Refactor secret / local settings handling

This commit is contained in:
Nico Schottelius 2020-05-02 00:16:29 +02:00
parent 62d9ccbbef
commit 2cda6441f4
5 changed files with 60 additions and 60 deletions

View file

@ -1,21 +0,0 @@
from django.core.management.utils import get_random_secret_key
# XML-RPC interface of opennebula
OPENNEBULA_URL = 'https://opennebula.ungleich.ch:2634/RPC2'
# user:pass for accessing opennebula
OPENNEBULA_USER_PASS = 'user:password'
POSTGRESQL_DB_NAME="uncloud"
# See https://django-auth-ldap.readthedocs.io/en/latest/authentication.html
LDAP_ADMIN_DN=""
LDAP_ADMIN_PASSWORD=""
LDAP_SERVER_URI = ""
# Stripe (Credit Card payments)
STRIPE_KEY=""
STRIPE_PUBLIC_KEY=""
# The django secret key
SECRET_KEY=get_random_secret_key()

View file

@ -13,41 +13,32 @@ https://docs.djangoproject.com/en/3.0/ref/settings/
import os
import ldap
# Uncommitted file with secrets
import uncloud.secrets
from django.core.management.utils import get_random_secret_key
from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion
# Uncommitted file with local settings i.e logging
try:
from uncloud.local_settings import LOGGING, DATABASES
except ModuleNotFoundError:
LOGGING = {}
# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql',
'NAME': uncloud.secrets.POSTGRESQL_DB_NAME,
'HOST': os.environ.get('DATABASE_HOST', '::1'),
'USER': os.environ.get('DATABASE_USER', 'postgres'),
}
}
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
}
}
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = uncloud.secrets.SECRET_KEY
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = []
# Application definition
@ -123,7 +114,12 @@ AUTH_PASSWORD_VALIDATORS = [
################################################################################
# AUTH/LDAP
AUTH_LDAP_SERVER_URI = uncloud.secrets.LDAP_SERVER_URI
AUTH_LDAP_SERVER_URI = ""
AUTH_LDAP_BIND_DN = ""
AUTH_LDAP_BIND_PASSWORD = ""
AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=example,dc=com",
ldap.SCOPE_SUBTREE,
"(uid=%(user)s)")
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
@ -131,13 +127,6 @@ AUTH_LDAP_USER_ATTR_MAP = {
"email": "mail"
}
AUTH_LDAP_BIND_DN = uncloud.secrets.LDAP_ADMIN_DN
AUTH_LDAP_BIND_PASSWORD = uncloud.secrets.LDAP_ADMIN_PASSWORD
AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
################################################################################
# AUTH/Django
AUTHENTICATION_BACKENDS = [
@ -158,7 +147,6 @@ REST_FRAMEWORK = {
}
# Internationalization
# https://docs.djangoproject.com/en/3.0/topics/i18n/
@ -177,3 +165,28 @@ USE_TZ = True
# https://docs.djangoproject.com/en/3.0/howto/static-files/
STATIC_URL = '/static/'
STATICFILES_DIRS = [ os.path.join(BASE_DIR, "static") ]
# XML-RPC interface of opennebula
OPENNEBULA_URL = 'https://opennebula.example.com:2634/RPC2'
# user:pass for accessing opennebula
OPENNEBULA_USER_PASS = 'user:password'
# See https://django-auth-ldap.readthedocs.io/en/latest/authentication.html
LDAP_ADMIN_DN=""
LDAP_ADMIN_PASSWORD=""
LDAP_SERVER_URI = ""
# Stripe (Credit Card payments)
STRIPE_KEY=""
STRIPE_PUBLIC_KEY=""
# The django secret key
SECRET_KEY=get_random_secret_key()
# Overwrite settings with local settings, if existing
try:
from uncloud.local_settings import *
except (ModuleNotFoundError, ImportError):
pass

View file

@ -173,9 +173,6 @@ class VPNNetwork(Product):
wireguard_public_key = models.CharField(max_length=48)
def save(self, *args, **kwargs):
super().save(*args, **kwargs)
def delete(self, *args, **kwargs):
self.network.status = 'free'
self.network.save()

View file

@ -4,7 +4,7 @@ from django.contrib.auth import get_user_model
from django.core.validators import MinValueValidator
from django.utils.translation import gettext_lazy as _
from django.utils import timezone
from django.core.exceptions import ObjectDoesNotExist
from django.core.exceptions import ObjectDoesNotExist, ValidationError
import uuid
import logging
@ -811,7 +811,7 @@ class Order(models.Model):
# TODO: enforce ending_date - starting_date to be larger than recurring_period.
creation_date = models.DateTimeField(auto_now_add=True)
starting_date = models.DateTimeField()
starting_date = models.DateTimeField(default=timezone.now)
ending_date = models.DateTimeField(blank=True,
null=True)
@ -918,6 +918,17 @@ class Product(UncloudModel):
# _state.adding is switched to false after super(...) call.
being_created = self._state.adding
# First time saving - create an order
if not self.order:
billing_address = BillingAddress.get_preferred_address_for(self.owner)
if not billing_address:
raise ValidationError("Cannot create order without a billing address")
self.order = Order(owner=self.owner,
billing_address=billing_address)
super(Product, self).save(*args, **kwargs)
# Make sure we only create records on creation.

View file

@ -3,9 +3,9 @@ import stripe.error
import logging
from django.core.exceptions import ObjectDoesNotExist
import uncloud_pay.models
from django.conf import settings
import uncloud.secrets
import uncloud_pay.models
# Static stripe configuration used below.
CURRENCY = 'chf'
@ -14,7 +14,7 @@ CURRENCY = 'chf'
# https://stripe.com/docs/payments/save-and-reuse
# For internal use only.
stripe.api_key = uncloud.secrets.STRIPE_KEY
stripe.api_key = settings.STRIPE_KEY
# Helper (decorator) used to catch errors raised by stripe logic.
# Catch errors that should not be displayed to the end user, raise again.
@ -64,7 +64,7 @@ def handle_stripe_error(f):
# Actual Stripe logic.
def public_api_key():
return uncloud.secrets.STRIPE_PUBLIC_KEY
return settings.STRIPE_PUBLIC_KEY
def get_customer_id_for(user):
try: