Compare commits

..

6 commits

25 changed files with 303 additions and 157 deletions

1
.credentials/SECRET_KEY Normal file
View file

@ -0,0 +1 @@
insecure-secret_key

1
.envrc Normal file
View file

@ -0,0 +1 @@
use nix

1
.gitignore vendored
View file

@ -3,3 +3,4 @@ venv
.*.swp .*.swp
*.pyc *.pyc
*.sqlite3 *.sqlite3
.direnv

1
WikiENS/.gitignore vendored
View file

@ -1 +0,0 @@
settings.py

View file

@ -1 +0,0 @@
secret.py

View file

@ -1,16 +0,0 @@
import os
from .common import * # noqa
from .common import BASE_DIR
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
DEBUG = True
DATABASES = {
"default": {
"ENGINE": "django.db.backends.sqlite3",
"NAME": os.path.join(BASE_DIR, "db.sqlite3"),
}
}

View file

@ -1,11 +0,0 @@
import os
from .common import * # noqa
from .common import BASE_DIR
DEBUG = False
ALLOWED_HOSTS = ["www.eleves.ens.fr", "wiki.eleves.ens.fr"]
STATIC_ROOT = os.path.join(BASE_DIR, "..", "static")
MEDIA_ROOT = os.path.join(BASE_DIR, "..", "media")

View file

@ -1,7 +0,0 @@
SECRET_KEY = "_u5q4-^1qgkqg=i5o5ha*xkd@82#l$e+%m)$v+4y#t-5!g-%g2"
ADMINS = None
EMAIL_HOST = "localhost"
DBNAME = "wiki"
DBUSER = "wiki"
DBPASSWD = "dummy"

View file

@ -1,22 +0,0 @@
from django.conf.urls import include
from django.urls import re_path
from django.contrib import admin
from allauth_ens.views import capture_login, capture_logout
allauth_urls = [
# Catch login/logout views of admin site.
re_path(r'^_admin/login/$', capture_login),
re_path(r'^_admin/logout/$', capture_logout),
# Allauth urls.
re_path(r'^_profil/', include('allauth.urls')),
]
urlpatterns = allauth_urls + [
re_path(r'^_admin/', admin.site.urls),
re_path(r'^notifications/', include('django_nyt.urls')),
re_path(r'^_groups/', include("wiki_groups.urls")),
re_path(r'', include('wiki.urls')),
]
# TODO add MEDIA_ROOT

View file

@ -1,45 +1,55 @@
import os """
Django settings for the wiki_ens project
"""
from django.urls import reverse_lazy from pathlib import Path
from django.contrib.messages import constants as messages from django.contrib.messages import constants as messages
from django.urls import reverse_lazy
from django.utils.translation import gettext_lazy as _
from loadcredential import Credentials
try: credentials = Credentials(env_prefix="WIKIENS_")
from . import secret
except ImportError: # Build paths inside the project like this: BASE_DIR / 'subdir'.
import pathlib BASE_DIR = Path(__file__).resolve().parent.parent
dir_path = pathlib.Path(__file__).parent.resolve().as_posix()
raise ImportError( # WARNING: keep the secret key used in production secret!
"The secret.py file is missing.\n" SECRET_KEY = credentials["SECRET_KEY"]
"For a development environment, simply copy secret_example.py:\n"
f" $ cp {dir_path}/{{secret_example,secret}}.py" # WARNING: don't run with debug turned on in production!
) DEBUG = credentials.get_json("DEBUG", False)
ALLOWED_HOSTS = credentials.get_json("ALLOWED_HOSTS", [])
ADMINS = credentials.get_json("ADMINS", [])
SITE_ID = 1
def import_secret(name): ###
""" # Logging configuration
Shorthand for importing a value from the secret module and raising an
informative exception if a secret is missing. LOGGING = credentials.get_json(
""" "LOGGING",
try: {
return getattr(secret, name) "version": 1,
except AttributeError: "disable_existing_loggers": False,
raise RuntimeError("Secret missing: {}".format(name)) "handlers": {
"console": {
"class": "logging.StreamHandler",
},
},
"root": {
"handlers": ["console"],
"level": credentials.get("LOG_LEVEL", "WARNING"),
},
},
)
SECRET_KEY = import_secret("SECRET_KEY") ###
ADMINS = import_secret("ADMINS") # List the installed applications
MANAGERS = ADMINS
EMAIL_HOST = import_secret("EMAIL_HOST")
DBNAME = import_secret("DBNAME")
DBUSER = import_secret("DBUSER")
DBPASSWD = import_secret("DBPASSWD")
SERVER_EMAIL = "wiki@www.eleves.ens.fr"
BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
INSTALLED_APPS = [ INSTALLED_APPS = [
"django.contrib.admin", "django.contrib.admin",
@ -69,6 +79,10 @@ INSTALLED_APPS = [
"allauth_ens.providers.clipper", "allauth_ens.providers.clipper",
] ]
###
# List the installed middlewares
MIDDLEWARE = [ MIDDLEWARE = [
"django.middleware.security.SecurityMiddleware", "django.middleware.security.SecurityMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware", "django.contrib.sessions.middleware.SessionMiddleware",
@ -77,9 +91,21 @@ MIDDLEWARE = [
"django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware",
"django.contrib.messages.middleware.MessageMiddleware", "django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware",
"allauth.account.middleware.AccountMiddleware",
] ]
ROOT_URLCONF = "WikiENS.urls"
###
# The main url configuration
ROOT_URLCONF = "app.urls"
###
# Template configuration:
# - Django Templating Language is used
# - Application directories can be used
TEMPLATES = [ TEMPLATES = [
{ {
@ -93,66 +119,72 @@ TEMPLATES = [
"django.contrib.auth.context_processors.auth", "django.contrib.auth.context_processors.auth",
"django.contrib.messages.context_processors.messages", "django.contrib.messages.context_processors.messages",
"sekizai.context_processors.sekizai", "sekizai.context_processors.sekizai",
] ],
}, },
} },
] ]
WSGI_APPLICATION = "WikiENS.wsgi.application"
SITE_ID = 1 ###
# Database configuration
# -> https://docs.djangoproject.com/en/4.2/ref/settings/#databases
# Database
# https://docs.djangoproject.com/en/1.11/ref/settings/#databases
DATABASES = {
"default": {
"ENGINE": "django.db.backends.postgresql",
"NAME": DBNAME,
"USER": DBUSER,
"PASSWORD": DBPASSWD,
