proof of concept for celery flower

2026-02-17 15:55:45 +00:00 · 2024-11-25 22:07:40 -08:00
1294 changed files with 30482 additions and 68518 deletions
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -1,15 +1,29 @@
 ## Description
-
 [Provide a brief description of the changes in this PR]

-## How Has This Been Tested?

+## How Has This Been Tested?
 [Describe the tests you ran to verify your changes]

+
+## Accepted Risk (provide if relevant)
+N/A
+
+
+## Related Issue(s) (provide if relevant)
+N/A
+
+
+## Mental Checklist:
+- All of the automated tests pass
+- All PR comments are addressed and marked resolved
+- If there are migrations, they have been rebased to latest main
+- If there are new dependencies, they are added to the requirements
+- If there are new environment variables, they are added to all of the deployment methods
+- If there are new APIs that don't require auth, they are added to PUBLIC_ENDPOINT_SPECS
+- Docker images build and basic functionalities work
+- Author has done a final read through of the PR right before merge
+
 ## Backporting (check the box to trigger backport action)
-
 Note: You have to check that the action passes, otherwise resolve the conflicts manually and tag the patches.
-
 - [ ] This PR should be backported (make sure to check that the backport attempt succeeds)
- [ ] I have included a link to a Linear ticket in my description.
- [ ] [Optional] Override Linear Check
--- a/.github/workflows/docker-build-push-backend-container-on-tag.yml
+++ b/.github/workflows/docker-build-push-backend-container-on-tag.yml
@@ -6,7 +6,7 @@ on:
      - "*"

 env:
-  REGISTRY_IMAGE: ${{ contains(github.ref_name, 'cloud') && 'onyxdotapp/onyx-backend-cloud' || 'onyxdotapp/onyx-backend' }}
+  REGISTRY_IMAGE: ${{ contains(github.ref_name, 'cloud') && 'danswer/danswer-backend-cloud' || 'danswer/danswer-backend' }}
  LATEST_TAG: ${{ contains(github.ref_name, 'latest') }}

 jobs:
@@ -44,7 +44,7 @@ jobs:
            ${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}
            ${{ env.LATEST_TAG == 'true' && format('{0}:latest', env.REGISTRY_IMAGE) || '' }}
          build-args: |
-            ONYX_VERSION=${{ github.ref_name }}
+            DANSWER_VERSION=${{ github.ref_name }}

      # trivy has their own rate limiting issues causing this action to flake
      # we worked around it by hardcoding to different db repos in env
@@ -57,7 +57,7 @@ jobs:
          TRIVY_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-db:2"
          TRIVY_JAVA_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-java-db:1"
        with:
-          # To run locally: trivy image --severity HIGH,CRITICAL onyxdotapp/onyx-backend
+          # To run locally: trivy image --severity HIGH,CRITICAL danswer/danswer-backend
          image-ref: docker.io/${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}
          severity: "CRITICAL,HIGH"
          trivyignores: ./backend/.trivyignore
--- a/.github/workflows/docker-build-push-cloud-web-container-on-tag.yml
+++ b/.github/workflows/docker-build-push-cloud-web-container-on-tag.yml
@@ -7,7 +7,7 @@ on:
      - "*"

 env:
-  REGISTRY_IMAGE: onyxdotapp/onyx-web-server-cloud
+  REGISTRY_IMAGE: danswer/danswer-web-server-cloud
  LATEST_TAG: ${{ contains(github.ref_name, 'latest') }}

 jobs:
@@ -60,13 +60,12 @@ jobs:
          platforms: ${{ matrix.platform }}
          push: true
          build-args: |
-            ONYX_VERSION=${{ github.ref_name }}
+            DANSWER_VERSION=${{ github.ref_name }}
            NEXT_PUBLIC_CLOUD_ENABLED=true
            NEXT_PUBLIC_POSTHOG_KEY=${{ secrets.POSTHOG_KEY }}
            NEXT_PUBLIC_POSTHOG_HOST=${{ secrets.POSTHOG_HOST }}
            NEXT_PUBLIC_SENTRY_DSN=${{ secrets.SENTRY_DSN }}
            NEXT_PUBLIC_GTM_ENABLED=true
-            NEXT_PUBLIC_FORGOT_PASSWORD_ENABLED=true
          # needed due to weird interactions with the builds for different platforms
          no-cache: true
          labels: ${{ steps.meta.outputs.labels }}
--- a/.github/workflows/docker-build-push-model-server-container-on-tag.yml
+++ b/.github/workflows/docker-build-push-model-server-container-on-tag.yml
@@ -6,31 +6,20 @@ on:
      - "*"

 env:
-  REGISTRY_IMAGE: ${{ contains(github.ref_name, 'cloud') && 'onyxdotapp/onyx-model-server-cloud' || 'onyxdotapp/onyx-model-server' }}
+  REGISTRY_IMAGE: ${{ contains(github.ref_name, 'cloud') && 'danswer/danswer-model-server-cloud' || 'danswer/danswer-model-server' }}
  LATEST_TAG: ${{ contains(github.ref_name, 'latest') }}
-  DOCKER_BUILDKIT: 1
-  BUILDKIT_PROGRESS: plain

 jobs:
-  build-amd64:
-    runs-on:
-      [runs-on, runner=8cpu-linux-x64, "run-id=${{ github.run_id }}-amd64"]
+  build-and-push:
+    # See https://runs-on.com/runners/linux/
+    runs-on: [runs-on, runner=8cpu-linux-x64, "run-id=${{ github.run_id }}"]
+
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

-      - name: System Info
-        run: |
-          df -h
-          free -h
-          docker system prune -af --volumes
-
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
-        with:
-          driver-opts: |
-            image=moby/buildkit:latest
-            network=host

      - name: Login to Docker Hub
        uses: docker/login-action@v3
@@ -38,86 +27,29 @@ jobs:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_TOKEN }}

-      - name: Build and Push AMD64
+      - name: Model Server Image Docker Build and Push
        uses: docker/build-push-action@v5
        with:
          context: ./backend
          file: ./backend/Dockerfile.model_server
-          platforms: linux/amd64
+          platforms: linux/amd64,linux/arm64
          push: true
-          tags: ${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}-amd64
+          tags: |
+            ${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}
+            ${{ env.LATEST_TAG == 'true' && format('{0}:latest', env.REGISTRY_IMAGE) || '' }}
          build-args: |
            DANSWER_VERSION=${{ github.ref_name }}
-          outputs: type=registry
-          provenance: false
-
-  build-arm64:
-    runs-on:
-      [runs-on, runner=8cpu-linux-x64, "run-id=${{ github.run_id }}-arm64"]
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: System Info
-        run: |
-          df -h
-          free -h
-          docker system prune -af --volumes
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-        with:
-          driver-opts: |
-            image=moby/buildkit:latest
-            network=host
-
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_TOKEN }}
-
-      - name: Build and Push ARM64
-        uses: docker/build-push-action@v5
-        with:
-          context: ./backend
-          file: ./backend/Dockerfile.model_server
-          platforms: linux/arm64
-          push: true
-          tags: ${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}-arm64
-          build-args: |
-            DANSWER_VERSION=${{ github.ref_name }}
-          outputs: type=registry
-          provenance: false
-
-  merge-and-scan:
-    needs: [build-amd64, build-arm64]
-    runs-on: ubuntu-latest
-    steps:
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_TOKEN }}
-
-      - name: Create and Push Multi-arch Manifest
-        run: |
-          docker buildx create --use
-          docker buildx imagetools create -t ${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }} \
-            ${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}-amd64 \
-            ${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}-arm64
-          if [[ "${{ env.LATEST_TAG }}" == "true" ]]; then
-            docker buildx imagetools create -t ${{ env.REGISTRY_IMAGE }}:latest \
-              ${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}-amd64 \
-              ${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}-arm64
-          fi

+      # trivy has their own rate limiting issues causing this action to flake
+      # we worked around it by hardcoding to different db repos in env
+      # can re-enable when they figure it out
+      # https://github.com/aquasecurity/trivy/discussions/7538
+      # https://github.com/aquasecurity/trivy-action/issues/389
      - name: Run Trivy vulnerability scanner
        uses: aquasecurity/trivy-action@master
        env:
          TRIVY_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-db:2"
          TRIVY_JAVA_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-java-db:1"
        with:
-          image-ref: docker.io/${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}
+          image-ref: docker.io/danswer/danswer-model-server:${{ github.ref_name }}
          severity: "CRITICAL,HIGH"
-          timeout: "10m"
--- a/.github/workflows/docker-build-push-web-container-on-tag.yml
+++ b/.github/workflows/docker-build-push-web-container-on-tag.yml
@@ -3,12 +3,12 @@ name: Build and Push Web Image on Tag
 on:
  push:
    tags:
-      - "*"
+      - '*'

 env:
-  REGISTRY_IMAGE: onyxdotapp/onyx-web-server
+  REGISTRY_IMAGE: danswer/danswer-web-server
  LATEST_TAG: ${{ contains(github.ref_name, 'latest') }}
-
+  
 jobs:
  build:
    runs-on:
@@ -27,11 +27,11 @@ jobs:
      - name: Prepare
        run: |
          platform=${{ matrix.platform }}
-          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
-
+          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV          
+      
      - name: Checkout
        uses: actions/checkout@v4
-
+      
      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v5
@@ -40,16 +40,16 @@ jobs:
          tags: |
            type=raw,value=${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}
            type=raw,value=${{ env.LATEST_TAG == 'true' && format('{0}:latest', env.REGISTRY_IMAGE) || '' }}
-
+      
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
-
+      
      - name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_TOKEN }}
-
+    
      - name: Build and push by digest
        id: build
        uses: docker/build-push-action@v5
@@ -59,18 +59,18 @@ jobs:
          platforms: ${{ matrix.platform }}
          push: true
          build-args: |
-            ONYX_VERSION=${{ github.ref_name }}
-          # needed due to weird interactions with the builds for different platforms
+            DANSWER_VERSION=${{ github.ref_name }}
+          # needed due to weird interactions with the builds for different platforms  
          no-cache: true
          labels: ${{ steps.meta.outputs.labels }}
          outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
-
+      
      - name: Export digest
        run: |
          mkdir -p /tmp/digests
          digest="${{ steps.build.outputs.digest }}"
-          touch "/tmp/digests/${digest#sha256:}"
-
+          touch "/tmp/digests/${digest#sha256:}"          
+      
      - name: Upload digest
        uses: actions/upload-artifact@v4
        with:
@@ -90,42 +90,42 @@ jobs:
          path: /tmp/digests
          pattern: digests-*
          merge-multiple: true
-
+      
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
-
+      
      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: ${{ env.REGISTRY_IMAGE }}
-
+      
      - name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_TOKEN }}
-
+      
      - name: Create manifest list and push
        working-directory: /tmp/digests
        run: |
          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
-            $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
-
+            $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)          
+      
      - name: Inspect image
        run: |
          docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}

-      # trivy has their own rate limiting issues causing this action to flake
-      # we worked around it by hardcoding to different db repos in env
-      # can re-enable when they figure it out
-      # https://github.com/aquasecurity/trivy/discussions/7538
-      # https://github.com/aquasecurity/trivy-action/issues/389
+    # trivy has their own rate limiting issues causing this action to flake
+    # we worked around it by hardcoding to different db repos in env
+    # can re-enable when they figure it out
+    # https://github.com/aquasecurity/trivy/discussions/7538
+    # https://github.com/aquasecurity/trivy-action/issues/389
      - name: Run Trivy vulnerability scanner
        uses: aquasecurity/trivy-action@master
        env:
-          TRIVY_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-db:2"
-          TRIVY_JAVA_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-java-db:1"
+          TRIVY_DB_REPOSITORY: 'public.ecr.aws/aquasecurity/trivy-db:2'
+          TRIVY_JAVA_DB_REPOSITORY: 'public.ecr.aws/aquasecurity/trivy-java-db:1'
        with:
          image-ref: docker.io/${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}
-          severity: "CRITICAL,HIGH"
+          severity: 'CRITICAL,HIGH'
--- a/.github/workflows/docker-tag-latest.yml
+++ b/.github/workflows/docker-tag-latest.yml
@@ -7,31 +7,31 @@ on:
  workflow_dispatch:
    inputs:
      version:
-        description: "The version (ie v0.0.1) to tag as latest"
+        description: 'The version (ie v0.0.1) to tag as latest'
        required: true

 jobs:
  tag:
    # See https://runs-on.com/runners/linux/
    # use a lower powered instance since this just does i/o to docker hub
-    runs-on: [runs-on, runner=2cpu-linux-x64, "run-id=${{ github.run_id }}"]
+    runs-on: [runs-on,runner=2cpu-linux-x64,"run-id=${{ github.run_id }}"]
    steps:
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v1

-      - name: Login to Docker Hub
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_TOKEN }}
+    - name: Login to Docker Hub
+      uses: docker/login-action@v1
+      with:
+        username: ${{ secrets.DOCKER_USERNAME }}
+        password: ${{ secrets.DOCKER_TOKEN }}

-      - name: Enable Docker CLI experimental features
-        run: echo "DOCKER_CLI_EXPERIMENTAL=enabled" >> $GITHUB_ENV
+    - name: Enable Docker CLI experimental features
+      run: echo "DOCKER_CLI_EXPERIMENTAL=enabled" >> $GITHUB_ENV

-      - name: Pull, Tag and Push Web Server Image
-        run: |
-          docker buildx imagetools create -t onyxdotapp/onyx-web-server:latest onyxdotapp/onyx-web-server:${{ github.event.inputs.version }}
+    - name: Pull, Tag and Push Web Server Image
+      run: |
+        docker buildx imagetools create -t danswer/danswer-web-server:latest danswer/danswer-web-server:${{ github.event.inputs.version }}

-      - name: Pull, Tag and Push API Server Image
-        run: |
-          docker buildx imagetools create -t onyxdotapp/onyx-backend:latest onyxdotapp/onyx-backend:${{ github.event.inputs.version }}
+    - name: Pull, Tag and Push API Server Image
+      run: |
+        docker buildx imagetools create -t danswer/danswer-backend:latest danswer/danswer-backend:${{ github.event.inputs.version }}
--- a/.github/workflows/hotfix-release-branches.yml
+++ b/.github/workflows/hotfix-release-branches.yml
@@ -8,42 +8,43 @@ on:
  workflow_dispatch:
    inputs:
      hotfix_commit:
-        description: "Hotfix commit hash"
+        description: 'Hotfix commit hash'
        required: true
      hotfix_suffix:
-        description: "Hotfix branch suffix (e.g. hotfix/v0.8-{suffix})"
+        description: 'Hotfix branch suffix (e.g. hotfix/v0.8-{suffix})'
        required: true
      release_branch_pattern:
-        description: "Release branch pattern (regex)"
+        description: 'Release branch pattern (regex)'
        required: true
-        default: "release/.*"
+        default: 'release/.*'
      auto_merge:
-        description: "Automatically merge the hotfix PRs"
+        description: 'Automatically merge the hotfix PRs'
        required: true
        type: choice
-        default: "true"
+        default: 'true'
        options:
          - true
          - false
-
+          
 jobs:
  hotfix_release_branches:
    permissions: write-all
    # See https://runs-on.com/runners/linux/
    # use a lower powered instance since this just does i/o to docker hub
-    runs-on: [runs-on, runner=2cpu-linux-x64, "run-id=${{ github.run_id }}"]
+    runs-on: [runs-on,runner=2cpu-linux-x64,"run-id=${{ github.run_id }}"]
    steps:
+    
      # needs RKUO_DEPLOY_KEY for write access to merge PR's
      - name: Checkout Repository
        uses: actions/checkout@v4
        with:
          ssh-key: "${{ secrets.RKUO_DEPLOY_KEY }}"
          fetch-depth: 0
-
+          
      - name: Set up Git user
        run: |
          git config user.name "Richard Kuo [bot]"
-          git config user.email "rkuo[bot]@onyx.app"
+          git config user.email "rkuo[bot]@danswer.ai"

      - name: Fetch All Branches
        run: |
@@ -61,10 +62,10 @@ jobs:
            echo "No release branches found matching pattern '${{ github.event.inputs.release_branch_pattern }}'."
            exit 1
          fi
-
+          
          echo "Found release branches:"
          echo "$BRANCHES"
-
+          
          # Join the branches into a single line separated by commas
          BRANCHES_JOINED=$(echo "$BRANCHES" | tr '\n' ',' | sed 's/,$//')

@@ -168,4 +169,4 @@ jobs:
                echo "Failed to merge pull request #$PR_NUMBER."
              fi
            fi
-          done
+          done
--- a/.github/workflows/pr-backport-autotrigger.yml
+++ b/.github/workflows/pr-backport-autotrigger.yml
@@ -4,7 +4,7 @@ name: Backport on Merge

 on:
  pull_request:
-    types: [closed] # Later we check for merge so only PRs that go in can get backported
+    types: [closed]  # Later we check for merge so only PRs that go in can get backported

 permissions:
  contents: write
@@ -26,9 +26,9 @@ jobs:
      - name: Set up Git user
        run: |
          git config user.name "Richard Kuo [bot]"
-          git config user.email "rkuo[bot]@onyx.app"
+          git config user.email "rkuo[bot]@danswer.ai"
          git fetch --prune
-
+      
      - name: Check for Backport Checkbox
        id: checkbox-check
        run: |
@@ -51,14 +51,14 @@ jobs:
          # Fetch latest tags for beta and stable
          LATEST_BETA_TAG=$(git tag -l "v[0-9]*.[0-9]*.[0-9]*-beta.[0-9]*" | grep -E "^v[0-9]+\.[0-9]+\.[0-9]+-beta\.[0-9]+$" | grep -v -- "-cloud" | sort -Vr | head -n 1)
          LATEST_STABLE_TAG=$(git tag -l "v[0-9]*.[0-9]*.[0-9]*" | grep -E "^v[0-9]+\.[0-9]+\.[0-9]+$" | sort -Vr | head -n 1)
-
+          
          # Handle case where no beta tags exist
          if [[ -z "$LATEST_BETA_TAG" ]]; then
            NEW_BETA_TAG="v1.0.0-beta.1"
          else
            NEW_BETA_TAG=$(echo $LATEST_BETA_TAG | awk -F '[.-]' '{print $1 "." $2 "." $3 "-beta." ($NF+1)}')
          fi
-
+          
          # Increment latest stable tag
          NEW_STABLE_TAG=$(echo $LATEST_STABLE_TAG | awk -F '.' '{print $1 "." $2 "." ($3+1)}')
          echo "latest_beta_tag=$LATEST_BETA_TAG" >> $GITHUB_OUTPUT
@@ -80,10 +80,10 @@ jobs:
        run: |
          set -e
          echo "Backporting to beta ${{ steps.list-branches.outputs.beta }} and stable ${{ steps.list-branches.outputs.stable }}"
-
+          
          # Echo the merge commit SHA
          echo "Merge commit SHA: ${{ github.event.pull_request.merge_commit_sha }}"
-
+          
          # Fetch all history for all branches and tags
          git fetch --prune

@@ -98,7 +98,7 @@ jobs:
            echo "Cherry-pick to beta failed due to conflicts."
            exit 1
          }
-
+          
          # Create new beta branch/tag
          git tag ${{ steps.list-branches.outputs.new_beta_tag }}
          # Push the changes and tag to the beta branch using PAT
@@ -110,13 +110,13 @@ jobs:
          echo "Last 5 commits on stable branch:"
          git log -n 5 --pretty=format:"%H"
          echo ""  # Newline for formatting
-
+          
          # Cherry-pick the merge commit from the merged PR
          git cherry-pick -m 1 ${{ github.event.pull_request.merge_commit_sha }} || {
            echo "Cherry-pick to stable failed due to conflicts."
            exit 1
          }
-
+          
          # Create new stable branch/tag
          git tag ${{ steps.list-branches.outputs.new_stable_tag }}
          # Push the changes and tag to the stable branch using PAT
--- a/.github/workflows/pr-chromatic-tests.yml
+++ b/.github/workflows/pr-chromatic-tests.yml
@@ -14,24 +14,18 @@ jobs:
    name: Playwright Tests

    # See https://runs-on.com/runners/linux/
-    runs-on:
-      [
-        runs-on,
-        runner=32cpu-linux-x64,
-        disk=large,
-        "run-id=${{ github.run_id }}",
-      ]
+    runs-on: [runs-on,runner=8cpu-linux-x64,ram=16,"run-id=${{ github.run_id }}"]
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
-
+          
      - name: Set up Python
        uses: actions/setup-python@v5
        with:
-          python-version: "3.11"
-          cache: "pip"
+          python-version: '3.11'
+          cache: 'pip'
          cache-dependency-path: |
            backend/requirements/default.txt
            backend/requirements/dev.txt
@@ -41,7 +35,7 @@ jobs:
          pip install --retries 5 --timeout 30 -r backend/requirements/default.txt
          pip install --retries 5 --timeout 30 -r backend/requirements/dev.txt
          pip install --retries 5 --timeout 30 -r backend/requirements/model_server.txt
-
+        
      - name: Setup node
        uses: actions/setup-node@v4
        with:
@@ -54,7 +48,7 @@ jobs:
      - name: Install playwright browsers
        working-directory: ./web
        run: npx playwright install --with-deps
-
+        
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

@@ -66,13 +60,13 @@ jobs:

      # tag every docker image with "test" so that we can spin up the correct set
      # of images during testing
-
+      
      # we use the runs-on cache for docker builds
      # in conjunction with runs-on runners, it has better speed and unlimited caching
      # https://runs-on.com/caching/s3-cache-for-github-actions/
      # https://runs-on.com/caching/docker/
      # https://github.com/moby/buildkit#s3-cache-experimental
-
+      
      # images are built and run locally for testing purposes. Not pushed.

      - name: Build Web Docker image
@@ -81,7 +75,7 @@ jobs:
          context: ./web
          file: ./web/Dockerfile
          platforms: linux/amd64
-          tags: onyxdotapp/onyx-web-server:test
+          tags: danswer/danswer-web-server:test
          push: false
          load: true
          cache-from: type=s3,prefix=cache/${{ github.repository }}/integration-tests/web-server/,region=${{ env.RUNS_ON_AWS_REGION }},bucket=${{ env.RUNS_ON_S3_BUCKET_CACHE }}
@@ -93,7 +87,7 @@ jobs:
          context: ./backend
          file: ./backend/Dockerfile
          platforms: linux/amd64
-          tags: onyxdotapp/onyx-backend:test
+          tags: danswer/danswer-backend:test
          push: false
          load: true
          cache-from: type=s3,prefix=cache/${{ github.repository }}/integration-tests/backend/,region=${{ env.RUNS_ON_AWS_REGION }},bucket=${{ env.RUNS_ON_S3_BUCKET_CACHE }}
@@ -105,7 +99,7 @@ jobs:
          context: ./backend
          file: ./backend/Dockerfile.model_server
          platforms: linux/amd64
-          tags: onyxdotapp/onyx-model-server:test
+          tags: danswer/danswer-model-server:test
          push: false
          load: true
          cache-from: type=s3,prefix=cache/${{ github.repository }}/integration-tests/model-server/,region=${{ env.RUNS_ON_AWS_REGION }},bucket=${{ env.RUNS_ON_S3_BUCKET_CACHE }}
@@ -116,7 +110,6 @@ jobs:
          cd deployment/docker_compose
          ENABLE_PAID_ENTERPRISE_EDITION_FEATURES=true \
          AUTH_TYPE=basic \
-          GEN_AI_API_KEY=${{ secrets.OPENAI_API_KEY }} \
          REQUIRE_EMAIL_VERIFICATION=false \
          DISABLE_TELEMETRY=true \
          IMAGE_TAG=test \
@@ -126,12 +119,12 @@ jobs:
      - name: Wait for service to be ready
        run: |
          echo "Starting wait-for-service script..."
-
+          
          docker logs -f danswer-stack-api_server-1 &

          start_time=$(date +%s)
          timeout=300  # 5 minutes in seconds
-
+          
          while true; do
            current_time=$(date +%s)
            elapsed_time=$((current_time - start_time))
@@ -159,7 +152,7 @@ jobs:

      - name: Run pytest playwright test init
        working-directory: ./backend
-        env:
+        env: 
          PYTEST_IGNORE_SKIP: true
        run: pytest -s tests/integration/tests/playwright/test_playwright.py

@@ -175,7 +168,7 @@ jobs:
          name: test-results
          path: ./web/test-results
          retention-days: 30
-
+                    
      # save before stopping the containers so the logs can be captured
      - name: Save Docker logs
        if: success() || failure()
@@ -183,7 +176,7 @@ jobs:
          cd deployment/docker_compose
          docker compose -f docker-compose.dev.yml -p danswer-stack logs > docker-compose.log
          mv docker-compose.log ${{ github.workspace }}/docker-compose.log
-
+      
      - name: Upload logs
        if: success() || failure()
        uses: actions/upload-artifact@v4
@@ -198,41 +191,35 @@ jobs:

  chromatic-tests:
    name: Chromatic Tests
-
+    
    needs: playwright-tests
-    runs-on:
-      [
-        runs-on,
-        runner=32cpu-linux-x64,
-        disk=large,
-        "run-id=${{ github.run_id }}",
-      ]
+    runs-on: [runs-on,runner=8cpu-linux-x64,ram=16,"run-id=${{ github.run_id }}"]
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
-
+          
      - name: Setup node
        uses: actions/setup-node@v4
        with:
          node-version: 22
-
+          
      - name: Install node dependencies
        working-directory: ./web
        run: npm ci
-
+        
      - name: Download Playwright test results
        uses: actions/download-artifact@v4
        with:
          name: test-results
          path: ./web/test-results
-
+          
      - name: Run Chromatic
        uses: chromaui/action@latest
        with:
          playwright: true
          projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }}
          workingDir: ./web
-        env:
+        env: 
          CHROMATIC_ARCHIVE_LOCATION: ./test-results
--- a/.github/workflows/pr-integration-tests.yml
+++ b/.github/workflows/pr-integration-tests.yml
@@ -8,7 +8,7 @@ on:
  pull_request:
    branches:
      - main
-      - "release/**"
+      - 'release/**'

 env:
  OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
@@ -16,11 +16,11 @@ env:
  CONFLUENCE_TEST_SPACE_URL: ${{ secrets.CONFLUENCE_TEST_SPACE_URL }}
  CONFLUENCE_USER_NAME: ${{ secrets.CONFLUENCE_USER_NAME }}
  CONFLUENCE_ACCESS_TOKEN: ${{ secrets.CONFLUENCE_ACCESS_TOKEN }}
-
+  
 jobs:
  integration-tests:
    # See https://runs-on.com/runners/linux/
-    runs-on: [runs-on, runner=32cpu-linux-x64, "run-id=${{ github.run_id }}"]
+    runs-on: [runs-on,runner=8cpu-linux-x64,ram=16,"run-id=${{ github.run_id }}"]
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
@@ -36,21 +36,21 @@ jobs:

      # tag every docker image with "test" so that we can spin up the correct set
      # of images during testing
-
+      
      # We don't need to build the Web Docker image since it's not yet used
-      # in the integration tests. We have a separate action to verify that it builds
+      # in the integration tests. We have a separate action to verify that it builds 
      # successfully.
      - name: Pull Web Docker image
        run: |
-          docker pull onyxdotapp/onyx-web-server:latest
-          docker tag onyxdotapp/onyx-web-server:latest onyxdotapp/onyx-web-server:test
+          docker pull danswer/danswer-web-server:latest
+          docker tag danswer/danswer-web-server:latest danswer/danswer-web-server:test

      # we use the runs-on cache for docker builds
      # in conjunction with runs-on runners, it has better speed and unlimited caching
      # https://runs-on.com/caching/s3-cache-for-github-actions/
      # https://runs-on.com/caching/docker/
      # https://github.com/moby/buildkit#s3-cache-experimental
-
+      
      # images are built and run locally for testing purposes. Not pushed.
      - name: Build Backend Docker image
        uses: ./.github/actions/custom-build-and-push
@@ -58,7 +58,7 @@ jobs:
          context: ./backend
          file: ./backend/Dockerfile
          platforms: linux/amd64
-          tags: onyxdotapp/onyx-backend:test
+          tags: danswer/danswer-backend:test
          push: false
          load: true
          cache-from: type=s3,prefix=cache/${{ github.repository }}/integration-tests/backend/,region=${{ env.RUNS_ON_AWS_REGION }},bucket=${{ env.RUNS_ON_S3_BUCKET_CACHE }}
@@ -70,19 +70,19 @@ jobs:
          context: ./backend
          file: ./backend/Dockerfile.model_server
          platforms: linux/amd64
-          tags: onyxdotapp/onyx-model-server:test
+          tags: danswer/danswer-model-server:test
          push: false
          load: true
          cache-from: type=s3,prefix=cache/${{ github.repository }}/integration-tests/model-server/,region=${{ env.RUNS_ON_AWS_REGION }},bucket=${{ env.RUNS_ON_S3_BUCKET_CACHE }}
          cache-to: type=s3,prefix=cache/${{ github.repository }}/integration-tests/model-server/,region=${{ env.RUNS_ON_AWS_REGION }},bucket=${{ env.RUNS_ON_S3_BUCKET_CACHE }},mode=max
-
+      
      - name: Build integration test Docker image
        uses: ./.github/actions/custom-build-and-push
        with:
          context: ./backend
          file: ./backend/tests/integration/Dockerfile
          platforms: linux/amd64
-          tags: onyxdotapp/onyx-integration:test
+          tags: danswer/danswer-integration:test
          push: false
          load: true
          cache-from: type=s3,prefix=cache/${{ github.repository }}/integration-tests/integration/,region=${{ env.RUNS_ON_AWS_REGION }},bucket=${{ env.RUNS_ON_S3_BUCKET_CACHE }}
@@ -119,7 +119,7 @@ jobs:
            -e TEST_WEB_HOSTNAME=test-runner \
            -e AUTH_TYPE=cloud \
            -e MULTI_TENANT=true \
-            onyxdotapp/onyx-integration:test \
+            danswer/danswer-integration:test \
            /app/tests/integration/multitenant_tests
        continue-on-error: true
        id: run_multitenant_tests
@@ -131,14 +131,15 @@ jobs:
            exit 1
          else
            echo "All integration tests passed successfully."
-          fi
+          fi 

      - name: Stop multi-tenant Docker containers
        run: |
          cd deployment/docker_compose
          docker compose -f docker-compose.dev.yml -p danswer-stack down -v

-      - name: Start Docker containers
+
+      - name: Start Docker containers 
        run: |
          cd deployment/docker_compose
          ENABLE_PAID_ENTERPRISE_EDITION_FEATURES=true \
@@ -152,12 +153,12 @@ jobs:
      - name: Wait for service to be ready
        run: |
          echo "Starting wait-for-service script..."
-
+          
          docker logs -f danswer-stack-api_server-1 &

          start_time=$(date +%s)
          timeout=300  # 5 minutes in seconds
-
+          
          while true; do
            current_time=$(date +%s)
            elapsed_time=$((current_time - start_time))
@@ -201,7 +202,7 @@ jobs:
            -e CONFLUENCE_USER_NAME=${CONFLUENCE_USER_NAME} \
            -e CONFLUENCE_ACCESS_TOKEN=${CONFLUENCE_ACCESS_TOKEN} \
            -e TEST_WEB_HOSTNAME=test-runner \
-            onyxdotapp/onyx-integration:test \
+            danswer/danswer-integration:test \
            /app/tests/integration/tests \
            /app/tests/integration/connector_job_tests
        continue-on-error: true
@@ -228,7 +229,7 @@ jobs:
        run: |
          cd deployment/docker_compose
          docker compose -f docker-compose.dev.yml -p danswer-stack down -v
-
+      
      - name: Upload logs
        if: success() || failure()
        uses: actions/upload-artifact@v4
--- a/.github/workflows/pr-linear-check.yml
+++ b/.github/workflows/pr-linear-check.yml
@@ -1,29 +0,0 @@
-name: Ensure PR references Linear
-
-on:
-  pull_request:
-    types: [opened, edited, reopened, synchronize]
-
-jobs:
-  linear-check:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check PR body for Linear link or override
-        run: |
-          PR_BODY="${{ github.event.pull_request.body }}"
-
-          # Looking for "https://linear.app" in the body
-          if echo "$PR_BODY" | grep -qE "https://linear\.app"; then
-            echo "Found a Linear link. Check passed."
-            exit 0
-          fi
-
-          # Looking for a checked override: "[x] Override Linear Check"
-          if echo "$PR_BODY" | grep -q "\[x\].*Override Linear Check"; then
-            echo "Override box is checked. Check passed."
-            exit 0
-          fi
-
-          # Otherwise, fail the run
-          echo "No Linear link or override found in the PR description."
-          exit 1
--- a/.github/workflows/pr-python-connector-tests.yml
+++ b/.github/workflows/pr-python-connector-tests.yml
@@ -24,21 +24,7 @@ env:
  GOOGLE_DRIVE_OAUTH_CREDENTIALS_JSON_STR: ${{ secrets.GOOGLE_DRIVE_OAUTH_CREDENTIALS_JSON_STR }}
  GOOGLE_GMAIL_SERVICE_ACCOUNT_JSON_STR: ${{ secrets.GOOGLE_GMAIL_SERVICE_ACCOUNT_JSON_STR }}
  GOOGLE_GMAIL_OAUTH_CREDENTIALS_JSON_STR: ${{ secrets.GOOGLE_GMAIL_OAUTH_CREDENTIALS_JSON_STR }}
-  # Slab
-  SLAB_BOT_TOKEN: ${{ secrets.SLAB_BOT_TOKEN }}
-  # Zendesk
-  ZENDESK_SUBDOMAIN: ${{ secrets.ZENDESK_SUBDOMAIN }}
-  ZENDESK_EMAIL: ${{ secrets.ZENDESK_EMAIL }}
-  ZENDESK_TOKEN: ${{ secrets.ZENDESK_TOKEN }}
-  # Salesforce
-  SF_USERNAME: ${{ secrets.SF_USERNAME }}
-  SF_PASSWORD: ${{ secrets.SF_PASSWORD }}
-  SF_SECURITY_TOKEN: ${{ secrets.SF_SECURITY_TOKEN }}
-  # Airtable
-  AIRTABLE_TEST_BASE_ID: ${{ secrets.AIRTABLE_TEST_BASE_ID }}
-  AIRTABLE_TEST_TABLE_ID: ${{ secrets.AIRTABLE_TEST_TABLE_ID }}
-  AIRTABLE_TEST_TABLE_NAME: ${{ secrets.AIRTABLE_TEST_TABLE_NAME }}
-  AIRTABLE_ACCESS_TOKEN: ${{ secrets.AIRTABLE_ACCESS_TOKEN }}
+
 jobs:
  connectors-check:
    # See https://runs-on.com/runners/linux/
--- a/.github/workflows/tag-nightly.yml
+++ b/.github/workflows/tag-nightly.yml
@@ -2,52 +2,53 @@ name: Nightly Tag Push

 on:
  schedule:
-    - cron: "0 10 * * *" # Runs every day at 2 AM PST / 3 AM PDT / 10 AM UTC
+    - cron: '0 10 * * *' # Runs every day at 2 AM PST / 3 AM PDT / 10 AM UTC

 permissions:
-  contents: write # Allows pushing tags to the repository
+  contents: write  # Allows pushing tags to the repository

 jobs:
  create-and-push-tag:
-    runs-on: [runs-on, runner=2cpu-linux-x64, "run-id=${{ github.run_id }}"]
+    runs-on: [runs-on,runner=2cpu-linux-x64,"run-id=${{ github.run_id }}"]

    steps:
-      # actions using GITHUB_TOKEN cannot trigger another workflow, but we do want this to trigger docker pushes
-      # see https://github.com/orgs/community/discussions/27028#discussioncomment-3254367 for the workaround we
-      # implement here which needs an actual user's deploy key
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          ssh-key: "${{ secrets.RKUO_DEPLOY_KEY }}"
+    # actions using GITHUB_TOKEN cannot trigger another workflow, but we do want this to trigger docker pushes
+    # see https://github.com/orgs/community/discussions/27028#discussioncomment-3254367 for the workaround we
+    # implement here which needs an actual user's deploy key
+    - name: Checkout code
+      uses: actions/checkout@v4
+      with:
+        ssh-key: "${{ secrets.RKUO_DEPLOY_KEY }}"

-      - name: Set up Git user
-        run: |
-          git config user.name "Richard Kuo [bot]"
-          git config user.email "rkuo[bot]@onyx.app"
+    - name: Set up Git user
+      run: |
+        git config user.name "Richard Kuo [bot]"
+        git config user.email "rkuo[bot]@danswer.ai"

-      - name: Check for existing nightly tag
-        id: check_tag
-        run: |
-          if git tag --points-at HEAD --list "nightly-latest*" | grep -q .; then
-            echo "A tag starting with 'nightly-latest' already exists on HEAD."
-            echo "tag_exists=true" >> $GITHUB_OUTPUT
-          else
-            echo "No tag starting with 'nightly-latest' exists on HEAD."
-            echo "tag_exists=false" >> $GITHUB_OUTPUT
-          fi
+    - name: Check for existing nightly tag
+      id: check_tag
+      run: |
+        if git tag --points-at HEAD --list "nightly-latest*" | grep -q .; then
+          echo "A tag starting with 'nightly-latest' already exists on HEAD."
+          echo "tag_exists=true" >> $GITHUB_OUTPUT
+        else
+          echo "No tag starting with 'nightly-latest' exists on HEAD."
+          echo "tag_exists=false" >> $GITHUB_OUTPUT
+        fi
+        
+    # don't tag again if HEAD already has a nightly-latest tag on it
+    - name: Create Nightly Tag
+      if: steps.check_tag.outputs.tag_exists == 'false'
+      env:
+        DATE: ${{ github.run_id }}
+      run: |
+        TAG_NAME="nightly-latest-$(date +'%Y%m%d')"
+        echo "Creating tag: $TAG_NAME"
+        git tag $TAG_NAME

-      # don't tag again if HEAD already has a nightly-latest tag on it
-      - name: Create Nightly Tag
-        if: steps.check_tag.outputs.tag_exists == 'false'
-        env:
-          DATE: ${{ github.run_id }}
-        run: |
-          TAG_NAME="nightly-latest-$(date +'%Y%m%d')"
-          echo "Creating tag: $TAG_NAME"
-          git tag $TAG_NAME
-
-      - name: Push Tag
-        if: steps.check_tag.outputs.tag_exists == 'false'
-        run: |
-          TAG_NAME="nightly-latest-$(date +'%Y%m%d')"
-          git push origin $TAG_NAME
+    - name: Push Tag
+      if: steps.check_tag.outputs.tag_exists == 'false'
+      run: |
+        TAG_NAME="nightly-latest-$(date +'%Y%m%d')"
+        git push origin $TAG_NAME
+        
--- a/.vscode/env_template.txt
+++ b/.vscode/env_template.txt
@@ -5,8 +5,6 @@
 # For local dev, often user Authentication is not needed
 AUTH_TYPE=disabled

-# Skip warm up for dev
-SKIP_WARM_UP=True

 # Always keep these on for Dev
 # Logs all model prompts to stdout
@@ -29,7 +27,6 @@ REQUIRE_EMAIL_VERIFICATION=False

 # Set these so if you wipe the DB, you don't end up having to go through the UI every time
 GEN_AI_API_KEY=<REPLACE THIS>
-OPENAI_API_KEY=<REPLACE THIS>
 # If answer quality isn't important for dev, use gpt-4o-mini since it's cheaper
 GEN_AI_MODEL_VERSION=gpt-4o
 FAST_GEN_AI_MODEL_VERSION=gpt-4o
--- a/.vscode/launch.template.jsonc
+++ b/.vscode/launch.template.jsonc
@@ -17,7 +17,7 @@
 			 }
 		},
        {
-            "name": "Run All Onyx Services",
+            "name": "Run All Danswer Services",
            "configurations": [
                "Web Server",
                "Model Server",
@@ -28,7 +28,6 @@
 		  		"Celery heavy", 
 		  		"Celery indexing", 
 		  		"Celery beat",
-                "Celery monitoring",
            ],
 			"presentation": {
 				 "group": "1",
@@ -52,8 +51,7 @@
 		  		"Celery light", 
 		  		"Celery heavy", 
 		  		"Celery indexing", 
-		  		"Celery beat",
-                "Celery monitoring",
+		  		"Celery beat"
 		  	],
 			"presentation": {
 				 "group": "1",
@@ -124,7 +122,7 @@
                "PYTHONUNBUFFERED": "1"
            },
            "args": [
-                "onyx.main:app",
+                "danswer.main:app",
                "--reload",
                "--port",
                "8080"
@@ -141,7 +139,7 @@
            "consoleName": "Slack Bot",
            "type": "debugpy",
            "request": "launch",
-            "program": "onyx/onyxbot/slack/listener.py",
+            "program": "danswer/danswerbot/slack/listener.py",
            "cwd": "${workspaceFolder}/backend",
            "envFile": "${workspaceFolder}/.vscode/.env",
            "env": {
@@ -168,7 +166,7 @@
            },
            "args": [
                "-A",
-                "onyx.background.celery.versioned_apps.primary",
+                "danswer.background.celery.versioned_apps.primary",
                "worker",
                "--pool=threads",
                "--concurrency=4",
@@ -197,7 +195,7 @@
            },
            "args": [
                "-A",
-                "onyx.background.celery.versioned_apps.light",
+                "danswer.background.celery.versioned_apps.light",
                "worker",
                "--pool=threads",
                "--concurrency=64",
@@ -226,7 +224,7 @@
            },
            "args": [
                "-A",
-                "onyx.background.celery.versioned_apps.heavy",
+                "danswer.background.celery.versioned_apps.heavy",
                "worker",
                "--pool=threads",
                "--concurrency=4",
@@ -256,7 +254,7 @@
            },
            "args": [
                "-A",
-                "onyx.background.celery.versioned_apps.indexing",
+                "danswer.background.celery.versioned_apps.indexing",
                "worker",
                "--pool=threads",
                "--concurrency=1",
@@ -271,31 +269,6 @@
 			 },
            "consoleTitle": "Celery indexing Console"
        },
-        {
-            "name": "Celery monitoring",
-            "type": "debugpy",
-            "request": "launch",
-            "module": "celery",
-            "cwd": "${workspaceFolder}/backend",
-            "envFile": "${workspaceFolder}/.vscode/.env",
-            "env": {},
-            "args": [
-                "-A",
-                "onyx.background.celery.versioned_apps.monitoring",
-                "worker",
-                "--pool=solo",
-                "--concurrency=1",
-                "--prefetch-multiplier=1",
-                "--loglevel=INFO",
-                "--hostname=monitoring@%n",
-                "-Q",
-                "monitoring",
-            ],
-            "presentation": {
-				 "group": "2",
-			 },
-            "consoleTitle": "Celery monitoring Console"
-        },
        {
            "name": "Celery beat",
            "type": "debugpy",
@@ -310,7 +283,7 @@
            },
            "args": [
                "-A",
-                "onyx.background.celery.versioned_apps.beat",
+                "danswer.background.celery.versioned_apps.beat",
                "beat",
                "--loglevel=INFO",
            ],
@@ -335,7 +308,7 @@
            "args": [
                "-v"
                // Specify a sepcific module/test to run or provide nothing to run all tests
-                //"tests/unit/onyx/llm/answering/test_prune_and_merge.py"
+                //"tests/unit/danswer/llm/answering/test_prune_and_merge.py"
            ],
            "presentation": {
 				 "group": "2",
@@ -382,20 +355,5 @@
                "PYTHONPATH": "."
            },
        },
-        {
-            "name": "Install Python Requirements",
-            "type": "node",
-            "request": "launch",
-            "runtimeExecutable": "bash",
-            "runtimeArgs": [
-                "-c",
-                "pip install -r backend/requirements/default.txt && pip install -r backend/requirements/dev.txt && pip install -r backend/requirements/ee.txt && pip install -r backend/requirements/model_server.txt"
-            ],
-            "cwd": "${workspaceFolder}",
-            "console": "integratedTerminal",
-            "presentation": {
-                 "group": "3"
-            }
-        },
    ]
 }
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,38 +1,32 @@
-<!-- DANSWER_METADATA={"link": "https://github.com/onyx-dot-app/onyx/blob/main/CONTRIBUTING.md"} -->
+<!-- DANSWER_METADATA={"link": "https://github.com/danswer-ai/danswer/blob/main/CONTRIBUTING.md"} -->

-# Contributing to Onyx
-
-Hey there! We are so excited that you're interested in Onyx.
+# Contributing to Danswer
+Hey there! We are so excited that you're interested in Danswer.

 As an open source project in a rapidly changing space, we welcome all contributions.

+
 ## 💃 Guidelines
-
 ### Contribution Opportunities
-
-The [GitHub Issues](https://github.com/onyx-dot-app/onyx/issues) page is a great place to start for contribution ideas.
-
-To ensure that your contribution is aligned with the project's direction, please reach out to Hagen (or any other maintainer) on the Onyx team
-via [Slack](https://join.slack.com/t/onyx-dot-app/shared_invite/zt-2twesxdr6-5iQitKZQpgq~hYIZ~dv3KA) /
-[Discord](https://discord.gg/TDJ59cGV2X) or [email](mailto:founders@onyx.app).
+The [GitHub Issues](https://github.com/danswer-ai/danswer/issues) page is a great place to start for contribution ideas.

 Issues that have been explicitly approved by the maintainers (aligned with the direction of the project)
 will be marked with the `approved by maintainers` label.
 Issues marked `good first issue` are an especially great place to start.

 **Connectors** to other tools are another great place to contribute. For details on how, refer to this
-[README.md](https://github.com/onyx-dot-app/onyx/blob/main/backend/onyx/connectors/README.md).
+[README.md](https://github.com/danswer-ai/danswer/blob/main/backend/danswer/connectors/README.md).

 If you have a new/different contribution in mind, we'd love to hear about it!
-Your input is vital to making sure that Onyx moves in the right direction.
+Your input is vital to making sure that Danswer moves in the right direction.
 Before starting on implementation, please raise a GitHub issue.

-Also, always feel free to message the founders (Chris Weaver / Yuhong Sun) on
-[Slack](https://join.slack.com/t/onyx-dot-app/shared_invite/zt-2twesxdr6-5iQitKZQpgq~hYIZ~dv3KA) /
-[Discord](https://discord.gg/TDJ59cGV2X) directly about anything at all.
+And always feel free to message us (Chris Weaver / Yuhong Sun) on 
+[Slack](https://join.slack.com/t/danswer/shared_invite/zt-2lcmqw703-071hBuZBfNEOGUsLa5PXvQ) / 
+[Discord](https://discord.gg/TDJ59cGV2X) directly about anything at all. 
+

 ### Contributing Code
-
 To contribute to this project, please follow the
 ["fork and pull request"](https://docs.github.com/en/get-started/quickstart/contributing-to-projects) workflow.
 When opening a pull request, mention related issues and feel free to tag relevant maintainers.
@@ -40,78 +34,72 @@ When opening a pull request, mention related issues and feel free to tag relevan
 Before creating a pull request please make sure that the new changes conform to the formatting and linting requirements.
 See the [Formatting and Linting](#formatting-and-linting) section for how to run these checks locally.

-### Getting Help 🙋

+### Getting Help 🙋
 Our goal is to make contributing as easy as possible. If you run into any issues please don't hesitate to reach out.
 That way we can help future contributors and users can avoid the same issue.

 We also have support channels and generally interesting discussions on our
-[Slack](https://join.slack.com/t/onyx-dot-app/shared_invite/zt-2twesxdr6-5iQitKZQpgq~hYIZ~dv3KA)
-and
+[Slack](https://join.slack.com/t/danswer/shared_invite/zt-2afut44lv-Rw3kSWu6_OmdAXRpCv80DQ)
+and 
 [Discord](https://discord.gg/TDJ59cGV2X).

 We would love to see you there!

+
 ## Get Started 🚀
-
-Onyx being a fully functional app, relies on some external software, specifically:
-
+Danswer being a fully functional app, relies on some external software, specifically:
 - [Postgres](https://www.postgresql.org/) (Relational DB)
 - [Vespa](https://vespa.ai/) (Vector DB/Search Engine)
 - [Redis](https://redis.io/) (Cache)
 - [Nginx](https://nginx.org/) (Not needed for development flows generally)

+
 > **Note:**
-> This guide provides instructions to build and run Onyx locally from source with Docker containers providing the above external software. We believe this combination is easier for
-> development purposes. If you prefer to use pre-built container images, we provide instructions on running the full Onyx stack within Docker below.
+> This guide provides instructions to build and run Danswer locally from source with Docker containers providing the above external software. We believe this combination is easier for
+> development purposes. If you prefer to use pre-built container images, we provide instructions on running the full Danswer stack within Docker below.
+

 ### Local Set Up
-
 Be sure to use Python version 3.11. For instructions on installing Python 3.11 on macOS, refer to the [CONTRIBUTING_MACOS.md](./CONTRIBUTING_MACOS.md) readme.

 If using a lower version, modifications will have to be made to the code.
 If using a higher version, sometimes some libraries will not be available (i.e. we had problems with Tensorflow in the past with higher versions of python).

-#### Backend: Python requirements

+#### Backend: Python requirements
 Currently, we use pip and recommend creating a virtual environment.

 For convenience here's a command for it:
-
 ```bash
 python -m venv .venv
 source .venv/bin/activate
 ```

 > **Note:**
-> This virtual environment MUST NOT be set up WITHIN the onyx directory if you plan on using mypy within certain IDEs.
-> For simplicity, we recommend setting up the virtual environment outside of the onyx directory.
+> This virtual environment MUST NOT be set up WITHIN the danswer directory if you plan on using mypy within certain IDEs.
+> For simplicity, we recommend setting up the virtual environment outside of the danswer directory.

 _For Windows, activate the virtual environment using Command Prompt:_
-
 ```bash
 .venv\Scripts\activate
 ```
-
 If using PowerShell, the command slightly differs:
-
 ```powershell
 .venv\Scripts\Activate.ps1
 ```

 Install the required python dependencies:
-
 ```bash
-pip install -r onyx/backend/requirements/default.txt
-pip install -r onyx/backend/requirements/dev.txt
-pip install -r onyx/backend/requirements/ee.txt
-pip install -r onyx/backend/requirements/model_server.txt
+pip install -r danswer/backend/requirements/default.txt
+pip install -r danswer/backend/requirements/dev.txt
+pip install -r danswer/backend/requirements/ee.txt
+pip install -r danswer/backend/requirements/model_server.txt
 ```

 Install Playwright for Python (headless browser required by the Web Connector)

 In the activated Python virtualenv, install Playwright for Python by running:
-
 ```bash
 playwright install
 ```
@@ -121,90 +109,42 @@ You may have to deactivate and reactivate your virtualenv for `playwright` to ap
 #### Frontend: Node dependencies

 Install [Node.js and npm](https://docs.npmjs.com/downloading-and-installing-node-js-and-npm) for the frontend.
-Once the above is done, navigate to `onyx/web` run:
-
+Once the above is done, navigate to `danswer/web` run:
 ```bash
 npm i
 ```

-## Formatting and Linting
-
-### Backend
-
-For the backend, you'll need to setup pre-commit hooks (black / reorder-python-imports).
-First, install pre-commit (if you don't have it already) following the instructions
-[here](https://pre-commit.com/#installation).
-
-With the virtual environment active, install the pre-commit library with:
-
-```bash
-pip install pre-commit
-```
-
-Then, from the `onyx/backend` directory, run:
-
-```bash
-pre-commit install
-```
-
-Additionally, we use `mypy` for static type checking.
-Onyx is fully type-annotated, and we want to keep it that way!
-To run the mypy checks manually, run `python -m mypy .` from the `onyx/backend` directory.
-
-### Web
-
-We use `prettier` for formatting. The desired version (2.8.8) will be installed via a `npm i` from the `onyx/web` directory.
-To run the formatter, use `npx prettier --write .` from the `onyx/web` directory.
-Please double check that prettier passes before creating a pull request.
-
-# Running the application for development
-
-## Developing using VSCode Debugger (recommended)
-
-We highly recommend using VSCode debugger for development.
-See [CONTRIBUTING_VSCODE.md](./CONTRIBUTING_VSCODE.md) for more details.
-
-Otherwise, you can follow the instructions below to run the application for development.
-
-## Manually running the application for development
-### Docker containers for external software
-
+#### Docker containers for external software
 You will need Docker installed to run these containers.

-First navigate to `onyx/deployment/docker_compose`, then start up Postgres/Vespa/Redis with:
-
+First navigate to `danswer/deployment/docker_compose`, then start up Postgres/Vespa/Redis with:
 ```bash
-docker compose -f docker-compose.dev.yml -p onyx-stack up -d index relational_db cache
+docker compose -f docker-compose.dev.yml -p danswer-stack up -d index relational_db cache
 ```
-
 (index refers to Vespa, relational_db refers to Postgres, and cache refers to Redis)

-### Running Onyx locally
-
-To start the frontend, navigate to `onyx/web` and run:

+#### Running Danswer locally
+To start the frontend, navigate to `danswer/web` and run:
 ```bash
 npm run dev
 ```

 Next, start the model server which runs the local NLP models.
-Navigate to `onyx/backend` and run:
-
+Navigate to `danswer/backend` and run:
 ```bash
 uvicorn model_server.main:app --reload --port 9000
 ```

 _For Windows (for compatibility with both PowerShell and Command Prompt):_
-
 ```bash
 powershell -Command "uvicorn model_server.main:app --reload --port 9000"
 ```

-The first time running Onyx, you will need to run the DB migrations for Postgres.
+The first time running Danswer, you will need to run the DB migrations for Postgres.
 After the first time, this is no longer required unless the DB models change.

-Navigate to `onyx/backend` and with the venv active, run:
-
+Navigate to `danswer/backend` and with the venv active, run:
 ```bash
 alembic upgrade head
 ```
@@ -212,24 +152,21 @@ alembic upgrade head
 Next, start the task queue which orchestrates the background jobs.
 Jobs that take more time are run async from the API server.

-Still in `onyx/backend`, run:
-
+Still in `danswer/backend`, run:
 ```bash
 python ./scripts/dev_run_background_jobs.py
 ```

-To run the backend API server, navigate back to `onyx/backend` and run:
-
+To run the backend API server, navigate back to `danswer/backend` and run:
 ```bash
-AUTH_TYPE=disabled uvicorn onyx.main:app --reload --port 8080
+AUTH_TYPE=disabled uvicorn danswer.main:app --reload --port 8080
 ```

 _For Windows (for compatibility with both PowerShell and Command Prompt):_
-
 ```bash
 powershell -Command "
    $env:AUTH_TYPE='disabled'
-    uvicorn onyx.main:app --reload --port 8080
+    uvicorn danswer.main:app --reload --port 8080 
 "
 ```

@@ -245,32 +182,57 @@ You should now have 4 servers running:
 - Model server
 - Background jobs

-Now, visit `http://localhost:3000` in your browser. You should see the Onyx onboarding wizard where you can connect your external LLM provider to Onyx.
+Now, visit `http://localhost:3000` in your browser. You should see the Danswer onboarding wizard where you can connect your external LLM provider to Danswer.

-You've successfully set up a local Onyx instance! 🏁
+You've successfully set up a local Danswer instance! 🏁

-#### Running the Onyx application in a container
+#### Running the Danswer application in a container

-You can run the full Onyx application stack from pre-built images including all external software dependencies.
+You can run the full Danswer application stack from pre-built images including all external software dependencies.

-Navigate to `onyx/deployment/docker_compose` and run:
+Navigate to `danswer/deployment/docker_compose` and run:

 ```bash
-docker compose -f docker-compose.dev.yml -p onyx-stack up -d
+docker compose -f docker-compose.dev.yml -p danswer-stack up -d
 ```

-After Docker pulls and starts these containers, navigate to `http://localhost:3000` to use Onyx.
+After Docker pulls and starts these containers, navigate to `http://localhost:3000` to use Danswer.

-If you want to make changes to Onyx and run those changes in Docker, you can also build a local version of the Onyx container images that incorporates your changes like so:
+If you want to make changes to Danswer and run those changes in Docker, you can also build a local version of the Danswer container images that incorporates your changes like so:

 ```bash
-docker compose -f docker-compose.dev.yml -p onyx-stack up -d --build
+docker compose -f docker-compose.dev.yml -p danswer-stack up -d --build
 ```

+### Formatting and Linting
+#### Backend
+For the backend, you'll need to setup pre-commit hooks (black / reorder-python-imports).
+First, install pre-commit (if you don't have it already) following the instructions
+[here](https://pre-commit.com/#installation).
+
+With the virtual environment active, install the pre-commit library with:
+```bash
+pip install pre-commit
+```
+
+Then, from the `danswer/backend` directory, run:
+```bash
+pre-commit install
+```
+
+Additionally, we use `mypy` for static type checking.
+Danswer is fully type-annotated, and we want to keep it that way! 
+To run the mypy checks manually, run `python -m mypy .` from the `danswer/backend` directory.
+
+
+#### Web
+We use `prettier` for formatting. The desired version (2.8.8) will be installed via a `npm i` from the `danswer/web` directory. 
+To run the formatter, use `npx prettier --write .` from the `danswer/web` directory.
+Please double check that prettier passes before creating a pull request.
+

 ### Release Process
-
-Onyx loosely follows the SemVer versioning standard.
+Danswer loosely follows the SemVer versioning standard.
 Major changes are released with a "minor" version bump. Currently we use patch release versions to indicate small feature changes.
 A set of Docker containers will be pushed automatically to DockerHub with every tag.
-You can see the containers [here](https://hub.docker.com/search?q=onyx%2F).
+You can see the containers [here](https://hub.docker.com/search?q=danswer%2F).
--- a/CONTRIBUTING_MACOS.md
+++ b/CONTRIBUTING_MACOS.md
@@ -1,19 +1,15 @@
 ## Some additional notes for Mac Users
-
-The base instructions to set up the development environment are located in [CONTRIBUTING.md](https://github.com/onyx-dot-app/onyx/blob/main/CONTRIBUTING.md).
+The base instructions to set up the development environment are located in [CONTRIBUTING.md](https://github.com/danswer-ai/danswer/blob/main/CONTRIBUTING.md).

 ### Setting up Python
-
 Ensure [Homebrew](https://brew.sh/) is already set up.

 Then install python 3.11.
-
 ```bash
 brew install python@3.11
 ```

 Add python 3.11 to your path: add the following line to ~/.zshrc
-
 ```
 export PATH="$(brew --prefix)/opt/python@3.11/libexec/bin:$PATH"
 ```
@@ -21,16 +17,15 @@ export PATH="$(brew --prefix)/opt/python@3.11/libexec/bin:$PATH"
 > **Note:**
 > You will need to open a new terminal for the path change above to take effect.

-### Setting up Docker

-On macOS, you will need to install [Docker Desktop](https://www.docker.com/products/docker-desktop/) and
+### Setting up Docker
+On macOS, you will need to install [Docker Desktop](https://www.docker.com/products/docker-desktop/) and 
 ensure it is running before continuing with the docker commands.

