feat(settings): Merge settings and use credentials

2024-10-23 13:16:41 +02:00 · 2024-10-23 13:16:41 +02:00 · f6df034eed
commit f6df034eed
parent f849a7e2f6
4 changed files with 195 additions and 212 deletions
--- a/app/settings.py
+++ b/app/settings.py
@ -0,0 +1,195 @@
+"""
+Django settings for the bocal project
+"""
+
+from pathlib import Path
+
+from django.contrib.messages import constants as messages
+from django.urls import reverse_lazy
+from django.utils.translation import gettext_lazy as _
+from loadcredential import Credentials
+
+credentials = Credentials(env_prefix="BOCAL_")
+
+# Build paths inside the project like this: BASE_DIR / 'subdir'.
+BASE_DIR = Path(__file__).resolve().parent.parent
+
+# WARNING: keep the secret key used in production secret!
+SECRET_KEY = credentials["SECRET_KEY"]
+
+# WARNING: don't run with debug turned on in production!
+DEBUG = credentials.get_json("DEBUG", False)
+
+ALLOWED_HOSTS = credentials.get_json("ALLOWED_HOSTS", [])
+
+ADMINS = credentials.get_json("ADMINS", [])
+
+SITE_ID = 1
+
+
+###
+# List the installed applications
+
+INSTALLED_APPS = [
+    "django.contrib.admin",
+    "django.contrib.auth",
+    "django.contrib.contenttypes",
+    "django.contrib.sessions",
+    "django.contrib.messages",
+    "django.contrib.staticfiles",
+    "solo",
+    "markdownx",
+    "django_cas_ng",
+    "mainsite",
+    "api",
+    "bocal_auth",
+]
+
+
+###
+# List the installed middlewares
+
+MIDDLEWARE = [
+    "django.middleware.security.SecurityMiddleware",
+    "django.contrib.sessions.middleware.SessionMiddleware",
+    "django.middleware.common.CommonMiddleware",
+    "django.middleware.csrf.CsrfViewMiddleware",
+    "django.contrib.auth.middleware.AuthenticationMiddleware",
+    "django.contrib.messages.middleware.MessageMiddleware",
+    "django.middleware.clickjacking.XFrameOptionsMiddleware",
+    "django_cas_ng.middleware.CASMiddleware",
+]
+
+
+###
+# The main url configuration
+
+ROOT_URLCONF = "app.urls"
+
+
+###
+# Template configuration:
+#   - Django Templating Language is used
+#   - Application directories can be used
+
+
+TEMPLATES = [
+    {
+        "BACKEND": "django.template.backends.django.DjangoTemplates",
+        "DIRS": [],
+        "APP_DIRS": True,
+        "OPTIONS": {
+            "context_processors": [
+                "django.template.context_processors.debug",
+                "django.template.context_processors.request",
+                "django.contrib.auth.context_processors.auth",
+                "django.contrib.messages.context_processors.messages",
+                "mainsite.context_processors.sidebar_years",
+            ],
+        },
+    },
+]
+
+
+###
+# Database configuration
+#   -> https://docs.djangoproject.com/en/4.2/ref/settings/#databases
+
+DEFAULT_AUTO_FIELD = "django.db.models.AutoField"
+
+DATABASES = credentials.get_json(
+    "DATABASES",
+    {
+        "default": {
+            "ENGINE": "django.db.backends.sqlite3",
+            "NAME": BASE_DIR / "db.sqlite3",
+        }
+    },
+)
+
+CACHES = credentials.get_json(
+    "CACHES",
+    default={
+        "default": {
+            "BACKEND": "django.core.cache.backends.locmem.LocMemCache",
+        },
+    },
+)
+
+
+###
+# WSGI application configuration
+
+WSGI_APPLICATION = "app.wsgi.application"
+
+
+###
+# Staticfiles configuration
+
+STATIC_ROOT = credentials["STATIC_ROOT"]
+STATIC_URL = "/static/"
+
+MEDIA_ROOT = credentials.get("MEDIA_ROOT", BASE_DIR / "media")
+MEDIA_URL = "/media/"
+
+
+###
+# Internationalization configuration
+#   -> https://docs.djangoproject.com/en/4.2/topics/i18n/
+
+LANGUAGE_CODE = "fr-fr"
+TIME_ZONE = "Europe/Paris"
+
+USE_I18N = True
+USE_L10N = True
+USE_TZ = True
+
+LANGUAGES = [
+    ("fr", _("Français")),
+]
+
+
+###
+# Authentication configuration
+
+AUTHENTICATION_BACKENDS = [
+    "django.contrib.auth.backends.ModelBackend",
+    "bocal_auth.cas_backend.BOcalCASBackend",
+]
+
+CAS_ADMIN_PREFIX = "/yaes5eiS"  # we don't want CAS to take over /admin auth
