Refactor secret / local settings handling
This commit is contained in:
parent
62d9ccbbef
commit
2cda6441f4
5 changed files with 60 additions and 60 deletions
|
@ -1,21 +0,0 @@
|
|||
from django.core.management.utils import get_random_secret_key
|
||||
|
||||
# XML-RPC interface of opennebula
|
||||
OPENNEBULA_URL = 'https://opennebula.ungleich.ch:2634/RPC2'
|
||||
|
||||
# user:pass for accessing opennebula
|
||||
OPENNEBULA_USER_PASS = 'user:password'
|
||||
|
||||
POSTGRESQL_DB_NAME="uncloud"
|
||||
|
||||
# See https://django-auth-ldap.readthedocs.io/en/latest/authentication.html
|
||||
LDAP_ADMIN_DN=""
|
||||
LDAP_ADMIN_PASSWORD=""
|
||||
LDAP_SERVER_URI = ""
|
||||
|
||||
# Stripe (Credit Card payments)
|
||||
STRIPE_KEY=""
|
||||
STRIPE_PUBLIC_KEY=""
|
||||
|
||||
# The django secret key
|
||||
SECRET_KEY=get_random_secret_key()
|
|
@ -13,41 +13,32 @@ https://docs.djangoproject.com/en/3.0/ref/settings/
|
|||
import os
|
||||
import ldap
|
||||
|
||||
# Uncommitted file with secrets
|
||||
import uncloud.secrets
|
||||
|
||||
from django.core.management.utils import get_random_secret_key
|
||||
from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion
|
||||
|
||||
# Uncommitted file with local settings i.e logging
|
||||
try:
|
||||
from uncloud.local_settings import LOGGING, DATABASES
|
||||
except ModuleNotFoundError:
|
||||
LOGGING = {}
|
||||
# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
|
||||
DATABASES = {
|
||||
'default': {
|
||||
'ENGINE': 'django.db.backends.postgresql',
|
||||
'NAME': uncloud.secrets.POSTGRESQL_DB_NAME,
|
||||
'HOST': os.environ.get('DATABASE_HOST', '::1'),
|
||||
'USER': os.environ.get('DATABASE_USER', 'postgres'),
|
||||
}
|
||||
}
|
||||
|
||||
LOGGING = {}
|
||||
|
||||
|
||||
|
||||
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
|
||||
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
||||
|
||||
# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
|
||||
DATABASES = {
|
||||
'default': {
|
||||
'ENGINE': 'django.db.backends.sqlite3',
|
||||
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# Quick-start development settings - unsuitable for production
|
||||
# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
|
||||
|
||||
# SECURITY WARNING: keep the secret key used in production secret!
|
||||
SECRET_KEY = uncloud.secrets.SECRET_KEY
|
||||
|
||||
# SECURITY WARNING: don't run with debug turned on in production!
|
||||
DEBUG = True
|
||||
|
||||
ALLOWED_HOSTS = []
|
||||
|
||||
|
||||
# Application definition
|
||||
|
@ -123,7 +114,12 @@ AUTH_PASSWORD_VALIDATORS = [
|
|||
################################################################################
|
||||
# AUTH/LDAP
|
||||
|
||||
AUTH_LDAP_SERVER_URI = uncloud.secrets.LDAP_SERVER_URI
|
||||
AUTH_LDAP_SERVER_URI = ""
|
||||
AUTH_LDAP_BIND_DN = ""
|
||||
AUTH_LDAP_BIND_PASSWORD = ""
|
||||
AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=example,dc=com",
|
||||
ldap.SCOPE_SUBTREE,
|
||||
"(uid=%(user)s)")
|
||||
|
||||
AUTH_LDAP_USER_ATTR_MAP = {
|
||||
"first_name": "givenName",
|
||||
|
@ -131,13 +127,6 @@ AUTH_LDAP_USER_ATTR_MAP = {
|
|||
"email": "mail"
|
||||
}
|
||||
|
||||
|
||||
AUTH_LDAP_BIND_DN = uncloud.secrets.LDAP_ADMIN_DN
|
||||
AUTH_LDAP_BIND_PASSWORD = uncloud.secrets.LDAP_ADMIN_PASSWORD
|
||||
|
||||
AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
|
||||
|
||||
|
||||
################################################################################
|
||||
# AUTH/Django
|
||||
AUTHENTICATION_BACKENDS = [
|
||||
|
@ -158,7 +147,6 @@ REST_FRAMEWORK = {
|
|||
}
|
||||
|
||||
|
||||
|
||||
# Internationalization
|
||||
# https://docs.djangoproject.com/en/3.0/topics/i18n/
|
||||
|
||||
|
@ -177,3 +165,28 @@ USE_TZ = True
|
|||
