forked from uncloud/uncloud
Refactor secret / local settings handling
This commit is contained in:
parent
62d9ccbbef
commit
2cda6441f4
5 changed files with 60 additions and 60 deletions
|
@ -1,21 +0,0 @@
|
||||||
from django.core.management.utils import get_random_secret_key
|
|
||||||
|
|
||||||
# XML-RPC interface of opennebula
|
|
||||||
OPENNEBULA_URL = 'https://opennebula.ungleich.ch:2634/RPC2'
|
|
||||||
|
|
||||||
# user:pass for accessing opennebula
|
|
||||||
OPENNEBULA_USER_PASS = 'user:password'
|
|
||||||
|
|
||||||
POSTGRESQL_DB_NAME="uncloud"
|
|
||||||
|
|
||||||
# See https://django-auth-ldap.readthedocs.io/en/latest/authentication.html
|
|
||||||
LDAP_ADMIN_DN=""
|
|
||||||
LDAP_ADMIN_PASSWORD=""
|
|
||||||
LDAP_SERVER_URI = ""
|
|
||||||
|
|
||||||
# Stripe (Credit Card payments)
|
|
||||||
STRIPE_KEY=""
|
|
||||||
STRIPE_PUBLIC_KEY=""
|
|
||||||
|
|
||||||
# The django secret key
|
|
||||||
SECRET_KEY=get_random_secret_key()
|
|
|
@ -13,41 +13,32 @@ https://docs.djangoproject.com/en/3.0/ref/settings/
|
||||||
import os
|
import os
|
||||||
import ldap
|
import ldap
|
||||||
|
|
||||||
# Uncommitted file with secrets
|
from django.core.management.utils import get_random_secret_key
|
||||||
import uncloud.secrets
|
|
||||||
|
|
||||||
from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion
|
from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion
|
||||||
|
|
||||||
# Uncommitted file with local settings i.e logging
|
|
||||||
try:
|
LOGGING = {}
|
||||||
from uncloud.local_settings import LOGGING, DATABASES
|
|
||||||
except ModuleNotFoundError:
|
|
||||||
LOGGING = {}
|
|
||||||
# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
|
|
||||||
DATABASES = {
|
|
||||||
'default': {
|
|
||||||
'ENGINE': 'django.db.backends.postgresql',
|
|
||||||
'NAME': uncloud.secrets.POSTGRESQL_DB_NAME,
|
|
||||||
'HOST': os.environ.get('DATABASE_HOST', '::1'),
|
|
||||||
'USER': os.environ.get('DATABASE_USER', 'postgres'),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
