Migrate to AutoSecretKey, other fixes
This commit is contained in:
parent
38fd830eab
commit
69c13e099a
9 changed files with 179 additions and 84 deletions
39
config.dist.ini
Normal file
39
config.dist.ini
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
[JOURNEYJOKER]
|
||||||
|
# SECURITY WARNING: don't run with debug turned on in production!
|
||||||
|
Debug = 0
|
||||||
|
Host = journeyjoker.lan
|
||||||
|
Countries = ["AT"]
|
||||||
|
|
||||||
|
CurrencySymbol = "€"
|
||||||
|
CurrencyCode = "EUR"
|
||||||
|
CurrencyName = "Euro"
|
||||||
|
|
||||||
|
[SMTP]
|
||||||
|
Host = "mail.server"
|
||||||
|
# Port = 25
|
||||||
|
Username = "mail_username"
|
||||||
|
Password = "mail_password"
|
||||||
|
StartTLS = 0
|
||||||
|
SSL = 1
|
||||||
|
|
||||||
|
From = "noreply@journeyjoker.lan"
|
||||||
|
BCC = []
|
||||||
|
|
||||||
|
[ADMINS]
|
||||||
|
admin@example.com = Demo Admin
|
||||||
|
|
||||||
|
[MANAGERS]
|
||||||
|
manager@example.com = Demo Manager
|
||||||
|
|
||||||
|
# [MySQL]
|
||||||
|
# Database = journeyjoker
|
||||||
|
# Username = journeyjoker
|
||||||
|
# Password = secret123!
|
||||||
|
# Host = localhost
|
||||||
|
# Port = 3306
|
||||||
|
|
||||||
|
# [S3]
|
||||||
|
# AccessKey = journeyjoker
|
||||||
|
# SecretKey = !!!verysecret!!!
|
||||||
|
# Bucket = journeyjoker
|
||||||
|
# Endpoint = https://minio.journeyjoker.lan
|
34
config.ini
Normal file
34
config.ini
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
[JOURNEYJOKER]
|
||||||
|
debug = 1
|
||||||
|
host = journeyjoker.dev.kumi
|
||||||
|
countries = ["AT"]
|
||||||
|
currencysymbol = "€"
|
||||||
|
currencycode = "EUR"
|
||||||
|
currencyname = "Euro"
|
||||||
|
|
||||||
|
[SMTP]
|
||||||
|
host = "email.kumi"
|
||||||
|
port = 25
|
||||||
|
username = "noreply@journeyjoker.dev.kumi"
|
||||||
|
password = "aiv4jeiHoa4saeH2aephaeDe2ev0urieGhahquoahihaeGh7AeSh9rohz3eethie"
|
||||||
|
starttls = 1
|
||||||
|
ssl = 0
|
||||||
|
from = "noreply@journeyjoker.dev.kumi"
|
||||||
|
bcc = []
|
||||||
|
|
||||||
|
[ADMINS]
|
||||||
|
admin@example.com = Demo Admin
|
||||||
|
|
||||||
|
[MANAGERS]
|
||||||
|
manager@example.com = Demo Manager
|
||||||
|
|
||||||
|
[MySQL]
|
||||||
|
database = journeyjoker_dev
|
||||||
|
username = journeyjoker_dev
|
||||||
|
password = gee7aec5zaix8RieXahshie5Soongeibee6uthashook0ipae8oobuiTuwingeek
|
||||||
|
host = duck.mariadb.kumi
|
||||||
|
port = 3306
|
||||||
|
|
||||||
|
[AutoSecretKey]
|
||||||
|
secretkey = 0jw5q5jh8@x))dmeq_yi9t^xqx0&60sty0^i8w8ri%bf3-^21h
|
||||||
|
|
|
@ -3,7 +3,7 @@ from django.shortcuts import redirect
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.contrib.auth import REDIRECT_FIELD_NAME
|
from django.contrib.auth import REDIRECT_FIELD_NAME
|
||||||
from django.contrib.auth.decorators import login_required
|
from django.contrib.auth.decorators import login_required
|
||||||
from django.contrib.auth.views import redirect_to_login, SuccessURLAllowedHostsMixin
|
from django.contrib.auth.views import redirect_to_login, RedirectURLMixin as SuccessURLAllowedHostsMixin
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.contrib.auth.mixins import UserPassesTestMixin