-### Formatting and Linting

+### Formatting and Linting
 MacOS will likely require you to remove some quarantine attributes on some of the hooks for them to execute properly.
 After installing pre-commit, run the following command:
-
 ```bash
 sudo xattr -r -d com.apple.quarantine ~/.cache/pre-commit
-```
+```
--- a/CONTRIBUTING_VSCODE.md
+++ b/CONTRIBUTING_VSCODE.md
@@ -1,30 +0,0 @@
-# VSCode Debugging Setup
-
-This guide explains how to set up and use VSCode's debugging capabilities with this project.
-
-## Initial Setup
-
-1. **Environment Setup**:
-   - Copy `.vscode/.env.template` to `.vscode/.env`
-   - Fill in the necessary environment variables in `.vscode/.env`
-2. **launch.json**:
-   - Copy `.vscode/launch.template.jsonc` to `.vscode/launch.json`
-
-## Using the Debugger
-
-Before starting, make sure the Docker Daemon is running.
-
-1. Open the Debug view in VSCode (Cmd+Shift+D on macOS)
-2. From the dropdown at the top, select "Clear and Restart External Volumes and Containers" and press the green play button
-3. From the dropdown at the top, select "Run All Onyx Services" and press the green play button
-4. CD into web, run "npm i" followed by npm run dev.
-5. Now, you can navigate to onyx in your browser (default is http://localhost:3000) and start using the app
-6. You can set breakpoints by clicking to the left of line numbers to help debug while the app is running
-7. Use the debug toolbar to step through code, inspect variables, etc.
-
-## Features
-
- Hot reload is enabled for the web server and API servers
- Python debugging is configured with debugpy
- Environment variables are loaded from `.vscode/.env`
- Console output is organized in the integrated terminal with labeled tabs
--- a/6
+++ b/6
@@ -2,9 +2,9 @@ Copyright (c) 2023-present DanswerAI, Inc.

 Portions of this software are licensed as follows:

- All content that resides under "ee" directories of this repository, if that directory exists, is licensed under the license defined in "backend/ee/LICENSE". Specifically all content under "backend/ee" and "web/src/app/ee" is licensed under the license defined in "backend/ee/LICENSE".
- All third party components incorporated into the Onyx Software are licensed under the original license provided by the owner of the applicable component.
- Content outside of the above mentioned directories or restrictions above is available under the "MIT Expat" license as defined below.
+* All content that resides under "ee" directories of this repository, if that directory exists, is licensed under the license defined in "backend/ee/LICENSE". Specifically all content under "backend/ee" and "web/src/app/ee" is licensed under the license defined in "backend/ee/LICENSE".
+* All third party components incorporated into the Danswer Software are licensed under the original license provided by the owner of the applicable component.
+* Content outside of the above mentioned directories or restrictions above is available under the "MIT Expat" license as defined below.

 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
--- a/README.md
+++ b/README.md
@@ -1,135 +1,146 @@
-<!-- DANSWER_METADATA={"link": "https://github.com/onyx-dot-app/onyx/blob/main/README.md"} -->
-
+<!-- DANSWER_METADATA={"link": "https://github.com/danswer-ai/danswer/blob/main/README.md"} -->
 <a name="readme-top"></a>

 <h2 align="center">
-<a href="https://www.onyx.app/"> <img width="50%" src="https://github.com/onyx-dot-app/onyx/blob/logo/OnyxLogoCropped.jpg?raw=true)" /></a>
+<a href="https://www.danswer.ai/"> <img width="50%" src="https://github.com/danswer-owners/danswer/blob/1fabd9372d66cd54238847197c33f091a724803b/DanswerWithName.png?raw=true)" /></a>
 </h2>

 <p align="center">
-<p align="center">Open Source Gen-AI + Enterprise Search.</p>
+<p align="center">Open Source Gen-AI Chat + Unified Search.</p>

 <p align="center">
-<a href="https://docs.onyx.app/" target="_blank">
+<a href="https://docs.danswer.dev/" target="_blank">
    <img src="https://img.shields.io/badge/docs-view-blue" alt="Documentation">
 </a>
-<a href="https://join.slack.com/t/onyx-dot-app/shared_invite/zt-2twesxdr6-5iQitKZQpgq~hYIZ~dv3KA" target="_blank">
+<a href="https://join.slack.com/t/danswer/shared_invite/zt-2twesxdr6-5iQitKZQpgq~hYIZ~dv3KA" target="_blank">
    <img src="https://img.shields.io/badge/slack-join-blue.svg?logo=slack" alt="Slack">
 </a>
 <a href="https://discord.gg/TDJ59cGV2X" target="_blank">
    <img src="https://img.shields.io/badge/discord-join-blue.svg?logo=discord&logoColor=white" alt="Discord">
 </a>
-<a href="https://github.com/onyx-dot-app/onyx/blob/main/README.md" target="_blank">
+<a href="https://github.com/danswer-ai/danswer/blob/main/README.md" target="_blank">
    <img src="https://img.shields.io/static/v1?label=license&message=MIT&color=blue" alt="License">
 </a>
 </p>

-<strong>[Onyx](https://www.onyx.app/)</strong> (formerly Danswer) is the AI Assistant connected to your company's docs, apps, and people.
-Onyx provides a Chat interface and plugs into any LLM of your choice. Onyx can be deployed anywhere and for any
-scale - on a laptop, on-premise, or to cloud. Since you own the deployment, your user data and chats are fully in your
-own control. Onyx is dual Licensed with most of it under MIT license and designed to be modular and easily extensible. The system also comes fully ready
-for production usage with user authentication, role management (admin/basic users), chat persistence, and a UI for
-configuring AI Assistants.
+<strong>[Danswer](https://www.danswer.ai/)</strong> is the AI Assistant connected to your company's docs, apps, and people. 
+Danswer provides a Chat interface and plugs into any LLM of your choice. Danswer can be deployed anywhere and for any 
+scale - on a laptop, on-premise, or to cloud. Since you own the deployment, your user data and chats are fully in your 
+own control. Danswer is MIT licensed and designed to be modular and easily extensible. The system also comes fully ready 
+for production usage with user authentication, role management (admin/basic users), chat persistence, and a UI for 
+configuring Personas (AI Assistants) and their Prompts.

-Onyx also serves as a Enterprise Search across all common workplace tools such as Slack, Google Drive, Confluence, etc.
-By combining LLMs and team specific knowledge, Onyx becomes a subject matter expert for the team. Imagine ChatGPT if
+Danswer also serves as a Unified Search across all common workplace tools such as Slack, Google Drive, Confluence, etc.
+By combining LLMs and team specific knowledge, Danswer becomes a subject matter expert for the team. Imagine ChatGPT if
 it had access to your team's unique knowledge! It enables questions such as "A customer wants feature X, is this already
 supported?" or "Where's the pull request for feature Y?"

 <h3>Usage</h3>

-Onyx Web App:
+Danswer Web App:

-https://github.com/onyx-dot-app/onyx/assets/32520769/563be14c-9304-47b5-bf0a-9049c2b6f410
+https://github.com/danswer-ai/danswer/assets/32520769/563be14c-9304-47b5-bf0a-9049c2b6f410

-Or, plug Onyx into your existing Slack workflows (more integrations to come 😁):

-https://github.com/onyx-dot-app/onyx/assets/25087905/3e19739b-d178-4371-9a38-011430bdec1b
+Or, plug Danswer into your existing Slack workflows (more integrations to come 😁):

-For more details on the Admin UI to manage connectors and users, check out our
+https://github.com/danswer-ai/danswer/assets/25087905/3e19739b-d178-4371-9a38-011430bdec1b
+
+
+For more details on the Admin UI to manage connectors and users, check out our 
 <strong><a href="https://www.youtube.com/watch?v=geNzY1nbCnU">Full Video Demo</a></strong>!

 ## Deployment

-Onyx can easily be run locally (even on a laptop) or deployed on a virtual machine with a single
-`docker compose` command. Checkout our [docs](https://docs.onyx.app/quickstart) to learn more.
+Danswer can easily be run locally (even on a laptop) or deployed on a virtual machine with a single
+`docker compose` command. Checkout our [docs](https://docs.danswer.dev/quickstart) to learn more.

-We also have built-in support for deployment on Kubernetes. Files for that can be found [here](https://github.com/onyx-dot-app/onyx/tree/main/deployment/kubernetes).
+We also have built-in support for deployment on Kubernetes. Files for that can be found [here](https://github.com/danswer-ai/danswer/tree/main/deployment/kubernetes).

-## 💃 Main Features

- Chat UI with the ability to select documents to chat with.
- Create custom AI Assistants with different prompts and backing knowledge sets.
- Connect Onyx with LLM of your choice (self-host for a fully airgapped solution).
- Document Search + AI Answers for natural language queries.
- Connectors to all common workplace tools like Google Drive, Confluence, Slack, etc.
- Slack integration to get answers and search results directly in Slack.
+## 💃 Main Features 
+* Chat UI with the ability to select documents to chat with.
+* Create custom AI Assistants with different prompts and backing knowledge sets.
+* Connect Danswer with LLM of your choice (self-host for a fully airgapped solution).
+* Document Search + AI Answers for natural language queries.
+* Connectors to all common workplace tools like Google Drive, Confluence, Slack, etc.
+* Slack integration to get answers and search results directly in Slack.
+

 ## 🚧 Roadmap
+* Chat/Prompt sharing with specific teammates and user groups.
+* Multimodal model support, chat with images, video etc.
+* Choosing between LLMs and parameters during chat session.
+* Tool calling and agent configurations options.
+* Organizational understanding and ability to locate and suggest experts from your team.

- Chat/Prompt sharing with specific teammates and user groups.
- Multimodal model support, chat with images, video etc.
- Choosing between LLMs and parameters during chat session.
- Tool calling and agent configurations options.
- Organizational understanding and ability to locate and suggest experts from your team.

-## Other Notable Benefits of Onyx
+## Other Notable Benefits of Danswer
+* User Authentication with document level access management.
+* Best in class Hybrid Search across all sources (BM-25 + prefix aware embedding models).
+* Admin Dashboard to configure connectors, document-sets, access, etc.
+* Custom deep learning models + learn from user feedback.
+* Easy deployment and ability to host Danswer anywhere of your choosing.

- User Authentication with document level access management.
- Best in class Hybrid Search across all sources (BM-25 + prefix aware embedding models).
- Admin Dashboard to configure connectors, document-sets, access, etc.
- Custom deep learning models + learn from user feedback.
- Easy deployment and ability to host Onyx anywhere of your choosing.

 ## 🔌 Connectors
-
 Efficiently pulls the latest changes from:
-
- Slack
- GitHub
- Google Drive
- Confluence
- Jira
- Zendesk
- Gmail
- Notion
- Gong
- Slab
- Linear
- Productboard
- Guru
- Bookstack
- Document360
- Sharepoint
- Hubspot
- Local Files
- Websites
- And more ...
+  * Slack
+  * GitHub
+  * Google Drive
+  * Confluence
+  * Jira
+  * Zendesk
+  * Gmail
+  * Notion
+  * Gong
+  * Slab
+  * Linear
+  * Productboard
+  * Guru
+  * Bookstack
+  * Document360
+  * Sharepoint
+  * Hubspot
+  * Local Files
+  * Websites
+  * And more ...

 ## 📚 Editions

-There are two editions of Onyx:
+There are two editions of Danswer:

- Onyx Community Edition (CE) is available freely under the MIT Expat license. This version has ALL the core features discussed above. This is the version of Onyx you will get if you follow the Deployment guide above.
- Onyx Enterprise Edition (EE) includes extra features that are primarily useful for larger organizations. Specifically, this includes:
-  - Single Sign-On (SSO), with support for both SAML and OIDC
-  - Role-based access control
-  - Document permission inheritance from connected sources
-  - Usage analytics and query history accessible to admins
-  - Whitelabeling
-  - API key authentication
-  - Encryption of secrets
-  - Any many more! Checkout [our website](https://www.onyx.app/) for the latest.
+  * Danswer Community Edition (CE) is available freely under the MIT Expat license. This version has ALL the core features discussed above. This is the version of Danswer you will get if you follow the Deployment guide above.
+  * Danswer Enterprise Edition (EE) includes extra features that are primarily useful for larger organizations. Specifically, this includes:
+    * Single Sign-On (SSO), with support for both SAML and OIDC
+    * Role-based access control
+    * Document permission inheritance from connected sources
+    * Usage analytics and query history accessible to admins
+    * Whitelabeling
+    * API key authentication
+    * Encryption of secrets
+    * Any many more! Checkout [our website](https://www.danswer.ai/) for the latest.

-To try the Onyx Enterprise Edition:
+To try the Danswer Enterprise Edition: 

-1. Checkout our [Cloud product](https://cloud.onyx.app/signup).
-2. For self-hosting, contact us at [founders@onyx.app](mailto:founders@onyx.app) or book a call with us on our [Cal](https://cal.com/team/danswer/founders).
+  1. Checkout our [Cloud product](https://app.danswer.ai/signup).
+  2. For self-hosting, contact us at [founders@danswer.ai](mailto:founders@danswer.ai) or book a call with us on our [Cal](https://cal.com/team/danswer/founders).

 ## 💡 Contributing
-
 Looking to contribute? Please check out the [Contribution Guide](CONTRIBUTING.md) for more details.

 ## ⭐Star History

-[![Star History Chart](https://api.star-history.com/svg?repos=onyx-dot-app/onyx&type=Date)](https://star-history.com/#onyx-dot-app/onyx&Date)
+[![Star History Chart](https://api.star-history.com/svg?repos=danswer-ai/danswer&type=Date)](https://star-history.com/#danswer-ai/danswer&Date)
+
+## ✨Contributors
+
+<a href="https://github.com/danswer-ai/danswer/graphs/contributors">
+  <img alt="contributors" src="https://contrib.rocks/image?repo=danswer-ai/danswer"/>
+</a>
+
+<p align="right" style="font-size: 14px; color: #555; margin-top: 20px;">
+    <a href="#readme-top" style="text-decoration: none; color: #007bff; font-weight: bold;">
+        ↑ Back to Top ↑
+    </a>
+</p>
--- a/backend/.gitignore
+++ b/backend/.gitignore
@@ -9,4 +9,3 @@ api_keys.py
 vespa-app.zip
 dynamic_config_storage/
 celerybeat-schedule*
-onyx/connectors/salesforce/data/
--- a/backend/ee/onyx/init.py
+++ b/backend/ee/onyx/init.py
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@@ -1,19 +1,19 @@
 FROM python:3.11.7-slim-bookworm

-LABEL com.danswer.maintainer="founders@onyx.app"
-LABEL com.danswer.description="This image is the web/frontend container of Onyx which \
-contains code for both the Community and Enterprise editions of Onyx. If you do not \
+LABEL com.danswer.maintainer="founders@danswer.ai"
+LABEL com.danswer.description="This image is the web/frontend container of Danswer which \
+contains code for both the Community and Enterprise editions of Danswer. If you do not \
 have a contract or agreement with DanswerAI, you are not permitted to use the Enterprise \
 Edition features outside of personal development or testing purposes. Please reach out to \
-founders@onyx.app for more information. Please visit https://github.com/onyx-dot-app/onyx"
+founders@danswer.ai for more information. Please visit https://github.com/danswer-ai/danswer"

-# Default ONYX_VERSION, typically overriden during builds by GitHub Actions.
-ARG ONYX_VERSION=0.8-dev
-ENV ONYX_VERSION=${ONYX_VERSION} \
+# Default DANSWER_VERSION, typically overriden during builds by GitHub Actions.
+ARG DANSWER_VERSION=0.8-dev
+ENV DANSWER_VERSION=${DANSWER_VERSION} \
    DANSWER_RUNNING_IN_DOCKER="true"


-RUN echo "ONYX_VERSION: ${ONYX_VERSION}"
+RUN echo "DANSWER_VERSION: ${DANSWER_VERSION}"
 # Install system dependencies
 # cmake needed for psycopg (postgres)
 # libpq-dev needed for psycopg (postgres)
@@ -56,7 +56,7 @@ RUN pip install --no-cache-dir --upgrade \
 # Cleanup for CVEs and size reduction
 # https://github.com/tornadoweb/tornado/issues/3107
 # xserver-common and xvfb included by playwright installation but not needed after
-# perl-base is part of the base Python Debian image but not needed for Onyx functionality
+# perl-base is part of the base Python Debian image but not needed for Danswer functionality
 # perl-base could only be removed with --allow-remove-essential
 RUN apt-get update && \
    apt-get remove -y --allow-remove-essential \
@@ -73,7 +73,6 @@ RUN apt-get update && \
    rm -rf /var/lib/apt/lists/* && \
    rm -f /usr/local/lib/python3.11/site-packages/tornado/test/test.key

-
 # Pre-downloading models for setups with limited egress
 RUN python -c "from tokenizers import Tokenizer; \
 Tokenizer.from_pretrained('nomic-ai/nomic-embed-text-v1')"
@@ -92,7 +91,7 @@ COPY ./ee /app/ee
 COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf

 # Set up application files
-COPY ./onyx /app/onyx
+COPY ./danswer /app/danswer
 COPY ./shared_configs /app/shared_configs
 COPY ./alembic /app/alembic
 COPY ./alembic_tenants /app/alembic_tenants
--- a/backend/Dockerfile.model_server
+++ b/backend/Dockerfile.model_server
@@ -1,18 +1,18 @@
 FROM python:3.11.7-slim-bookworm

-LABEL com.danswer.maintainer="founders@onyx.app"
-LABEL com.danswer.description="This image is for the Onyx model server which runs all of the \
-AI models for Onyx. This container and all the code is MIT Licensed and free for all to use. \
-You can find it at https://hub.docker.com/r/onyx/onyx-model-server. For more details, \
-visit https://github.com/onyx-dot-app/onyx."
+LABEL com.danswer.maintainer="founders@danswer.ai"
+LABEL com.danswer.description="This image is for the Danswer model server which runs all of the \
+AI models for Danswer. This container and all the code is MIT Licensed and free for all to use. \
+You can find it at https://hub.docker.com/r/danswer/danswer-model-server. For more details, \
+visit https://github.com/danswer-ai/danswer."

-# Default ONYX_VERSION, typically overriden during builds by GitHub Actions.
-ARG ONYX_VERSION=0.8-dev
-ENV ONYX_VERSION=${ONYX_VERSION} \
+# Default DANSWER_VERSION, typically overriden during builds by GitHub Actions.
+ARG DANSWER_VERSION=0.8-dev
+ENV DANSWER_VERSION=${DANSWER_VERSION} \
    DANSWER_RUNNING_IN_DOCKER="true"


-RUN echo "ONYX_VERSION: ${ONYX_VERSION}"
+RUN echo "DANSWER_VERSION: ${DANSWER_VERSION}"

 COPY ./requirements/model_server.txt /tmp/requirements.txt
 RUN pip install --no-cache-dir --upgrade \
@@ -20,11 +20,11 @@ RUN pip install --no-cache-dir --upgrade \
        --timeout 30 \
        -r /tmp/requirements.txt

-RUN apt-get remove -y --allow-remove-essential perl-base && \ 
+RUN apt-get remove -y --allow-remove-essential perl-base && \
    apt-get autoremove -y

 # Pre-downloading models for setups with limited egress
-# Download tokenizers, distilbert for the Onyx model
+# Download tokenizers, distilbert for the Danswer model
 # Download model weights
 # Run Nomic to pull in the custom architecture and have it cached locally
 RUN python -c "from transformers import AutoTokenizer; \
@@ -38,18 +38,18 @@ from sentence_transformers import SentenceTransformer; \
 SentenceTransformer(model_name_or_path='nomic-ai/nomic-embed-text-v1', trust_remote_code=True);"

 # In case the user has volumes mounted to /root/.cache/huggingface that they've downloaded while
-# running Onyx, don't overwrite it with the built in cache folder
+# running Danswer, don't overwrite it with the built in cache folder
 RUN mv /root/.cache/huggingface /root/.cache/temp_huggingface

 WORKDIR /app

 # Utils used by model server
-COPY ./onyx/utils/logger.py /app/onyx/utils/logger.py
+COPY ./danswer/utils/logger.py /app/danswer/utils/logger.py

 # Place to fetch version information
-COPY ./onyx/__init__.py /app/onyx/__init__.py
+COPY ./danswer/__init__.py /app/danswer/__init__.py

-# Shared between Onyx Backend and Model Server
+# Shared between Danswer Backend and Model Server
 COPY ./shared_configs /app/shared_configs

 # Model Server main code
--- a/backend/alembic/README.md
+++ b/backend/alembic/README.md
@@ -1,22 +1,19 @@
-<!-- DANSWER_METADATA={"link": "https://github.com/onyx-dot-app/onyx/blob/main/backend/alembic/README.md"} -->
+<!-- DANSWER_METADATA={"link": "https://github.com/danswer-ai/danswer/blob/main/backend/alembic/README.md"} -->

 # Alembic DB Migrations
-
 These files are for creating/updating the tables in the Relational DB (Postgres).
-Onyx migrations use a generic single-database configuration with an async dbapi.
+Danswer migrations use a generic single-database configuration with an async dbapi.

-## To generate new migrations:
-
-run from onyx/backend:
+## To generate new migrations: 
+run from danswer/backend:
 `alembic revision --autogenerate -m <DESCRIPTION_OF_MIGRATION>`

 More info can be found here: https://alembic.sqlalchemy.org/en/latest/autogenerate.html

 ## Running migrations
-
 To run all un-applied migrations:
 `alembic upgrade head`

 To undo migrations:
-`alembic downgrade -X`
+`alembic downgrade -X` 
 where X is the number of migrations you want to undo from the current state
--- a/backend/alembic/env.py
+++ b/backend/alembic/env.py
@@ -1,70 +1,56 @@
-from typing import Any, Literal
-from onyx.db.engine import get_iam_auth_token
-from onyx.configs.app_configs import USE_IAM_AUTH
-from onyx.configs.app_configs import POSTGRES_HOST
-from onyx.configs.app_configs import POSTGRES_PORT
-from onyx.configs.app_configs import POSTGRES_USER
-from onyx.configs.app_configs import AWS_REGION_NAME
-from onyx.db.engine import build_connection_string
-from onyx.db.engine import get_all_tenant_ids
-from sqlalchemy import event
-from sqlalchemy import pool
-from sqlalchemy import text
 from sqlalchemy.engine.base import Connection
-import os
-import ssl
+from typing import Any
 import asyncio
-import logging
 from logging.config import fileConfig
+import logging

 from alembic import context
+from sqlalchemy import pool
 from sqlalchemy.ext.asyncio import create_async_engine
-from sqlalchemy.sql.schema import SchemaItem
-from onyx.configs.constants import SSL_CERT_FILE
-from shared_configs.configs import MULTI_TENANT, POSTGRES_DEFAULT_SCHEMA
-from onyx.db.models import Base
+from sqlalchemy.sql import text
+
+from shared_configs.configs import MULTI_TENANT
+from danswer.db.engine import build_connection_string
+from danswer.db.models import Base
 from celery.backends.database.session import ResultModelBase  # type: ignore
+from danswer.db.engine import get_all_tenant_ids
+from shared_configs.configs import POSTGRES_DEFAULT_SCHEMA

 # Alembic Config object
 config = context.config

+# Interpret the config file for Python logging.
 if config.config_file_name is not None and config.attributes.get(
    "configure_logger", True
 ):
    fileConfig(config.config_file_name)

+# Add your model's MetaData object here for 'autogenerate' support
 target_metadata = [Base.metadata, ResultModelBase.metadata]

 EXCLUDE_TABLES = {"kombu_queue", "kombu_message"}
-logger = logging.getLogger(__name__)

-ssl_context: ssl.SSLContext | None = None
-if USE_IAM_AUTH:
-    if not os.path.exists(SSL_CERT_FILE):
-        raise FileNotFoundError(f"Expected {SSL_CERT_FILE} when USE_IAM_AUTH is true.")
-    ssl_context = ssl.create_default_context(cafile=SSL_CERT_FILE)
+# Set up logging
+logger = logging.getLogger(__name__)


 def include_object(
-    object: SchemaItem,
-    name: str | None,
-    type_: Literal[
-        "schema",
-        "table",
-        "column",
-        "index",
-        "unique_constraint",
-        "foreign_key_constraint",
-    ],
-    reflected: bool,
-    compare_to: SchemaItem | None,
+    object: Any, name: str, type_: str, reflected: bool, compare_to: Any
 ) -> bool:
+    """
+    Determines whether a database object should be included in migrations.
+    Excludes specified tables from migrations.
+    """
    if type_ == "table" and name in EXCLUDE_TABLES:
        return False
    return True


 def get_schema_options() -> tuple[str, bool, bool]:
+    """
+    Parses command-line options passed via '-x' in Alembic commands.
+    Recognizes 'schema', 'create_schema', and 'upgrade_all_tenants' options.
+    """
    x_args_raw = context.get_x_argument()
    x_args = {}
    for arg in x_args_raw:
@@ -92,12 +78,16 @@ def get_schema_options() -> tuple[str, bool, bool]:
 def do_run_migrations(
    connection: Connection, schema_name: str, create_schema: bool
 ) -> None:
+    """
+    Executes migrations in the specified schema.
+    """
    logger.info(f"About to migrate schema: {schema_name}")

    if create_schema:
        connection.execute(text(f'CREATE SCHEMA IF NOT EXISTS "{schema_name}"'))
        connection.execute(text("COMMIT"))

+    # Set search_path to the target schema
    connection.execute(text(f'SET search_path TO "{schema_name}"'))

    context.configure(
@@ -115,25 +105,11 @@ def do_run_migrations(
        context.run_migrations()


-def provide_iam_token_for_alembic(
-    dialect: Any, conn_rec: Any, cargs: Any, cparams: Any
-) -> None:
-    if USE_IAM_AUTH:
-        # Database connection settings
-        region = AWS_REGION_NAME
-        host = POSTGRES_HOST
-        port = POSTGRES_PORT
-        user = POSTGRES_USER
-
-        # Get IAM authentication token
-        token = get_iam_auth_token(host, port, user, region)
-
-        # For Alembic / SQLAlchemy in this context, set SSL and password
-        cparams["password"] = token
-        cparams["ssl"] = ssl_context
-
-
 async def run_async_migrations() -> None:
+    """
+    Determines whether to run migrations for a single schema or all schemas,
+    and executes migrations accordingly.
+    """
    schema_name, create_schema, upgrade_all_tenants = get_schema_options()

    engine = create_async_engine(
@@ -141,16 +117,10 @@ async def run_async_migrations() -> None:
        poolclass=pool.NullPool,
    )

-    if USE_IAM_AUTH:
-
-        @event.listens_for(engine.sync_engine, "do_connect")
-        def event_provide_iam_token_for_alembic(
-            dialect: Any, conn_rec: Any, cargs: Any, cparams: Any
-        ) -> None:
-            provide_iam_token_for_alembic(dialect, conn_rec, cargs, cparams)
-
    if upgrade_all_tenants:
+        # Run migrations for all tenant schemas sequentially
        tenant_schemas = get_all_tenant_ids()
+
        for schema in tenant_schemas:
            try:
                logger.info(f"Migrating schema: {schema}")
@@ -180,20 +150,15 @@ async def run_async_migrations() -> None:


 def run_migrations_offline() -> None:
+    """
+    Run migrations in 'offline' mode.
+    """
    schema_name, _, upgrade_all_tenants = get_schema_options()
    url = build_connection_string()

    if upgrade_all_tenants:
+        # Run offline migrations for all tenant schemas
        engine = create_async_engine(url)
-
-        if USE_IAM_AUTH:
-
-            @event.listens_for(engine.sync_engine, "do_connect")
-            def event_provide_iam_token_for_alembic_offline(
-                dialect: Any, conn_rec: Any, cargs: Any, cparams: Any
-            ) -> None:
-                provide_iam_token_for_alembic(dialect, conn_rec, cargs, cparams)
-
        tenant_schemas = get_all_tenant_ids()
        engine.sync_engine.dispose()

@@ -230,6 +195,9 @@ def run_migrations_offline() -> None:


 def run_migrations_online() -> None:
+    """
+    Runs migrations in 'online' mode using an asynchronous engine.
+    """
    asyncio.run(run_async_migrations())


--- a/backend/alembic/versions/027381bce97c_add_shortcut_option_for_users.py
+++ b/backend/alembic/versions/027381bce97c_add_shortcut_option_for_users.py
@@ -1,29 +0,0 @@
-"""add shortcut option for users
-
-Revision ID: 027381bce97c
-Revises: 6fc7886d665d
-Create Date: 2025-01-14 12:14:00.814390
-
-"""
-from alembic import op
-import sqlalchemy as sa
-
-
-# revision identifiers, used by Alembic.
-revision = "027381bce97c"
-down_revision = "6fc7886d665d"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.add_column(
-        "user",
-        sa.Column(
-            "shortcut_enabled", sa.Boolean(), nullable=False, server_default="false"
-        ),
-    )
-
-
-def downgrade() -> None:
-    op.drop_column("user", "shortcut_enabled")
--- a/backend/alembic/versions/0a98909f2757_enable_encrypted_fields.py
+++ b/backend/alembic/versions/0a98909f2757_enable_encrypted_fields.py
@@ -11,7 +11,7 @@ from sqlalchemy.sql import table
 from sqlalchemy.dialects import postgresql
 import json

-from onyx.utils.encryption import encrypt_string_to_bytes
+from danswer.utils.encryption import encrypt_string_to_bytes

 # revision identifiers, used by Alembic.
 revision = "0a98909f2757"
--- a/backend/alembic/versions/0f7ff6d75b57_add_index_to_index_attempt_time_created.py
+++ b/backend/alembic/versions/0f7ff6d75b57_add_index_to_index_attempt_time_created.py
@@ -1,36 +0,0 @@
-"""add index to index_attempt.time_created
-
-Revision ID: 0f7ff6d75b57
-Revises: 369644546676
-Create Date: 2025-01-10 14:01:14.067144
-
-"""
-from alembic import op
-
-# revision identifiers, used by Alembic.
-revision = "0f7ff6d75b57"
-down_revision = "fec3db967bf7"
-branch_labels: None = None
-depends_on: None = None
-
-
-def upgrade() -> None:
-    op.create_index(
-        op.f("ix_index_attempt_status"),
-        "index_attempt",
-        ["status"],
-        unique=False,
-    )
-
-    op.create_index(
-        op.f("ix_index_attempt_time_created"),
-        "index_attempt",
-        ["time_created"],
-        unique=False,
-    )
-
-
-def downgrade() -> None:
-    op.drop_index(op.f("ix_index_attempt_time_created"), table_name="index_attempt")
-
-    op.drop_index(op.f("ix_index_attempt_status"), table_name="index_attempt")
--- a/backend/alembic/versions/15326fcec57e_introduce_danswer_apis.py
+++ b/backend/alembic/versions/15326fcec57e_introduce_danswer_apis.py
@@ -1,4 +1,4 @@
-"""Introduce Onyx APIs
+"""Introduce Danswer APIs

 Revision ID: 15326fcec57e
 Revises: 77d07dffae64
@@ -8,7 +8,7 @@ Create Date: 2023-11-11 20:51:24.228999
 from alembic import op
 import sqlalchemy as sa

-from onyx.configs.constants import DocumentSource
+from danswer.configs.constants import DocumentSource

 # revision identifiers, used by Alembic.
 revision = "15326fcec57e"
--- a/backend/alembic/versions/1f60f60c3401_embedding_model_search_settings.py
+++ b/backend/alembic/versions/1f60f60c3401_embedding_model_search_settings.py
@@ -10,7 +10,7 @@ from alembic import op
 import sqlalchemy as sa
 from sqlalchemy.dialects import postgresql

-from onyx.configs.chat_configs import NUM_POSTPROCESSED_RESULTS
+from danswer.configs.chat_configs import NUM_POSTPROCESSED_RESULTS

 # revision identifiers, used by Alembic.
 revision = "1f60f60c3401"
--- a/backend/alembic/versions/2955778aa44c_add_chunk_count_to_document.py
+++ b/backend/alembic/versions/2955778aa44c_add_chunk_count_to_document.py
@@ -1,24 +0,0 @@
-"""add chunk count to document
-
-Revision ID: 2955778aa44c
-Revises: c0aab6edb6dd
-Create Date: 2025-01-04 11:39:43.268612
-
-"""
-from alembic import op
-import sqlalchemy as sa
-
-
-# revision identifiers, used by Alembic.
-revision = "2955778aa44c"
-down_revision = "c0aab6edb6dd"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.add_column("document", sa.Column("chunk_count", sa.Integer(), nullable=True))
-
-
-def downgrade() -> None:
-    op.drop_column("document", "chunk_count")
--- a/backend/alembic/versions/35e518e0ddf4_properly_cascade.py
+++ b/backend/alembic/versions/35e518e0ddf4_properly_cascade.py
@@ -1,121 +0,0 @@
-"""properly_cascade
-
-Revision ID: 35e518e0ddf4
-Revises: 91a0a4d62b14
-Create Date: 2024-09-20 21:24:04.891018
-
-"""
-from alembic import op
-
-
-# revision identifiers, used by Alembic.
-revision = "35e518e0ddf4"
-down_revision = "91a0a4d62b14"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    # Update chat_message foreign key constraint
-    op.drop_constraint(
-        "chat_message_chat_session_id_fkey", "chat_message", type_="foreignkey"
-    )
-    op.create_foreign_key(
-        "chat_message_chat_session_id_fkey",
-        "chat_message",
-        "chat_session",
-        ["chat_session_id"],
-        ["id"],
-        ondelete="CASCADE",
-    )
-
-    # Update chat_message__search_doc foreign key constraints
-    op.drop_constraint(
-        "chat_message__search_doc_chat_message_id_fkey",
-        "chat_message__search_doc",
-        type_="foreignkey",
-    )
-    op.drop_constraint(
-        "chat_message__search_doc_search_doc_id_fkey",
-        "chat_message__search_doc",
-        type_="foreignkey",
-    )
-
-    op.create_foreign_key(
-        "chat_message__search_doc_chat_message_id_fkey",
-        "chat_message__search_doc",
-        "chat_message",
-        ["chat_message_id"],
-        ["id"],
-        ondelete="CASCADE",
-    )
-    op.create_foreign_key(
-        "chat_message__search_doc_search_doc_id_fkey",
-        "chat_message__search_doc",
-        "search_doc",
-        ["search_doc_id"],
-        ["id"],
-        ondelete="CASCADE",
-    )
-
-    # Add CASCADE delete for tool_call foreign key
-    op.drop_constraint("tool_call_message_id_fkey", "tool_call", type_="foreignkey")
-    op.create_foreign_key(
-        "tool_call_message_id_fkey",
-        "tool_call",
-        "chat_message",
-        ["message_id"],
-        ["id"],
-        ondelete="CASCADE",
-    )
-
-
-def downgrade() -> None:
-    # Revert chat_message foreign key constraint
-    op.drop_constraint(
-        "chat_message_chat_session_id_fkey", "chat_message", type_="foreignkey"
-    )
-    op.create_foreign_key(
-        "chat_message_chat_session_id_fkey",
-        "chat_message",
-        "chat_session",
-        ["chat_session_id"],
-        ["id"],
-    )
-
-    # Revert chat_message__search_doc foreign key constraints
-    op.drop_constraint(
-        "chat_message__search_doc_chat_message_id_fkey",
-        "chat_message__search_doc",
-        type_="foreignkey",
-    )
-    op.drop_constraint(
-        "chat_message__search_doc_search_doc_id_fkey",
-        "chat_message__search_doc",
-        type_="foreignkey",
-    )
-
-    op.create_foreign_key(
-        "chat_message__search_doc_chat_message_id_fkey",
-        "chat_message__search_doc",
-        "chat_message",
-        ["chat_message_id"],
-        ["id"],
-    )
-    op.create_foreign_key(
-        "chat_message__search_doc_search_doc_id_fkey",
-        "chat_message__search_doc",
-        "search_doc",
-        ["search_doc_id"],
-        ["id"],
-    )
-
-    # Revert tool_call foreign key constraint
-    op.drop_constraint("tool_call_message_id_fkey", "tool_call", type_="foreignkey")
-    op.create_foreign_key(
-        "tool_call_message_id_fkey",
-        "tool_call",
-        "chat_message",
-        ["message_id"],
-        ["id"],
-    )
--- a/backend/alembic/versions/369644546676_add_composite_index_for_index_attempt_.py
+++ b/backend/alembic/versions/369644546676_add_composite_index_for_index_attempt_.py
@@ -1,35 +0,0 @@
-"""add composite index for index attempt time updated
-
-Revision ID: 369644546676
-Revises: 2955778aa44c
-Create Date: 2025-01-08 15:38:17.224380
-
-"""
-from alembic import op
-from sqlalchemy import text
-
-# revision identifiers, used by Alembic.
-revision = "369644546676"
-down_revision = "2955778aa44c"
-branch_labels: None = None
-depends_on: None = None
-
-
-def upgrade() -> None:
-    op.create_index(
-        "ix_index_attempt_ccpair_search_settings_time_updated",
-        "index_attempt",
-        [
-            "connector_credential_pair_id",
-            "search_settings_id",
-            text("time_updated DESC"),
-        ],