|
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
|
||||||
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
||||||
|
|
||||||
|
# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
|
||||||
|
DATABASES = {
|
||||||
|
'default': {
|
||||||
|
'ENGINE': 'django.db.backends.sqlite3',
|
||||||
|
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
# Quick-start development settings - unsuitable for production
|
# Quick-start development settings - unsuitable for production
|
||||||
# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
|
# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
|
||||||
|
|
||||||
# SECURITY WARNING: keep the secret key used in production secret!
|
|
||||||
SECRET_KEY = uncloud.secrets.SECRET_KEY
|
|
||||||
|
|
||||||
# SECURITY WARNING: don't run with debug turned on in production!
|
# SECURITY WARNING: don't run with debug turned on in production!
|
||||||
DEBUG = True
|
DEBUG = True
|
||||||
|
|
||||||
ALLOWED_HOSTS = []
|
|
||||||
|
|
||||||
|
|
||||||
# Application definition
|
# Application definition
|
||||||
|
@ -123,7 +114,12 @@ AUTH_PASSWORD_VALIDATORS = [
|
||||||
################################################################################
|
################################################################################
|
||||||
# AUTH/LDAP
|
# AUTH/LDAP
|
||||||
|
|
||||||
AUTH_LDAP_SERVER_URI = uncloud.secrets.LDAP_SERVER_URI
|
AUTH_LDAP_SERVER_URI = ""
|
||||||
|
AUTH_LDAP_BIND_DN = ""
|
||||||
|
AUTH_LDAP_BIND_PASSWORD = ""
|
||||||
|
AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=example,dc=com",
|
||||||
|
ldap.SCOPE_SUBTREE,
|
||||||
|
"(uid=%(user)s)")
|
||||||
|
|
||||||
AUTH_LDAP_USER_ATTR_MAP = {
|
AUTH_LDAP_USER_ATTR_MAP = {
|
||||||
"first_name": "givenName",
|
"first_name": "givenName",
|
||||||
|
@ -131,13 +127,6 @@ AUTH_LDAP_USER_ATTR_MAP = {
|
||||||
"email": "mail"
|
"email": "mail"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
AUTH_LDAP_BIND_DN = uncloud.secrets.LDAP_ADMIN_DN
|
|
||||||
AUTH_LDAP_BIND_PASSWORD = uncloud.secrets.LDAP_ADMIN_PASSWORD
|
|
||||||
|
|
||||||
AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
|
|
||||||
|
|
||||||
|
|
||||||
################################################################################
|
################################################################################
|
||||||
# AUTH/Django
|
# AUTH/Django
|
||||||
AUTHENTICATION_BACKENDS = [
|
AUTHENTICATION_BACKENDS = [
|
||||||
|
@ -158,7 +147,6 @@ REST_FRAMEWORK = {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Internationalization
|
# Internationalization
|
||||||
# https://docs.djangoproject.com/en/3.0/topics/i18n/
|
# https://docs.djangoproject.com/en/3.0/topics/i18n/
|
||||||
|
|
||||||
|
@ -177,3 +165,28 @@ USE_TZ = True
|
||||||
# https://docs.djangoproject.com/en/3.0/howto/static-files/
|
# https://docs.djangoproject.com/en/3.0/howto/static-files/
|
||||||
STATIC_URL = '/static/'
|
STATIC_URL = '/static/'
|
||||||
STATICFILES_DIRS = [ os.path.join(BASE_DIR, "static") ]
|
STATICFILES_DIRS = [ os.path.join(BASE_DIR, "static") ]
|
||||||
|
|
||||||
|
# XML-RPC interface of opennebula
|
||||||
|
OPENNEBULA_URL = 'https://opennebula.example.com:2634/RPC2'
|
||||||
|
|
||||||
|
# user:pass for accessing opennebula
|
||||||
|
OPENNEBULA_USER_PASS = 'user:password'
|
||||||
|
|
||||||
|
# See https://django-auth-ldap.readthedocs.io/en/latest/authentication.html
|
||||||
|
LDAP_ADMIN_DN=""
|
||||||
|
LDAP_ADMIN_PASSWORD=""
|
||||||
|
LDAP_SERVER_URI = ""
|
||||||
|
|
||||||
|
# Stripe (Credit Card payments)
|
||||||
|
STRIPE_KEY=""
|
||||||
|
STRIPE_PUBLIC_KEY=""
|
||||||
|
|
||||||
|
# The django secret key
|
||||||
|
SECRET_KEY=get_random_secret_key()
|
||||||
|
|
||||||
|
|
||||||
|
# Overwrite settings with local settings, if existing
|
||||||
|
try:
|
||||||
|
from uncloud.local_settings import *
|
||||||
|
except (ModuleNotFoundError, ImportError):
|
||||||
|
pass
|
||||||
|
|
|
@ -173,9 +173,6 @@ class VPNNetwork(Product):
|
||||||
|
|
||||||
wireguard_public_key = models.CharField(max_length=48)
|
wireguard_public_key = models.CharField(max_length=48)
|
||||||
|
|
||||||
def save(self, *args, **kwargs):
|
|
||||||
super().save(*args, **kwargs)
|
|
||||||
|
|
||||||
def delete(self, *args, **kwargs):
|
def delete(self, *args, **kwargs):
|
||||||
self.network.status = 'free'
|
self.network.status = 'free'
|
||||||
self.network.save()
|
self.network.save()
|
||||||
|
|
|
@ -4,7 +4,7 @@ from django.contrib.auth import get_user_model
|
||||||
from django.core.validators import MinValueValidator
|
from django.core.validators import MinValueValidator
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
from django.utils import timezone
|
from django.utils import timezone
|
||||||
from django.core.exceptions import ObjectDoesNotExist
|
from django.core.exceptions import ObjectDoesNotExist, ValidationError
|
||||||
|
|
||||||
import uuid
|
import uuid
|
||||||
import logging
|
import logging
|
||||||
|
@ -811,7 +811,7 @@ class Order(models.Model):
