Migrate to AutoSecretKey, other fixes

This commit is contained in:
Kumi 2022-10-28 14:35:26 +00:00
parent 38fd830eab
commit 69c13e099a
Signed by: kumi
GPG key ID: ECBCC9082395383F
9 changed files with 179 additions and 84 deletions

39
config.dist.ini Normal file
View file

@ -0,0 +1,39 @@
[JOURNEYJOKER]
# SECURITY WARNING: don't run with debug turned on in production!
Debug = 0
Host = journeyjoker.lan
Countries = ["AT"]
CurrencySymbol = "€"
CurrencyCode = "EUR"
CurrencyName = "Euro"
[SMTP]
Host = "mail.server"
# Port = 25
Username = "mail_username"
Password = "mail_password"
StartTLS = 0
SSL = 1
From = "noreply@journeyjoker.lan"
BCC = []
[ADMINS]
admin@example.com = Demo Admin
[MANAGERS]
manager@example.com = Demo Manager
# [MySQL]
# Database = journeyjoker
# Username = journeyjoker
# Password = secret123!
# Host = localhost
# Port = 3306
# [S3]
# AccessKey = journeyjoker
# SecretKey = !!!verysecret!!!
# Bucket = journeyjoker
# Endpoint = https://minio.journeyjoker.lan

34
config.ini Normal file
View file

@ -0,0 +1,34 @@
[JOURNEYJOKER]
debug = 1
host = journeyjoker.dev.kumi
countries = ["AT"]
currencysymbol = "€"
currencycode = "EUR"
currencyname = "Euro"
[SMTP]
host = "email.kumi"
port = 25
username = "noreply@journeyjoker.dev.kumi"
password = "aiv4jeiHoa4saeH2aephaeDe2ev0urieGhahquoahihaeGh7AeSh9rohz3eethie"
starttls = 1
ssl = 0
from = "noreply@journeyjoker.dev.kumi"
bcc = []
[ADMINS]
admin@example.com = Demo Admin
[MANAGERS]
manager@example.com = Demo Manager
[MySQL]
database = journeyjoker_dev
username = journeyjoker_dev
password = gee7aec5zaix8RieXahshie5Soongeibee6uthashook0ipae8oobuiTuwingeek
host = duck.mariadb.kumi
port = 3306
[AutoSecretKey]
secretkey = 0jw5q5jh8@x))dmeq_yi9t^xqx0&60sty0^i8w8ri%bf3-^21h

View file

@ -3,7 +3,7 @@ from django.shortcuts import redirect
from django.contrib import messages from django.contrib import messages
from django.contrib.auth import REDIRECT_FIELD_NAME from django.contrib.auth import REDIRECT_FIELD_NAME
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required
from django.contrib.auth.views import redirect_to_login, SuccessURLAllowedHostsMixin from django.contrib.auth.views import redirect_to_login, RedirectURLMixin as SuccessURLAllowedHostsMixin
from django.conf import settings from django.conf import settings
from django.contrib.auth.mixins import UserPassesTestMixin from django.contrib.auth.mixins import UserPassesTestMixin
from django.urls import reverse_lazy from django.urls import reverse_lazy

View file

@ -1,60 +0,0 @@
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'longsecretstring!'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = ["*"]
# MySQL/MariaDB server settings
DB_HOST = "sql.server"
DB_PORT = 3306
DB_NAME = "sql_database"
DB_USER = "sql_username"
DB_PASS = "sql_password"
# Mail server settings
EMAIL_HOST = "mail.server"
EMAIL_PORT = None
EMAIL_HOST_USER = "mail_username"
EMAIL_HOST_PASSWORD = "mail_password"
EMAIL_USE_TLS = False
EMAIL_USE_SSL = True
# Email address to send outgoing mail from by default
DEFAULT_FROM_EMAIL = "noreply@example.com"
# Email addresses of system administrators and managers
ADMINS = [
('Demo Admin', 'admin@example.com'),
]
MANAGERS = ADMINS + [
('Demo Manager', 'manager@example.com'),
]
# Default addresses to BCC messages to
DEFAULT_BCC_EMAILS = []
# S3 Bucket Configuration (add options as documented at https://django-storages.readthedocs.io/en/latest/backends/amazon-S3.html)
ENABLE_S3_STORAGE = False
AWS_ACCESS_KEY_ID = "AWS Key ID"
AWS_SECRET_ACCESS_KEY = "AWS Secret Key"
AWS_STORAGE_BUCKET_NAME = "AWS Bucket"
# Countries the app can be used in (currently no more than 5 due to Google Maps restrictions)
JOKER_COUNTRIES = ["AT"]
# Currency to use
CURRENCY_SYMBOL = ""
CURRENCY_CODE = "EUR"
CURRENCY_NAME = "Euro"