"HOST": "",
}
}
DEFAULT_AUTO_FIELD = "django.db.models.AutoField" DEFAULT_AUTO_FIELD = "django.db.models.AutoField"
# Password validation DATABASES = credentials.get_json(
# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators "DATABASES",
AUTH_PASSWORD_VALIDATORS = [
{ {
"NAME": ( "default": {
# XXX. Cette chaîne est très longue… Je la coupe en deux sinon "ENGINE": "django.db.backends.sqlite3",
# black ne me fiche pas la paix (mais c'est vraiment nul) "NAME": BASE_DIR / "db.sqlite3",
"django.contrib.auth.password_validation." }
"UserAttributeSimilarityValidator"
)
}, },
{"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator"}, )
{"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"},
{"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator"}, CACHES = credentials.get_json(
] "CACHES",
default={
"default": {
"BACKEND": "django.core.cache.backends.locmem.LocMemCache",
},
},
)
# Internationalization ###
# https://docs.djangoproject.com/en/1.11/topics/i18n/ # WSGI application configuration
WSGI_APPLICATION = "app.wsgi.application"
###
# Staticfiles configuration
STATIC_ROOT = credentials["STATIC_ROOT"]
STATIC_URL = "/static/"
MEDIA_ROOT = credentials.get("MEDIA_ROOT", BASE_DIR / "media")
MEDIA_URL = "/media/"
###
# Internationalization configuration
# -> https://docs.djangoproject.com/en/4.2/topics/i18n/
LANGUAGE_CODE = "fr-fr" LANGUAGE_CODE = "fr-fr"
TIME_ZONE = "Europe/Paris" TIME_ZONE = "Europe/Paris"
USE_I18N = True USE_I18N = True
USE_L10N = True USE_L10N = True
USE_TZ = True USE_TZ = True
LANGUAGES = [
("fr", _("Français")),
]
# Authentication
# https://docs.djangoproject.com/en/1.11/ref/settings/#auth ###
# https://django-allauth.readthedocs.io/en/latest/index.html # Authentication configuration
AUTHENTICATION_BACKENDS = [ AUTHENTICATION_BACKENDS = [
"allauth.account.auth_backends.AuthenticationBackend", "allauth.account.auth_backends.AuthenticationBackend",
@ -179,19 +211,25 @@ ACCOUNT_USER_DISPLAY = _user_display
SOCIALACCOUNT_PROVIDERS = { SOCIALACCOUNT_PROVIDERS = {
"clipper": { "clipper": {
"MESSAGE_SUGGEST_LOGOUT_ON_LOGOUT": True, "APP": {
"MESSAGE_SUGGEST_LOGOUT_ON_LOGOUT_LEVEL": messages.INFO, "MESSAGE_SUGGEST_LOGOUT_ON_LOGOUT": True,
}, "MESSAGE_SUGGEST_LOGOUT_ON_LOGOUT_LEVEL": messages.INFO,
},
}
} }
AUTH_PASSWORD_VALIDATORS = [
{"NAME": f"django.contrib.auth.password_validation.{v}"}
for v in [
"UserAttributeSimilarityValidator",
"MinimumLengthValidator",
"CommonPasswordValidator",
"NumericPasswordValidator",
]
]
# Static / media contents ###
# Wiki configuration
STATIC_URL = "/_static/"
MEDIA_URL = "/_media/"
# WIKI SETTINGS
WIKI_ATTACHMENTS_EXTENSIONS = [ WIKI_ATTACHMENTS_EXTENSIONS = [
"pdf", "pdf",
@ -213,12 +251,6 @@ WIKI_ATTACHMENTS_EXTENSIONS = [
WIKI_REVISIONS_PER_HOUR = 180 WIKI_REVISIONS_PER_HOUR = 180
WIKI_REVISIONS_PER_MINUTES = 180 WIKI_REVISIONS_PER_MINUTES = 180
# Dark magic - tell django to use X-Forwarded-*
# This is needed for django-allauth-cas, see
# https://blog.ubuntu.com/2015/08/18/django-behind-a-proxy-fixing-absolute-urls
USE_X_FORWARDED_HOST = True
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
# Use sign up, login, logout, profile settings views of allauth. # Use sign up, login, logout, profile settings views of allauth.
WIKI_ACCOUNT_HANDLING = False WIKI_ACCOUNT_HANDLING = False
@ -230,3 +262,10 @@ WIKI_ACCOUNT_SIGNUP_ALLOWED = True
# will be treated as the others_write boolean field on models.Article. # will be treated as the others_write boolean field on models.Article.
WIKI_ANONYMOUS_WRITE = False WIKI_ANONYMOUS_WRITE = False
WIKI_ANONYMOUS = False WIKI_ANONYMOUS = False
# FIXME: Add correct email settings
# Development settings
if DEBUG:
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"

