implemented endpoint for expired origins (origins without active leases)

requirements.txt updated
Merge branch 'main' into ui
2026-04-08 07:55:48 +03:00 · 2024-02-27 20:53:32 +01:00 · 2024-02-27 20:12:37 +01:00 · 2024-02-27 20:12:14 +01:00 · 2024-02-27 19:56:27 +01:00 · 2024-02-27 08:21:40 +01:00
30 changed files with 511 additions and 733 deletions
--- a/.DEBIAN/control
+++ b/.DEBIAN/control
@@ -2,7 +2,7 @@ Package: fastapi-dls
 Version: 0.0
 Architecture: all
 Maintainer: Oscar Krause oscar.krause@collinwebdesigns.de
-Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-jose, python3-sqlalchemy, python3-cryptography, python3-markdown, python3-jinja2, uvicorn, openssl
+Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-jose, python3-sqlalchemy, python3-pycryptodome, python3-markdown, python3-jinja2, uvicorn, openssl
 Recommends: curl
 Installed-Size: 10240
 Homepage: https://git.collinwebdesigns.de/oscar.krause/fastapi-dls
--- a/.DEBIAN/requirements-bookworm-12.txt
+++ b/.DEBIAN/requirements-bookworm-12.txt
@@ -1,8 +1,8 @@
 # https://packages.debian.org/hu/
 fastapi==0.92.0
 uvicorn[standard]==0.17.6
-python-jose[cryptography]==3.3.0
+python-jose[pycryptodome]==3.3.0
-cryptography==38.0.4
+pycryptodome==3.11.0
 python-dateutil==2.8.2
 sqlalchemy==1.4.46
 markdown==3.4.1
--- a/.DEBIAN/requirements-ubuntu-23.04.txt
+++ b/.DEBIAN/requirements-ubuntu-23.04.txt
@@ -0,0 +1,10 @@
 # https://packages.ubuntu.com
 fastapi==0.91.0
 uvicorn[standard]==0.15.0
 python-jose[pycryptodome]==3.3.0
 pycryptodome==3.11.0
 python-dateutil==2.8.2
 sqlalchemy==1.4.46
 markdown==3.4.3
 python-dotenv==0.21.0
 jinja2==3.1.2
--- a/.DEBIAN/requirements-ubuntu-23.10.txt
+++ b/.DEBIAN/requirements-ubuntu-23.10.txt
@@ -0,0 +1,10 @@
 # https://packages.ubuntu.com
 fastapi==0.101.0
 uvicorn[standard]==0.23.2
 python-jose[pycryptodome]==3.3.0
 pycryptodome==3.11.0
 python-dateutil==2.8.2
 sqlalchemy==1.4.47
 markdown==3.4.4
 python-dotenv==1.0.0
 jinja2==3.1.2
--- a/.DEBIAN/requirements-ubuntu-24.04.txt
+++ b/.DEBIAN/requirements-ubuntu-24.04.txt
@@ -1,10 +0,0 @@
 # https://packages.ubuntu.com
 fastapi==0.101.0
 uvicorn[standard]==0.27.1
 python-jose[cryptography]==3.3.0
 cryptography==41.0.7
 python-dateutil==2.8.2
 sqlalchemy==1.4.50
 markdown==3.5.2
 python-dotenv==1.0.1
 jinja2==3.1.2
--- a/.DEBIAN/requirements-ubuntu-24.10.txt
+++ b/.DEBIAN/requirements-ubuntu-24.10.txt
@@ -1,10 +0,0 @@
 # https://packages.ubuntu.com
 fastapi==0.110.3
 uvicorn[standard]==0.30.3
 python-jose[cryptography]==3.3.0
 cryptography==42.0.5
 python-dateutil==2.9.0
 sqlalchemy==2.0.32
 markdown==3.6
 python-dotenv==1.0.1
 jinja2==3.1.3
--- a/.PKGBUILD/PKGBUILD
+++ b/.PKGBUILD/PKGBUILD
@@ -8,7 +8,7 @@ pkgdesc='NVIDIA DLS server implementation with FastAPI'
 arch=('any')
 url='https://git.collinwebdesigns.de/oscar.krause/fastapi-dls'
 license=('MIT')
-depends=('python' 'python-jose' 'python-starlette' 'python-httpx' 'python-fastapi' 'python-dotenv' 'python-dateutil' 'python-sqlalchemy' 'python-cryptography' 'python-jinja' 'uvicorn' 'python-markdown' 'openssl')
+depends=('python' 'python-jose' 'python-starlette' 'python-httpx' 'python-fastapi' 'python-dotenv' 'python-dateutil' 'python-sqlalchemy' 'python-pycryptodome' 'python-jinja' 'uvicorn' 'python-markdown' 'openssl')
 provider=("$pkgname")
 install="$pkgname.install"
 backup=('etc/default/fastapi-dls')
@@ -42,10 +42,9 @@ package() {
    install -d "$pkgdir/var/lib/$pkgname/cert"
    # copy docs & static files
-    #cp -r "$srcdir/$pkgname/doc"/* "$pkgdir/usr/share/doc/$pkgname/"
+    cp -r "$srcdir/$pkgname/doc"/* "$pkgdir/usr/share/doc/$pkgname/"
    install -Dm644 "$srcdir/$pkgname/README.md" "$pkgdir/usr/share/doc/$pkgname/README.md"
    install -Dm644 "$srcdir/$pkgname/version.env" "$pkgdir/usr/share/doc/$pkgname/version.env"
    sed -i "s/README.md/\/usr\/share\/doc\/$pkgname\/README.md/g" "$srcdir/$pkgname/app/main.py"
    # copy main app python files
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,6 @@
 .DS_Store
 venv/
 .idea/
-*.sqlite
+app/*.sqlite*
 app/cert/*.*
 .pytest_cache
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -16,12 +16,12 @@ build:docker:
  interruptible: true
  stage: build
  rules:
-    # deployment is in "deploy:docker:"
+    - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
      changes:
        - app/**/*
        - Dockerfile
        - requirements.txt
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
  tags: [ docker ]
  before_script:
    - docker buildx inspect
@@ -44,13 +44,16 @@ build:apt:
    - if: $CI_COMMIT_TAG
      variables:
        VERSION: $CI_COMMIT_REF_NAME
-    - if: ($CI_PIPELINE_SOURCE == 'merge_request_event') || ($CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH)
+    - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
      changes:
        - app/**/*
        - .DEBIAN/**/*
        - .gitlab-ci.yml
      variables:
        VERSION: "0.0.1"
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
      variables:
        VERSION: "0.0.1"
  before_script:
    - echo -e "VERSION=$VERSION\nCOMMIT=$CI_COMMIT_SHA" > version.env
    # install build dependencies
@@ -91,13 +94,16 @@ build:pacman:
    - if: $CI_COMMIT_TAG
      variables:
        VERSION: $CI_COMMIT_REF_NAME
-    - if: ($CI_PIPELINE_SOURCE == 'merge_request_event') || ($CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH)
+    - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
      changes:
        - app/**/*
        - .PKGBUILD/**/*
        - .gitlab-ci.yml
      variables:
        VERSION: "0.0.1"
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
      variables:
        VERSION: "0.0.1"
  before_script:
    #- echo -e "VERSION=$VERSION\nCOMMIT=$CI_COMMIT_SHA" > version.env
    # install build dependencies
@@ -120,12 +126,13 @@ build:pacman:
    paths:
      - "*.pkg.tar.zst"
-test:python:
+test:
-  image: $IMAGE
+  image: python:3.11-slim-bookworm
  stage: test
  interruptible: true
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
    - if: $CI_COMMIT_TAG
    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
    - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
      changes:
@@ -135,21 +142,14 @@ test:python:
    DATABASE: sqlite:///../app/db.sqlite
  parallel:
    matrix:
-      - IMAGE:
+      - REQUIREMENTS:
-          # https://devguide.python.org/versions/#supported-versions
+          - requirements.txt
-#          - python:3.14-rc-alpine  # EOL 2030-10 =>  uvicorn does not support 3.14 yet
+          - .DEBIAN/requirements-bookworm-12.txt
-          - python:3.13-alpine  # EOL 2029-10
+          - .DEBIAN/requirements-ubuntu-23.10.txt
          - python:3.12-alpine  # EOL 2028-10
          - python:3.11-alpine  # EOL 2027-10
 #          - python:3.10-alpine  # EOL 2026-10 => ImportError: cannot import name 'UTC' from 'datetime'
 #          - python:3.9-alpine  # EOL 2025-10 => ImportError: cannot import name 'UTC' from 'datetime'
  before_script:
-    - apk --no-cache add openssl
+    - apt-get update && apt-get install -y python3-dev gcc
-    - python3 -m venv venv
+    - pip install -r $REQUIREMENTS
-    - source venv/bin/activate
+    - pip install pytest httpx
    - pip install --upgrade pip
    - pip install -r requirements.txt
    - pip install pytest pytest-cov pytest-custom_exit_code httpx
    - mkdir -p app/cert
    - openssl genrsa -out app/cert/instance.private.pem 2048
    - openssl rsa -in app/cert/instance.private.pem -outform PEM -pubout -out app/cert/instance.public.pem
@@ -158,26 +158,17 @@ test:python:
    - python -m pytest main.py --junitxml=report.xml
  artifacts:
    reports:
      dotenv: version.env
      junit: ['**/report.xml']
-test:apt:
+.test:linux:
  image: $IMAGE
  stage: test
  rules:
-    - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+    - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
      changes:
        - app/**/*
        - .DEBIAN/**/*
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
  parallel:
    matrix:
      - IMAGE:
          - debian:trixie-slim # EOL: t.b.a.
          - debian:bookworm-slim # EOL: June 06, 2026
          - debian:bookworm-slim # EOL: June 06, 2026
          - ubuntu:24.04 # EOL: April 2036
          - ubuntu:24.10
  needs:
    - job: build:apt
      artifacts: true
@@ -209,15 +200,22 @@ test:apt:
    - apt-get purge -qq -y fastapi-dls
    - apt-get autoremove -qq -y && apt-get clean -qq
-test:pacman:archlinux:
+test:debian:
  extends: .test:linux
  image: debian:bookworm-slim
 test:ubuntu:
  extends: .test:linux
  image: ubuntu:23.10
 test:archlinux:
  image: archlinux:base
  rules:
-    - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+    - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
      changes:
        - app/**/*
        - .PKGBUILD/**/*
-        - .gitlab-ci.yml
+    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
  needs:
    - job: build:pacman
      artifacts: true
@@ -251,7 +249,7 @@ semgrep-sast:
 test_coverage:
 #  extends: test
-  image: python:3.12-slim-bookworm
+  image: python:3.11-slim-bookworm
  allow_failure: true
  stage: test
  rules:
@@ -261,19 +259,19 @@ test_coverage:
  before_script:
    - apt-get update && apt-get install -y python3-dev gcc
    - pip install -r requirements.txt
-    - pip install pytest pytest-cov pytest-custom_exit_code httpx
+    - pip install pytest httpx
    - mkdir -p app/cert
    - openssl genrsa -out app/cert/instance.private.pem 2048
    - openssl rsa -in app/cert/instance.private.pem -outform PEM -pubout -out app/cert/instance.public.pem
    - cd test
  script:
-    - coverage run -m pytest main.py --junitxml=report.xml --suppress-no-test-exit-code
+    - pip install pytest pytest-cov
    - coverage run -m pytest main.py
    - coverage report
    - coverage xml
  coverage: '/(?i)total.*? (100(?:\.0+)?\%|[1-9]?\d(?:\.\d+)?\%)$/'
  artifacts:
    reports:
      junit: [ '**/report.xml' ]
      coverage_report:
        coverage_format: cobertura
        path: '**/coverage.xml'
@@ -292,12 +290,15 @@ gemnasium-python-dependency_scanning:
    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
 .deploy:
  rules:
    - if: $CI_COMMIT_TAG
 deploy:docker:
  extends: .deploy
  image: docker:dind
  stage: deploy
  tags: [ docker ]
  rules:
    - if: $CI_COMMIT_TAG
  before_script:
    - echo "Building docker image for commit $CI_COMMIT_SHA with version $CI_COMMIT_REF_NAME"
    - docker buildx inspect
@@ -316,10 +317,9 @@ deploy:docker:
 deploy:apt:
  # doc: https://git.collinwebdesigns.de/help/user/packages/debian_repository/index.md#install-a-package
  extends: .deploy
  image: debian:bookworm-slim
  stage: deploy
  rules:
    - if: $CI_COMMIT_TAG
  needs:
    - job: build:apt
      artifacts: true
@@ -356,10 +356,9 @@ deploy:apt:
    - 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file ${EXPORT_NAME} "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${PACKAGE_NAME}/${PACKAGE_VERSION}/${EXPORT_NAME}"'
 deploy:pacman:
  extends: .deploy
  image: archlinux:base-devel
  stage: deploy
  rules:
    - if: $CI_COMMIT_TAG
  needs:
    - job: build:pacman
      artifacts: true
@@ -380,7 +379,7 @@ deploy:pacman:
 release:
  image: registry.gitlab.com/gitlab-org/release-cli:latest
  stage: .post
-  needs: [ build:docker, build:apt, build:pacman ]
+  needs: [ test ]
  rules:
    - if: $CI_COMMIT_TAG
  script:
--- a/4
+++ b/4
@@ -1,4 +1,4 @@
-FROM python:3.12-alpine
+FROM python:3.11-alpine
 ARG VERSION
 ARG COMMIT=""
@@ -10,7 +10,7 @@ RUN apk update \
 && apk add --no-cache --virtual build-deps gcc g++ python3-dev musl-dev pkgconfig \
 && apk add --no-cache curl postgresql postgresql-dev mariadb-dev sqlite-dev \
 && pip install --no-cache-dir --upgrade uvicorn \
- && pip install --no-cache-dir psycopg2==2.9.10 mysqlclient==2.2.7 pysqlite3==0.5.4 \
+ && pip install --no-cache-dir psycopg2==2.9.6 mysqlclient==2.2.0 pysqlite3==0.5.1 \
 && pip install --no-cache-dir -r /tmp/requirements.txt \
 && apk del build-deps
--- a/FAQ.md
+++ b/FAQ.md
@@ -0,0 +1,17 @@
 # FAQ
 ## `Failed to acquire license from <ip> (Info: <license> - Error: The allowed time to process response has expired)`
 - Did your timezone settings are correct on fastapi-dls **and your guest**?
 - Did you download the client-token more than an hour ago?
 Please download a new client-token. The guest have to register within an hour after client-token was created.
 ## `jose.exceptions.JWTError: Signature verification failed.`
 - Did you recreated `instance.public.pem` / `instance.private.pem`?
 Then you have to download a **new** client-token on each of your guests.
--- a/README.md
+++ b/README.md
@@ -2,37 +2,22 @@
 Minimal Delegated License Service (DLS).
-> [!note] Compatibility
+Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0. For Driver compatibility see [here](#setup-client).
 > Compatibility tested with official NLS 2.0.1, 2.1.0, 3.1.0, 3.3.1, 3.4.0. For Driver compatibility
 > see [compatibility matrix](#vgpu-software-compatibility-matrix).
 > [!warning] 18.x Drivers are not yet supported!
 > Drivers are only supported until **17.x releases**.
 This service can be used without internet connection.
 Only the clients need a connection to this service on configured port.
 **Official Links**
-* https://git.collinwebdesigns.de/oscar.krause/fastapi-dls (Private Git)
+- https://git.collinwebdesigns.de/oscar.krause/fastapi-dls (Private Git)
-* https://gitea.publichub.eu/oscar.krause/fastapi-dls (Public Git)
+- https://gitea.publichub.eu/oscar.krause/fastapi-dls (Public Git)
-* https://hub.docker.com/r/collinwebdesigns/fastapi-dls (Docker-Hub `collinwebdesigns/fastapi-dls:latest`)
+- https://hub.docker.com/r/collinwebdesigns/fastapi-dls (Docker-Hub `collinwebdesigns/fastapi-dls:latest`)
 *All other repositories are forks! (which  is no bad - just for information and bug reports)*
 [Releases & Release Notes](https://git.collinwebdesigns.de/oscar.krause/fastapi-dls/-/releases)
 **Further Reading**
 * [NVIDIA vGPU Guide](https://gitlab.com/polloloco/vgpu-proxmox) - This document serves as a guide to install NVIDIA vGPU host drivers on the latest Proxmox VE version
 * [vgpu_unlock](https://github.com/DualCoder/vgpu_unlock) - Unlock vGPU functionality for consumer-grade Nvidia GPUs.
 * [vGPU_Unlock Wiki](https://docs.google.com/document/d/1pzrWJ9h-zANCtyqRgS7Vzla0Y8Ea2-5z2HEi4X75d2Q) - Guide for `vgpu_unlock`
 * [Proxmox 8 vGPU in VMs and LXC Containers](https://medium.com/@dionisievldulrincz/proxmox-8-vgpu-in-vms-and-lxc-containers-4146400207a3) - Install *Merged Drivers* for using in Proxmox VMs and LXCs
 * [Proxmox All-In-One Installer Script](https://wvthoog.nl/proxmox-vgpu-v3/) - Also known as `proxmox-installer.sh`
 ---
-[TOC]
+[[_TOC_]]
 # Setup (Service)
@@ -48,9 +33,6 @@ Tested with Ubuntu 22.10 (EOL!) (from Proxmox templates), actually its consuming
 - Make sure your timezone is set correct on you fastapi-dls server and your client
 This guide does not show how to install vGPU host drivers! Look at the official documentation packed with the driver
 releases.
 ## Docker
 Docker-Images are available here for Intel (x86), AMD (amd64) and ARM (arm64):
@@ -86,7 +68,7 @@ docker run -e DLS_URL=`hostname -i` -e DLS_PORT=443 -p 443:443 -v $WORKING_DIR:/
 See [`examples`](examples) directory for more advanced examples (with reverse proxy usage).
-> Adjust `REQUIRED` variables as needed
+> Adjust *REQUIRED* variables as needed
 ```yaml
 version: '3.9'
@@ -327,20 +309,18 @@ EOF
 Now you have to run `systemctl daemon-reload`. After that you can start service
 with `systemctl start fastapi-dls.service` and enable autostart with `systemctl enable fastapi-dls.service`.
-## Debian / Ubuntu (using `dpkg` / `apt`)
+## Debian/Ubuntu (using `dpkg`)
 Packages are available here:
 - [GitLab-Registry](https://git.collinwebdesigns.de/oscar.krause/fastapi-dls/-/packages)
-Successful tested with (**LTS Version**):
+Successful tested with:
- **Debian 12 (Bookworm)** (EOL: June 06, 2026)
+- Debian 12 (Bookworm)
- *Ubuntu 22.10 (Kinetic Kudu)* (EOL: July 20, 2023)
+- Ubuntu 22.10 (Kinetic Kudu) (EOL: July 20, 2023)
- *Ubuntu 23.04 (Lunar Lobster)* (EOL: January 2024)
+- Ubuntu 23.04 (Lunar Lobster) (EOL: January 2024)
- *Ubuntu 23.10 (Mantic Minotaur)* (EOL: July 2024)
+- Ubuntu 23.10 (Mantic Minotaur) (EOL: July 2024)
 - **Ubuntu 24.04 (Noble Numbat)** (EOL: Apr 2029)
 - *Ubuntu 24.10 (Oracular Oriole)* (EOL: Jul 2025)
 Not working with:
@@ -398,13 +378,6 @@ Now you have to edit `/etc/default/fastapi-dls` as needed.
 Continue [here](#unraid-guest) for docker guest setup.
 ## NixOS
 Tanks to [@mrzenc](https://github.com/mrzenc) for [fastapi-dls-nixos](https://github.com/mrzenc/fastapi-dls-nixos).
 > [!note] Native NixOS-Package
 > There is a [pull request](https://github.com/NixOS/nixpkgs/pull/358647) which adds fastapi-dls into nixpkgs.
 ## Let's Encrypt Certificate (optional)
 If you're using installation via docker, you can use `traefik`. Please refer to their documentation.
@@ -424,7 +397,7 @@ After first success you have to replace `--issue` with `--renew`.
 # Configuration
 | Variable               | Default                                | Usage                                                                                                |
-|--------------------------|----------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------|
+|------------------------|----------------------------------------|------------------------------------------------------------------------------------------------------|
 | `DEBUG`                | `false`                                | Toggles `fastapi` debug mode                                                                         |
 | `DLS_URL`              | `localhost`                            | Used in client-token to tell guest driver where dls instance is reachable                            |
 | `DLS_PORT`             | `443`                                  | Used in client-token to tell guest driver where dls instance is reachable                            |
@@ -443,16 +416,35 @@ After first success you have to replace `--issue` with `--renew`.
 every 4.8 hours. If network connectivity is lost, the loss of connectivity is detected during license renewal and the
 client has 19.2 hours in which to re-establish connectivity before its license expires.
-\*2 Always use `https`, since guest-drivers only support secure connections!
+\*3 Always use `https`, since guest-drivers only support secure connections!
-\*3 If you recreate your instance keys you need to **recreate client-token for each guest**!
+\*4 If you recreate instance keys you need to **recreate client-token for each guest**!
 # Setup (Client)
 **The token file has to be copied! It's not enough to C&P file contents, because there can be special characters.**
-This guide does not show how to install vGPU guest drivers! Look at the official documentation packed with the driver
+Successfully tested with this package versions:
-releases.
+
 | vGPU Suftware | Linux vGPU Manager | Linux Driver | Windows Driver | Release Date  |
 |---------------|--------------------|--------------|----------------|---------------|
 | `16.3`        | `535.154.02`       | `535.154.05` | `538.15`       | January 2024  |
 | `16.2`        | `535.129.03`       | `535.129.03` | `537.70`       | October 2023  |
 | `16.1`        | `535.104.06`       | `535.104.05` | `537.13`       | August 2023   |
 | `16.0`        | `535.54.06`        | `535.54.03`  | `536.22`       | July 2023     |
 | `15.3`        | `525.125.03`       | `525.125.06` | `529.11`       | June 2023     |
 | `15.2`        | `525.105.14`       | `525.105.17` | `528.89`       | March 2023    |
 | `15.1`        | `525.85.07`        | `525.85.05`  | `528.24`       | January 2023  |
 | `15.0`        | `525.60.12`        | `525.60.13`  | `527.41`       | December 2022 |
 | `14.4`        | `510.108.03`       | `510.108.03` | `514.08`       | December 2022 |
 | `14.3`        | `510.108.03`       | `510.108.03` | `513.91`       | November 2022 |
 - https://docs.nvidia.com/grid/index.html
 *To get the latest drivers, visit Nvidia or search in Discord-Channel `GPU Unlocking` (Server-ID: `829786927829745685`) on channel `licensing` `biggerthanshit` 
 https://archive.biggerthanshit.com/NVIDIA/ (nvidia / b1gg3rth4nsh1t)
 ## Linux
@@ -528,32 +520,33 @@ Done. For more information check [troubleshoot section](#troubleshoot).
 8. Set schedule to `At First Array Start Only`
 9. Click on Apply 
-# API Endpoints
+
 # Endpoints
 <details>
  <summary>show</summary>
-**`GET /`**
+### `GET /`
 Redirect to `/-/readme`.
-**`GET /-/health`**
+### `GET /-/health`
 Status endpoint, used for *healthcheck*.
-**`GET /-/config`**
+### `GET /-/config`
 Shows current runtime environment variables and their values.
-**`GET /-/readme`**
+### `GET /-/readme`
 HTML rendered README.md.
-**`GET /-/manage`**
+### `GET /-/manage`
 Shows a very basic UI to delete origins or leases.
-**`GET /-/origins?leases=false`**
+### `GET /-/origins?leases=false`
 List registered origins.
@@ -561,11 +554,11 @@ List registered origins.
 |-----------------|---------|--------------------------------------|
 | `leases`        | `false` | Include referenced leases per origin |
-**`DELETE /-/origins`**
+### `DELETE /-/origins`
 Deletes all origins and their leases.
-**`GET /-/leases?origin=false`**
+### `GET /-/leases?origin=false`
 List current leases.
@@ -573,20 +566,20 @@ List current leases.
 |-----------------|---------|-------------------------------------|
 | `origin`        | `false` | Include referenced origin per lease |
-**`DELETE /-/lease/{lease_ref}`**
+### `DELETE /-/lease/{lease_ref}`
 Deletes an lease.
-**`GET /-/client-token`**
+### `GET /-/client-token`
 Generate client token, (see [installation](#installation)).
-**Others**
+### Others
 There are many other internal api endpoints for handling authentication and lease process.
 </details>
-# Troubleshoot / Debug
+# Troubleshoot
 **Please make sure that fastapi-dls and your guests are on the same timezone!**
@@ -606,26 +599,11 @@ Logs are available in `C:\Users\Public\Documents\Nvidia\LoggingLog.NVDisplay.Con
 # Known Issues
 ## Generic
 ### `Failed to acquire license from <ip> (Info: <license> - Error: The allowed time to process response has expired)`
 - Did your timezone settings are correct on fastapi-dls **and your guest**?
 - Did you download the client-token more than an hour ago?
 Please download a new client-token. The guest have to register within an hour after client-token was created.
 ### `jose.exceptions.JWTError: Signature verification failed.`
 - Did you recreate `instance.public.pem` / `instance.private.pem`?
 Then you have to download a **new** client-token on each of your guests.
 ## Linux
-### Invalid HTTP request
+### `uvicorn.error:Invalid HTTP request received.`
-This error message: `uvicorn.error:Invalid HTTP request received.` can be ignored.
+This message can be ignored.
 - Ref. https://github.com/encode/uvicorn/issues/441
@@ -751,57 +729,12 @@ The error message can safely be ignored (since we have no license limitation :P)
 </details>
 # vGPU Software Compatibility Matrix
 **18.x Drivers are not supported on FastAPI-DLS Versions < 1.6.0**
 <details>
  <summary>Show Table</summary>
 Successfully tested with this package versions.
 | vGPU Suftware | Driver Branch | Linux vGPU Manager | Linux Driver | Windows Driver |  Release Date |      EOL Date |
 |:-------------:|:-------------:|--------------------|--------------|----------------|--------------:|--------------:|
 |    `17.5`     |     R550      | `550.144.02`       | `550.144.03` | `553.62`       |  January 2025 |     June 2025 |
 |    `17.4`     |     R550      | `550.127.06`       | `550.127.05` | `553.24`       |  October 2024 |               |
 |    `17.3`     |     R550      | `550.90.05`        | `550.90.07`  | `552.74`       |     July 2024 |               |
 |    `17.2`     |     R550      | `550.90.05`        | `550.90.07`  | `552.55`       |     June 2024 |               |
 |    `17.1`     |     R550      | `550.54.16`        | `550.54.15`  | `551.78`       |    March 2024 |               |
 |    `17.0`     |     R550      | `550.54.10`        | `550.54.14`  | `551.61`       | February 2024 |               |
 |    `16.9`     |     R535      | `535.230.02`       | `535.216.01` | `539.19`       |  October 2024 |     July 2026 |
 |    `16.8`     |     R535      | `535.216.01`       | `535.216.01` | `538.95`       |  October 2024 |               |
 |    `16.7`     |     R535      | `535.183.04`       | `535.183.06` | `538.78`       |     July 2024 |               |
 |    `16.6`     |     R535      | `535.183.04`       | `535.183.01` | `538.67`       |     June 2024 |               |
 |    `16.5`     |     R535      | `535.161.05`       | `535.161.08` | `538.46`       | February 2024 |               |
 |    `16.4`     |     R535      | `535.161.05`       | `535.161.07` | `538.33`       | February 2024 |               |
 |    `16.3`     |     R535      | `535.154.02`       | `535.154.05` | `538.15`       |  January 2024 |               |
 |    `16.2`     |     R535      | `535.129.03`       | `535.129.03` | `537.70`       |  October 2023 |               |
 |    `16.1`     |     R535      | `535.104.06`       | `535.104.05` | `537.13`       |   August 2023 |               |
 |    `16.0`     |     R535      | `535.54.06`        | `535.54.03`  | `536.22`       |     July 2023 |               |
 |    `15.4`     |     R525      | `525.147.01`       | `525.147.05` | `529.19`       |     June 2023 | December 2023 |
 |    `14.4`     |     R510      | `510.108.03`       | `510.108.03` | `514.08`       | December 2022 | February 2023 |
 </details>
 - https://docs.nvidia.com/grid/index.html
 - https://docs.nvidia.com/grid/gpus-supported-by-vgpu.html
 *To get the latest drivers, visit Nvidia or search in Discord-Channel `GPU Unlocking` (Server-ID: `829786927829745685`)
 on channel `licensing`
 # Credits
 Thanks to vGPU community and all who uses this project and report bugs.
-Special thanks to:
+Special thanks to 
- `samicrusader` who created build file for **ArchLinux**
+- @samicrusader who created build file for ArchLinux
- `cyrus` who wrote the section for **openSUSE**
+- @cyrus who wrote the section for openSUSE
- `midi` who wrote the section for **unRAID**
+- @midi who wrote the section for unRAID
 - `polloloco` who wrote the *[NVIDIA vGPU Guide](https://gitlab.com/polloloco/vgpu-proxmox)*
 - `DualCoder` who creates the `vgpu_unlock` functionality [vgpu_unlock](https://github.com/DualCoder/vgpu_unlock)
 - `Krutav Shah` who wrote the [vGPU_Unlock Wiki](https://docs.google.com/document/d/1pzrWJ9h-zANCtyqRgS7Vzla0Y8Ea2-5z2HEi4X75d2Q/)
 - `Wim van 't Hoog` for the [Proxmox All-In-One Installer Script](https://wvthoog.nl/proxmox-vgpu-v3/)
 - `mrzenc` who wrote [fastapi-dls-nixos](https://github.com/mrzenc/fastapi-dls-nixos)
 And thanks to all people who contributed to all these libraries!
--- a/app/main.py
+++ b/app/main.py
@@ -1,51 +1,51 @@
 import logging
 from base64 import b64encode as b64enc
 from calendar import timegm
 from contextlib import asynccontextmanager
 from datetime import datetime, timedelta, UTC
 from hashlib import sha256
 from json import loads as json_loads
 from os import getenv as env
 from os.path import join, dirname
 from uuid import uuid4
 from os.path import join, dirname
 from os import getenv as env
 from dateutil.relativedelta import relativedelta
 from dotenv import load_dotenv
 from fastapi import FastAPI
 from fastapi.requests import Request
 from json import loads as json_loads
 from datetime import datetime, timedelta
 from dateutil.relativedelta import relativedelta
 from calendar import timegm
 from jose import jws, jwk, jwt, JWTError
 from jose.constants import ALGORITHMS
 from starlette.middleware.cors import CORSMiddleware
 from starlette.responses import StreamingResponse, JSONResponse as JSONr, HTMLResponse as HTMLr, Response, RedirectResponse
 from sqlalchemy import create_engine
 from sqlalchemy.orm import sessionmaker
 from starlette.middleware.cors import CORSMiddleware
 from starlette.responses import StreamingResponse, JSONResponse as JSONr, Response, RedirectResponse
 from starlette.staticfiles import StaticFiles
 from starlette.templating import Jinja2Templates
 from util import load_key, load_file
 from orm import Origin, Lease, init as db_init, migrate
 from util import PrivateKey, PublicKey, load_file
 # Load variables
 load_dotenv('../version.env')
 # Get current timezone
 TZ = datetime.now().astimezone().tzinfo
 # Load basic variables
 VERSION, COMMIT, DEBUG = env('VERSION', 'unknown'), env('COMMIT', 'unknown'), bool(env('DEBUG', False))
-# Database connection
+config = dict(openapi_url=None, docs_url=None, redoc_url=None)  # dict(openapi_url='/-/openapi.json', docs_url='/-/docs', redoc_url='/-/redoc')
 app = FastAPI(title='FastAPI-DLS', description='Minimal Delegated License Service (DLS).', version=VERSION, **config)
 app.mount('/static', StaticFiles(directory=join(dirname(__file__), 'static'), html=True), name='static'),
 templates = Jinja2Templates(directory=join(dirname(__file__), 'templates'))
 db = create_engine(str(env('DATABASE', 'sqlite:///db.sqlite')))
 db_init(db), migrate(db)
-# Load DLS variables (all prefixed with "INSTANCE_*" is used as "SERVICE_INSTANCE_*" or "SI_*" in official dls service)
+# everything prefixed with "INSTANCE_*" is used as "SERVICE_INSTANCE_*" or "SI_*" in official dls service
 DLS_URL = str(env('DLS_URL', 'localhost'))
 DLS_PORT = int(env('DLS_PORT', '443'))
 SITE_KEY_XID = str(env('SITE_KEY_XID', '00000000-0000-0000-0000-000000000000'))
 INSTANCE_REF = str(env('INSTANCE_REF', '10000000-0000-0000-0000-000000000001'))
 ALLOTMENT_REF = str(env('ALLOTMENT_REF', '20000000-0000-0000-0000-000000000001'))
-INSTANCE_KEY_RSA = PrivateKey.from_file(str(env('INSTANCE_KEY_RSA', join(dirname(__file__), 'cert/instance.private.pem'))))
+INSTANCE_KEY_RSA = load_key(str(env('INSTANCE_KEY_RSA', join(dirname(__file__), 'cert/instance.private.pem'))))
-INSTANCE_KEY_PUB = PublicKey.from_file(str(env('INSTANCE_KEY_PUB', join(dirname(__file__), 'cert/instance.public.pem'))))
+INSTANCE_KEY_PUB = load_key(str(env('INSTANCE_KEY_PUB', join(dirname(__file__), 'cert/instance.public.pem'))))
 TOKEN_EXPIRE_DELTA = relativedelta(days=int(env('TOKEN_EXPIRE_DAYS', 1)), hours=int(env('TOKEN_EXPIRE_HOURS', 0)))
 LEASE_EXPIRE_DELTA = relativedelta(days=int(env('LEASE_EXPIRE_DAYS', 90)), hours=int(env('LEASE_EXPIRE_HOURS', 0)))
 LEASE_RENEWAL_PERIOD = float(env('LEASE_RENEWAL_PERIOD', 0.15))
@@ -53,44 +53,8 @@ LEASE_RENEWAL_DELTA = timedelta(days=int(env('LEASE_EXPIRE_DAYS', 90)), hours=in
 CLIENT_TOKEN_EXPIRE_DELTA = relativedelta(years=12)
 CORS_ORIGINS = str(env('CORS_ORIGINS', '')).split(',') if (env('CORS_ORIGINS')) else [f'https://{DLS_URL}']
-jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.pem(), algorithm=ALGORITHMS.RS256)
+jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256)
-jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.pem(), algorithm=ALGORITHMS.RS256)
+jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256)
 # Logging
 LOG_LEVEL = logging.DEBUG if DEBUG else logging.INFO
 logging.basicConfig(format='[{levelname:^7}] [{module:^15}] {message}', style='{')
 logger = logging.getLogger(__name__)
 logger.setLevel(LOG_LEVEL)
 logging.getLogger('util').setLevel(LOG_LEVEL)
 logging.getLogger('NV').setLevel(LOG_LEVEL)
 # FastAPI
@asynccontextmanager
 async def lifespan(_: FastAPI):
    # on startup
    logger.info(f'''
    Using timezone: {str(TZ)}. Make sure this is correct and match your clients!
    Your clients renew their license every {str(Lease.calculate_renewal(LEASE_RENEWAL_PERIOD, LEASE_RENEWAL_DELTA))}.
    If the renewal fails, the license is {str(LEASE_RENEWAL_DELTA)} valid.
    Your client-token file (.tok) is valid for {str(CLIENT_TOKEN_EXPIRE_DELTA)}.
    ''')
    logger.info(f'Debug is {"enabled" if DEBUG else "disabled"}.')
    yield
    # on shutdown
    logger.info(f'Shutting down ...')
 config = dict(openapi_url=None, docs_url=None, redoc_url=None)  # dict(openapi_url='/-/openapi.json', docs_url='/-/docs', redoc_url='/-/redoc')
 app = FastAPI(title='FastAPI-DLS', description='Minimal Delegated License Service (DLS).', version=VERSION, lifespan=lifespan, **config)
 app.mount('/static', StaticFiles(directory=join(dirname(__file__), 'static'), html=True), name='static')
 templates = Jinja2Templates(directory=join(dirname(__file__), 'templates'))
 app.debug = DEBUG
 app.add_middleware(
@@ -101,38 +65,17 @@ app.add_middleware(
    allow_headers=['*'],
 )
 logging.basicConfig()
 logger = logging.getLogger(__name__)
 logger.setLevel(logging.DEBUG if DEBUG else logging.INFO)
 # Helper
 def __get_token(request: Request) -> dict:
    authorization_header = request.headers.get('authorization')
    token = authorization_header.split(' ')[1]
    return jwt.decode(token=token, key=jwt_decode_key, algorithms=ALGORITHMS.RS256, options={'verify_aud': False})
 def __json_config() -> dict:
    return {
        'VERSION': str(VERSION),
        'COMMIT': str(COMMIT),
        'DEBUG': str(DEBUG),
        'DLS_URL': str(DLS_URL),
        'DLS_PORT': str(DLS_PORT),
        'SITE_KEY_XID': str(SITE_KEY_XID),
        'INSTANCE_REF': str(INSTANCE_REF),
        'ALLOTMENT_REF': [str(ALLOTMENT_REF)],
        'TOKEN_EXPIRE_DELTA': str(TOKEN_EXPIRE_DELTA),
        'LEASE_EXPIRE_DELTA': str(LEASE_EXPIRE_DELTA),
        'LEASE_RENEWAL_PERIOD': str(LEASE_RENEWAL_PERIOD),
        'CORS_ORIGINS': str(CORS_ORIGINS),
        'TZ': str(TZ),
        # static / calculated
        'LEASE_RENEWAL_DELTA': str(LEASE_RENEWAL_DELTA),
        'LEASE_CALCULATED_RENEWAL': str(Lease.calculate_renewal(LEASE_RENEWAL_PERIOD, LEASE_RENEWAL_DELTA)),
        'CLIENT_TOKEN_EXPIRE_DELTA': str(CLIENT_TOKEN_EXPIRE_DELTA),
    }
 # Endpoints
@app.get('/', summary='* Index')
 async def index():
    return RedirectResponse('/-/')
@@ -150,40 +93,50 @@ async def _health():
@app.get('/-/config', summary='* Config', description='returns environment variables.')
 async def _config():
-    return JSONr(__json_config())
+    return JSONr({
        'VERSION': str(VERSION),
        'COMMIT': str(COMMIT),
        'DEBUG': str(DEBUG),
        'DLS_URL': str(DLS_URL),
        'DLS_PORT': str(DLS_PORT),
        'SITE_KEY_XID': str(SITE_KEY_XID),
        'INSTANCE_REF': str(INSTANCE_REF),
        'ALLOTMENT_REF': [str(ALLOTMENT_REF)],
        'TOKEN_EXPIRE_DELTA': str(TOKEN_EXPIRE_DELTA),
        'LEASE_EXPIRE_DELTA': str(LEASE_EXPIRE_DELTA),
        'LEASE_RENEWAL_PERIOD': str(LEASE_RENEWAL_PERIOD),
        'CORS_ORIGINS': str(CORS_ORIGINS),
        'TZ': str(TZ),
    })
@app.get('/-/readme', summary='* Readme')
 async def _readme(request: Request):
    from markdown import markdown
-    content = load_file(join(dirname(__file__), '../README.md')).decode('utf-8')
+    content = load_file('../README.md').decode('utf-8')
    markdown = markdown(text=content, extensions=['tables', 'fenced_code', 'md_in_html', 'nl2br', 'toc'])
-    context = {'request': request, 'VERSION': VERSION, 'markdown': markdown }
+    context = {'request': request, 'markdown': markdown, 'VERSION': VERSION}
    return templates.TemplateResponse(name='views/dashboard_readme.html', context=context)
@app.get('/-/manage', summary='* Management UI')
 async def _manage(request: Request):
-    context = {'request': request, 'VERSION': VERSION}
+    return templates.TemplateResponse(name='views/manage.html', context={'request': request, 'VERSION': VERSION})
    return templates.TemplateResponse(name='views/manage.html', context=context)
@app.get('/-/dashboard', summary='* Dashboard')
 async def _dashboard(request: Request):
-    context = {'request': request, 'VERSION': VERSION, 'CONFIG': __json_config()}
+    return templates.TemplateResponse(name='views/dashboard.html', context={'request': request, 'VERSION': VERSION})
    return templates.TemplateResponse(name='views/dashboard.html', context=context)
@app.get('/-/dashboard/origins', summary='* Dashboard - Origins')
 async def _dashboard_origins(request: Request):
-    context = {'request': request, 'VERSION': VERSION}
+    return templates.TemplateResponse(name='views/dashboard_origins.html', context={'request': request, 'VERSION': VERSION})
    return templates.TemplateResponse(name='views/dashboard_origins.html', context=context)
@app.get('/-/dashboard/leases', summary='* Dashboard - Leases')
 async def _dashboard_origins(request: Request):
-    context = {'request': request, 'VERSION': VERSION}
+    return templates.TemplateResponse(name='views/dashboard_leases.html', context={'request': request, 'VERSION': VERSION})
    return templates.TemplateResponse(name='views/dashboard_leases.html', context=context)
@app.get('/-/origins', summary='* Origins')
@@ -251,7 +204,7 @@ async def _lease_delete(request: Request, lease_ref: str):
 # venv/lib/python3.9/site-packages/nls_core_service_instance/service_instance_token_manager.py
@app.get('/-/client-token', summary='* Client-Token', description='creates a new messenger token for this service instance')
 async def _client_token():
-    cur_time = datetime.now(UTC)
+    cur_time = datetime.utcnow()
    exp_time = cur_time + CLIENT_TOKEN_EXPIRE_DELTA
    payload = {
@@ -277,10 +230,10 @@ async def _client_token():
        },
        "service_instance_public_key_configuration": {
            "service_instance_public_key_me": {
-                "mod": hex(INSTANCE_KEY_PUB.raw().public_numbers().n)[2:],
+                "mod": hex(INSTANCE_KEY_PUB.public_key().n)[2:],
-                "exp": int(INSTANCE_KEY_PUB.raw().public_numbers().e),
+                "exp": int(INSTANCE_KEY_PUB.public_key().e),
            },
-            "service_instance_public_key_pem": INSTANCE_KEY_PUB.pem().decode('utf-8'),
+            "service_instance_public_key_pem": INSTANCE_KEY_PUB.export_key().decode('utf-8'),
            "key_retention_mode": "LATEST_ONLY"
        },
    }
@@ -297,10 +250,10 @@ async def _client_token():
 # venv/lib/python3.9/site-packages/nls_services_auth/test/test_origins_controller.py
@app.post('/auth/v1/origin', description='find or create an origin')
 async def auth_v1_origin(request: Request):
-    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC)
+    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
    origin_ref = j.get('candidate_origin_ref')
-    logger.info(f'> [  origin  ]: {origin_ref}: {j}')
+    logging.info(f'> [  origin  ]: {origin_ref}: {j}')
    data = Origin(
        origin_ref=origin_ref,
@@ -327,10 +280,10 @@ async def auth_v1_origin(request: Request):
 # venv/lib/python3.9/site-packages/nls_services_auth/test/test_origins_controller.py
@app.post('/auth/v1/origin/update', description='update an origin evidence')
 async def auth_v1_origin_update(request: Request):
-    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC)
+    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
    origin_ref = j.get('origin_ref')
-    logger.info(f'> [  update  ]: {origin_ref}: {j}')
+    logging.info(f'> [  update  ]: {origin_ref}: {j}')
    data = Origin(
        origin_ref=origin_ref,
@@ -354,10 +307,10 @@ async def auth_v1_origin_update(request: Request):
 # venv/lib/python3.9/site-packages/nls_core_auth/auth.py - CodeResponse
@app.post('/auth/v1/code', description='get an authorization code')
 async def auth_v1_code(request: Request):
-    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC)
+    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
    origin_ref = j.get('origin_ref')
-    logger.info(f'> [   code   ]: {origin_ref}: {j}')
+    logging.info(f'> [   code   ]: {origin_ref}: {j}')
    delta = relativedelta(minutes=15)
    expires = cur_time + delta
@@ -386,15 +339,15 @@ async def auth_v1_code(request: Request):
 # venv/lib/python3.9/site-packages/nls_core_auth/auth.py - TokenResponse
@app.post('/auth/v1/token', description='exchange auth code and verifier for token')
 async def auth_v1_token(request: Request):
-    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC)
+    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
    try:
-        payload = jwt.decode(token=j.get('auth_code'), key=jwt_decode_key, algorithms=ALGORITHMS.RS256)
+        payload = jwt.decode(token=j.get('auth_code'), key=jwt_decode_key)
    except JWTError as e:
        return JSONr(status_code=400, content={'status': 400, 'title': 'invalid token', 'detail': str(e)})
    origin_ref = payload.get('origin_ref')
-    logger.info(f'> [   auth   ]: {origin_ref}: {j}')
+    logging.info(f'> [   auth   ]: {origin_ref}: {j}')
    # validate the code challenge
    challenge = b64enc(sha256(j.get('code_verifier').encode('utf-8')).digest()).rstrip(b'=').decode('utf-8')
@@ -428,7 +381,7 @@ async def auth_v1_token(request: Request):
 # venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py
@app.post('/leasing/v1/lessor', description='request multiple leases (borrow) for current origin')
 async def leasing_v1_lessor(request: Request):
-    j, token, cur_time = json_loads((await request.body()).decode('utf-8')), __get_token(request), datetime.now(UTC)
+    j, token, cur_time = json_loads((await request.body()).decode('utf-8')), __get_token(request), datetime.utcnow()
    try:
        token = __get_token(request)
@@ -437,7 +390,7 @@ async def leasing_v1_lessor(request: Request):
    origin_ref = token.get('origin_ref')
    scope_ref_list = j.get('scope_ref_list')
-    logger.info(f'> [  create  ]: {origin_ref}: create leases for scope_ref_list {scope_ref_list}')
+    logging.info(f'> [  create  ]: {origin_ref}: create leases for scope_ref_list {scope_ref_list}')
    lease_result_list = []
    for scope_ref in scope_ref_list:
@@ -476,12 +429,12 @@ async def leasing_v1_lessor(request: Request):
 # venv/lib/python3.9/site-packages/nls_dal_service_instance_dls/schema/service_instance/V1_0_21__product_mapping.sql
@app.get('/leasing/v1/lessor/leases', description='get active leases for current origin')
 async def leasing_v1_lessor_lease(request: Request):
-    token, cur_time = __get_token(request), datetime.now(UTC)
+    token, cur_time = __get_token(request), datetime.utcnow()
    origin_ref = token.get('origin_ref')
    active_lease_list = list(map(lambda x: x.lease_ref, Lease.find_by_origin_ref(db, origin_ref)))
-    logger.info(f'> [  leases  ]: {origin_ref}: found {len(active_lease_list)} active leases')
+    logging.info(f'> [  leases  ]: {origin_ref}: found {len(active_lease_list)} active leases')
    response = {
        "active_lease_list": active_lease_list,
@@ -496,10 +449,10 @@ async def leasing_v1_lessor_lease(request: Request):
 # venv/lib/python3.9/site-packages/nls_core_lease/lease_single.py
@app.put('/leasing/v1/lease/{lease_ref}', description='renew a lease')
 async def leasing_v1_lease_renew(request: Request, lease_ref: str):
-    token, cur_time = __get_token(request), datetime.now(UTC)
+    token, cur_time = __get_token(request), datetime.utcnow()
    origin_ref = token.get('origin_ref')
-    logger.info(f'> [  renew   ]: {origin_ref}: renew {lease_ref}')
+    logging.info(f'> [  renew   ]: {origin_ref}: renew {lease_ref}')
    entity = Lease.find_by_origin_ref_and_lease_ref(db, origin_ref, lease_ref)
    if entity is None:
@@ -523,10 +476,10 @@ async def leasing_v1_lease_renew(request: Request, lease_ref: str):
 # venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_single_controller.py
@app.delete('/leasing/v1/lease/{lease_ref}', description='release (return) a lease')
 async def leasing_v1_lease_delete(request: Request, lease_ref: str):
-    token, cur_time = __get_token(request), datetime.now(UTC)
+    token, cur_time = __get_token(request), datetime.utcnow()
    origin_ref = token.get('origin_ref')
-    logger.info(f'> [  return  ]: {origin_ref}: return {lease_ref}')
+    logging.info(f'> [  return  ]: {origin_ref}: return {lease_ref}')
    entity = Lease.find_by_lease_ref(db, lease_ref)
    if entity.origin_ref != origin_ref:
@@ -549,13 +502,13 @@ async def leasing_v1_lease_delete(request: Request, lease_ref: str):
 # venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py
@app.delete('/leasing/v1/lessor/leases', description='release all leases')
 async def leasing_v1_lessor_lease_remove(request: Request):
-    token, cur_time = __get_token(request), datetime.now(UTC)
+    token, cur_time = __get_token(request), datetime.utcnow()
    origin_ref = token.get('origin_ref')
    released_lease_list = list(map(lambda x: x.lease_ref, Lease.find_by_origin_ref(db, origin_ref)))
    deletions = Lease.cleanup(db, origin_ref)
-    logger.info(f'> [  remove  ]: {origin_ref}: removed {deletions} leases')
+    logging.info(f'> [  remove  ]: {origin_ref}: removed {deletions} leases')
    response = {
        "released_lease_list": released_lease_list,
@@ -569,7 +522,7 @@ async def leasing_v1_lessor_lease_remove(request: Request):
@app.post('/leasing/v1/lessor/shutdown', description='shutdown all leases')
 async def leasing_v1_lessor_shutdown(request: Request):
-    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.now(UTC)
+    j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
    token = j.get('token')
    token = jwt.decode(token=token, key=jwt_decode_key, algorithms=ALGORITHMS.RS256, options={'verify_aud': False})
@@ -577,7 +530,7 @@ async def leasing_v1_lessor_shutdown(request: Request):
    released_lease_list = list(map(lambda x: x.lease_ref, Lease.find_by_origin_ref(db, origin_ref)))
    deletions = Lease.cleanup(db, origin_ref)
-    logger.info(f'> [ shutdown ]: {origin_ref}: removed {deletions} leases')
+    logging.info(f'> [ shutdown ]: {origin_ref}: removed {deletions} leases')
    response = {
        "released_lease_list": released_lease_list,
@@ -589,6 +542,18 @@ async def leasing_v1_lessor_shutdown(request: Request):
    return JSONr(response)
@app.on_event('startup')
 async def app_on_startup():
    logger.info(f'''
    Using timezone: {str(TZ)}. Make sure this is correct and match your clients!
    Your clients renew their license every {str(Lease.calculate_renewal(LEASE_RENEWAL_PERIOD, LEASE_RENEWAL_DELTA))}.
    If the renewal fails, the license is {str(LEASE_RENEWAL_DELTA)} valid.
    Your client-token file (.tok) is valid for {str(CLIENT_TOKEN_EXPIRE_DELTA)}.
    ''')
 if __name__ == '__main__':
    import uvicorn
@@ -600,7 +565,7 @@ if __name__ == '__main__':
    #
    ###
-    logger.info(f'> Starting dev-server ...')
+    logging.info(f'> Starting dev-server ...')
    ssl_keyfile = join(dirname(__file__), 'cert/webserver.key')
    ssl_certfile = join(dirname(__file__), 'cert/webserver.crt')
--- a/app/orm.py
+++ b/app/orm.py
@@ -1,12 +1,10 @@
-from datetime import datetime, timedelta, timezone, UTC
+from datetime import datetime, timedelta, timezone
 from dateutil.relativedelta import relativedelta
 from sqlalchemy import Column, VARCHAR, CHAR, ForeignKey, DATETIME, update, and_, inspect, text
 from sqlalchemy.engine import Engine
 from sqlalchemy.orm import sessionmaker, declarative_base
 from util import DriverMatrix
 Base = declarative_base()
@@ -25,8 +23,6 @@ class Origin(Base):
        return f'Origin(origin_ref={self.origin_ref}, hostname={self.hostname})'
    def serialize(self) -> dict:
        _ = DriverMatrix().find(self.guest_driver_version)
        return {
            'origin_ref': self.origin_ref,
            # 'service_instance_xid': self.service_instance_xid,
@@ -34,7 +30,6 @@ class Origin(Base):
            'guest_driver_version': self.guest_driver_version,
            'os_platform': self.os_platform,
            'os_version': self.os_version,
            '$driver': _ if _ is not None else None,
        }
    @staticmethod
@@ -178,7 +173,7 @@ class Lease(Base):
    @staticmethod
    def delete_expired(engine: Engine) -> int:
        session = sessionmaker(bind=engine)()
-        deletions = session.query(Lease).filter(Lease.lease_expires <= datetime.now(UTC)).delete()
+        deletions = session.query(Lease).filter(Lease.lease_expires <= datetime.utcnow()).delete()
        session.commit()
        session.close()
        return deletions
--- a/app/static/assets/css/bootstrap-icons.min.css
+++ b/app/static/assets/css/bootstrap-icons.min.css
--- a/app/static/assets/css/bootstrap.min.css
+++ b/app/static/assets/css/bootstrap.min.css
--- a/app/static/assets/fonts/bootstrap-icons.woff
+++ b/app/static/assets/fonts/bootstrap-icons.woff
--- a/app/static/assets/fonts/bootstrap-icons.woff2
+++ b/app/static/assets/fonts/bootstrap-icons.woff2
--- a/app/static/assets/js/bootstrap.min.js
+++ b/app/static/assets/js/bootstrap.min.js
--- a/app/static/assets/js/helper.js
+++ b/app/static/assets/js/helper.js
@@ -33,12 +33,11 @@ async function fetchOriginsWithLeases(element) {
            let tbody = document.createElement('thead');
            x.sort((a, b) => a.hostname.localeCompare(b.hostname)).forEach((o) => {
                let row = document.createElement('tr');
                const branchVersion= o.$driver ? `(<code>${o.$driver.branch_version}</code>) ` : ''
                row.innerHTML = `
                        <td><code>${o.origin_ref}</code></td>
                        <td>${o.hostname}</td>
                        <td>${o.os_platform} (${o.os_version})</td>
-                        <td>${branchVersion}<code>${o.guest_driver_version}</code></td>
+                        <td>${o.guest_driver_version}</td>
                        <td>${o.leases.map(x => `<code title="expires: ${x.lease_expires}">${x.lease_ref}</code>`).join(', ')}</td>`
                tbody.appendChild(row);
            })
--- a/app/templates/components/sidebar.html
+++ b/app/templates/components/sidebar.html
@@ -8,50 +8,15 @@
            </li>
             <li class="nav-item">
                <a class="nav-link {{ 'active' if request.url.path == '/-/dashboard/origins' }}" aria-current="page" href="/-/dashboard/origins">
-                    <i class="bi-pc-display-horizontal"></i> Origins <span id="origin-cnt" class="badge text-bg-secondary"></span>
+                    <i class="bi-pc-display-horizontal"></i> Origins
                </a>
            </li>
            <li class="nav-item">
                <a class="nav-link {{ 'active' if request.url.path == '/-/dashboard/leases' }}" aria-current="page" href="/-/dashboard/leases">
-                    <i class="bi-layers"></i> Leases <span id="lease-cnt" class="badge text-bg-secondary"></span>
+                    <i class="bi-layers"></i> Leases
                </a>
            </li>
        </ul>
        <script type="application/javascript">
            function loadLOriginCnt() {
                let xhr = new XMLHttpRequest();
                xhr.open("GET", '/-/origins?leases=false', true);
                xhr.onreadystatechange = function () {
                    if (xhr.readyState === XMLHttpRequest.DONE && xhr.status === 200) {
                        const x = JSON.parse(xhr.response)
                        document.getElementById('origin-cnt').innerHTML = x.length
                    }
                };
                xhr.send();
            }
            function loadLeaseCnt() {
                let xhr = new XMLHttpRequest();
                xhr.open("GET", '/-/leases?origin=false', true);
                xhr.onreadystatechange = function () {
                    if (xhr.readyState === XMLHttpRequest.DONE && xhr.status === 200) {
                        const x = JSON.parse(xhr.response)
                        document.getElementById('lease-cnt').innerHTML = x.length
                    }
                };
                xhr.send();
            }
            // load initial
            loadLOriginCnt()
            loadLeaseCnt()
            // refresh every 5 seconds
            setInterval(() => {
                loadLOriginCnt()
                loadLeaseCnt()
            }, 5000);
        </script>
        <h6 class="sidebar-heading d-flex justify-content-between align-items-center px-3 mt-4 mb-1 text-muted text-uppercase">
            <span>Help</span>
--- a/app/templates/views/dashboard.html
+++ b/app/templates/views/dashboard.html
@@ -29,27 +29,8 @@
        </div>
    </div>
    <div class="card mb-4">
        <div class="card-body">
            <h5 class="card-title">Configuration</h5>
            <h6 class="card-subtitle mb-2 text-body-secondary">
                Using timezone: {{ CONFIG.TZ }}. Make sure this is correct and match your clients!
            </h6>
            <p class="card-text">
                Your clients renew their license every {{ CONFIG.LEASE_CALCULATED_RENEWAL }}.<br/>
                If the renewal fails, the license is {{ CONFIG.LEASE_RENEWAL_DELTA }} valid.<br/>
                <br/>
                Your client-token file (.tok) is valid for {{ CONFIG.CLIENT_TOKEN_EXPIRE_DELTA }}.
            </p>
        </div>
    </div>
    <div class="card">
        <div class="card-body">
    <pre id="config"></pre>
 </div>
    </div>
 </div>
 {% endblock %}
 {% block scripts %}
--- a/app/templates/views/dashboard_leases.html
+++ b/app/templates/views/dashboard_leases.html
@@ -18,10 +18,9 @@
                    </button>
                </div>
-                <button type="button" class="btn btn-sm btn-outline-secondary me-2" onclick="load()" title="refresh">
+                <button type="button" class="btn btn-sm btn-outline-secondary" onclick="load()" title="refresh">
                    <i class="bi bi-arrow-clockwise"></i>
                </button>
                <button id="btn-auto-refresh" type="button" class="btn btn-sm active">auto-refresh</button>
            </div>
        </div>
@@ -32,29 +31,11 @@
 {% block scripts %}
 {{ super() }}
 <script type="application/javascript">
    let autoRefresh = true
    function load() {
        const leases = document.getElementById('leases')
        fetchLeases(leases)
    }
    load()
    setInterval(() => {
        if(autoRefresh)
            load()
    }, 5000);
    const btnAutoRefresh = document.getElementById('btn-auto-refresh')
    btnAutoRefresh.addEventListener("click", () => {
        if(btnAutoRefresh.classList.contains('active')) {
            autoRefresh = false
            btnAutoRefresh.classList.remove('active')
        } else {
            autoRefresh = false
            btnAutoRefresh.classList.add('active')
        }
    }, true);
 </script>
 {% endblock %}
--- a/app/templates/views/dashboard_origins.html
+++ b/app/templates/views/dashboard_origins.html
@@ -21,10 +21,9 @@
                    </button>
                </div>
-                <button type="button" class="btn btn-sm btn-outline-secondary me-2" onclick="load()" title="refresh">
+                <button type="button" class="btn btn-sm btn-outline-secondary" onclick="load()" title="refresh">
                    <i class="bi bi-arrow-clockwise"></i>
                </button>
                <button id="btn-auto-refresh" type="button" class="btn btn-sm active">auto-refresh</button>
            </div>
        </div>
@@ -35,8 +34,6 @@
 {% block scripts %}
 {{ super() }}
    <script type="application/javascript">
        let autoRefresh = true
        function load() {
            const origins = document.getElementById('origins')
            fetchOriginsWithLeases(origins)
@@ -50,21 +47,5 @@
            if (response)
                deleteOrigins().finally(() => load())
        }
        setInterval(() => {
            if(autoRefresh)
                load()
        }, 5000);
        const btnAutoRefresh = document.getElementById('btn-auto-refresh')
        btnAutoRefresh.addEventListener("click", () => {
            if(btnAutoRefresh.classList.contains('active')) {
                autoRefresh = false
                btnAutoRefresh.classList.remove('active')
            } else {
                autoRefresh = false
                btnAutoRefresh.classList.add('active')
            }
        }, true);
    </script>
 {% endblock %}
--- a/app/util.py
+++ b/app/util.py
@@ -1,132 +1,28 @@
-import logging
+def load_file(filename) -> bytes:
 from json import load as json_load
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey, RSAPublicKey, generate_private_key
 from cryptography.hazmat.primitives.serialization import load_pem_private_key, load_pem_public_key
 logging.basicConfig()
 def load_file(filename: str) -> bytes:
    log = logging.getLogger(f'{__name__}')
    log.debug(f'Loading contents of file "{filename}')
    with open(filename, 'rb') as file:
        content = file.read()
    return content
-class PrivateKey:
+def load_key(filename) -> "RsaKey":
    def __init__(self, data: bytes):
        self.__key = load_pem_private_key(data, password=None)
    @staticmethod
    def from_file(filename: str) -> "PrivateKey":
        log = logging.getLogger(__name__)
        log.debug(f'Importing RSA-Private-Key from "{filename}"')
        with open(filename, 'rb') as f:
            data = f.read()
        return PrivateKey(data=data.strip())
    def raw(self) -> RSAPrivateKey:
        return self.__key
    def pem(self) -> bytes:
        return self.__key.private_bytes(
            encoding=serialization.Encoding.PEM,
            format=serialization.PrivateFormat.TraditionalOpenSSL,
            encryption_algorithm=serialization.NoEncryption()
        )
    def public_key(self) -> "PublicKey":
        data = self.__key.public_key().public_bytes(
            encoding=serialization.Encoding.PEM,
            format=serialization.PublicFormat.SubjectPublicKeyInfo
        )
        return PublicKey(data=data)
    @staticmethod
    def generate(public_exponent: int = 65537, key_size: int = 2048) -> "PrivateKey":
        log = logging.getLogger(__name__)
        log.debug(f'Generating RSA-Key')
        key = generate_private_key(public_exponent=public_exponent, key_size=key_size)
        data = key.private_bytes(
            encoding=serialization.Encoding.PEM,
            format=serialization.PrivateFormat.TraditionalOpenSSL,
            encryption_algorithm=serialization.NoEncryption()
        )
        return PrivateKey(data=data)
 class PublicKey:
    def __init__(self, data: bytes):
        self.__key = load_pem_public_key(data)
    @staticmethod
    def from_file(filename: str) -> "PublicKey":
        log = logging.getLogger(__name__)
        log.debug(f'Importing RSA-Public-Key from "{filename}"')
        with open(filename, 'rb') as f:
            data = f.read()
        return PublicKey(data=data.strip())
    def raw(self) -> RSAPublicKey:
        return self.__key
    def pem(self) -> bytes:
        return self.__key.public_bytes(
            encoding=serialization.Encoding.PEM,
            format=serialization.PublicFormat.SubjectPublicKeyInfo
        )
 class DriverMatrix:
    __DRIVER_MATRIX_FILENAME = 'static/driver_matrix.json'
    __DRIVER_MATRIX: None | dict = None  # https://docs.nvidia.com/grid/ => "Driver Versions"
    def __init__(self):
        self.log = logging.getLogger(self.__class__.__name__)
        if DriverMatrix.__DRIVER_MATRIX is None:
            self.__load()
    def __load(self):
    try:
-            file = open(DriverMatrix.__DRIVER_MATRIX_FILENAME)
+        # Crypto | Cryptodome on Debian
-            DriverMatrix.__DRIVER_MATRIX = json_load(file)
+        from Crypto.PublicKey import RSA
-            file.close()
+        from Crypto.PublicKey.RSA import RsaKey
-            self.log.debug(f'Successfully loaded "{DriverMatrix.__DRIVER_MATRIX_FILENAME}".')
+    except ModuleNotFoundError:
-        except Exception as e:
+        from Cryptodome.PublicKey import RSA
-            DriverMatrix.__DRIVER_MATRIX = {}  # init empty dict to not try open file everytime, just when restarting app
+        from Cryptodome.PublicKey.RSA import RsaKey
            # self.log.warning(f'Failed to load "{NV.__DRIVER_MATRIX_FILENAME}": {e}')
-    @staticmethod
+    return RSA.import_key(extern_key=load_file(filename), passphrase=None)
    def find(version: str) -> dict | None:
        if DriverMatrix.__DRIVER_MATRIX is None:
            return None
        for idx, (key, branch) in enumerate(DriverMatrix.__DRIVER_MATRIX.items()):
            for release in branch.get('$releases'):
                linux_driver = release.get('Linux Driver')
                windows_driver = release.get('Windows Driver')
                if version == linux_driver or version == windows_driver:
                    tmp = branch.copy()
                    tmp.pop('$releases')
                    is_latest = release.get('vGPU Software') == branch.get('Latest Release in Branch')
-                    return {
+def generate_key() -> "RsaKey":
-                        'software_branch': branch.get('vGPU Software Branch'),
+    try:
-                        'branch_version': release.get('vGPU Software'),
+        # Crypto | Cryptodome on Debian
-                        'driver_branch': branch.get('Driver Branch'),
+        from Crypto.PublicKey import RSA
-                        'branch_status': branch.get('vGPU Branch Status'),
+        from Crypto.PublicKey.RSA import RsaKey
-                        'release_date': release.get('Release Date'),
+    except ModuleNotFoundError:
-                        'eol': branch.get('EOL Date') if is_latest else None,
+        from Cryptodome.PublicKey import RSA
-                        'is_latest': is_latest,
+        from Cryptodome.PublicKey.RSA import RsaKey
-                    }
+
-        return None
+    return RSA.generate(bits=2048)
--- a/doc/Database.md
+++ b/doc/Database.md
@@ -0,0 +1,26 @@
 # Database structure
 ## `request_routing.service_instance`
 | xid                                    | org_name                 |
 |----------------------------------------|--------------------------|
 | `10000000-0000-0000-0000-000000000000` | `lic-000000000000000000` |
 - `xid` is used as `SERVICE_INSTANCE_XID`
 ## `request_routing.license_allotment_service_instance`
 | xid                                    | service_instance_xid                   | license_allotment_xid                  |
 |----------------------------------------|----------------------------------------|----------------------------------------|
 | `90000000-0000-0000-0000-000000000001` | `10000000-0000-0000-0000-000000000000` | `80000000-0000-0000-0000-000000000001` |
 - `xid` is only a primary-key and never used as foreign-key or reference
 - `license_allotment_xid` must be used to fetch `xid`'s from `request_routing.license_allotment_reference`
 ## `request_routing.license_allotment_reference`
 | xid                                    | license_allotment_xid                  |
 |----------------------------------------|----------------------------------------|
 | `20000000-0000-0000-0000-000000000001` | `80000000-0000-0000-0000-000000000001` | 
 - `xid` is used as `scope_ref_list` on token request
--- a/doc/Reverse
+++ b/doc/Reverse
@@ -0,0 +1,177 @@
 # Reverse Engineering Notes
 # Usefully commands
 ## Check licensing status
 - `nvidia-smi -q | grep "License"`
 **Output**
 ```
 vGPU Software Licensed Product
        License Status                    : Licensed (Expiry: 2023-1-14 12:59:52 GMT)
 ```
 ## Track licensing progress
 - NVIDIA Grid Log: `journalctl -u nvidia-gridd -f`
 ```
 systemd[1]: Started NVIDIA Grid Daemon.
 nvidia-gridd[2986]: Configuration parameter ( ServerAddress  ) not set
 nvidia-gridd[2986]: vGPU Software package (0)
 nvidia-gridd[2986]: Ignore service provider and node-locked licensing
 nvidia-gridd[2986]: NLS initialized
 nvidia-gridd[2986]: Acquiring license. (Info: license.nvidia.space; NVIDIA RTX Virtual Workstation)
 nvidia-gridd[2986]: License acquired successfully. (Info: license.nvidia.space, NVIDIA RTX Virtual Workstation; Expiry: 2023-1-29 22:3:0 GMT)
 ```
 # DLS-Container File-System (Docker)
 ## Configuration data
 Most variables and configs are stored in `/var/lib/docker/volumes/configurations/_data`.
 Files can be modified with `docker cp <container-id>:/venv/... /opt/localfile/...` and back.
 (May you need to fix permissions with `docker exec -u 0 <container-id> chown nonroot:nonroot /venv/...`)
 ## Dive / Docker image inspector
 - `dive dls:appliance`
 The source code is stored in `/venv/lib/python3.9/site-packages/nls_*`.
 Image-Reference:
 ```
 Tags:   (unavailable)
 Id:     d1c7976a5d2b3681ff6c5a30f8187e4015187a83f3f285ba4a37a45458bd6b98
 Digest: sha256:311223c5af7a298ec1104f5dc8c3019bfb0e1f77256dc3d995244ffb295a97
 1f
 Command:
 #(nop) ADD file:c1900d3e3a29c29a743a8da86c437006ec5d2aa873fb24e48033b6bf492bb37b in /
 ```
 ## Private Key (Site-Key)
 - `/etc/dls/config/decryptor/decryptor`
 ```shell
 docker exec -it <container-id> /etc/dls/config/decryptor/decryptor > /tmp/private-key.pem
 ```
 ```
 -----BEGIN RSA PRIVATE KEY-----
 ...
 -----END RSA PRIVATE KEY-----
 ``` 
 ## Site Key Uri - `/etc/dls/config/site_key_uri.bin`
 ```
 base64-content...
 ```
 ## DB Password - `/etc/dls/config/dls_db_password.bin`
 ```
 base64-content...
 ```
 **Decrypt database password**
 ```
 cd /var/lib/docker/volumes/configurations/_data
 cat dls_db_password.bin | base64 -d > dls_db_password.bin.raw
 openssl rsautl -decrypt -inkey /tmp/private-key.pem -in dls_db_password.bin.raw
 ```
 # Database
 - It's enough to manipulate database licenses. There must not be changed any line of code to bypass licensing
  validations.
 # Logging / Stack Trace
 - https://docs.nvidia.com/license-system/latest/nvidia-license-system-user-guide/index.html#troubleshooting-dls-instance
 **Failed licensing log**
 ```
 {
    "activity": 100,
    "context": {
        "SERVICE_INSTANCE_ID": "b43d6e46-d6d0-4943-8b8d-c66a5f6e0d38",
        "SERVICE_INSTANCE_NAME": "DEFAULT_2022-12-14_12:48:30",
        "description": "borrow failed: NotFoundError(no pool features found for: NVIDIA RTX Virtual Workstation)",
        "event_type": null,
        "function_name": "_evt",
        "lineno": 54,
        "module_name": "nls_dal_lease_dls.event",
        "operation_id": "e72a8ca7-34cc-4e11-b80c-273592085a24",
        "origin_ref": "3f7f5a50-a26b-425b-8d5e-157f63e72b1c",
        "service_name": "nls_services_lease"
    },
    "detail": {
        "oc": {
            "license_allotment_xid": "10c4317f-7c4c-11ed-a524-0e4252a7e5f1",
            "origin_ref": "3f7f5a50-a26b-425b-8d5e-157f63e72b1c",
            "service_instance_xid": "b43d6e46-d6d0-4943-8b8d-c66a5f6e0d38"
        },
        "operation_id": "e72a8ca7-34cc-4e11-b80c-273592085a24"
    },
    "id": "0cc9e092-3b92-4652-8d9e-7622ef85dc79",
    "metadata": {},
    "ts": "2022-12-15T10:25:36.827661Z"
 }
 {
    "activity": 400,
    "context": {
        "SERVICE_INSTANCE_ID": "b43d6e46-d6d0-4943-8b8d-c66a5f6e0d38",
        "SERVICE_INSTANCE_NAME": "DEFAULT_2022-12-14_12:48:30",
        "description": "lease_multi_create failed: no pool features found for: NVIDIA RTX Virtual Workstation",
        "event_by": "system",
        "function_name": "lease_multi_create",
        "level": "warning",
        "lineno": 157,
        "module_name": "nls_services_lease.controllers.lease_multi_controller",
        "operation_id": "e72a8ca7-34cc-4e11-b80c-273592085a24",
        "service_name": "nls_services_lease"
    },
    "detail": {
        "_msg": "lease_multi_create failed: no pool features found for: NVIDIA RTX Virtual Workstation",
        "exec_info": ["NotFoundError", "NotFoundError(no pool features found for: NVIDIA RTX Virtual Workstation)", "  File \"/venv/lib/python3.9/site-packages/nls_services_lease/controllers/lease_multi_controller.py\", line 127, in lease_multi_create\n    data = _leaseMulti.lease_multi_create(event_args)\n  File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 208, in lease_multi_create\n    raise e\n  File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 184, in lease_multi_create\n    self._try_proposals(oc, mlr, results, detail)\n  File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 219, in _try_proposals\n    lease = self._leases.create(creator)\n  File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 230, in create\n    features = self._get_features(creator)\n  File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 148, in _get_features\n    self._explain_not_available(cur, creator)\n  File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 299, in _explain_not_available\n    raise NotFoundError(f'no pool features found for: {lcc.product_name}')\n"],
        "operation_id": "e72a8ca7-34cc-4e11-b80c-273592085a24"
    },
    "id": "282801b9-d612-40a5-9145-b56d8e420dac",
    "metadata": {},
    "ts": "2022-12-15T10:25:36.831673Z"
 }
 ```
 **Stack Trace**
 ```
 "NotFoundError", "NotFoundError(no pool features found for: NVIDIA RTX Virtual Workstation)", "  File \"/venv/lib/python3.9/site-packages/nls_services_lease/controllers/lease_multi_controller.py\", line 127, in lease_multi_create
    data = _leaseMulti.lease_multi_create(event_args)
  File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 208, in lease_multi_create
    raise e
  File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 184, in lease_multi_create
    self._try_proposals(oc, mlr, results, detail)
  File \"/venv/lib/python3.9/site-packages/nls_core_lease/lease_multi.py\", line 219, in _try_proposals
    lease = self._leases.create(creator)
  File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 230, in create
    features = self._get_features(creator)
  File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 148, in _get_features
    self._explain_not_available(cur, creator)
  File \"/venv/lib/python3.9/site-packages/nls_dal_lease_dls/leases.py\", line 299, in _explain_not_available
    raise NotFoundError(f'no pool features found for: {lcc.product_name}')
 "
 ```
 # Nginx
 - NGINX uses `/opt/certs/cert.pem` and `/opt/certs/key.pem`  
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,9 +1,9 @@
-fastapi==0.115.12
+fastapi==0.110.0
-uvicorn[standard]==0.34.1
+uvicorn[standard]==0.27.1
-python-jose[cryptography]==3.4.0
+python-jose==3.3.0
-cryptography==44.0.2
+pycryptodome==3.20.0
-python-dateutil==2.9.0
+python-dateutil==2.8.2
-sqlalchemy==2.0.40
+sqlalchemy==2.0.27
-markdown==3.8
+markdown==3.5.2
-python-dotenv==1.1.0
+python-dotenv==1.0.1
 jinja2==3.1.3
--- a/test/create_driver_matrix_json.py
+++ b/test/create_driver_matrix_json.py
@@ -1,123 +0,0 @@
 import logging
 logging.basicConfig()
 logger = logging.getLogger(__name__)
 logger.setLevel(logging.INFO)
 URL = 'https://docs.nvidia.com/vgpu/index.html'
 BRANCH_STATUS_KEY = 'vGPU Branch Status'
 VGPU_KEY, GRID_KEY, DRIVER_BRANCH_KEY = 'vGPU Software', 'vGPU Software', 'Driver Branch'
 LINUX_VGPU_MANAGER_KEY, LINUX_DRIVER_KEY = 'Linux vGPU Manager', 'Linux Driver'
 WINDOWS_VGPU_MANAGER_KEY, WINDOWS_DRIVER_KEY = 'Windows vGPU Manager', 'Windows Driver'
 ALT_VGPU_MANAGER_KEY = 'vGPU Manager'
 RELEASE_DATE_KEY, LATEST_KEY, EOL_KEY = 'Release Date', 'Latest Release in Branch', 'EOL Date'
 JSON_RELEASES_KEY = '$releases'
 def __driver_versions(html: 'BeautifulSoup'):
    def __strip(_: str) -> str:
        # removes content after linebreak (e.g. "Hello\n World" to "Hello")
        _ = _.strip()
        tmp = _.split('\n')
        if len(tmp) > 0:
            return tmp[0]
        return _
    # find wrapper for "DriverVersions" and find tables
    data = html.find('div', {'id': 'driver-versions'})
    items = data.find_all('bsp-accordion', {'class': 'Accordion-items-item'})
    for item in items:
        software_branch = item.find('div', {'class': 'Accordion-items-item-title'}).text.strip()
        software_branch = software_branch.replace(' Releases', '')
        matrix_key = software_branch.lower()
        branch_status = item.find('a', href=True, string='Branch status')
        branch_status = branch_status.next_sibling.replace(':', '').strip()
        # driver version info from table-heads (ths) and table-rows (trs)
        table = item.find('table')
        ths, trs = table.find_all('th'), table.find_all('tr')
        headers, releases = [header.text.strip() for header in ths], []
        for trs in trs:
            tds = trs.find_all('td')
            if len(tds) == 0:  # skip empty
                continue
            # create dict with table-heads as key and cell content as value
            x = {headers[i]: __strip(cell.text) for i, cell in enumerate(tds)}
            x.setdefault(BRANCH_STATUS_KEY, branch_status)
            releases.append(x)
        # add to matrix
        MATRIX.update({matrix_key: {JSON_RELEASES_KEY: releases}})
 def __debug():
    # print table head
    s = f'{VGPU_KEY:^13} | {LINUX_VGPU_MANAGER_KEY:^21} | {LINUX_DRIVER_KEY:^21} | {WINDOWS_VGPU_MANAGER_KEY:^21} | {WINDOWS_DRIVER_KEY:^21} | {RELEASE_DATE_KEY:>21} | {BRANCH_STATUS_KEY:^21}'
    print(s)
    # iterate over dict & format some variables to not overload table
    for idx, (key, branch) in enumerate(MATRIX.items()):
        for release in branch.get(JSON_RELEASES_KEY):
            version = release.get(VGPU_KEY, release.get(GRID_KEY, ''))
            linux_manager = release.get(LINUX_VGPU_MANAGER_KEY, release.get(ALT_VGPU_MANAGER_KEY, ''))
            linux_driver = release.get(LINUX_DRIVER_KEY)
            windows_manager = release.get(WINDOWS_VGPU_MANAGER_KEY, release.get(ALT_VGPU_MANAGER_KEY, ''))
            windows_driver = release.get(WINDOWS_DRIVER_KEY)
            release_date = release.get(RELEASE_DATE_KEY)
            is_latest = release.get(VGPU_KEY) == branch.get(LATEST_KEY)
            branch_status = __parse_branch_status(release.get(BRANCH_STATUS_KEY, ''))
            version = f'{version} *' if is_latest else version
            s = f'{version:<13} | {linux_manager:<21} | {linux_driver:<21} | {windows_manager:<21} | {windows_driver:<21} | {release_date:>21} | {branch_status:^21}'
            print(s)
 def __parse_branch_status(string: str) -> str:
    string = string.replace('Production Branch', 'Prod. -')
    string = string.replace('Long-Term Support Branch', 'LTS -')
    string = string.replace('supported until', '')
    string = string.replace('EOL since', 'EOL - ')
    string = string.replace('EOL from', 'EOL -')
    return string
 def __dump(filename: str):
    import json
    file = open(filename, 'w')
    json.dump(MATRIX, file)
    file.close()
 if __name__ == '__main__':
    MATRIX = {}
    try:
        import httpx
        from bs4 import BeautifulSoup
    except Exception as e:
        logger.error(f'Failed to import module: {e}')
        logger.info('Run "pip install beautifulsoup4 httpx"')
        exit(1)
    r = httpx.get(URL)
    if r.status_code != 200:
        logger.error(f'Error loading "{URL}" with status code {r.status_code}.')
        exit(2)
    # parse html
    soup = BeautifulSoup(r.text, features='html.parser')
    # build matrix
    __driver_versions(soup)
    # debug output
    __debug()
    # dump data to file
    __dump('../app/static/driver_matrix.json')
--- a/test/main.py
+++ b/test/main.py
@@ -1,8 +1,7 @@
 import sys
 from base64 import b64encode as b64enc
 from calendar import timegm
 from datetime import datetime, UTC
 from hashlib import sha256
 from calendar import timegm
 from datetime import datetime
 from os.path import dirname, join
 from uuid import uuid4, UUID
@@ -10,13 +9,14 @@ from dateutil.relativedelta import relativedelta
 from jose import jwt, jwk
 from jose.constants import ALGORITHMS
 from starlette.testclient import TestClient
 import sys
 # add relative path to use packages as they were in the app/ dir
 sys.path.append('../')
 sys.path.append('../app')
 from app import main
-from util import PrivateKey, PublicKey
+from app.util import load_key
 client = TestClient(main.app)
@@ -25,11 +25,11 @@ ORIGIN_REF, ALLOTMENT_REF, SECRET = str(uuid4()), '20000000-0000-0000-0000-00000
 # INSTANCE_KEY_RSA = generate_key()
 # INSTANCE_KEY_PUB = INSTANCE_KEY_RSA.public_key()
-INSTANCE_KEY_RSA = PrivateKey.from_file(str(join(dirname(__file__), '../app/cert/instance.private.pem')))
+INSTANCE_KEY_RSA = load_key(str(join(dirname(__file__), '../app/cert/instance.private.pem')))
-INSTANCE_KEY_PUB = PublicKey.from_file(str(join(dirname(__file__), '../app/cert/instance.public.pem')))
+INSTANCE_KEY_PUB = load_key(str(join(dirname(__file__), '../app/cert/instance.public.pem')))
-jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.pem(), algorithm=ALGORITHMS.RS256)
+jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256)
-jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.pem(), algorithm=ALGORITHMS.RS256)
+jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256)
 def __bearer_token(origin_ref: str) -> str:
@@ -106,7 +106,6 @@ def test_auth_v1_origin():
    assert response.json().get('origin_ref') == ORIGIN_REF
 def auth_v1_origin_update():
    payload = {
        "registration_pending": False,
@@ -142,7 +141,7 @@ def test_auth_v1_code():
 def test_auth_v1_token():
-    cur_time = datetime.now(UTC)
+    cur_time = datetime.utcnow()
    access_expires_on = cur_time + relativedelta(hours=1)
    payload = {
@@ -154,7 +153,8 @@ def test_auth_v1_token():
        "kid": "00000000-0000-0000-0000-000000000000"
    }
    payload = {
-        "auth_code": jwt.encode(payload, key=jwt_encode_key, headers={'kid': payload.get('kid')}, algorithm=ALGORITHMS.RS256),
+        "auth_code": jwt.encode(payload, key=jwt_encode_key, headers={'kid': payload.get('kid')},
                                algorithm=ALGORITHMS.RS256),
        "code_verifier": SECRET,
    }
@@ -187,6 +187,8 @@ def test_leasing_v1_lessor():
    assert len(lease_result_list[0]['lease']['ref']) == 36
    assert str(UUID(lease_result_list[0]['lease']['ref'])) == lease_result_list[0]['lease']['ref']
    return lease_result_list[0]['lease']['ref']
 def test_leasing_v1_lessor_lease():
    response = client.get('/leasing/v1/lessor/leases', headers={'authorization': __bearer_token(ORIGIN_REF)})
@@ -229,23 +231,7 @@ def test_leasing_v1_lease_delete():
 def test_leasing_v1_lessor_lease_remove():
-    # see "test_leasing_v1_lessor()"
+    lease_ref = test_leasing_v1_lessor()
    payload = {
        'fulfillment_context': {
            'fulfillment_class_ref_list': []
        },
        'lease_proposal_list': [{
            'license_type_qualifiers': {'count': 1},
            'product': {'name': 'NVIDIA RTX Virtual Workstation'}
        }],
        'proposal_evaluation_mode': 'ALL_OF',
        'scope_ref_list': [ALLOTMENT_REF]
    }
    response = client.post('/leasing/v1/lessor', json=payload, headers={'authorization': __bearer_token(ORIGIN_REF)})
    lease_result_list = response.json().get('lease_result_list')
    lease_ref = lease_result_list[0]['lease']['ref']
    #
    response = client.delete('/leasing/v1/lessor/leases', headers={'authorization': __bearer_token(ORIGIN_REF)})
    assert response.status_code == 200
Author	SHA1	Message	Date
Oscar Krause	ffcf0d084e	implemented endpoint for expired origins (origins without active leases)	2024-02-27 20:53:32 +01:00
Oscar Krause	128425e057	requirements.txt updated	2024-02-27 20:12:37 +01:00
Oscar Krause	3bd767cc85	Merge branch 'main' into ui # Conflicts: # README.md # requirements.txt	2024-02-27 20:12:14 +01:00
Oscar Krause	68645b95cc	removed "url_for" to prevent proxy http/https missmatch	2024-02-27 19:56:27 +01:00
Oscar Krause	6fbbf9f8a7	added meta tag for "Content-Security-Policy"	2024-02-27 08:21:40 +01:00
Oscar Krause	c7f5ae3d45	fixed layouts path	2023-07-04 13:45:27 +02:00
Oscar Krause	c461bed239	toggle api endpoints	2023-07-04 13:34:49 +02:00
Oscar Krause	a2db9ff446	typos	2023-07-04 13:34:49 +02:00
Oscar Krause	0cb1627447	added information about ipv6 may be must disabled	2023-07-04 13:34:49 +02:00
Oscar Krause	e8be60efb3	removed mysql from included docker drivers	2023-07-04 13:34:49 +02:00
Oscar Krause	db37bbc344	added docker command to logging section thanks to @libreshare (https://gitea.publichub.eu/oscar.krause/fastapi-dls/issues/2)	2023-07-04 13:34:49 +02:00
Oscar Krause	117e66f0db	improvements thanks to @AbsolutelyFree (https://gitea.publichub.eu/oscar.krause/fastapi-dls/issues/1)	2023-07-04 13:34:49 +02:00
Oscar Krause	b298755faa	fixed "deploy:pacman"	2023-07-04 13:34:49 +02:00
Oscar Krause	fb27616b93	fixed mariadb-client installation ref. https://github.com/PyMySQL/mysqlclient/discussions/624	2023-07-04 13:34:49 +02:00
Oscar Krause	0a08b033ea	added missing "pkg-config" for "mysqlclient==2.2.0" ref. https://stackoverflow.com/questions/76533384/docker-alpine-build-fails-on-mysqlclient-installation-with-error-exception-can	2023-07-04 13:34:49 +02:00
Oscar Krause	8c6df6eb3a	fixed versions	2023-07-04 13:34:49 +02:00
Oscar Krause	ef5eead1c3	refactored docker-compose.yml so very simple example, and moved proxy to "examples" directory	2023-07-04 13:34:49 +02:00
Oscar Krause	d8cae944e7	added 15.3 to supported drivers list	2023-07-04 13:34:49 +02:00
Oscar Krause	75a5ae7b29	updated compatibility list	2023-07-04 13:34:49 +02:00
Oscar Krause	5ff9d1a228	docker-compose.yml - added note for TZ	2023-07-04 13:34:49 +02:00
Oscar Krause	b46593f27e	requirements.txt updated	2023-07-04 13:34:49 +02:00
Oscar Krause	16271ad00b	implemented button for delete all expired leases	2023-06-12 11:41:01 +02:00
Oscar Krause	8d236af289	Merge branch 'dev' into ui # Conflicts: # requirements.txt	2023-06-12 11:27:36 +02:00
Oscar Krause	50c996f199	fixed "x in y" statement	2023-01-23 07:43:39 +01:00
Oscar Krause	e0736b6199	fixed Origin.delete()	2023-01-23 07:19:18 +01:00
Oscar Krause	5a59864383	Merge remote-tracking branch 'origin/dev' into ui	2023-01-23 07:19:05 +01:00
Oscar Krause	024ca111a9	fixes	2023-01-18 12:04:42 +01:00
Oscar Krause	6dbd39b76c	helper.js - added "lease_renewal" to table	2023-01-18 08:42:57 +01:00
Oscar Krause	21f49a2fb5	fixed return type	2023-01-18 08:42:38 +01:00
Oscar Krause	757bae849c	fixed origin null pointer exception on leases table	2023-01-18 08:42:28 +01:00
Oscar Krause	e1259838db	Merge branch 'dev' into ui # Conflicts: # app/orm.py	2023-01-18 08:39:06 +01:00
Oscar Krause	4699c1770d	Merge branch 'dev' into ui # Conflicts: # app/main.py	2023-01-05 07:31:15 +01:00
Oscar Krause	0c5fb7566c	PKGBUILD - fixed jinja dependency	2023-01-04 14:43:37 +01:00
Oscar Krause	995e959bb1	dashboard_origins.html - implemented confirmation before deleting all origins	2023-01-04 12:11:55 +01:00
Oscar Krause	7eb3d7434d	implemented refresh button	2023-01-04 12:11:23 +01:00
Oscar Krause	efc8d9c564	display hostname as title on leases table	2023-01-04 12:00:15 +01:00
Oscar Krause	6ef1216db6	Merge branch 'dev' into ui # Conflicts: # app/main.py	2023-01-04 11:19:32 +01:00
Oscar Krause	f48fc4ff98	display hostname as title on leases table	2023-01-04 11:17:00 +01:00
Oscar Krause	41cb7ae14f	implemented delete origin endpoint for frontend	2023-01-04 09:52:51 +01:00
Oscar Krause	5035dd4947	fixed refreshing data after deleting some origin or lease	2023-01-04 09:52:15 +01:00
Oscar Krause	08440d242f	implemented delete origin endpoint for frontend	2023-01-04 09:51:43 +01:00
Oscar Krause	f35a4c6145	fixed timezone handling	2023-01-03 21:49:24 +01:00
Oscar Krause	f199800040	sort leases by expires	2023-01-03 21:29:32 +01:00
Oscar Krause	ca96ae08a7	sort origins by hostname	2023-01-03 21:29:24 +01:00
Oscar Krause	49279b6b66	fixed origin table	2023-01-03 21:23:57 +01:00
Oscar Krause	d06e100bef	.gitlab-ci.yml - rebuild docker image when requirements.txt has changed	2023-01-03 21:03:34 +01:00
Oscar Krause	c5e344b38a	added jinja2 dependency	2023-01-03 21:01:29 +01:00
Oscar Krause	4b4979cf86	fixed imports and tests	2023-01-03 20:55:23 +01:00
Oscar Krause	139fdd3472	Merge branch 'dev' into ui	2023-01-03 20:45:51 +01:00
Oscar Krause	71c4972e6a	added config values to dashboard	2023-01-03 15:03:09 +01:00
Oscar Krause	df43a598cd	Merge branch 'dev' into ui	2023-01-03 14:55:26 +01:00
Oscar Krause	fc8ef174cd	implemented basic ui	2023-01-02 18:01:44 +01:00