View file

@ -2,7 +2,7 @@ from dbsettings.functions import getValue
from random import SystemRandom from random import SystemRandom
import fast_luhn import baluhn
def generate_voucher_code(prefix=getValue("payment.voucher.prefix", "9011"), length=getValue("payment.voucher.length", 16)): def generate_voucher_code(prefix=getValue("payment.voucher.prefix", "9011"), length=getValue("payment.voucher.length", 16)):
if length <= len(str(prefix)): if length <= len(str(prefix)):
@ -15,4 +15,4 @@ def generate_voucher_code(prefix=getValue("payment.voucher.prefix", "9011"), len
for i in range(length_randpart): for i in range(length_randpart):
base_code += str(SystemRandom().randint(0, 9)) base_code += str(SystemRandom().randint(0, 9))
return fast_luhn.complete(base_code) return baluhn.generate(base_code)

View file

@ -17,7 +17,7 @@ googlemaps
Babel Babel
staticmap staticmap
django-mathfilters django-mathfilters
fast-luhn baluhn
kumisms kumisms
django-filtersignals django-filtersignals
python-magic python-magic
@ -25,3 +25,4 @@ bs4
django-starfield django-starfield
pdfkit pdfkit
git+https://github.com/chrisherold/django-weekday-field.git git+https://github.com/chrisherold/django-weekday-field.git
django-autosecretkey

View file

@ -1,18 +1,18 @@
from django.contrib.admin import AdminSite from django.contrib.admin import AdminSite
from django.utils.translation import ugettext_lazy from django.utils.translation import gettext_lazy
from django.contrib.auth import get_user_model from django.contrib.auth import get_user_model
from dbsettings.models import Setting from dbsettings.models import Setting
class JokerAdmin(AdminSite): class JokerAdmin(AdminSite):
# Text to put at the end of each page's <title>. # Text to put at the end of each page's <title>.
site_title = ugettext_lazy('JourneyJoker Administration') site_title = gettext_lazy('JourneyJoker Administration')
# Text to put in each page's <h1> (and above login form). # Text to put in each page's <h1> (and above login form).
site_header = ugettext_lazy('JourneyJoker Administration') site_header = gettext_lazy('JourneyJoker Administration')
# Text to put at the top of the admin index page. # Text to put at the top of the admin index page.
index_title = ugettext_lazy('JourneyJoker Administration') index_title = gettext_lazy('JourneyJoker Administration')
joker_admin = JokerAdmin() joker_admin = JokerAdmin()

