merge fixes

# Conflicts:
#	app/orm.py

.DEBIAN/control

@@ -2,7 +2,7 @@ Package: fastapi-dls
 Version: 0.0
 Architecture: all
 Maintainer: Oscar Krause oscar.krause@collinwebdesigns.de
-Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-jose, python3-sqlalchemy, python3-cryptography, python3-markdown, python3-jinja2, uvicorn, openssl
+Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-josepy, python3-sqlalchemy, python3-cryptography, python3-markdown, uvicorn, openssl
 Recommends: curl
 Installed-Size: 10240
 Homepage: https://git.collinwebdesigns.de/oscar.krause/fastapi-dls

.PKGBUILD/PKGBUILD

@@ -8,7 +8,7 @@ pkgdesc='NVIDIA DLS server implementation with FastAPI'
 arch=('any')
 url='https://git.collinwebdesigns.de/oscar.krause/fastapi-dls'
 license=('MIT')
-depends=('python' 'python-jose' 'python-starlette' 'python-httpx' 'python-fastapi' 'python-dotenv' 'python-dateutil' 'python-sqlalchemy' 'python-cryptography' 'python-jinja' 'uvicorn' 'python-markdown' 'openssl')
+depends=('python' 'python-jose' 'python-starlette' 'python-httpx' 'python-fastapi' 'python-dotenv' 'python-dateutil' 'python-sqlalchemy' 'python-cryptography' 'uvicorn' 'python-markdown' 'openssl')
 provider=("$pkgname")
 install="$pkgname.install"
 backup=('etc/default/fastapi-dls')
@@ -37,53 +37,17 @@ check() {
 }
 
 package() {
-    # create directories
     install -d "$pkgdir/usr/share/doc/$pkgname"
     install -d "$pkgdir/var/lib/$pkgname/cert"
-
-    # copy docs & static files
     #cp -r "$srcdir/$pkgname/doc"/* "$pkgdir/usr/share/doc/$pkgname/"
     install -Dm644 "$srcdir/$pkgname/README.md" "$pkgdir/usr/share/doc/$pkgname/README.md"
     install -Dm644 "$srcdir/$pkgname/version.env" "$pkgdir/usr/share/doc/$pkgname/version.env"
 
     sed -i "s/README.md/\/usr\/share\/doc\/$pkgname\/README.md/g" "$srcdir/$pkgname/app/main.py"
-
-    # copy main app python files
     sed -i "s/join(dirname(__file__), 'cert\//join('\/var\/lib\/$pkgname', 'cert\//g" "$srcdir/$pkgname/app/main.py"
     install -Dm755 "$srcdir/$pkgname/app/main.py" "$pkgdir/opt/$pkgname/main.py"
     install -Dm755 "$srcdir/$pkgname/app/orm.py" "$pkgdir/opt/$pkgname/orm.py"
     install -Dm755 "$srcdir/$pkgname/app/util.py" "$pkgdir/opt/$pkgname/util.py"
-
-    # copy static asset files
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/css/bootstrap.min.css" "$pkgdir/opt/$pkgname/static/assets/css/bootstrap.min.css"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/css/bootstrap-icons.min.css" "$pkgdir/opt/$pkgname/static/assets/css/bootstrap-icons.min.css"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/css/custom.css" "$pkgdir/opt/$pkgname/static/assets/css/custom.css"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/css/dashboard.css" "$pkgdir/opt/$pkgname/static/assets/css/dashboard.css"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/fonts/bootstrap-icons.woff" "$pkgdir/opt/$pkgname/static/assets/fonts/bootstrap-icons.woff"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/fonts/bootstrap-icons.woff2" "$pkgdir/opt/$pkgname/static/assets/fonts/bootstrap-icons.woff2"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/img/favicons/android-chrome-192x192.png" "$pkgdir/opt/$pkgname/static/assets/img/favicons/android-chrome-192x192.png"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/img/favicons/android-chrome-512x512.png" "$pkgdir/opt/$pkgname/static/assets/img/favicons/android-chrome-512x512.png"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/img/favicons/apple-touch-icon.png" "$pkgdir/opt/$pkgname/static/assets/img/favicons/apple-touch-icon.png"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/img/favicons/favicon.ico" "$pkgdir/opt/$pkgname/static/assets/img/favicons/favicon.ico"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/img/favicons/favicon-16x16.png" "$pkgdir/opt/$pkgname/static/assets/img/favicons/favicon-16x16.png"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/img/favicons/favicon-32x32.png" "$pkgdir/opt/$pkgname/static/assets/img/favicons/favicon-32x32.png"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/img/favicons/manifest.json" "$pkgdir/opt/$pkgname/static/assets/img/favicons/manifest.json"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/img/logo.png" "$pkgdir/opt/$pkgname/static/assets/img/logo.png"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/js/bootstrap.min.js" "$pkgdir/opt/$pkgname/static/assets/js/bootstrap.min.js"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/js/helper.js" "$pkgdir/opt/$pkgname/static/assets/js/helper.js"
-    install -Dm755 "$srcdir/$pkgname/app/static/assets/js/popper.min.js" "$pkgdir/opt/$pkgname/static/assets/js/popper.min.js"
-    install -Dm755 "$srcdir/$pkgname/app/templates/components/navbar.html" "$pkgdir/opt/$pkgname/templates/components/navbar.html"
-    install -Dm755 "$srcdir/$pkgname/app/templates/components/sidebar.html" "$pkgdir/opt/$pkgname/templates/components/sidebar.html"
-    install -Dm755 "$srcdir/$pkgname/app/templates/layouts/base.html" "$pkgdir/opt/$pkgname/templates/layouts/base.html"
-    install -Dm755 "$srcdir/$pkgname/app/templates/layouts/bootstrap.html" "$pkgdir/opt/$pkgname/templates/layouts/bootstrap.html"
-    install -Dm755 "$srcdir/$pkgname/app/templates/layouts/bootstrap-dashboard.html" "$pkgdir/opt/$pkgname/templates/layouts/bootstrap-dashboard.html"
-    install -Dm755 "$srcdir/$pkgname/app/templates/views/dashboard.html" "$pkgdir/opt/$pkgname/templates/views/dashboard.html"
-    install -Dm755 "$srcdir/$pkgname/app/templates/views/dashboard_leases.html" "$pkgdir/opt/$pkgname/templates/views/dashboard_leases.html"
-    install -Dm755 "$srcdir/$pkgname/app/templates/views/dashboard_origins.html" "$pkgdir/opt/$pkgname/templates/views/dashboard_origins.html"
-    install -Dm755 "$srcdir/$pkgname/app/templates/views/dashboard_readme.html" "$pkgdir/opt/$pkgname/templates/views/dashboard_readme.html"
-    install -Dm755 "$srcdir/$pkgname/app/templates/views/index.html" "$pkgdir/opt/$pkgname/templates/views/index.html"
-
-    # copy service files
     install -Dm644 "$srcdir/$pkgname.default" "$pkgdir/etc/default/$pkgname"
     install -Dm644 "$srcdir/$pkgname.service" "$pkgdir/usr/lib/systemd/system/$pkgname.service"
     install -Dm644 "$srcdir/$pkgname.tmpfiles" "$pkgdir/usr/lib/tmpfiles.d/$pkgname.conf"

app/main.py

@@ -1,8 +1,9 @@
 import logging
+import sys
 from base64 import b64encode as b64enc
 from calendar import timegm
 from contextlib import asynccontextmanager
-from datetime import datetime, timedelta, UTC
+from datetime import datetime, UTC
 from hashlib import sha256
 from json import loads as json_loads
 from os import getenv as env
@@ -13,17 +14,14 @@ from dateutil.relativedelta import relativedelta
 from dotenv import load_dotenv
 from fastapi import FastAPI
 from fastapi.requests import Request
-from jose import jws, jwk, jwt, JWTError
+from jose import jws, jwt, JWTError
 from jose.constants import ALGORITHMS
 from sqlalchemy import create_engine
 from sqlalchemy.orm import sessionmaker
 from starlette.middleware.cors import CORSMiddleware
-from starlette.responses import StreamingResponse, JSONResponse as JSONr, Response, RedirectResponse
-from starlette.staticfiles import StaticFiles
-from starlette.templating import Jinja2Templates
+from starlette.responses import StreamingResponse, JSONResponse as JSONr, HTMLResponse as HTMLr, Response, RedirectResponse
 
-from orm import Origin, Lease, init as db_init, migrate
-from util import PrivateKey, PublicKey, load_file
+from orm import Origin, Lease, init as db_init, migrate, Instance, Site
 
 # Load variables
 load_dotenv('../version.env')
@@ -41,20 +39,9 @@ db_init(db), migrate(db)
 # Load DLS variables (all prefixed with "INSTANCE_*" is used as "SERVICE_INSTANCE_*" or "SI_*" in official dls service)
 DLS_URL = str(env('DLS_URL', 'localhost'))
 DLS_PORT = int(env('DLS_PORT', '443'))
-SITE_KEY_XID = str(env('SITE_KEY_XID', '00000000-0000-0000-0000-000000000000'))
-INSTANCE_REF = str(env('INSTANCE_REF', '10000000-0000-0000-0000-000000000001'))
-ALLOTMENT_REF = str(env('ALLOTMENT_REF', '20000000-0000-0000-0000-000000000001'))
-INSTANCE_KEY_RSA = PrivateKey.from_file(str(env('INSTANCE_KEY_RSA', join(dirname(__file__), 'cert/instance.private.pem'))))
-INSTANCE_KEY_PUB = PublicKey.from_file(str(env('INSTANCE_KEY_PUB', join(dirname(__file__), 'cert/instance.public.pem'))))
-TOKEN_EXPIRE_DELTA = relativedelta(days=int(env('TOKEN_EXPIRE_DAYS', 1)), hours=int(env('TOKEN_EXPIRE_HOURS', 0)))
-LEASE_EXPIRE_DELTA = relativedelta(days=int(env('LEASE_EXPIRE_DAYS', 90)), hours=int(env('LEASE_EXPIRE_HOURS', 0)))
-LEASE_RENEWAL_PERIOD = float(env('LEASE_RENEWAL_PERIOD', 0.15))
-LEASE_RENEWAL_DELTA = timedelta(days=int(env('LEASE_EXPIRE_DAYS', 90)), hours=int(env('LEASE_EXPIRE_HOURS', 0)))
-CLIENT_TOKEN_EXPIRE_DELTA = relativedelta(years=12)
 CORS_ORIGINS = str(env('CORS_ORIGINS', '')).split(',') if (env('CORS_ORIGINS')) else [f'https://{DLS_URL}']
 
-jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.pem(), algorithm=ALGORITHMS.RS256)
-jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.pem(), algorithm=ALGORITHMS.RS256)
+ALLOTMENT_REF = str(env('ALLOTMENT_REF', '20000000-0000-0000-0000-000000000001'))  # todo
 
 # Logging
 LOG_LEVEL = logging.DEBUG if DEBUG else logging.INFO
@@ -62,25 +49,33 @@ logging.basicConfig(format='[{levelname:^7}] [{module:^15}] {message}', style='{
 logger = logging.getLogger(__name__)
 logger.setLevel(LOG_LEVEL)
 logging.getLogger('util').setLevel(LOG_LEVEL)
-logging.getLogger('NV').setLevel(LOG_LEVEL)
+logging.getLogger('DriverMatrix').setLevel(LOG_LEVEL)
 
 
 # FastAPI
 @asynccontextmanager
 async def lifespan(_: FastAPI):
     # on startup
+    default_instance = Instance.get_default_instance(db)
+
+    lease_renewal_period = default_instance.lease_renewal_period
+    lease_renewal_delta = default_instance.get_lease_renewal_delta()
+    client_token_expire_delta = default_instance.get_client_token_expire_delta()
+
     logger.info(f'''
     
     Using timezone: {str(TZ)}. Make sure this is correct and match your clients!
     
-    Your clients renew their license every {str(Lease.calculate_renewal(LEASE_RENEWAL_PERIOD, LEASE_RENEWAL_DELTA))}.
-    If the renewal fails, the license is {str(LEASE_RENEWAL_DELTA)} valid.
+    Your clients will renew their license every {str(Lease.calculate_renewal(lease_renewal_period, lease_renewal_delta))}.
+    If the renewal fails, the license is valid for {str(lease_renewal_delta)}.
     
-    Your client-token file (.tok) is valid for {str(CLIENT_TOKEN_EXPIRE_DELTA)}.
+    Your client-token file (.tok) is valid for {str(client_token_expire_delta)}.
     ''')
 
     logger.info(f'Debug is {"enabled" if DEBUG else "disabled"}.')
 
+    validate_settings()
+
     yield
 
     # on shutdown
@@ -89,8 +84,6 @@ async def lifespan(_: FastAPI):
 
 config = dict(openapi_url=None, docs_url=None, redoc_url=None)  # dict(openapi_url='/-/openapi.json', docs_url='/-/docs', redoc_url='/-/redoc')
 app = FastAPI(title='FastAPI-DLS', description='Minimal Delegated License Service (DLS).', version=VERSION, lifespan=lifespan, **config)
-app.mount('/static', StaticFiles(directory=join(dirname(__file__), 'static'), html=True), name='static')
-templates = Jinja2Templates(directory=join(dirname(__file__), 'templates'))
 
 app.debug = DEBUG
 app.add_middleware(
@@ -103,44 +96,34 @@ app.add_middleware(
 
 
 # Helper
-def __get_token(request: Request) -> dict:
+def __get_token(request: Request, jwt_decode_key: "jose.jwt") -> dict:
     authorization_header = request.headers.get('authorization')
     token = authorization_header.split(' ')[1]
     return jwt.decode(token=token, key=jwt_decode_key, algorithms=ALGORITHMS.RS256, options={'verify_aud': False})
 
 
-def __json_config() -> dict:
-    return {
-        'VERSION': str(VERSION),
-        'COMMIT': str(COMMIT),
-        'DEBUG': str(DEBUG),
-        'DLS_URL': str(DLS_URL),
-        'DLS_PORT': str(DLS_PORT),
-        'SITE_KEY_XID': str(SITE_KEY_XID),
-        'INSTANCE_REF': str(INSTANCE_REF),
-        'ALLOTMENT_REF': [str(ALLOTMENT_REF)],
-        'TOKEN_EXPIRE_DELTA': str(TOKEN_EXPIRE_DELTA),
-        'LEASE_EXPIRE_DELTA': str(LEASE_EXPIRE_DELTA),
-        'LEASE_RENEWAL_PERIOD': str(LEASE_RENEWAL_PERIOD),
-        'CORS_ORIGINS': str(CORS_ORIGINS),
-        'TZ': str(TZ),
-        # static / calculated
-        'LEASE_RENEWAL_DELTA': str(LEASE_RENEWAL_DELTA),
-        'LEASE_CALCULATED_RENEWAL': str(Lease.calculate_renewal(LEASE_RENEWAL_PERIOD, LEASE_RENEWAL_DELTA)),
-        'CLIENT_TOKEN_EXPIRE_DELTA': str(CLIENT_TOKEN_EXPIRE_DELTA),
-    }
+def validate_settings():
+    session = sessionmaker(bind=db)()
+
+    lease_expire_delta_min, lease_expire_delta_max = 86_400, 7_776_000
+    for instance in session.query(Instance).all():
+        lease_expire_delta = instance.lease_expire_delta
+        if lease_expire_delta < 86_400 or lease_expire_delta > 7_776_000:
+            logging.warning(f'> [ instance ]: {instance.instance_ref}: "lease_expire_delta" should be between {lease_expire_delta_min} and {lease_expire_delta_max}')
+
+    session.close()
 
 
 # Endpoints
 
-@app.get('/', summary='* Index')
+@app.get('/', summary='Index')
 async def index():
-    return RedirectResponse('/-/')
+    return RedirectResponse('/-/readme')
 
 
 @app.get('/-/', summary='* Index')
-async def _index(request: Request):
-    return templates.TemplateResponse(name='views/index.html', context={'request': request, 'VERSION': VERSION})
+async def _index():
+    return RedirectResponse('/-/readme')
 
 
 @app.get('/-/health', summary='* Health')
@@ -150,40 +133,69 @@ async def _health():
 
 @app.get('/-/config', summary='* Config', description='returns environment variables.')
 async def _config():
-    return JSONr(__json_config())
+    default_site, default_instance = Site.get_default_site(db), Instance.get_default_instance(db)
+
+    return JSONr({
+        'VERSION': str(VERSION),
+        'COMMIT': str(COMMIT),
+        'DEBUG': str(DEBUG),
+        'DLS_URL': str(DLS_URL),
+        'DLS_PORT': str(DLS_PORT),
+        'SITE_KEY_XID': str(default_site.site_key),
+        'INSTANCE_REF': str(default_instance.instance_ref),
+        'ALLOTMENT_REF': [str(ALLOTMENT_REF)],
+        'TOKEN_EXPIRE_DELTA': str(default_instance.get_token_expire_delta()),
+        'LEASE_EXPIRE_DELTA': str(default_instance.get_lease_expire_delta()),
+        'LEASE_RENEWAL_PERIOD': str(default_instance.lease_renewal_period),
+        'CORS_ORIGINS': str(CORS_ORIGINS),
+        'TZ': str(TZ),
+    })
 
 
 @app.get('/-/readme', summary='* Readme')
-async def _readme(request: Request):
+async def _readme():
     from markdown import markdown
+    from util import load_file
     content = load_file(join(dirname(__file__), '../README.md')).decode('utf-8')
-    markdown = markdown(text=content, extensions=['tables', 'fenced_code', 'md_in_html', 'nl2br', 'toc'])
-    context = {'request': request, 'VERSION': VERSION, 'markdown': markdown }
-    return templates.TemplateResponse(name='views/dashboard_readme.html', context=context)
+    return HTMLr(markdown(text=content, extensions=['tables', 'fenced_code', 'md_in_html', 'nl2br', 'toc']))
 
 
 @app.get('/-/manage', summary='* Management UI')
 async def _manage(request: Request):
-    context = {'request': request, 'VERSION': VERSION}
-    return templates.TemplateResponse(name='views/manage.html', context=context)
+    response = '''
+    <!DOCTYPE html>
+    <html>
+        <head>
+            <title>FastAPI-DLS Management</title>
+        </head>
+        <body>
+            <button onclick="deleteOrigins()">delete ALL origins and their leases</button>
+            <button onclick="deleteLease()">delete specific lease</button>
             
+            <script>
+                function deleteOrigins() {
+                    const response = confirm('Are you sure you want to delete all origins and their leases?');
 
