Compare commits

..

1 commit

Author SHA1 Message Date
Basile Clement
a26a77b508 Future-proof for django 4.0
Minor changes to make the code compatible with django 4.0

Note that we can't actually upgrade to django 4.0 because that requires
python 3.8, and www.eleves only has python 3.7, so we need to upgrade
www.eleves first.
2022-12-05 14:37:55 +01:00
25 changed files with 165 additions and 311 deletions

View file

@ -1 +0,0 @@
insecure-secret_key

1
.envrc
View file

@ -1 +0,0 @@
use nix

1
.gitignore vendored
View file

@ -3,4 +3,3 @@ venv
.*.swp
*.pyc
*.sqlite3
.direnv

1
WikiENS/.gitignore vendored Normal file
View file

@ -0,0 +1 @@
settings.py

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

1
WikiENS/settings/.gitignore vendored Normal file
View file

@ -0,0 +1 @@
secret.py

View file

@ -1,55 +1,45 @@
"""
Django settings for the wiki_ens project
"""
import os
from pathlib import Path
from django.urls import reverse_lazy
from django.contrib.messages import constants as messages
from django.urls import reverse_lazy
from django.utils.translation import gettext_lazy as _
from loadcredential import Credentials
credentials = Credentials(env_prefix="WIKIENS_")
# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent
# WARNING: keep the secret key used in production secret!
SECRET_KEY = credentials["SECRET_KEY"]
# WARNING: don't run with debug turned on in production!
DEBUG = credentials.get_json("DEBUG", False)
ALLOWED_HOSTS = credentials.get_json("ALLOWED_HOSTS", [])
ADMINS = credentials.get_json("ADMINS", [])
SITE_ID = 1
try:
from . import secret
except ImportError:
import pathlib
dir_path = pathlib.Path(__file__).parent.resolve().as_posix()
raise ImportError(
"The secret.py file is missing.\n"
"For a development environment, simply copy secret_example.py:\n"
f" $ cp {dir_path}/{{secret_example,secret}}.py"
)
###
# Logging configuration
LOGGING = credentials.get_json(
"LOGGING",
{
"version": 1,
"disable_existing_loggers": False,
"handlers": {
"console": {
"class": "logging.StreamHandler",
},
},
"root": {
"handlers": ["console"],
"level": credentials.get("LOG_LEVEL", "WARNING"),
},
},
)
def import_secret(name):
"""
Shorthand for importing a value from the secret module and raising an
informative exception if a secret is missing.
"""
try:
return getattr(secret, name)
except AttributeError:
raise RuntimeError("Secret missing: {}".format(name))
###
# List the installed applications
SECRET_KEY = import_secret("SECRET_KEY")
ADMINS = import_secret("ADMINS")
MANAGERS = ADMINS
EMAIL_HOST = import_secret("EMAIL_HOST")
DBNAME = import_secret("DBNAME")
DBUSER = import_secret("DBUSER")
DBPASSWD = import_secret("DBPASSWD")
SERVER_EMAIL = "wiki@www.eleves.ens.fr"
BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
INSTALLED_APPS = [
"django.contrib.admin",
@ -79,10 +69,6 @@ INSTALLED_APPS = [
"allauth_ens.providers.clipper",
]
###
# List the installed middlewares
MIDDLEWARE = [
"django.middleware.security.SecurityMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware",
@ -91,21 +77,9 @@ MIDDLEWARE = [
"django.contrib.auth.middleware.AuthenticationMiddleware",
"django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
"allauth.account.middleware.AccountMiddleware",
]
###
# The main url configuration
ROOT_URLCONF = "app.urls"
###
# Template configuration:
# - Django Templating Language is used
# - Application directories can be used
ROOT_URLCONF = "WikiENS.urls"
TEMPLATES = [
{
@ -119,72 +93,66 @@ TEMPLATES = [
"django.contrib.auth.context_processors.auth",
"django.contrib.messages.context_processors.messages",
"sekizai.context_processors.sekizai",
],
},
]
},
}
]
WSGI_APPLICATION = "WikiENS.wsgi.application"
###
# Database configuration
# -> https://docs.djangoproject.com/en/4.2/ref/settings/#databases
SITE_ID = 1
# Database
# https://docs.djangoproject.com/en/1.11/ref/settings/#databases
DATABASES = {
"default": {
"ENGINE": "django.db.backends.postgresql",
"NAME": DBNAME,
"USER": DBUSER,
"PASSWORD": DBPASSWD,
"HOST": "",
}
}
DEFAULT_AUTO_FIELD = "django.db.models.AutoField"
DATABASES = credentials.get_json(
"DATABASES",
# Password validation
# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
"default": {
"ENGINE": "django.db.backends.sqlite3",
"NAME": BASE_DIR / "db.sqlite3",
}
"NAME": (
# XXX. Cette chaîne est très longue… Je la coupe en deux sinon
# black ne me fiche pas la paix (mais c'est vraiment nul)
"django.contrib.auth.password_validation."
"UserAttributeSimilarityValidator"
)
},
)
CACHES = credentials.get_json(
"CACHES",
default={
"default": {
"BACKEND": "django.core.cache.backends.locmem.LocMemCache",
},
},
)
###
# WSGI application configuration
WSGI_APPLICATION = "app.wsgi.application"
###
# Staticfiles configuration
STATIC_ROOT = credentials["STATIC_ROOT"]
STATIC_URL = "/static/"
MEDIA_ROOT = credentials.get("MEDIA_ROOT", BASE_DIR / "media")
MEDIA_URL = "/media/"
###
# Internationalization configuration
# -> https://docs.djangoproject.com/en/4.2/topics/i18n/
LANGUAGE_CODE = "fr-fr"
TIME_ZONE = "Europe/Paris"
USE_I18N = True
USE_L10N = True
USE_TZ = True
LANGUAGES = [
("fr", _("Français")),
{"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator"},
{"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"},
{"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator"},
]
###
# Authentication configuration
# Internationalization
# https://docs.djangoproject.com/en/1.11/topics/i18n/
LANGUAGE_CODE = "fr-fr"
TIME_ZONE = "Europe/Paris"
USE_I18N = True
USE_L10N = True
USE_TZ = True
# Authentication
# https://docs.djangoproject.com/en/1.11/ref/settings/#auth
# https://django-allauth.readthedocs.io/en/latest/index.html
AUTHENTICATION_BACKENDS = [
"allauth.account.auth_backends.AuthenticationBackend",
@ -211,25 +179,19 @@ ACCOUNT_USER_DISPLAY = _user_display
SOCIALACCOUNT_PROVIDERS = {
"clipper": {
"APP": {
"MESSAGE_SUGGEST_LOGOUT_ON_LOGOUT": True,
"MESSAGE_SUGGEST_LOGOUT_ON_LOGOUT_LEVEL": messages.INFO,
},
}
}
AUTH_PASSWORD_VALIDATORS = [
{"NAME": f"django.contrib.auth.password_validation.{v}"}
for v in [
"UserAttributeSimilarityValidator",
"MinimumLengthValidator",
"CommonPasswordValidator",
"NumericPasswordValidator",
]
]
###
# Wiki configuration
# Static / media contents
STATIC_URL = "/_static/"
MEDIA_URL = "/_media/"
# WIKI SETTINGS
WIKI_ATTACHMENTS_EXTENSIONS = [
"pdf",
@ -251,6 +213,12 @@ WIKI_ATTACHMENTS_EXTENSIONS = [
WIKI_REVISIONS_PER_HOUR = 180
WIKI_REVISIONS_PER_MINUTES = 180
# Dark magic - tell django to use X-Forwarded-*
# This is needed for django-allauth-cas, see
# https://blog.ubuntu.com/2015/08/18/django-behind-a-proxy-fixing-absolute-urls
USE_X_FORWARDED_HOST = True
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
# Use sign up, login, logout, profile settings views of allauth.
WIKI_ACCOUNT_HANDLING = False
@ -262,10 +230,3 @@ WIKI_ACCOUNT_SIGNUP_ALLOWED = True
# will be treated as the others_write boolean field on models.Article.
WIKI_ANONYMOUS_WRITE = False
WIKI_ANONYMOUS = False
# FIXME: Add correct email settings
# Development settings
if DEBUG:
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"

16
WikiENS/settings/local.py Normal file
View file

@ -0,0 +1,16 @@
import os
from .common import * # noqa
from .common import BASE_DIR
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
DEBUG = True
DATABASES = {
"default": {
"ENGINE": "django.db.backends.sqlite3",
"NAME": os.path.join(BASE_DIR, "db.sqlite3"),
}
}

11
WikiENS/settings/prod.py Normal file
View file

@ -0,0 +1,11 @@
import os
from .common import * # noqa
from .common import BASE_DIR
DEBUG = False
ALLOWED_HOSTS = ["www.eleves.ens.fr", "wiki.eleves.ens.fr"]
STATIC_ROOT = os.path.join(BASE_DIR, "..", "static")
MEDIA_ROOT = os.path.join(BASE_DIR, "..", "media")

View file

@ -0,0 +1,7 @@
SECRET_KEY = "_u5q4-^1qgkqg=i5o5ha*xkd@82#l$e+%m)$v+4y#t-5!g-%g2"
ADMINS = None
EMAIL_HOST = "localhost"
DBNAME = "wiki"
DBUSER = "wiki"
DBPASSWD = "dummy"

22
WikiENS/urls.py Normal file
View file

@ -0,0 +1,22 @@
from django.conf.urls import include
from django.urls import re_path
from django.contrib import admin
from allauth_ens.views import capture_login, capture_logout
allauth_urls = [
# Catch login/logout views of admin site.
re_path(r'^_admin/login/$', capture_login),
re_path(r'^_admin/logout/$', capture_logout),
# Allauth urls.
re_path(r'^_profil/', include('allauth.urls')),
]
urlpatterns = allauth_urls + [
re_path(r'^_admin/', admin.site.urls),
re_path(r'^notifications/', include('django_nyt.urls')),
re_path(r'^_groups/', include("wiki_groups.urls")),
re_path(r'', include('wiki.urls')),
]
# TODO add MEDIA_ROOT

