262 lines
8.2 KiB
Python
262 lines
8.2 KiB
Python
import os
|
|
|
|
|
|
def env(name, default=None):
|
|
return os.getenv("SPEJSTORE_" + name, default)
|
|
|
|
|
|
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
|
|
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
|
STATIC_ROOT = os.path.join(BASE_DIR, "build_static")
|
|
PROD = os.getenv("SPEJSTORE_ENV") == "prod"
|
|
|
|
# Quick-start development settings - unsuitable for production
|
|
# See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
|
|
|
|
# SECURITY WARNING: keep the secret key used in production secret!
|
|
SECRET_KEY = env("SECRET_KEY", "#hjthi7_udsyt*9eeyb&nwgw5x=%pk_lnz3+u2tg9@=w3p1m*k")
|
|
|
|
# SECURITY WARNING: don't run with debug turned on in production!
|
|
DEBUG = not PROD
|
|
|
|
ALLOWED_HOSTS = env(
|
|
"ALLOWED_HOSTS",
|
|
"devinventory,inventory.waw.hackerspace.pl,inventory.hackerspace.pl,i,inventory"
|
|
+ (",127.0.0.1,locahost,*" if not PROD else ""),
|
|
).split(",")
|
|
LOGIN_REDIRECT_URL = "/admin/"
|
|
|
|
CSRF_TRUSTED_ORIGINS = env("HOST", "https://inventory.hackerspace.pl").split(",")
|
|
|
|
|
|
# Application definition
|
|
|
|
INSTALLED_APPS = [
|
|
"django.contrib.admin",
|
|
"django.contrib.auth",
|
|
"django.contrib.contenttypes",
|
|
"django.contrib.sessions",
|
|
"django.contrib.messages",
|
|
"django.contrib.staticfiles",
|
|
"django.contrib.postgres",
|
|
"storages", # django-storages s3boto support
|
|
"social_django",
|
|
"tree",
|
|
"django_select2",
|
|
"rest_framework",
|
|
"rest_framework.authtoken",
|
|
"django_markdown2",
|
|
"storage",
|
|
"django_admin_hstore_widget",
|
|
]
|
|
|
|
MIDDLEWARE = [
|
|
"django.middleware.security.SecurityMiddleware",
|
|
"whitenoise.middleware.WhiteNoiseMiddleware",
|
|
"django.middleware.cache.UpdateCacheMiddleware",
|
|
"django.middleware.gzip.GZipMiddleware",
|
|
"django.contrib.sessions.middleware.SessionMiddleware",
|
|
"django.middleware.common.CommonMiddleware",
|
|
"django.middleware.csrf.CsrfViewMiddleware",
|
|
"django.contrib.auth.middleware.AuthenticationMiddleware",
|
|
"storage.middleware.is_authorized_or_in_lan_middleware",
|
|
"django.middleware.clickjacking.XFrameOptionsMiddleware",
|
|
"django.contrib.messages.middleware.MessageMiddleware",
|
|
"social_django.middleware.SocialAuthExceptionMiddleware",
|
|
"django.middleware.cache.FetchFromCacheMiddleware",
|
|
]
|
|
|
|
ROOT_URLCONF = "spejstore.urls"
|
|
|
|
TEMPLATES = [
|
|
{
|
|
"BACKEND": "django.template.backends.django.DjangoTemplates",
|
|
"DIRS": ["templates/"],
|
|
"APP_DIRS": True,
|
|
"OPTIONS": {
|
|
"context_processors": [
|
|
"django.template.context_processors.debug",
|
|
"django.template.context_processors.request",
|
|
"django.contrib.auth.context_processors.auth",
|
|
"django.contrib.messages.context_processors.messages",
|
|
"social_django.context_processors.backends",
|
|
"social_django.context_processors.login_redirect",
|
|
],
|
|
},
|
|
},
|
|
]
|
|
|
|
WSGI_APPLICATION = "spejstore.wsgi.application"
|
|
|
|
# Logging
|
|
|
|
LOGGING = {
|
|
"version": 1,
|
|
"disable_existing_loggers": False,
|
|
"handlers": {
|
|
"console": {
|
|
"class": "logging.StreamHandler",
|
|
},
|
|
},
|
|
"root": {
|
|
"handlers": ["console"],
|
|
"level": "INFO",
|
|
},
|
|
}
|
|
|
|
# Database
|
|
# https://docs.djangoproject.com/en/1.10/ref/settings/#databases
|
|
|
|
DATABASES = {
|
|
"default": {
|
|
"ENGINE": env("DB_ENGINE", "django.db.backends.postgresql_psycopg2"),
|
|
"NAME": env("DB_NAME", "postgres"),
|
|
"USER": env("DB_USER", "postgres"),
|
|
"PASSWORD": env("DB_PASSWORD", None),
|
|
"HOST": env("DB_HOST", "127.0.0.1"),
|
|
"PORT": env("DB_PORT", 5432),
|
|
}
|
|
}
|
|
|
|
|
|
# Password validation
|
|
# https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators
|
|
|
|
AUTH_PASSWORD_VALIDATORS = [
|
|
{
|
|
"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
|
|
},
|
|
{
|
|
"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
|
|
},
|
|
{
|
|
"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
|
|
},
|
|
{
|
|
"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
|
|
},
|
|
]
|
|
|
|
|
|
AUTHENTICATION_BACKENDS = (
|
|
"auth.backend.HSWawOAuth2",
|
|
"django.contrib.auth.backends.ModelBackend",
|
|
)
|
|
|
|
SOCIAL_AUTH_PIPELINE = (
|
|
"social_core.pipeline.social_auth.social_details",
|
|
"social_core.pipeline.social_auth.social_uid",
|
|
"social_core.pipeline.social_auth.social_user",
|
|
"social_core.pipeline.user.get_username",
|
|
"social_core.pipeline.social_auth.associate_by_email",
|
|
"auth.pipeline.associate_by_personal_email",
|
|
"social_core.pipeline.user.create_user",
|
|
"social_core.pipeline.social_auth.associate_user",
|
|
"social_core.pipeline.social_auth.load_extra_data",
|
|
"social_core.pipeline.user.user_details",
|
|
"auth.pipeline.staff_me_up",
|
|
)
|
|
|
|
# Determines the storage type for Django static files and media.
|
|
FILE_STORAGE_TYPE = env("FILE_STORAGE_TYPE", "filesystem")
|
|
|
|
# Make sure we check for correct file storage type
|
|
if not (FILE_STORAGE_TYPE == "filesystem" or FILE_STORAGE_TYPE == "s3"):
|
|
raise Exception("SPEJSTORE_FILE_STORAGE_TYPE must be 'filesystem' or 's3' ")
|
|
|
|
if FILE_STORAGE_TYPE == "filesystem":
|
|
STORAGES = {
|
|
"default": {
|
|
"BACKEND": "django.core.files.storage.FileSystemStorage",
|
|
},
|
|
"staticfiles": {
|
|
"BACKEND": "whitenoise.storage.CompressedManifestStaticFilesStorage",
|
|
},
|
|
}
|
|
elif FILE_STORAGE_TYPE == "s3":
|
|
S3_BUCKET_NAME = env("S3_BUCKET_NAME", "inventory")
