perf: change ip db path

2025-07-28 11:31:27 +08:00 · 2025-07-28 11:31:27 +08:00 · 14e0396508
parent 835eb2e3d0
commit 14e0396508
6 changed files with 44 additions and 19 deletions
--- a/apps/common/utils/ip/geoip/utils.py
+++ b/apps/common/utils/ip/geoip/utils.py
@ -12,13 +12,22 @@ __all__ = ['get_ip_city_by_geoip']
 reader = None


-def get_ip_city_by_geoip(ip):
+def init_ip_reader():
    global reader
-    if reader is None:
+    if reader:
+        return
+
+    path = os.path.join(settings.DATA_DIR, 'system', 'GeoLite2-City.mmdb')
+    if not os.path.exists(path):
        path = os.path.join(os.path.dirname(__file__), 'GeoLite2-City.mmdb')
-        if not os.path.exists(path):
-            raise FileNotFoundError(f"IP Database not found, please run `./requirements/static_files.sh`")
-        reader = geoip2.database.Reader(path)
+    if not os.path.exists(path):
+        raise FileNotFoundError(f"IP Database not found, please run `./requirements/static_files.sh`")
+
+    reader = geoip2.database.Reader(path)
+
+
+def get_ip_city_by_geoip(ip):
+    init_ip_reader()

    try:
        is_private = ipaddress.ip_address(ip.strip()).is_private
--- a/apps/common/utils/ip/ipip/utils.py
+++ b/apps/common/utils/ip/ipip/utils.py
@ -1,21 +1,29 @@
 # -*- coding: utf-8 -*-
 #
 import os
-
+from django.conf import settings
 import ipdb

 __all__ = ['get_ip_city_by_ipip']
 ipip_db = None


-def get_ip_city_by_ipip(ip):
+def init_ipip_db():
    global ipip_db
-    if ipip_db is None:
+    if ipip_db is not None:
+        return
+
+    ipip_db_path = os.path.join(settings.DATA_DIR, 'system', 'ipipfree.ipdb')
+    if not os.path.exists(ipip_db_path):
        ipip_db_path = os.path.join(os.path.dirname(__file__), 'ipipfree.ipdb')
-        if not os.path.exists(ipip_db_path):
-            raise FileNotFoundError(
-                f"IP database not found, please run `bash ./requirements/static_files.sh`")
-        ipip_db = ipdb.City(ipip_db_path)
+    if not os.path.exists(ipip_db_path):
+        raise FileNotFoundError(f"IP database not found, please run `bash ./requirements/static_files.sh`")
+    ipip_db = ipdb.City(ipip_db_path)
+
+
+def get_ip_city_by_ipip(ip):
+    init_ipip_db()
+
    try:
        info = ipip_db.find_info(ip, 'CN')
    except ValueError:
--- a/apps/jumpserver/conf.py
+++ b/apps/jumpserver/conf.py
@ -711,7 +711,7 @@ class Config(dict):
        'FILE_UPLOAD_SIZE_LIMIT_MB': 200,

        'TICKET_APPLY_ASSET_SCOPE': 'all',
-        'LEAK_PASSWORD_DB_PATH': os.path.join(PROJECT_DIR, 'data', 'leak_passwords.db'),
+        'LEAK_PASSWORD_DB_PATH': os.path.join(PROJECT_DIR, 'data', 'system', 'leak_passwords.db'),

        # Ansible Receptor
        'RECEPTOR_ENABLED': False,
--- a/apps/ops/api/playbook.py
+++ b/apps/ops/api/playbook.py
@ -66,6 +66,7 @@ class PlaybookViewSet(JMSBulkModelViewSet):
        instance = serializer.save()
        base_path = safe_join(settings.DATA_DIR, "ops", "playbook")
        clone_id = self.request.query_params.get('clone_from')
+
        if clone_id:
            src_path = safe_join(base_path, clone_id)
            dest_path = safe_join(base_path, str(instance.id))
--- a/apps/settings/models.py
+++ b/apps/settings/models.py
@ -215,11 +215,14 @@ def get_chatai_data():
 def init_sqlite_db():
    db_path = settings.LEAK_PASSWORD_DB_PATH
    if not os.path.isfile(db_path):
-        db_path = settings.LEAK_PASSWORD_DB_PATH
-        src = os.path.join(
-            settings.APPS_DIR, 'accounts', 'automations',
-            'check_account', 'leak_passwords.db'
-        )
+        # 这里处理一下历史数据，有可能用户 copy 了旧的文件到 目录下
+        src = os.path.join(settings.PROJECT_DIR, 'data', 'leak_passwords.db')
+        if not os.path.isfile(src):
+            src = os.path.join(
+                settings.APPS_DIR, 'accounts', 'automations',
+                'check_account', 'leak_passwords.db'
+            )
+
        shutil.copy(src, db_path)
    logger.info(f'init sqlite db {db_path}')
    return db_path
--- a/apps/settings/serializers/auth/oidc.py
+++ b/apps/settings/serializers/auth/oidc.py
@ -71,7 +71,11 @@ class OIDCSettingSerializer(KeycloakSettingSerializer):
        required=False, label=_('OIDC'), help_text=_('OpenID Connect')
    )
    AUTH_OPENID_PROVIDER_ENDPOINT = serializers.CharField(
-        required=False, max_length=1024, label=_('Provider endpoint')
+        required=False, max_length=1024, label=_('Provider endpoint'),
+        help_text=_(
+            "The issuer URL of the OpenID Provider, used to discover its configuration via the "
+            "`$PROVIDER_ENDPOINT/.well-known/openid-configuration` endpoint."
+        )
    )
    AUTH_OPENID_PROVIDER_AUTHORIZATION_ENDPOINT = serializers.CharField(
        required=False, max_length=1024, label=_('Authorization endpoint')