2025-04-06 17:48:53 +03:00
12 changed files with 145 additions and 176 deletions
--- a/.DEBIAN/control
+++ b/.DEBIAN/control
@ -2,7 +2,7 @@ Package: fastapi-dls
 Version: 0.0
 Architecture: all
 Maintainer: Oscar Krause oscar.krause@collinwebdesigns.de
-Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-josepy, python3-sqlalchemy, python3-pycryptodome, python3-markdown, uvicorn, openssl
+Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-jose, python3-sqlalchemy, python3-pycryptodome, python3-markdown, uvicorn, openssl
 Recommends: curl
 Installed-Size: 10240
 Homepage: https://git.collinwebdesigns.de/oscar.krause/fastapi-dls
--- a/.DEBIAN/requirements-ubuntu-23.04.txt
+++ b/.DEBIAN/requirements-ubuntu-23.04.txt
@ -0,0 +1,10 @@
 # https://packages.ubuntu.com
 fastapi==0.91.0
 uvicorn[standard]==0.15.0
 python-jose[pycryptodome]==3.3.0
 pycryptodome==3.11.0
 python-dateutil==2.8.2
 sqlalchemy==1.4.46
 markdown==3.4.3
 python-dotenv==0.21.0
 jinja2==3.1.2
--- a/.DEBIAN/requirements-ubuntu-23.10.txt
+++ b/.DEBIAN/requirements-ubuntu-23.10.txt
@ -0,0 +1,10 @@
 # https://packages.ubuntu.com
 fastapi==0.101.0
 uvicorn[standard]==0.23.2
 python-jose[pycryptodome]==3.3.0
 pycryptodome==3.11.0
 python-dateutil==2.8.2
 sqlalchemy==1.4.47
 markdown==3.4.4
 python-dotenv==1.0.0
 jinja2==3.1.2
--- a/.DEBIAN/requirements-ubuntu-24.10.txt
+++ b/.DEBIAN/requirements-ubuntu-24.10.txt
@ -1,10 +0,0 @@
 # https://packages.ubuntu.com
 fastapi==0.110.3
 uvicorn[standard]==0.30.3
 python-jose[pycryptodome]==3.3.0
 pycryptodome==3.20.0
 python-dateutil==2.9.0
 sqlalchemy==2.0.32
 markdown==3.6
 python-dotenv==1.0.1
 jinja2==3.1.3
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -20,7 +20,6 @@ build:docker:
      changes:
        - app/**/*
        - Dockerfile
        - requirements.txt
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
  tags: [ docker ]
  before_script:
@ -127,7 +126,7 @@ build:pacman:
      - "*.pkg.tar.zst"
 test:
-  image: python:3.12-slim-bookworm
+  image: $IMAGE
  stage: test
  interruptible: true
  rules:
@ -142,16 +141,14 @@ test:
    DATABASE: sqlite:///../app/db.sqlite
  parallel:
    matrix:
-      - REQUIREMENTS:
+      - IMAGE: [ 'python:3.11-slim-bookworm', 'python:3.12-slim-bullseye' ]
-          - 'requirements.txt'
+        REQUIREMENTS:
-#          - '.DEBIAN/requirements-bookworm-12.txt'
+          - requirements.txt
-#          - '.DEBIAN/requirements-ubuntu-24.04.txt'
+          - .DEBIAN/requirements-bookworm-12.txt
-#          - '.DEBIAN/requirements-ubuntu-24.10.txt'
+          - .DEBIAN/requirements-ubuntu-23.10.txt
          - .DEBIAN/requirements-ubuntu-24.04.txt
  before_script:
-    - apt-get update && apt-get install -y python3-dev python3-pip python3-venv gcc
+    - apt-get update && apt-get install -y python3-dev gcc
    - python3 -m venv venv
    - source venv/bin/activate
    - pip install --upgrade pip
    - pip install -r $REQUIREMENTS
    - pip install pytest httpx
    - mkdir -p app/cert
@ -165,7 +162,7 @@ test:
      dotenv: version.env
      junit: ['**/report.xml']
-.test:apt:
+.test:linux:
  stage: test
  rules:
    - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
@ -204,17 +201,15 @@ test:
    - apt-get purge -qq -y fastapi-dls
    - apt-get autoremove -qq -y && apt-get clean -qq
-test:apt:
+test:debian:
-  extends: .test:apt
+  extends: .test:linux
-  image: $IMAGE
+  image: debian:bookworm-slim
  parallel:
    matrix:
      - IMAGE:
          - debian:bookworm-slim # EOL: June 06, 2026
          - ubuntu:24.04 # EOL: April 2036
          - ubuntu:24.10
-test:pacman:archlinux:
+test:ubuntu:
  extends: .test:linux
  image: ubuntu:24.04
 test:archlinux:
  image: archlinux:base
  rules:
    - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
@ -255,7 +250,7 @@ semgrep-sast:
 test_coverage:
 #  extends: test
-  image: python:3.12-slim-bookworm
+  image: python:3.11-slim-bookworm
  allow_failure: true
  stage: test
  rules:
--- a/2
+++ b/2
@ -10,7 +10,7 @@ RUN apk update \
 && apk add --no-cache --virtual build-deps gcc g++ python3-dev musl-dev pkgconfig \
 && apk add --no-cache curl postgresql postgresql-dev mariadb-dev sqlite-dev \
 && pip install --no-cache-dir --upgrade uvicorn \
- && pip install --no-cache-dir psycopg2==2.9.10 mysqlclient==2.2.7 pysqlite3==0.5.4 \
+ && pip install --no-cache-dir psycopg2==2.9.9 mysqlclient==2.2.4 pysqlite3==0.5.2 \
 && pip install --no-cache-dir -r /tmp/requirements.txt \
 && apk del build-deps
--- a/README.md
+++ b/README.md
@ -2,9 +2,8 @@
 Minimal Delegated License Service (DLS).
-> Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0, 3.3.1, 3.4.0. For Driver compatibility
+Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0, 3.3.1. For Driver compatibility
 see [compatibility matrix](#vgpu-software-compatibility-matrix).
 Drivers are only supported until **17.x releases**.
 This service can be used without internet connection.
 Only the clients need a connection to this service on configured port.
@ -24,7 +23,6 @@ Only the clients need a connection to this service on configured port.
 * [NVIDIA vGPU Guide](https://gitlab.com/polloloco/vgpu-proxmox) - This document serves as a guide to install NVIDIA vGPU host drivers on the latest Proxmox VE version
 * [vgpu_unlock](https://github.com/DualCoder/vgpu_unlock) - Unlock vGPU functionality for consumer-grade Nvidia GPUs.
 * [vGPU_Unlock Wiki](https://docs.google.com/document/d/1pzrWJ9h-zANCtyqRgS7Vzla0Y8Ea2-5z2HEi4X75d2Q) - Guide for `vgpu_unlock`
 * [Proxmox 8 vGPU in VMs and LXC Containers](https://medium.com/@dionisievldulrincz/proxmox-8-vgpu-in-vms-and-lxc-containers-4146400207a3) - Install *Merged Drivers* for using in Proxmox VMs and LXCs
 * [Proxmox All-In-One Installer Script](https://wvthoog.nl/proxmox-vgpu-v3/) - Also known as `proxmox-installer.sh`
 ---
@ -332,12 +330,11 @@ Packages are available here:
 Successful tested with:
- **Debian 12 (Bookworm)** (EOL: June 06, 2026)
+- Debian 12 (Bookworm) (EOL: tba.)
- *Ubuntu 22.10 (Kinetic Kudu)* (EOL: July 20, 2023)
+- Ubuntu 22.10 (Kinetic Kudu) (EOL: July 20, 2023)
- *Ubuntu 23.04 (Lunar Lobster)* (EOL: January 2024)
+- Ubuntu 23.04 (Lunar Lobster) (EOL: January 2024)
- *Ubuntu 23.10 (Mantic Minotaur)* (EOL: July 2024)
+- Ubuntu 23.10 (Mantic Minotaur) (EOL: July 2024)
- **Ubuntu 24.04 (Noble Numbat)** (EOL: April 2036)
+- Ubuntu 24.04 (Noble Numbat) (EOL: April 2036)
 - *Ubuntu 24.10 (Oracular Oriole)* (EOL: tba.)
 Not working with:
@ -395,10 +392,6 @@ Now you have to edit `/etc/default/fastapi-dls` as needed.
 Continue [here](#unraid-guest) for docker guest setup.
 ## NixOS
 Tanks to [@mrzenc](https://github.com/mrzenc) for [fastapi-dls-nixos](https://github.com/mrzenc/fastapi-dls-nixos).
 ## Let's Encrypt Certificate (optional)
 If you're using installation via docker, you can use `traefik`. Please refer to their documentation.
@ -418,7 +411,7 @@ After first success you have to replace `--issue` with `--renew`.
 # Configuration
 | Variable               | Default                                | Usage                                                                                                |
-|--------------------------|----------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------|
+|------------------------|----------------------------------------|------------------------------------------------------------------------------------------------------|
 | `DEBUG`                | `false`                                | Toggles `fastapi` debug mode                                                                         |
 | `DLS_URL`              | `localhost`                            | Used in client-token to tell guest driver where dls instance is reachable                            |
 | `DLS_PORT`             | `443`                                  | Used in client-token to tell guest driver where dls instance is reachable                            |
@ -732,23 +725,16 @@ The error message can safely be ignored (since we have no license limitation :P)
 # vGPU Software Compatibility Matrix
 **18.x Drivers are not supported on FastAPI-DLS Versions < 1.6.0**
 <details>
  <summary>Show Table</summary>
 Successfully tested with this package versions.
 | vGPU Suftware | Driver Branch | Linux vGPU Manager | Linux Driver | Windows Driver |  Release Date |      EOL Date |
 |:-------------:|:-------------:|--------------------|--------------|----------------|--------------:|--------------:|
-|    `17.5`     |     R550      | `550.144.02`       | `550.144.03` | `553.62`       |  January 2025 |     June 2025 |
+|    `17.4`     |     R550      | `550.127.06`       | `550.127.05` | `553.24`       |  October 2024 | February 2025 |
 |    `17.4`     |     R550      | `550.127.06`       | `550.127.05` | `553.24`       |  October 2024 |               |
 |    `17.3`     |     R550      | `550.90.05`        | `550.90.07`  | `552.74`       |     July 2024 |               |
 |    `17.2`     |     R550      | `550.90.05`        | `550.90.07`  | `552.55`       |     June 2024 |               |
 |    `17.1`     |     R550      | `550.54.16`        | `550.54.15`  | `551.78`       |    March 2024 |               |
 |    `17.0`     |     R550      | `550.54.10`        | `550.54.14`  | `551.61`       | February 2024 |               |
-|    `16.9`     |     R535      | `535.230.02`       | `535.216.01` | `539.19`       |  October 2024 |     July 2026 |
+|    `16.8`     |     R535      | `535.216.01`       | `535.216.01` | `538.95`       |  October 2024 |     July 2026 |
 |    `16.8`     |     R535      | `535.216.01`       | `535.216.01` | `538.95`       |  October 2024 |               |
 |    `16.7`     |     R535      | `535.183.04`       | `535.183.06` | `538.78`       |     July 2024 |               |
 |    `16.6`     |     R535      | `535.183.04`       | `535.183.01` | `538.67`       |     June 2024 |               |
 |    `16.5`     |     R535      | `535.161.05`       | `535.161.08` | `538.46`       | February 2024 |               |
@ -760,8 +746,6 @@ Successfully tested with this package versions.
 |    `15.4`     |     R525      | `525.147.01`       | `525.147.05` | `529.19`       |     June 2023 | December 2023 |
 |    `14.4`     |     R510      | `510.108.03`       | `510.108.03` | `514.08`       | December 2022 | February 2023 |
 </details>
 - https://docs.nvidia.com/grid/index.html
 - https://docs.nvidia.com/grid/gpus-supported-by-vgpu.html
@ -781,6 +765,5 @@ Special thanks to:
 - @DualCoder who creates the `vgpu_unlock` functionality [vgpu_unlock](https://github.com/DualCoder/vgpu_unlock)
 - Krutav Shah who wrote the [vGPU_Unlock Wiki](https://docs.google.com/document/d/1pzrWJ9h-zANCtyqRgS7Vzla0Y8Ea2-5z2HEi4X75d2Q/)
 - Wim van 't Hoog for the [Proxmox All-In-One Installer Script](https://wvthoog.nl/proxmox-vgpu-v3/)
 - @mrzenc who wrote [fastapi-dls-nixos](https://github.com/mrzenc/fastapi-dls-nixos)
 And thanks to all people who contributed to all these libraries!
--- a/app/main.py
+++ b/app/main.py
@ -2,7 +2,7 @@ import logging
 from base64 import b64encode as b64enc
 from calendar import timegm
 from contextlib import asynccontextmanager
-from datetime import datetime, timedelta, UTC
+from datetime import datetime, timedelta
 from hashlib import sha256
 from json import loads as json_loads
 from os import getenv as env
@ -238,7 +238,7 @@ async def _lease_delete(request: Request, lease_ref: str):
 # venv/lib/python3.9/site-packages/nls_core_service_instance/service_instance_token_manager.py
@app.get('/-/client-token', summary='* Client-Token', description='creates a new messenger token for this service instance')
 async def _client_token():
-    cur_time = datetime.now(UTC)
+    cur_time = datetime.utcnow()
    exp_time = cur_time + CLIENT_TOKEN_EXPIRE_DELTA
    payload = {
@ -284,10 +284,10 @@ async def _client_token():
 # venv/lib/python3.9/site-packages/nls_services_auth/test/test_origins_controller.py
@app.post('/auth/v1/origin', description='find or create an origin')
 async def auth_v1_origin(request: Request):
-    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC)
+    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
    origin_ref = j.get('candidate_origin_ref')
-    logger.info(f'> [  origin  ]: {origin_ref}: {j}')
+    logging.info(f'> [  origin  ]: {origin_ref}: {j}')
    data = Origin(
        origin_ref=origin_ref,
@ -314,10 +314,10 @@ async def auth_v1_origin(request: Request):
 # venv/lib/python3.9/site-packages/nls_services_auth/test/test_origins_controller.py
@app.post('/auth/v1/origin/update', description='update an origin evidence')
 async def auth_v1_origin_update(request: Request):
-    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC)
+    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
    origin_ref = j.get('origin_ref')
-    logger.info(f'> [  update  ]: {origin_ref}: {j}')
+    logging.info(f'> [  update  ]: {origin_ref}: {j}')
    data = Origin(
        origin_ref=origin_ref,
@ -341,10 +341,10 @@ async def auth_v1_origin_update(request: Request):
 # venv/lib/python3.9/site-packages/nls_core_auth/auth.py - CodeResponse
@app.post('/auth/v1/code', description='get an authorization code')
 async def auth_v1_code(request: Request):
-    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC)
+    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
    origin_ref = j.get('origin_ref')
-    logger.info(f'> [   code   ]: {origin_ref}: {j}')
+    logging.info(f'> [   code   ]: {origin_ref}: {j}')
    delta = relativedelta(minutes=15)
    expires = cur_time + delta
@ -373,15 +373,15 @@ async def auth_v1_code(request: Request):
 # venv/lib/python3.9/site-packages/nls_core_auth/auth.py - TokenResponse
@app.post('/auth/v1/token', description='exchange auth code and verifier for token')
 async def auth_v1_token(request: Request):
-    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC)
+    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
    try:
-        payload = jwt.decode(token=j.get('auth_code'), key=jwt_decode_key, algorithms=ALGORITHMS.RS256)
+        payload = jwt.decode(token=j.get('auth_code'), key=jwt_decode_key)
    except JWTError as e:
        return JSONr(status_code=400, content={'status': 400, 'title': 'invalid token', 'detail': str(e)})
    origin_ref = payload.get('origin_ref')
-    logger.info(f'> [   auth   ]: {origin_ref}: {j}')
+    logging.info(f'> [   auth   ]: {origin_ref}: {j}')
    # validate the code challenge
    challenge = b64enc(sha256(j.get('code_verifier').encode('utf-8')).digest()).rstrip(b'=').decode('utf-8')
@ -415,7 +415,7 @@ async def auth_v1_token(request: Request):
 # venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py
@app.post('/leasing/v1/lessor', description='request multiple leases (borrow) for current origin')
 async def leasing_v1_lessor(request: Request):
-    j, token, cur_time = json_loads((await request.body()).decode('utf-8')), __get_token(request), datetime.now(UTC)
+    j, token, cur_time = json_loads((await request.body()).decode('utf-8')), __get_token(request), datetime.utcnow()
    try:
        token = __get_token(request)
@ -424,7 +424,7 @@ async def leasing_v1_lessor(request: Request):
    origin_ref = token.get('origin_ref')
    scope_ref_list = j.get('scope_ref_list')