|
from django.contrib.auth.mixins import UserPassesTestMixin
|
||||||
from django.urls import reverse_lazy
|
from django.urls import reverse_lazy
|
||||||
|
|
|
@ -1,60 +0,0 @@
|
||||||
# SECURITY WARNING: keep the secret key used in production secret!
|
|
||||||
SECRET_KEY = 'longsecretstring!'
|
|
||||||
|
|
||||||
# SECURITY WARNING: don't run with debug turned on in production!
|
|
||||||
DEBUG = True
|
|
||||||
|
|
||||||
ALLOWED_HOSTS = ["*"]
|
|
||||||
|
|
||||||
# MySQL/MariaDB server settings
|
|
||||||
|
|
||||||
DB_HOST = "sql.server"
|
|
||||||
DB_PORT = 3306
|
|
||||||
DB_NAME = "sql_database"
|
|
||||||
DB_USER = "sql_username"
|
|
||||||
DB_PASS = "sql_password"
|
|
||||||
|
|
||||||
# Mail server settings
|
|
||||||
|
|
||||||
EMAIL_HOST = "mail.server"
|
|
||||||
EMAIL_PORT = None
|
|
||||||
EMAIL_HOST_USER = "mail_username"
|
|
||||||
EMAIL_HOST_PASSWORD = "mail_password"
|
|
||||||
EMAIL_USE_TLS = False
|
|
||||||
EMAIL_USE_SSL = True
|
|
||||||
|
|
||||||
# Email address to send outgoing mail from by default
|
|
||||||
|
|
||||||
DEFAULT_FROM_EMAIL = "noreply@example.com"
|
|
||||||
|
|
||||||
# Email addresses of system administrators and managers
|
|
||||||
|
|
||||||
ADMINS = [
|
|
||||||
('Demo Admin', 'admin@example.com'),
|
|
||||||
]
|
|
||||||
|
|
||||||
MANAGERS = ADMINS + [
|
|
||||||
('Demo Manager', 'manager@example.com'),
|
|
||||||
]
|
|
||||||
|
|
||||||
# Default addresses to BCC messages to
|
|
||||||
|
|
||||||
DEFAULT_BCC_EMAILS = []
|
|
||||||
|
|
||||||
# S3 Bucket Configuration (add options as documented at https://django-storages.readthedocs.io/en/latest/backends/amazon-S3.html)
|
|
||||||
|
|
||||||
ENABLE_S3_STORAGE = False
|
|
||||||
|
|
||||||
AWS_ACCESS_KEY_ID = "AWS Key ID"
|
|
||||||
AWS_SECRET_ACCESS_KEY = "AWS Secret Key"
|
|
||||||
AWS_STORAGE_BUCKET_NAME = "AWS Bucket"
|
|
||||||
|
|
||||||
# Countries the app can be used in (currently no more than 5 due to Google Maps restrictions)
|
|
||||||
|
|
||||||
JOKER_COUNTRIES = ["AT"]
|
|
||||||
|
|
||||||
# Currency to use
|
|
||||||
|
|
||||||
CURRENCY_SYMBOL = "€"
|
|
||||||
CURRENCY_CODE = "EUR"
|
|
||||||
CURRENCY_NAME = "Euro"
|
|
|
@ -2,7 +2,7 @@ from dbsettings.functions import getValue
|
||||||
|
|
||||||
from random import SystemRandom
|
from random import SystemRandom
|
||||||
|
|
||||||
import fast_luhn
|
import baluhn
|
||||||
|
|
||||||
def generate_voucher_code(prefix=getValue("payment.voucher.prefix", "9011"), length=getValue("payment.voucher.length", 16)):