20
app/urls.py Normal file
View file

@ -0,0 +1,20 @@
from allauth_ens.views import capture_login, capture_logout
from django.contrib import admin
from django.urls import include, path
allauth_urls = [
# Catch login/logout views of admin site.
path("_admin/login/", capture_login),
path("_admin/logout/", capture_logout),
# Allauth urls.
path("_profil/", include("allauth.urls")),
]
urlpatterns = allauth_urls + [
path("_admin/", admin.site.urls),
path("notifications/", include("django_nyt.urls")),
path("_groups/", include("wiki_groups.urls")),
path("", include("wiki.urls")),
]
# TODO add MEDIA_ROOT

View file

@ -11,6 +11,6 @@ import os
from django.core.wsgi import get_wsgi_application from django.core.wsgi import get_wsgi_application
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "WikiENS.settings") os.environ.setdefault("DJANGO_SETTINGS_MODULE", "app.settings")
application = get_wsgi_application() application = get_wsgi_application()

45
default.nix Normal file
View file

@ -0,0 +1,45 @@
{
sources ? import ./npins,
pkgs ? import sources.nixpkgs { },
}:
let
nix-pkgs = import sources.nix-pkgs { inherit pkgs; };
python3 = pkgs.python3.override {
packageOverrides = _: _: {
inherit (nix-pkgs) django-allauth-ens django-wiki loadcredential;
};
};
in
{
devShell = pkgs.mkShell {
name = "annuaire.dev";
packages = [
(python3.withPackages (ps: [
ps.django
ps.django-allauth-ens
ps.django-wiki
ps.loadcredential
ps.tinycss2
]))
];
env = {
DJANGO_SETTINGS_MODULE = "app.settings";
CREDENTIALS_DIRECTORY = builtins.toString ./.credentials;
WIKIENS_DEBUG = builtins.toJSON true;
WIKIENS_STATIC_ROOT = builtins.toString ./.static;
};
shellHook = ''
if [ ! -d .static ]; then
mkdir .static
fi
'';
};
}

View file

@ -3,7 +3,7 @@ import os
import sys import sys
if __name__ == "__main__": if __name__ == "__main__":
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "WikiENS.settings.local") os.environ.setdefault("DJANGO_SETTINGS_MODULE", "app.settings")
try: try:
from django.core.management import execute_from_command_line from django.core.management import execute_from_command_line
except ImportError: except ImportError:

80
npins/default.nix Normal file
View file

@ -0,0 +1,80 @@
# Generated by npins. Do not modify; will be overwritten regularly
let
data = builtins.fromJSON (builtins.readFile ./sources.json);
version = data.version;
mkSource =
spec:
assert spec ? type;
let
path =
if spec.type == "Git" then
mkGitSource spec
else if spec.type == "GitRelease" then
mkGitSource spec
else if spec.type == "PyPi" then
mkPyPiSource spec
else if spec.type == "Channel" then
mkChannelSource spec
else
builtins.throw "Unknown source type ${spec.type}";
in
spec // { outPath = path; };
mkGitSource =
{
repository,
revision,
url ? null,
hash,
branch ? null,
...
}:
assert repository ? type;
# At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository
# In the latter case, there we will always be an url to the tarball
if url != null then
(builtins.fetchTarball {
inherit url;
sha256 = hash; # FIXME: check nix version & use SRI hashes
})
else
assert repository.type == "Git";
let
urlToName =
url: rev:
let
matched = builtins.match "^.*/([^/]*)(\\.git)?$" repository.url;
short = builtins.substring 0 7 rev;
appendShort = if (builtins.match "[a-f0-9]*" rev) != null then "-${short}" else "";
in
"${if matched == null then "source" else builtins.head matched}${appendShort}";
name = urlToName repository.url revision;
in
builtins.fetchGit {
url = repository.url;
rev = revision;
inherit name;
# hash = hash;
};
mkPyPiSource =
{ url, hash, ... }:
builtins.fetchurl {
inherit url;
sha256 = hash;
};
mkChannelSource =
{ url, hash, ... }:
builtins.fetchTarball {
inherit url;
sha256 = hash;
};
in
if version == 3 then
builtins.mapAttrs (_: mkSource) data.pins
else
throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`"

22
npins/sources.json Normal file
View file

@ -0,0 +1,22 @@
{
"pins": {
"nix-pkgs": {
"type": "Git",
"repository": {
"type": "Git",
"url": "https://git.hubrecht.ovh/hubrecht/nix-pkgs"
},
"branch": "main",
"revision": "6f56463c0034d4162dabb98ee8e70d6c43214ac0",
"url": null,
"hash": "0dqm2n88f0yl63wacizwpjrcv51arz5z31nhwbjcbyjxrwiwxamq"
},
"nixpkgs": {
"type": "Channel",
"name": "nixpkgs-unstable",
"url": "https://releases.nixos.org/nixpkgs/nixpkgs-24.11pre694416.ccc0c2126893/nixexprs.tar.xz",
"hash": "0cn1z4wzps8nfqxzr6l5mbn81adcqy2cy2ic70z13fhzicmxfsbx"
}
},
"version": 3
}

View file

@ -1,3 +0,0 @@
Django==3.2.*
git+https://git.eleves.ens.fr/klub-dev-ens/django-allauth-ens.git@1.1.3
wiki==0.7.*

View file

@ -1,3 +0,0 @@
-r requirements.txt
psycopg2
gunicorn

1
shell.nix Normal file
View file

@ -0,0 +1 @@
(import ./. { }).devShell