-@app.get('/-/dashboard', summary='* Dashboard')
-async def _dashboard(request: Request):
-    context = {'request': request, 'VERSION': VERSION, 'CONFIG': __json_config()}
-    return templates.TemplateResponse(name='views/dashboard.html', context=context)
-
-
-@app.get('/-/dashboard/origins', summary='* Dashboard - Origins')
-async def _dashboard_origins(request: Request):
-    context = {'request': request, 'VERSION': VERSION}
-    return templates.TemplateResponse(name='views/dashboard_origins.html', context=context)
-
-
-@app.get('/-/dashboard/leases', summary='* Dashboard - Leases')
-async def _dashboard_origins(request: Request):
-    context = {'request': request, 'VERSION': VERSION}
-    return templates.TemplateResponse(name='views/dashboard_leases.html', context=context)
+                    if (response) {
+                        var xhr = new XMLHttpRequest();
+                        xhr.open("DELETE", '/-/origins', true);
+                        xhr.send();
+                    }
+                }
+                function deleteLease(lease_ref) {
+                    if(lease_ref === undefined)
+                        lease_ref = window.prompt("Please enter 'lease_ref' which should be deleted");
+                    if(lease_ref === null || lease_ref === "")
+                        return
+                    var xhr = new XMLHttpRequest();
+                    xhr.open("DELETE", `/-/lease/${lease_ref}`, true);
+                    xhr.send();
+                }
+            </script>
+        </body>
+    </html>
+    '''
+    return HTMLr(response)
 
 
 @app.get('/-/origins', summary='* Origins')
@@ -193,8 +205,7 @@ async def _origins(request: Request, leases: bool = False):
     for origin in session.query(Origin).all():
         x = origin.serialize()
         if leases:
-            serialize = dict(renewal_period=LEASE_RENEWAL_PERIOD, renewal_delta=LEASE_RENEWAL_DELTA)
-            x['leases'] = list(map(lambda _: _.serialize(**serialize), Lease.find_by_origin_ref(db, origin.origin_ref)))
+            x['leases'] = list(map(lambda _: _.serialize(), Lease.find_by_origin_ref(db, origin.origin_ref)))
         response.append(x)
     session.close()
     return JSONr(response)
@@ -206,26 +217,12 @@ async def _origins_delete(request: Request):
     return Response(status_code=201)
 
 
-@app.delete('/-/origins/expired', summary='* Delete all Origins without active Lease')
-async def _origins_delete_expired(request: Request):
-    Origin.delete_expired(db)
-    return Response(status_code=201)
-
-
-@app.delete('/-/origins/{origin_ref}', summary='* Delete specific Origin')
-async def _origins_delete_origin_ref(request: Request, origin_ref: str):
-    if Origin.delete(db, [origin_ref]) == 1:
-        return Response(status_code=201)
-    return JSONr(status_code=404, content={'status': 404, 'detail': 'lease not found'})
-
-
 @app.get('/-/leases', summary='* Leases')
 async def _leases(request: Request, origin: bool = False):
     session = sessionmaker(bind=db)()
     response = []
     for lease in session.query(Lease).all():
-        serialize = dict(renewal_period=LEASE_RENEWAL_PERIOD, renewal_delta=LEASE_RENEWAL_DELTA)
-        x = lease.serialize(**serialize)
+        x = lease.serialize()
         if origin:
             lease_origin = session.query(Origin).filter(Origin.origin_ref == lease.origin_ref).first()
             if lease_origin is not None:
@@ -235,13 +232,13 @@ async def _leases(request: Request, origin: bool = False):
     return JSONr(response)
 
 
-@app.delete('/-/leases/expired', summary='* Delete all expired Leases')
+@app.delete('/-/leases/expired', summary='* Leases')
 async def _lease_delete_expired(request: Request):
     Lease.delete_expired(db)
     return Response(status_code=201)
 
 
-@app.delete('/-/lease/{lease_ref}', summary='* Delete specific Lease')
+@app.delete('/-/lease/{lease_ref}', summary='* Lease')
 async def _lease_delete(request: Request, lease_ref: str):
     if Lease.delete(db, lease_ref) == 1:
         return Response(status_code=201)
@@ -252,7 +249,13 @@ async def _lease_delete(request: Request, lease_ref: str):
 @app.get('/-/client-token', summary='* Client-Token', description='creates a new messenger token for this service instance')
 async def _client_token():
     cur_time = datetime.now(UTC)
-    exp_time = cur_time + CLIENT_TOKEN_EXPIRE_DELTA
+
+    default_instance = Instance.get_default_instance(db)
+    public_key = default_instance.get_public_key()
+    # todo: implemented request parameter to support different instances
+    jwt_encode_key = default_instance.get_jwt_encode_key()
+
+    exp_time = cur_time + default_instance.get_client_token_expire_delta()
 
     payload = {
         "jti": str(uuid4()),
@@ -265,7 +268,7 @@ async def _client_token():
         "scope_ref_list": [ALLOTMENT_REF],
         "fulfillment_class_ref_list": [],
         "service_instance_configuration": {
-            "nls_service_instance_ref": INSTANCE_REF,
+            "nls_service_instance_ref": default_instance.instance_ref,
             "svc_port_set_list": [
                 {
                     "idx": 0,
@@ -277,10 +280,10 @@ async def _client_token():
         },
         "service_instance_public_key_configuration": {
             "service_instance_public_key_me": {
-                "mod": hex(INSTANCE_KEY_PUB.raw().public_numbers().n)[2:],
-                "exp": int(INSTANCE_KEY_PUB.raw().public_numbers().e),
+                "mod": hex(public_key.raw().public_numbers().n)[2:],
+                "exp": int(public_key.raw().public_numbers().e),
             },
-            "service_instance_public_key_pem": INSTANCE_KEY_PUB.pem().decode('utf-8'),
+            "service_instance_public_key_pem": public_key.pem().decode('utf-8'),
             "key_retention_mode": "LATEST_ONLY"
         },
     }
@@ -362,13 +365,16 @@ async def auth_v1_code(request: Request):
     delta = relativedelta(minutes=15)
     expires = cur_time + delta
 
+    default_site = Site.get_default_site(db)
+    jwt_encode_key = Instance.get_default_instance(db).get_jwt_encode_key()
+
     payload = {
         'iat': timegm(cur_time.timetuple()),
         'exp': timegm(expires.timetuple()),
         'challenge': j.get('code_challenge'),
         'origin_ref': j.get('origin_ref'),
-        'key_ref': SITE_KEY_XID,
-        'kid': SITE_KEY_XID
+        'key_ref': default_site.site_key,
+        'kid': default_site.site_key,
     }
 
     auth_code = jws.sign(payload, key=jwt_encode_key, headers={'kid': payload.get('kid')}, algorithm=ALGORITHMS.RS256)
@@ -388,6 +394,9 @@ async def auth_v1_code(request: Request):
 async def auth_v1_token(request: Request):
     j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC)
 
+    default_site, default_instance = Site.get_default_site(db), Instance.get_default_instance(db)
+    jwt_encode_key, jwt_decode_key = default_instance.get_jwt_encode_key(), default_instance.get_jwt_decode_key()
+
     try:
         payload = jwt.decode(token=j.get('auth_code'), key=jwt_decode_key, algorithms=ALGORITHMS.RS256)
     except JWTError as e:
@@ -401,7 +410,7 @@ async def auth_v1_token(request: Request):
     if payload.get('challenge') != challenge:
         return JSONr(status_code=401, content={'status': 401, 'detail': 'expected challenge did not match verifier'})
 
-    access_expires_on = cur_time + TOKEN_EXPIRE_DELTA
+    access_expires_on = cur_time + default_instance.get_token_expire_delta()
 
     new_payload = {
         'iat': timegm(cur_time.timetuple()),
@@ -410,8 +419,8 @@ async def auth_v1_token(request: Request):
         'aud': 'https://cls.nvidia.org',
         'exp': timegm(access_expires_on.timetuple()),
         'origin_ref': origin_ref,
-        'key_ref': SITE_KEY_XID,
-        'kid': SITE_KEY_XID,
+        'key_ref': default_site.site_key,
+        'kid': default_site.site_key,
     }
 
     auth_token = jwt.encode(new_payload, key=jwt_encode_key, headers={'kid': payload.get('kid')}, algorithm=ALGORITHMS.RS256)
@@ -428,10 +437,13 @@ async def auth_v1_token(request: Request):
 # venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py
 @app.post('/leasing/v1/lessor', description='request multiple leases (borrow) for current origin')
 async def leasing_v1_lessor(request: Request):
-    j, token, cur_time = json_loads((await request.body()).decode('utf-8')), __get_token(request), datetime.now(UTC)
+    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC)
+
+    default_instance = Instance.get_default_instance(db)
+    jwt_decode_key = default_instance.get_jwt_decode_key()
 
     try:
-        token = __get_token(request)
+        token = __get_token(request, jwt_decode_key)
     except JWTError:
         return JSONr(status_code=401, content={'status': 401, 'detail': 'token is not valid'})
 
@@ -445,7 +457,7 @@ async def leasing_v1_lessor(request: Request):
         #     return JSONr(status_code=500, detail=f'no service instances found for scopes: ["{scope_ref}"]')
 
         lease_ref = str(uuid4())
-        expires = cur_time + LEASE_EXPIRE_DELTA
+        expires = cur_time + default_instance.get_lease_expire_delta()
         lease_result_list.append({
             "ordinal": 0,
             # https://docs.nvidia.com/license-system/latest/nvidia-license-system-user-guide/index.html
@@ -453,13 +465,13 @@ async def leasing_v1_lessor(request: Request):
                 "ref": lease_ref,
                 "created": cur_time.isoformat(),
                 "expires": expires.isoformat(),
-                "recommended_lease_renewal": LEASE_RENEWAL_PERIOD,
+                "recommended_lease_renewal": default_instance.lease_renewal_period,
                 "offline_lease": "true",
                 "license_type": "CONCURRENT_COUNTED_SINGLE"
             }
         })
 