-        unique=False,
-    )
-
-
-def downgrade() -> None:
-    op.drop_index(
-        "ix_index_attempt_ccpair_search_settings_time_updated",
-        table_name="index_attempt",
-    )
--- a/backend/alembic/versions/3c6531f32351_add_back_input_prompts.py
+++ b/backend/alembic/versions/3c6531f32351_add_back_input_prompts.py
@@ -1,59 +0,0 @@
-"""add back input prompts
-
-Revision ID: 3c6531f32351
-Revises: aeda5f2df4f6
-Create Date: 2025-01-13 12:49:51.705235
-
-"""
-from alembic import op
-import sqlalchemy as sa
-import fastapi_users_db_sqlalchemy
-
-# revision identifiers, used by Alembic.
-revision = "3c6531f32351"
-down_revision = "aeda5f2df4f6"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.create_table(
-        "inputprompt",
-        sa.Column("id", sa.Integer(), autoincrement=True, nullable=False),
-        sa.Column("prompt", sa.String(), nullable=False),
-        sa.Column("content", sa.String(), nullable=False),
-        sa.Column("active", sa.Boolean(), nullable=False),
-        sa.Column("is_public", sa.Boolean(), nullable=False),
-        sa.Column(
-            "user_id",
-            fastapi_users_db_sqlalchemy.generics.GUID(),
-            nullable=True,
-        ),
-        sa.ForeignKeyConstraint(
-            ["user_id"],
-            ["user.id"],
-        ),
-        sa.PrimaryKeyConstraint("id"),
-    )
-    op.create_table(
-        "inputprompt__user",
-        sa.Column("input_prompt_id", sa.Integer(), nullable=False),
-        sa.Column(
-            "user_id", fastapi_users_db_sqlalchemy.generics.GUID(), nullable=False
-        ),
-        sa.Column("disabled", sa.Boolean(), nullable=False, default=False),
-        sa.ForeignKeyConstraint(
-            ["input_prompt_id"],
-            ["inputprompt.id"],
-        ),
-        sa.ForeignKeyConstraint(
-            ["user_id"],
-            ["user.id"],
-        ),
-        sa.PrimaryKeyConstraint("input_prompt_id", "user_id"),
-    )
-
-
-def downgrade() -> None:
-    op.drop_table("inputprompt__user")
-    op.drop_table("inputprompt")
--- a/backend/alembic/versions/46625e4745d4_remove_native_enum.py
+++ b/backend/alembic/versions/46625e4745d4_remove_native_enum.py
@@ -17,7 +17,7 @@ depends_on: None = None

 def upgrade() -> None:
    # At this point, we directly changed some previous migrations,
-    # https://github.com/onyx-dot-app/onyx/pull/637
+    # https://github.com/danswer-ai/danswer/pull/637
    # Due to using Postgres native Enums, it caused some complications for first time users.
    # To remove those complications, all Enums are only handled application side moving forward.
    # This migration exists to ensure that existing users don't run into upgrade issues.
--- a/backend/alembic/versions/47e5bef3a1d7_add_persona_categories.py
+++ b/backend/alembic/versions/47e5bef3a1d7_add_persona_categories.py
@@ -40,6 +40,6 @@ def upgrade() -> None:


 def downgrade() -> None:
-    op.drop_constraint("persona_category_id_fkey", "persona", type_="foreignkey")
+    op.drop_constraint("fk_persona_category", "persona", type_="foreignkey")
    op.drop_column("persona", "category_id")
    op.drop_table("persona_category")
--- a/backend/alembic/versions/4ee1287bd26a_add_multiple_slack_bot_support.py
+++ b/backend/alembic/versions/4ee1287bd26a_add_multiple_slack_bot_support.py
@@ -10,8 +10,8 @@ from typing import cast
 from alembic import op
 import sqlalchemy as sa
 from sqlalchemy.orm import Session
-from onyx.key_value_store.factory import get_kv_store
-from onyx.db.models import SlackBot
+from danswer.key_value_store.factory import get_kv_store
+from danswer.db.models import SlackBot
 from sqlalchemy.dialects import postgresql

 # revision identifiers, used by Alembic.
--- a/backend/alembic/versions/54a74a0417fc_danswerbot_onyxbot.py
+++ b/backend/alembic/versions/54a74a0417fc_danswerbot_onyxbot.py
@@ -1,23 +0,0 @@
-"""danswerbot -> onyxbot
-
-Revision ID: 54a74a0417fc
-Revises: 94dc3d0236f8
-Create Date: 2024-12-11 18:05:05.490737
-
-"""
-from alembic import op
-
-
-# revision identifiers, used by Alembic.
-revision = "54a74a0417fc"
-down_revision = "94dc3d0236f8"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.alter_column("chat_session", "danswerbot_flow", new_column_name="onyxbot_flow")
-
-
-def downgrade() -> None:
-    op.alter_column("chat_session", "onyxbot_flow", new_column_name="danswerbot_flow")
--- a/backend/alembic/versions/570282d33c49_track_danswerbot_explicitly.py
+++ b/backend/alembic/versions/570282d33c49_track_danswerbot_explicitly.py
@@ -1,4 +1,4 @@
-"""Track Onyxbot Explicitly
+"""Track Danswerbot Explicitly

 Revision ID: 570282d33c49
 Revises: 7547d982db8f
--- a/backend/alembic/versions/6fc7886d665d_make_categories_labels_and_many_to_many.py
+++ b/backend/alembic/versions/6fc7886d665d_make_categories_labels_and_many_to_many.py
@@ -1,80 +0,0 @@
-"""make categories labels and many to many
-
-Revision ID: 6fc7886d665d
-Revises: 3c6531f32351
-Create Date: 2025-01-13 18:12:18.029112
-
-"""
-from alembic import op
-import sqlalchemy as sa
-
-
-# revision identifiers, used by Alembic.
-revision = "6fc7886d665d"
-down_revision = "3c6531f32351"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    # Rename persona_category table to persona_label
-    op.rename_table("persona_category", "persona_label")
-
-    # Create the new association table
-    op.create_table(
-        "persona__persona_label",
-        sa.Column("persona_id", sa.Integer(), nullable=False),
-        sa.Column("persona_label_id", sa.Integer(), nullable=False),
-        sa.ForeignKeyConstraint(
-            ["persona_id"],
-            ["persona.id"],
-        ),
-        sa.ForeignKeyConstraint(
-            ["persona_label_id"],
-            ["persona_label.id"],
-            ondelete="CASCADE",
-        ),
-        sa.PrimaryKeyConstraint("persona_id", "persona_label_id"),
-    )
-
-    # Copy existing relationships to the new table
-    op.execute(
-        """
-        INSERT INTO persona__persona_label (persona_id, persona_label_id)
-        SELECT id, category_id FROM persona WHERE category_id IS NOT NULL
-    """
-    )
-
-    # Remove the old category_id column from persona table
-    op.drop_column("persona", "category_id")
-
-
-def downgrade() -> None:
-    # Rename persona_label table back to persona_category
-    op.rename_table("persona_label", "persona_category")
-
-    # Add back the category_id column to persona table
-    op.add_column("persona", sa.Column("category_id", sa.Integer(), nullable=True))
-    op.create_foreign_key(
-        "persona_category_id_fkey",
-        "persona",
-        "persona_category",
-        ["category_id"],
-        ["id"],
-    )
-
-    # Copy the first label relationship back to the persona table
-    op.execute(
-        """
-        UPDATE persona
-        SET category_id = (
-            SELECT persona_label_id
-            FROM persona__persona_label
-            WHERE persona__persona_label.persona_id = persona.id
-            LIMIT 1
-        )
-    """
-    )
-
-    # Drop the association table
-    op.drop_table("persona__persona_label")
--- a/backend/alembic/versions/703313b75876_add_tokenratelimit_tables.py
+++ b/backend/alembic/versions/703313b75876_add_tokenratelimit_tables.py
@@ -9,7 +9,7 @@ import json
 from typing import cast
 from alembic import op
 import sqlalchemy as sa
-from onyx.key_value_store.factory import get_kv_store
+from danswer.key_value_store.factory import get_kv_store

 # revision identifiers, used by Alembic.
 revision = "703313b75876"
--- a/backend/alembic/versions/776b3bbe9092_remove_remaining_enums.py
+++ b/backend/alembic/versions/776b3bbe9092_remove_remaining_enums.py
@@ -8,9 +8,9 @@ Create Date: 2024-03-22 21:34:27.629444
 from alembic import op
 import sqlalchemy as sa

-from onyx.db.models import IndexModelStatus
-from onyx.context.search.enums import RecencyBiasSetting
-from onyx.context.search.enums import SearchType
+from danswer.db.models import IndexModelStatus
+from danswer.context.search.enums import RecencyBiasSetting
+from danswer.context.search.enums import SearchType

 # revision identifiers, used by Alembic.
 revision = "776b3bbe9092"
--- a/backend/alembic/versions/77d07dffae64_forcibly_remove_more_enum_types_from_.py
+++ b/backend/alembic/versions/77d07dffae64_forcibly_remove_more_enum_types_from_.py
@@ -18,7 +18,7 @@ depends_on: None = None

 def upgrade() -> None:
    # In a PR:
-    # https://github.com/onyx-dot-app/onyx/pull/397/files#diff-f05fb341f6373790b91852579631b64ca7645797a190837156a282b67e5b19c2
+    # https://github.com/danswer-ai/danswer/pull/397/files#diff-f05fb341f6373790b91852579631b64ca7645797a190837156a282b67e5b19c2
    # we directly changed some previous migrations. This caused some users to have native enums
    # while others wouldn't. This has caused some issues when adding new fields to these enums.
    # This migration manually changes the enum types to ensure that nobody uses native enums.
--- a/backend/alembic/versions/91a0a4d62b14_milestone.py
+++ b/backend/alembic/versions/91a0a4d62b14_milestone.py
@@ -1,45 +0,0 @@
-"""Milestone
-
-Revision ID: 91a0a4d62b14
-Revises: dab04867cd88
-Create Date: 2024-12-13 19:03:30.947551
-
-"""
-from alembic import op
-import sqlalchemy as sa
-import fastapi_users_db_sqlalchemy
-from sqlalchemy.dialects import postgresql
-
-# revision identifiers, used by Alembic.
-revision = "91a0a4d62b14"
-down_revision = "dab04867cd88"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.create_table(
-        "milestone",
-        sa.Column("id", sa.UUID(), nullable=False),
-        sa.Column("tenant_id", sa.String(), nullable=True),
-        sa.Column(
-            "user_id",
-            fastapi_users_db_sqlalchemy.generics.GUID(),
-            nullable=True,
-        ),
-        sa.Column("event_type", sa.String(), nullable=False),
-        sa.Column(
-            "time_created",
-            sa.DateTime(timezone=True),
-            server_default=sa.text("now()"),
-            nullable=False,
-        ),
-        sa.Column("event_tracker", postgresql.JSONB(), nullable=True),
-        sa.ForeignKeyConstraint(["user_id"], ["user.id"], ondelete="CASCADE"),
-        sa.PrimaryKeyConstraint("id"),
-        sa.UniqueConstraint("event_type", name="uq_milestone_event_type"),
-    )
-
-
-def downgrade() -> None:
-    op.drop_table("milestone")
--- a/backend/alembic/versions/91fd3b470d1a_remove_documentsource_from_tag.py
+++ b/backend/alembic/versions/91fd3b470d1a_remove_documentsource_from_tag.py
@@ -7,7 +7,7 @@ Create Date: 2024-03-21 12:05:23.956734
 """
 from alembic import op
 import sqlalchemy as sa
-from onyx.configs.constants import DocumentSource
+from danswer.configs.constants import DocumentSource

 # revision identifiers, used by Alembic.
 revision = "91fd3b470d1a"
--- a/backend/alembic/versions/93560ba1b118_add_web_ui_option_to_slack_config.py
+++ b/backend/alembic/versions/93560ba1b118_add_web_ui_option_to_slack_config.py
@@ -1,35 +0,0 @@
-"""add web ui option to slack config
-
-Revision ID: 93560ba1b118
-Revises: 6d562f86c78b
-Create Date: 2024-11-24 06:36:17.490612
-
-"""
-from alembic import op
-
-# revision identifiers, used by Alembic.
-revision = "93560ba1b118"
-down_revision = "6d562f86c78b"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    # Add show_continue_in_web_ui with default False to all existing channel_configs
-    op.execute(
-        """
-        UPDATE slack_channel_config
-        SET channel_config = channel_config || '{"show_continue_in_web_ui": false}'::jsonb
-        WHERE NOT channel_config ? 'show_continue_in_web_ui'
-        """
-    )
-
-
-def downgrade() -> None:
-    # Remove show_continue_in_web_ui from all channel_configs
-    op.execute(
-        """
-        UPDATE slack_channel_config
-        SET channel_config = channel_config - 'show_continue_in_web_ui'
-        """
-    )
--- a/backend/alembic/versions/949b4a92a401_remove_rt.py
+++ b/backend/alembic/versions/949b4a92a401_remove_rt.py
@@ -10,7 +10,7 @@ from sqlalchemy.orm import Session
 from sqlalchemy import text

 # Import your models and constants
-from onyx.db.models import (
+from danswer.db.models import (
    Connector,
    ConnectorCredentialPair,
    Credential,
--- a/backend/alembic/versions/94dc3d0236f8_make_document_set_description_optional.py
+++ b/backend/alembic/versions/94dc3d0236f8_make_document_set_description_optional.py
@@ -1,30 +0,0 @@
-"""make document set description optional
-
-Revision ID: 94dc3d0236f8
-Revises: bf7a81109301
-Create Date: 2024-12-11 11:26:10.616722
-
-"""
-from alembic import op
-import sqlalchemy as sa
-
-
-# revision identifiers, used by Alembic.
-revision = "94dc3d0236f8"
-down_revision = "bf7a81109301"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    # Make document_set.description column nullable
-    op.alter_column(
-        "document_set", "description", existing_type=sa.String(), nullable=True
-    )
-
-
-def downgrade() -> None:
-    # Revert document_set.description column to non-nullable
-    op.alter_column(
-        "document_set", "description", existing_type=sa.String(), nullable=False
-    )
--- a/backend/alembic/versions/97dbb53fa8c8_add_syncrecord.py
+++ b/backend/alembic/versions/97dbb53fa8c8_add_syncrecord.py
@@ -1,72 +0,0 @@
-"""Add SyncRecord
-
-Revision ID: 97dbb53fa8c8
-Revises: 369644546676
-Create Date: 2025-01-11 19:39:50.426302
-
-"""
-from alembic import op
-import sqlalchemy as sa
-
-# revision identifiers, used by Alembic.
-revision = "97dbb53fa8c8"
-down_revision = "be2ab2aa50ee"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.create_table(
-        "sync_record",
-        sa.Column("id", sa.Integer(), nullable=False),
-        sa.Column("entity_id", sa.Integer(), nullable=False),
-        sa.Column(
-            "sync_type",
-            sa.Enum(
-                "DOCUMENT_SET",
-                "USER_GROUP",
-                "CONNECTOR_DELETION",
-                name="synctype",
-                native_enum=False,
-                length=40,
-            ),
-            nullable=False,
-        ),
-        sa.Column(
-            "sync_status",
-            sa.Enum(
-                "IN_PROGRESS",
-                "SUCCESS",
-                "FAILED",
-                "CANCELED",
-                name="syncstatus",
-                native_enum=False,
-                length=40,
-            ),
-            nullable=False,
-        ),
-        sa.Column("num_docs_synced", sa.Integer(), nullable=False),
-        sa.Column("sync_start_time", sa.DateTime(timezone=True), nullable=False),
-        sa.Column("sync_end_time", sa.DateTime(timezone=True), nullable=True),
-        sa.PrimaryKeyConstraint("id"),
-    )
-
-    # Add index for fetch_latest_sync_record query
-    op.create_index(
-        "ix_sync_record_entity_id_sync_type_sync_start_time",
-        "sync_record",
-        ["entity_id", "sync_type", "sync_start_time"],
-    )
-
-    # Add index for cleanup_sync_records query
-    op.create_index(
-        "ix_sync_record_entity_id_sync_type_sync_status",
-        "sync_record",
-        ["entity_id", "sync_type", "sync_status"],
-    )
-
-
-def downgrade() -> None:
-    op.drop_index("ix_sync_record_entity_id_sync_type_sync_status")
-    op.drop_index("ix_sync_record_entity_id_sync_type_sync_start_time")
-    op.drop_table("sync_record")
--- a/backend/alembic/versions/9f696734098f_combine_search_and_chat.py
+++ b/backend/alembic/versions/9f696734098f_combine_search_and_chat.py
@@ -1,36 +0,0 @@
-"""Combine Search and Chat
-
-Revision ID: 9f696734098f
-Revises: a8c2065484e6
-Create Date: 2024-11-27 15:32:19.694972
-
-"""
-from alembic import op
-import sqlalchemy as sa
-
-# revision identifiers, used by Alembic.
-revision = "9f696734098f"
-down_revision = "a8c2065484e6"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.alter_column("chat_session", "description", nullable=True)
-    op.drop_column("chat_session", "one_shot")
-    op.drop_column("slack_channel_config", "response_type")
-
-
-def downgrade() -> None:
-    op.execute("UPDATE chat_session SET description = '' WHERE description IS NULL")
-    op.alter_column("chat_session", "description", nullable=False)
-    op.add_column(
-        "chat_session",
-        sa.Column("one_shot", sa.Boolean(), nullable=False, server_default=sa.false()),
-    )
-    op.add_column(
-        "slack_channel_config",
-        sa.Column(
-            "response_type", sa.String(), nullable=False, server_default="citations"
-        ),
-    )
--- a/backend/alembic/versions/a8c2065484e6_add_auto_scroll_to_user_model.py
+++ b/backend/alembic/versions/a8c2065484e6_add_auto_scroll_to_user_model.py
@@ -1,27 +0,0 @@
-"""add auto scroll to user model
-
-Revision ID: a8c2065484e6
-Revises: abe7378b8217
-Create Date: 2024-11-22 17:34:09.690295
-
-"""
-from alembic import op
-import sqlalchemy as sa
-
-
-# revision identifiers, used by Alembic.
-revision = "a8c2065484e6"
-down_revision = "abe7378b8217"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.add_column(
-        "user",
-        sa.Column("auto_scroll", sa.Boolean(), nullable=True, server_default=None),
-    )
-
-
-def downgrade() -> None:
-    op.drop_column("user", "auto_scroll")
--- a/backend/alembic/versions/abe7378b8217_add_indexing_trigger_to_cc_pair.py
+++ b/backend/alembic/versions/abe7378b8217_add_indexing_trigger_to_cc_pair.py
@@ -1,30 +0,0 @@
-"""add indexing trigger to cc_pair
-
-Revision ID: abe7378b8217
-Revises: 6d562f86c78b
-Create Date: 2024-11-26 19:09:53.481171
-
-"""
-from alembic import op
-import sqlalchemy as sa
-
-# revision identifiers, used by Alembic.
-revision = "abe7378b8217"
-down_revision = "93560ba1b118"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.add_column(
-        "connector_credential_pair",
-        sa.Column(
-            "indexing_trigger",
-            sa.Enum("UPDATE", "REINDEX", name="indexingmode", native_enum=False),
-            nullable=True,
-        ),
-    )
-
-
-def downgrade() -> None:
-    op.drop_column("connector_credential_pair", "indexing_trigger")
--- a/backend/alembic/versions/aeda5f2df4f6_add_pinned_assistants.py
+++ b/backend/alembic/versions/aeda5f2df4f6_add_pinned_assistants.py
@@ -1,27 +0,0 @@
-"""add pinned assistants
-
-Revision ID: aeda5f2df4f6
-Revises: c5eae4a75a1b
-Create Date: 2025-01-09 16:04:10.770636
-
-"""
-from alembic import op
-import sqlalchemy as sa
-from sqlalchemy.dialects import postgresql
-
-# revision identifiers, used by Alembic.
-revision = "aeda5f2df4f6"
-down_revision = "c5eae4a75a1b"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.add_column(
-        "user", sa.Column("pinned_assistants", postgresql.JSONB(), nullable=True)
-    )
-    op.execute('UPDATE "user" SET pinned_assistants = chosen_assistants')
-
-
-def downgrade() -> None:
-    op.drop_column("user", "pinned_assistants")
--- a/backend/alembic/versions/b156fa702355_chat_reworked.py
+++ b/backend/alembic/versions/b156fa702355_chat_reworked.py
@@ -10,7 +10,7 @@ from alembic import op
 import sqlalchemy as sa
 from sqlalchemy.dialects import postgresql
 from sqlalchemy.dialects.postgresql import ENUM
-from onyx.configs.constants import DocumentSource
+from danswer.configs.constants import DocumentSource

 # revision identifiers, used by Alembic.
 revision = "b156fa702355"
--- a/backend/alembic/versions/be2ab2aa50ee_fix_capitalization.py
+++ b/backend/alembic/versions/be2ab2aa50ee_fix_capitalization.py
@@ -1,38 +0,0 @@
-"""fix_capitalization
-
-Revision ID: be2ab2aa50ee
-Revises: 369644546676
-Create Date: 2025-01-10 13:13:26.228960
-
-"""
-from alembic import op
-
-# revision identifiers, used by Alembic.
-revision = "be2ab2aa50ee"
-down_revision = "369644546676"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.execute(
-        """
-        UPDATE document
-        SET
-            external_user_group_ids = ARRAY(
-                SELECT LOWER(unnest(external_user_group_ids))
-            ),
-            last_modified = NOW()
-        WHERE
-            external_user_group_ids IS NOT NULL
-            AND external_user_group_ids::text[] <> ARRAY(
-                SELECT LOWER(unnest(external_user_group_ids))
-            )::text[]
-    """
-    )
-
-
-def downgrade() -> None:
-    # No way to cleanly persist the bad state through an upgrade/downgrade
-    # cycle, so we just pass
-    pass
--- a/backend/alembic/versions/bf7a81109301_delete_input_prompts.py
+++ b/backend/alembic/versions/bf7a81109301_delete_input_prompts.py
@@ -1,57 +0,0 @@
-"""delete_input_prompts
-
-Revision ID: bf7a81109301
-Revises: f7a894b06d02
-Create Date: 2024-12-09 12:00:49.884228
-
-"""
-from alembic import op
-import sqlalchemy as sa
-import fastapi_users_db_sqlalchemy
-
-
-# revision identifiers, used by Alembic.
-revision = "bf7a81109301"
-down_revision = "f7a894b06d02"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.drop_table("inputprompt__user")
-    op.drop_table("inputprompt")
-
-
-def downgrade() -> None:
-    op.create_table(
-        "inputprompt",
-        sa.Column("id", sa.Integer(), autoincrement=True, nullable=False),
-        sa.Column("prompt", sa.String(), nullable=False),
-        sa.Column("content", sa.String(), nullable=False),
-        sa.Column("active", sa.Boolean(), nullable=False),
-        sa.Column("is_public", sa.Boolean(), nullable=False),
-        sa.Column(
-            "user_id",
-            fastapi_users_db_sqlalchemy.generics.GUID(),
-            nullable=True,
-        ),
-        sa.ForeignKeyConstraint(
-            ["user_id"],
-            ["user.id"],
-        ),
-        sa.PrimaryKeyConstraint("id"),
-    )
-    op.create_table(
-        "inputprompt__user",
-        sa.Column("input_prompt_id", sa.Integer(), nullable=False),
-        sa.Column("user_id", sa.Integer(), nullable=False),
-        sa.ForeignKeyConstraint(
-            ["input_prompt_id"],
-            ["inputprompt.id"],
-        ),
-        sa.ForeignKeyConstraint(
-            ["user_id"],
-            ["inputprompt.id"],
-        ),
-        sa.PrimaryKeyConstraint("input_prompt_id", "user_id"),
-    )
--- a/backend/alembic/versions/c0aab6edb6dd_delete_workspace.py
+++ b/backend/alembic/versions/c0aab6edb6dd_delete_workspace.py
@@ -1,87 +0,0 @@
-"""delete workspace
-
-Revision ID: c0aab6edb6dd
-Revises: 35e518e0ddf4
-Create Date: 2024-12-17 14:37:07.660631
-
-"""
-
-from alembic import op
-
-
-# revision identifiers, used by Alembic.
-revision = "c0aab6edb6dd"
-down_revision = "35e518e0ddf4"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.execute(
-        """
-    UPDATE connector
-    SET connector_specific_config = connector_specific_config - 'workspace'
-    WHERE source = 'SLACK'
-    """
-    )
-
-
-def downgrade() -> None:
-    import json
-    from sqlalchemy import text
-    from slack_sdk import WebClient
-
-    conn = op.get_bind()
-
-    # Fetch all Slack credentials
-    creds_result = conn.execute(
-        text("SELECT id, credential_json FROM credential WHERE source = 'SLACK'")
-    )
-    all_slack_creds = creds_result.fetchall()
-    if not all_slack_creds:
-        return
-
-    for cred_row in all_slack_creds:
-        credential_id, credential_json = cred_row
-
-        credential_json = (
-            credential_json.tobytes().decode("utf-8")
-            if isinstance(credential_json, memoryview)
-            else credential_json.decode("utf-8")
-        )
-        credential_data = json.loads(credential_json)
-        slack_bot_token = credential_data.get("slack_bot_token")
-        if not slack_bot_token:
-            print(
-                f"No slack_bot_token found for credential {credential_id}. "
-                "Your Slack connector will not function until you upgrade and provide a valid token."
-            )
-            continue
-
-        client = WebClient(token=slack_bot_token)
-        try:
-            auth_response = client.auth_test()
-            workspace = auth_response["url"].split("//")[1].split(".")[0]
-
-            # Update only the connectors linked to this credential
-            # (and which are Slack connectors).
-            op.execute(
-                f"""
-                UPDATE connector AS c
-                SET connector_specific_config = jsonb_set(
-                    connector_specific_config,
-                    '{{workspace}}',
-                    to_jsonb('{workspace}'::text)
-                )
-                FROM connector_credential_pair AS ccp
-                WHERE ccp.connector_id = c.id
-                  AND c.source = 'SLACK'
-                  AND ccp.credential_id = {credential_id}
-            """
-            )
-        except Exception:
-            print(
-                f"We were unable to get the workspace url for your Slack Connector with id {credential_id}."
-            )
-            print("This connector will no longer work until you upgrade.")
-            continue
--- a/backend/alembic/versions/c5eae4a75a1b_add_chat_message__standard_answer_table.py
+++ b/backend/alembic/versions/c5eae4a75a1b_add_chat_message__standard_answer_table.py
@@ -1,36 +0,0 @@
-"""Add chat_message__standard_answer table
-
-Revision ID: c5eae4a75a1b
-Revises: 0f7ff6d75b57
-Create Date: 2025-01-15 14:08:49.688998
-
-"""
-from alembic import op
-import sqlalchemy as sa
-
-# revision identifiers, used by Alembic.
-revision = "c5eae4a75a1b"
-down_revision = "0f7ff6d75b57"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.create_table(
-        "chat_message__standard_answer",
-        sa.Column("chat_message_id", sa.Integer(), nullable=False),
-        sa.Column("standard_answer_id", sa.Integer(), nullable=False),
-        sa.ForeignKeyConstraint(
-            ["chat_message_id"],
-            ["chat_message.id"],
-        ),
-        sa.ForeignKeyConstraint(
-            ["standard_answer_id"],
-            ["standard_answer.id"],
-        ),
-        sa.PrimaryKeyConstraint("chat_message_id", "standard_answer_id"),
-    )
-
-
-def downgrade() -> None:
-    op.drop_table("chat_message__standard_answer")
--- a/backend/alembic/versions/c7bf5721733e_add_has_been_indexed_to_.py
+++ b/backend/alembic/versions/c7bf5721733e_add_has_been_indexed_to_.py
@@ -1,48 +0,0 @@
-"""Add has_been_indexed to DocumentByConnectorCredentialPair
-
-Revision ID: c7bf5721733e
-Revises: fec3db967bf7
-Create Date: 2025-01-13 12:39:05.831693
-
-"""
-from alembic import op
-import sqlalchemy as sa
-
-# revision identifiers, used by Alembic.
-revision = "c7bf5721733e"
-down_revision = "027381bce97c"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    # assume all existing rows have been indexed, no better approach
-    op.add_column(
-        "document_by_connector_credential_pair",
-        sa.Column("has_been_indexed", sa.Boolean(), nullable=True),
-    )
-    op.execute(
-        "UPDATE document_by_connector_credential_pair SET has_been_indexed = TRUE"
-    )
-    op.alter_column(
-        "document_by_connector_credential_pair",
-        "has_been_indexed",
-        nullable=False,
-    )
-
-    # Add index to optimize get_document_counts_for_cc_pairs query pattern
-    op.create_index(
-        "idx_document_cc_pair_counts",
-        "document_by_connector_credential_pair",
-        ["connector_id", "credential_id", "has_been_indexed"],
-        unique=False,
-    )
-
-
-def downgrade() -> None:
-    # Remove the index first before removing the column
-    op.drop_index(
-        "idx_document_cc_pair_counts",
-        table_name="document_by_connector_credential_pair",
-    )
-    op.drop_column("document_by_connector_credential_pair", "has_been_indexed")
--- a/backend/alembic/versions/dab04867cd88_add_composite_index_to_document_by_.py
+++ b/backend/alembic/versions/dab04867cd88_add_composite_index_to_document_by_.py
@@ -1,32 +0,0 @@
-"""Add composite index to document_by_connector_credential_pair
-
-Revision ID: dab04867cd88
-Revises: 54a74a0417fc
-Create Date: 2024-12-13 22:43:20.119990
-
-"""
-from alembic import op
-
-
-# revision identifiers, used by Alembic.
-revision = "dab04867cd88"
-down_revision = "54a74a0417fc"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    # Composite index on (connector_id, credential_id)
-    op.create_index(
-        "idx_document_cc_pair_connector_credential",
-        "document_by_connector_credential_pair",
-        ["connector_id", "credential_id"],
-        unique=False,
-    )
-
-
-def downgrade() -> None:
-    op.drop_index(
-        "idx_document_cc_pair_connector_credential",
-        table_name="document_by_connector_credential_pair",
-    )
--- a/backend/alembic/versions/dba7f71618f5_danswer_custom_tool_flow.py
+++ b/backend/alembic/versions/dba7f71618f5_danswer_custom_tool_flow.py
@@ -1,4 +1,4 @@
-"""Onyx Custom Tool Flow
+"""Danswer Custom Tool Flow

 Revision ID: dba7f71618f5
 Revises: d5645c915d0e
--- a/backend/alembic/versions/dbaa756c2ccf_embedding_models.py
+++ b/backend/alembic/versions/dbaa756c2ccf_embedding_models.py
@@ -9,12 +9,12 @@ from alembic import op
 import sqlalchemy as sa
 from sqlalchemy import table, column, String, Integer, Boolean

-from onyx.db.search_settings import (
+from danswer.db.search_settings import (
    get_new_default_embedding_model,
    get_old_default_embedding_model,
    user_has_overridden_embedding_model,
 )
-from onyx.db.models import IndexModelStatus
+from danswer.db.models import IndexModelStatus

 # revision identifiers, used by Alembic.
 revision = "dbaa756c2ccf"
--- a/backend/alembic/versions/e50154680a5c_no_source_enum.py
+++ b/backend/alembic/versions/e50154680a5c_no_source_enum.py
@@ -8,7 +8,7 @@ Create Date: 2024-03-14 18:06:08.523106
 from alembic import op
 import sqlalchemy as sa

-from onyx.configs.constants import DocumentSource
+from danswer.configs.constants import DocumentSource

 # revision identifiers, used by Alembic.
 revision = "e50154680a5c"
--- a/backend/alembic/versions/f7a894b06d02_non_nullbale_slack_bot_id_in_channel_.py
+++ b/backend/alembic/versions/f7a894b06d02_non_nullbale_slack_bot_id_in_channel_.py
@@ -1,40 +0,0 @@
-"""non-nullbale slack bot id in channel config
-
-Revision ID: f7a894b06d02
-Revises: 9f696734098f
-Create Date: 2024-12-06 12:55:42.845723
-
-"""
-
-from alembic import op
-import sqlalchemy as sa
-
-
-# revision identifiers, used by Alembic.
-revision = "f7a894b06d02"
-down_revision = "9f696734098f"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    # Delete all rows with null slack_bot_id
-    op.execute("DELETE FROM slack_channel_config WHERE slack_bot_id IS NULL")
-
-    # Make slack_bot_id non-nullable
-    op.alter_column(
-        "slack_channel_config",
-        "slack_bot_id",
-        existing_type=sa.Integer(),
-        nullable=False,
-    )
-
-
-def downgrade() -> None:
-    # Make slack_bot_id nullable again
-    op.alter_column(
-        "slack_channel_config",
-        "slack_bot_id",
-        existing_type=sa.Integer(),
-        nullable=True,
-    )
--- a/backend/alembic/versions/fec3db967bf7_add_time_updated_to_usergroup_and_.py
+++ b/backend/alembic/versions/fec3db967bf7_add_time_updated_to_usergroup_and_.py
@@ -1,41 +0,0 @@
-"""Add time_updated to UserGroup and DocumentSet
-
-Revision ID: fec3db967bf7
-Revises: 97dbb53fa8c8
-Create Date: 2025-01-12 15:49:02.289100
-
-"""
-from alembic import op
-import sqlalchemy as sa
-
-# revision identifiers, used by Alembic.
-revision = "fec3db967bf7"
-down_revision = "97dbb53fa8c8"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.add_column(
-        "document_set",
-        sa.Column(
-            "time_last_modified_by_user",
-            sa.DateTime(timezone=True),
-            nullable=False,
-            server_default=sa.func.now(),
-        ),
-    )
-    op.add_column(
-        "user_group",
-        sa.Column(
-            "time_last_modified_by_user",
-            sa.DateTime(timezone=True),
-            nullable=False,
-            server_default=sa.func.now(),
-        ),
-    )
-
-
-def downgrade() -> None:
-    op.drop_column("user_group", "time_last_modified_by_user")
-    op.drop_column("document_set", "time_last_modified_by_user")
--- a/backend/alembic_tenants/README.md
+++ b/backend/alembic_tenants/README.md
@@ -1,3 +1,3 @@
 These files are for public table migrations when operating with multi tenancy.

-If you are not a Onyx developer, you can ignore this directory entirely.
+If you are not a Danswer developer, you can ignore this directory entirely.
--- a/backend/alembic_tenants/env.py
+++ b/backend/alembic_tenants/env.py
@@ -1,6 +1,5 @@
 import asyncio
 from logging.config import fileConfig
-from typing import Literal

 from sqlalchemy import pool
 from sqlalchemy.engine import Connection
@@ -8,8 +7,8 @@ from sqlalchemy.ext.asyncio import create_async_engine
 from sqlalchemy.schema import SchemaItem

 from alembic import context
-from onyx.db.engine import build_connection_string
-from onyx.db.models import PublicBase
+from danswer.db.engine import build_connection_string
+from danswer.db.models import PublicBase

 # this is the Alembic Config object, which provides
 # access to the values within the .ini file in use.
@@ -38,15 +37,8 @@ EXCLUDE_TABLES = {"kombu_queue", "kombu_message"}

 def include_object(
    object: SchemaItem,
-    name: str | None,
-    type_: Literal[
-        "schema",
-        "table",
-        "column",
-        "index",
-        "unique_constraint",
-        "foreign_key_constraint",
-    ],
+    name: str,
+    type_: str,
    reflected: bool,
    compare_to: SchemaItem | None,
 ) -> bool:
--- a/backend/alembic_tenants/versions/a4f6ee863c47_mapping_for_anonymous_user_path.py
+++ b/backend/alembic_tenants/versions/a4f6ee863c47_mapping_for_anonymous_user_path.py
@@ -1,31 +0,0 @@
-"""mapping for anonymous user path
-
-Revision ID: a4f6ee863c47
-Revises: 14a83a331951
-Create Date: 2025-01-04 14:16:58.697451
-
-"""
-import sqlalchemy as sa
-
-from alembic import op
-
-
-# revision identifiers, used by Alembic.
-revision = "a4f6ee863c47"
-down_revision = "14a83a331951"
-branch_labels = None
-depends_on = None
-
-
-def upgrade() -> None:
-    op.create_table(
-        "tenant_anonymous_user_path",
-        sa.Column("tenant_id", sa.String(), primary_key=True, nullable=False),
-        sa.Column("anonymous_user_path", sa.String(), nullable=False),
-        sa.PrimaryKeyConstraint("tenant_id"),
-        sa.UniqueConstraint("anonymous_user_path"),
-    )
-
-
-def downgrade() -> None:
-    op.drop_table("tenant_anonymous_user_path")
--- a/backend/danswer/init.py
+++ b/backend/danswer/init.py
@@ -0,0 +1,3 @@
+import os
+
+__version__ = os.environ.get("DANSWER_VERSION", "") or "Development"
--- a/backend/danswer/access/init.py
+++ b/backend/danswer/access/init.py
--- a/backend/danswer/access/access.py
+++ b/backend/danswer/access/access.py
@@ -1,12 +1,12 @@
 from sqlalchemy.orm import Session

-from onyx.access.models import DocumentAccess
-from onyx.access.utils import prefix_user_email
-from onyx.configs.constants import PUBLIC_DOC_PAT
-from onyx.db.document import get_access_info_for_document
-from onyx.db.document import get_access_info_for_documents
-from onyx.db.models import User
-from onyx.utils.variable_functionality import fetch_versioned_implementation
+from danswer.access.models import DocumentAccess
+from danswer.access.utils import prefix_user_email
+from danswer.configs.constants import PUBLIC_DOC_PAT
+from danswer.db.document import get_access_info_for_document
+from danswer.db.document import get_access_info_for_documents
+from danswer.db.models import User
+from danswer.utils.variable_functionality import fetch_versioned_implementation


 def _get_access_for_document(
@@ -32,7 +32,7 @@ def get_access_for_document(
    db_session: Session,
 ) -> DocumentAccess:
    versioned_get_access_for_document_fn = fetch_versioned_implementation(
-        "onyx.access.access", "_get_access_for_document"
+        "danswer.access.access", "_get_access_for_document"
    )
    return versioned_get_access_for_document_fn(document_id, db_session)  # type: ignore

@@ -83,7 +83,7 @@ def get_access_for_documents(
 ) -> dict[str, DocumentAccess]:
    """Fetches all access information for the given documents."""
    versioned_get_access_for_documents_fn = fetch_versioned_implementation(
-        "onyx.access.access", "_get_access_for_documents"
+        "danswer.access.access", "_get_access_for_documents"
    )
    return versioned_get_access_for_documents_fn(
        document_ids, db_session
@@ -103,6 +103,6 @@ def _get_acl_for_user(user: User | None, db_session: Session) -> set[str]:

 def get_acl_for_user(user: User | None, db_session: Session | None = None) -> set[str]:
    versioned_acl_for_user_fn = fetch_versioned_implementation(
-        "onyx.access.access", "_get_acl_for_user"
+        "danswer.access.access", "_get_acl_for_user"
    )
    return versioned_acl_for_user_fn(user, db_session)  # type: ignore
--- a/backend/danswer/access/models.py
+++ b/backend/danswer/access/models.py
@@ -1,9 +1,9 @@
 from dataclasses import dataclass

-from onyx.access.utils import prefix_external_group
-from onyx.access.utils import prefix_user_email
-from onyx.access.utils import prefix_user_group
-from onyx.configs.constants import PUBLIC_DOC_PAT
+from danswer.access.utils import prefix_external_group
+from danswer.access.utils import prefix_user_email
+from danswer.access.utils import prefix_user_group
+from danswer.configs.constants import PUBLIC_DOC_PAT


@dataclass(frozen=True)
@@ -12,17 +12,12 @@ class ExternalAccess:
    external_user_emails: set[str]
    # Names or external IDs of groups with access to the doc
    external_user_group_ids: set[str]
-    # Whether the document is public in the external system or Onyx
+    # Whether the document is public in the external system or Danswer
    is_public: bool


@dataclass(frozen=True)
 class DocExternalAccess:
-    """
-    This is just a class to wrap the external access and the document ID
-    together. It's used for syncing document permissions to Redis.
-    """
-
    external_access: ExternalAccess
    # The document ID
    doc_id: str
@@ -58,7 +53,7 @@ class DocExternalAccess:

@dataclass(frozen=True)
 class DocumentAccess(ExternalAccess):
-    # User emails for Onyx users, None indicates admin
+    # User emails for Danswer users, None indicates admin
    user_emails: set[str | None]
    # Names of user groups associated with this document
    user_groups: set[str]
--- a/backend/danswer/access/utils.py
+++ b/backend/danswer/access/utils.py
@@ -1,9 +1,9 @@
-from onyx.configs.constants import DocumentSource
+from danswer.configs.constants import DocumentSource


 def prefix_user_email(user_email: str) -> str:
    """Prefixes a user email to eliminate collision with group names.
-    This applies to both a Onyx user and an External user, this is to make the query time
+    This applies to both a Danswer user and an External user, this is to make the query time
    more efficient"""
    return f"user_email:{user_email}"

@@ -15,13 +15,10 @@ def prefix_user_group(user_group_name: str) -> str:


 def prefix_external_group(ext_group_name: str) -> str:
-    """Prefixes an external group name to eliminate collision with user emails / Onyx groups."""
+    """Prefixes an external group name to eliminate collision with user emails / Danswer groups."""
    return f"external_group:{ext_group_name}"


-def build_ext_group_name_for_onyx(ext_group_name: str, source: DocumentSource) -> str:
-    """
-    External groups may collide across sources, every source needs its own prefix.
-    NOTE: the name is lowercased to handle case sensitivity for group names
-    """
-    return f"{source.value}_{ext_group_name}".lower()
+def prefix_group_w_source(ext_group_name: str, source: DocumentSource) -> str:
+    """External groups may collide across sources, every source needs its own prefix."""
+    return f"{source.value.upper()}_{ext_group_name}"
--- a/backend/ee/onyx/configs/init.py
+++ b/backend/ee/onyx/configs/init.py
--- a/backend/danswer/auth/api_key.py
+++ b/backend/danswer/auth/api_key.py
@@ -1,4 +1,3 @@
-import hashlib
 import secrets
 import uuid
 from urllib.parse import quote
@@ -8,8 +7,8 @@ from fastapi import Request
 from passlib.hash import sha256_crypt
 from pydantic import BaseModel

-from onyx.auth.schemas import UserRole
-from onyx.configs.app_configs import API_KEY_HASH_ROUNDS
+from danswer.auth.schemas import UserRole
+from danswer.configs.app_configs import API_KEY_HASH_ROUNDS


 _API_KEY_HEADER_NAME = "Authorization"
@@ -17,10 +16,9 @@ _API_KEY_HEADER_NAME = "Authorization"
 # to non-standard, experimental, or custom headers in HTTP or other protocols. It
 # indicates that the header is not part of the official standards defined by
 # organizations like the Internet Engineering Task Force (IETF).
-_API_KEY_HEADER_ALTERNATIVE_NAME = "X-Onyx-Authorization"
+_API_KEY_HEADER_ALTERNATIVE_NAME = "X-Danswer-Authorization"
 _BEARER_PREFIX = "Bearer "
-_API_KEY_PREFIX = "on_"
-_DEPRECATED_API_KEY_PREFIX = "dn_"
+_API_KEY_PREFIX = "dn_"
 _API_KEY_LEN = 192


@@ -54,9 +52,7 @@ def extract_tenant_from_api_key_header(request: Request) -> str | None:

    api_key = raw_api_key_header[len(_BEARER_PREFIX) :].strip()

-    if not api_key.startswith(_API_KEY_PREFIX) and not api_key.startswith(
-        _DEPRECATED_API_KEY_PREFIX
-    ):
+    if not api_key.startswith(_API_KEY_PREFIX):
        return None

    parts = api_key[len(_API_KEY_PREFIX) :].split(".", 1)
@@ -67,19 +63,10 @@ def extract_tenant_from_api_key_header(request: Request) -> str | None:
    return unquote(tenant_id) if tenant_id else None


-def _deprecated_hash_api_key(api_key: str) -> str:
-    return sha256_crypt.hash(api_key, salt="", rounds=API_KEY_HASH_ROUNDS)
-
-
 def hash_api_key(api_key: str) -> str:
    # NOTE: no salt is needed, as the API key is randomly generated
    # and overlaps are impossible
-    if api_key.startswith(_API_KEY_PREFIX):
-        return hashlib.sha256(api_key.encode("utf-8")).hexdigest()
-    elif api_key.startswith(_DEPRECATED_API_KEY_PREFIX):
-        return _deprecated_hash_api_key(api_key)
-    else:
-        raise ValueError(f"Invalid API key prefix: {api_key[:3]}")
+    return sha256_crypt.hash(api_key, salt="", rounds=API_KEY_HASH_ROUNDS)


 def build_displayable_api_key(api_key: str) -> str:
--- a/backend/danswer/auth/invited_users.py
+++ b/backend/danswer/auth/invited_users.py
@@ -1,14 +1,15 @@
 from typing import cast

-from onyx.configs.constants import KV_USER_STORE_KEY
-from onyx.key_value_store.factory import get_kv_store
-from onyx.key_value_store.interface import KvKeyNotFoundError
-from onyx.utils.special_types import JSON_ro
+from danswer.configs.constants import KV_USER_STORE_KEY
+from danswer.key_value_store.factory import get_kv_store
+from danswer.key_value_store.interface import KvKeyNotFoundError
+from danswer.utils.special_types import JSON_ro


 def get_invited_users() -> list[str]:
    try:
        store = get_kv_store()
+
        return cast(list, store.load(KV_USER_STORE_KEY))
    except KvKeyNotFoundError:
        return list()
--- a/backend/danswer/auth/noauth_user.py
+++ b/backend/danswer/auth/noauth_user.py
@@ -0,0 +1,38 @@
+from collections.abc import Mapping
+from typing import Any
+from typing import cast
+
+from danswer.auth.schemas import UserRole
+from danswer.configs.constants import KV_NO_AUTH_USER_PREFERENCES_KEY
+from danswer.key_value_store.store import KeyValueStore
+from danswer.key_value_store.store import KvKeyNotFoundError
+from danswer.server.manage.models import UserInfo
+from danswer.server.manage.models import UserPreferences
+
+
+def set_no_auth_user_preferences(
+    store: KeyValueStore, preferences: UserPreferences
+) -> None:
+    store.store(KV_NO_AUTH_USER_PREFERENCES_KEY, preferences.model_dump())
+
+
+def load_no_auth_user_preferences(store: KeyValueStore) -> UserPreferences:
+    try:
+        preferences_data = cast(
+            Mapping[str, Any], store.load(KV_NO_AUTH_USER_PREFERENCES_KEY)
+        )
+        return UserPreferences(**preferences_data)
+    except KvKeyNotFoundError:
+        return UserPreferences(chosen_assistants=None, default_model=None)
+
+
+def fetch_no_auth_user(store: KeyValueStore) -> UserInfo:
+    return UserInfo(
+        id="__no_auth_user__",
+        email="anonymous@danswer.ai",
+        is_active=True,
+        is_superuser=False,
+        is_verified=True,
+        role=UserRole.ADMIN,
+        preferences=load_no_auth_user_preferences(store),
+    )
--- a/backend/danswer/auth/schemas.py
+++ b/backend/danswer/auth/schemas.py
@@ -14,7 +14,7 @@ class UserRole(str, Enum):
    - Global Curator can perform admin actions
        for all groups they are a member of
    - Limited can access a limited set of basic api endpoints
-    - Slack are users that have used onyx via slack but dont have a web login
+    - Slack are users that have used danswer via slack but dont have a web login
    - External permissioned users that have been picked up during the external permissions sync process but don't have a web login
    """

@@ -33,6 +33,12 @@ class UserRole(str, Enum):
        ]


+class UserStatus(str, Enum):
+    LIVE = "live"
+    INVITED = "invited"
+    DEACTIVATED = "deactivated"
+
+
 class UserRead(schemas.BaseUser[uuid.UUID]):
    role: UserRole

@@ -43,7 +49,4 @@ class UserCreate(schemas.BaseUserCreate):


 class UserUpdate(schemas.BaseUserUpdate):
-    """
-    Role updates are not allowed through the user update endpoint for security reasons
-    Role changes should be handled through a separate, admin-only process
-    """
+    role: UserRole
--- a/backend/danswer/auth/users.py
+++ b/backend/danswer/auth/users.py
@@ -1,10 +1,10 @@
-import json
-import secrets
+import smtplib
 import uuid
 from collections.abc import AsyncGenerator
 from datetime import datetime
 from datetime import timezone
-from typing import cast
+from email.mime.multipart import MIMEMultipart
+from email.mime.text import MIMEText
 from typing import Dict
 from typing import List
 from typing import Optional
@@ -31,8 +31,10 @@ from fastapi_users import schemas
 from fastapi_users import UUIDIDMixin
 from fastapi_users.authentication import AuthenticationBackend
 from fastapi_users.authentication import CookieTransport
-from fastapi_users.authentication import RedisStrategy
+from fastapi_users.authentication import JWTStrategy
 from fastapi_users.authentication import Strategy
+from fastapi_users.authentication.strategy.db import AccessTokenDatabase
+from fastapi_users.authentication.strategy.db import DatabaseStrategy
 from fastapi_users.exceptions import UserAlreadyExists
 from fastapi_users.jwt import decode_jwt
 from fastapi_users.jwt import generate_jwt
@@ -46,53 +48,50 @@ from httpx_oauth.integrations.fastapi import OAuth2AuthorizeCallback
 from httpx_oauth.oauth2 import BaseOAuth2
 from httpx_oauth.oauth2 import OAuth2Token
 from pydantic import BaseModel
+from sqlalchemy import text
 from sqlalchemy.ext.asyncio import AsyncSession

-from onyx.auth.api_key import get_hashed_api_key_from_request
-from onyx.auth.email_utils import send_forgot_password_email
-from onyx.auth.email_utils import send_user_verification_email
-from onyx.auth.invited_users import get_invited_users
-from onyx.auth.schemas import UserCreate
-from onyx.auth.schemas import UserRole
-from onyx.auth.schemas import UserUpdate
-from onyx.configs.app_configs import AUTH_TYPE
-from onyx.configs.app_configs import DISABLE_AUTH
-from onyx.configs.app_configs import EMAIL_CONFIGURED
-from onyx.configs.app_configs import REDIS_AUTH_EXPIRE_TIME_SECONDS
-from onyx.configs.app_configs import REDIS_AUTH_KEY_PREFIX
-from onyx.configs.app_configs import REQUIRE_EMAIL_VERIFICATION
-from onyx.configs.app_configs import SESSION_EXPIRE_TIME_SECONDS
-from onyx.configs.app_configs import TRACK_EXTERNAL_IDP_EXPIRY
-from onyx.configs.app_configs import USER_AUTH_SECRET
-from onyx.configs.app_configs import VALID_EMAIL_DOMAINS
-from onyx.configs.app_configs import WEB_DOMAIN
-from onyx.configs.constants import AuthType
-from onyx.configs.constants import DANSWER_API_KEY_DUMMY_EMAIL_DOMAIN
-from onyx.configs.constants import DANSWER_API_KEY_PREFIX
-from onyx.configs.constants import MilestoneRecordType
-from onyx.configs.constants import OnyxRedisLocks
-from onyx.configs.constants import PASSWORD_SPECIAL_CHARS
-from onyx.configs.constants import UNNAMED_KEY_PLACEHOLDER
-from onyx.db.api_key import fetch_user_for_api_key
-from onyx.db.auth import get_default_admin_user_emails
-from onyx.db.auth import get_user_count
-from onyx.db.auth import get_user_db
-from onyx.db.auth import SQLAlchemyUserAdminDB
-from onyx.db.engine import get_async_session
-from onyx.db.engine import get_async_session_with_tenant
-from onyx.db.engine import get_current_tenant_id
-from onyx.db.engine import get_session_with_tenant
-from onyx.db.models import OAuthAccount
-from onyx.db.models import User
-from onyx.db.users import get_user_by_email
-from onyx.redis.redis_pool import get_async_redis_connection
-from onyx.redis.redis_pool import get_redis_client
-from onyx.utils.logger import setup_logger
-from onyx.utils.telemetry import create_milestone_and_report
-from onyx.utils.telemetry import optional_telemetry
-from onyx.utils.telemetry import RecordType
-from onyx.utils.variable_functionality import fetch_ee_implementation_or_noop
-from onyx.utils.variable_functionality import fetch_versioned_implementation
+from danswer.auth.api_key import get_hashed_api_key_from_request
+from danswer.auth.invited_users import get_invited_users
+from danswer.auth.schemas import UserCreate
+from danswer.auth.schemas import UserRole
+from danswer.auth.schemas import UserUpdate
+from danswer.configs.app_configs import AUTH_TYPE
+from danswer.configs.app_configs import DISABLE_AUTH
+from danswer.configs.app_configs import DISABLE_VERIFICATION
+from danswer.configs.app_configs import EMAIL_FROM
+from danswer.configs.app_configs import REQUIRE_EMAIL_VERIFICATION
+from danswer.configs.app_configs import SESSION_EXPIRE_TIME_SECONDS
+from danswer.configs.app_configs import SMTP_PASS
+from danswer.configs.app_configs import SMTP_PORT
+from danswer.configs.app_configs import SMTP_SERVER
+from danswer.configs.app_configs import SMTP_USER
+from danswer.configs.app_configs import TRACK_EXTERNAL_IDP_EXPIRY
+from danswer.configs.app_configs import USER_AUTH_SECRET
+from danswer.configs.app_configs import VALID_EMAIL_DOMAINS
+from danswer.configs.app_configs import WEB_DOMAIN
+from danswer.configs.constants import AuthType
+from danswer.configs.constants import DANSWER_API_KEY_DUMMY_EMAIL_DOMAIN
+from danswer.configs.constants import DANSWER_API_KEY_PREFIX
+from danswer.configs.constants import UNNAMED_KEY_PLACEHOLDER
+from danswer.db.api_key import fetch_user_for_api_key
+from danswer.db.auth import get_access_token_db
+from danswer.db.auth import get_default_admin_user_emails
+from danswer.db.auth import get_user_count
+from danswer.db.auth import get_user_db
+from danswer.db.auth import SQLAlchemyUserAdminDB
+from danswer.db.engine import get_async_session
+from danswer.db.engine import get_async_session_with_tenant
+from danswer.db.engine import get_session_with_tenant
+from danswer.db.models import AccessToken
+from danswer.db.models import OAuthAccount
+from danswer.db.models import User
+from danswer.db.users import get_user_by_email
+from danswer.utils.logger import setup_logger
+from danswer.utils.telemetry import optional_telemetry
+from danswer.utils.telemetry import RecordType
+from danswer.utils.variable_functionality import fetch_ee_implementation_or_noop
+from danswer.utils.variable_functionality import fetch_versioned_implementation
 from shared_configs.configs import async_return_default_schema
 from shared_configs.configs import MULTI_TENANT
 from shared_configs.contextvars import CURRENT_TENANT_ID_CONTEXTVAR
@@ -137,23 +136,11 @@ def get_display_email(email: str | None, space_less: bool = False) -> str:


 def user_needs_to_be_verified() -> bool:
-    if AUTH_TYPE == AuthType.BASIC or AUTH_TYPE == AuthType.CLOUD:
-        return REQUIRE_EMAIL_VERIFICATION
-
-    # For other auth types, if the user is authenticated it's assumed that
-    # the user is already verified via the external IDP
-    return False
-
-
-def anonymous_user_enabled(*, tenant_id: str | None = None) -> bool:
-    redis_client = get_redis_client(tenant_id=tenant_id)
-    value = redis_client.get(OnyxRedisLocks.ANONYMOUS_USER_ENABLED)
-
-    if value is None:
-        return False
-
-    assert isinstance(value, bytes)
-    return int(value.decode("utf-8")) == 1
+    # all other auth types besides basic should require users to be
+    # verified
+    return not DISABLE_VERIFICATION and (
+        AUTH_TYPE != AuthType.BASIC or REQUIRE_EMAIL_VERIFICATION
+    )


 def verify_email_is_invited(email: str) -> None:
@@ -206,6 +193,30 @@ def verify_email_domain(email: str) -> None:
            )


+def send_user_verification_email(
+    user_email: str,
+    token: str,
+    mail_from: str = EMAIL_FROM,
+) -> None:
+    msg = MIMEMultipart()
+    msg["Subject"] = "Danswer Email Verification"
+    msg["To"] = user_email
+    if mail_from:
+        msg["From"] = mail_from
+
+    link = f"{WEB_DOMAIN}/auth/verify-email?token={token}"
+
+    body = MIMEText(f"Click the following link to verify your email address: {link}")
+    msg.attach(body)
+
+    with smtplib.SMTP(SMTP_SERVER, SMTP_PORT) as s:
+        s.starttls()
+        # If credentials fails with gmail, check (You need an app password, not just the basic email password)
+        # https://support.google.com/accounts/answer/185833?sjid=8512343437447396151-NA
+        s.login(SMTP_USER, SMTP_PASS)
+        s.send_message(msg)
+
+
 class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):
    reset_password_token_secret = USER_AUTH_SECRET
    verification_token_secret = USER_AUTH_SECRET
@@ -218,26 +229,17 @@ class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):
        safe: bool = False,
        request: Optional[Request] = None,
    ) -> User:
-        # We verify the password here to make sure it's valid before we proceed
-        await self.validate_password(
-            user_create.password, cast(schemas.UC, user_create)
-        )
-
-        user_count: int | None = None
-        referral_source = (
-            request.cookies.get("referral_source", None)
-            if request is not None
-            else None
-        )
+        referral_source = None
+        if request is not None:
+            referral_source = request.cookies.get("referral_source", None)

        tenant_id = await fetch_ee_implementation_or_noop(
-            "onyx.server.tenants.provisioning",
-            "get_or_provision_tenant",
+            "danswer.server.tenants.provisioning",
+            "get_or_create_tenant_id",
            async_return_default_schema,
        )(
            email=user_create.email,
            referral_source=referral_source,
-            request=request,
        )

        async with get_async_session_with_tenant(tenant_id) as db_session:
@@ -270,6 +272,7 @@ class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):
                if not user.role.is_web_login() and user_create.role.is_web_login():
                    user_update = UserUpdate(
                        password=user_create.password,
+                        role=user_create.role,
                        is_verified=user_create.is_verified,
                    )
                    user = await self.update(user_update, user)
@@ -279,37 +282,7 @@ class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):
            finally:
                CURRENT_TENANT_ID_CONTEXTVAR.reset(token)

-        return user
-
-    async def validate_password(self, password: str, _: schemas.UC | models.UP) -> None:
-        # Validate password according to basic security guidelines
-        if len(password) < 12:
-            raise exceptions.InvalidPasswordException(
-                reason="Password must be at least 12 characters long."
-            )
-        if len(password) > 64:
-            raise exceptions.InvalidPasswordException(
-                reason="Password must not exceed 64 characters."
-            )
-        if not any(char.isupper() for char in password):
-            raise exceptions.InvalidPasswordException(
-                reason="Password must contain at least one uppercase letter."
-            )
-        if not any(char.islower() for char in password):
-            raise exceptions.InvalidPasswordException(
-                reason="Password must contain at least one lowercase letter."
-            )
-        if not any(char.isdigit() for char in password):
-            raise exceptions.InvalidPasswordException(
-                reason="Password must contain at least one number."
-            )
-        if not any(char in PASSWORD_SPECIAL_CHARS for char in password):
-            raise exceptions.InvalidPasswordException(
-                reason="Password must contain at least one special character from the following set: "
-                f"{PASSWORD_SPECIAL_CHARS}."
-            )
-
-        return
+            return user

    async def oauth_callback(
        self,
@@ -324,18 +297,17 @@ class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):
        associate_by_email: bool = False,
        is_verified_by_default: bool = False,
    ) -> User:
-        referral_source = (
-            getattr(request.state, "referral_source", None) if request else None
-        )
+        referral_source = None
+        if request:
+            referral_source = getattr(request.state, "referral_source", None)

        tenant_id = await fetch_ee_implementation_or_noop(
-            "onyx.server.tenants.provisioning",
-            "get_or_provision_tenant",
+            "danswer.server.tenants.provisioning",
+            "get_or_create_tenant_id",
            async_return_default_schema,
        )(
            email=account_email,
            referral_source=referral_source,
-            request=request,
        )

        if not tenant_id:
@@ -393,6 +365,7 @@ class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):

                    # Explicitly set the Postgres schema for this session to ensure
                    # OAuth account creation happens in the correct tenant schema
+                    await db_session.execute(text(f'SET search_path = "{tenant_id}"'))

                    # Add OAuth account
                    await self.user_db.add_oauth_account(user, oauth_account_dict)
@@ -414,6 +387,7 @@ class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):

            # NOTE: Most IdPs have very short expiry times, and we don't want to force the user to
            # re-authenticate that frequently, so by default this is disabled
+
            if expires_at and TRACK_EXTERNAL_IDP_EXPIRY:
                oidc_expiry = datetime.fromtimestamp(expires_at, tz=timezone.utc)
                await self.user_db.update(
@@ -448,39 +422,6 @@ class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):
    async def on_after_register(
        self, user: User, request: Optional[Request] = None
    ) -> None:
-        tenant_id = await fetch_ee_implementation_or_noop(
-            "onyx.server.tenants.provisioning",
-            "get_or_provision_tenant",
-            async_return_default_schema,
-        )(
-            email=user.email,
-            request=request,
-        )
-
-        token = CURRENT_TENANT_ID_CONTEXTVAR.set(tenant_id)
-        try:
-            user_count = await get_user_count()
-
-            with get_session_with_tenant(tenant_id=tenant_id) as db_session:
-                if user_count == 1:
-                    create_milestone_and_report(
-                        user=user,
-                        distinct_id=user.email,
-                        event_type=MilestoneRecordType.USER_SIGNED_UP,
-                        properties=None,
-                        db_session=db_session,
-                    )
-                else:
-                    create_milestone_and_report(
-                        user=user,
-                        distinct_id=user.email,
-                        event_type=MilestoneRecordType.MULTIPLE_USERS,
-                        properties=None,
-                        db_session=db_session,
-                    )
-        finally:
-            CURRENT_TENANT_ID_CONTEXTVAR.reset(token)
-
        logger.notice(f"User {user.id} has registered.")
        optional_telemetry(
            record_type=RecordType.SIGN_UP,
@@ -491,15 +432,7 @@ class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):
    async def on_after_forgot_password(
        self, user: User, token: str, request: Optional[Request] = None
    ) -> None:
-        if not EMAIL_CONFIGURED:
-            logger.error(
-                "Email is not configured. Please configure email in the admin panel"
-            )
-            raise HTTPException(
-                status.HTTP_500_INTERNAL_SERVER_ERROR,
-                "Your admin has not enbaled this feature.",
-            )
-        send_forgot_password_email(user.email, token)
+        logger.notice(f"User {user.id} has forgot their password. Reset token: {token}")

    async def on_after_request_verify(
        self, user: User, token: str, request: Optional[Request] = None
@@ -519,8 +452,8 @@ class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):

        # Get tenant_id from mapping table
        tenant_id = await fetch_ee_implementation_or_noop(
-            "onyx.server.tenants.provisioning",
-            "get_or_provision_tenant",
+            "danswer.server.tenants.provisioning",
+            "get_or_create_tenant_id",
            async_return_default_schema,
        )(
            email=email,
@@ -576,70 +509,51 @@ cookie_transport = CookieTransport(
 )


-def get_redis_strategy() -> RedisStrategy:
-    return TenantAwareRedisStrategy()
-
-
-class TenantAwareRedisStrategy(RedisStrategy[User, uuid.UUID]):
-    """
-    A custom strategy that fetches the actual async Redis connection inside each method.
-    We do NOT pass a synchronous or "coroutine" redis object to the constructor.
-    """
-
-    def __init__(
-        self,
-        lifetime_seconds: Optional[int] = REDIS_AUTH_EXPIRE_TIME_SECONDS,
-        key_prefix: str = REDIS_AUTH_KEY_PREFIX,
-    ):
-        self.lifetime_seconds = lifetime_seconds
-        self.key_prefix = key_prefix
-
-    async def write_token(self, user: User) -> str:
-        redis = await get_async_redis_connection()
-
+# This strategy is used to add tenant_id to the JWT token
+class TenantAwareJWTStrategy(JWTStrategy):
+    async def _create_token_data(self, user: User, impersonate: bool = False) -> dict:
        tenant_id = await fetch_ee_implementation_or_noop(
-            "onyx.server.tenants.provisioning",
-            "get_or_provision_tenant",
+            "danswer.server.tenants.provisioning",
+            "get_or_create_tenant_id",
            async_return_default_schema,
-        )(email=user.email)
+        )(
+            email=user.email,
+        )

-        token_data = {
+        data = {
            "sub": str(user.id),
+            "aud": self.token_audience,
            "tenant_id": tenant_id,
        }
-        token = secrets.token_urlsafe()
-        await redis.set(
-            f"{self.key_prefix}{token}",
-            json.dumps(token_data),
-            ex=self.lifetime_seconds,
+        return data
+
+    async def write_token(self, user: User) -> str:
+        data = await self._create_token_data(user)
+        return generate_jwt(
+            data, self.encode_key, self.lifetime_seconds, algorithm=self.algorithm
        )
-        return token

-    async def read_token(
-        self, token: Optional[str], user_manager: BaseUserManager[User, uuid.UUID]
-    ) -> Optional[User]:
-        redis = await get_async_redis_connection()
-        token_data_str = await redis.get(f"{self.key_prefix}{token}")
-        if not token_data_str:
-            return None

-        try:
-            token_data = json.loads(token_data_str)
-            user_id = token_data["sub"]
-            parsed_id = user_manager.parse_id(user_id)
-            return await user_manager.get(parsed_id)
-        except (exceptions.UserNotExists, exceptions.InvalidID, KeyError):
-            return None
+def get_jwt_strategy() -> TenantAwareJWTStrategy:
+    return TenantAwareJWTStrategy(
+        secret=USER_AUTH_SECRET,
+        lifetime_seconds=SESSION_EXPIRE_TIME_SECONDS,
+    )

-    async def destroy_token(self, token: str, user: User) -> None:
-        """Properly delete the token from async redis."""
-        redis = await get_async_redis_connection()
-        await redis.delete(f"{self.key_prefix}{token}")
+
+def get_database_strategy(
+    access_token_db: AccessTokenDatabase[AccessToken] = Depends(get_access_token_db),
+) -> DatabaseStrategy:
+    return DatabaseStrategy(
+        access_token_db, lifetime_seconds=SESSION_EXPIRE_TIME_SECONDS  # type: ignore
+    )


 auth_backend = AuthenticationBackend(
-    name="redis", transport=cookie_transport, get_strategy=get_redis_strategy
-)
+    name="jwt" if MULTI_TENANT else "database",
+    transport=cookie_transport,
+    get_strategy=get_jwt_strategy if MULTI_TENANT else get_database_strategy,  # type: ignore
+)  # type: ignore


 class FastAPIUserWithLogoutRouter(FastAPIUsers[models.UP, models.ID]):
@@ -708,7 +622,7 @@ async def optional_user(
    user: User | None = Depends(optional_fastapi_current_user),
 ) -> User | None:
    versioned_fetch_user = fetch_versioned_implementation(
-        "onyx.auth.users", "optional_user_"
+        "danswer.auth.users", "optional_user_"
    )
    user = await versioned_fetch_user(request, user, async_db_session)

@@ -725,36 +639,30 @@ async def double_check_user(
    user: User | None,
    optional: bool = DISABLE_AUTH,
    include_expired: bool = False,
-    allow_anonymous_access: bool = False,
 ) -> User | None:
    if optional:
-        return user
-
-    if user is not None:
-        # If user attempted to authenticate, verify them, do not default
-        # to anonymous access if it fails.
-        if user_needs_to_be_verified() and not user.is_verified:
-            raise BasicAuthenticationError(
-                detail="Access denied. User is not verified.",
-            )
-
-        if (
-            user.oidc_expiry
-            and user.oidc_expiry < datetime.now(timezone.utc)
-            and not include_expired
-        ):
-            raise BasicAuthenticationError(
-                detail="Access denied. User's OIDC token has expired.",
-            )
-
-        return user
-
-    if allow_anonymous_access:
        return None

-    raise BasicAuthenticationError(
-        detail="Access denied. User is not authenticated.",
-    )
+    if user is None:
+        raise BasicAuthenticationError(
+            detail="Access denied. User is not authenticated.",
+        )
+
+    if user_needs_to_be_verified() and not user.is_verified:
+        raise BasicAuthenticationError(
+            detail="Access denied. User is not verified.",
+        )
+
+    if (
+        user.oidc_expiry
+        and user.oidc_expiry < datetime.now(timezone.utc)
+        and not include_expired
+    ):
+        raise BasicAuthenticationError(
+            detail="Access denied. User's OIDC token has expired.",
+        )
+
+    return user


 async def current_user_with_expired_token(
@@ -769,15 +677,6 @@ async def current_limited_user(
    return await double_check_user(user)


-async def current_chat_accesssible_user(
-    user: User | None = Depends(optional_user),
-    tenant_id: str | None = Depends(get_current_tenant_id),
-) -> User | None:
-    return await double_check_user(
-        user, allow_anonymous_access=anonymous_user_enabled(tenant_id=tenant_id)
-    )
-
-
 async def current_user(
    user: User | None = Depends(optional_user),
 ) -> User | None:
@@ -825,7 +724,7 @@ async def current_admin_user(user: User | None = Depends(current_user)) -> User


 def get_default_admin_user_emails_() -> list[str]:
-    # No default seeding available for Onyx MIT
+    # No default seeding available for Danswer MIT
    return []


@@ -845,7 +744,7 @@ def generate_state_token(


 # refer to https://github.com/fastapi-users/fastapi-users/blob/42ddc241b965475390e2bce887b084152ae1a2cd/fastapi_users/fastapi_users.py#L91
-def create_onyx_oauth_router(
+def create_danswer_oauth_router(
    oauth_client: BaseOAuth2,
    backend: AuthenticationBackend,
    state_secret: SecretType,
--- a/backend/danswer/background/celery/apps/app_base.py
+++ b/backend/danswer/background/celery/apps/app_base.py
@@ -3,45 +3,38 @@ import multiprocessing
 import time
 from typing import Any

+import requests
 import sentry_sdk
 from celery import Task
 from celery.app import trace
 from celery.exceptions import WorkerShutdown
-from celery.signals import task_postrun
-from celery.signals import task_prerun
 from celery.states import READY_STATES
 from celery.utils.log import get_task_logger
 from celery.worker import strategy  # type: ignore
-from redis.lock import Lock as RedisLock
 from sentry_sdk.integrations.celery import CeleryIntegration
 from sqlalchemy import text
 from sqlalchemy.orm import Session

-from onyx.background.celery.apps.task_formatters import CeleryTaskColoredFormatter
-from onyx.background.celery.apps.task_formatters import CeleryTaskPlainFormatter
-from onyx.background.celery.celery_utils import celery_is_worker_primary
-from onyx.configs.constants import ONYX_CLOUD_CELERY_TASK_PREFIX
-from onyx.configs.constants import OnyxRedisLocks
-from onyx.db.engine import get_sqlalchemy_engine
-from onyx.document_index.vespa.shared_utils.utils import get_vespa_http_client
-from onyx.document_index.vespa_constants import VESPA_CONFIG_SERVER_URL
-from onyx.redis.redis_connector import RedisConnector
-from onyx.redis.redis_connector_credential_pair import RedisConnectorCredentialPair
-from onyx.redis.redis_connector_delete import RedisConnectorDelete
-from onyx.redis.redis_connector_doc_perm_sync import RedisConnectorPermissionSync
-from onyx.redis.redis_connector_ext_group_sync import RedisConnectorExternalGroupSync
-from onyx.redis.redis_connector_prune import RedisConnectorPrune
-from onyx.redis.redis_document_set import RedisDocumentSet
-from onyx.redis.redis_pool import get_redis_client
-from onyx.redis.redis_usergroup import RedisUserGroup
-from onyx.utils.logger import ColoredFormatter
-from onyx.utils.logger import PlainFormatter
-from onyx.utils.logger import setup_logger
-from shared_configs.configs import MULTI_TENANT
-from shared_configs.configs import POSTGRES_DEFAULT_SCHEMA
+from danswer.background.celery.apps.task_formatters import CeleryTaskColoredFormatter
+from danswer.background.celery.apps.task_formatters import CeleryTaskPlainFormatter
+from danswer.background.celery.celery_utils import celery_is_worker_primary
+from danswer.configs.constants import DanswerRedisLocks
+from danswer.db.engine import get_sqlalchemy_engine
+from danswer.document_index.vespa_constants import VESPA_CONFIG_SERVER_URL
+from danswer.redis.redis_connector import RedisConnector
+from danswer.redis.redis_connector_credential_pair import RedisConnectorCredentialPair
+from danswer.redis.redis_connector_delete import RedisConnectorDelete
+from danswer.redis.redis_connector_doc_perm_sync import RedisConnectorPermissionSync
+from danswer.redis.redis_connector_ext_group_sync import RedisConnectorExternalGroupSync
+from danswer.redis.redis_connector_prune import RedisConnectorPrune
+from danswer.redis.redis_document_set import RedisDocumentSet
+from danswer.redis.redis_pool import get_redis_client
+from danswer.redis.redis_usergroup import RedisUserGroup
+from danswer.utils.logger import ColoredFormatter
+from danswer.utils.logger import PlainFormatter
+from danswer.utils.logger import setup_logger
 from shared_configs.configs import SENTRY_DSN
-from shared_configs.configs import TENANT_ID_PREFIX
-from shared_configs.contextvars import CURRENT_TENANT_ID_CONTEXTVAR
+

 logger = setup_logger()

@@ -62,8 +55,8 @@ def on_task_prerun(
    sender: Any | None = None,
    task_id: str | None = None,
    task: Task | None = None,
-    args: tuple[Any, ...] | None = None,
-    kwargs: dict[str, Any] | None = None,
+    args: tuple | None = None,
+    kwargs: dict | None = None,
    **kwds: Any,
 ) -> None:
    pass
@@ -101,10 +94,6 @@ def on_task_postrun(
    if not task_id:
        return

-    if task.name.startswith(ONYX_CLOUD_CELERY_TASK_PREFIX):
-        # this is a cloud / all tenant task ... no postrun is needed
-        return
-
    # Get tenant_id directly from kwargs- each celery task has a tenant_id kwarg
    if not kwargs:
        logger.error(f"Task {task.name} (ID: {task_id}) is missing kwargs")
@@ -166,34 +155,9 @@ def on_task_postrun(
        return


-def on_celeryd_init(sender: str, conf: Any = None, **kwargs: Any) -> None:
+def on_celeryd_init(sender: Any = None, conf: Any = None, **kwargs: Any) -> None:
    """The first signal sent on celery worker startup"""
-
-    # NOTE(rkuo): start method "fork" is unsafe and we really need it to be "spawn"
-    # But something is blocking set_start_method from working in the cloud unless
-    # force=True. so we use force=True as a fallback.
-
-    all_start_methods: list[str] = multiprocessing.get_all_start_methods()
-    logger.info(f"Multiprocessing all start methods: {all_start_methods}")
-
-    try:
-        multiprocessing.set_start_method("spawn")  # fork is unsafe, set to spawn
-    except Exception:
-        logger.info(
-            "Multiprocessing set_start_method exceptioned. Trying force=True..."
-        )
-        try:
-            multiprocessing.set_start_method(
-                "spawn", force=True
-            )  # fork is unsafe, set to spawn
-        except Exception:
-            logger.info(
-                "Multiprocessing set_start_method force=True exceptioned even with force=True."
-            )
-
-    logger.info(
-        f"Multiprocessing selected start method: {multiprocessing.get_start_method()}"
-    )
+    multiprocessing.set_start_method("spawn")  # fork is unsafe, set to spawn


 def wait_for_redis(sender: Any, **kwargs: Any) -> None:
@@ -292,8 +256,7 @@ def wait_for_vespa(sender: Any, **kwargs: Any) -> None:
    logger.info("Vespa: Readiness probe starting.")
    while True:
        try:
-            client = get_vespa_http_client()
-            response = client.get(f"{VESPA_CONFIG_SERVER_URL}/state/v1/health")
+            response = requests.get(f"{VESPA_CONFIG_SERVER_URL}/state/v1/health")
            response.raise_for_status()

            response_dict = response.json()
@@ -336,7 +299,7 @@ def on_secondary_worker_init(sender: Any, **kwargs: Any) -> None:

    logger.info("Waiting for primary worker to be ready...")
    while True:
-        if r.exists(OnyxRedisLocks.PRIMARY_WORKER):
+        if r.exists(DanswerRedisLocks.PRIMARY_WORKER):
            break

        time_elapsed = time.monotonic() - time_start
@@ -365,57 +328,43 @@ def on_worker_shutdown(sender: Any, **kwargs: Any) -> None:
    if not celery_is_worker_primary(sender):
        return

-    if not hasattr(sender, "primary_worker_lock"):
-        # primary_worker_lock will not exist when MULTI_TENANT is True
-        return
-
    if not sender.primary_worker_lock:
        return

    logger.info("Releasing primary worker lock.")
-    lock: RedisLock = sender.primary_worker_lock
+    lock = sender.primary_worker_lock
    try:
        if lock.owned():
            try:
                lock.release()
                sender.primary_worker_lock = None
-            except Exception:
-                logger.exception("Failed to release primary worker lock")
-    except Exception:
-        logger.exception("Failed to check if primary worker lock is owned")
+            except Exception as e:
+                logger.error(f"Failed to release primary worker lock: {e}")
+    except Exception as e:
+        logger.error(f"Failed to check if primary worker lock is owned: {e}")


 def on_setup_logging(
-    loglevel: int,
-    logfile: str | None,
-    format: str,
-    colorize: bool,
-    **kwargs: Any,
+    loglevel: Any, logfile: Any, format: Any, colorize: Any, **kwargs: Any
 ) -> None:
    # TODO: could unhardcode format and colorize and accept these as options from
    # celery's config

+    # reformats the root logger
    root_logger = logging.getLogger()
-    root_logger.handlers = []

-    # Define the log format
-    log_format = (
-        "%(levelname)-8s %(asctime)s %(filename)15s:%(lineno)-4d: %(name)s %(message)s"
-    )
-
-    # Set up the root handler
-    root_handler = logging.StreamHandler()
+    root_handler = logging.StreamHandler()  # Set up a handler for the root logger
    root_formatter = ColoredFormatter(
-        log_format,
+        "%(asctime)s %(filename)30s %(lineno)4s: %(message)s",
        datefmt="%m/%d/%Y %I:%M:%S %p",
    )
    root_handler.setFormatter(root_formatter)
-    root_logger.addHandler(root_handler)
+    root_logger.addHandler(root_handler)  # Apply the handler to the root logger

    if logfile:
        root_file_handler = logging.FileHandler(logfile)
        root_file_formatter = PlainFormatter(
-            log_format,
+            "%(asctime)s %(filename)30s %(lineno)4s: %(message)s",
            datefmt="%m/%d/%Y %I:%M:%S %p",
        )
        root_file_handler.setFormatter(root_file_formatter)
@@ -423,23 +372,19 @@ def on_setup_logging(

    root_logger.setLevel(loglevel)

-    # Configure the task logger
-    task_logger.handlers = []
-
-    task_handler = logging.StreamHandler()
-    task_handler.addFilter(TenantContextFilter())
+    # reformats celery's task logger
    task_formatter = CeleryTaskColoredFormatter(
-        log_format,
+        "%(asctime)s %(filename)30s %(lineno)4s: %(message)s",
        datefmt="%m/%d/%Y %I:%M:%S %p",
    )
+    task_handler = logging.StreamHandler()  # Set up a handler for the task logger
    task_handler.setFormatter(task_formatter)
-    task_logger.addHandler(task_handler)
+    task_logger.addHandler(task_handler)  # Apply the handler to the task logger

    if logfile:
        task_file_handler = logging.FileHandler(logfile)
-        task_file_handler.addFilter(TenantContextFilter())
        task_file_formatter = CeleryTaskPlainFormatter(
-            log_format,
+            "%(asctime)s %(filename)30s %(lineno)4s: %(message)s",
            datefmt="%m/%d/%Y %I:%M:%S %p",
        )
        task_file_handler.setFormatter(task_file_formatter)
@@ -452,61 +397,6 @@ def on_setup_logging(
    # e.g. "Task check_for_pruning[a1e96171-0ba8-4e00-887b-9fbf7442eab3] received"
    strategy.logger.setLevel(logging.WARNING)

-    # uncomment this to hide celery task succeeded/failed spam
+    # hide celery task succeeded/failed spam
    # e.g. "Task check_for_pruning[a1e96171-0ba8-4e00-887b-9fbf7442eab3] succeeded in 0.03137450001668185s: None"
    trace.logger.setLevel(logging.WARNING)
-
-
-def set_task_finished_log_level(logLevel: int) -> None:
-    """call this to override the setLevel in on_setup_logging. We are interested
-    in the task timings in the cloud but it can be spammy for self hosted."""
-    trace.logger.setLevel(logLevel)
-
-
-class TenantContextFilter(logging.Filter):
-
-    """Logging filter to inject tenant ID into the logger's name."""
-
-    def filter(self, record: logging.LogRecord) -> bool:
-        if not MULTI_TENANT:
-            record.name = ""
-            return True
-
-        tenant_id = CURRENT_TENANT_ID_CONTEXTVAR.get()
-        if tenant_id:
-            tenant_id = tenant_id.split(TENANT_ID_PREFIX)[-1][:5]
-            record.name = f"[t:{tenant_id}]"
-        else:
-            record.name = ""
-        return True
-
-
-@task_prerun.connect
-def set_tenant_id(
-    sender: Any | None = None,
-    task_id: str | None = None,
-    task: Task | None = None,
-    args: tuple[Any, ...] | None = None,
-    kwargs: dict[str, Any] | None = None,
-    **other_kwargs: Any,
-) -> None:
-    """Signal handler to set tenant ID in context var before task starts."""
-    tenant_id = (
-        kwargs.get("tenant_id", POSTGRES_DEFAULT_SCHEMA)
-        if kwargs
-        else POSTGRES_DEFAULT_SCHEMA
-    )
-    CURRENT_TENANT_ID_CONTEXTVAR.set(tenant_id)
-
-
-@task_postrun.connect
-def reset_tenant_id(
-    sender: Any | None = None,
-    task_id: str | None = None,
-    task: Task | None = None,
-    args: tuple[Any, ...] | None = None,
-    kwargs: dict[str, Any] | None = None,
-    **other_kwargs: Any,
-) -> None:
-    """Signal handler to reset tenant ID in context var after task ends."""
-    CURRENT_TENANT_ID_CONTEXTVAR.set(POSTGRES_DEFAULT_SCHEMA)
--- a/backend/danswer/background/celery/apps/beat.py
+++ b/backend/danswer/background/celery/apps/beat.py
@@ -0,0 +1,172 @@
+from datetime import timedelta
+from typing import Any
+
+from celery import Celery
+from celery import signals
+from celery.beat import PersistentScheduler  # type: ignore
+from celery.signals import beat_init
+
+import danswer.background.celery.apps.app_base as app_base
+from danswer.configs.constants import POSTGRES_CELERY_BEAT_APP_NAME
+from danswer.db.engine import get_all_tenant_ids
+from danswer.db.engine import SqlEngine
+from danswer.utils.logger import setup_logger
+from danswer.utils.variable_functionality import fetch_versioned_implementation
+from shared_configs.configs import IGNORED_SYNCING_TENANT_LIST
+from shared_configs.configs import MULTI_TENANT
+
+logger = setup_logger(__name__)
+
+celery_app = Celery(__name__)
+celery_app.config_from_object("danswer.background.celery.configs.beat")
+
+
+class DynamicTenantScheduler(PersistentScheduler):
+    def __init__(self, *args: Any, **kwargs: Any) -> None:
+        logger.info("Initializing DynamicTenantScheduler")
+        super().__init__(*args, **kwargs)
+        self._reload_interval = timedelta(minutes=2)
+        self._last_reload = self.app.now() - self._reload_interval
+        # Let the parent class handle store initialization
+        self.setup_schedule()
+        self._update_tenant_tasks()
+        logger.info(f"Set reload interval to {self._reload_interval}")
+
+    def setup_schedule(self) -> None:
+        logger.info("Setting up initial schedule")
+        super().setup_schedule()
+        logger.info("Initial schedule setup complete")
+
+    def tick(self) -> float:
+        retval = super().tick()
+        now = self.app.now()
+        if (
+            self._last_reload is None
+            or (now - self._last_reload) > self._reload_interval
+        ):
+            logger.info("Reload interval reached, initiating tenant task update")
+            self._update_tenant_tasks()
+            self._last_reload = now
+            logger.info("Tenant task update completed, reset reload timer")
+        return retval
+
+    def _update_tenant_tasks(self) -> None:
+        logger.info("Starting tenant task update process")
+        try:
+            logger.info("Fetching all tenant IDs")
+            tenant_ids = get_all_tenant_ids()
+            logger.info(f"Found {len(tenant_ids)} tenants")
+
+            logger.info("Fetching tasks to schedule")
+            tasks_to_schedule = fetch_versioned_implementation(
+                "danswer.background.celery.tasks.beat_schedule", "get_tasks_to_schedule"
+            )
+
+            new_beat_schedule: dict[str, dict[str, Any]] = {}
+
+            current_schedule = self.schedule.items()
+
+            existing_tenants = set()
+            for task_name, _ in current_schedule:
+                if "-" in task_name:
+                    existing_tenants.add(task_name.split("-")[-1])
+            logger.info(f"Found {len(existing_tenants)} existing tenants in schedule")
+
+            for tenant_id in tenant_ids:
+                if (
+                    IGNORED_SYNCING_TENANT_LIST
+                    and tenant_id in IGNORED_SYNCING_TENANT_LIST
+                ):
+                    logger.info(
+                        f"Skipping tenant {tenant_id} as it is in the ignored syncing list"
+                    )
+                    continue
+
+                if tenant_id not in existing_tenants:
+                    logger.info(f"Processing new tenant: {tenant_id}")
+
+                for task in tasks_to_schedule():
+                    task_name = f"{task['name']}-{tenant_id}"
+                    logger.debug(f"Creating task configuration for {task_name}")
+                    new_task = {
+                        "task": task["task"],
+                        "schedule": task["schedule"],
+                        "kwargs": {"tenant_id": tenant_id},
+                    }
+                    if options := task.get("options"):
+                        logger.debug(f"Adding options to task {task_name}: {options}")
+                        new_task["options"] = options
+                    new_beat_schedule[task_name] = new_task
+
+            if self._should_update_schedule(current_schedule, new_beat_schedule):
+                logger.info(
+                    "Schedule update required",
+                    extra={
+                        "new_tasks": len(new_beat_schedule),
+                        "current_tasks": len(current_schedule),
+                    },
+                )
+
+                # Create schedule entries
+                entries = {}
+                for name, entry in new_beat_schedule.items():
+                    entries[name] = self.Entry(
+                        name=name,
+                        app=self.app,
+                        task=entry["task"],
+                        schedule=entry["schedule"],
+                        options=entry.get("options", {}),
+                        kwargs=entry.get("kwargs", {}),
+                    )
+
+                # Update the schedule using the scheduler's methods
+                self.schedule.clear()
+                self.schedule.update(entries)
+
+                # Ensure changes are persisted
+                self.sync()
+
+                logger.info("Schedule update completed successfully")
+            else:
+                logger.info("Schedule is up to date, no changes needed")
+
+        except (AttributeError, KeyError):
+            logger.exception("Failed to process task configuration")
+        except Exception:
+            logger.exception("Unexpected error updating tenant tasks")
+
+    def _should_update_schedule(
+        self, current_schedule: dict, new_schedule: dict
+    ) -> bool:
+        """Compare schedules to determine if an update is needed."""
+        logger.debug("Comparing current and new schedules")
+        current_tasks = set(name for name, _ in current_schedule)
+        new_tasks = set(new_schedule.keys())
+        needs_update = current_tasks != new_tasks
+        logger.debug(f"Schedule update needed: {needs_update}")
+        return needs_update
+
+
+@beat_init.connect
+def on_beat_init(sender: Any, **kwargs: Any) -> None:
+    logger.info("beat_init signal received.")
+
+    # Celery beat shouldn't touch the db at all. But just setting a low minimum here.
+    SqlEngine.set_app_name(POSTGRES_CELERY_BEAT_APP_NAME)
+    SqlEngine.init_engine(pool_size=2, max_overflow=0)
+
+    # Startup checks are not needed in multi-tenant case
+    if MULTI_TENANT:
+        return
+
+    app_base.wait_for_redis(sender, **kwargs)
+
+
+@signals.setup_logging.connect
+def on_setup_logging(
+    loglevel: Any, logfile: Any, format: Any, colorize: Any, **kwargs: Any
+) -> None:
+    app_base.on_setup_logging(loglevel, logfile, format, colorize, **kwargs)
+
+
+celery_app.conf.beat_scheduler = DynamicTenantScheduler
--- a/backend/danswer/background/celery/apps/heavy.py
+++ b/backend/danswer/background/celery/apps/heavy.py
@@ -1,25 +1,25 @@
+import multiprocessing
 from typing import Any

 from celery import Celery
 from celery import signals
 from celery import Task
-from celery.apps.worker import Worker
 from celery.signals import celeryd_init
 from celery.signals import worker_init
 from celery.signals import worker_ready
 from celery.signals import worker_shutdown

-import onyx.background.celery.apps.app_base as app_base
-from onyx.configs.constants import POSTGRES_CELERY_WORKER_HEAVY_APP_NAME
-from onyx.db.engine import SqlEngine
-from onyx.utils.logger import setup_logger
+import danswer.background.celery.apps.app_base as app_base
+from danswer.configs.constants import POSTGRES_CELERY_WORKER_HEAVY_APP_NAME
+from danswer.db.engine import SqlEngine
+from danswer.utils.logger import setup_logger
 from shared_configs.configs import MULTI_TENANT


 logger = setup_logger()

 celery_app = Celery(__name__)
-celery_app.config_from_object("onyx.background.celery.configs.heavy")
+celery_app.config_from_object("danswer.background.celery.configs.heavy")


@signals.task_prerun.connect
@@ -49,25 +49,25 @@ def on_task_postrun(


@celeryd_init.connect
-def on_celeryd_init(sender: str, conf: Any = None, **kwargs: Any) -> None:
+def on_celeryd_init(sender: Any = None, conf: Any = None, **kwargs: Any) -> None:
    app_base.on_celeryd_init(sender, conf, **kwargs)


@worker_init.connect
-def on_worker_init(sender: Worker, **kwargs: Any) -> None:
+def on_worker_init(sender: Any, **kwargs: Any) -> None:
    logger.info("worker_init signal received.")
+    logger.info(f"Multiprocessing start method: {multiprocessing.get_start_method()}")

    SqlEngine.set_app_name(POSTGRES_CELERY_WORKER_HEAVY_APP_NAME)
-    SqlEngine.init_engine(pool_size=sender.concurrency, max_overflow=8)  # type: ignore
+    SqlEngine.init_engine(pool_size=4, max_overflow=12)
+
+    # Startup checks are not needed in multi-tenant case
+    if MULTI_TENANT:
+        return

    app_base.wait_for_redis(sender, **kwargs)
    app_base.wait_for_db(sender, **kwargs)
    app_base.wait_for_vespa(sender, **kwargs)
-
-    # Less startup checks in multi-tenant case
-    if MULTI_TENANT:
-        return
-
    app_base.on_secondary_worker_init(sender, **kwargs)


@@ -90,8 +90,8 @@ def on_setup_logging(

 celery_app.autodiscover_tasks(
    [
-        "onyx.background.celery.tasks.pruning",
-        "onyx.background.celery.tasks.doc_permission_syncing",
-        "onyx.background.celery.tasks.external_group_syncing",
+        "danswer.background.celery.tasks.pruning",
+        "danswer.background.celery.tasks.doc_permission_syncing",
+        "danswer.background.celery.tasks.external_group_syncing",
    ]
 )
--- a/backend/danswer/background/celery/apps/indexing.py
+++ b/backend/danswer/background/celery/apps/indexing.py
@@ -6,20 +6,21 @@ from celery import signals
 from celery import Task
 from celery.signals import celeryd_init
 from celery.signals import worker_init
+from celery.signals import worker_process_init
 from celery.signals import worker_ready
 from celery.signals import worker_shutdown

-import onyx.background.celery.apps.app_base as app_base
-from onyx.configs.constants import POSTGRES_CELERY_WORKER_MONITORING_APP_NAME
-from onyx.db.engine import SqlEngine
-from onyx.utils.logger import setup_logger
+import danswer.background.celery.apps.app_base as app_base
+from danswer.configs.constants import POSTGRES_CELERY_WORKER_INDEXING_APP_NAME
+from danswer.db.engine import SqlEngine
+from danswer.utils.logger import setup_logger
 from shared_configs.configs import MULTI_TENANT


 logger = setup_logger()

 celery_app = Celery(__name__)
-celery_app.config_from_object("onyx.background.celery.configs.monitoring")
+celery_app.config_from_object("danswer.background.celery.configs.indexing")


@signals.task_prerun.connect
@@ -58,16 +59,16 @@ def on_worker_init(sender: Any, **kwargs: Any) -> None:
    logger.info("worker_init signal received.")
    logger.info(f"Multiprocessing start method: {multiprocessing.get_start_method()}")

-    SqlEngine.set_app_name(POSTGRES_CELERY_WORKER_MONITORING_APP_NAME)
-    SqlEngine.init_engine(pool_size=sender.concurrency, max_overflow=3)
+    SqlEngine.set_app_name(POSTGRES_CELERY_WORKER_INDEXING_APP_NAME)
+    SqlEngine.init_engine(pool_size=sender.concurrency, max_overflow=sender.concurrency)

-    app_base.wait_for_redis(sender, **kwargs)
-    app_base.wait_for_db(sender, **kwargs)
-
-    # Less startup checks in multi-tenant case
+    # Startup checks are not needed in multi-tenant case
    if MULTI_TENANT:
        return

+    app_base.wait_for_redis(sender, **kwargs)
+    app_base.wait_for_db(sender, **kwargs)
+    app_base.wait_for_vespa(sender, **kwargs)
    app_base.on_secondary_worker_init(sender, **kwargs)


@@ -81,6 +82,11 @@ def on_worker_shutdown(sender: Any, **kwargs: Any) -> None:
    app_base.on_worker_shutdown(sender, **kwargs)


+@worker_process_init.connect
+def init_worker(**kwargs: Any) -> None:
+    SqlEngine.reset_engine()
+
+
@signals.setup_logging.connect
 def on_setup_logging(
    loglevel: Any, logfile: Any, format: Any, colorize: Any, **kwargs: Any
@@ -90,6 +96,6 @@ def on_setup_logging(

 celery_app.autodiscover_tasks(
    [
-        "onyx.background.celery.tasks.monitoring",
+        "danswer.background.celery.tasks.indexing",
    ]
 )
--- a/backend/danswer/background/celery/apps/light.py
+++ b/backend/danswer/background/celery/apps/light.py
@@ -1,24 +1,25 @@
+import multiprocessing
 from typing import Any

 from celery import Celery
 from celery import signals
 from celery import Task
-from celery.apps.worker import Worker
 from celery.signals import celeryd_init
 from celery.signals import worker_init
 from celery.signals import worker_ready
 from celery.signals import worker_shutdown

-import onyx.background.celery.apps.app_base as app_base
-from onyx.configs.constants import POSTGRES_CELERY_WORKER_LIGHT_APP_NAME
-from onyx.db.engine import SqlEngine
-from onyx.utils.logger import setup_logger
+import danswer.background.celery.apps.app_base as app_base
+from danswer.configs.constants import POSTGRES_CELERY_WORKER_LIGHT_APP_NAME
+from danswer.db.engine import SqlEngine
+from danswer.utils.logger import setup_logger
 from shared_configs.configs import MULTI_TENANT

+
 logger = setup_logger()

 celery_app = Celery(__name__)
-celery_app.config_from_object("onyx.background.celery.configs.light")
+celery_app.config_from_object("danswer.background.celery.configs.light")


@signals.task_prerun.connect
@@ -48,27 +49,24 @@ def on_task_postrun(


@celeryd_init.connect
-def on_celeryd_init(sender: str, conf: Any = None, **kwargs: Any) -> None:
+def on_celeryd_init(sender: Any = None, conf: Any = None, **kwargs: Any) -> None:
    app_base.on_celeryd_init(sender, conf, **kwargs)


@worker_init.connect
-def on_worker_init(sender: Worker, **kwargs: Any) -> None:
+def on_worker_init(sender: Any, **kwargs: Any) -> None:
    logger.info("worker_init signal received.")
-
-    logger.info(f"Concurrency: {sender.concurrency}")  # type: ignore
+    logger.info(f"Multiprocessing start method: {multiprocessing.get_start_method()}")

    SqlEngine.set_app_name(POSTGRES_CELERY_WORKER_LIGHT_APP_NAME)
-    SqlEngine.init_engine(pool_size=sender.concurrency, max_overflow=8)  # type: ignore
+    SqlEngine.init_engine(pool_size=sender.concurrency, max_overflow=8)
+    # Startup checks are not needed in multi-tenant case
+    if MULTI_TENANT:
+        return

    app_base.wait_for_redis(sender, **kwargs)
    app_base.wait_for_db(sender, **kwargs)
    app_base.wait_for_vespa(sender, **kwargs)
-
-    # Less startup checks in multi-tenant case
-    if MULTI_TENANT:
-        return
-
    app_base.on_secondary_worker_init(sender, **kwargs)


@@ -91,9 +89,9 @@ def on_setup_logging(

 celery_app.autodiscover_tasks(
    [
-        "onyx.background.celery.tasks.shared",
-        "onyx.background.celery.tasks.vespa",
-        "onyx.background.celery.tasks.connector_deletion",
-        "onyx.background.celery.tasks.doc_permission_syncing",
+        "danswer.background.celery.tasks.shared",
+        "danswer.background.celery.tasks.vespa",
+        "danswer.background.celery.tasks.connector_deletion",
+        "danswer.background.celery.tasks.doc_permission_syncing",
    ]
 )
--- a/backend/danswer/background/celery/apps/primary.py
+++ b/backend/danswer/background/celery/apps/primary.py
@@ -1,4 +1,4 @@
-import logging
+import multiprocessing
 from typing import Any
 from typing import cast

@@ -6,44 +6,43 @@ from celery import bootsteps  # type: ignore
 from celery import Celery
 from celery import signals
 from celery import Task
-from celery.apps.worker import Worker
 from celery.exceptions import WorkerShutdown
 from celery.signals import celeryd_init
 from celery.signals import worker_init
 from celery.signals import worker_ready
 from celery.signals import worker_shutdown
-from redis.lock import Lock as RedisLock

-import onyx.background.celery.apps.app_base as app_base
-from onyx.background.celery.apps.app_base import task_logger
-from onyx.background.celery.celery_utils import celery_is_worker_primary
-from onyx.background.celery.tasks.indexing.utils import (
+import danswer.background.celery.apps.app_base as app_base
+from danswer.background.celery.apps.app_base import task_logger
+from danswer.background.celery.celery_utils import celery_is_worker_primary
+from danswer.background.celery.tasks.indexing.tasks import (
    get_unfenced_index_attempt_ids,
 )
-from onyx.configs.constants import CELERY_PRIMARY_WORKER_LOCK_TIMEOUT
-from onyx.configs.constants import OnyxRedisLocks
-from onyx.configs.constants import POSTGRES_CELERY_WORKER_PRIMARY_APP_NAME
-from onyx.db.engine import get_session_with_default_tenant
-from onyx.db.engine import SqlEngine
-from onyx.db.index_attempt import get_index_attempt
-from onyx.db.index_attempt import mark_attempt_canceled
-from onyx.redis.redis_connector_credential_pair import RedisConnectorCredentialPair
-from onyx.redis.redis_connector_delete import RedisConnectorDelete
-from onyx.redis.redis_connector_doc_perm_sync import RedisConnectorPermissionSync
-from onyx.redis.redis_connector_ext_group_sync import RedisConnectorExternalGroupSync
-from onyx.redis.redis_connector_index import RedisConnectorIndex
-from onyx.redis.redis_connector_prune import RedisConnectorPrune
-from onyx.redis.redis_connector_stop import RedisConnectorStop
-from onyx.redis.redis_document_set import RedisDocumentSet
-from onyx.redis.redis_pool import get_redis_client
-from onyx.redis.redis_usergroup import RedisUserGroup
-from onyx.utils.logger import setup_logger
+from danswer.configs.constants import CELERY_PRIMARY_WORKER_LOCK_TIMEOUT
+from danswer.configs.constants import DanswerRedisLocks
+from danswer.configs.constants import POSTGRES_CELERY_WORKER_PRIMARY_APP_NAME
+from danswer.db.engine import get_session_with_default_tenant
+from danswer.db.engine import SqlEngine
+from danswer.db.index_attempt import get_index_attempt
+from danswer.db.index_attempt import mark_attempt_canceled
+from danswer.redis.redis_connector_credential_pair import RedisConnectorCredentialPair
+from danswer.redis.redis_connector_delete import RedisConnectorDelete
+from danswer.redis.redis_connector_doc_perm_sync import RedisConnectorPermissionSync
+from danswer.redis.redis_connector_ext_group_sync import RedisConnectorExternalGroupSync
+from danswer.redis.redis_connector_index import RedisConnectorIndex
+from danswer.redis.redis_connector_prune import RedisConnectorPrune
+from danswer.redis.redis_connector_stop import RedisConnectorStop
+from danswer.redis.redis_document_set import RedisDocumentSet
+from danswer.redis.redis_pool import get_redis_client
+from danswer.redis.redis_usergroup import RedisUserGroup
+from danswer.utils.logger import setup_logger
 from shared_configs.configs import MULTI_TENANT

+
 logger = setup_logger()

 celery_app = Celery(__name__)
-celery_app.config_from_object("onyx.background.celery.configs.primary")
+celery_app.config_from_object("danswer.background.celery.configs.primary")


@signals.task_prerun.connect
@@ -73,27 +72,28 @@ def on_task_postrun(


@celeryd_init.connect
-def on_celeryd_init(sender: str, conf: Any = None, **kwargs: Any) -> None:
+def on_celeryd_init(sender: Any = None, conf: Any = None, **kwargs: Any) -> None:
    app_base.on_celeryd_init(sender, conf, **kwargs)


@worker_init.connect
-def on_worker_init(sender: Worker, **kwargs: Any) -> None:
+def on_worker_init(sender: Any, **kwargs: Any) -> None:
    logger.info("worker_init signal received.")
+    logger.info(f"Multiprocessing start method: {multiprocessing.get_start_method()}")

    SqlEngine.set_app_name(POSTGRES_CELERY_WORKER_PRIMARY_APP_NAME)
    SqlEngine.init_engine(pool_size=8, max_overflow=0)

+    # Startup checks are not needed in multi-tenant case
+    if MULTI_TENANT:
+        return
+
    app_base.wait_for_redis(sender, **kwargs)
    app_base.wait_for_db(sender, **kwargs)
    app_base.wait_for_vespa(sender, **kwargs)

    logger.info("Running as the primary celery worker.")

-    # Less startup checks in multi-tenant case
-    if MULTI_TENANT:
-        return
-
    # This is singleton work that should be done on startup exactly once
    # by the primary worker. This is unnecessary in the multi tenant scenario
    r = get_redis_client(tenant_id=None)
@@ -110,19 +110,15 @@ def on_worker_init(sender: Worker, **kwargs: Any) -> None:
    # For the moment, we're assuming that we are the only primary worker
    # that should be running.
    # TODO: maybe check for or clean up another zombie primary worker if we detect it
-    r.delete(OnyxRedisLocks.PRIMARY_WORKER)
+    r.delete(DanswerRedisLocks.PRIMARY_WORKER)

    # this process wide lock is taken to help other workers start up in order.
    # it is planned to use this lock to enforce singleton behavior on the primary
    # worker, since the primary worker does redis cleanup on startup, but this isn't
    # implemented yet.
-
-    # set thread_local=False since we don't control what thread the periodic task might
-    # reacquire the lock with
-    lock: RedisLock = r.lock(
-        OnyxRedisLocks.PRIMARY_WORKER,
+    lock = r.lock(
+        DanswerRedisLocks.PRIMARY_WORKER,
        timeout=CELERY_PRIMARY_WORKER_LOCK_TIMEOUT,
-        thread_local=False,
    )

    logger.info("Primary worker lock: Acquire starting.")
@@ -134,12 +130,12 @@ def on_worker_init(sender: Worker, **kwargs: Any) -> None:
        raise WorkerShutdown("Primary worker lock could not be acquired!")

    # tacking on our own user data to the sender
-    sender.primary_worker_lock = lock  # type: ignore
+    sender.primary_worker_lock = lock

    # As currently designed, when this worker starts as "primary", we reinitialize redis
    # to a clean state (for our purposes, anyway)
-    r.delete(OnyxRedisLocks.CHECK_VESPA_SYNC_BEAT_LOCK)
-    r.delete(OnyxRedisLocks.MONITOR_VESPA_SYNC_BEAT_LOCK)
+    r.delete(DanswerRedisLocks.CHECK_VESPA_SYNC_BEAT_LOCK)
+    r.delete(DanswerRedisLocks.MONITOR_VESPA_SYNC_BEAT_LOCK)

    r.delete(RedisConnectorCredentialPair.get_taskset_key())
    r.delete(RedisConnectorCredentialPair.get_fence_key())
@@ -194,10 +190,6 @@ def on_setup_logging(
 ) -> None:
    app_base.on_setup_logging(loglevel, logfile, format, colorize, **kwargs)

-    # this can be spammy, so just enable it in the cloud for now
-    if MULTI_TENANT:
-        app_base.set_task_finished_log_level(logging.INFO)
-

 class HubPeriodicTask(bootsteps.StartStopStep):
    """Regularly reacquires the primary worker lock outside of the task queue.
@@ -235,7 +227,7 @@ class HubPeriodicTask(bootsteps.StartStopStep):
            if not hasattr(worker, "primary_worker_lock"):
                return

-            lock: RedisLock = worker.primary_worker_lock
+            lock = worker.primary_worker_lock

            r = get_redis_client(tenant_id=None)

@@ -248,7 +240,7 @@ class HubPeriodicTask(bootsteps.StartStopStep):
                    "Reasons could be worker restart or lock expiration."
                )
                lock = r.lock(
-                    OnyxRedisLocks.PRIMARY_WORKER,
+                    DanswerRedisLocks.PRIMARY_WORKER,
                    timeout=CELERY_PRIMARY_WORKER_LOCK_TIMEOUT,
                )

@@ -277,14 +269,13 @@ celery_app.steps["worker"].add(HubPeriodicTask)

 celery_app.autodiscover_tasks(
    [
-        "onyx.background.celery.tasks.connector_deletion",
-        "onyx.background.celery.tasks.indexing",
-        "onyx.background.celery.tasks.periodic",
-        "onyx.background.celery.tasks.doc_permission_syncing",
-        "onyx.background.celery.tasks.external_group_syncing",
-        "onyx.background.celery.tasks.pruning",
-        "onyx.background.celery.tasks.shared",
-        "onyx.background.celery.tasks.vespa",
-        "onyx.background.celery.tasks.llm_model_update",
+        "danswer.background.celery.tasks.connector_deletion",
+        "danswer.background.celery.tasks.indexing",
+        "danswer.background.celery.tasks.periodic",
+        "danswer.background.celery.tasks.doc_permission_syncing",
+        "danswer.background.celery.tasks.external_group_syncing",
+        "danswer.background.celery.tasks.pruning",
+        "danswer.background.celery.tasks.shared",
+        "danswer.background.celery.tasks.vespa",
    ]
 )
--- a/backend/danswer/background/celery/apps/task_formatters.py
+++ b/backend/danswer/background/celery/apps/task_formatters.py
@@ -2,8 +2,8 @@ import logging

 from celery import current_task

-from onyx.utils.logger import ColoredFormatter
-from onyx.utils.logger import PlainFormatter
+from danswer.utils.logger import ColoredFormatter
+from danswer.utils.logger import PlainFormatter


 class CeleryTaskPlainFormatter(PlainFormatter):
--- a/backend/danswer/background/celery/celery_redis.py
+++ b/backend/danswer/background/celery/celery_redis.py
@@ -0,0 +1,25 @@
+# These are helper objects for tracking the keys we need to write in redis
+from typing import cast
+
+from redis import Redis
+
+from danswer.background.celery.configs.base import CELERY_SEPARATOR
+from danswer.configs.constants import DanswerCeleryPriority
+
+
+def celery_get_queue_length(queue: str, r: Redis) -> int:
+    """This is a redis specific way to get the length of a celery queue.
+    It is priority aware and knows how to count across the multiple redis lists
+    used to implement task prioritization.
+    This operation is not atomic."""
+    total_length = 0
+    for i in range(len(DanswerCeleryPriority)):
+        queue_name = queue
+        if i > 0:
+            queue_name += CELERY_SEPARATOR
+            queue_name += str(i)
+
+        length = r.llen(queue_name)
+        total_length += cast(int, length)
+
+    return total_length
--- a/backend/danswer/background/celery/celery_utils.py
+++ b/backend/danswer/background/celery/celery_utils.py
@@ -4,23 +4,22 @@ from typing import Any

 from sqlalchemy.orm import Session

-from onyx.configs.app_configs import MAX_PRUNING_DOCUMENT_RETRIEVAL_PER_MINUTE
-from onyx.connectors.cross_connector_utils.rate_limit_wrapper import (
+from danswer.configs.app_configs import MAX_PRUNING_DOCUMENT_RETRIEVAL_PER_MINUTE
+from danswer.connectors.cross_connector_utils.rate_limit_wrapper import (
    rate_limit_builder,
 )
-from onyx.connectors.interfaces import BaseConnector
-from onyx.connectors.interfaces import LoadConnector
-from onyx.connectors.interfaces import PollConnector
-from onyx.connectors.interfaces import SlimConnector
-from onyx.connectors.models import Document
-from onyx.db.connector_credential_pair import get_connector_credential_pair
-from onyx.db.enums import ConnectorCredentialPairStatus
-from onyx.db.enums import TaskStatus
-from onyx.db.models import TaskQueueState
-from onyx.indexing.indexing_heartbeat import IndexingHeartbeatInterface
-from onyx.redis.redis_connector import RedisConnector
-from onyx.server.documents.models import DeletionAttemptSnapshot
-from onyx.utils.logger import setup_logger
+from danswer.connectors.interfaces import BaseConnector
+from danswer.connectors.interfaces import LoadConnector
+from danswer.connectors.interfaces import PollConnector
+from danswer.connectors.interfaces import SlimConnector
+from danswer.connectors.models import Document
+from danswer.db.connector_credential_pair import get_connector_credential_pair
+from danswer.db.enums import TaskStatus
+from danswer.db.models import TaskQueueState
+from danswer.indexing.indexing_heartbeat import IndexingHeartbeatInterface
+from danswer.redis.redis_connector import RedisConnector
+from danswer.server.documents.models import DeletionAttemptSnapshot
+from danswer.utils.logger import setup_logger


 logger = setup_logger()
@@ -42,21 +41,14 @@ def _get_deletion_status(
        return None

    redis_connector = RedisConnector(tenant_id, cc_pair.id)
-    if redis_connector.delete.fenced:
-        return TaskQueueState(
-            task_id="",
-            task_name=redis_connector.delete.fence_key,
-            status=TaskStatus.STARTED,
-        )
+    if not redis_connector.delete.fenced:
+        return None

-    if cc_pair.status == ConnectorCredentialPairStatus.DELETING:
-        return TaskQueueState(
-            task_id="",
-            task_name=redis_connector.delete.fence_key,
-            status=TaskStatus.PENDING,
-        )
-
-    return None
+    return TaskQueueState(
+        task_id="",
+        task_name=redis_connector.delete.fence_key,
+        status=TaskStatus.STARTED,
+    )


 def get_deletion_attempt_snapshot(
--- a/backend/danswer/background/celery/configs/base.py
+++ b/backend/danswer/background/celery/configs/base.py
@@ -1,19 +1,19 @@
 # docs: https://docs.celeryq.dev/en/stable/userguide/configuration.html
 import urllib.parse

-from onyx.configs.app_configs import CELERY_BROKER_POOL_LIMIT
-from onyx.configs.app_configs import CELERY_RESULT_EXPIRES
-from onyx.configs.app_configs import REDIS_DB_NUMBER_CELERY
-from onyx.configs.app_configs import REDIS_DB_NUMBER_CELERY_RESULT_BACKEND
-from onyx.configs.app_configs import REDIS_HEALTH_CHECK_INTERVAL
-from onyx.configs.app_configs import REDIS_HOST
-from onyx.configs.app_configs import REDIS_PASSWORD
-from onyx.configs.app_configs import REDIS_PORT
-from onyx.configs.app_configs import REDIS_SSL
-from onyx.configs.app_configs import REDIS_SSL_CA_CERTS
-from onyx.configs.app_configs import REDIS_SSL_CERT_REQS
-from onyx.configs.constants import OnyxCeleryPriority
-from onyx.configs.constants import REDIS_SOCKET_KEEPALIVE_OPTIONS
+from danswer.configs.app_configs import CELERY_BROKER_POOL_LIMIT
+from danswer.configs.app_configs import CELERY_RESULT_EXPIRES
+from danswer.configs.app_configs import REDIS_DB_NUMBER_CELERY
+from danswer.configs.app_configs import REDIS_DB_NUMBER_CELERY_RESULT_BACKEND
+from danswer.configs.app_configs import REDIS_HEALTH_CHECK_INTERVAL
+from danswer.configs.app_configs import REDIS_HOST
+from danswer.configs.app_configs import REDIS_PASSWORD
+from danswer.configs.app_configs import REDIS_PORT
+from danswer.configs.app_configs import REDIS_SSL
+from danswer.configs.app_configs import REDIS_SSL_CA_CERTS
+from danswer.configs.app_configs import REDIS_SSL_CERT_REQS
+from danswer.configs.constants import DanswerCeleryPriority
+from danswer.configs.constants import REDIS_SOCKET_KEEPALIVE_OPTIONS

 CELERY_SEPARATOR = ":"

@@ -41,7 +41,7 @@ broker_pool_limit = CELERY_BROKER_POOL_LIMIT
 # redis broker settings
 # https://docs.celeryq.dev/projects/kombu/en/stable/reference/kombu.transport.redis.html
 broker_transport_options = {
-    "priority_steps": list(range(len(OnyxCeleryPriority))),
+    "priority_steps": list(range(len(DanswerCeleryPriority))),
    "sep": CELERY_SEPARATOR,
    "queue_order_strategy": "priority",
    "retry_on_timeout": True,
@@ -60,7 +60,7 @@ redis_retry_on_timeout = True
 redis_backend_health_check_interval = REDIS_HEALTH_CHECK_INTERVAL


-task_default_priority = OnyxCeleryPriority.MEDIUM
+task_default_priority = DanswerCeleryPriority.MEDIUM
 task_acks_late = True

 # region Task result backend settings
--- a/backend/danswer/background/celery/configs/beat.py
+++ b/backend/danswer/background/celery/configs/beat.py
@@ -1,5 +1,5 @@
 # docs: https://docs.celeryq.dev/en/stable/userguide/configuration.html
-import onyx.background.celery.configs.base as shared_config
+import danswer.background.celery.configs.base as shared_config

 broker_url = shared_config.broker_url
 broker_connection_retry_on_startup = shared_config.broker_connection_retry_on_startup
--- a/backend/danswer/background/celery/configs/heavy.py
+++ b/backend/danswer/background/celery/configs/heavy.py
@@ -1,4 +1,4 @@
-import onyx.background.celery.configs.base as shared_config
+import danswer.background.celery.configs.base as shared_config

 broker_url = shared_config.broker_url
 broker_connection_retry_on_startup = shared_config.broker_connection_retry_on_startup
--- a/backend/danswer/background/celery/configs/indexing.py
+++ b/backend/danswer/background/celery/configs/indexing.py
@@ -1,4 +1,5 @@
-import onyx.background.celery.configs.base as shared_config
+import danswer.background.celery.configs.base as shared_config
+from danswer.configs.app_configs import CELERY_WORKER_INDEXING_CONCURRENCY

 broker_url = shared_config.broker_url
 broker_connection_retry_on_startup = shared_config.broker_connection_retry_on_startup
@@ -15,7 +16,6 @@ result_expires = shared_config.result_expires  # 86400 seconds is the default
 task_default_priority = shared_config.task_default_priority
 task_acks_late = shared_config.task_acks_late

-# Monitoring worker specific settings
-worker_concurrency = 1  # Single worker is sufficient for monitoring
+worker_concurrency = CELERY_WORKER_INDEXING_CONCURRENCY
 worker_pool = "threads"
 worker_prefetch_multiplier = 1
--- a/backend/danswer/background/celery/configs/light.py
+++ b/backend/danswer/background/celery/configs/light.py
@@ -1,6 +1,6 @@
-import onyx.background.celery.configs.base as shared_config
-from onyx.configs.app_configs import CELERY_WORKER_LIGHT_CONCURRENCY
-from onyx.configs.app_configs import CELERY_WORKER_LIGHT_PREFETCH_MULTIPLIER
+import danswer.background.celery.configs.base as shared_config
+from danswer.configs.app_configs import CELERY_WORKER_LIGHT_CONCURRENCY
+from danswer.configs.app_configs import CELERY_WORKER_LIGHT_PREFETCH_MULTIPLIER

 broker_url = shared_config.broker_url
 broker_connection_retry_on_startup = shared_config.broker_connection_retry_on_startup
--- a/backend/danswer/background/celery/configs/primary.py
+++ b/backend/danswer/background/celery/configs/primary.py
@@ -1,4 +1,4 @@
-import onyx.background.celery.configs.base as shared_config
+import danswer.background.celery.configs.base as shared_config

 broker_url = shared_config.broker_url
 broker_connection_retry_on_startup = shared_config.broker_connection_retry_on_startup
--- a/backend/danswer/background/celery/tasks/beat_schedule.py
+++ b/backend/danswer/background/celery/tasks/beat_schedule.py
@@ -0,0 +1,60 @@
+from datetime import timedelta
+from typing import Any
+
+from danswer.configs.constants import DanswerCeleryPriority
+
+
+tasks_to_schedule = [
+    {
+        "name": "check-for-vespa-sync",
+        "task": "check_for_vespa_sync_task",
+        "schedule": timedelta(seconds=20),
+        "options": {"priority": DanswerCeleryPriority.HIGH},
+    },
+    {
+        "name": "check-for-connector-deletion",
+        "task": "check_for_connector_deletion_task",
+        "schedule": timedelta(seconds=20),
+        "options": {"priority": DanswerCeleryPriority.HIGH},
+    },
+    {
+        "name": "check-for-indexing",
+        "task": "check_for_indexing",
+        "schedule": timedelta(seconds=15),
+        "options": {"priority": DanswerCeleryPriority.HIGH},
+    },
+    {
+        "name": "check-for-prune",
+        "task": "check_for_pruning",
+        "schedule": timedelta(seconds=15),
+        "options": {"priority": DanswerCeleryPriority.HIGH},
+    },
+    {
+        "name": "kombu-message-cleanup",
+        "task": "kombu_message_cleanup_task",
+        "schedule": timedelta(seconds=3600),
+        "options": {"priority": DanswerCeleryPriority.LOWEST},
+    },
+    {
+        "name": "monitor-vespa-sync",
+        "task": "monitor_vespa_sync",
+        "schedule": timedelta(seconds=5),
+        "options": {"priority": DanswerCeleryPriority.HIGH},
+    },
+    {
+        "name": "check-for-doc-permissions-sync",
+        "task": "check_for_doc_permissions_sync",
+        "schedule": timedelta(seconds=30),
+        "options": {"priority": DanswerCeleryPriority.HIGH},
+    },
+    {
+        "name": "check-for-external-group-sync",
+        "task": "check_for_external_group_sync",
+        "schedule": timedelta(seconds=20),
+        "options": {"priority": DanswerCeleryPriority.HIGH},
+    },
+]
+
+
+def get_tasks_to_schedule() -> list[dict[str, Any]]:
+    return tasks_to_schedule
--- a/backend/danswer/background/celery/tasks/connector_deletion/tasks.py
+++ b/backend/danswer/background/celery/tasks/connector_deletion/tasks.py
@@ -5,25 +5,22 @@ from celery import Celery
 from celery import shared_task
 from celery import Task
 from celery.exceptions import SoftTimeLimitExceeded
+from redis import Redis
 from redis.lock import Lock as RedisLock
 from sqlalchemy.orm import Session

-from onyx.background.celery.apps.app_base import task_logger
-from onyx.configs.app_configs import JOB_TIMEOUT
-from onyx.configs.constants import CELERY_GENERIC_BEAT_LOCK_TIMEOUT
-from onyx.configs.constants import OnyxCeleryTask
-from onyx.configs.constants import OnyxRedisLocks
-from onyx.db.connector_credential_pair import get_connector_credential_pair_from_id
-from onyx.db.connector_credential_pair import get_connector_credential_pairs
-from onyx.db.engine import get_session_with_tenant
-from onyx.db.enums import ConnectorCredentialPairStatus
-from onyx.db.enums import SyncType
-from onyx.db.search_settings import get_all_search_settings
-from onyx.db.sync_record import cleanup_sync_records
-from onyx.db.sync_record import insert_sync_record
-from onyx.redis.redis_connector import RedisConnector
-from onyx.redis.redis_connector_delete import RedisConnectorDeletePayload
-from onyx.redis.redis_pool import get_redis_client
+from danswer.background.celery.apps.app_base import task_logger
+from danswer.configs.app_configs import JOB_TIMEOUT
+from danswer.configs.constants import CELERY_VESPA_SYNC_BEAT_LOCK_TIMEOUT
+from danswer.configs.constants import DanswerRedisLocks
+from danswer.db.connector_credential_pair import get_connector_credential_pair_from_id
+from danswer.db.connector_credential_pair import get_connector_credential_pairs
+from danswer.db.engine import get_session_with_tenant
+from danswer.db.enums import ConnectorCredentialPairStatus
+from danswer.db.search_settings import get_all_search_settings
+from danswer.redis.redis_connector import RedisConnector
+from danswer.redis.redis_connector_delete import RedisConnectorDeletePayload
+from danswer.redis.redis_pool import get_redis_client


 class TaskDependencyError(RuntimeError):
@@ -32,26 +29,24 @@ class TaskDependencyError(RuntimeError):


@shared_task(
-    name=OnyxCeleryTask.CHECK_FOR_CONNECTOR_DELETION,
+    name="check_for_connector_deletion_task",
    soft_time_limit=JOB_TIMEOUT,
    trail=False,
    bind=True,
 )
-def check_for_connector_deletion_task(
-    self: Task, *, tenant_id: str | None
-) -> bool | None:
+def check_for_connector_deletion_task(self: Task, *, tenant_id: str | None) -> None:
    r = get_redis_client(tenant_id=tenant_id)

-    lock_beat: RedisLock = r.lock(
-        OnyxRedisLocks.CHECK_CONNECTOR_DELETION_BEAT_LOCK,
-        timeout=CELERY_GENERIC_BEAT_LOCK_TIMEOUT,
+    lock_beat = r.lock(
+        DanswerRedisLocks.CHECK_CONNECTOR_DELETION_BEAT_LOCK,
+        timeout=CELERY_VESPA_SYNC_BEAT_LOCK_TIMEOUT,
    )

-    # these tasks should never overlap
-    if not lock_beat.acquire(blocking=False):
-        return None
-
    try:
+        # these tasks should never overlap
+        if not lock_beat.acquire(blocking=False):
+            return
+
        # collect cc_pair_ids
        cc_pair_ids: list[int] = []
        with get_session_with_tenant(tenant_id) as db_session:
@@ -65,7 +60,7 @@ def check_for_connector_deletion_task(
                redis_connector = RedisConnector(tenant_id, cc_pair_id)
                try:
                    try_generate_document_cc_pair_cleanup_tasks(
-                        self.app, cc_pair_id, db_session, lock_beat, tenant_id
+                        self.app, cc_pair_id, db_session, r, lock_beat, tenant_id
                    )
                except TaskDependencyError as e:
                    # this means we wanted to start deleting but dependent tasks were running
@@ -81,18 +76,17 @@ def check_for_connector_deletion_task(
            "Soft time limit exceeded, task is being terminated gracefully."
        )
    except Exception:
-        task_logger.exception("Unexpected exception during connector deletion check")
+        task_logger.exception(f"Unexpected exception: tenant={tenant_id}")
    finally:
        if lock_beat.owned():
            lock_beat.release()

-    return True
-

 def try_generate_document_cc_pair_cleanup_tasks(
    app: Celery,
    cc_pair_id: int,
    db_session: Session,
+    r: Redis,
    lock_beat: RedisLock,
    tenant_id: str | None,
 ) -> int | None:
@@ -116,21 +110,11 @@ def try_generate_document_cc_pair_cleanup_tasks(
    # we need to load the state of the object inside the fence
    # to avoid a race condition with db.commit/fence deletion
    # at the end of this taskset
-    cc_pair = get_connector_credential_pair_from_id(
-        db_session=db_session,
-        cc_pair_id=cc_pair_id,
-    )
+    cc_pair = get_connector_credential_pair_from_id(cc_pair_id, db_session)
    if not cc_pair:
        return None

    if cc_pair.status != ConnectorCredentialPairStatus.DELETING:
-        # there should be no in-progress sync records if this is up to date
-        # clean it up just in case things got into a bad state
-        cleanup_sync_records(
-            db_session=db_session,
-            entity_id=cc_pair_id,
-            sync_type=SyncType.CONNECTOR_DELETION,
-        )
        return None

    # set a basic fence to start
@@ -139,13 +123,6 @@ def try_generate_document_cc_pair_cleanup_tasks(
        submitted=datetime.now(timezone.utc),
    )

-    # create before setting fence to avoid race condition where the monitoring
-    # task updates the sync record before it is created
-    insert_sync_record(
-        db_session=db_session,
-        entity_id=cc_pair_id,
-        sync_type=SyncType.CONNECTOR_DELETION,
-    )
    redis_connector.delete.set_fence(fence_payload)

    try:
@@ -155,14 +132,14 @@ def try_generate_document_cc_pair_cleanup_tasks(
            redis_connector_index = redis_connector.new_index(search_settings.id)
            if redis_connector_index.fenced:
                raise TaskDependencyError(
-                    "Connector deletion - Delayed (indexing in progress): "
+                    f"Connector deletion - Delayed (indexing in progress): "
                    f"cc_pair={cc_pair_id} "
                    f"search_settings={search_settings.id}"
                )

        if redis_connector.prune.fenced:
            raise TaskDependencyError(
-                "Connector deletion - Delayed (pruning in progress): "
+                f"Connector deletion - Delayed (pruning in progress): "
                f"cc_pair={cc_pair_id}"
            )

@@ -199,7 +176,7 @@ def try_generate_document_cc_pair_cleanup_tasks(
        #     return 0

        task_logger.info(
-            "RedisConnectorDeletion.generate_tasks finished. "
+            f"RedisConnectorDeletion.generate_tasks finished. "
            f"cc_pair={cc_pair_id} tasks_generated={tasks_generated}"
        )

--- a/backend/danswer/background/celery/tasks/doc_permission_syncing/tasks.py
+++ b/backend/danswer/background/celery/tasks/doc_permission_syncing/tasks.py
@@ -1,8 +1,6 @@
-import time
 from datetime import datetime
 from datetime import timedelta
 from datetime import timezone
-from time import sleep
 from uuid import uuid4

 from celery import Celery
@@ -10,41 +8,34 @@ from celery import shared_task
 from celery import Task
 from celery.exceptions import SoftTimeLimitExceeded
 from redis import Redis
-from redis.lock import Lock as RedisLock

-from ee.onyx.db.connector_credential_pair import get_all_auto_sync_cc_pairs
-from ee.onyx.db.document import upsert_document_external_perms
-from ee.onyx.external_permissions.sync_params import DOC_PERMISSION_SYNC_PERIODS
-from ee.onyx.external_permissions.sync_params import DOC_PERMISSIONS_FUNC_MAP
-from ee.onyx.external_permissions.sync_params import (
-    DOC_SOURCE_TO_CHUNK_CENSORING_FUNCTION,
+from danswer.access.models import DocExternalAccess
+from danswer.background.celery.apps.app_base import task_logger
+from danswer.configs.app_configs import JOB_TIMEOUT
+from danswer.configs.constants import CELERY_PERMISSIONS_SYNC_LOCK_TIMEOUT
+from danswer.configs.constants import CELERY_VESPA_SYNC_BEAT_LOCK_TIMEOUT
+from danswer.configs.constants import DANSWER_REDIS_FUNCTION_LOCK_PREFIX
+from danswer.configs.constants import DanswerCeleryPriority
+from danswer.configs.constants import DanswerCeleryQueues
+from danswer.configs.constants import DanswerRedisLocks
+from danswer.configs.constants import DocumentSource
+from danswer.db.connector_credential_pair import get_connector_credential_pair_from_id
+from danswer.db.engine import get_session_with_tenant
+from danswer.db.enums import AccessType
+from danswer.db.enums import ConnectorCredentialPairStatus
+from danswer.db.models import ConnectorCredentialPair
+from danswer.db.users import batch_add_ext_perm_user_if_not_exists
+from danswer.redis.redis_connector import RedisConnector
+from danswer.redis.redis_connector_doc_perm_sync import (
+    RedisConnectorPermissionSyncData,
 )
-from onyx.access.models import DocExternalAccess
-from onyx.background.celery.apps.app_base import task_logger
-from onyx.configs.app_configs import JOB_TIMEOUT
-from onyx.configs.constants import CELERY_GENERIC_BEAT_LOCK_TIMEOUT
-from onyx.configs.constants import CELERY_PERMISSIONS_SYNC_LOCK_TIMEOUT
-from onyx.configs.constants import CELERY_TASK_WAIT_FOR_FENCE_TIMEOUT
-from onyx.configs.constants import DANSWER_REDIS_FUNCTION_LOCK_PREFIX
-from onyx.configs.constants import DocumentSource
-from onyx.configs.constants import OnyxCeleryPriority
-from onyx.configs.constants import OnyxCeleryQueues
-from onyx.configs.constants import OnyxCeleryTask
-from onyx.configs.constants import OnyxRedisLocks
-from onyx.db.connector_credential_pair import get_connector_credential_pair_from_id
-from onyx.db.document import upsert_document_by_connector_credential_pair
-from onyx.db.engine import get_session_with_tenant
-from onyx.db.enums import AccessType
-from onyx.db.enums import ConnectorCredentialPairStatus
-from onyx.db.models import ConnectorCredentialPair
-from onyx.db.users import batch_add_ext_perm_user_if_not_exists
-from onyx.redis.redis_connector import RedisConnector
-from onyx.redis.redis_connector_doc_perm_sync import (
-    RedisConnectorPermissionSyncPayload,
-)
-from onyx.redis.redis_pool import get_redis_client
-from onyx.utils.logger import doc_permission_sync_ctx
-from onyx.utils.logger import setup_logger
+from danswer.redis.redis_pool import get_redis_client
+from danswer.utils.logger import doc_permission_sync_ctx
+from danswer.utils.logger import setup_logger
+from ee.danswer.db.connector_credential_pair import get_all_auto_sync_cc_pairs
+from ee.danswer.db.document import upsert_document_external_perms
+from ee.danswer.external_permissions.sync_params import DOC_PERMISSION_SYNC_PERIODS
+from ee.danswer.external_permissions.sync_params import DOC_PERMISSIONS_FUNC_MAP

 logger = setup_logger()

@@ -90,23 +81,23 @@ def _is_external_doc_permissions_sync_due(cc_pair: ConnectorCredentialPair) -> b


@shared_task(
-    name=OnyxCeleryTask.CHECK_FOR_DOC_PERMISSIONS_SYNC,
+    name="check_for_doc_permissions_sync",
    soft_time_limit=JOB_TIMEOUT,
    bind=True,
 )
-def check_for_doc_permissions_sync(self: Task, *, tenant_id: str | None) -> bool | None:
+def check_for_doc_permissions_sync(self: Task, *, tenant_id: str | None) -> None:
    r = get_redis_client(tenant_id=tenant_id)

-    lock_beat: RedisLock = r.lock(
-        OnyxRedisLocks.CHECK_CONNECTOR_DOC_PERMISSIONS_SYNC_BEAT_LOCK,
-        timeout=CELERY_GENERIC_BEAT_LOCK_TIMEOUT,
+    lock_beat = r.lock(
+        DanswerRedisLocks.CHECK_CONNECTOR_DOC_PERMISSIONS_SYNC_BEAT_LOCK,
+        timeout=CELERY_VESPA_SYNC_BEAT_LOCK_TIMEOUT,
    )

-    # these tasks should never overlap
-    if not lock_beat.acquire(blocking=False):
-        return None
-
    try:
+        # these tasks should never overlap
+        if not lock_beat.acquire(blocking=False):
+            return
+
        # get all cc pairs that need to be synced
        cc_pair_ids_to_sync: list[int] = []
        with get_session_with_tenant(tenant_id) as db_session:
@@ -134,8 +125,6 @@ def check_for_doc_permissions_sync(self: Task, *, tenant_id: str | None) -> bool
        if lock_beat.owned():
            lock_beat.release()

-    return True
-

 def try_creating_permissions_sync_task(
    app: Celery,
@@ -149,7 +138,7 @@ def try_creating_permissions_sync_task(

    LOCK_TIMEOUT = 30

-    lock: RedisLock = r.lock(
+    lock = r.lock(
        DANSWER_REDIS_FUNCTION_LOCK_PREFIX + "try_generate_permissions_sync_tasks",
        timeout=LOCK_TIMEOUT,
    )
@@ -173,20 +162,20 @@ def try_creating_permissions_sync_task(

        custom_task_id = f"{redis_connector.permissions.generator_task_key}_{uuid4()}"

-        result = app.send_task(
-            OnyxCeleryTask.CONNECTOR_PERMISSION_SYNC_GENERATOR_TASK,
+        app.send_task(
+            "connector_permission_sync_generator_task",
            kwargs=dict(
                cc_pair_id=cc_pair_id,
                tenant_id=tenant_id,
            ),
-            queue=OnyxCeleryQueues.CONNECTOR_DOC_PERMISSIONS_SYNC,
+            queue=DanswerCeleryQueues.CONNECTOR_DOC_PERMISSIONS_SYNC,
            task_id=custom_task_id,
-            priority=OnyxCeleryPriority.HIGH,
+            priority=DanswerCeleryPriority.HIGH,
        )

        # set a basic fence to start
-        payload = RedisConnectorPermissionSyncPayload(
-            started=None, celery_task_id=result.id
+        payload = RedisConnectorPermissionSyncData(
+            started=None,
        )

        redis_connector.permissions.set_fence(payload)
@@ -201,7 +190,7 @@ def try_creating_permissions_sync_task(


@shared_task(
-    name=OnyxCeleryTask.CONNECTOR_PERMISSION_SYNC_GENERATOR_TASK,
+    name="connector_permission_sync_generator_task",
    acks_late=False,
    soft_time_limit=JOB_TIMEOUT,
    track_started=True,
@@ -227,45 +216,8 @@ def connector_permission_sync_generator_task(

    r = get_redis_client(tenant_id=tenant_id)

-    # this wait is needed to avoid a race condition where
-    # the primary worker sends the task and it is immediately executed
-    # before the primary worker can finalize the fence
-    start = time.monotonic()
-    while True:
-        if time.monotonic() - start > CELERY_TASK_WAIT_FOR_FENCE_TIMEOUT:
-            raise ValueError(
-                f"connector_permission_sync_generator_task - timed out waiting for fence to be ready: "
-                f"fence={redis_connector.permissions.fence_key}"
-            )
-
-        if not redis_connector.permissions.fenced:  # The fence must exist
-            raise ValueError(
-                f"connector_permission_sync_generator_task - fence not found: "
-                f"fence={redis_connector.permissions.fence_key}"
-            )
-
-        payload = redis_connector.permissions.payload  # The payload must exist
-        if not payload:
-            raise ValueError(
-                "connector_permission_sync_generator_task: payload invalid or not found"
-            )
-
-        if payload.celery_task_id is None:
-            logger.info(
-                f"connector_permission_sync_generator_task - Waiting for fence: "
-                f"fence={redis_connector.permissions.fence_key}"
-            )
-            sleep(1)
-            continue
-
-        logger.info(
-            f"connector_permission_sync_generator_task - Fence found, continuing...: "
-            f"fence={redis_connector.permissions.fence_key}"
-        )
-        break
-
-    lock: RedisLock = r.lock(
-        OnyxRedisLocks.CONNECTOR_DOC_PERMISSIONS_SYNC_LOCK_PREFIX
+    lock = r.lock(
+        DanswerRedisLocks.CONNECTOR_DOC_PERMISSIONS_SYNC_LOCK_PREFIX
        + f"_{redis_connector.id}",
        timeout=CELERY_PERMISSIONS_SYNC_LOCK_TIMEOUT,
    )
@@ -279,10 +231,7 @@ def connector_permission_sync_generator_task(

    try:
        with get_session_with_tenant(tenant_id) as db_session:
-            cc_pair = get_connector_credential_pair_from_id(
-                db_session=db_session,
-                cc_pair_id=cc_pair_id,
-            )
+            cc_pair = get_connector_credential_pair_from_id(cc_pair_id, db_session)
            if cc_pair is None:
                raise ValueError(
                    f"No connector credential pair found for id: {cc_pair_id}"
@@ -292,23 +241,14 @@ def connector_permission_sync_generator_task(

            doc_sync_func = DOC_PERMISSIONS_FUNC_MAP.get(source_type)
            if doc_sync_func is None:
-                if source_type in DOC_SOURCE_TO_CHUNK_CENSORING_FUNCTION:
-                    return None
-                raise ValueError(
-                    f"No doc sync func found for {source_type} with cc_pair={cc_pair_id}"
-                )
+                raise ValueError(f"No doc sync func found for {source_type}")

-            logger.info(f"Syncing docs for {source_type} with cc_pair={cc_pair_id}")
+            logger.info(f"Syncing docs for {source_type}")

-            payload = redis_connector.permissions.payload
-            if not payload:
-                raise ValueError(f"No fence payload found: cc_pair={cc_pair_id}")
-
-            new_payload = RedisConnectorPermissionSyncPayload(
+            payload = RedisConnectorPermissionSyncData(
                started=datetime.now(timezone.utc),
-                celery_task_id=payload.celery_task_id,
            )
-            redis_connector.permissions.set_fence(new_payload)
+            redis_connector.permissions.set_fence(payload)

            document_external_accesses: list[DocExternalAccess] = doc_sync_func(cc_pair)

@@ -316,12 +256,7 @@ def connector_permission_sync_generator_task(
                f"RedisConnector.permissions.generate_tasks starting. cc_pair={cc_pair_id}"
            )
            tasks_generated = redis_connector.permissions.generate_tasks(
-                celery_app=self.app,
-                lock=lock,
-                new_permissions=document_external_accesses,
-                source_string=source_type,
-                connector_id=cc_pair.connector.id,
-                credential_id=cc_pair.credential.id,
+                self.app, lock, document_external_accesses, source_type
            )
            if tasks_generated is None:
                return None
@@ -346,7 +281,7 @@ def connector_permission_sync_generator_task(


@shared_task(
-    name=OnyxCeleryTask.UPDATE_EXTERNAL_DOCUMENT_PERMISSIONS_TASK,
+    name="update_external_document_permissions_task",
    soft_time_limit=LIGHT_SOFT_TIME_LIMIT,
    time_limit=LIGHT_TIME_LIMIT,
    max_retries=DOCUMENT_PERMISSIONS_UPDATE_MAX_RETRIES,
@@ -357,8 +292,6 @@ def update_external_document_permissions_task(
    tenant_id: str | None,
    serialized_doc_external_access: dict,
    source_string: str,
-    connector_id: int,
-    credential_id: int,
 ) -> bool:
    document_external_access = DocExternalAccess.from_dict(
        serialized_doc_external_access
@@ -367,34 +300,22 @@ def update_external_document_permissions_task(
    external_access = document_external_access.external_access
    try:
        with get_session_with_tenant(tenant_id) as db_session:
-            # Add the users to the DB if they don't exist
+            # Then we build the update requests to update vespa
            batch_add_ext_perm_user_if_not_exists(
                db_session=db_session,
                emails=list(external_access.external_user_emails),
            )
-            # Then we upsert the document's external permissions in postgres
-            created_new_doc = upsert_document_external_perms(
+            upsert_document_external_perms(
                db_session=db_session,
                doc_id=doc_id,
                external_access=external_access,
                source_type=DocumentSource(source_string),
            )

-            if created_new_doc:
-                # If a new document was created, we associate it with the cc_pair
-                upsert_document_by_connector_credential_pair(
-                    db_session=db_session,
-                    connector_id=connector_id,
-                    credential_id=credential_id,
-                    document_ids=[doc_id],
-                )
-
            logger.debug(
                f"Successfully synced postgres document permissions for {doc_id}"
            )
        return True
    except Exception:
-        logger.exception(
-            f"Error Syncing Document Permissions: connector_id={connector_id} doc_id={doc_id}"
-        )
+        logger.exception("Error Syncing Document Permissions")
        return False
--- a/backend/danswer/background/celery/tasks/external_group_syncing/tasks.py
+++ b/backend/danswer/background/celery/tasks/external_group_syncing/tasks.py
@@ -8,38 +8,29 @@ from celery import shared_task
 from celery import Task
 from celery.exceptions import SoftTimeLimitExceeded
 from redis import Redis
-from redis.lock import Lock as RedisLock

-from ee.onyx.db.connector_credential_pair import get_all_auto_sync_cc_pairs
-from ee.onyx.db.connector_credential_pair import get_cc_pairs_by_source
-from ee.onyx.db.external_perm import ExternalUserGroup
-from ee.onyx.db.external_perm import replace_user__ext_group_for_cc_pair
-from ee.onyx.external_permissions.sync_params import EXTERNAL_GROUP_SYNC_PERIODS
-from ee.onyx.external_permissions.sync_params import GROUP_PERMISSIONS_FUNC_MAP
-from ee.onyx.external_permissions.sync_params import (
-    GROUP_PERMISSIONS_IS_CC_PAIR_AGNOSTIC,
-)
-from onyx.background.celery.apps.app_base import task_logger
-from onyx.configs.app_configs import JOB_TIMEOUT
-from onyx.configs.constants import CELERY_EXTERNAL_GROUP_SYNC_LOCK_TIMEOUT
-from onyx.configs.constants import CELERY_GENERIC_BEAT_LOCK_TIMEOUT
-from onyx.configs.constants import DANSWER_REDIS_FUNCTION_LOCK_PREFIX
-from onyx.configs.constants import OnyxCeleryPriority
-from onyx.configs.constants import OnyxCeleryQueues
-from onyx.configs.constants import OnyxCeleryTask
-from onyx.configs.constants import OnyxRedisLocks
-from onyx.db.connector import mark_cc_pair_as_external_group_synced
-from onyx.db.connector_credential_pair import get_connector_credential_pair_from_id
-from onyx.db.engine import get_session_with_tenant
-from onyx.db.enums import AccessType
-from onyx.db.enums import ConnectorCredentialPairStatus
-from onyx.db.models import ConnectorCredentialPair
-from onyx.redis.redis_connector import RedisConnector
-from onyx.redis.redis_connector_ext_group_sync import (
-    RedisConnectorExternalGroupSyncPayload,
-)
-from onyx.redis.redis_pool import get_redis_client
-from onyx.utils.logger import setup_logger
+from danswer.background.celery.apps.app_base import task_logger
+from danswer.configs.app_configs import JOB_TIMEOUT
+from danswer.configs.constants import CELERY_EXTERNAL_GROUP_SYNC_LOCK_TIMEOUT
+from danswer.configs.constants import CELERY_VESPA_SYNC_BEAT_LOCK_TIMEOUT
+from danswer.configs.constants import DANSWER_REDIS_FUNCTION_LOCK_PREFIX
+from danswer.configs.constants import DanswerCeleryPriority
+from danswer.configs.constants import DanswerCeleryQueues
+from danswer.configs.constants import DanswerRedisLocks
+from danswer.db.connector import mark_cc_pair_as_external_group_synced
+from danswer.db.connector_credential_pair import get_connector_credential_pair_from_id
+from danswer.db.engine import get_session_with_tenant
+from danswer.db.enums import AccessType
+from danswer.db.enums import ConnectorCredentialPairStatus
+from danswer.db.models import ConnectorCredentialPair
+from danswer.redis.redis_connector import RedisConnector
+from danswer.redis.redis_pool import get_redis_client
+from danswer.utils.logger import setup_logger
+from ee.danswer.db.connector_credential_pair import get_all_auto_sync_cc_pairs
+from ee.danswer.db.external_perm import ExternalUserGroup
+from ee.danswer.db.external_perm import replace_user__ext_group_for_cc_pair
+from ee.danswer.external_permissions.sync_params import EXTERNAL_GROUP_SYNC_PERIODS
+from ee.danswer.external_permissions.sync_params import GROUP_PERMISSIONS_FUNC_MAP

 logger = setup_logger()

@@ -58,7 +49,7 @@ def _is_external_group_sync_due(cc_pair: ConnectorCredentialPair) -> bool:
    if cc_pair.access_type != AccessType.SYNC:
        return False

-    # skip external group sync if not active
+    # skip pruning if not active
    if cc_pair.status != ConnectorCredentialPairStatus.ACTIVE:
        return False

@@ -90,49 +81,33 @@ def _is_external_group_sync_due(cc_pair: ConnectorCredentialPair) -> bool:


@shared_task(
-    name=OnyxCeleryTask.CHECK_FOR_EXTERNAL_GROUP_SYNC,
+    name="check_for_external_group_sync",
    soft_time_limit=JOB_TIMEOUT,
    bind=True,
 )
-def check_for_external_group_sync(self: Task, *, tenant_id: str | None) -> bool | None:
+def check_for_external_group_sync(self: Task, *, tenant_id: str | None) -> None:
    r = get_redis_client(tenant_id=tenant_id)

-    lock_beat: RedisLock = r.lock(
-        OnyxRedisLocks.CHECK_CONNECTOR_EXTERNAL_GROUP_SYNC_BEAT_LOCK,
-        timeout=CELERY_GENERIC_BEAT_LOCK_TIMEOUT,
+    lock_beat = r.lock(
+        DanswerRedisLocks.CHECK_CONNECTOR_EXTERNAL_GROUP_SYNC_BEAT_LOCK,
+        timeout=CELERY_VESPA_SYNC_BEAT_LOCK_TIMEOUT,
    )

-    # these tasks should never overlap
-    if not lock_beat.acquire(blocking=False):
-        return None
-
    try:
+        # these tasks should never overlap
+        if not lock_beat.acquire(blocking=False):
+            return
+
        cc_pair_ids_to_sync: list[int] = []
        with get_session_with_tenant(tenant_id) as db_session:
            cc_pairs = get_all_auto_sync_cc_pairs(db_session)

-            # We only want to sync one cc_pair per source type in
-            # GROUP_PERMISSIONS_IS_CC_PAIR_AGNOSTIC
-            for source in GROUP_PERMISSIONS_IS_CC_PAIR_AGNOSTIC:
-                # These are ordered by cc_pair id so the first one is the one we want
-                cc_pairs_to_dedupe = get_cc_pairs_by_source(
-                    db_session, source, only_sync=True
-                )
-                # We only want to sync one cc_pair per source type
-                # in GROUP_PERMISSIONS_IS_CC_PAIR_AGNOSTIC so we dedupe here
-                for cc_pair_to_remove in cc_pairs_to_dedupe[1:]:
-                    cc_pairs = [
-                        cc_pair
-                        for cc_pair in cc_pairs
-                        if cc_pair.id != cc_pair_to_remove.id
-                    ]
-
            for cc_pair in cc_pairs:
                if _is_external_group_sync_due(cc_pair):
                    cc_pair_ids_to_sync.append(cc_pair.id)

        for cc_pair_id in cc_pair_ids_to_sync:
-            tasks_created = try_creating_external_group_sync_task(
+            tasks_created = try_creating_permissions_sync_task(
                self.app, cc_pair_id, r, tenant_id
            )
            if not tasks_created:
@@ -149,10 +124,8 @@ def check_for_external_group_sync(self: Task, *, tenant_id: str | None) -> bool
        if lock_beat.owned():
            lock_beat.release()

-    return True

-
-def try_creating_external_group_sync_task(
+def try_creating_permissions_sync_task(
    app: Celery,
    cc_pair_id: int,
    r: Redis,
@@ -164,7 +137,7 @@ def try_creating_external_group_sync_task(

    LOCK_TIMEOUT = 30

-    lock: RedisLock = r.lock(
+    lock = r.lock(
        DANSWER_REDIS_FUNCTION_LOCK_PREFIX + "try_generate_external_group_sync_tasks",
        timeout=LOCK_TIMEOUT,
    )
@@ -183,23 +156,18 @@ def try_creating_external_group_sync_task(

        custom_task_id = f"{redis_connector.external_group_sync.taskset_key}_{uuid4()}"

-        result = app.send_task(
-            OnyxCeleryTask.CONNECTOR_EXTERNAL_GROUP_SYNC_GENERATOR_TASK,
+        _ = app.send_task(
+            "connector_external_group_sync_generator_task",
            kwargs=dict(
                cc_pair_id=cc_pair_id,
                tenant_id=tenant_id,
            ),
-            queue=OnyxCeleryQueues.CONNECTOR_EXTERNAL_GROUP_SYNC,
+            queue=DanswerCeleryQueues.CONNECTOR_EXTERNAL_GROUP_SYNC,
            task_id=custom_task_id,
-            priority=OnyxCeleryPriority.HIGH,
+            priority=DanswerCeleryPriority.HIGH,
        )
-
-        payload = RedisConnectorExternalGroupSyncPayload(
-            started=datetime.now(timezone.utc),
-            celery_task_id=result.id,
-        )
-
-        redis_connector.external_group_sync.set_fence(payload)
+        # set a basic fence to start
+        redis_connector.external_group_sync.set_fence(True)

    except Exception:
        task_logger.exception(
@@ -214,7 +182,7 @@ def try_creating_external_group_sync_task(


@shared_task(
-    name=OnyxCeleryTask.CONNECTOR_EXTERNAL_GROUP_SYNC_GENERATOR_TASK,
+    name="connector_external_group_sync_generator_task",
    acks_late=False,
    soft_time_limit=JOB_TIMEOUT,
    track_started=True,
@@ -227,7 +195,7 @@ def connector_external_group_sync_generator_task(
    tenant_id: str | None,
 ) -> None:
    """
-    Permission sync task that handles external group syncing for a given connector credential pair
+    Permission sync task that handles document permission syncing for a given connector credential pair
    This task assumes that the task has already been properly fenced
    """

@@ -235,8 +203,8 @@ def connector_external_group_sync_generator_task(

    r = get_redis_client(tenant_id=tenant_id)

-    lock: RedisLock = r.lock(
-        OnyxRedisLocks.CONNECTOR_EXTERNAL_GROUP_SYNC_LOCK_PREFIX
+    lock = r.lock(
+        DanswerRedisLocks.CONNECTOR_EXTERNAL_GROUP_SYNC_LOCK_PREFIX
        + f"_{redis_connector.id}",
        timeout=CELERY_EXTERNAL_GROUP_SYNC_LOCK_TIMEOUT,
    )
@@ -250,10 +218,7 @@ def connector_external_group_sync_generator_task(
            return None

        with get_session_with_tenant(tenant_id) as db_session:
-            cc_pair = get_connector_credential_pair_from_id(
-                db_session=db_session,
-                cc_pair_id=cc_pair_id,
-            )
+            cc_pair = get_connector_credential_pair_from_id(cc_pair_id, db_session)
            if cc_pair is None:
                raise ValueError(
                    f"No connector credential pair found for id: {cc_pair_id}"
@@ -263,13 +228,9 @@ def connector_external_group_sync_generator_task(

            ext_group_sync_func = GROUP_PERMISSIONS_FUNC_MAP.get(source_type)
            if ext_group_sync_func is None:
-                raise ValueError(
-                    f"No external group sync func found for {source_type} for cc_pair: {cc_pair_id}"
-                )
+                raise ValueError(f"No external group sync func found for {source_type}")

-            logger.info(
-                f"Syncing external groups for {source_type} for cc_pair: {cc_pair_id}"
-            )
+            logger.info(f"Syncing docs for {source_type}")

            external_user_groups: list[ExternalUserGroup] = ext_group_sync_func(cc_pair)

@@ -288,6 +249,7 @@ def connector_external_group_sync_generator_task(
            )

            mark_cc_pair_as_external_group_synced(db_session, cc_pair.id)
+
    except Exception as e:
        task_logger.exception(
            f"Failed to run external group sync: cc_pair={cc_pair_id}"
@@ -298,6 +260,6 @@ def connector_external_group_sync_generator_task(
        raise e
    finally:
        # we always want to clear the fence after the task is done or failed so it doesn't get stuck
-        redis_connector.external_group_sync.set_fence(None)
+        redis_connector.external_group_sync.set_fence(False)
        if lock.owned():
            lock.release()
--- a/backend/danswer/background/celery/tasks/indexing/tasks.py
+++ b/backend/danswer/background/celery/tasks/indexing/tasks.py
@@ -0,0 +1,797 @@
+from datetime import datetime
+from datetime import timezone
+from http import HTTPStatus
+from time import sleep
+
+import redis
+import sentry_sdk
+from celery import Celery
+from celery import shared_task
+from celery import Task
+from celery.exceptions import SoftTimeLimitExceeded
+from redis import Redis
+from redis.exceptions import LockError
+from redis.lock import Lock as RedisLock
+from sqlalchemy.orm import Session
+
+from danswer.background.celery.apps.app_base import task_logger
+from danswer.background.indexing.job_client import SimpleJobClient
+from danswer.background.indexing.run_indexing import run_indexing_entrypoint
+from danswer.configs.app_configs import DISABLE_INDEX_UPDATE_ON_SWAP
+from danswer.configs.constants import CELERY_INDEXING_LOCK_TIMEOUT
+from danswer.configs.constants import CELERY_VESPA_SYNC_BEAT_LOCK_TIMEOUT
+from danswer.configs.constants import DANSWER_REDIS_FUNCTION_LOCK_PREFIX
+from danswer.configs.constants import DanswerCeleryPriority
+from danswer.configs.constants import DanswerCeleryQueues
+from danswer.configs.constants import DanswerRedisLocks
+from danswer.configs.constants import DocumentSource
+from danswer.db.connector_credential_pair import fetch_connector_credential_pairs
+from danswer.db.connector_credential_pair import get_connector_credential_pair_from_id
+from danswer.db.engine import get_db_current_time
+from danswer.db.engine import get_session_with_tenant
+from danswer.db.enums import ConnectorCredentialPairStatus
+from danswer.db.enums import IndexingStatus
+from danswer.db.enums import IndexModelStatus
+from danswer.db.index_attempt import create_index_attempt
+from danswer.db.index_attempt import delete_index_attempt
+from danswer.db.index_attempt import get_all_index_attempts_by_status
+from danswer.db.index_attempt import get_index_attempt
+from danswer.db.index_attempt import get_last_attempt_for_cc_pair
+from danswer.db.index_attempt import mark_attempt_failed
+from danswer.db.models import ConnectorCredentialPair
+from danswer.db.models import IndexAttempt
+from danswer.db.models import SearchSettings
+from danswer.db.search_settings import get_current_search_settings
+from danswer.db.search_settings import get_secondary_search_settings
+from danswer.db.swap_index import check_index_swap
+from danswer.indexing.indexing_heartbeat import IndexingHeartbeatInterface
+from danswer.natural_language_processing.search_nlp_models import EmbeddingModel
+from danswer.natural_language_processing.search_nlp_models import warm_up_bi_encoder
+from danswer.redis.redis_connector import RedisConnector
+from danswer.redis.redis_connector_index import RedisConnectorIndex
+from danswer.redis.redis_connector_index import RedisConnectorIndexPayload
+from danswer.redis.redis_pool import get_redis_client
+from danswer.utils.logger import setup_logger
+from danswer.utils.variable_functionality import global_version
+from shared_configs.configs import INDEXING_MODEL_SERVER_HOST
+from shared_configs.configs import INDEXING_MODEL_SERVER_PORT
+from shared_configs.configs import MULTI_TENANT
+from shared_configs.configs import SENTRY_DSN
+
+logger = setup_logger()
+
+
+class IndexingCallback(IndexingHeartbeatInterface):
+    def __init__(
+        self,
+        stop_key: str,
+        generator_progress_key: str,
+        redis_lock: RedisLock,
+        redis_client: Redis,
+    ):
+        super().__init__()
+        self.redis_lock: RedisLock = redis_lock
+        self.stop_key: str = stop_key
+        self.generator_progress_key: str = generator_progress_key
+        self.redis_client = redis_client
+        self.started: datetime = datetime.now(timezone.utc)
+        self.redis_lock.reacquire()
+
+        self.last_tag: str = "IndexingCallback.__init__"
+        self.last_lock_reacquire: datetime = datetime.now(timezone.utc)
+
+    def should_stop(self) -> bool:
+        if self.redis_client.exists(self.stop_key):
+            return True
+        return False
+
+    def progress(self, tag: str, amount: int) -> None:
+        try:
+            self.redis_lock.reacquire()
+            self.last_tag = tag
+            self.last_lock_reacquire = datetime.now(timezone.utc)
+        except LockError:
+            logger.exception(
+                f"IndexingCallback - lock.reacquire exceptioned. "
+                f"lock_timeout={self.redis_lock.timeout} "
+                f"start={self.started} "
+                f"last_tag={self.last_tag} "
+                f"last_reacquired={self.last_lock_reacquire} "
+                f"now={datetime.now(timezone.utc)}"
+            )
+            raise
+
+        self.redis_client.incrby(self.generator_progress_key, amount)
+
+
+def get_unfenced_index_attempt_ids(db_session: Session, r: redis.Redis) -> list[int]:
+    """Gets a list of unfenced index attempts. Should not be possible, so we'd typically
+    want to clean them up.
+
+    Unfenced = attempt not in terminal state and fence does not exist.
+    """
+    unfenced_attempts: list[int] = []
+
+    # inner/outer/inner double check pattern to avoid race conditions when checking for
+    # bad state
+    # inner = index_attempt in non terminal state
+    # outer = r.fence_key down
+
+    # check the db for index attempts in a non terminal state
+    attempts: list[IndexAttempt] = []
+    attempts.extend(
+        get_all_index_attempts_by_status(IndexingStatus.NOT_STARTED, db_session)
+    )
+    attempts.extend(
+        get_all_index_attempts_by_status(IndexingStatus.IN_PROGRESS, db_session)
+    )
+
+    for attempt in attempts:
+        fence_key = RedisConnectorIndex.fence_key_with_ids(
+            attempt.connector_credential_pair_id, attempt.search_settings_id
+        )
+
+        # if the fence is down / doesn't exist, possible error but not confirmed
+        if r.exists(fence_key):
+            continue
+
+        # Between the time the attempts are first looked up and the time we see the fence down,
+        # the attempt may have completed and taken down the fence normally.
+
+        # We need to double check that the index attempt is still in a non terminal state
+        # and matches the original state, which confirms we are really in a bad state.
+        attempt_2 = get_index_attempt(db_session, attempt.id)
+        if not attempt_2:
+            continue
+
+        if attempt.status != attempt_2.status:
+            continue
+
+        unfenced_attempts.append(attempt.id)
+
+    return unfenced_attempts
+
+
+@shared_task(
+    name="check_for_indexing",
+    soft_time_limit=300,
+    bind=True,
+)
+def check_for_indexing(self: Task, *, tenant_id: str | None) -> int | None:
+    tasks_created = 0
+
+    r = get_redis_client(tenant_id=tenant_id)
+
+    lock_beat: RedisLock = r.lock(
+        DanswerRedisLocks.CHECK_INDEXING_BEAT_LOCK,
+        timeout=CELERY_VESPA_SYNC_BEAT_LOCK_TIMEOUT,
+    )
+
+    try:
+        # these tasks should never overlap
+        if not lock_beat.acquire(blocking=False):
+            return None
+
+        # check for search settings swap
+        with get_session_with_tenant(tenant_id=tenant_id) as db_session:
+            old_search_settings = check_index_swap(db_session=db_session)
+            current_search_settings = get_current_search_settings(db_session)
+            # So that the first time users aren't surprised by really slow speed of first
+            # batch of documents indexed
+            if current_search_settings.provider_type is None and not MULTI_TENANT:
+                if old_search_settings:
+                    embedding_model = EmbeddingModel.from_db_model(
+                        search_settings=current_search_settings,
+                        server_host=INDEXING_MODEL_SERVER_HOST,
+                        server_port=INDEXING_MODEL_SERVER_PORT,
+                    )
+
+                    # only warm up if search settings were changed
+                    warm_up_bi_encoder(
+                        embedding_model=embedding_model,
+                    )
+
+        # gather cc_pair_ids
+        cc_pair_ids: list[int] = []
+        with get_session_with_tenant(tenant_id) as db_session:
+            lock_beat.reacquire()
+            cc_pairs = fetch_connector_credential_pairs(db_session)
+            for cc_pair_entry in cc_pairs:
+                cc_pair_ids.append(cc_pair_entry.id)
+
+        # kick off index attempts
+        for cc_pair_id in cc_pair_ids:
+            lock_beat.reacquire()
+
+            redis_connector = RedisConnector(tenant_id, cc_pair_id)
+            with get_session_with_tenant(tenant_id) as db_session:
+                # Get the primary search settings
+                primary_search_settings = get_current_search_settings(db_session)
+                search_settings = [primary_search_settings]
+
+                # Check for secondary search settings
+                secondary_search_settings = get_secondary_search_settings(db_session)
+                if secondary_search_settings is not None:
+                    # If secondary settings exist, add them to the list
+                    search_settings.append(secondary_search_settings)
+
+                for search_settings_instance in search_settings:
+                    redis_connector_index = redis_connector.new_index(
+                        search_settings_instance.id
+                    )
+                    if redis_connector_index.fenced:
+                        continue
+
+                    cc_pair = get_connector_credential_pair_from_id(
+                        cc_pair_id, db_session
+                    )
+                    if not cc_pair:
+                        continue
+
+                    last_attempt = get_last_attempt_for_cc_pair(
+                        cc_pair.id, search_settings_instance.id, db_session
+                    )
+                    if not _should_index(
+                        cc_pair=cc_pair,
+                        last_index=last_attempt,
+                        search_settings_instance=search_settings_instance,
+                        secondary_index_building=len(search_settings) > 1,
+                        db_session=db_session,
+                    ):
+                        continue
+
+                    # using a task queue and only allowing one task per cc_pair/search_setting
+                    # prevents us from starving out certain attempts
+                    attempt_id = try_creating_indexing_task(
+                        self.app,
+                        cc_pair,
+                        search_settings_instance,
+                        False,
+                        db_session,
+                        r,
+                        tenant_id,
+                    )
+                    if attempt_id:
+                        task_logger.info(
+                            f"Connector indexing queued: "
+                            f"index_attempt={attempt_id} "
+                            f"cc_pair={cc_pair.id} "
+                            f"search_settings={search_settings_instance.id} "
+                        )
+                        tasks_created += 1
+
+        # Fail any index attempts in the DB that don't have fences
+        # This shouldn't ever happen!
+        with get_session_with_tenant(tenant_id) as db_session:
+            unfenced_attempt_ids = get_unfenced_index_attempt_ids(db_session, r)
+            for attempt_id in unfenced_attempt_ids:
+                lock_beat.reacquire()
+
+                attempt = get_index_attempt(db_session, attempt_id)
+                if not attempt:
+                    continue
+
+                failure_reason = (
+                    f"Unfenced index attempt found in DB: "
+                    f"index_attempt={attempt.id} "
+                    f"cc_pair={attempt.connector_credential_pair_id} "
+                    f"search_settings={attempt.search_settings_id}"
+                )
+                task_logger.error(failure_reason)
+                mark_attempt_failed(
+                    attempt.id, db_session, failure_reason=failure_reason
+                )
+
+    except SoftTimeLimitExceeded:
+        task_logger.info(
+            "Soft time limit exceeded, task is being terminated gracefully."
+        )
+    except Exception:
+        task_logger.exception(f"Unexpected exception: tenant={tenant_id}")
+    finally:
+        if lock_beat.owned():
+            lock_beat.release()
+        else:
+            task_logger.error(
+                "check_for_indexing - Lock not owned on completion: "
+                f"tenant={tenant_id}"
+            )
+
+    return tasks_created
+
+
+def _should_index(
+    cc_pair: ConnectorCredentialPair,
+    last_index: IndexAttempt | None,
+    search_settings_instance: SearchSettings,
+    secondary_index_building: bool,
+    db_session: Session,
+) -> bool:
+    """Checks various global settings and past indexing attempts to determine if
+    we should try to start indexing the cc pair / search setting combination.
+
+    Note that tactical checks such as preventing overlap with a currently running task
+    are not handled here.
+
+    Return True if we should try to index, False if not.
+    """
+    connector = cc_pair.connector
+
+    # uncomment for debugging
+    # task_logger.info(f"_should_index: "
+    #                  f"cc_pair={cc_pair.id} "
+    #                  f"connector={cc_pair.connector_id} "
+    #                  f"refresh_freq={connector.refresh_freq}")
+
+    # don't kick off indexing for `NOT_APPLICABLE` sources
+    if connector.source == DocumentSource.NOT_APPLICABLE:
+        return False
+
+    # User can still manually create single indexing attempts via the UI for the
+    # currently in use index
+    if DISABLE_INDEX_UPDATE_ON_SWAP:
+        if (
+            search_settings_instance.status == IndexModelStatus.PRESENT
+            and secondary_index_building
+        ):
+            return False
+
+    # When switching over models, always index at least once
+    if search_settings_instance.status == IndexModelStatus.FUTURE:
+        if last_index:
+            # No new index if the last index attempt succeeded
+            # Once is enough. The model will never be able to swap otherwise.
+            if last_index.status == IndexingStatus.SUCCESS:
+                return False
+
+            # No new index if the last index attempt is waiting to start
+            if last_index.status == IndexingStatus.NOT_STARTED:
+                return False
+
+            # No new index if the last index attempt is running
+            if last_index.status == IndexingStatus.IN_PROGRESS:
+                return False
+        else:
+            if (
+                connector.id == 0 or connector.source == DocumentSource.INGESTION_API
+            ):  # Ingestion API
+                return False
+        return True
+
+    # If the connector is paused or is the ingestion API, don't index
+    # NOTE: during an embedding model switch over, the following logic
+    # is bypassed by the above check for a future model
+    if (
+        not cc_pair.status.is_active()
+        or connector.id == 0
+        or connector.source == DocumentSource.INGESTION_API
+    ):
+        return False
+
+    # if no attempt has ever occurred, we should index regardless of refresh_freq
+    if not last_index:
+        return True
+
+    if connector.refresh_freq is None:
+        return False
+
+    current_db_time = get_db_current_time(db_session)
+    time_since_index = current_db_time - last_index.time_updated
+    if time_since_index.total_seconds() < connector.refresh_freq:
+        return False
+
+    return True
+
+
+def try_creating_indexing_task(
+    celery_app: Celery,
+    cc_pair: ConnectorCredentialPair,
+    search_settings: SearchSettings,
+    reindex: bool,
+    db_session: Session,
+    r: Redis,
+    tenant_id: str | None,
+) -> int | None:
+    """Checks for any conditions that should block the indexing task from being
+    created, then creates the task.
+
+    Does not check for scheduling related conditions as this function
+    is used to trigger indexing immediately.
+    """
+
+    LOCK_TIMEOUT = 30
+    index_attempt_id: int | None = None
+
+    # we need to serialize any attempt to trigger indexing since it can be triggered
+    # either via celery beat or manually (API call)
+    lock: RedisLock = r.lock(
+        DANSWER_REDIS_FUNCTION_LOCK_PREFIX + "try_creating_indexing_task",
+        timeout=LOCK_TIMEOUT,
+    )
+
+    acquired = lock.acquire(blocking_timeout=LOCK_TIMEOUT / 2)
+    if not acquired:
+        return None
+
+    try:
+        redis_connector = RedisConnector(tenant_id, cc_pair.id)
+        redis_connector_index = redis_connector.new_index(search_settings.id)
+
+        # skip if already indexing
+        if redis_connector_index.fenced:
+            return None
+
+        # skip indexing if the cc_pair is deleting
+        if redis_connector.delete.fenced:
+            return None
+
+        db_session.refresh(cc_pair)
+        if cc_pair.status == ConnectorCredentialPairStatus.DELETING:
+            return None
+
+        # add a long running generator task to the queue
+        redis_connector_index.generator_clear()
+
+        # set a basic fence to start
+        payload = RedisConnectorIndexPayload(
+            index_attempt_id=None,
+            started=None,
+            submitted=datetime.now(timezone.utc),
+            celery_task_id=None,
+        )
+
+        redis_connector_index.set_fence(payload)
+
+        # create the index attempt for tracking purposes
+        # code elsewhere checks for index attempts without an associated redis key
+        # and cleans them up
+        # therefore we must create the attempt and the task after the fence goes up
+        index_attempt_id = create_index_attempt(
+            cc_pair.id,
+            search_settings.id,
+            from_beginning=reindex,
+            db_session=db_session,
+        )
+
+        custom_task_id = redis_connector_index.generate_generator_task_id()
+
+        # when the task is sent, we have yet to finish setting up the fence
+        # therefore, the task must contain code that blocks until the fence is ready
+        result = celery_app.send_task(
+            "connector_indexing_proxy_task",
+            kwargs=dict(
+                index_attempt_id=index_attempt_id,
+                cc_pair_id=cc_pair.id,
+                search_settings_id=search_settings.id,
+                tenant_id=tenant_id,
+            ),
+            queue=DanswerCeleryQueues.CONNECTOR_INDEXING,
+            task_id=custom_task_id,
+            priority=DanswerCeleryPriority.MEDIUM,
+        )
+        if not result:
+            raise RuntimeError("send_task for connector_indexing_proxy_task failed.")
+
+        # now fill out the fence with the rest of the data
+        payload.index_attempt_id = index_attempt_id
+        payload.celery_task_id = result.id
+        redis_connector_index.set_fence(payload)
+    except Exception:
+        task_logger.exception(
+            f"try_creating_indexing_task - Unexpected exception: "
+            f"tenant={tenant_id} "
+            f"cc_pair={cc_pair.id} "
+            f"search_settings={search_settings.id}"
+        )
+
+        if index_attempt_id is not None:
+            delete_index_attempt(db_session, index_attempt_id)
+        redis_connector_index.set_fence(None)
+        return None
+    finally:
+        if lock.owned():
+            lock.release()
+
+    return index_attempt_id
+
+
+@shared_task(name="connector_indexing_proxy_task", acks_late=False, track_started=True)
+def connector_indexing_proxy_task(
+    index_attempt_id: int,
+    cc_pair_id: int,
+    search_settings_id: int,
+    tenant_id: str | None,
+) -> None:
+    """celery tasks are forked, but forking is unstable.  This proxies work to a spawned task."""
+    task_logger.info(
+        f"Indexing watchdog - starting: attempt={index_attempt_id} "
+        f"tenant={tenant_id} "
+        f"cc_pair={cc_pair_id} "
+        f"search_settings={search_settings_id}"
+    )
+    client = SimpleJobClient()
+
+    job = client.submit(
+        connector_indexing_task_wrapper,
+        index_attempt_id,
+        cc_pair_id,
+        search_settings_id,
+        tenant_id,
+        global_version.is_ee_version(),
+        pure=False,
+    )
+
+    if not job:
+        task_logger.info(
+            f"Indexing watchdog - spawn failed: attempt={index_attempt_id} "
+            f"tenant={tenant_id} "
+            f"cc_pair={cc_pair_id} "
+            f"search_settings={search_settings_id}"
+        )
+        return
+
+    task_logger.info(
+        f"Indexing watchdog - spawn succeeded: attempt={index_attempt_id} "
+        f"tenant={tenant_id} "
+        f"cc_pair={cc_pair_id} "
+        f"search_settings={search_settings_id}"
+    )
+
+    while True:
+        sleep(10)
+
+        # do nothing for ongoing jobs that haven't been stopped
+        if not job.done():
+            with get_session_with_tenant(tenant_id) as db_session:
+                index_attempt = get_index_attempt(
+                    db_session=db_session, index_attempt_id=index_attempt_id
+                )
+
+                if not index_attempt:
+                    continue
+
+                if not index_attempt.is_finished():
+                    continue
+
+        if job.status == "error":
+            task_logger.error(
+                f"Indexing watchdog - spawned task exceptioned: "
+                f"attempt={index_attempt_id} "
+                f"tenant={tenant_id} "
+                f"cc_pair={cc_pair_id} "
+                f"search_settings={search_settings_id} "
+                f"error={job.exception()}"
+            )
+
+        job.release()
+        break
+
+    task_logger.info(
+        f"Indexing watchdog - finished: attempt={index_attempt_id} "
+        f"tenant={tenant_id} "
+        f"cc_pair={cc_pair_id} "
+        f"search_settings={search_settings_id}"
+    )
+    return
+
+
+def connector_indexing_task_wrapper(
+    index_attempt_id: int,
+    cc_pair_id: int,
+    search_settings_id: int,
+    tenant_id: str | None,
+    is_ee: bool,
+) -> int | None:
+    """Just wraps connector_indexing_task so we can log any exceptions before
+    re-raising it."""
+    result: int | None = None
+
+    try:
+        result = connector_indexing_task(
+            index_attempt_id,
+            cc_pair_id,
+            search_settings_id,
+            tenant_id,
+            is_ee,
+        )
+    except:
+        logger.exception(
+            f"connector_indexing_task exceptioned: "
+            f"tenant={tenant_id} "
+            f"index_attempt={index_attempt_id} "
+            f"cc_pair={cc_pair_id} "
+            f"search_settings={search_settings_id}"
+        )
+        raise
+
+    return result
+
+
+def connector_indexing_task(
+    index_attempt_id: int,
+    cc_pair_id: int,
+    search_settings_id: int,
+    tenant_id: str | None,
+    is_ee: bool,
+) -> int | None:
+    """Indexing task. For a cc pair, this task pulls all document IDs from the source
+    and compares those IDs to locally stored documents and deletes all locally stored IDs missing
+    from the most recently pulled document ID list
+
+    acks_late must be set to False. Otherwise, celery's visibility timeout will
+    cause any task that runs longer than the timeout to be redispatched by the broker.
+    There appears to be no good workaround for this, so we need to handle redispatching
+    manually.
+
+    Returns None if the task did not run (possibly due to a conflict).
+    Otherwise, returns an int >= 0 representing the number of indexed docs.
+
+    NOTE: if an exception is raised out of this task, the primary worker will detect
+    that the task transitioned to a "READY" state but the generator_complete_key doesn't exist.
+    This will cause the primary worker to abort the indexing attempt and clean up.
+    """
+
+    # Since connector_indexing_proxy_task spawns a new process using this function as
+    # the entrypoint, we init Sentry here.
+    if SENTRY_DSN:
+        sentry_sdk.init(
+            dsn=SENTRY_DSN,
+            traces_sample_rate=0.1,
+        )
+        logger.info("Sentry initialized")
+    else:
+        logger.debug("Sentry DSN not provided, skipping Sentry initialization")
+
+    logger.info(
+        f"Indexing spawned task starting: "
+        f"attempt={index_attempt_id} "
+        f"tenant={tenant_id} "
+        f"cc_pair={cc_pair_id} "
+        f"search_settings={search_settings_id}"
+    )
+
+    attempt_found = False
+    n_final_progress: int | None = None
+
+    redis_connector = RedisConnector(tenant_id, cc_pair_id)
+    redis_connector_index = redis_connector.new_index(search_settings_id)
+
+    r = get_redis_client(tenant_id=tenant_id)
+
+    if redis_connector.delete.fenced:
+        raise RuntimeError(
+            f"Indexing will not start because connector deletion is in progress: "
+            f"attempt={index_attempt_id} "
+            f"cc_pair={cc_pair_id} "
+            f"fence={redis_connector.delete.fence_key}"
+        )
+
+    if redis_connector.stop.fenced:
+        raise RuntimeError(
+            f"Indexing will not start because a connector stop signal was detected: "
+            f"attempt={index_attempt_id} "
+            f"cc_pair={cc_pair_id} "
+            f"fence={redis_connector.stop.fence_key}"
+        )
+
+    while True:
+        if not redis_connector_index.fenced:  # The fence must exist
+            raise ValueError(
+                f"connector_indexing_task - fence not found: fence={redis_connector_index.fence_key}"
+            )
+
+        payload = redis_connector_index.payload  # The payload must exist
+        if not payload:
+            raise ValueError("connector_indexing_task: payload invalid or not found")
+
+        if payload.index_attempt_id is None or payload.celery_task_id is None:
+            logger.info(
+                f"connector_indexing_task - Waiting for fence: fence={redis_connector_index.fence_key}"
+            )
+            sleep(1)
+            continue
+
+        if payload.index_attempt_id != index_attempt_id:
+            raise ValueError(
+                f"connector_indexing_task - id mismatch. Task may be left over from previous run.: "
+                f"task_index_attempt={index_attempt_id} "
+                f"payload_index_attempt={payload.index_attempt_id}"
+            )
+
+        logger.info(
+            f"connector_indexing_task - Fence found, continuing...: fence={redis_connector_index.fence_key}"
+        )
+        break
+
+    lock: RedisLock = r.lock(
+        redis_connector_index.generator_lock_key,
+        timeout=CELERY_INDEXING_LOCK_TIMEOUT,
+    )
+
+    acquired = lock.acquire(blocking=False)
+    if not acquired:
+        logger.warning(
+            f"Indexing task already running, exiting...: "
+            f"index_attempt={index_attempt_id} cc_pair={cc_pair_id} search_settings={search_settings_id}"
+        )
+        return None
+
+    payload.started = datetime.now(timezone.utc)
+    redis_connector_index.set_fence(payload)
+
+    try:
+        with get_session_with_tenant(tenant_id) as db_session:
+            attempt = get_index_attempt(db_session, index_attempt_id)
+            if not attempt:
+                raise ValueError(
+                    f"Index attempt not found: index_attempt={index_attempt_id}"
+                )
+            attempt_found = True
+
+            cc_pair = get_connector_credential_pair_from_id(
+                cc_pair_id=cc_pair_id,
+                db_session=db_session,
+            )
+
+            if not cc_pair:
+                raise ValueError(f"cc_pair not found: cc_pair={cc_pair_id}")
+
+            if not cc_pair.connector:
+                raise ValueError(
+                    f"Connector not found: cc_pair={cc_pair_id} connector={cc_pair.connector_id}"
+                )
+
+            if not cc_pair.credential:
+                raise ValueError(
+                    f"Credential not found: cc_pair={cc_pair_id} credential={cc_pair.credential_id}"
+                )
+
+        # define a callback class
+        callback = IndexingCallback(
+            redis_connector.stop.fence_key,
+            redis_connector_index.generator_progress_key,
+            lock,
+            r,
+        )
+
+        logger.info(
+            f"Indexing spawned task running entrypoint: attempt={index_attempt_id} "
+            f"tenant={tenant_id} "
+            f"cc_pair={cc_pair_id} "
+            f"search_settings={search_settings_id}"
+        )
+
+        run_indexing_entrypoint(
+            index_attempt_id,
+            tenant_id,
+            cc_pair_id,
+            is_ee,
+            callback=callback,
+        )
+
+        # get back the total number of indexed docs and return it
+        n_final_progress = redis_connector_index.get_progress()
+        redis_connector_index.set_generator_complete(HTTPStatus.OK.value)
+    except Exception as e:
+        logger.exception(
+            f"Indexing spawned task failed: attempt={index_attempt_id} "
+            f"tenant={tenant_id} "
+            f"cc_pair={cc_pair_id} "
+            f"search_settings={search_settings_id}"
+        )
+        if attempt_found:
+            with get_session_with_tenant(tenant_id) as db_session:
+                mark_attempt_failed(index_attempt_id, db_session, failure_reason=str(e))
+
+        raise e
+    finally:
+        if lock.owned():
+            lock.release()
+
+    logger.info(
+        f"Indexing spawned task finished: attempt={index_attempt_id} "
+        f"tenant={tenant_id} "
+        f"cc_pair={cc_pair_id} "
+        f"search_settings={search_settings_id}"
+    )
+    return n_final_progress
--- a/Show More
+++ b/Show More