View file

@ -11,6 +11,6 @@ import os
from django.core.wsgi import get_wsgi_application
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "app.settings")
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "WikiENS.settings")
application = get_wsgi_application()

View file

@ -1,20 +0,0 @@
from allauth_ens.views import capture_login, capture_logout
from django.contrib import admin
from django.urls import include, path
allauth_urls = [
# Catch login/logout views of admin site.
path("_admin/login/", capture_login),
path("_admin/logout/", capture_logout),
# Allauth urls.
path("_profil/", include("allauth.urls")),
]
urlpatterns = allauth_urls + [
path("_admin/", admin.site.urls),
path("notifications/", include("django_nyt.urls")),
path("_groups/", include("wiki_groups.urls")),
path("", include("wiki.urls")),
]
# TODO add MEDIA_ROOT

View file

@ -1,45 +0,0 @@
{
sources ? import ./npins,
pkgs ? import sources.nixpkgs { },
}:
let
nix-pkgs = import sources.nix-pkgs { inherit pkgs; };
python3 = pkgs.python3.override {
packageOverrides = _: _: {
inherit (nix-pkgs) django-allauth-ens django-wiki loadcredential;
};
};
in
{
devShell = pkgs.mkShell {
name = "annuaire.dev";
packages = [
(python3.withPackages (ps: [
ps.django
ps.django-allauth-ens
ps.django-wiki
ps.loadcredential
ps.tinycss2
]))
];
env = {
DJANGO_SETTINGS_MODULE = "app.settings";
CREDENTIALS_DIRECTORY = builtins.toString ./.credentials;
WIKIENS_DEBUG = builtins.toJSON true;
WIKIENS_STATIC_ROOT = builtins.toString ./.static;
};
shellHook = ''
if [ ! -d .static ]; then
mkdir .static
fi
'';
};
}

View file

@ -3,7 +3,7 @@ import os
import sys
if __name__ == "__main__":
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "app.settings")
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "WikiENS.settings.local")
try:
from django.core.management import execute_from_command_line
except ImportError:

View file

@ -1,80 +0,0 @@
# Generated by npins. Do not modify; will be overwritten regularly
let
data = builtins.fromJSON (builtins.readFile ./sources.json);
version = data.version;
mkSource =
spec:
assert spec ? type;
let
path =
if spec.type == "Git" then
mkGitSource spec
else if spec.type == "GitRelease" then
mkGitSource spec
else if spec.type == "PyPi" then
mkPyPiSource spec
else if spec.type == "Channel" then
mkChannelSource spec
else
builtins.throw "Unknown source type ${spec.type}";
in
spec // { outPath = path; };
mkGitSource =
{
repository,
revision,
url ? null,
hash,
branch ? null,
...
}:
assert repository ? type;
# At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository
# In the latter case, there we will always be an url to the tarball
if url != null then
(builtins.fetchTarball {
inherit url;
sha256 = hash; # FIXME: check nix version & use SRI hashes
})
else
assert repository.type == "Git";
let
urlToName =
url: rev:
let
matched = builtins.match "^.*/([^/]*)(\\.git)?$" repository.url;
short = builtins.substring 0 7 rev;
appendShort = if (builtins.match "[a-f0-9]*" rev) != null then "-${short}" else "";
in
"${if matched == null then "source" else builtins.head matched}${appendShort}";
name = urlToName repository.url revision;
in
builtins.fetchGit {
url = repository.url;
rev = revision;
inherit name;
# hash = hash;
};
mkPyPiSource =
{ url, hash, ... }:
builtins.fetchurl {
inherit url;
sha256 = hash;
};
mkChannelSource =
{ url, hash, ... }:
builtins.fetchTarball {
inherit url;
sha256 = hash;
};
in
if version == 3 then
builtins.mapAttrs (_: mkSource) data.pins
else
throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`"

View file

@ -1,22 +0,0 @@
{
"pins": {
"nix-pkgs": {
"type": "Git",
"repository": {
"type": "Git",
"url": "https://git.hubrecht.ovh/hubrecht/nix-pkgs"
},
"branch": "main",
"revision": "6f56463c0034d4162dabb98ee8e70d6c43214ac0",
"url": null,
"hash": "0dqm2n88f0yl63wacizwpjrcv51arz5z31nhwbjcbyjxrwiwxamq"
},
"nixpkgs": {
"type": "Channel",
"name": "nixpkgs-unstable",
"url": "https://releases.nixos.org/nixpkgs/nixpkgs-24.11pre694416.ccc0c2126893/nixexprs.tar.xz",
"hash": "0cn1z4wzps8nfqxzr6l5mbn81adcqy2cy2ic70z13fhzicmxfsbx"
}
},
"version": 3
}

3
requirements.txt Normal file
View file

@ -0,0 +1,3 @@
Django==3.2.*
git+https://git.eleves.ens.fr/klub-dev-ens/django-allauth-ens.git@1.1.3
wiki==0.7.*

3
requirements_prod.txt Normal file
View file

@ -0,0 +1,3 @@
-r requirements.txt
psycopg2
gunicorn

View file

@ -1 +0,0 @@
(import ./. { }).devShell