-        data = Lease(origin_ref=origin_ref, lease_ref=lease_ref, lease_created=cur_time, lease_expires=expires)
+        data = Lease(instance_ref=default_instance.instance_ref, origin_ref=origin_ref, lease_ref=lease_ref, lease_created=cur_time, lease_expires=expires)
         Lease.create_or_update(db, data)
 
     response = {
@@ -476,7 +488,14 @@ async def leasing_v1_lessor(request: Request):
 # venv/lib/python3.9/site-packages/nls_dal_service_instance_dls/schema/service_instance/V1_0_21__product_mapping.sql
 @app.get('/leasing/v1/lessor/leases', description='get active leases for current origin')
 async def leasing_v1_lessor_lease(request: Request):
-    token, cur_time = __get_token(request), datetime.now(UTC)
+    cur_time = datetime.now(UTC)
+
+    jwt_decode_key = Instance.get_default_instance(db).get_jwt_decode_key()
+
+    try:
+        token = __get_token(request, jwt_decode_key)
+    except JWTError:
+        return JSONr(status_code=401, content={'status': 401, 'detail': 'token is not valid'})
 
     origin_ref = token.get('origin_ref')
 
@@ -496,7 +515,15 @@ async def leasing_v1_lessor_lease(request: Request):
 # venv/lib/python3.9/site-packages/nls_core_lease/lease_single.py
 @app.put('/leasing/v1/lease/{lease_ref}', description='renew a lease')
 async def leasing_v1_lease_renew(request: Request, lease_ref: str):
-    token, cur_time = __get_token(request), datetime.now(UTC)
+    cur_time = datetime.now(UTC)
+
+    default_instance = Instance.get_default_instance(db)
+    jwt_decode_key = default_instance.get_jwt_decode_key()
+
+    try:
+        token = __get_token(request, jwt_decode_key)
+    except JWTError:
+        return JSONr(status_code=401, content={'status': 401, 'detail': 'token is not valid'})
 
     origin_ref = token.get('origin_ref')
     logger.info(f'> [  renew   ]: {origin_ref}: renew {lease_ref}')
@@ -505,11 +532,11 @@ async def leasing_v1_lease_renew(request: Request, lease_ref: str):
     if entity is None:
         return JSONr(status_code=404, content={'status': 404, 'detail': 'requested lease not available'})
 
-    expires = cur_time + LEASE_EXPIRE_DELTA
+    expires = cur_time + default_instance.get_lease_expire_delta()
     response = {
         "lease_ref": lease_ref,
         "expires": expires.isoformat(),
-        "recommended_lease_renewal": LEASE_RENEWAL_PERIOD,
+        "recommended_lease_renewal": default_instance.lease_renewal_period,
         "offline_lease": True,
         "prompts": None,
         "sync_timestamp": cur_time.isoformat(),
@@ -523,7 +550,14 @@ async def leasing_v1_lease_renew(request: Request, lease_ref: str):
 # venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_single_controller.py
 @app.delete('/leasing/v1/lease/{lease_ref}', description='release (return) a lease')
 async def leasing_v1_lease_delete(request: Request, lease_ref: str):
-    token, cur_time = __get_token(request), datetime.now(UTC)
+    cur_time = datetime.now(UTC)
+
+    jwt_decode_key = Instance.get_default_instance(db).get_jwt_decode_key()
+
+    try:
+        token = __get_token(request, jwt_decode_key)
+    except JWTError:
+        return JSONr(status_code=401, content={'status': 401, 'detail': 'token is not valid'})
 
     origin_ref = token.get('origin_ref')
     logger.info(f'> [  return  ]: {origin_ref}: return {lease_ref}')
@@ -549,7 +583,14 @@ async def leasing_v1_lease_delete(request: Request, lease_ref: str):
 # venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py
 @app.delete('/leasing/v1/lessor/leases', description='release all leases')
 async def leasing_v1_lessor_lease_remove(request: Request):
-    token, cur_time = __get_token(request), datetime.now(UTC)
+    cur_time = datetime.now(UTC)
+
+    jwt_decode_key = Instance.get_default_instance(db).get_jwt_decode_key()
+
+    try:
+        token = __get_token(request, jwt_decode_key)
+    except JWTError:
+        return JSONr(status_code=401, content={'status': 401, 'detail': 'token is not valid'})
 
     origin_ref = token.get('origin_ref')
 
@@ -571,6 +612,8 @@ async def leasing_v1_lessor_lease_remove(request: Request):
 async def leasing_v1_lessor_shutdown(request: Request):
     j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC)
 
+    jwt_decode_key = Instance.get_default_instance(db).get_jwt_decode_key()
+
     token = j.get('token')
     token = jwt.decode(token=token, key=jwt_decode_key, algorithms=ALGORITHMS.RS256, options={'verify_aud': False})
     origin_ref = token.get('origin_ref')

app/orm.py

@@ -1,20 +1,143 @@
+import logging
 from datetime import datetime, timedelta, timezone, UTC
+from os import getenv as env
+from os.path import join, dirname, isfile
 
 from dateutil.relativedelta import relativedelta
-from sqlalchemy import Column, VARCHAR, CHAR, ForeignKey, DATETIME, update, and_, inspect, text
+from jose import jwk
+from jose.constants import ALGORITHMS
+from sqlalchemy import Column, VARCHAR, CHAR, ForeignKey, DATETIME, update, and_, inspect, text, BLOB, INT, FLOAT
 from sqlalchemy.engine import Engine
-from sqlalchemy.orm import sessionmaker, declarative_base
+from sqlalchemy.orm import sessionmaker, declarative_base, Session, relationship
+from sqlalchemy.schema import CreateTable
 
-from util import DriverMatrix
+from util import DriverMatrix, PrivateKey, PublicKey, DriverMatrix
+
+logging.basicConfig()
+logger = logging.getLogger(__name__)
+logger.setLevel(logging.INFO)
 
 Base = declarative_base()
 
 
+class Site(Base):
+    __tablename__ = "site"
+
+    INITIAL_SITE_KEY_XID = '10000000-0000-0000-0000-000000000000'
+    INITIAL_SITE_NAME = 'default-site'
+
+    site_key = Column(CHAR(length=36), primary_key=True, unique=True, index=True)  # uuid4, SITE_KEY_XID
+    name = Column(VARCHAR(length=256), nullable=False)
+
+    def __str__(self):
+        return f'SITE_KEY_XID: {self.site_key}'
+
+    @staticmethod
+    def create_statement(engine: Engine):
+        return CreateTable(Site.__table__).compile(engine)
+
+    @staticmethod
+    def get_default_site(engine: Engine) -> "Site":
+        session = sessionmaker(bind=engine)()
+        entity = session.query(Site).filter(Site.site_key == Site.INITIAL_SITE_KEY_XID).first()
+        session.close()
+        return entity
+
+
+class Instance(Base):
+    __tablename__ = "instance"
+
+    DEFAULT_INSTANCE_REF = '10000000-0000-0000-0000-000000000001'
+    DEFAULT_TOKEN_EXPIRE_DELTA = 86_400  # 1 day
+    DEFAULT_LEASE_EXPIRE_DELTA = 7_776_000  # 90 days
+    DEFAULT_LEASE_RENEWAL_PERIOD = 0.15
+    DEFAULT_CLIENT_TOKEN_EXPIRE_DELTA = 378_432_000  # 12 years
+    # 1 day = 86400 (min. in production setup, max 90 days), 1 hour = 3600
+
+    instance_ref = Column(CHAR(length=36), primary_key=True, unique=True, index=True)  # uuid4, INSTANCE_REF
+    site_key = Column(CHAR(length=36), ForeignKey(Site.site_key, ondelete='CASCADE'), nullable=False, index=True)  # uuid4
+    private_key = Column(BLOB(length=2048), nullable=False)
+    public_key = Column(BLOB(length=512), nullable=False)
+    token_expire_delta = Column(INT(), nullable=False, default=DEFAULT_TOKEN_EXPIRE_DELTA, comment='in seconds')
+    lease_expire_delta = Column(INT(), nullable=False, default=DEFAULT_LEASE_EXPIRE_DELTA, comment='in seconds')
+    lease_renewal_period = Column(FLOAT(precision=2), nullable=False, default=DEFAULT_LEASE_RENEWAL_PERIOD)
+    client_token_expire_delta = Column(INT(), nullable=False, default=DEFAULT_CLIENT_TOKEN_EXPIRE_DELTA, comment='in seconds')
+
+    __origin = relationship(Site, foreign_keys=[site_key])
+
+    def __str__(self):
+        return f'INSTANCE_REF: {self.instance_ref} (SITE_KEY_XID: {self.site_key})'
+
+    @staticmethod
+    def create_statement(engine: Engine):
+        return CreateTable(Instance.__table__).compile(engine)
+
+    @staticmethod
+    def create_or_update(engine: Engine, instance: "Instance"):
+        session = sessionmaker(bind=engine)()
+        entity = session.query(Instance).filter(Instance.instance_ref == instance.instance_ref).first()
+        if entity is None:
+            session.add(instance)
+        else:
+            x = dict(
+                site_key=instance.site_key,
+                private_key=instance.private_key,
+                public_key=instance.public_key,
+                token_expire_delta=instance.token_expire_delta,
+                lease_expire_delta=instance.lease_expire_delta,
+                lease_renewal_period=instance.lease_renewal_period,
+                client_token_expire_delta=instance.client_token_expire_delta,
+            )
+            session.execute(update(Instance).where(Instance.instance_ref == instance.instance_ref).values(**x))
+        session.commit()
+        session.flush()
+        session.close()
+
+    # todo: validate on startup that "lease_expire_delta" is between 1 day and 90 days
+
+    @staticmethod
+    def get_default_instance(engine: Engine) -> "Instance":
+        session = sessionmaker(bind=engine)()
+        site = Site.get_default_site(engine)
+        entity = session.query(Instance).filter(Instance.site_key == site.site_key).first()
+        session.close()
+        return entity
+
+    def get_token_expire_delta(self) -> "dateutil.relativedelta.relativedelta":
+        return relativedelta(seconds=self.token_expire_delta)
+
+    def get_lease_expire_delta(self) -> "dateutil.relativedelta.relativedelta":
+        return relativedelta(seconds=self.lease_expire_delta)
+
+    def get_lease_renewal_delta(self) -> "datetime.timedelta":
+        return timedelta(seconds=self.lease_expire_delta)
+
+    def get_client_token_expire_delta(self) -> "dateutil.relativedelta.relativedelta":
+        return relativedelta(seconds=self.client_token_expire_delta)
+
+    def __get_private_key(self) -> "PrivateKey":
+        return PrivateKey(self.private_key)
+
+    def get_public_key(self) -> "PublicKey":
+        return PublicKey(self.public_key)
+
+    def get_jwt_encode_key(self) -> "jose.jkw":
+        return jwk.construct(self.__get_private_key().pem().decode('utf-8'), algorithm=ALGORITHMS.RS256)
+
+    def get_jwt_decode_key(self) -> "jose.jwt":
+        return jwk.construct(self.get_public_key().pem().decode('utf-8'), algorithm=ALGORITHMS.RS256)
+
+    def get_private_key_str(self, encoding: str = 'utf-8') -> str:
+        return self.private_key.decode(encoding)
+
+    def get_public_key_str(self, encoding: str = 'utf-8') -> str:
+        return self.private_key.decode(encoding)
+
+
 class Origin(Base):
     __tablename__ = "origin"
 
