Limit the number of orphaned to delete at 100 every 10 mins due to the cascading queries that have to check oauth_authorizations and oauth_tokens tables.

This should keep ahead of most app registration spam and not overwhelm lower powered servers.

config/config.exs

@@ -598,7 +598,7 @@ config :pleroma, Oban,
   crontab: [
     {"0 0 * * 0", Pleroma.Workers.Cron.DigestEmailsWorker},
     {"0 0 * * *", Pleroma.Workers.Cron.NewUsersDigestWorker},
-    {"0 0 * * *", Pleroma.Workers.Cron.AppCleanupWorker}
+    {"*/10 * * * *", Pleroma.Workers.Cron.AppCleanupWorker}
   ]
 
 config :pleroma, Pleroma.Formatter,

lib/pleroma/web/o_auth/app.ex

@@ -166,9 +166,14 @@ defmodule Pleroma.Web.OAuth.App do
 
   def maybe_update_owner(_), do: :ok
 
-  @spec remove_orphans() :: :ok
+  @spec remove_orphans(pos_integer()) :: :ok
-  def remove_orphans() do
+  def remove_orphans(limit \\ 100) do
-    from(a in __MODULE__, where: is_nil(a.user_id))
+    Repo.transaction(fn ->
-    |> Repo.delete_all()
+      from(a in __MODULE__, where: is_nil(a.user_id), limit: ^limit)
+      |> Repo.all()
+      |> Enum.each(&Repo.delete(&1))
+    end)
+
+    :ok
   end
 end