diff --git a/config.dist.ini b/config.dist.ini new file mode 100644 index 0000000..ce2d738 --- /dev/null +++ b/config.dist.ini @@ -0,0 +1,39 @@ +[JOURNEYJOKER] +# SECURITY WARNING: don't run with debug turned on in production! +Debug = 0 +Host = journeyjoker.lan +Countries = ["AT"] + +CurrencySymbol = "€" +CurrencyCode = "EUR" +CurrencyName = "Euro" + +[SMTP] +Host = "mail.server" +# Port = 25 +Username = "mail_username" +Password = "mail_password" +StartTLS = 0 +SSL = 1 + +From = "noreply@journeyjoker.lan" +BCC = [] + +[ADMINS] +admin@example.com = Demo Admin + +[MANAGERS] +manager@example.com = Demo Manager + +# [MySQL] +# Database = journeyjoker +# Username = journeyjoker +# Password = secret123! +# Host = localhost +# Port = 3306 + +# [S3] +# AccessKey = journeyjoker +# SecretKey = !!!verysecret!!! +# Bucket = journeyjoker +# Endpoint = https://minio.journeyjoker.lan \ No newline at end of file diff --git a/config.ini b/config.ini new file mode 100644 index 0000000..28d4229 --- /dev/null +++ b/config.ini @@ -0,0 +1,34 @@ +[JOURNEYJOKER] +debug = 1 +host = journeyjoker.dev.kumi +countries = ["AT"] +currencysymbol = "€" +currencycode = "EUR" +currencyname = "Euro" + +[SMTP] +host = "email.kumi" +port = 25 +username = "noreply@journeyjoker.dev.kumi" +password = "aiv4jeiHoa4saeH2aephaeDe2ev0urieGhahquoahihaeGh7AeSh9rohz3eethie" +starttls = 1 +ssl = 0 +from = "noreply@journeyjoker.dev.kumi" +bcc = [] + +[ADMINS] +admin@example.com = Demo Admin + +[MANAGERS] +manager@example.com = Demo Manager + +[MySQL] +database = journeyjoker_dev +username = journeyjoker_dev +password = gee7aec5zaix8RieXahshie5Soongeibee6uthashook0ipae8oobuiTuwingeek +host = duck.mariadb.kumi +port = 3306 + +[AutoSecretKey] +secretkey = 0jw5q5jh8@x))dmeq_yi9t^xqx0&60sty0^i8w8ri%bf3-^21h + diff --git a/localauth/mixins.py b/localauth/mixins.py index eb33245..a83db2e 100644 --- a/localauth/mixins.py +++ b/localauth/mixins.py @@ -3,7 +3,7 @@ from django.shortcuts import redirect from django.contrib import messages from django.contrib.auth import REDIRECT_FIELD_NAME from django.contrib.auth.decorators import login_required -from django.contrib.auth.views import redirect_to_login, SuccessURLAllowedHostsMixin +from django.contrib.auth.views import redirect_to_login, RedirectURLMixin as SuccessURLAllowedHostsMixin from django.conf import settings from django.contrib.auth.mixins import UserPassesTestMixin from django.urls import reverse_lazy diff --git a/localsettings.dist.py b/localsettings.dist.py deleted file mode 100644 index 4ec24b0..0000000 --- a/localsettings.dist.py +++ /dev/null @@ -1,60 +0,0 @@ -# SECURITY WARNING: keep the secret key used in production secret! -SECRET_KEY = 'longsecretstring!' - -# SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True - -ALLOWED_HOSTS = ["*"] - -# MySQL/MariaDB server settings - -DB_HOST = "sql.server" -DB_PORT = 3306 -DB_NAME = "sql_database" -DB_USER = "sql_username" -DB_PASS = "sql_password" - -# Mail server settings - -EMAIL_HOST = "mail.server" -EMAIL_PORT = None -EMAIL_HOST_USER = "mail_username" -EMAIL_HOST_PASSWORD = "mail_password" -EMAIL_USE_TLS = False -EMAIL_USE_SSL = True - -# Email address to send outgoing mail from by default - -DEFAULT_FROM_EMAIL = "noreply@example.com" - -# Email addresses of system administrators and managers - -ADMINS = [ - ('Demo Admin', 'admin@example.com'), -] - -MANAGERS = ADMINS + [ - ('Demo Manager', 'manager@example.com'), -] - -# Default addresses to BCC messages to - -DEFAULT_BCC_EMAILS = [] - -# S3 Bucket Configuration (add options as documented at https://django-storages.readthedocs.io/en/latest/backends/amazon-S3.html) - -ENABLE_S3_STORAGE = False - -AWS_ACCESS_KEY_ID = "AWS Key ID" -AWS_SECRET_ACCESS_KEY = "AWS Secret Key" -AWS_STORAGE_BUCKET_NAME = "AWS Bucket" - -# Countries the app can be used in (currently no more than 5 due to Google Maps restrictions) - -JOKER_COUNTRIES = ["AT"] - -# Currency to use - -CURRENCY_SYMBOL = "€" -CURRENCY_CODE = "EUR" -CURRENCY_NAME = "Euro" diff --git a/payment/voucher/helpers.py b/payment/voucher/helpers.py index ec79f43..1933a5a 100644 --- a/payment/voucher/helpers.py +++ b/payment/voucher/helpers.py @@ -2,7 +2,7 @@ from dbsettings.functions import getValue from random import SystemRandom -import fast_luhn +import baluhn def generate_voucher_code(prefix=getValue("payment.voucher.prefix", "9011"), length=getValue("payment.voucher.length", 16)): if length <= len(str(prefix)): @@ -15,4 +15,4 @@ def generate_voucher_code(prefix=getValue("payment.voucher.prefix", "9011"), len for i in range(length_randpart): base_code += str(SystemRandom().randint(0, 9)) - return fast_luhn.complete(base_code) \ No newline at end of file + return baluhn.generate(base_code) \ No newline at end of file diff --git a/requirements.txt b/requirements.txt index 12a1ed0..40c4d38 100644 --- a/requirements.txt +++ b/requirements.txt @@ -17,11 +17,12 @@ googlemaps Babel staticmap django-mathfilters -fast-luhn +baluhn kumisms django-filtersignals python-magic bs4 django-starfield pdfkit -git+https://github.com/chrisherold/django-weekday-field.git \ No newline at end of file +git+https://github.com/chrisherold/django-weekday-field.git +django-autosecretkey \ No newline at end of file diff --git a/urlaubsauktion/admin.py b/urlaubsauktion/admin.py index 94fcd13..7b525dc 100644 --- a/urlaubsauktion/admin.py +++ b/urlaubsauktion/admin.py @@ -1,18 +1,18 @@ from django.contrib.admin import AdminSite -from django.utils.translation import ugettext_lazy +from django.utils.translation import gettext_lazy from django.contrib.auth import get_user_model from dbsettings.models import Setting class JokerAdmin(AdminSite): # Text to put at the end of each page's . - site_title = ugettext_lazy('JourneyJoker Administration') + site_title = gettext_lazy('JourneyJoker Administration') # Text to put in each page's <h1> (and above login form). - site_header = ugettext_lazy('JourneyJoker Administration') + site_header = gettext_lazy('JourneyJoker Administration') # Text to put at the top of the admin index page. - index_title = ugettext_lazy('JourneyJoker Administration') + index_title = gettext_lazy('JourneyJoker Administration') joker_admin = JokerAdmin() diff --git a/urlaubsauktion/settings.py b/urlaubsauktion/settings.py index e46f61e..ec72fab 100644 --- a/urlaubsauktion/settings.py +++ b/urlaubsauktion/settings.py @@ -1,9 +1,38 @@ from pathlib import Path -from localsettings import * +import json + +from autosecretkey import AutoSecretKey # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent +CONFIG_FILE = AutoSecretKey(BASE_DIR / "config.ini", template=BASE_DIR / "config.dist.ini") +SECRET_KEY = CONFIG_FILE.secret_key +CONFIG = CONFIG_FILE.config + +DEBUG = CONFIG["JOURNEYJOKER"]["Debug"] + +# Domain configuration + +ALLOWED_HOSTS = [host := CONFIG["JOURNEYJOKER"]["Host"]] + +if host.startswith("www."): + ALLOWED_HOSTS.append(host[4:]) +else: + ALLOWED_HOSTS.append(f"www.{host}") + +CSRF_TRUSTED_ORIGINS = [f"https://{host}" for host in ALLOWED_HOSTS] + +# Countries the app can be used in (currently no more than 5 due to Google Maps restrictions) + +JOKER_COUNTRIES = json.loads(CONFIG["JOURNEYJOKER"]["Countries"]) + +# Currency to use + +CURRENCY_SYMBOL = CONFIG["JOURNEYJOKER"]["CurrencySymbol"] +CURRENCY_CODE = CONFIG["JOURNEYJOKER"]["CurrencyCode"] +CURRENCY_NAME = CONFIG["JOURNEYJOKER"]["CurrencyName"] + # Application definition @@ -66,18 +95,31 @@ WSGI_APPLICATION = 'urlaubsauktion.wsgi.application' # Database -# https://docs.djangoproject.com/en/3.1/ref/settings/#databases +# https://docs.djangoproject.com/en/4.0/ref/settings/#databases -DATABASES = { - 'default': { - 'ENGINE': 'django.contrib.gis.db.backends.mysql', - 'NAME': DB_NAME, - 'USER': DB_USER, - 'PASSWORD': DB_PASS, - 'HOST': DB_HOST, - 'PORT': DB_PORT, +if "MySQL" in CONFIG_FILE.config: + DATABASES = { + 'default': { + 'ENGINE': 'django.contrib.gis.db.backends.mysql', + 'NAME': CONFIG_FILE.config.get("MySQL", "Database"), + 'USER': CONFIG_FILE.config.get("MySQL", "Username"), + 'PASSWORD': CONFIG_FILE.config.get("MySQL", "Password"), + 'HOST': CONFIG_FILE.config.get("MySQL", "Host", fallback="localhost"), + 'PORT': CONFIG_FILE.config.getint("MySQL", "Port", fallback=3306), + 'OPTIONS': { + 'charset': 'utf8mb4', + 'sql_mode': 'traditional', + } + } + } + +else: + DATABASES = { + 'default': { + 'ENGINE': 'django.contrib.gis.db.backends.spatialite', + 'NAME': BASE_DIR / 'db.sqlite3', + } } -} # Password validation @@ -123,7 +165,18 @@ LANGUAGES = [ # Static files (CSS, JavaScript, Images) -# https://docs.djangoproject.com/en/3.1/howto/static-files/ +# https://docs.djangoproject.com/en/4.0/howto/static-files/ + + +STATIC_ROOT = None if DEBUG else CONFIG_FILE.config.get("JOURNEYJOKER", "StaticRoot", fallback=BASE_DIR / "webroot" / "static") + +if "S3" in CONFIG_FILE.config: + DEFAULT_FILE_STORAGE = 'storages.backends.s3boto3.S3Boto3Storage' + STATICFILES_STORAGE = 'storages.backends.s3boto3.S3StaticStorage' + AWS_ACCESS_KEY_ID = CONFIG_FILE.config.get("S3", "AccessKey") + AWS_SECRET_ACCESS_KEY = CONFIG_FILE.config.get("S3", "SecretKey") + AWS_STORAGE_BUCKET_NAME = CONFIG_FILE.config.get("S3", "Bucket") + AWS_S3_ENDPOINT_URL = CONFIG_FILE.config.get("S3", "Endpoint") STATIC_URL = '/static/' @@ -135,12 +188,40 @@ AUTH_USER_MODEL = "localauth.User" REGISTER_REDIRECT_URL = "/" LOGIN_REDIRECT_URL = "/" +LOGOUT_REDIRECT_URL = "/" LOGIN_URL = "localauth:login" LOGOUT_URL = "localauth:logout" -DEFAULT_FILE_STORAGE = 'django.core.files.storage.FileSystemStorage' if not ENABLE_S3_STORAGE else 'storages.backends.s3boto3.S3Boto3Storage' -STATICFILES_STORAGE = 'storages.backends.s3boto3.S3StaticStorage' if ENABLE_S3_STORAGE else 'django.contrib.staticfiles.storage.StaticFilesStorage' + +# Mail server settings + +EMAIL_ENABLED = False + +if "SMTP" in CONFIG: + EMAIL_ENABLED = True + EMAIL_HOST = CONFIG["SMTP"]["Host"] + EMAIL_PORT = CONFIG.get("SMTP", "Port", fallback=587) + EMAIL_HOST_USER = CONFIG.get("SMTP", "Username") + EMAIL_HOST_PASSWORD = CONFIG.get("SMTP", "Password") + EMAIL_USE_TLS = CONFIG.getboolean("SMTP", "TLS", fallback=True) + EMAIL_USE_SSL = CONFIG.getboolean("SMTP", "SSL", fallback=False) + + EMAIL_FROM = CONFIG.get("SMTP", "From", fallback=EMAIL_HOST_USER) + EMAIL_BCC = json.loads(CONFIG.get("SMTP", "BCC", fallback=[])) + +# Email addresses of system administrators and managers + +ADMINS = [ + (v,k) for k,v in CONFIG["ADMINS"].items() +] + +MANAGERS = ADMINS + [ + (v,k) for k,v in CONFIG["MANAGERS"].items() +] + + +# Misc settings DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' diff --git a/uwsgi.sh b/uwsgi.sh index eb9343b..e3ba45a 100755 --- a/uwsgi.sh +++ b/uwsgi.sh @@ -1,3 +1,3 @@ #!/bin/bash -uwsgi --http 127.0.0.1:8000 --module urlaubsauktion.wsgi --uid 1001 --processes 8 +uwsgi --http 127.0.0.1:8092 --module urlaubsauktion.wsgi --uid 1001 --processes 8