     origin_ref = Column(CHAR(length=36), primary_key=True, unique=True, index=True)  # uuid4
-
     # service_instance_xid = Column(CHAR(length=36), nullable=False, index=True)  # uuid4 # not necessary, we only support one service_instance_xid ('INSTANCE_REF')
     hostname = Column(VARCHAR(length=256), nullable=True)
     guest_driver_version = Column(VARCHAR(length=10), nullable=True)
@@ -39,7 +162,6 @@ class Origin(Base):
 
     @staticmethod
     def create_statement(engine: Engine):
-        from sqlalchemy.schema import CreateTable
         return CreateTable(Origin.__table__).compile(engine)
 
     @staticmethod
@@ -85,18 +207,24 @@ class Origin(Base):
 class Lease(Base):
     __tablename__ = "lease"
 
+    instance_ref = Column(CHAR(length=36), ForeignKey(Instance.instance_ref, ondelete='CASCADE'), nullable=False, index=True)  # uuid4
     lease_ref = Column(CHAR(length=36), primary_key=True, nullable=False, index=True)  # uuid4
-
     origin_ref = Column(CHAR(length=36), ForeignKey(Origin.origin_ref, ondelete='CASCADE'), nullable=False, index=True)  # uuid4
     # scope_ref = Column(CHAR(length=36), nullable=False, index=True)  # uuid4 # not necessary, we only support one scope_ref ('ALLOTMENT_REF')
     lease_created = Column(DATETIME(), nullable=False)
     lease_expires = Column(DATETIME(), nullable=False)
     lease_updated = Column(DATETIME(), nullable=False)
 
+    __instance = relationship(Instance, foreign_keys=[instance_ref])
+    __origin = relationship(Origin, foreign_keys=[origin_ref])
+
     def __repr__(self):
         return f'Lease(origin_ref={self.origin_ref}, lease_ref={self.lease_ref}, expires={self.lease_expires})'
 
-    def serialize(self, renewal_period: float, renewal_delta: timedelta) -> dict:
+    def serialize(self) -> dict:
+        renewal_period = self.__instance.lease_renewal_period
+        renewal_delta = self.__instance.get_lease_renewal_delta
+
         lease_renewal = int(Lease.calculate_renewal(renewal_period, renewal_delta).total_seconds())
         lease_renewal = self.lease_updated + relativedelta(seconds=lease_renewal)
 
@@ -112,7 +240,6 @@ class Lease(Base):
 
     @staticmethod
     def create_statement(engine: Engine):
-        from sqlalchemy.schema import CreateTable
         return CreateTable(Lease.__table__).compile(engine)
 
     @staticmethod
@@ -206,38 +333,104 @@ class Lease(Base):
         return renew
 
 
+def init_default_site(session: Session):
+    private_key = PrivateKey.generate()
+    public_key = private_key.public_key()
+
+    site = Site(
+        site_key=Site.INITIAL_SITE_KEY_XID,
+        name=Site.INITIAL_SITE_NAME
+    )
+    session.add(site)
+    session.commit()
+
+    instance = Instance(
+        instance_ref=Instance.DEFAULT_INSTANCE_REF,
+        site_key=site.site_key,
+        private_key=private_key.pem(),
+        public_key=public_key.pem(),
+    )
+    session.add(instance)
+    session.commit()
+
+
 def init(engine: Engine):
-    tables = [Origin, Lease]
+    tables = [Site, Instance, Origin, Lease]
     db = inspect(engine)
     session = sessionmaker(bind=engine)()
     for table in tables:
-        if not db.dialect.has_table(engine.connect(), table.__tablename__):
+        exists = db.dialect.has_table(engine.connect(), table.__tablename__)
+        logger.info(f'> Table "{table.__tablename__:<16}" exists: {exists}')
+        if not exists:
             session.execute(text(str(table.create_statement(engine))))
             session.commit()
+
+    # create default site
+    cnt = session.query(Site).count()
+    if cnt == 0:
+        init_default_site(session)
+
+    session.flush()
     session.close()
 
 
 def migrate(engine: Engine):
     db = inspect(engine)
 
-    def upgrade_1_0_to_1_1():
-        x = db.dialect.get_columns(engine.connect(), Lease.__tablename__)
-        x = next(_ for _ in x if _['name'] == 'origin_ref')
-        if x['primary_key'] > 0:
-            print('Found old database schema with "origin_ref" as primary-key in "lease" table. Dropping table!')
-            print('  Your leases are recreated on next renewal!')
-            print('  If an error message appears on the client, you can ignore it.')
-            Lease.__table__.drop(bind=engine)
-            init(engine)
+    # todo: add update guide to use 1.LATEST to 2.0
+    def upgrade_1_x_to_2_0():
+        site = Site.get_default_site(engine)
+        logger.info(site)
+        instance = Instance.get_default_instance(engine)
+        logger.info(instance)
 
-    # def upgrade_1_2_to_1_3():
-    #    x = db.dialect.get_columns(engine.connect(), Lease.__tablename__)
-    #    x = next((_ for _ in x if _['name'] == 'scope_ref'), None)
-    #    if x is None:
-    #        Lease.scope_ref.compile()
-    #        column_name = Lease.scope_ref.name
-    #        column_type = Lease.scope_ref.type.compile(engine.dialect)
-    #        engine.execute(f'ALTER TABLE "{Lease.__tablename__}" ADD COLUMN "{column_name}" {column_type}')
+        # SITE_KEY_XID
+        if site_key := env('SITE_KEY_XID', None) is not None:
+            site.site_key = str(site_key)
 
-    upgrade_1_0_to_1_1()
-    # upgrade_1_2_to_1_3()
+        # INSTANCE_REF
+        if instance_ref := env('INSTANCE_REF', None) is not None:
+            instance.instance_ref = str(instance_ref)
+
+        # ALLOTMENT_REF
+        if allotment_ref := env('ALLOTMENT_REF', None) is not None:
+            pass  # todo
+
+        # INSTANCE_KEY_RSA, INSTANCE_KEY_PUB
+        default_instance_private_key_path = str(join(dirname(__file__), 'cert/instance.private.pem'))
+        instance_private_key = env('INSTANCE_KEY_RSA', None)
+        if instance_private_key is not None:
+            instance.private_key = PrivateKey(instance_private_key.encode('utf-8'))
+        elif isfile(default_instance_private_key_path):
+            instance.private_key = PrivateKey.from_file(default_instance_private_key_path)
+        default_instance_public_key_path = str(join(dirname(__file__), 'cert/instance.public.pem'))
+        instance_public_key = env('INSTANCE_KEY_PUB', None)
+        if instance_public_key is not None:
+            instance.public_key = PublicKey(instance_public_key.encode('utf-8'))
+        elif isfile(default_instance_public_key_path):
+            instance.public_key = PublicKey.from_file(default_instance_public_key_path)
+
+        # TOKEN_EXPIRE_DELTA
+        token_expire_delta = env('TOKEN_EXPIRE_DAYS', None)
+        if token_expire_delta not in (None, 0):
+            instance.token_expire_delta = token_expire_delta * 86_400
+        token_expire_delta = env('TOKEN_EXPIRE_HOURS', None)
+        if token_expire_delta not in (None, 0):
+            instance.token_expire_delta = token_expire_delta * 3_600
+
+        # LEASE_EXPIRE_DELTA, LEASE_RENEWAL_DELTA
+        lease_expire_delta = env('LEASE_EXPIRE_DAYS', None)
+        if lease_expire_delta not in (None, 0):
+            instance.lease_expire_delta = lease_expire_delta * 86_400
+        lease_expire_delta = env('LEASE_EXPIRE_HOURS', None)
+        if lease_expire_delta not in (None, 0):
+            instance.lease_expire_delta = lease_expire_delta * 3_600
+
+        # LEASE_RENEWAL_PERIOD
+        lease_renewal_period = env('LEASE_RENEWAL_PERIOD', None)
+        if lease_renewal_period is not None:
+            instance.lease_renewal_period = lease_renewal_period
+
+        # todo: update site, instance
+
+    upgrade_1_x_to_2_0()

app/static/assets/css/custom.css

@@ -1,56 +0,0 @@
-/*
-    Original: #76b900
-    Darken 1: #5DA000 (10%)
-    Darken 2: #438600 (20%)
-    Darken 3: #2A6D00 (30%)
-    Darken 4: #105300 (40%)
-    Darken 5: #003A00 (50%)
-*/
-
-
-.text-primary {
-    color: #76b900 !important;
-}
-
-.lead {
-    color: #105300 !important;
-}
-
-.navbar-green {
-    background-color: #76b900 !important;
-}
-
-.navbar-brand {
-    background-color: transparent;
-    color: #ffffff;
-}
-
-.navbar-brand:focus, .navbar-brand:hover {
-    color: #fcfcfc;
-}
-
-.btn-primary {
-    background-color: #76b900 !important;
-    border-color: #76b900 !important;
-}
-
-.btn-primary:focus, .btn-primary:hover {
-    background-color: #5DA000 !important;
-    border-color: #5DA000 !important;
-}
-
-code {
-    color: #105300 !important;
-}
-
-.sidebar .nav-link.active {
-    color: #76b900 !important;
-}
-
-.sidebar .nav-link:focus, .sidebar .nav-link:hover {
-    color: #105300 !important;
-}
-
-.navbar-nav .nav-item .nav-link {
-    color: white !important;
-}

app/static/assets/css/dashboard.css

@@ -1,101 +0,0 @@
-body {
-  font-size: .875rem;
-}
-
-.feather {
-  width: 16px;
-  height: 16px;
-  vertical-align: text-bottom;
-}
-
-/*
- * Sidebar
- */
-
-.sidebar {
-  position: fixed;
-  top: 0;
-  /* rtl:raw:
-  right: 0;
-  */
-  bottom: 0;
-  /* rtl:remove */
-  left: 0;
-  z-index: 100; /* Behind the navbar */
-  padding: 48px 0 0; /* Height of navbar */
-  box-shadow: inset -1px 0 0 rgba(0, 0, 0, .1);
-}
-
-@media (max-width: 767.98px) {
-  .sidebar {
-    top: 0;
-  }
-}
-
-.sidebar-sticky {
-  position: relative;
-  top: 0;
-  height: calc(100vh - 48px);
-  padding-top: .5rem;
-  overflow-x: hidden;
-  overflow-y: auto; /* Scrollable contents if viewport is shorter than content. */
-}
-
-.sidebar .nav-link {
-  font-weight: 500;
-  color: #333;
-}
-
-.sidebar .nav-link .feather {
-  margin-right: 4px;
-  color: #727272;
-}
-
-.sidebar .nav-link.active {
-  color: #2470dc;
-}
-
-.sidebar .nav-link:hover .feather,
-.sidebar .nav-link.active .feather {
-  color: inherit;
-}
-
-.sidebar-heading {
-  font-size: .75rem;
-  text-transform: uppercase;
-}
-
-/*
- * Navbar
- */
-
-.navbar-brand {
-  padding-top: .75rem;
-  padding-bottom: .75rem;
-  font-size: 1rem;
-  background-color: rgba(0, 0, 0, .25);
-  box-shadow: inset -1px 0 0 rgba(0, 0, 0, .25);
-}
-
-.navbar .navbar-toggler {
-  top: .25rem;
-  right: 1rem;
-}
-
-.navbar .form-control {
-  padding: .75rem 1rem;
-  border-width: 0;
-  border-radius: 0;
-}
-
-.form-control-dark {
-  color: #fff;
-  background-color: rgba(255, 255, 255, .1);
-  border-color: rgba(255, 255, 255, .1);
-}
-
-.form-control-dark:focus {
-  border-color: transparent;
-  box-shadow: 0 0 0 3px rgba(255, 255, 255, .25);
-}
-

app/static/assets/img/favicons/manifest.json

@@ -1 +0,0 @@
-{"name":"","short_name":"","icons":[{"src":"/android-chrome-192x192.png","sizes":"192x192","type":"image/png"},{"src":"/android-chrome-512x512.png","sizes":"512x512","type":"image/png"}],"theme_color":"#ffffff","background_color":"#ffffff","display":"standalone"}

app/static/assets/js/helper.js

@@ -1,140 +0,0 @@
-async function fetchConfig(element) {
-    let xhr = new XMLHttpRequest();
-    xhr.open("GET", '/-/config', true);
-    xhr.onreadystatechange = function () {
-        if (xhr.readyState === XMLHttpRequest.DONE && xhr.status === 200) {
-            element.innerHTML = JSON.stringify(JSON.parse(xhr.response),null,2);
-        }
-    };
-    xhr.send();
-}
-
-async function fetchOriginsWithLeases(element) {
-    let xhr = new XMLHttpRequest();
-    xhr.open("GET", '/-/origins?leases=true', true);
-    xhr.onreadystatechange = function () {
-        if (xhr.readyState === XMLHttpRequest.DONE && xhr.status === 200) {
-            const x = JSON.parse(xhr.response)
-            console.debug(x)
-
-            element.innerHTML = ''
-            let table = document.createElement('table')
-            table.classList.add('table', 'mt-4');
-            let thead = document.createElement('thead');
-            thead.innerHTML = `
-                    <tr>
-                        <th scope="col">origin</th>
-                        <th scope="col">hostname</th>
-                        <th scope="col">OS</th>
-                        <th scope="col">driver version</th>
-                        <th scope="col">leases</th>
-                    </tr>`
-            table.appendChild(thead)
-            let tbody = document.createElement('thead');
-            x.sort((a, b) => a.hostname.localeCompare(b.hostname)).forEach((o) => {
-                let row = document.createElement('tr');
-                const branchVersion= o.$driver ? `(<code>${o.$driver.branch_version}</code>) ` : ''
-                row.innerHTML = `
-                        <td><code>${o.origin_ref}</code></td>
-                        <td>${o.hostname}</td>
-                        <td>${o.os_platform} (${o.os_version})</td>
-                        <td>${branchVersion}<code>${o.guest_driver_version}</code></td>
-                        <td>${o.leases.map(x => `<code title="expires: ${x.lease_expires}">${x.lease_ref}</code>`).join(', ')}</td>`
-                tbody.appendChild(row);
-            })
-            table.appendChild(tbody)
-            element.appendChild(table)
-        }
-    };
-    xhr.send();
-}
-
-async function fetchLeases(element) {
-    // datetime config
-    const dtc = {
-        year: "numeric",
-        month: "2-digit",
-        day: "2-digit",
-        hour: "2-digit",
-        minute: "2-digit",
-        second: "2-digit",
-        timeZoneName: "short"
-    }
-
-    let xhr = new XMLHttpRequest();
-    xhr.open("GET", '/-/leases?origin=true', true);
-    xhr.onreadystatechange = function () {
-        if (xhr.readyState === XMLHttpRequest.DONE && xhr.status === 200) {
-            const x = JSON.parse(xhr.response)
-            console.debug(x)
-
-            element.innerHTML = ''
-            let table = document.createElement('table')
-            table.classList.add('table', 'mt-4');
-            let thead = document.createElement('thead');
-            thead.innerHTML = `
-                    <tr>
-                        <th scope="col">lease</th>
-                        <th scope="col">created</th>
-                        <th scope="col">updated</th>
-                        <th scope="col">next renew</th>
-                        <th scope="col">expires</th>
-                        <th scope="col">origin</th>
-                    </tr>`
-            table.appendChild(thead)
-            let tbody = document.createElement('thead');
-            x.sort((a, b) => new Date(a.lease_expires) - new Date(b.lease_expires)).forEach((o) => {
-                let row = document.createElement('tr');
-                row.innerHTML = `
-                        <td><code>${o.lease_ref}</code></td>
-                        <td>${new Date(o.lease_created).toLocaleDateString('system', dtc)}</td>
-                        <td>${new Date(o.lease_updated).toLocaleDateString('system', dtc)}</td>
-                        <td>${new Date(o.lease_renewal).toLocaleDateString('system', dtc)}</td>
-                        <td>${new Date(o.lease_expires).toLocaleDateString('system', dtc)}</td>
-                        <td><code title="hostname: ${o.origin?.hostname}">${o.origin_ref}</code></td>`
-                tbody.appendChild(row);
-            })
-            table.appendChild(tbody)
-            element.appendChild(table)
-        }
-    };
-    xhr.send();
-}
-
-async function deleteOrigins() {
-    let xhr = new XMLHttpRequest();
-    xhr.open("DELETE", '/-/origins', true);
-    xhr.send();
-}
-
-async function deleteOrigin(origin_ref) {
-    if (origin_ref === undefined)
-        origin_ref = window.prompt("Please enter 'origin_ref' which should be deleted");
-    if (origin_ref === null || origin_ref === "")
-        return
-    let xhr = new XMLHttpRequest();
-    xhr.open("DELETE", `/-/origins/${origin_ref}`, true);
-    xhr.send();
-}
-
-async function deleteExpiredOrigins() {
-    let xhr = new XMLHttpRequest();
-    xhr.open("DELETE", `/-/origins/expired`, true);
-    xhr.send();
-}
-
-async function deleteLease(lease_ref) {
-    if (lease_ref === undefined)
-        lease_ref = window.prompt("Please enter 'lease_ref' which should be deleted");
-    if (lease_ref === null || lease_ref === "")
-        return
-    let xhr = new XMLHttpRequest();
-    xhr.open("DELETE", `/-/lease/${lease_ref}`, true);
-    xhr.send();
-}
-
-async function deleteExpiredLeases() {
-    let xhr = new XMLHttpRequest();
-    xhr.open("DELETE", `/-/leases/expired`, true);
-    xhr.send();
-}

app/templates/components/navbar.html

@@ -1,6 +0,0 @@
-<header class="navbar navbar-expand-md navbar-green sticky-top bg-dark flex-md-nowrap p-0 shadow">
-    <a class="navbar-brand col-md-3 col-lg-2 me-0 px-3" href="/-/">FastAPI-DLS {{ VERSION }}</a>
-    <button class="navbar-toggler position-absolute d-lg-none collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#sidebarMenu" aria-controls="sidebarMenu" aria-expanded="false" aria-label="Toggle navigation">
-        <span class="navbar-toggler-icon"></span>
-    </button>
-</header>

app/templates/components/sidebar.html

@@ -1,93 +0,0 @@
-<nav id="sidebarMenu" class="col-md-3 col-lg-2 d-md-block bg-light sidebar collapse">
-    <div class="position-sticky pt-3">
-        <ul class="nav flex-column">
-            <li class="nav-item">
-                <a class="nav-link {{ 'active' if request.url.path == '/-/dashboard' }}" aria-current="page" href="/-/dashboard">
-                    <i class="bi-house-door"></i> Dashboard
-                </a>
-            </li>
-             <li class="nav-item">
-                <a class="nav-link {{ 'active' if request.url.path == '/-/dashboard/origins' }}" aria-current="page" href="/-/dashboard/origins">
-                    <i class="bi-pc-display-horizontal"></i> Origins <span id="origin-cnt" class="badge text-bg-secondary"></span>
-                </a>
-            </li>
-            <li class="nav-item">
-                <a class="nav-link {{ 'active' if request.url.path == '/-/dashboard/leases' }}" aria-current="page" href="/-/dashboard/leases">
-                    <i class="bi-layers"></i> Leases <span id="lease-cnt" class="badge text-bg-secondary"></span>
-                </a>
-            </li>
-        </ul>
-        <script type="application/javascript">
-            function loadLOriginCnt() {
-                let xhr = new XMLHttpRequest();
-                xhr.open("GET", '/-/origins?leases=false', true);
-                xhr.onreadystatechange = function () {
-                    if (xhr.readyState === XMLHttpRequest.DONE && xhr.status === 200) {
-                        const x = JSON.parse(xhr.response)
-                        document.getElementById('origin-cnt').innerHTML = x.length
-                    }
-                };
-                xhr.send();
-            }
-
-            function loadLeaseCnt() {
-                let xhr = new XMLHttpRequest();
-                xhr.open("GET", '/-/leases?origin=false', true);
-                xhr.onreadystatechange = function () {
-                    if (xhr.readyState === XMLHttpRequest.DONE && xhr.status === 200) {
-                        const x = JSON.parse(xhr.response)
-                        document.getElementById('lease-cnt').innerHTML = x.length
-                    }
-                };
-                xhr.send();
-            }
-
-            // load initial
-            loadLOriginCnt()
-            loadLeaseCnt()
-
-            // refresh every 5 seconds
-            setInterval(() => {
-                loadLOriginCnt()
-                loadLeaseCnt()
-            }, 5000);
-        </script>
-
-        <h6 class="sidebar-heading d-flex justify-content-between align-items-center px-3 mt-4 mb-1 text-muted text-uppercase">
-            <span>Help</span>
-        </h6>
-        <ul class="nav flex-column">
-            <li class="nav-item">
-                <a class="nav-link {{ 'active' if request.url.path == '/-/readme' }}" aria-current="page" href="/-/readme">
-                    <i class="bi-question-circle"></i> Readme
-                </a>
-            </li>
-            <li class="nav-item">
-                <a class="nav-link" aria-current="page" href="https://git.collinwebdesigns.de/oscar.krause/fastapi-dls" target="_blank">
-                    <i class="bi-git"></i> Git Repo
-                </a>
-            </li>
-        </ul>
-
-        <h6 class="sidebar-heading d-flex justify-content-between align-items-center px-3 mt-4 mb-1 text-muted text-uppercase">
-            <span>Integrations</span>
-        </h6>
-        <ul class="nav flex-column">
-            <li class="nav-item">
-                <a class="nav-link" aria-current="page" href="/-/doc" target="_blank">
-                    <i class="bi-file-text"></i> Swagger UI
-                </a>
-            </li>
-            <li class="nav-item">
-                <a class="nav-link" aria-current="page" href="/-/redoc" target="_blank">
-                    <i class="bi-file-text"></i> Redoc
-                </a>
-            </li>
-            <li class="nav-item">
-                <a class="nav-link" aria-current="page" href="/-/openapi.json"  target="_blank">
-                    <i class="bi bi-filetype-json"></i> OpenAPI JSON
-                </a>
-            </li>
-        </ul>
-    </div>
-</nav>

app/templates/layouts/base.html

@@ -1,33 +0,0 @@
-<!doctype html>
-<html lang="en" class="h-100">
-<head>
-    {% block title %}
-        <title>FastAPI-DLS</title>
-    {% endblock %}
-
-    <meta charset="utf-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
-
-    <link rel="icon" href="/static/assets/img/favicons/favicon-32x32.png" sizes="32x32" type="image/png">
-    <link rel="icon" href="/static/assets/img/favicons/favicon-16x16.png" sizes="16x16" type="image/png">
-    <link rel="manifest" href="/static/assets/img/favicons/manifest.json">
-    <link rel="icon" href="/static/assets/img/favicons/favicon.ico">
-    <link rel="apple-touch-icon" href="/static/assets/img/favicons/apple-touch-icon.png" sizes="180x180">
-
-    {% block styles %}
-    {% endblock %}
-
-    <link rel="stylesheet" type="text/css" href="/static/assets/css/custom.css">
-</head>
-<body class="d-flex flex-column {% block body_class %}{% endblock %}">
-{% block body %}
-{% endblock %}
-
-
-<script src="/static/assets/js/helper.js"></script>
-
-{% block scripts %}
-{% endblock %}
-</body>
-</html>

app/templates/layouts/bootstrap-dashboard.html

@@ -1,16 +0,0 @@
-{% extends 'layouts/bootstrap.html' %}
-
-{% block body %}
-{% include 'components/navbar.html' %}
-
-<div class="container-fluid">
-    <div class="row">
-        {% include 'components/sidebar.html' %}
-
-        <main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
-            {% block content %}
-            {% endblock %}
-        </main>
-    </div>
-</div>
-{% endblock %}

app/templates/layouts/bootstrap.html

@@ -1,14 +0,0 @@
-{% extends 'layouts/base.html' %}
-
-{% block styles %}
-{{ super() }}
-<link rel="stylesheet" type="text/css" href="/static/assets/css/bootstrap.min.css">
-<link rel="stylesheet" type="text/css" href="/static/assets/css/bootstrap-icons.min.css">
-<link rel="stylesheet" type="text/css" href="/static/assets/css/dashboard.css">
-
-<script src="/static/assets/js/popper.min.js"></script>
-<script src="/static/assets/js/bootstrap.min.js"></script>
-{% endblock %}
-
-
-

app/templates/views/dashboard.html

@@ -1,69 +0,0 @@
-{% extends 'layouts/bootstrap-dashboard.html' %}
-
-{% block title %}
-<title>Dashboard</title>
-{% endblock %}
-
-{% block content %}
-<div>
-    <div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
-        <h1 class="h2">Dashboard</h1>
-        <div class="btn-toolbar mb-2 mb-md-0">
-            <div class="btn-group me-2">
-                <button type="button" class="btn btn-sm btn-outline-secondary" onclick="downloadClientToken()">
-                    <i class="bi bi-download"></i>
-                    Client Token
-                </button>
-            </div>
-        </div>
-    </div>
-
-    <div class="p-5 mb-4 bg-light rounded-3">
-        <div class="container-fluid py-5">
-            <h1 class="display-5 fw-bold">FastAPI-DLS</h1>
-            <p class="col-md-8 fs-4">Minimal Delegated License Service (DLS).</p>
-
-            <a href="https://git.collinwebdesigns.de/oscar.krause/fastapi-dls/-/releases" class="btn btn-primary btn-lg" target="_blank">
-                Releases &raquo;
-            </a>
-        </div>
-    </div>
-
-    <div class="card mb-4">
-        <div class="card-body">
-            <h5 class="card-title">Configuration</h5>
-            <h6 class="card-subtitle mb-2 text-body-secondary">
-                Using timezone: {{ CONFIG.TZ }}. Make sure this is correct and match your clients!
-            </h6>
-            <p class="card-text">
-                Your clients renew their license every {{ CONFIG.LEASE_CALCULATED_RENEWAL }}.<br/>
-                If the renewal fails, the license is {{ CONFIG.LEASE_RENEWAL_DELTA }} valid.<br/>
-                <br/>
-                Your client-token file (.tok) is valid for {{ CONFIG.CLIENT_TOKEN_EXPIRE_DELTA }}.
-            </p>
-        </div>
-    </div>
-
-    <div class="card">
-        <div class="card-body">
-            <pre id="config"></pre>
-        </div>
-    </div>
-</div>
-{% endblock %}
-
-{% block scripts %}
-{{ super() }}
-<script type="application/javascript">
-    function downloadClientToken() {
-        window.open('/-/client-token', "_blank")
-    }
-
-    function load() {
-        const config = document.getElementById('config')
-        fetchConfig(config)
-    }
-
-    load()
-</script>
-{% endblock %}

