae3 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Fri, 21 Mar 2025 07:47:26 +0100 Subject: [PATCH 85/93] moved the only two FAQ entries to Known-Issues on README --- FAQ.md | 17 ----------------- README.md | 15 +++++++++++++++ 2 files changed, 15 insertions(+), 17 deletions(-) delete mode 100644 FAQ.md diff --git a/FAQ.md b/FAQ.md deleted file mode 100644 index 4ddd379..0000000 --- a/FAQ.md +++ /dev/null @@ -1,17 +0,0 @@ -# FAQ - -## `Failed to acquire license from (Info: - Error: The allowed time to process response has expired)` - -- Did your timezone settings are correct on fastapi-dls **and your guest**? - -- Did you download the client-token more than an hour ago? - -Please download a new client-token. The guest have to register within an hour after client-token was created. - - -## `jose.exceptions.JWTError: Signature verification failed.` - -- Did you recreated `instance.public.pem` / `instance.private.pem`? - -Then you have to download a **new** client-token on each of your guests. - diff --git a/README.md b/README.md index 83b9fc0..4f6104a 100644 --- a/README.md +++ b/README.md @@ -602,6 +602,21 @@ Logs are available in `C:\Users\Public\Documents\Nvidia\LoggingLog.NVDisplay.Con # Known Issues +## Generic + +### `Failed to acquire license from (Info: - Error: The allowed time to process response has expired)` + +- Did your timezone settings are correct on fastapi-dls **and your guest**? +- Did you download the client-token more than an hour ago? + +Please download a new client-token. The guest have to register within an hour after client-token was created. + +### `jose.exceptions.JWTError: Signature verification failed.` + +- Did you recreate `instance.public.pem` / `instance.private.pem`? + +Then you have to download a **new** client-token on each of your guests. + ## Linux ### Invalid HTTP request From 76272af36f13324fc1c72c526b2147bcf0b90bfb Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Fri, 21 Mar 2025 07:47:41 +0100 Subject: [PATCH 86/93] added some glfm --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 4f6104a..3e860b7 100644 --- a/README.md +++ b/README.md @@ -2,10 +2,11 @@ Minimal Delegated License Service (DLS). +> [!note] > Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0, 3.3.1, 3.4.0. For Driver compatibility -see [compatibility matrix](#vgpu-software-compatibility-matrix). +> see [compatibility matrix](#vgpu-software-compatibility-matrix). -> **18.x Drivers are not yet supported!** +> [!warning] **18.x Drivers are not yet supported!** > Drivers are only supported until **17.x releases**. This service can be used without internet connection. From 666a07507e9489a19b309f5b397c32baf0f14c77 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Fri, 21 Mar 2025 08:39:32 +0100 Subject: [PATCH 87/93] typos --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3e860b7..d6b9c48 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ Minimal Delegated License Service (DLS). > Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0, 3.3.1, 3.4.0. For Driver compatibility > see [compatibility matrix](#vgpu-software-compatibility-matrix). -> [!warning] **18.x Drivers are not yet supported!** +> [!warning] 18.x Drivers are not yet supported! > Drivers are only supported until **17.x releases**. This service can be used without internet connection. From c3dbc043b3cf0d6e93b479ebda853ff052221967 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Fri, 21 Mar 2025 08:47:28 +0100 Subject: [PATCH 88/93] updated EOLs --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index d6b9c48..f928f84 100644 --- a/README.md +++ b/README.md @@ -333,14 +333,14 @@ Packages are available here: - [GitLab-Registry](https://git.collinwebdesigns.de/oscar.krause/fastapi-dls/-/packages) -Successful tested with: +Successful tested