View file

@ -1,9 +1,38 @@
from pathlib import Path from pathlib import Path
from localsettings import * import json
from autosecretkey import AutoSecretKey
# Build paths inside the project like this: BASE_DIR / 'subdir'. # Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent BASE_DIR = Path(__file__).resolve().parent.parent
CONFIG_FILE = AutoSecretKey(BASE_DIR / "config.ini", template=BASE_DIR / "config.dist.ini")
SECRET_KEY = CONFIG_FILE.secret_key
CONFIG = CONFIG_FILE.config
DEBUG = CONFIG["JOURNEYJOKER"]["Debug"]
# Domain configuration
ALLOWED_HOSTS = [host := CONFIG["JOURNEYJOKER"]["Host"]]
if host.startswith("www."):
ALLOWED_HOSTS.append(host[4:])
else:
ALLOWED_HOSTS.append(f"www.{host}")
CSRF_TRUSTED_ORIGINS = [f"https://{host}" for host in ALLOWED_HOSTS]
# Countries the app can be used in (currently no more than 5 due to Google Maps restrictions)
JOKER_COUNTRIES = json.loads(CONFIG["JOURNEYJOKER"]["Countries"])
# Currency to use
CURRENCY_SYMBOL = CONFIG["JOURNEYJOKER"]["CurrencySymbol"]
CURRENCY_CODE = CONFIG["JOURNEYJOKER"]["CurrencyCode"]
CURRENCY_NAME = CONFIG["JOURNEYJOKER"]["CurrencyName"]
# Application definition # Application definition
@ -66,18 +95,31 @@ WSGI_APPLICATION = 'urlaubsauktion.wsgi.application'
# Database # Database
# https://docs.djangoproject.com/en/3.1/ref/settings/#databases # https://docs.djangoproject.com/en/4.0/ref/settings/#databases
DATABASES = { if "MySQL" in CONFIG_FILE.config:
DATABASES = {
'default': { 'default': {
'ENGINE': 'django.contrib.gis.db.backends.mysql', 'ENGINE': 'django.contrib.gis.db.backends.mysql',
'NAME': DB_NAME, 'NAME': CONFIG_FILE.config.get("MySQL", "Database"),
'USER': DB_USER, 'USER': CONFIG_FILE.config.get("MySQL", "Username"),
'PASSWORD': DB_PASS, 'PASSWORD': CONFIG_FILE.config.get("MySQL", "Password"),
'HOST': DB_HOST, 'HOST': CONFIG_FILE.config.get("MySQL", "Host", fallback="localhost"),
'PORT': DB_PORT, 'PORT': CONFIG_FILE.config.getint("MySQL", "Port", fallback=3306),
'OPTIONS': {
'charset': 'utf8mb4',
'sql_mode': 'traditional',
}
}
}
else:
DATABASES = {
'default': {
'ENGINE': 'django.contrib.gis.db.backends.spatialite',
'NAME': BASE_DIR / 'db.sqlite3',
}
} }
}
# Password validation # Password validation
@ -123,7 +165,18 @@ LANGUAGES = [
# Static files (CSS, JavaScript, Images) # Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/3.1/howto/static-files/ # https://docs.djangoproject.com/en/4.0/howto/static-files/
STATIC_ROOT = None if DEBUG else CONFIG_FILE.config.get("JOURNEYJOKER", "StaticRoot", fallback=BASE_DIR / "webroot" / "static")
if "S3" in CONFIG_FILE.config:
DEFAULT_FILE_STORAGE = 'storages.backends.s3boto3.S3Boto3Storage'
STATICFILES_STORAGE = 'storages.backends.s3boto3.S3StaticStorage'
AWS_ACCESS_KEY_ID = CONFIG_FILE.config.get("S3", "AccessKey")
AWS_SECRET_ACCESS_KEY = CONFIG_FILE.config.get("S3", "SecretKey")
AWS_STORAGE_BUCKET_NAME = CONFIG_FILE.config.get("S3", "Bucket")
AWS_S3_ENDPOINT_URL = CONFIG_FILE.config.get("S3", "Endpoint")
STATIC_URL = '/static/' STATIC_URL = '/static/'
@ -135,12 +188,40 @@ AUTH_USER_MODEL = "localauth.User"
REGISTER_REDIRECT_URL = "/" REGISTER_REDIRECT_URL = "/"
LOGIN_REDIRECT_URL = "/" LOGIN_REDIRECT_URL = "/"
LOGOUT_REDIRECT_URL = "/"
LOGIN_URL = "localauth:login" LOGIN_URL = "localauth:login"
LOGOUT_URL = "localauth:logout" LOGOUT_URL = "localauth:logout"
DEFAULT_FILE_STORAGE = 'django.core.files.storage.FileSystemStorage' if not ENABLE_S3_STORAGE else 'storages.backends.s3boto3.S3Boto3Storage'
STATICFILES_STORAGE = 'storages.backends.s3boto3.S3StaticStorage' if ENABLE_S3_STORAGE else 'django.contrib.staticfiles.storage.StaticFilesStorage' # Mail server settings
EMAIL_ENABLED = False
if "SMTP" in CONFIG:
EMAIL_ENABLED = True
EMAIL_HOST = CONFIG["SMTP"]["Host"]
EMAIL_PORT = CONFIG.get("SMTP", "Port", fallback=587)
EMAIL_HOST_USER = CONFIG.get("SMTP", "Username")
EMAIL_HOST_PASSWORD = CONFIG.get("SMTP", "Password")
EMAIL_USE_TLS = CONFIG.getboolean("SMTP", "TLS", fallback=True)
EMAIL_USE_SSL = CONFIG.getboolean("SMTP", "SSL", fallback=False)
EMAIL_FROM = CONFIG.get("SMTP", "From", fallback=EMAIL_HOST_USER)
EMAIL_BCC = json.loads(CONFIG.get("SMTP", "BCC", fallback=[]))
# Email addresses of system administrators and managers
ADMINS = [
(v,k) for k,v in CONFIG["ADMINS"].items()
]
MANAGERS = ADMINS + [
(v,k) for k,v in CONFIG["MANAGERS"].items()
]
# Misc settings
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'

View file

@ -1,3 +1,3 @@
#!/bin/bash #!/bin/bash
uwsgi --http 127.0.0.1:8000 --module urlaubsauktion.wsgi --uid 1001 --processes 8 uwsgi --http 127.0.0.1:8092 --module urlaubsauktion.wsgi --uid 1001 --processes 8