-    logger.info(f'> [  create  ]: {origin_ref}: create leases for scope_ref_list {scope_ref_list}')
+    logging.info(f'> [  create  ]: {origin_ref}: create leases for scope_ref_list {scope_ref_list}')
    lease_result_list = []
    for scope_ref in scope_ref_list:
@ -463,12 +463,12 @@ async def leasing_v1_lessor(request: Request):
 # venv/lib/python3.9/site-packages/nls_dal_service_instance_dls/schema/service_instance/V1_0_21__product_mapping.sql
@app.get('/leasing/v1/lessor/leases', description='get active leases for current origin')
 async def leasing_v1_lessor_lease(request: Request):
-    token, cur_time = __get_token(request), datetime.now(UTC)
+    token, cur_time = __get_token(request), datetime.utcnow()
    origin_ref = token.get('origin_ref')
    active_lease_list = list(map(lambda x: x.lease_ref, Lease.find_by_origin_ref(db, origin_ref)))
-    logger.info(f'> [  leases  ]: {origin_ref}: found {len(active_lease_list)} active leases')
+    logging.info(f'> [  leases  ]: {origin_ref}: found {len(active_lease_list)} active leases')
    response = {
        "active_lease_list": active_lease_list,
@ -483,10 +483,10 @@ async def leasing_v1_lessor_lease(request: Request):
 # venv/lib/python3.9/site-packages/nls_core_lease/lease_single.py
@app.put('/leasing/v1/lease/{lease_ref}', description='renew a lease')
 async def leasing_v1_lease_renew(request: Request, lease_ref: str):
-    token, cur_time = __get_token(request), datetime.now(UTC)
+    token, cur_time = __get_token(request), datetime.utcnow()
    origin_ref = token.get('origin_ref')
-    logger.info(f'> [  renew   ]: {origin_ref}: renew {lease_ref}')
+    logging.info(f'> [  renew   ]: {origin_ref}: renew {lease_ref}')
    entity = Lease.find_by_origin_ref_and_lease_ref(db, origin_ref, lease_ref)
    if entity is None:
@ -510,10 +510,10 @@ async def leasing_v1_lease_renew(request: Request, lease_ref: str):
 # venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_single_controller.py
@app.delete('/leasing/v1/lease/{lease_ref}', description='release (return) a lease')
 async def leasing_v1_lease_delete(request: Request, lease_ref: str):
-    token, cur_time = __get_token(request), datetime.now(UTC)
+    token, cur_time = __get_token(request), datetime.utcnow()
    origin_ref = token.get('origin_ref')
-    logger.info(f'> [  return  ]: {origin_ref}: return {lease_ref}')
+    logging.info(f'> [  return  ]: {origin_ref}: return {lease_ref}')
    entity = Lease.find_by_lease_ref(db, lease_ref)
    if entity.origin_ref != origin_ref:
@ -536,13 +536,13 @@ async def leasing_v1_lease_delete(request: Request, lease_ref: str):
 # venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py
@app.delete('/leasing/v1/lessor/leases', description='release all leases')
 async def leasing_v1_lessor_lease_remove(request: Request):
-    token, cur_time = __get_token(request), datetime.now(UTC)
+    token, cur_time = __get_token(request), datetime.utcnow()
    origin_ref = token.get('origin_ref')
    released_lease_list = list(map(lambda x: x.lease_ref, Lease.find_by_origin_ref(db, origin_ref)))
    deletions = Lease.cleanup(db, origin_ref)
-    logger.info(f'> [  remove  ]: {origin_ref}: removed {deletions} leases')
+    logging.info(f'> [  remove  ]: {origin_ref}: removed {deletions} leases')
    response = {
        "released_lease_list": released_lease_list,
@ -556,7 +556,7 @@ async def leasing_v1_lessor_lease_remove(request: Request):
@app.post('/leasing/v1/lessor/shutdown', description='shutdown all leases')
 async def leasing_v1_lessor_shutdown(request: Request):
-    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC)
+    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
    token = j.get('token')
    token = jwt.decode(token=token, key=jwt_decode_key, algorithms=ALGORITHMS.RS256, options={'verify_aud': False})
@ -564,7 +564,7 @@ async def leasing_v1_lessor_shutdown(request: Request):
    released_lease_list = list(map(lambda x: x.lease_ref, Lease.find_by_origin_ref(db, origin_ref)))
    deletions = Lease.cleanup(db, origin_ref)
-    logger.info(f'> [ shutdown ]: {origin_ref}: removed {deletions} leases')
+    logging.info(f'> [ shutdown ]: {origin_ref}: removed {deletions} leases')
    response = {
        "released_lease_list": released_lease_list,
@ -587,7 +587,7 @@ if __name__ == '__main__':
    #
    ###
-    logger.info(f'> Starting dev-server ...')
+    logging.info(f'> Starting dev-server ...')
    ssl_keyfile = join(dirname(__file__), 'cert/webserver.key')
    ssl_certfile = join(dirname(__file__), 'cert/webserver.crt')
--- a/app/orm.py
+++ b/app/orm.py
@ -1,4 +1,4 @@
-from datetime import datetime, timedelta, timezone, UTC
+from datetime import datetime, timedelta
 from dateutil.relativedelta import relativedelta
 from sqlalchemy import Column, VARCHAR, CHAR, ForeignKey, DATETIME, update, and_, inspect, text
@ -66,17 +66,7 @@ class Origin(Base):
        if origin_refs is None:
            deletions = session.query(Origin).delete()
        else:
-            deletions = session.query(Origin).filter(Origin.origin_ref.in_(origin_refs)).delete()
+            deletions = session.query(Origin).filter(Origin.origin_ref in origin_refs).delete()
        session.commit()
        session.close()
        return deletions
    @staticmethod
    def delete_expired(engine: Engine) -> int:
        session = sessionmaker(bind=engine)()
        origins = session.query(Origin).join(Lease, Origin.origin_ref == Lease.origin_ref, isouter=True).filter(Lease.lease_ref.is_(None)).all()
        origin_refs = [origin.origin_ref for origin in origins]
        deletions = session.query(Origin).filter(Origin.origin_ref.in_(origin_refs)).delete()
        session.commit()
        session.close()
        return deletions
@ -104,10 +94,10 @@ class Lease(Base):
            'lease_ref': self.lease_ref,
            'origin_ref': self.origin_ref,
            # 'scope_ref': self.scope_ref,
-            'lease_created': self.lease_created.replace(tzinfo=timezone.utc).isoformat(),
+            'lease_created': self.lease_created.isoformat(),
-            'lease_expires': self.lease_expires.replace(tzinfo=timezone.utc).isoformat(),
+            'lease_expires': self.lease_expires.isoformat(),
-            'lease_updated': self.lease_updated.replace(tzinfo=timezone.utc).isoformat(),
+            'lease_updated': self.lease_updated.isoformat(),
-            'lease_renewal': lease_renewal.replace(tzinfo=timezone.utc).isoformat(),
+            'lease_renewal': lease_renewal.isoformat(),
        }
    @staticmethod
@ -178,7 +168,7 @@ class Lease(Base):
    @staticmethod
    def delete_expired(engine: Engine) -> int:
        session = sessionmaker(bind=engine)()
-        deletions = session.query(Lease).filter(Lease.lease_expires <= datetime.now(UTC)).delete()
+        deletions = session.query(Lease).filter(Lease.lease_expires <= datetime.utcnow()).delete()
        session.commit()
        session.close()
        return deletions
--- a/doc/Reverse
+++ b/doc/Reverse
@ -1,7 +1,5 @@
 # Reverse Engineering Notes
 [[_TOC_]]
 # Usefully commands
 ## Check licensing status
@ -29,9 +27,7 @@ nvidia-gridd[2986]: Acquiring license. (Info: license.nvidia.space; NVIDIA RTX V
 nvidia-gridd[2986]: License acquired successfully. (Info: license.nvidia.space, NVIDIA RTX Virtual Workstation; Expiry: 2023-1-29 22:3:0 GMT)
 ```
-# Docker DLS-Container File-System
+# DLS-Container File-System (Docker)
 - More about Docker Images https://git.collinwebdesigns.de/nvidia/nls
 ## Configuration data
@ -40,51 +36,7 @@ Most variables and configs are stored in `/var/lib/docker/volumes/configurations
 Files can be modified with `docker cp <container-id>:/venv/... /opt/localfile/...` and back.
 (May you need to fix permissions with `docker exec -u 0 <container-id> chown nonroot:nonroot /venv/...`)
-Config-Variables are in `etc/dls/config/service_env.conf`.
+## Dive / Docker image inspector
 ## Site Key Uri - `/etc/dls/config/site_key_uri.bin`
 ```
 base64-content...
 ```
 ## DB Password - `/etc/dls/config/dls_db_password.bin`
 ```
 # docker cp -a <container-id>:/etc/dls/config/dls_db_password.bin /tmp/dls_db_password.bin
 base64-content...
 ```
 **Decrypt database password**
 ```
 cat dls_db_password.bin | base64 -d > dls_db_password.bin.raw
 openssl rsautl -decrypt -inkey /tmp/private-key.pem -in dls_db_password.bin.raw
 ```
 # Docker Postgres-Container
 - It's enough to manipulate database licenses. There must not be changed any line of code to bypass licensing
  validations.
 ## Inspect
 Valid users are `dls_writer` and `postgres`.
 ```shell
 docker exec -it <dls:pgsql> psql -h localhost -U postgres
 ```
 ## External Access
 Or you can modify `docker-compose.yaml` to forward Postgres port. To create a superuser for external access, use `docker exec` from above and rund the following:
 ```sql
 CREATE USER admin WITH LOGIN SUPERUSER PASSWORD 'admin';
 ```
 # Dive / Docker image inspector
 - `dive dls:appliance`
@ -101,6 +53,45 @@ Command:
 #(nop) ADD file:c1900d3e3a29c29a743a8da86c437006ec5d2aa873fb24e48033b6bf492bb37b in /
 ```
 ## Private Key (Site-Key)
 - `/etc/dls/config/decryptor/decryptor`
 ```shell
 docker exec -it <container-id> /etc/dls/config/decryptor/decryptor > /tmp/private-key.pem
 ```
 ```
 -----BEGIN RSA PRIVATE KEY-----
 ...
 -----END RSA PRIVATE KEY-----
 ``` 
 ## Site Key Uri - `/etc/dls/config/site_key_uri.bin`
 ```
 base64-content...
 ```
 ## DB Password - `/etc/dls/config/dls_db_password.bin`
 ```
 base64-content...
 ```
 **Decrypt database password**
 ```
 cd /var/lib/docker/volumes/configurations/_data
 cat dls_db_password.bin | base64 -d > dls_db_password.bin.raw
 openssl rsautl -decrypt -inkey /tmp/private-key.pem -in dls_db_password.bin.raw
 ```
 # Database
 - It's enough to manipulate database licenses. There must not be changed any line of code to bypass licensing
  validations.
 # Logging / Stack Trace
 - https://docs.nvidia.com/license-system/latest/nvidia-license-system-user-guide/index.html#troubleshooting-dls-instance
--- a/requirements.txt
+++ b/requirements.txt
@ -1,8 +1,8 @@
-fastapi==0.115.8
+fastapi==0.115.3
-uvicorn[standard]==0.34.0
+uvicorn[standard]==0.32.0
-python-jose==3.4.0
+python-jose==3.3.0
 pycryptodome==3.21.0
 python-dateutil==2.8.2
-sqlalchemy==2.0.38
+sqlalchemy==2.0.36
 markdown==3.7
 python-dotenv==1.0.1
--- a/test/main.py
+++ b/test/main.py
@ -1,8 +1,7 @@
 import sys
 from base64 import b64encode as b64enc
 from calendar import timegm
 from datetime import datetime, UTC
 from hashlib import sha256
 from calendar import timegm
 from datetime import datetime
 from os.path import dirname, join
 from uuid import uuid4, UUID
@ -10,6 +9,7 @@ from dateutil.relativedelta import relativedelta
 from jose import jwt, jwk
 from jose.constants import ALGORITHMS
 from starlette.testclient import TestClient
 import sys
 # add relative path to use packages as they were in the app/ dir
 sys.path.append('../')
@ -106,7 +106,6 @@ def test_auth_v1_origin():
    assert response.json().get('origin_ref') == ORIGIN_REF
 def auth_v1_origin_update():
    payload = {
        "registration_pending": False,
@ -142,7 +141,7 @@ def test_auth_v1_code():
 def test_auth_v1_token():
-    cur_time = datetime.now(UTC)
+    cur_time = datetime.utcnow()
    access_expires_on = cur_time + relativedelta(hours=1)
    payload = {
@ -154,7 +153,8 @@ def test_auth_v1_token():
        "kid": "00000000-0000-0000-0000-000000000000"
    }
    payload = {
-        "auth_code": jwt.encode(payload, key=jwt_encode_key, headers={'kid': payload.get('kid')}, algorithm=ALGORITHMS.RS256),
+        "auth_code": jwt.encode(payload, key=jwt_encode_key, headers={'kid': payload.get('kid')},
                                algorithm=ALGORITHMS.RS256),
        "code_verifier": SECRET,
    }