with (**LTS Version**): - **Debian 12 (Bookworm)** (EOL: June 06, 2026) - *Ubuntu 22.10 (Kinetic Kudu)* (EOL: July 20, 2023) - *Ubuntu 23.04 (Lunar Lobster)* (EOL: January 2024) - *Ubuntu 23.10 (Mantic Minotaur)* (EOL: July 2024) -- **Ubuntu 24.04 (Noble Numbat)** (EOL: April 2036) -- *Ubuntu 24.10 (Oracular Oriole)* (EOL: tba.) +- **Ubuntu 24.04 (Noble Numbat)** (EOL: Apr 2029) +- *Ubuntu 24.10 (Oracular Oriole)* (EOL: Jul 2025) Not working with: From 6d5b389f2a30f588fe13dad7322961cb4ddfc8ce Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 8 Apr 2025 09:17:44 +0200 Subject: [PATCH 89/93] .gitlab-ci.yml --- .gitlab-ci.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 69c3c8a..07f6a8b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -272,12 +272,13 @@ test_coverage: - cd test script: - pip install pytest pytest-cov - - coverage run -m pytest main.py + - coverage run -m pytest main.py --junitxml=report.xml --suppress-no-test-exit-code - coverage report - coverage xml coverage: '/(?i)total.*? (100(?:\.0+)?\%|[1-9]?\d(?:\.\d+)?\%)$/' artifacts: reports: + junit: [ '**/report.xml' ] coverage_report: coverage_format: cobertura path: '**/coverage.xml' From ca0eedc1f2d87df3ccddfb069470c4ef755807ce Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 8 Apr 2025 09:18:50 +0200 Subject: [PATCH 90/93] .gitignore --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 3421248..6d4a15c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,6 @@ .DS_Store venv/ .idea/ -app/*.sqlite* +*.sqlite app/cert/*.* .pytest_cache From 44a63efc4f09ac5ed6c7dedbbe5f2503e1f59e57 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 8 Apr 2025 09:22:03 +0200 Subject: [PATCH 91/93] requirements.txt updated --- requirements.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/requirements.txt b/requirements.txt index 78e826b..6d1a841 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,8 +1,8 @@ -fastapi==0.115.11 +pypi==0.115.12 uvicorn[standard]==0.34.0 python-jose[cryptography]==3.4.0 cryptography==44.0.2 python-dateutil==2.9.0 -sqlalchemy==2.0.39 +sqlalchemy==2.0.40 markdown==3.7 -python-dotenv==1.0.1 +python-dotenv==1.1.0 From d4d49956fe78556363b8f54d30b9ae6d6d10d7a0 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 8 Apr 2025 09:38:49 +0200 Subject: [PATCH 92/93] fixes --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 6d1a841..6819866 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ -pypi==0.115.12 +fastapi==0.115.12 uvicorn[standard]==0.34.0 python-jose[cryptography]==3.4.0 cryptography==44.0.2 From 4568881d1e1565b243476458d74c982a40d7912a Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Tue, 8 Apr 2025 09:56:51 +0200 Subject: [PATCH 93/93] fixes --- .gitlab-ci.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 07f6a8b..dd97c6f 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -153,7 +153,7 @@ test: - source venv/bin/activate - pip install --upgrade pip - pip install -r $REQUIREMENTS - - pip install pytest httpx + - pip install pytest pytest-cov pytest-custom_exit_code httpx - mkdir -p app/cert - openssl genrsa -out app/cert/instance.private.pem 2048 - openssl rsa -in app/cert/instance.private.pem -outform PEM -pubout -out app/cert/instance.public.pem @@ -265,13 +265,12 @@ test_coverage: before_script: - apt-get update && apt-get install -y python3-dev gcc - pip install -r requirements.txt - - pip install pytest httpx + - pip install pytest pytest-cov pytest-custom_exit_code httpx - mkdir -p app/cert - openssl genrsa -out app/cert/instance.private.pem 2048 - openssl rsa -in app/cert/instance.private.pem -outform PEM -pubout -out app/cert/instance.public.pem - cd test script: - - pip install pytest pytest-cov - coverage run -m pytest main.py --junitxml=report.xml --suppress-no-test-exit-code - coverage report - coverage xml