|
def generate_voucher_code(prefix=getValue("payment.voucher.prefix", "9011"), length=getValue("payment.voucher.length", 16)):
|
||||||
if length <= len(str(prefix)):
|
if length <= len(str(prefix)):
|
||||||
|
@ -15,4 +15,4 @@ def generate_voucher_code(prefix=getValue("payment.voucher.prefix", "9011"), len
|
||||||
for i in range(length_randpart):
|
for i in range(length_randpart):
|
||||||
base_code += str(SystemRandom().randint(0, 9))
|
base_code += str(SystemRandom().randint(0, 9))
|
||||||
|
|
||||||
return fast_luhn.complete(base_code)
|
return baluhn.generate(base_code)
|
|
@ -17,7 +17,7 @@ googlemaps
|
||||||
Babel
|
Babel
|
||||||
staticmap
|
staticmap
|
||||||
django-mathfilters
|
django-mathfilters
|
||||||
fast-luhn
|
baluhn
|
||||||
kumisms
|
kumisms
|
||||||
django-filtersignals
|
django-filtersignals
|
||||||
python-magic
|
python-magic
|
||||||
|
@ -25,3 +25,4 @@ bs4
|
||||||
django-starfield
|
django-starfield
|
||||||
pdfkit
|
pdfkit
|
||||||
git+https://github.com/chrisherold/django-weekday-field.git
|
git+https://github.com/chrisherold/django-weekday-field.git
|
||||||
|
django-autosecretkey
|
|
@ -1,18 +1,18 @@
|
||||||
from django.contrib.admin import AdminSite
|
from django.contrib.admin import AdminSite
|
||||||
from django.utils.translation import ugettext_lazy
|
from django.utils.translation import gettext_lazy
|
||||||
from django.contrib.auth import get_user_model
|
from django.contrib.auth import get_user_model
|
||||||
|
|
||||||
from dbsettings.models import Setting
|
from dbsettings.models import Setting
|
||||||
|
|
||||||
class JokerAdmin(AdminSite):
|
class JokerAdmin(AdminSite):
|
||||||
# Text to put at the end of each page's <title>.
|
# Text to put at the end of each page's <title>.
|
||||||
site_title = ugettext_lazy('JourneyJoker Administration')
|
site_title = gettext_lazy('JourneyJoker Administration')
|
||||||
|
|
||||||
# Text to put in each page's <h1> (and above login form).
|
# Text to put in each page's <h1> (and above login form).
|
||||||
site_header = ugettext_lazy('JourneyJoker Administration')
|
site_header = gettext_lazy('JourneyJoker Administration')
|
||||||
|
|
||||||
# Text to put at the top of the admin index page.
|
# Text to put at the top of the admin index page.
|
||||||
index_title = ugettext_lazy('JourneyJoker Administration')
|
index_title = gettext_lazy('JourneyJoker Administration')
|
||||||
|
|
||||||
joker_admin = JokerAdmin()
|
joker_admin = JokerAdmin()