app/templates/views/dashboard_leases.html

@@ -1,60 +0,0 @@
-{% extends 'layouts/bootstrap-dashboard.html' %}
-
-{% block title %}
-<title>Origins</title>
-{% endblock %}
-
-{% block content %}
-    <div>
-        <div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
-            <h1 class="h2">Leases <small>with origin</small></h1>
-            <div class="btn-toolbar mb-2 mb-md-0">
-                <div class="btn-group me-2">
-                    <button type="button" class="btn btn-sm btn-outline-danger" onclick="deleteLease().finally(() => load())">
-                        delete lease
-                    </button>
-                    <button type="button" class="btn btn-sm btn-outline-danger" onclick="deleteExpiredLeases().finally(() => load())">
-                        delete all expired leases
-                    </button>
-                </div>
-
-                <button type="button" class="btn btn-sm btn-outline-secondary me-2" onclick="load()" title="refresh">
-                    <i class="bi bi-arrow-clockwise"></i>
-                </button>
-                <button id="btn-auto-refresh" type="button" class="btn btn-sm active">auto-refresh</button>
-            </div>
-        </div>
-
-        <div id="leases" class="mt-3"></div>
-    </div>
-{% endblock %}
-
-{% block scripts %}
-{{ super() }}
-<script type="application/javascript">
-    let autoRefresh = true
-
-    function load() {
-        const leases = document.getElementById('leases')
-        fetchLeases(leases)
-    }
-
-    load()
-
-    setInterval(() => {
-        if(autoRefresh)
-            load()
-    }, 5000);
-
-    const btnAutoRefresh = document.getElementById('btn-auto-refresh')
-    btnAutoRefresh.addEventListener("click", () => {
-        if(btnAutoRefresh.classList.contains('active')) {
-            autoRefresh = false
-            btnAutoRefresh.classList.remove('active')
-        } else {
-            autoRefresh = false
-            btnAutoRefresh.classList.add('active')
-        }
-    }, true);
-</script>
-{% endblock %}

app/templates/views/dashboard_origins.html

@@ -1,70 +0,0 @@
-{% extends 'layouts/bootstrap-dashboard.html' %}
-
-{% block title %}
-<title>Origins</title>
-{% endblock %}
-
-{% block content %}
-    <div>
-        <div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
-            <h1 class="h2">Origins <small>with leases</small></h1>
-            <div class="btn-toolbar mb-2 mb-md-0">
-                <div class="btn-group me-2">
-                    <button type="button" class="btn btn-sm btn-outline-danger" onclick="deleteOrigin().finally(() => load())">
-                        delete origin
-                    </button>
-                    <button type="button" class="btn btn-sm btn-outline-danger" onclick="deleteExpiredOrigins().finally(() => load())">
-                        delete all expired origins
-                    </button>
-                    <button type="button" class="btn btn-sm btn-outline-danger" onclick="deleteOriginsWrapper()">
-                        delete all
-                    </button>
-                </div>
-
-                <button type="button" class="btn btn-sm btn-outline-secondary me-2" onclick="load()" title="refresh">
-                    <i class="bi bi-arrow-clockwise"></i>
-                </button>
-                <button id="btn-auto-refresh" type="button" class="btn btn-sm active">auto-refresh</button>
-            </div>
-        </div>
-
-        <div id="origins" class="mt-3"></div>
-    </div>
-{% endblock %}
-
-{% block scripts %}
-{{ super() }}
-    <script type="application/javascript">
-        let autoRefresh = true
-
-        function load() {
-            const origins = document.getElementById('origins')
-            fetchOriginsWithLeases(origins)
-        }
-
-        load()
-
-        function deleteOriginsWrapper() {
-            const response = confirm('Are you sure you want to delete all origins and their leases?');
-
-            if (response)
-                deleteOrigins().finally(() => load())
-        }
-
-        setInterval(() => {
-            if(autoRefresh)
-                load()
-        }, 5000);
-
-        const btnAutoRefresh = document.getElementById('btn-auto-refresh')
-        btnAutoRefresh.addEventListener("click", () => {
-            if(btnAutoRefresh.classList.contains('active')) {
-                autoRefresh = false
-                btnAutoRefresh.classList.remove('active')
-            } else {
-                autoRefresh = false
-                btnAutoRefresh.classList.add('active')
-            }
-        }, true);
-    </script>
-{% endblock %}

app/templates/views/dashboard_readme.html

@@ -1,15 +0,0 @@
-{% extends 'layouts/bootstrap-dashboard.html' %}
-
-{% block title %}
-<title>Origins</title>
-{% endblock %}
-
-{% block content %}
-<div>
-    <div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
-        <div class="overflow-hidden">
-            {{ markdown|safe }}
-        </div>
-    </div>
-</div>
-{% endblock %}

app/templates/views/index.html

@@ -1,26 +0,0 @@
-{% extends 'layouts/bootstrap.html' %}
-
-{% block title %}
-<title>Index</title>
-{% endblock %}
-
-{% block body_class %}h-100{% endblock %}
-
-{% block body %}
-<main class="flex-shrink-0">
-    <div class="container">
-        <h1 class="mt-5 text-primary">FastAPI-DLS</h1>
-        <p class="lead">Minimal Delegated License Service (DLS).</p>
-        <p>
-            <a href="/-/dashboard">Dashboard</a>,
-            <a href="/-/readme">Readme</a>
-        </p>
-    </div>
-</main>
-
-<footer class="footer mt-auto py-3 bg-light">
-    <div class="container">
-        <span class="text-muted">FastAPI-DLS Version {{ VERSION }}</span>
-    </div>
-</footer>
-{% endblock %}

app/util.py

@@ -104,7 +104,7 @@ class DriverMatrix:
             self.log.debug(f'Successfully loaded "{DriverMatrix.__DRIVER_MATRIX_FILENAME}".')
         except Exception as e:
             DriverMatrix.__DRIVER_MATRIX = {}  # init empty dict to not try open file everytime, just when restarting app
-            # self.log.warning(f'Failed to load "{NV.__DRIVER_MATRIX_FILENAME}": {e}')
+            # self.log.warning(f'Failed to load "{DriverMatrix.__DRIVER_MATRIX_FILENAME}": {e}')
 
     @staticmethod
     def find(version: str) -> dict | None:

requirements.txt

@@ -6,4 +6,3 @@ python-dateutil==2.9.0
 sqlalchemy==2.0.40
 markdown==3.8
 python-dotenv==1.1.0
-jinja2==3.1.3

test/main.py

@@ -3,12 +3,13 @@ from base64 import b64encode as b64enc
 from calendar import timegm
 from datetime import datetime, UTC
 from hashlib import sha256
-from os.path import dirname, join
+from os import getenv as env
 from uuid import uuid4, UUID
 
 from dateutil.relativedelta import relativedelta
-from jose import jwt, jwk
+from jose import jwt
 from jose.constants import ALGORITHMS
+from sqlalchemy import create_engine
 from starlette.testclient import TestClient
 
 # add relative path to use packages as they were in the app/ dir
@@ -16,20 +17,23 @@ sys.path.append('../')
 sys.path.append('../app')
 
 from app import main
-from util import PrivateKey, PublicKey
+from orm import init as db_init, migrate, Site, Instance
 
-client = TestClient(main.app)
 
 ORIGIN_REF, ALLOTMENT_REF, SECRET = str(uuid4()), '20000000-0000-0000-0000-000000000001', 'HelloWorld'
 
-# INSTANCE_KEY_RSA = generate_key()
-# INSTANCE_KEY_PUB = INSTANCE_KEY_RSA.public_key()
+# fastapi setup
+client = TestClient(main.app)
 
-INSTANCE_KEY_RSA = PrivateKey.from_file(str(join(dirname(__file__), '../app/cert/instance.private.pem')))
-INSTANCE_KEY_PUB = PublicKey.from_file(str(join(dirname(__file__), '../app/cert/instance.public.pem')))
+# database setup
+db = create_engine(str(env('DATABASE', 'sqlite:///db.sqlite')))
+db_init(db), migrate(db)
 
-jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.pem(), algorithm=ALGORITHMS.RS256)
-jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.pem(), algorithm=ALGORITHMS.RS256)
+# test vars
+DEFAULT_SITE, DEFAULT_INSTANCE = Site.get_default_site(db), Instance.get_default_instance(db)
+
+SITE_KEY = DEFAULT_SITE.site_key
+jwt_encode_key, jwt_decode_key = DEFAULT_INSTANCE.get_jwt_encode_key(), DEFAULT_INSTANCE.get_jwt_decode_key()
 
 
 def __bearer_token(origin_ref: str) -> str:
@@ -38,6 +42,12 @@ def __bearer_token(origin_ref: str) -> str:
     return token
 
 
+def test_initial_default_site_and_instance():
+    default_site, default_instance = Site.get_default_site(db), Instance.get_default_instance(db)
+    assert default_site.site_key == Site.INITIAL_SITE_KEY_XID
+    assert default_instance.instance_ref == Instance.DEFAULT_INSTANCE_REF
+
+
 def test_index():
     response = client.get('/')
     assert response.status_code == 200
@@ -59,8 +69,8 @@ def test_readme():
     assert response.status_code == 200
 
 
-def test_dashboard():
-    response = client.get('/-/dashboard')
+def test_manage():
+    response = client.get('/-/manage')
     assert response.status_code == 200