+CAS_EMAIL_FORMAT = "%s@clipper.ens.fr"
+CAS_FORCE_CHANGE_USERNAME_CASE = "lower"
+CAS_IGNORE_REFERER = True
+CAS_LOGOUT_COMPLETELY = False
+CAS_REDIRECT_URL = "/"
+CAS_SERVER_URL = "https://cas.eleves.ens.fr/"
+CAS_VERIFY_URL = "https://cas.eleves.ens.fr/"
+CAS_VERSION = "CAS_2_SAML_1_0"
+
+LOGIN_URL = "/accounts/login"
+LOGIN_REDIRECT_URL = "/"
+
+
+AUTH_PASSWORD_VALIDATORS = [
+    {"NAME": f"django.contrib.auth.password_validation.{v}"}
+    for v in [
+        "UserAttributeSimilarityValidator",
+        "MinimumLengthValidator",
+        "CommonPasswordValidator",
+        "NumericPasswordValidator",
+    ]
+]
+
+RHOSTS_PATH = credentials["RHOSTS_PATH"]
+
+
+###
+# MarkdownX configuration
+
+MARKDOWNX_EDITOR_RESIZABLE = False
+
+
+# Development settings
+if DEBUG:
+    EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
--- a/app/settings_base.py
+++ b/app/settings_base.py
@ -1,103 +0,0 @@
-"""
-Django settings for bocal project.
-
-Generated by 'django-admin startproject' using Django 1.11.5.
-
-For more information on this file, see
-https://docs.djangoproject.com/en/1.11/topics/settings/
-
-For the full list of settings and their values, see
-https://docs.djangoproject.com/en/1.11/ref/settings/
-"""
-
-import os
-
-# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
-BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
-
-# Public dir: a good base path for MEDIA_ROOT and STATIC_ROOT
-PUBLIC_DIR = os.path.join(BASE_DIR, "public")
-
-# Application definition
-
-INSTALLED_APPS = [
-    "django.contrib.admin",
-    "django.contrib.auth",
-    "django.contrib.contenttypes",
-    "django.contrib.sessions",
-    "django.contrib.messages",
-    "django.contrib.staticfiles",
-    "solo",
-    "markdownx",
-    "django_cas_ng",
-    "mainsite",
-    "api",
-    "bocal_auth",
-]
-
-MIDDLEWARE = [
-    "django.middleware.security.SecurityMiddleware",
-    "django.contrib.sessions.middleware.SessionMiddleware",
-    "django.middleware.common.CommonMiddleware",
-    "django.middleware.csrf.CsrfViewMiddleware",
-    "django.contrib.auth.middleware.AuthenticationMiddleware",
-    "django.contrib.messages.middleware.MessageMiddleware",
-    "django.middleware.clickjacking.XFrameOptionsMiddleware",
-    "django_cas_ng.middleware.CASMiddleware",
-]
-
-ROOT_URLCONF = "bocal.urls"
-
-TEMPLATES = [
-    {
-        "BACKEND": "django.template.backends.django.DjangoTemplates",
-        "DIRS": [],
-        "APP_DIRS": True,
-        "OPTIONS": {
-            "context_processors": [
-                "django.template.context_processors.debug",
-                "django.template.context_processors.request",
-                "django.contrib.auth.context_processors.auth",
-                "django.contrib.messages.context_processors.messages",
-                "mainsite.context_processors.sidebar_years",
-            ],
-        },
-    },
-]
-
-WSGI_APPLICATION = "bocal.wsgi.application"
-
-
-# Password validation
-# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators
-
-AUTH_PASSWORD_VALIDATORS = [
-    {
-        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
-    },
-    {
-        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
-    },
-    {
-        "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
-    },
-    {
-        "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
-    },
-]
-
-AUTHENTICATION_BACKENDS = [
-    "django.contrib.auth.backends.ModelBackend",
-    "bocal_auth.cas_backend.BOcalCASBackend",
-]
-
-CAS_ADMIN_PREFIX = "/yaes5eiS"  # we don't want CAS to take over /admin auth
-
-LOGIN_URL = "/accounts/login"
-LOGIN_REDIRECT_URL = "/"
-
-# Static files (CSS, JavaScript, Images)
-# https://docs.djangoproject.com/en/1.11/howto/static-files/
-
-STATIC_URL = "/static/"
-MEDIA_URL = "/media/"
--- a/app/settings_dev.py
+++ b/app/settings_dev.py
@ -1,49 +0,0 @@
-import os
-
-from .settings_base import *
-
-# SECURITY WARNING: keep the secret key used in production secret!
-# For production, generate a fresh one, eg. with
-#     pwgen -sy 60 1
-SECRET_KEY = "k340m-_mw#i#up8ajv9$$=$tgpji3f3j!jafj2+ken*@wo9u0%"
-
-# SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
-
-ALLOWED_HOSTS = []
-
-# Database
-# https://docs.djangoproject.com/en/1.11/ref/settings/#databases
-DATABASES = {
-    "default": {
-        "ENGINE": "django.db.backends.sqlite3",
-        "NAME": os.path.join(BASE_DIR, "db.sqlite3"),
-    }
-}
-
-# Internationalization
-# https://docs.djangoproject.com/en/1.11/topics/i18n/
-LANGUAGE_CODE = "fr-fr"
-TIME_ZONE = "Europe/Paris"
-
-USE_I18N = True
-USE_L10N = True
-USE_TZ = True
-
-# Paths
-
-STATIC_ROOT = os.path.join(PUBLIC_DIR, "static")
-MEDIA_ROOT = os.path.join(PUBLIC_DIR, "media")
-
-# Cas
-CAS_SERVER_URL = "https://cas.eleves.ens.fr/"
-CAS_VERIFY_URL = "https://cas.eleves.ens.fr/"
-CAS_VERSION = "CAS_2_SAML_1_0"
-CAS_IGNORE_REFERER = True
-CAS_FORCE_CHANGE_USERNAME_CASE = "lower"
-CAS_REDIRECT_URL = "/"
-CAS_EMAIL_FORMAT = "%s@clipper.ens.fr"
-CAS_LOGOUT_COMPLETELY = False
-
-# Auth
-RHOSTS_PATH = "rhosts_dev"
--- a/app/settings_prod.py
+++ b/app/settings_prod.py
@ -1,60 +0,0 @@
-import os
-
-from .settings_base import *
-
-# SECURITY WARNING: keep the secret key used in production secret!
-# For production, generate a fresh one, eg. with
-#     pwgen -sy 60 1
-SECRET_KEY = "CHANGEMEQUICKLY"  # FIXME
-
-# SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = False
-
-ALLOWED_HOSTS = [
-    "localhost",
-]  # FIXME: add your domain name(s) here.
-
-# Database
-# https://docs.djangoproject.com/en/1.11/ref/settings/#databases
-DATABASES = {
-    "default": {  # FIXME add real settings
-        "ENGINE": "django.db.backends.postgresql",
-        "NAME": "",  # DB name
-        "USER": "",  # DB user
-        "PASSWORD": "",  # user's password
-        "HOST": "localhost",  # DB host -- change if DB is not local
-        "PORT": "5432",  # DB port -- 5432 is the default port for postgres
-    },
-    # Alternatively, use sqlite3 (if you don't really have a choice…)
-    # 'default': {
-    #     'ENGINE': 'django.db.backends.sqlite3',
-    #     'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
-    # }
-}
-
-# Internationalization
-# https://docs.djangoproject.com/en/1.11/topics/i18n/
-LANGUAGE_CODE = "fr-fr"
-TIME_ZONE = "Europe/Paris"
-
-USE_I18N = True
-USE_L10N = True
-USE_TZ = True
-
-# Paths
-
-STATIC_ROOT = os.path.join(PUBLIC_DIR, "static")
-MEDIA_ROOT = os.path.join(PUBLIC_DIR, "media")
-
-# Cas
-CAS_SERVER_URL = "https://example.com/"  # FIXME
-CAS_VERIFY_URL = "https://example.com/"  # FIXME
-CAS_VERSION = "CAS_2_SAML_1_0"  # FIXME
-CAS_IGNORE_REFERER = True
-CAS_FORCE_CHANGE_USERNAME_CASE = "lower"
-CAS_REDIRECT_URL = "/"
-CAS_EMAIL_FORMAT = "%s@clipper.ens.fr"  # FIXME
-CAS_LOGOUT_COMPLETELY = False
-
-# Auth
-RHOSTS_PATH = ""  # FIXME (path to BOcal's .rhosts)