uncloud-mravi/uncloud/settings.py

313 lines
8.7 KiB
Python

"""
Django settings for uncloud project.
Generated by 'django-admin startproject' using Django 3.0.3.
For more information on this file, see
https://docs.djangoproject.com/en/3.0/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/3.0/ref/settings/
"""
import os
import re
import ldap
import sys
import environ
from django.core.management.utils import get_random_secret_key
from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'handlers': {
'console': {
'class': 'logging.StreamHandler',
},
},
'root': {
'handlers': ['console'],
'level': 'DEBUG',
},
}
# Initialise environment variables
env = environ.Env()
environ.Env.read_env()
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': env('DATABASE_ENGINE'),
'NAME': env('DATABASE_NAME') if env('DATABASE_NAME') else os.path.join(BASE_DIR, 'db.sqlite3'),
'USER': env('DATABASE_USER'),
'PASSWORD': env('DATABASE_PASSWORD'),
'HOST': env('DATABASE_HOST'),
'PORT': env('DATABASE_PORT'),
}
}
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
SITE_ID = 1
# Application definition
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.sites',
'django.contrib.staticfiles',
'django_extensions',
'mathfilters',
'compressor',
'wkhtmltopdf',
'rest_framework',
'django_q',
'notifications',
'uncloud',
'uncloud_auth',
'uncloud_net',
'uncloud_storage',
'uncloud_vm',
'uncloud_service',
'opennebula',
env('ACTIVE_APP'),
'uncloud_pay', # should be after the active app to load the templates from the active app first
'allauth',
'allauth.account',
'allauth.socialaccount',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
ROOT_URLCONF = 'uncloud.urls'
WKHTMLTOPDF_CMD = env('WKHTMLTOPDF_CMD')
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
],
},
},
]
WSGI_APPLICATION = 'uncloud.wsgi.application'
DJANGO_NOTIFICATIONS_CONFIG = { 'USE_JSONFIELD': True}
# Password validation
# https://docs.djangoproject.com/en/3.0/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
###############################################################################
# Authall Settings
ACCOUNT_AUTHENTICATION_METHOD = "username"
ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS = 1
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_UNIQUE_EMAIL = True
MAX_EMAIL_ADDRESSES = 1
################################################################################
# AUTH/LDAP
LDAP_ENABLED = True
AUTH_LDAP_SERVER_HOST = env('AUTH_LDAP_SERVER_HOST')
AUTH_LDAP_SERVER_URI = env('AUTH_LDAP_SERVER_URI')
AUTH_LDAP_BIND_DN = env('AUTH_LDAP_BIND_DN')
AUTH_LDAP_BIND_PASSWORD = env('AUTH_LDAP_BIND_PASSWORD')
AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=customers,dc=ungleich,dc=ch"
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=customers,dc=ungleich,dc=ch",
ldap.SCOPE_SUBTREE,
"(uid=%(user)s)")
# BIND_AS_AUTHENTICATING_USER = True
START_TLS = True
LDAP_ADMIN_DN = env("LDAP_ADMIN_DN")
LDAP_ADMIN_PASSWORD = env("LDAP_ADMIN_PASSWORD")
LDAP_CUSTOMER_GROUP_ID = env("LDAP_CUSTOMER_GROUP_ID")
LDAP_CUSTOMER_DN=env("LDAP_CUSTOMER_DN")
#AUTH_LDAP_USER_QUERY_FIELD = "email"
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "cn",
"last_name": "sn",
"email": "mail"
}
LDAP_DEFAULT_START_UID = int(env('LDAP_DEFAULT_START_UID'))
