It may be wiser to look towards a contract / license with a written right to audit, etc. Technically, a relatively reliable protection would be to install your own version of python with rewritten imports and encrypt the bytecode.

And to provide in the form of a virtual machine that will have access (ssh / rdp) only to you?

Go to check the license on your server, from which the algorithm will no longer be pulled?
Mac, they can change, one hell. We need to think about a more complex mechanism.

If the client does not care about the mutual exclusivity of the confidentiality of the database and the closed code of the site, then the database and the application can be separated on 2 different machines / VPS (in the same local area). The client has a server with a database to which you "have no access"; you have a server with an application that the client does not have access to. No keys, etc. will be needed. In the django settings, only the host and port will need to be specified for the base, and that's it.

Scatter the verification code throughout the code, in each file so that it is invisibly present, and everything breaks without it. Obfuscate the code. After that, it may well be cheaper to hire developers to write a new application than to hack yours.

only if the service is like Saas, the rest is hacked.
Sell ​​together with iron activation keys.

If you need really reliable protection, then look towards HASP keys (there are both hardware and software keys). They have the ability to store their information inside the key and set license restrictions, including the expiration date.

Or StarForce again. They have a product that is tied to a local or remote server that counts the number of launches or jobs, depending on what you need.