# https://docs.djangoproject.com/en/3.0/howto/static-files/
|
||||
STATIC_URL = '/static/'
|
||||
STATICFILES_DIRS = [ os.path.join(BASE_DIR, "static") ]
|
||||
|
||||
# XML-RPC interface of opennebula
|
||||
OPENNEBULA_URL = 'https://opennebula.example.com:2634/RPC2'
|
||||
|
||||
# user:pass for accessing opennebula
|
||||
OPENNEBULA_USER_PASS = 'user:password'
|
||||
|
||||
# See https://django-auth-ldap.readthedocs.io/en/latest/authentication.html
|
||||
LDAP_ADMIN_DN=""
|
||||
LDAP_ADMIN_PASSWORD=""
|
||||
LDAP_SERVER_URI = ""
|
||||
|
||||
# Stripe (Credit Card payments)
|
||||
STRIPE_KEY=""
|
||||
STRIPE_PUBLIC_KEY=""
|
||||
|
||||
# The django secret key
|
||||
SECRET_KEY=get_random_secret_key()
|
||||
|
||||
|
||||
# Overwrite settings with local settings, if existing
|
||||
try:
|
||||
from uncloud.local_settings import *
|
||||
except (ModuleNotFoundError, ImportError):
|
||||
pass
|
||||
|
|
|
@ -173,9 +173,6 @@ class VPNNetwork(Product):
|
|||
|
||||
wireguard_public_key = models.CharField(max_length=48)
|
||||
|
||||
def save(self, *args, **kwargs):
|
||||
super().save(*args, **kwargs)
|
||||
|
||||
def delete(self, *args, **kwargs):
|
||||
self.network.status = 'free'
|
||||
self.network.save()
|
||||
|
|
|
@ -4,7 +4,7 @@ from django.contrib.auth import get_user_model
|
|||
from django.core.validators import MinValueValidator
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from django.utils import timezone
|
||||
from django.core.exceptions import ObjectDoesNotExist
|
||||
from django.core.exceptions import ObjectDoesNotExist, ValidationError
|
||||
|
||||
import uuid
|
||||
import logging
|
||||
|
@ -811,7 +811,7 @@ class Order(models.Model):
|
|||
|
||||
# TODO: enforce ending_date - starting_date to be larger than recurring_period.
|
||||
creation_date = models.DateTimeField(auto_now_add=True)
|
||||
starting_date = models.DateTimeField()
|
||||
starting_date = models.DateTimeField(default=timezone.now)
|
||||
ending_date = models.DateTimeField(blank=True,
|
||||
null=True)
|
||||
|
||||
|
@ -918,6 +918,17 @@ class Product(UncloudModel):
|
|||
# _state.adding is switched to false after super(...) call.
|
||||
being_created = self._state.adding
|
||||
|
||||
# First time saving - create an order
|
||||
if not self.order:
|
||||
billing_address = BillingAddress.get_preferred_address_for(self.owner)
|
||||
|
||||
if not billing_address:
|
||||
raise ValidationError("Cannot create order without a billing address")
|
||||
|
||||
self.order = Order(owner=self.owner,
|
||||
billing_address=billing_address)
|
||||
|
||||
|
||||
super(Product, self).save(*args, **kwargs)
|
||||
|
||||
# Make sure we only create records on creation.
|
||||
|
|
|
@ -3,9 +3,9 @@ import stripe.error
|
|||
import logging
|
||||
|
||||
from django.core.exceptions import ObjectDoesNotExist
|
||||
import uncloud_pay.models
|
||||
from django.conf import settings
|
||||
|
||||
import uncloud.secrets
|
||||
import uncloud_pay.models
|
||||
|
||||
# Static stripe configuration used below.
|
||||
CURRENCY = 'chf'
|
||||
|
@ -14,7 +14,7 @@ CURRENCY = 'chf'
|
|||
# https://stripe.com/docs/payments/save-and-reuse
|
||||
|
||||
# For internal use only.
|
||||
stripe.api_key = uncloud.secrets.STRIPE_KEY
|
||||
stripe.api_key = settings.STRIPE_KEY
|
||||
|
||||
# Helper (decorator) used to catch errors raised by stripe logic.
|
||||
# Catch errors that should not be displayed to the end user, raise again.
|
||||
|
@ -64,7 +64,7 @@ def handle_stripe_error(f):
|
|||
# Actual Stripe logic.
|
||||
|
||||
def public_api_key():
|
||||
return uncloud.secrets.STRIPE_PUBLIC_KEY
|
||||
return settings.STRIPE_PUBLIC_KEY
|
||||
|
||||
def get_customer_id_for(user):
|
||||
try:
|
||||
|
|
Loading…
Reference in a new issue