trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

*: default to max 60 for fqdn_rand 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-04-20 20:07:25 +02:00
parent 1a1434bfda
commit 0b4ac54363
7 changed files with 10 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
authentik/admin/settings.py
View File

@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand
CELERY_BEAT_SCHEDULE = { CELERY_BEAT_SCHEDULE = {
"admin_latest_version": { "admin_latest_version": {
"task": "authentik.admin.tasks.update_latest_version", "task": "authentik.admin.tasks.update_latest_version",
"schedule": crontab(minute=fqdn_rand("admin_latest_version", 60), hour="*"), "schedule": crontab(minute=fqdn_rand("admin_latest_version"), hour="*"),
"options": {"queue": "authentik_scheduled"}, "options": {"queue": "authentik_scheduled"},
} }
} }

2
authentik/crypto/settings.py
View File

@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand
CELERY_BEAT_SCHEDULE = { CELERY_BEAT_SCHEDULE = {
"crypto_certificate_discovery": { "crypto_certificate_discovery": {
"task": "authentik.crypto.tasks.certificate_discovery", "task": "authentik.crypto.tasks.certificate_discovery",
"schedule": crontab(minute=fqdn_rand("crypto_certificate_discovery", 60), hour="*"), "schedule": crontab(minute=fqdn_rand("crypto_certificate_discovery"), hour="*"),
"options": {"queue": "authentik_scheduled"}, "options": {"queue": "authentik_scheduled"},
}, },
} }

5
authentik/lib/utils/time.py
View File

@ -4,7 +4,6 @@ from hashlib import sha256
from random import randrange, seed from random import randrange, seed
from socket import getfqdn from socket import getfqdn
from celery.schedules import crontab
from django.core.exceptions import ValidationError from django.core.exceptions import ValidationError
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
@ -44,10 +43,10 @@ def timedelta_from_string(expr: str) -> datetime.timedelta:
return datetime.timedelta(**kwargs) return datetime.timedelta(**kwargs)
def fqdn_rand(task: str, max: int) -> int: def fqdn_rand(task: str, stop: int = 60) -> int:
"""Get a random number within max based on the FQDN and task name""" """Get a random number within max based on the FQDN and task name"""
entropy = f"{getfqdn()}:{task}" entropy = f"{getfqdn()}:{task}"
hasher = sha256() hasher = sha256()
hasher.update(entropy.encode("utf-8")) hasher.update(entropy.encode("utf-8"))
seed(hasher.hexdigest()) seed(hasher.hexdigest())
return randrange(0, max) # nosec return randrange(0, stop) # nosec

2
authentik/managed/settings.py
View File

@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand
CELERY_BEAT_SCHEDULE = { CELERY_BEAT_SCHEDULE = {
"managed_reconcile": { "managed_reconcile": {
"task": "authentik.managed.tasks.managed_reconcile", "task": "authentik.managed.tasks.managed_reconcile",
"schedule": crontab(minute=fqdn_rand("managed_reconcile", 60), hour="*/4"), "schedule": crontab(minute=fqdn_rand("managed_reconcile"), hour="*/4"),
"options": {"queue": "authentik_scheduled"}, "options": {"queue": "authentik_scheduled"},
}, },
} }

6
authentik/outposts/settings.py
View File

@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand
CELERY_BEAT_SCHEDULE = { CELERY_BEAT_SCHEDULE = {
"outposts_controller": { "outposts_controller": {
"task": "authentik.outposts.tasks.outpost_controller_all", "task": "authentik.outposts.tasks.outpost_controller_all",
"schedule": crontab(minute=fqdn_rand("outposts_controller", 60), hour="*/4"), "schedule": crontab(minute=fqdn_rand("outposts_controller"), hour="*/4"),
"options": {"queue": "authentik_scheduled"}, "options": {"queue": "authentik_scheduled"},
}, },
"outposts_service_connection_check": { "outposts_service_connection_check": {
@ -16,12 +16,12 @@ CELERY_BEAT_SCHEDULE = {
}, },
"outpost_token_ensurer": { "outpost_token_ensurer": {
"task": "authentik.outposts.tasks.outpost_token_ensurer", "task": "authentik.outposts.tasks.outpost_token_ensurer",
"schedule": crontab(minute=fqdn_rand("outpost_token_ensurer", 60), hour="*/8"), "schedule": crontab(minute=fqdn_rand("outpost_token_ensurer"), hour="*/8"),
"options": {"queue": "authentik_scheduled"}, "options": {"queue": "authentik_scheduled"},
}, },
"outpost_local_connection": { "outpost_local_connection": {
"task": "authentik.outposts.tasks.outpost_local_connection", "task": "authentik.outposts.tasks.outpost_local_connection",
"schedule": crontab(minute=fqdn_rand("outpost_local_connection", 60), hour="*/8"), "schedule": crontab(minute=fqdn_rand("outpost_local_connection"), hour="*/8"),
"options": {"queue": "authentik_scheduled"}, "options": {"queue": "authentik_scheduled"},
}, },
} }

2
authentik/sources/ldap/settings.py
View File

@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand
CELERY_BEAT_SCHEDULE = { CELERY_BEAT_SCHEDULE = {
"sources_ldap_sync": { "sources_ldap_sync": {
"task": "authentik.sources.ldap.tasks.ldap_sync_all", "task": "authentik.sources.ldap.tasks.ldap_sync_all",
"schedule": crontab(minute=fqdn_rand("sources_ldap_sync", 60), hour="*/2"), "schedule": crontab(minute=fqdn_rand("sources_ldap_sync"), hour="*/2"),
"options": {"queue": "authentik_scheduled"}, "options": {"queue": "authentik_scheduled"},
} }
} }

2
authentik/sources/plex/settings.py
View File

@ -6,7 +6,7 @@ from authentik.lib.utils.time import fqdn_rand
CELERY_BEAT_SCHEDULE = { CELERY_BEAT_SCHEDULE = {
"check_plex_token": { "check_plex_token": {
"task": "authentik.sources.plex.tasks.check_plex_token_all", "task": "authentik.sources.plex.tasks.check_plex_token_all",
"schedule": crontab(minute=fqdn_rand("check_plex_token", 60), hour="*/3"), "schedule": crontab(minute=fqdn_rand("check_plex_token"), hour="*/3"),
"options": {"queue": "authentik_scheduled"}, "options": {"queue": "authentik_scheduled"},
}, },
} }