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,38 @@
|
||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
|
|
||||||
from localsettings import *
|
import json
|
||||||
|
|
||||||
|
from autosecretkey import AutoSecretKey
|
||||||
|
|
||||||
# Build paths inside the project like this: BASE_DIR / 'subdir'.
|
# Build paths inside the project like this: BASE_DIR / 'subdir'.
|
||||||
BASE_DIR = Path(__file__).resolve().parent.parent
|
BASE_DIR = Path(__file__).resolve().parent.parent
|
||||||
|
CONFIG_FILE = AutoSecretKey(BASE_DIR / "config.ini", template=BASE_DIR / "config.dist.ini")
|
||||||
|
SECRET_KEY = CONFIG_FILE.secret_key
|
||||||
|
CONFIG = CONFIG_FILE.config
|
||||||
|
|
||||||
|
DEBUG = CONFIG["JOURNEYJOKER"]["Debug"]
|
||||||
|
|
||||||
|
# Domain configuration
|
||||||
|
|
||||||
|
ALLOWED_HOSTS = [host := CONFIG["JOURNEYJOKER"]["Host"]]
|
||||||
|
|
||||||
|
if host.startswith("www."):
|
||||||
|
ALLOWED_HOSTS.append(host[4:])
|
||||||
|
else:
|
||||||
|
ALLOWED_HOSTS.append(f"www.{host}")
|
||||||
|
|
||||||
|
CSRF_TRUSTED_ORIGINS = [f"https://{host}" for host in ALLOWED_HOSTS]
|
||||||
|
|
||||||
|
# Countries the app can be used in (currently no more than 5 due to Google Maps restrictions)
|
||||||
|
|
||||||
|
JOKER_COUNTRIES = json.loads(CONFIG["JOURNEYJOKER"]["Countries"])
|
||||||
|
|
||||||
|
# Currency to use
|
||||||
|
|
||||||
|
CURRENCY_SYMBOL = CONFIG["JOURNEYJOKER"]["CurrencySymbol"]
|
||||||
|
CURRENCY_CODE = CONFIG["JOURNEYJOKER"]["CurrencyCode"]
|
||||||
|
CURRENCY_NAME = CONFIG["JOURNEYJOKER"]["CurrencyName"]
|
||||||
|
|
||||||
|
|
||||||
# Application definition
|
# Application definition
|
||||||
|
|
||||||
|
@ -66,18 +95,31 @@ WSGI_APPLICATION = 'urlaubsauktion.wsgi.application'
|
||||||
|
|
||||||
|
|
||||||
# Database
|
# Database
|
||||||
# https://docs.djangoproject.com/en/3.1/ref/settings/#databases
|
# https://docs.djangoproject.com/en/4.0/ref/settings/#databases
|
||||||
|
|
||||||
DATABASES = {
|
if "MySQL" in CONFIG_FILE.config:
|
||||||
|
DATABASES = {
|
||||||
'default': {
|
'default': {
|
||||||
'ENGINE': 'django.contrib.gis.db.backends.mysql',
|
'ENGINE': 'django.contrib.gis.db.backends.mysql',
|
||||||
'NAME': DB_NAME,
|
'NAME': CONFIG_FILE.config.get("MySQL", "Database"),
|
||||||
'USER': DB_USER,
|
'USER': CONFIG_FILE.config.get("MySQL", "Username"),
|
||||||
'PASSWORD': DB_PASS,
|
'PASSWORD': CONFIG_FILE.config.get("MySQL", "Password"),
|
||||||
'HOST': DB_HOST,
|
'HOST': CONFIG_FILE.config.get("MySQL", "Host", fallback="localhost"),
|
||||||
'PORT': DB_PORT,
|
'PORT': CONFIG_FILE.config.getint("MySQL", "Port", fallback=3306),
|
||||||
|
'OPTIONS': {
|
||||||
|
'charset': 'utf8mb4',
|
||||||
|
'sql_mode': 'traditional',
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
else:
|
||||||
|
DATABASES = {
|
||||||
|
'default': {
|
||||||
|
'ENGINE': 'django.contrib.gis.db.backends.spatialite',
|
||||||
|
'NAME': BASE_DIR / 'db.sqlite3',
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
# Password validation
|
# Password validation
|
||||||
|
@ -123,7 +165,18 @@ LANGUAGES = [
|
||||||
|
|
||||||
|
|
||||||
# Static files (CSS, JavaScript, Images)
|
# Static files (CSS, JavaScript, Images)
|
||||||
# https://docs.djangoproject.com/en/3.1/howto/static-files/
|
# https://docs.djangoproject.com/en/4.0/howto/static-files/
|
||||||
|
|
||||||
|
|
||||||
|
STATIC_ROOT = None if DEBUG else CONFIG_FILE.config.get("JOURNEYJOKER", "StaticRoot", fallback=BASE_DIR / "webroot" / "static")
|
||||||
|
|
||||||
|
if "S3" in CONFIG_FILE.config:
|
||||||
|
DEFAULT_FILE_STORAGE = 'storages.backends.s3boto3.S3Boto3Storage'
|
||||||
|
STATICFILES_STORAGE = 'storages.backends.s3boto3.S3StaticStorage'
|
||||||
|
AWS_ACCESS_KEY_ID = CONFIG_FILE.config.get("S3", "AccessKey")
|
||||||
|
AWS_SECRET_ACCESS_KEY = CONFIG_FILE.config.get("S3", "SecretKey")
|
||||||
|
AWS_STORAGE_BUCKET_NAME = CONFIG_FILE.config.get("S3", "Bucket")
|
||||||
|
AWS_S3_ENDPOINT_URL = CONFIG_FILE.config.get("S3", "Endpoint")
|
||||||
|
|
||||||
STATIC_URL = '/static/'
|
STATIC_URL = '/static/'
|
||||||
|
|
||||||
|
@ -135,12 +188,40 @@ AUTH_USER_MODEL = "localauth.User"
|
||||||
|
|
||||||
REGISTER_REDIRECT_URL = "/"
|
REGISTER_REDIRECT_URL = "/"
|
||||||
LOGIN_REDIRECT_URL = "/"
|
LOGIN_REDIRECT_URL = "/"
|
||||||
|
LOGOUT_REDIRECT_URL = "/"
|
||||||
|
|
||||||
LOGIN_URL = "localauth:login"
|
LOGIN_URL = "localauth:login"
|
||||||
LOGOUT_URL = "localauth:logout"
|
LOGOUT_URL = "localauth:logout"
|
||||||
|
|
||||||
DEFAULT_FILE_STORAGE = 'django.core.files.storage.FileSystemStorage' if not ENABLE_S3_STORAGE else 'storages.backends.s3boto3.S3Boto3Storage'
|
|
||||||
STATICFILES_STORAGE = 'storages.backends.s3boto3.S3StaticStorage' if ENABLE_S3_STORAGE else 'django.contrib.staticfiles.storage.StaticFilesStorage'
|
# Mail server settings
|
||||||
|
|
||||||
|
EMAIL_ENABLED = False
|
||||||
|
|
||||||
|
if "SMTP" in CONFIG:
|
||||||
|
EMAIL_ENABLED = True
|
||||||
|
EMAIL_HOST = CONFIG["SMTP"]["Host"]
|
||||||
|
EMAIL_PORT = CONFIG.get("SMTP", "Port", fallback=587)
|
||||||
|
EMAIL_HOST_USER = CONFIG.get("SMTP", "Username")
|
||||||
|
EMAIL_HOST_PASSWORD = CONFIG.get("SMTP", "Password")
|
||||||
|
EMAIL_USE_TLS = CONFIG.getboolean("SMTP", "TLS", fallback=True)
|
||||||
|
EMAIL_USE_SSL = CONFIG.getboolean("SMTP", "SSL", fallback=False)
|
||||||
|
|
||||||
|
EMAIL_FROM = CONFIG.get("SMTP", "From", fallback=EMAIL_HOST_USER)
|
||||||
|
EMAIL_BCC = json.loads(CONFIG.get("SMTP", "BCC", fallback=[]))
|
||||||
|
|
||||||
|
# Email addresses of system administrators and managers
|
||||||
|
|
||||||
|
ADMINS = [
|
||||||
|
(v,k) for k,v in CONFIG["ADMINS"].items()
|
||||||
|
]
|
||||||
|
|
||||||
|
MANAGERS = ADMINS + [
|
||||||
|
(v,k) for k,v in CONFIG["MANAGERS"].items()
|
||||||
|
]
|
||||||
|
|
||||||
|
|
||||||
|
# Misc settings
|
||||||
|
|
||||||
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
|
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
|
||||||
|
|
||||||
|
|
2
uwsgi.sh
2
uwsgi.sh
|
@ -1,3 +1,3 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
uwsgi --http 127.0.0.1:8000 --module urlaubsauktion.wsgi --uid 1001 --processes 8
|
uwsgi --http 127.0.0.1:8092 --module urlaubsauktion.wsgi --uid 1001 --processes 8
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue