New organisation of settings files

We reproduce what has been done here:
https://github.com/dissemin/dissemin

The following files can be found under `cof/settings/`
- `common.py`: the settings that are shared by all the environments we
  have + the secrets (see below).
- `dev.py`: the settings used by the vagrant VM for local development.
- `prod.py`: the production settings (for both www.cof.ens.fr and
  dev.cof.ens.fr)

There is also a notion of "secrets". Some settings like the `SECRET_KEY`
or the database's credentials are loaded from an untracked files called
`secret.py` in the same directory. This secrets are loaded by the common
settings file.

cof/settings/.gitignore

@@ -0,0 +1 @@
+secret.py

cof/settings/common.py

@@ -1,32 +1,40 @@
 # -*- coding: utf-8 -*-
 """
-Django settings for cof project.
+Django common settings for cof project.
 
-For more information on this file, see
+Everything which is supposed to be identical between the production server and
-https://docs.djangoproject.com/en/1.8/topics/settings/
+the local development serveur should be here.
-
-For the full list of settings and their values, see
-https://docs.djangoproject.com/en/1.8/ref/settings/
 """
 
-# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 import os
 
-BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+# Database credentials
+try:
+    from .secret import DBNAME, DBUSER, DBPASSWD
+except ImportError:
+    # On the local development VM, theses credentials are in the environment
+    DBNAME = os.environ["DBNAME"]
+    DBUSER = os.environ["DBUSER"]
+    DBPASSWD = os.environ["DBPASSWD"]
+except KeyError:
+    raise RuntimeError("Secrets missing")
 
-EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
+# Other secrets
+try:
+    from .secret import (
+        SECRET_KEY, RECAPTCHA_PUBLIC_KEY, RECAPTCHA_PRIVATE_KEY, ADMINS
+    )
+except ImportError:
+    raise RuntimeError("Secrets missing")
 
-# Quick-start development settings - unsuitable for production
-# See https://docs.djangoproject.com/en/1.8/howto/deployment/checklist/
 
-# SECURITY WARNING: keep the secret key used in production secret!
+BASE_DIR = os.path.dirname(
-SECRET_KEY = 'q()(zn4m63i%5cp4)f+ww4-28_w+ly3q9=6imw2ciu&_(5_4ah'
+    os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+)
 
-# SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
 
 # Application definition
-INSTALLED_APPS = (
+INSTALLED_APPS = [
     'gestioncof',
     'django.contrib.auth',
     'django.contrib.contenttypes',
@@ -41,17 +49,15 @@ INSTALLED_APPS = (
     'autocomplete_light',
     'captcha',
     'django_cas_ng',
-    'debug_toolbar',
     'bootstrapform',
     'kfet',
     'channels',
     'widget_tweaks',
     'custommail',
     'djconfig',
-)
+]
 
-MIDDLEWARE_CLASSES = (
+MIDDLEWARE_CLASSES = [
-    'debug_toolbar.middleware.DebugToolbarMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
@@ -62,7 +68,7 @@ MIDDLEWARE_CLASSES = (
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
     'django.middleware.security.SecurityMiddleware',
     'djconfig.middleware.DjConfigMiddleware',
-)
+]
 
 ROOT_URLCONF = 'cof.urls'
 
@@ -73,7 +79,6 @@ TEMPLATES = [
         'APP_DIRS': True,
         'OPTIONS': {
             'context_processors': [
-                'django.template.context_processors.debug',
                 'django.template.context_processors.request',
                 'django.contrib.auth.context_processors.auth',
                 'django.contrib.messages.context_processors.messages',
@@ -89,17 +94,12 @@ TEMPLATES = [
     },
 ]
 
-# WSGI_APPLICATION = 'cof.wsgi.application'
-
-# Database
-# https://docs.djangoproject.com/en/1.8/ref/settings/#databases
-
 DATABASES = {
     'default': {
         'ENGINE': 'django.db.backends.mysql',
-        'NAME': os.environ['DBNAME'],
+        'NAME': DBNAME,
-        'USER': os.environ['DBUSER'],
+        'USER': DBUSER,
-        'PASSWORD': os.environ['DBPASSWD'],
+        'PASSWORD': DBPASSWD,
         'HOST': os.environ.get('DBHOST', 'localhost'),
     }
 }
@@ -119,18 +119,9 @@ USE_L10N = True
 USE_TZ = True
 
 
-# Static files (CSS, JavaScript, Images)
-# https://docs.djangoproject.com/en/1.8/howto/static-files/
-
-STATIC_URL = '/static/'
-STATIC_ROOT = '/var/www/static/'
-
 # Media upload (through ImageField, SiteField)
 # https://docs.djangoproject.com/en/1.9/ref/models/fields/
 
-MEDIA_ROOT = os.path.join(BASE_DIR, 'media/')
-MEDIA_URL = '/media/'
-
 # Various additional settings
 SITE_ID = 1
 
@@ -163,12 +154,6 @@ AUTHENTICATION_BACKENDS = (
     'kfet.backends.GenericTeamBackend',
 )
 
-# LDAP_SERVER_URL = 'ldaps://ldap.spi.ens.fr:636'
-
-# EMAIL_HOST="nef.ens.fr"
-
-RECAPTCHA_PUBLIC_KEY = "DUMMY"
-RECAPTCHA_PRIVATE_KEY = "DUMMY"
 RECAPTCHA_USE_SSL = True
 
 # Channels settings
@@ -183,22 +168,4 @@ CHANNEL_LAYERS = {
     }
 }
 
-
-def show_toolbar(request):
-    """
-    On ne veut pas la vérification de INTERNAL_IPS faite par la debug-toolbar
-    car cela interfère avec l'utilisation de Vagrant. En effet, l'adresse de la
-    machine physique n'est pas forcément connue, et peut difficilement être
-    mise dans les INTERNAL_IPS.
-    """
-    if not DEBUG:
-        return False
-    if request.is_ajax():
-        return False
-    return True
-
-DEBUG_TOOLBAR_CONFIG = {
-    'SHOW_TOOLBAR_CALLBACK': show_toolbar,
-}
-
 FORMAT_MODULE_PATH = 'cof.locale'

cof/settings/dev.py

@@ -0,0 +1,52 @@
+"""
+Django development settings for the cof project.
+The settings that are not listed here are imported from .common
+"""
+
+import os
+
+from .common import *
+
+
+EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
+
+DEBUG = True
+
+TEMPLATES[0]["OPTIONS"]["context_processors"] += [
+    'django.template.context_processors.debug'
+]
+
+
+# ---
+# Apache static/media config
+# ---
+
+STATIC_URL = '/static/'
+STATIC_ROOT = '/var/www/static/'
+
+MEDIA_ROOT = os.path.join(BASE_DIR, 'media/')
+MEDIA_URL = '/media/'
+
+
+# ---
+# Debug tool bar
+# ---
+
+def show_toolbar(request):
+    """
+    On ne veut pas la vérification de INTERNAL_IPS faite par la debug-toolbar
+    car cela interfère avec l'utilisation de Vagrant. En effet, l'adresse de la
+    machine physique n'est pas forcément connue, et peut difficilement être
+    mise dans les INTERNAL_IPS.
+    """
+    if not DEBUG:
+        return False
+    if request.is_ajax():
+        return False
+    return True
+
+INSTALLED_APPS += ["debug_toolbar"]
+MIDDLEWARE_CLASSES += ["debug_toolbar.middleware.DebugToolbarMiddleware"]
+DEBUG_TOOLBAR_CONFIG = {
+    'SHOW_TOOLBAR_CALLBACK': show_toolbar,
+}

cof/settings/prod.py

@@ -0,0 +1,26 @@
+"""
+Django development settings for the cof project.
+The settings that are not listed here are imported from .common
+"""
+
+import os
+
+from .common import *
+
+
+DEBUG = False
+
+ALLOWED_HOSTS = [
+    "cof.ens.fr",
+    "www.cof.ens.fr",
+    "dev.cof.ens.fr"
+]
+
+STATIC_ROOT = os.path.join(os.path.dirname(BASE_DIR), "static")
+STATIC_URL = "/gestion/static/"
+MEDIA_ROOT = os.path.join(os.path.dirname(BASE_DIR), "media")
+MEDIA_URL = "/gestion/media/"
+
+LDAP_SERVER_URL = "ldaps://ldap.spi.ens.fr:636"
+
+EMAIL_HOST = "nef.ens.fr"

cof/settings/secret_example.py

@@ -0,0 +1,4 @@
+SECRET_KEY = 'q()(zn4m63i%5cp4)f+ww4-28_w+ly3q9=6imw2ciu&_(5_4ah'
+RECAPTCHA_PUBLIC_KEY = "DUMMY"
+RECAPTCHA_PRIVATE_KEY = "DUMMY"
+ADMINS = None