LDAP_MAX_UID_FILE_PATH = os.environ.get('LDAP_MAX_UID_FILE_PATH',
os.path.join(os.path.abspath(os.path.dirname(__file__)), 'ldap_max_uid_file')
)
################################################################################
# AUTH/Django
AUTHENTICATION_BACKENDS = [
"django_auth_ldap.backend.LDAPBackend",
"django.contrib.auth.backends.ModelBackend",
'allauth.account.auth_backends.AuthenticationBackend',
]
AUTH_USER_MODEL = 'uncloud_auth.User'
ACCOUNT_FORMS = {
'signup': 'uncloud_auth.forms.MySignupForm',
'change_password': 'uncloud_auth.forms.MyChangePasswordForm',
'set_password': 'uncloud_auth.forms.MySetPasswordForm',
'reset_password_from_key': 'uncloud_auth.forms.MyResetPasswordKeyForm',
}
################################################################################
# AUTH/REST
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
]
}
# Internationalization
# https://docs.djangoproject.com/en/3.0/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/3.0/howto/static-files/
STATIC_URL = '/static/'
STATIC_ROOT = os.path.join(BASE_DIR, "static")
STATICFILES_FINDERS = [
'django.contrib.staticfiles.finders.FileSystemFinder',
'django.contrib.staticfiles.finders.AppDirectoriesFinder',
'compressor.finders.CompressorFinder',
]
COMPRESS_ENABLED = True
#VM Deployment TEMPLATE
GITLAB_SERVER = env('GITLAB_SERVER')
GITLAB_OAUTH_TOKEN = env('GITLAB_OAUTH_TOKEN')
GITLAB_PROJECT_ID = env('GITLAB_PROJECT_ID')
GITLAB_AUTHOR_EMAIL = env('GITLAB_AUTHOR_EMAIL')
GITLAB_AUTHOR_NAME = env('GITLAB_AUTHOR_NAME')
GITLAB_YAML_DIR = env('GITLAB_YAML_DIR')
GITLAB_DNS_PROJECT_ID = env('GITLAB_DNS_PROJECT_ID')
MATRIX_DNS_MAIN_DOMAIN = env('MATRIX_DNS_MAIN_DOMAIN')
GITLAB_DNS_OAUTH_TOKEN = env('GITLAB_DNS_OAUTH_TOKEN')
# XML-RPC interface of opennebula
OPENNEBULA_URL = 'https://opennebula.example.com:2634/RPC2'
# user:pass for accessing opennebula
OPENNEBULA_USER_PASS = 'user:password'
# Stripe (Credit Card payments)
STRIPE_KEY=env('STRIPE_KEY')
STRIPE_PUBLIC_KEY=env('STRIPE_PUBLIC_KEY')
BILL_PAYMENT_DELAY = 0
MIN_PER_TRANSACTION = 5
# The django secret key
SECRET_KEY=get_random_secret_key()
ALLOWED_HOSTS = env('ALLOWED_HOSTS')
# required for hardcopy / pdf rendering: https://github.com/loftylabs/django-hardcopy
CHROME_PATH = '/usr/bin/chromium-browser'
# Username that is created by default and owns the configuration objects
UNCLOUD_ADMIN_NAME = "uncloud-admin"
LOGIN_REDIRECT_URL = '/'
LOGOUT_REDIRECT_URL = '/'
EMAIL_USE_TLS = True
EMAIL_HOST = env('EMAIL_HOST')
EMAIL_PORT = 25
EMAIL_HOST_USER = DEFAULT_FROM_EMAIL = env('EMAIL_HOST_USER')
EMAIL_HOST_PASSWORD = env('EMAIL_HOST_PASSWORD')
DEFAULT_FROM_EMAIL = 'support@ungleich.ch'
RENEWAL_FROM_EMAIL = 'support@ungleich.ch'
##############
# Jobs
Q_CLUSTER = {
'name': 'uncloud',
'workers': 1,
'recycle': 500,
'timeout': 60,
'compress': True,
'cpu_affinity': 1,
'save_limit': 250,
'queue_limit': 500,
'label': 'Django Q',
'redis': {
'host': '127.0.0.1',
'port': 6379,
'db': 0, }
}
REPORT_FORMAT = {
'page_height': 200,
'page_width':175,
'orientation': 'Portrait',
'header_spacing': 65,
'margin_bottom':25,
'header_line': False,
}
# Overwrite settings with local settings, if existing
try:
from uncloud.local_settings import *
except (ModuleNotFoundError, ImportError):
pass