From 5d2342b7c6b055654302b911f92102e535899e4f Mon Sep 17 00:00:00 2001 From: Tom Hubrecht Date: Sun, 12 May 2024 13:52:03 +0200 Subject: [PATCH] feat: Use loadcredential package and rework settings --- .credentials/SECRET_KEY | 1 + default.nix | 4 ++ gestiojeux/.gitignore | 1 - gestiojeux/{settings_base.py => settings.py} | 72 +++++++++++++++++++- gestiojeux/settings_dev.py | 50 -------------- requirements.txt | 1 + 6 files changed, 77 insertions(+), 52 deletions(-) create mode 100644 .credentials/SECRET_KEY delete mode 100644 gestiojeux/.gitignore rename gestiojeux/{settings_base.py => settings.py} (67%) delete mode 100644 gestiojeux/settings_dev.py diff --git a/.credentials/SECRET_KEY b/.credentials/SECRET_KEY new file mode 100644 index 0000000..b91d7dc --- /dev/null +++ b/.credentials/SECRET_KEY @@ -0,0 +1 @@ +insecure-secret diff --git a/default.nix b/default.nix index 2ae452c..7694580 100644 --- a/default.nix +++ b/default.nix @@ -42,6 +42,10 @@ in env = { DJANGO_SETTINGS_MODULE = "gestiojeux.settings"; + + CREDENTIALS_DIRECTORY = builtins.toString ./.credentials; + + GESTIOJEUX_DEBUG = builtins.toJSON true; }; }; } diff --git a/gestiojeux/.gitignore b/gestiojeux/.gitignore deleted file mode 100644 index fce19e4..0000000 --- a/gestiojeux/.gitignore +++ /dev/null @@ -1 +0,0 @@ -settings.py diff --git a/gestiojeux/settings_base.py b/gestiojeux/settings.py similarity index 67% rename from gestiojeux/settings_base.py rename to gestiojeux/settings.py index dad2919..4db9268 100644 --- a/gestiojeux/settings_base.py +++ b/gestiojeux/settings.py @@ -12,12 +12,67 @@ https://docs.djangoproject.com/en/3.0/ref/settings/ import os +from loadcredential import Credentials + +# Secrets +credentials = Credentials(env_prefix="GESTIOJEUX_") + +SECRET_KEY = credentials["SECRET_KEY"] + +DEBUG = credentials.get_json( + "DEBUG", False +) # SECURITY WARNING: don't run with debug turned on in production! + +ALLOWED_HOSTS = credentials.get_json("ALLOWED_HOSTS", []) +ADMINS = credentials.get_json("ADMINS", []) + + # Build paths inside the project like this: os.path.join(BASE_DIR, ...) BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) PUBLIC_DIR = os.path.join(BASE_DIR, "public") -# Application definition +# Conditional settings +if DEBUG: + # Database + # https://docs.djangoproject.com/en/3.0/ref/settings/#databases + DATABASES = { + "default": { + "ENGINE": "django.db.backends.sqlite3", + "NAME": os.path.join(BASE_DIR, "db.sqlite3"), + } + } + + # Email + EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend" +else: + EMAIL_HOST = "clipper.ens.fr" + SERVER_EMAIL = credentials["SERVER_EMAIL"] + DEFAULT_FROM_EMAIL = credentials["DEFAULT_FROM_EMAIL"] + + # HTTPS only + CSRF_COOKIE_SECURE = True + SESSION_COOKIE_SECURE = True + + DATABASES = { + "default": { + "ENGINE": "django.db.backends.postgresql_psycopg2", + "NAME": credentials["DB_NAME"], + "USER": credentials["DB_USER"], + } + } + + +# Search engine +# https://django-haystack.readthedocs.io/en/latest/tutorial.html#configuration +HAYSTACK_CONNECTIONS = { + "default": { + "ENGINE": "haystack.backends.whoosh_backend.WhooshEngine", + "PATH": os.path.join(BASE_DIR, "whoosh_index"), + }, +} + +# Application definition INSTALLED_APPS = [ "django.contrib.admin", "django.contrib.auth", @@ -111,12 +166,27 @@ MARKDOWNX_UPLOAD_MAX_SIZE = 1024 * 1024 # Only 1 MiB for markdown uploads # Update the search database on save HAYSTACK_SIGNAL_PROCESSOR = "haystack.signals.RealtimeSignalProcessor" +# Internationalization +# https://docs.djangoproject.com/en/3.0/topics/i18n/ + +LANGUAGE_CODE = "fr" +TIME_ZONE = "Europe/Paris" +USE_I18N = True +USE_L10N = True +USE_TZ = True + # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/3.0/howto/static-files/ STATIC_URL = "/static/" MEDIA_URL = "/media/" +# Directories +STATIC_ROOT = os.path.join(PUBLIC_DIR, "static") +MEDIA_ROOT = os.path.join(PUBLIC_DIR, "media") + +# CAS settings + CAS_SERVER_URL = "https://cas.eleves.ens.fr/" CAS_VERIFY_URL = "https://cas.eleves.ens.fr/" CAS_VERSION = "CAS_2_SAML_1_0" diff --git a/gestiojeux/settings_dev.py b/gestiojeux/settings_dev.py deleted file mode 100644 index ce6aa03..0000000 --- a/gestiojeux/settings_dev.py +++ /dev/null @@ -1,50 +0,0 @@ -""" -Django settings for jeulee project — dev base settings -""" - -import os -from .settings_base import * - -# SECURITY WARNING: keep the secret key used in production secret! -SECRET_KEY = "CHANGE_ME" # FIXME - -# SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True - -ALLOWED_HOSTS = [] - -# Database -# https://docs.djangoproject.com/en/3.0/ref/settings/#databases - -DATABASES = { - "default": { - "ENGINE": "django.db.backends.sqlite3", - "NAME": os.path.join(BASE_DIR, "db.sqlite3"), - } -} - -# Search engine -# https://django-haystack.readthedocs.io/en/latest/tutorial.html#configuration - -HAYSTACK_CONNECTIONS = { - "default": { - "ENGINE": "haystack.backends.whoosh_backend.WhooshEngine", - "PATH": os.path.join(BASE_DIR, "whoosh_index"), - }, -} - -# Internationalization -# https://docs.djangoproject.com/en/3.0/topics/i18n/ - -LANGUAGE_CODE = "fr" -TIME_ZONE = "Europe/Paris" -USE_I18N = True -USE_L10N = True -USE_TZ = True - -# Directories -STATIC_ROOT = os.path.join(PUBLIC_DIR, "static") -MEDIA_ROOT = os.path.join(PUBLIC_DIR, "media") - -# Email -EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend" diff --git a/requirements.txt b/requirements.txt index 12df003..39ec4ed 100644 --- a/requirements.txt +++ b/requirements.txt @@ -8,3 +8,4 @@ django-tables2==2.7.0 markdown-iconfonts==3.0.0 Pillow==10.1.0 Whoosh==2.7.4 +loadcredential==1.1