From b78d90ed03d30047ce38e2936bf8cf4ce84aa33f Mon Sep 17 00:00:00 2001 From: Merlin Buczek Date: Thu, 13 Jun 2019 20:40:27 +0200 Subject: [PATCH] Use local settings module --- config/settings/base.py | 34 +++++++-------- config/settings/ldap.py | 49 --------------------- config/settings/local.py | 19 +++++--- config/settings/production.py | 81 +++++++++++++++++++++++++++-------- config/settings/test.py | 3 +- requirements/base.in | 3 +- requirements/base.txt | 5 +-- requirements/dev.txt | 5 +-- requirements/production.txt | 3 +- requirements/test.txt | 3 +- 10 files changed, 101 insertions(+), 104 deletions(-) delete mode 100644 config/settings/ldap.py diff --git a/config/settings/base.py b/config/settings/base.py index 2636dca..016ad44 100644 --- a/config/settings/base.py +++ b/config/settings/base.py @@ -1,23 +1,16 @@ """ Base settings for mpicms project. """ - -import environ +import os from django.utils.translation import gettext_lazy as _ -ROOT_DIR = environ.Path(__file__) - 3 # (mpicms/config/settings/base.py - 3 = mpicms/) -APPS_DIR = ROOT_DIR.path('mpicms') - -env = environ.Env() - -# Read .env file -environ.Env.read_env() +ROOT_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) # (mpicms/config/settings/base.py - 3 = mpicms/) +APPS_DIR = os.path.join(ROOT_DIR, 'mpicms') # GENERAL # ------------------------------------------------------------------------------ -DEBUG = env.bool('DJANGO_DEBUG', False) TIME_ZONE = 'Europe/Berlin' LANGUAGE_CODE = 'en-us' SITE_ID = 1 @@ -28,9 +21,12 @@ # DATABASES # ------------------------------------------------------------------------------ DATABASES = { - 'default': env.db('DATABASE_URL', default='postgres:///mpicms'), + 'default': { + 'ENGINE': 'django.db.backends.postgresql', + 'NAME': 'mpicms', + 'ATOMIC_REQUESTS': True, + } } -DATABASES['default']['ATOMIC_REQUESTS'] = True # URLS # ------------------------------------------------------------------------------ @@ -135,10 +131,10 @@ # STATIC # ------------------------------------------------------------------------------ -STATIC_ROOT = str(ROOT_DIR('staticfiles')) +STATIC_ROOT = os.path.join(ROOT_DIR, 'staticfiles') STATIC_URL = '/static/' STATICFILES_DIRS = [ - str(APPS_DIR.path('static')), + os.path.join(APPS_DIR, 'static'), ] STATICFILES_FINDERS = [ 'django.contrib.staticfiles.finders.FileSystemFinder', @@ -147,7 +143,7 @@ # MEDIA # ------------------------------------------------------------------------------ -MEDIA_ROOT = str(APPS_DIR('media')) +MEDIA_ROOT = os.path.join(APPS_DIR, 'media') MEDIA_URL = '/media/' # TEMPLATES @@ -156,7 +152,7 @@ { 'BACKEND': 'django.template.backends.django.DjangoTemplates', 'DIRS': [ - str(APPS_DIR.path('templates')), + os.path.join(APPS_DIR, 'templates'), ], 'OPTIONS': { 'debug': DEBUG, @@ -181,7 +177,7 @@ # FIXTURES # ------------------------------------------------------------------------------ FIXTURE_DIRS = ( - str(APPS_DIR.path('fixtures')), + os.path.join(APPS_DIR, 'fixtures'), ) # SECURITY @@ -193,7 +189,7 @@ # EMAIL # ------------------------------------------------------------------------------ -EMAIL_BACKEND = env('DJANGO_EMAIL_BACKEND', default='django.core.mail.backends.smtp.EmailBackend') +EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' # ADMIN # ------------------------------------------------------------------------------ @@ -210,7 +206,7 @@ ) LOCALE_PATHS = [ - ROOT_DIR.path('locale'), + os.path.join(ROOT_DIR, 'locale'), ] WAGTAILMODELTRANSLATION_TRANSLATE_SLUGS = False diff --git a/config/settings/ldap.py b/config/settings/ldap.py deleted file mode 100644 index fc72f83..0000000 --- a/config/settings/ldap.py +++ /dev/null @@ -1,49 +0,0 @@ -import ldap -from django_auth_ldap.config import LDAPSearch, GroupOfNamesType - -from .base import * # noqa -from .base import env - - -# AUTHENTICATION -AUTHENTICATION_BACKENDS = [ - 'django_auth_ldap.backend.LDAPBackend', - # 'django.contrib.auth.backends.ModelBackend', -] - -AUTH_LDAP_SERVER_URI = env('LDAP_URI') - -LDAP_USER_NAMES = env('LDAP_USER_NAMES', default="dc=user,dc=apps,dc=molgen,dc=mpg,dc=DE") - -AUTH_LDAP_CONNECTION_OPTIONS = { - ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER -} - -AUTH_LDAP_BIND_DN = env('LDAP_USER_DN', default="cn=mpicms,dc=ldap,dc=apps,dc=molgen,dc=mpg,dc=DE") -AUTH_LDAP_BIND_PASSWORD = env('LDAP_USER_PASSWORD') -AUTH_LDAP_USER_SEARCH = LDAPSearch( - LDAP_USER_NAMES, - ldap.SCOPE_SUBTREE, - "(uid=%(user)s)") - - -AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s," + LDAP_USER_NAMES - -AUTH_LDAP_FIND_GROUP_PERMS = False -AUTH_LDAP_GROUP_SEARCH = LDAPSearch( - 'ou=groups,dc=example,dc=com', - ldap.SCOPE_SUBTREE, - '(objectClass=groupOfNames)', -) -AUTH_LDAP_GROUP_TYPE = GroupOfNamesType(name_attr='cn') - -AUTH_LDAP_USER_ATTR_MAP = { - 'first_name': 'givenName', - 'last_name': 'sn', - 'email': 'mail', -} - -AUTH_LDAP_USER_FLAGS_BY_GROUP = { - # 'is_staff': 'cn=staff,ou=groups,dc=example,dc=com', - # 'is_superuser': 'cn=superuser,ou=groups,dc=example,dc=com', -} \ No newline at end of file diff --git a/config/settings/local.py b/config/settings/local.py index dc4f3e4..3893c97 100644 --- a/config/settings/local.py +++ b/config/settings/local.py @@ -1,15 +1,16 @@ from .base import * # noqa -from .base import env + # GENERAL # ------------------------------------------------------------------------------ DEBUG = True -SECRET_KEY = env('DJANGO_SECRET_KEY', default='XBlibrFtVb24Dig6CCMAw7Kv3FpXpJYmEZMdpRlnRdTzQpNdTPZ1TtvqKiQu9caf') -ALLOWED_HOSTS = env.list('DJANGO_ALLOWED_HOSTS', default=[ +SECRET_KEY = 'XBlibrFtVb24Dig6CCMAw7Kv3FpXpJYmEZMdpRlnRdTzQpNdTPZ1TtvqKiQu9caf' + +ALLOWED_HOSTS = [ "localhost", "0.0.0.0", "127.0.0.1", -]) +] # CACHES # ------------------------------------------------------------------------------ @@ -26,7 +27,7 @@ # EMAIL # ------------------------------------------------------------------------------ -EMAIL_BACKEND = env('DJANGO_EMAIL_BACKEND', default='django.core.mail.backends.console.EmailBackend') +EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' EMAIL_HOST = 'localhost' EMAIL_PORT = 1025 @@ -36,13 +37,16 @@ 'debug_toolbar', 'wagtail.contrib.styleguide', ] + MIDDLEWARE += ['debug_toolbar.middleware.DebugToolbarMiddleware'] # noqa F405 + DEBUG_TOOLBAR_CONFIG = { 'DISABLE_PANELS': [ 'debug_toolbar.panels.redirects.RedirectsPanel', ], 'SHOW_TEMPLATE_CONTEXT': True, } + INTERNAL_IPS = ['127.0.0.1', '10.0.2.2'] # Logging @@ -75,3 +79,8 @@ }, } } + +try: + from local_settings import * # noqa +except ImportError: + pass diff --git a/config/settings/production.py b/config/settings/production.py index 9f813a6..2afa6cd 100644 --- a/config/settings/production.py +++ b/config/settings/production.py @@ -1,25 +1,27 @@ -from .ldap import * # noqa -from .ldap import env +import ldap +from django_auth_ldap.config import LDAPSearch, GroupOfNamesType + +from .base import * # noqa + # GENERAL # ------------------------------------------------------------------------------ +DEBUG = False # https://docs.djangoproject.com/en/dev/ref/settings/#secret-key -SECRET_KEY = env('DJANGO_SECRET_KEY') +SECRET_KEY = None # https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts -ALLOWED_HOSTS = env.list('DJANGO_ALLOWED_HOSTS', default=['twiki.molgen.mpg.de']) +ALLOWED_HOSTS = ['intranet.molgen.mpg.de'] # DATABASES # ------------------------------------------------------------------------------ -DATABASES['default'] = env.db('DATABASE_URL') # noqa F405 -DATABASES['default']['ATOMIC_REQUESTS'] = True # noqa F405 -DATABASES['default']['CONN_MAX_AGE'] = env.int('CONN_MAX_AGE', default=60) # noqa F405 +DATABASES['default']['CONN_MAX_AGE'] = 60 # noqa F405 # SECURITY # ------------------------------------------------------------------------------ # https://docs.djangoproject.com/en/dev/ref/settings/#secure-proxy-ssl-header SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') # https://docs.djangoproject.com/en/dev/ref/settings/#secure-ssl-redirect -SECURE_SSL_REDIRECT = env.bool('DJANGO_SECURE_SSL_REDIRECT', default=True) +SECURE_SSL_REDIRECT = True # https://docs.djangoproject.com/en/dev/ref/settings/#session-cookie-secure SESSION_COOKIE_SECURE = True # https://docs.djangoproject.com/en/dev/ref/settings/#csrf-cookie-secure @@ -29,11 +31,11 @@ # TODO: set this to 60 seconds first and then to 518400 once you prove the former works SECURE_HSTS_SECONDS = 60 # https://docs.djangoproject.com/en/dev/ref/settings/#secure-hsts-include-subdomains -SECURE_HSTS_INCLUDE_SUBDOMAINS = env.bool('DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS', default=True) +SECURE_HSTS_INCLUDE_SUBDOMAINS = True # https://docs.djangoproject.com/en/dev/ref/settings/#secure-hsts-preload -SECURE_HSTS_PRELOAD = env.bool('DJANGO_SECURE_HSTS_PRELOAD', default=True) +SECURE_HSTS_PRELOAD = True # https://docs.djangoproject.com/en/dev/ref/middleware/#x-content-type-options-nosniff -SECURE_CONTENT_TYPE_NOSNIFF = env.bool('DJANGO_SECURE_CONTENT_TYPE_NOSNIFF', default=True) +SECURE_CONTENT_TYPE_NOSNIFF = True # TEMPLATES # ------------------------------------------------------------------------------ @@ -48,17 +50,57 @@ ), ] +# AUTHENTICATION +AUTHENTICATION_BACKENDS = [ + 'django_auth_ldap.backend.LDAPBackend', + # 'django.contrib.auth.backends.ModelBackend', +] + +AUTH_LDAP_SERVER_URI = 'ldaps://ldap.molgen.mpg.de/1' + +LDAP_USER_NAMES = "dc=user,dc=apps,dc=molgen,dc=mpg,dc=DE" + +AUTH_LDAP_CONNECTION_OPTIONS = { + ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER +} + +AUTH_LDAP_BIND_DN = "cn=mpicms,dc=ldap,dc=apps,dc=molgen,dc=mpg,dc=DE" +AUTH_LDAP_USER_SEARCH = LDAPSearch( + LDAP_USER_NAMES, + ldap.SCOPE_SUBTREE, + "(uid=%(user)s)") + + +AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s," + LDAP_USER_NAMES + +AUTH_LDAP_FIND_GROUP_PERMS = False +AUTH_LDAP_GROUP_SEARCH = LDAPSearch( + 'ou=groups,dc=example,dc=com', + ldap.SCOPE_SUBTREE, + '(objectClass=groupOfNames)', +) +AUTH_LDAP_GROUP_TYPE = GroupOfNamesType(name_attr='cn') + +AUTH_LDAP_USER_ATTR_MAP = { + 'first_name': 'givenName', + 'last_name': 'sn', + 'email': 'mail', +} + +AUTH_LDAP_USER_FLAGS_BY_GROUP = { + # 'is_staff': 'cn=staff,ou=groups,dc=example,dc=com', + # 'is_superuser': 'cn=superuser,ou=groups,dc=example,dc=com', +} + # EMAIL # ------------------------------------------------------------------------------ # https://docs.djangoproject.com/en/dev/ref/settings/#default-from-email -DEFAULT_FROM_EMAIL = env( - 'DJANGO_DEFAULT_FROM_EMAIL', - default='MPI ' -) +DEFAULT_FROM_EMAIL = 'MPI ' + # https://docs.djangoproject.com/en/dev/ref/settings/#server-email -SERVER_EMAIL = env('DJANGO_SERVER_EMAIL', default=DEFAULT_FROM_EMAIL) +SERVER_EMAIL = DEFAULT_FROM_EMAIL # https://docs.djangoproject.com/en/dev/ref/settings/#email-subject-prefix -EMAIL_SUBJECT_PREFIX = env('DJANGO_EMAIL_SUBJECT_PREFIX', default='[MPI CMS]') +EMAIL_SUBJECT_PREFIX = '[MPI CMS]' # LOGGING # ------------------------------------------------------------------------------ @@ -101,3 +143,8 @@ } } } + +try: + from local_settings import * # noqa +except ImportError: + pass diff --git a/config/settings/test.py b/config/settings/test.py index 993be9b..2466ff8 100644 --- a/config/settings/test.py +++ b/config/settings/test.py @@ -3,14 +3,13 @@ """ from .base import * # noqa -from .base import env # GENERAL # ------------------------------------------------------------------------------ # https://docs.djangoproject.com/en/dev/ref/settings/#debug DEBUG = False # https://docs.djangoproject.com/en/dev/ref/settings/#secret-key -SECRET_KEY = env("DJANGO_SECRET_KEY", default="0QnR12nkPQODr0GtLeIaTlt3PWaxYSd6WPQl5USDULW9Q3ArzCqOJRjzsrGUpg96") +SECRET_KEY = "0QnR12nkPQODr0GtLeIaTlt3PWaxYSd6WPQl5USDULW9Q3ArzCqOJRjzsrGUpg96" # https://docs.djangoproject.com/en/dev/ref/settings/#test-runner TEST_RUNNER = "django.test.runner.DiscoverRunner" diff --git a/requirements/base.in b/requirements/base.in index b5b5336..1412a7c 100644 --- a/requirements/base.in +++ b/requirements/base.in @@ -1,9 +1,8 @@ # Django Django -django-environ # Postgres -psycopg2 +psycopg2-binary # Wagtail wagtail diff --git a/requirements/base.txt b/requirements/base.txt index 78872e0..d74c37b 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -2,12 +2,11 @@ # This file is autogenerated by pip-compile # To update, run: # -# pip-compile --upgrade requirements/base.in +# pip-compile -v --output-file base.txt base.in # beautifulsoup4==4.6.0 # via wagtail certifi==2019.3.9 # via requests chardet==3.0.4 # via requests -django-environ==0.4.5 django-modelcluster==4.4 # via wagtail django-modeltranslation==0.13.1 # via wagtail-modeltranslation django-taggit==0.24.0 # via wagtail @@ -18,7 +17,7 @@ draftjs-exporter==2.1.5 # via wagtail html5lib==1.0.1 # via wagtail idna==2.8 # via requests pillow==5.4.1 # via wagtail -psycopg2==2.8.2 +psycopg2-binary==2.8.2 pytz==2019.1 # via django, django-modelcluster, wagtail requests==2.21.0 # via wagtail six==1.12.0 # via html5lib, wagtail diff --git a/requirements/dev.txt b/requirements/dev.txt index 396765d..9352918 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -15,8 +15,7 @@ click==7.0 # via pip-tools coverage==4.5.3 decorator==4.4.0 # via ipython, traitlets django-coverage-plugin==1.6.0 -django-debug-toolbar==2.0a1 -django-environ==0.4.5 +django-debug-toolbar==1.11 django-modelcluster==4.4 django-modeltranslation==0.13.1 django-taggit==0.24.0 @@ -45,7 +44,7 @@ pillow==5.4.1 pip-tools==3.6.1 pluggy==0.9.0 prompt-toolkit==2.0.9 # via ipython -psycopg2==2.8.2 +psycopg2-binary==2.8.2 ptyprocess==0.6.0 # via pexpect py==1.8.0 pycodestyle==2.5.0 diff --git a/requirements/production.txt b/requirements/production.txt index 1ee9f7a..ee29424 100644 --- a/requirements/production.txt +++ b/requirements/production.txt @@ -8,7 +8,6 @@ beautifulsoup4==4.6.0 certifi==2019.3.9 chardet==3.0.4 django-auth-ldap==1.7.0 -django-environ==0.4.5 django-modelcluster==4.4 django-modeltranslation==0.13.1 django-taggit==0.24.0 @@ -19,7 +18,7 @@ draftjs-exporter==2.1.5 html5lib==1.0.1 idna==2.8 pillow==5.4.1 -psycopg2==2.8.2 +psycopg2-binary==2.8.2 pyasn1-modules==0.2.5 # via python-ldap pyasn1==0.4.5 # via pyasn1-modules, python-ldap python-ldap==3.2.0 diff --git a/requirements/test.txt b/requirements/test.txt index 6bfd1e3..24e883c 100644 --- a/requirements/test.txt +++ b/requirements/test.txt @@ -11,7 +11,6 @@ certifi==2019.3.9 chardet==3.0.4 coverage==4.5.3 django-coverage-plugin==1.6.0 -django-environ==0.4.5 django-modelcluster==4.4 django-modeltranslation==0.13.1 django-taggit==0.24.0 @@ -27,7 +26,7 @@ mccabe==0.6.1 # via flake8 more-itertools==7.0.0 # via pytest pillow==5.4.1 pluggy==0.9.0 # via pytest -psycopg2==2.8.2 +psycopg2-binary==2.8.2 py==1.8.0 # via pytest pycodestyle==2.5.0 # via flake8 pyflakes==2.1.1 # via flake8