From 616e8fba5e983eded6bc45e893397d8df3137c7f Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 30 Jan 2023 08:37:34 +0100 Subject: [PATCH 1/9] README - improvements --- README.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 649b158..0da343b 100644 --- a/README.md +++ b/README.md @@ -71,7 +71,7 @@ version: '3.9' x-dls-variables: &dls-variables DLS_URL: localhost # REQUIRED, change to your ip or hostname DLS_PORT: 443 - LEASE_EXPIRE_DAYS: 90 + LEASE_EXPIRE_DAYS: 90 # 90 days is maximum DATABASE: sqlite:////app/database/db.sqlite services: @@ -85,7 +85,12 @@ services: volumes: - /opt/docker/fastapi-dls/cert:/app/cert - dls-db:/app/database - + logging: # optional, for those who do not need logs + driver: "json-file" + options: + max-file: 5 + max-size: 10m + volumes: dls-db: ``` @@ -135,6 +140,8 @@ This is only to test whether the service starts successfully. ```shell cd /opt/fastapi-dls/app su - www-data -c "/opt/fastapi-dls/venv/bin/uvicorn main:app --app-dir=/opt/fastapi-dls/app" +# or +sudo -u www-data -c "/opt/fastapi-dls/venv/bin/uvicorn main:app --app-dir=/opt/fastapi-dls/app" ``` **Create config file** From 70212e0edd7c327266e693f377d889a267c5adfd Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 30 Jan 2023 09:18:57 +0100 Subject: [PATCH 2/9] improved docker-compose examples --- README.md | 2 ++ docker-compose.yml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/README.md b/README.md index 0da343b..86f1abe 100644 --- a/README.md +++ b/README.md @@ -69,10 +69,12 @@ Goto [`docker-compose.yml`](docker-compose.yml) for more advanced example (with version: '3.9' x-dls-variables: &dls-variables + TZ: Europe/Berlin # REQUIRED, set your timezone correctly on fastapi-dls AND YOUR CLIENTS !!! DLS_URL: localhost # REQUIRED, change to your ip or hostname DLS_PORT: 443 LEASE_EXPIRE_DAYS: 90 # 90 days is maximum DATABASE: sqlite:////app/database/db.sqlite + DEBUG: false services: dls: diff --git a/docker-compose.yml b/docker-compose.yml index b52a58a..3f02cdc 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -14,6 +14,7 @@ services: environment: <<: *dls-variables volumes: + - /etc/timezone:/etc/timezone:ro - /opt/docker/fastapi-dls/cert:/app/cert # instance.private.pem, instance.public.pem - db:/app/database entrypoint: ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000", "--app-dir", "/app", "--proxy-headers"] @@ -30,6 +31,7 @@ services: - "80:80" # for "/leasing/v1/lessor/shutdown" used by windows guests, can't be changed! - "443:443" # first part must match "DLS_PORT" volumes: + - /etc/timezone:/etc/timezone:ro - /opt/docker/fastapi-dls/cert:/opt/cert healthcheck: test: ["CMD", "curl", "--insecure", "--fail", "https://localhost/-/health"] From f540c4b25bc84866a782651c6b675fa893a0ab6b Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 30 Jan 2023 09:19:03 +0100 Subject: [PATCH 3/9] requirements.txt updated --- requirements.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.txt b/requirements.txt index 61d00cc..39bbfb9 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,8 +1,8 @@ fastapi==0.89.1 uvicorn[standard]==0.20.0 python-jose==3.3.0 -pycryptodome==3.16.0 +pycryptodome==3.17 python-dateutil==2.8.2 -sqlalchemy==1.4.46 +sqlalchemy==2.0.0 markdown==3.4.1 python-dotenv==0.21.1 From 62d347510d589505ef7e29f25f9409682b7ea879 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 30 Jan 2023 10:22:18 +0100 Subject: [PATCH 4/9] fixed - sqlalchemy.exc.ArgumentError: Textual SQL expression '\nCREATE TABLE origin (\n\to...' should be explicitly declared as text('\nCREATE TABLE origin (\n\to...') --- app/orm.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/orm.py b/app/orm.py index 6f4858f..693a8a8 100644 --- a/app/orm.py +++ b/app/orm.py @@ -1,7 +1,7 @@ from datetime import datetime, timedelta from dateutil.relativedelta import relativedelta -from sqlalchemy import Column, VARCHAR, CHAR, ForeignKey, DATETIME, update, and_, inspect +from sqlalchemy import Column, VARCHAR, CHAR, ForeignKey, DATETIME, update, and_, inspect, text from sqlalchemy.ext.declarative import declarative_base from sqlalchemy.engine import Engine from sqlalchemy.orm import sessionmaker @@ -190,7 +190,7 @@ def init(engine: Engine): session = sessionmaker(bind=engine)() for table in tables: if not db.dialect.has_table(engine.connect(), table.__tablename__): - session.execute(str(table.create_statement(engine))) + session.execute(text(str(table.create_statement(engine)))) session.commit() session.close() From 59152f95e60fe19d92e3800674637cc5797b8310 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 30 Jan 2023 10:23:09 +0100 Subject: [PATCH 5/9] fixed - The ``declarative_base()`` function is now available as sqlalchemy.orm.declarative_base() --- app/orm.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/app/orm.py b/app/orm.py index 693a8a8..c78ca95 100644 --- a/app/orm.py +++ b/app/orm.py @@ -2,9 +2,8 @@ from datetime import datetime, timedelta from dateutil.relativedelta import relativedelta from sqlalchemy import Column, VARCHAR, CHAR, ForeignKey, DATETIME, update, and_, inspect, text -from sqlalchemy.ext.declarative import declarative_base from sqlalchemy.engine import Engine -from sqlalchemy.orm import sessionmaker +from sqlalchemy.orm import sessionmaker, declarative_base Base = declarative_base() From a42b1c8cfb06de4040dfd9eda83173f4ec8b72e9 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 30 Jan 2023 12:34:46 +0100 Subject: [PATCH 6/9] added note to be logged in as root using manual install method (git) --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 86f1abe..3d66936 100644 --- a/README.md +++ b/README.md @@ -101,6 +101,8 @@ volumes: Tested on `Debian 11 (bullseye)`, Ubuntu may also work. +**Make sure you are logged in as root.** + **Install requirements** ```shell From b36b49df11262d61e942e09f5e5db1ea2bda93d4 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 30 Jan 2023 13:01:45 +0100 Subject: [PATCH 7/9] fixed missing mkdir for config file on manual installation method --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 3d66936..3801b4a 100644 --- a/README.md +++ b/README.md @@ -127,7 +127,7 @@ chown -R www-data:www-data $WORKING_DIR ```shell WORKING_DIR=/opt/fastapi-dls/app/cert -mkdir $WORKING_DIR +mkdir -p $WORKING_DIR cd $WORKING_DIR # create instance private and public key for singing JWT's openssl genrsa -out $WORKING_DIR/instance.private.pem 2048 @@ -151,6 +151,7 @@ sudo -u www-data -c "/opt/fastapi-dls/venv/bin/uvicorn main:app --app-dir=/opt/f **Create config file** ```shell +mkdir /etc/fastapi-dls cat </etc/fastapi-dls/env DLS_URL=127.0.0.1 DLS_PORT=443 From 4b58fe6e203051cf4e2792a242d82ee86f9b0201 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 13 Feb 2023 08:09:01 +0100 Subject: [PATCH 8/9] added openSUSE Leap 15.4 support --- README.md | 105 ++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 103 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3801b4a..a56ca7d 100644 --- a/README.md +++ b/README.md @@ -196,6 +196,108 @@ EOF Now you have to run `systemctl daemon-reload`. After that you can start service with `systemctl start fastapi-dls.service` and enable autostart with `systemctl enable fastapi-dls.service`. +## openSUSE Leap (manual method using `git clone` and python virtual environment) + +Tested on `openSUSE Leap 15.4`, openSUSE Tumbleweed may also work. + +**Install requirements** + +```shell +zypper in -y python310 python3-virtualenv python3-pip +``` + +**Install FastAPI-DLS** + +```shell +BASE_DIR=/opt/fastapi-dls +SERVICE_USER=dls +mkdir -p ${BASE_DIR} +cd ${BASE_DIR} +git clone https://git.collinwebdesigns.de/oscar.krause/fastapi-dls . +python3.10 -m venv venv +source venv/bin/activate +pip install -r requirements.txt +deactivate +useradd -r ${SERVICE_USER} -M -d /opt/fastapi-dls +chown -R ${SERVICE_USER} ${BASE_DIR} +``` + +**Create keypair and webserver certificate** + +```shell +CERT_DIR=${BASE_DIR}/app/cert +SERVICE_USER=dls +mkdir ${CERT_DIR} +cd ${CERT_DIR} +# create instance private and public key for singing JWT's +openssl genrsa -out ${CERT_DIR}/instance.private.pem 2048 +openssl rsa -in ${CERT_DIR}/instance.private.pem -outform PEM -pubout -out ${CERT_DIR}/instance.public.pem +# create ssl certificate for integrated webserver (uvicorn) - because clients rely on ssl +openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout ${CERT_DIR}/webserver.key -out ${CERT_DIR}/webserver.crt +chown -R ${SERVICE_USER} ${CERT_DIR} +``` + +**Test Service** + +This is only to test whether the service starts successfully. + +```shell +BASE_DIR=/opt/fastapi-dls +SERVICE_USER=dls +cd ${BASE_DIR} +su - ${SERVICE_USER} -c "${BASE_DIR}/venv/bin/uvicorn main:app --app-dir=${BASE_DIR}/app" +``` + +**Create config file** + +```shell +BASE_DIR=/opt/fastapi-dls +cat </etc/fastapi-dls/env +# Adjust DSL_URL as needed (accessing from LAN won't work with 127.0.0.1) +DLS_URL=127.0.0.1 +DLS_PORT=443 +LEASE_EXPIRE_DAYS=90 +DATABASE=sqlite:///${BASE_DIR}/app/db.sqlite + +EOF +``` + +**Create service** + +```shell +BASE_DIR=/opt/fastapi-dls +SERVICE_USER=dls +cat </etc/systemd/system/fastapi-dls.service +[Unit] +Description=Service for fastapi-dls vGPU licensing service +After=network.target + +[Service] +User=${SERVICE_USER} +AmbientCapabilities=CAP_NET_BIND_SERVICE +WorkingDirectory=${BASE_DIR}/app +EnvironmentFile=/etc/fastapi-dls/env +ExecStart=${BASE_DIR}/venv/bin/uvicorn main:app \\ + --env-file /etc/fastapi-dls/env \\ + --host \$DLS_URL --port \$DLS_PORT \\ + --app-dir ${BASE_DIR}/app \\ + --ssl-keyfile ${BASE_DIR}/app/cert/webserver.key \\ + --ssl-certfile ${BASE_DIR}/app/cert/webserver.crt \\ + --proxy-headers +Restart=always +KillSignal=SIGQUIT +Type=simple +NotifyAccess=all + +[Install] +WantedBy=multi-user.target + +EOF +``` + +Now you have to run `systemctl daemon-reload`. After that you can start service +with `systemctl start fastapi-dls.service` and enable autostart with `systemctl enable fastapi-dls.service`. + ## Debian/Ubuntu (using `dpkg`) Packages are available here: @@ -564,5 +666,4 @@ The error message can safely be ignored (since we have no license limitation :P) Thanks to vGPU community and all who uses this project and report bugs. -Special thanks to @samicrusader who created build file for ArchLinux. - +Special thanks to @samicrusader who created build file for ArchLinux and @cyrus who wrote the section for openSUSE. From c1d541f7c636e10b3b36048a95d59046de958f30 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Mon, 13 Feb 2023 08:09:37 +0100 Subject: [PATCH 9/9] bump version to 1.3.5 --- version.env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version.env b/version.env index c7644ab..db1aeb8 100644 --- a/version.env +++ b/version.env @@ -1 +1 @@ -VERSION=1.3.4 +VERSION=1.3.5