|
||||||
|
|
||||||
# TODO: enforce ending_date - starting_date to be larger than recurring_period.
|
# TODO: enforce ending_date - starting_date to be larger than recurring_period.
|
||||||
creation_date = models.DateTimeField(auto_now_add=True)
|
creation_date = models.DateTimeField(auto_now_add=True)
|
||||||
starting_date = models.DateTimeField()
|
starting_date = models.DateTimeField(default=timezone.now)
|
||||||
ending_date = models.DateTimeField(blank=True,
|
ending_date = models.DateTimeField(blank=True,
|
||||||
null=True)
|
null=True)
|
||||||
|
|
||||||
|
@ -918,6 +918,17 @@ class Product(UncloudModel):
|
||||||
# _state.adding is switched to false after super(...) call.
|
# _state.adding is switched to false after super(...) call.
|
||||||
being_created = self._state.adding
|
being_created = self._state.adding
|
||||||
|
|
||||||
|
# First time saving - create an order
|
||||||
|
if not self.order:
|
||||||
|
billing_address = BillingAddress.get_preferred_address_for(self.owner)
|
||||||
|
|
||||||
|
if not billing_address:
|
||||||
|
raise ValidationError("Cannot create order without a billing address")
|
||||||
|
|
||||||
|
self.order = Order(owner=self.owner,
|
||||||
|
billing_address=billing_address)
|
||||||
|
|
||||||
|
|
||||||
super(Product, self).save(*args, **kwargs)
|
super(Product, self).save(*args, **kwargs)
|
||||||
|
|
||||||
# Make sure we only create records on creation.
|
# Make sure we only create records on creation.
|
||||||
|
|
|
@ -3,9 +3,9 @@ import stripe.error
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
from django.core.exceptions import ObjectDoesNotExist
|
from django.core.exceptions import ObjectDoesNotExist
|
||||||
import uncloud_pay.models
|
from django.conf import settings
|
||||||
|
|
||||||
import uncloud.secrets
|
import uncloud_pay.models
|
||||||
|
|
||||||
# Static stripe configuration used below.
|
# Static stripe configuration used below.
|
||||||
CURRENCY = 'chf'
|
CURRENCY = 'chf'
|
||||||
|
@ -14,7 +14,7 @@ CURRENCY = 'chf'
|
||||||
# https://stripe.com/docs/payments/save-and-reuse
|
# https://stripe.com/docs/payments/save-and-reuse
|
||||||
|
|
||||||
# For internal use only.
|
# For internal use only.
|
||||||
stripe.api_key = uncloud.secrets.STRIPE_KEY
|
stripe.api_key = settings.STRIPE_KEY
|
||||||
|
|
||||||
# Helper (decorator) used to catch errors raised by stripe logic.
|
# Helper (decorator) used to catch errors raised by stripe logic.
|
||||||
# Catch errors that should not be displayed to the end user, raise again.
|
# Catch errors that should not be displayed to the end user, raise again.
|
||||||
|
@ -64,7 +64,7 @@ def handle_stripe_error(f):
|
||||||
# Actual Stripe logic.
|
# Actual Stripe logic.
|
||||||
|
|
||||||
def public_api_key():
|
def public_api_key():
|
||||||
return uncloud.secrets.STRIPE_PUBLIC_KEY
|
return settings.STRIPE_PUBLIC_KEY
|
||||||
|
|
||||||
def get_customer_id_for(user):
|
def get_customer_id_for(user):
|
||||||
try:
|
try:
|
||||||
|
|
Loading…
Reference in a new issue