|
|
S3_ENDPOINT_URL = env("S3_ENDPOINT_URL", "https://object.ceph-eu.hswaw.net")
|
|
S3_DOMAIN_NAME = env("S3_DOMAIN_NAME", "object.ceph-eu.hswaw.net")
|
|
S3_ACCESS_KEY = env("S3_ACCESS_KEY", "")
|
|
S3_SECRET_KEY = env("S3_SECRET_KEY", "=")
|
|
S3_STATIC_LOCATION = "static"
|
|
S3_MEDIA_LOCATION = "media"
|
|
STORAGES = {
|
|
"default": {
|
|
"BACKEND": "storages.backends.s3.S3Storage",
|
|
"OPTIONS": {
|
|
"access_key": S3_ACCESS_KEY,
|
|
"secret_key": S3_SECRET_KEY,
|
|
"endpoint_url": S3_ENDPOINT_URL,
|
|
"bucket_name": S3_BUCKET_NAME,
|
|
"default_acl": "public-read",
|
|
"location": S3_MEDIA_LOCATION,
|
|
"custom_domain": f"{S3_DOMAIN_NAME}/{S3_BUCKET_NAME}",
|
|
"file_overwrite": False,
|
|
},
|
|
},
|
|
"staticfiles": {
|
|
"BACKEND": "storages.backends.s3.S3Storage",
|
|
"OPTIONS": {
|
|
"access_key": S3_ACCESS_KEY,
|
|
"secret_key": S3_SECRET_KEY,
|
|
"endpoint_url": S3_ENDPOINT_URL,
|
|
"bucket_name": S3_BUCKET_NAME,
|
|
"default_acl": "public-read",
|
|
"location": S3_STATIC_LOCATION,
|
|
"custom_domain": f"{S3_DOMAIN_NAME}/{S3_BUCKET_NAME}",
|
|
},
|
|
},
|
|
}
|
|
|
|
# Internationalization
|
|
# https://docs.djangoproject.com/en/1.10/topics/i18n/
|
|
|
|
LANGUAGE_CODE = "en-us"
|
|
TIME_ZONE = "UTC"
|
|
USE_I18N = True
|
|
USE_L10N = True
|
|
USE_TZ = True
|
|
|
|
# Static files (CSS, JavaScript, Images)
|
|
# https://docs.djangoproject.com/en/1.10/howto/static-files/
|
|
|
|
STATIC_URL = "/static/"
|
|
STATICFILES_DIRS = [os.path.join(BASE_DIR, "static")]
|
|
|
|
MEDIA_URL = "/media/"
|
|
MEDIA_ROOT = env("MEDIA_ROOT", os.path.join(BASE_DIR, "media"))
|
|
|
|
REQUIRE_AUTH = env("REQUIRE_AUTH", "true")
|
|
if REQUIRE_AUTH == "true":
|
|
REQUIRE_AUTH = True
|
|
elif REQUIRE_AUTH == "false":
|
|
REQUIRE_AUTH = False
|
|
|
|
# REST Framework
|
|
REST_FRAMEWORK = {
|
|
# Use Django's standard `django.contrib.auth` permissions,
|
|
# or allow read-only access for unauthenticated users.
|
|
"DEFAULT_PERMISSION_CLASSES": [
|
|
"rest_framework.permissions.IsAuthenticatedOrReadOnly"
|
|
if REQUIRE_AUTH
|
|
else "rest_framework.permissions.IsAuthenticated",
|
|
],
|
|
"DEFAULT_AUTHENTICATION_CLASSES": [
|
|
"storage.authentication.LanAuthentication",
|
|
"rest_framework.authentication.BasicAuthentication",
|
|
"rest_framework.authentication.TokenAuthentication",
|
|
],
|
|
}
|
|
|
|
SOCIAL_AUTH_HSWAW_KEY = env("CLIENT_ID")
|
|
SOCIAL_AUTH_HSWAW_SECRET = env("SECRET")
|
|
SOCIAL_AUTH_REDIRECT_IS_HTTPS = env("OAUTH_REDIRECT_IS_HTTPS", "true") == "true"
|
|
|
|
SOCIAL_AUTH_JSONFIELD_ENABLED = True
|
|
|
|
LABEL_API = env("LABEL_API", "http://label.waw.hackerspace.pl:4567")
|
|
LOGIN_URL = "/admin/login/"
|
|
# Local LAN address space
|
|
LAN_ALLOWED_ADDRESS_SPACE = env("LAN_ALLOWED_ADDRESS_SPACE", "")
|