From 0b4ac54363338738b94f40967a29fccd4a953fa4 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Wed, 20 Apr 2022 20:07:25 +0200 Subject: [PATCH] *: default to max 60 for fqdn_rand Signed-off-by: Jens Langhammer --- authentik/admin/settings.py | 2 +- authentik/crypto/settings.py | 2 +- authentik/lib/utils/time.py | 5 ++--- authentik/managed/settings.py | 2 +- authentik/outposts/settings.py | 6 +++--- authentik/sources/ldap/settings.py | 2 +- authentik/sources/plex/settings.py | 2 +- 7 files changed, 10 insertions(+), 11 deletions(-) diff --git a/authentik/admin/settings.py b/authentik/admin/settings.py index beabfd4a6..37b9d8bda 100644 --- a/authentik/admin/settings.py +++ b/authentik/admin/settings.py @@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand CELERY_BEAT_SCHEDULE = { "admin_latest_version": { "task": "authentik.admin.tasks.update_latest_version", - "schedule": crontab(minute=fqdn_rand("admin_latest_version", 60), hour="*"), + "schedule": crontab(minute=fqdn_rand("admin_latest_version"), hour="*"), "options": {"queue": "authentik_scheduled"}, } } diff --git a/authentik/crypto/settings.py b/authentik/crypto/settings.py index 499a251bf..939473a96 100644 --- a/authentik/crypto/settings.py +++ b/authentik/crypto/settings.py @@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand CELERY_BEAT_SCHEDULE = { "crypto_certificate_discovery": { "task": "authentik.crypto.tasks.certificate_discovery", - "schedule": crontab(minute=fqdn_rand("crypto_certificate_discovery", 60), hour="*"), + "schedule": crontab(minute=fqdn_rand("crypto_certificate_discovery"), hour="*"), "options": {"queue": "authentik_scheduled"}, }, } diff --git a/authentik/lib/utils/time.py b/authentik/lib/utils/time.py index d820f7263..ebca0ca38 100644 --- a/authentik/lib/utils/time.py +++ b/authentik/lib/utils/time.py @@ -4,7 +4,6 @@ from hashlib import sha256 from random import randrange, seed from socket import getfqdn -from celery.schedules import crontab from django.core.exceptions import ValidationError from django.utils.translation import gettext_lazy as _ @@ -44,10 +43,10 @@ def timedelta_from_string(expr: str) -> datetime.timedelta: return datetime.timedelta(**kwargs) -def fqdn_rand(task: str, max: int) -> int: +def fqdn_rand(task: str, stop: int = 60) -> int: """Get a random number within max based on the FQDN and task name""" entropy = f"{getfqdn()}:{task}" hasher = sha256() hasher.update(entropy.encode("utf-8")) seed(hasher.hexdigest()) - return randrange(0, max) # nosec + return randrange(0, stop) # nosec diff --git a/authentik/managed/settings.py b/authentik/managed/settings.py index 924376e8f..ebb2edb95 100644 --- a/authentik/managed/settings.py +++ b/authentik/managed/settings.py @@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand CELERY_BEAT_SCHEDULE = { "managed_reconcile": { "task": "authentik.managed.tasks.managed_reconcile", - "schedule": crontab(minute=fqdn_rand("managed_reconcile", 60), hour="*/4"), + "schedule": crontab(minute=fqdn_rand("managed_reconcile"), hour="*/4"), "options": {"queue": "authentik_scheduled"}, }, } diff --git a/authentik/outposts/settings.py b/authentik/outposts/settings.py index b2a876f42..7c8d87954 100644 --- a/authentik/outposts/settings.py +++ b/authentik/outposts/settings.py @@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand CELERY_BEAT_SCHEDULE = { "outposts_controller": { "task": "authentik.outposts.tasks.outpost_controller_all", - "schedule": crontab(minute=fqdn_rand("outposts_controller", 60), hour="*/4"), + "schedule": crontab(minute=fqdn_rand("outposts_controller"), hour="*/4"), "options": {"queue": "authentik_scheduled"}, }, "outposts_service_connection_check": { @@ -16,12 +16,12 @@ CELERY_BEAT_SCHEDULE = { }, "outpost_token_ensurer": { "task": "authentik.outposts.tasks.outpost_token_ensurer", - "schedule": crontab(minute=fqdn_rand("outpost_token_ensurer", 60), hour="*/8"), + "schedule": crontab(minute=fqdn_rand("outpost_token_ensurer"), hour="*/8"), "options": {"queue": "authentik_scheduled"}, }, "outpost_local_connection": { "task": "authentik.outposts.tasks.outpost_local_connection", - "schedule": crontab(minute=fqdn_rand("outpost_local_connection", 60), hour="*/8"), + "schedule": crontab(minute=fqdn_rand("outpost_local_connection"), hour="*/8"), "options": {"queue": "authentik_scheduled"}, }, } diff --git a/authentik/sources/ldap/settings.py b/authentik/sources/ldap/settings.py index 5da815856..6b526b357 100644 --- a/authentik/sources/ldap/settings.py +++ b/authentik/sources/ldap/settings.py @@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand CELERY_BEAT_SCHEDULE = { "sources_ldap_sync": { "task": "authentik.sources.ldap.tasks.ldap_sync_all", - "schedule": crontab(minute=fqdn_rand("sources_ldap_sync", 60), hour="*/2"), + "schedule": crontab(minute=fqdn_rand("sources_ldap_sync"), hour="*/2"), "options": {"queue": "authentik_scheduled"}, } } diff --git a/authentik/sources/plex/settings.py b/authentik/sources/plex/settings.py index ebd8ae0c2..c23143484 100644 --- a/authentik/sources/plex/settings.py +++ b/authentik/sources/plex/settings.py @@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand CELERY_BEAT_SCHEDULE = { "check_plex_token": { "task": "authentik.sources.plex.tasks.check_plex_token_all", - "schedule": crontab(minute=fqdn_rand("check_plex_token", 60), hour="*/3"), + "schedule": crontab(minute=fqdn_rand("check_plex_token"), hour="*/3"), "options": {"queue": "authentik_scheduled"}, }, }