forked from uncloud/uncloud
314 lines
8.7 KiB
Python
314 lines
8.7 KiB
Python
"""
|
|
Django settings for uncloud project.
|
|
|
|
Generated by 'django-admin startproject' using Django 3.0.3.
|
|
|
|
For more information on this file, see
|
|
https://docs.djangoproject.com/en/3.0/topics/settings/
|
|
|
|
For the full list of settings and their values, see
|
|
https://docs.djangoproject.com/en/3.0/ref/settings/
|
|
"""
|
|
|
|
import os
|
|
import re
|
|
import ldap
|
|
import sys
|
|
import environ
|
|
|
|
from django.core.management.utils import get_random_secret_key
|
|
from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion
|
|
|
|
LOGGING = {
|
|
'version': 1,
|
|
'disable_existing_loggers': False,
|
|
'handlers': {
|
|
'console': {
|
|
'class': 'logging.StreamHandler',
|
|
},
|
|
},
|
|
'root': {
|
|
'handlers': ['console'],
|
|
'level': 'DEBUG',
|
|
},
|
|
}
|
|
|
|
# Initialise environment variables
|
|
env = environ.Env()
|
|
environ.Env.read_env()
|
|
|
|
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
|
|
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
|
|
|
# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
|
|
|
|
DATABASES = {
|
|
'default': {
|
|
'ENGINE': env('DATABASE_ENGINE'),
|
|
'NAME': env('DATABASE_NAME') if env('DATABASE_NAME') else os.path.join(BASE_DIR, 'db.sqlite3'),
|
|
'USER': env('DATABASE_USER'),
|
|
'PASSWORD': env('DATABASE_PASSWORD'),
|
|
'HOST': env('DATABASE_HOST'),
|
|
'PORT': env('DATABASE_PORT'),
|
|
}
|
|
}
|
|
|
|
|
|
# Quick-start development settings - unsuitable for production
|
|
# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
|
|
|
|
# SECURITY WARNING: don't run with debug turned on in production!
|
|
DEBUG = True
|
|
|
|
SITE_ID = 1
|
|
|
|
# Application definition
|
|
|
|
INSTALLED_APPS = [
|
|
'django.contrib.admin',
|
|
'django.contrib.auth',
|
|
'django.contrib.contenttypes',
|
|
'django.contrib.sessions',
|
|
'django.contrib.messages',
|
|
'django.contrib.sites',
|
|
'django.contrib.staticfiles',
|
|
'django_extensions',
|
|
'mathfilters',
|
|
'compressor',
|
|
'wkhtmltopdf',
|
|
'rest_framework',
|
|
'django_q',
|
|
'notifications',
|
|
'uncloud',
|
|
'uncloud_auth',
|
|
'uncloud_net',
|
|
'uncloud_storage',
|
|
'uncloud_vm',
|
|
'uncloud_service',
|
|
'opennebula',
|
|
env('ACTIVE_APP'),
|
|
'uncloud_pay', # should be after the active app to load the templates from the active app first
|
|
'allauth',
|
|
'allauth.account',
|
|
'allauth.socialaccount',
|
|
]
|
|
|
|
MIDDLEWARE = [
|
|
'django.middleware.security.SecurityMiddleware',
|
|
'django.contrib.sessions.middleware.SessionMiddleware',
|
|
'django.middleware.common.CommonMiddleware',
|
|
'django.middleware.csrf.CsrfViewMiddleware',
|
|
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
|
'django.contrib.messages.middleware.MessageMiddleware',
|
|
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
|
]
|
|
|
|
ROOT_URLCONF = 'uncloud.urls'
|
|
WKHTMLTOPDF_CMD = env('WKHTMLTOPDF_CMD')
|
|
|
|
TEMPLATES = [
|
|
{
|
|
'BACKEND': 'django.template.backends.django.DjangoTemplates',
|
|
'DIRS': [],
|
|
'APP_DIRS': True,
|
|
'OPTIONS': {
|
|
'context_processors': [
|
|
'django.template.context_processors.debug',
|
|
'django.template.context_processors.request',
|
|
'django.contrib.auth.context_processors.auth',
|
|
'django.contrib.messages.context_processors.messages',
|
|
],
|
|
},
|
|
},
|
|
]
|
|
|
|
WSGI_APPLICATION = 'uncloud.wsgi.application'
|
|
DJANGO_NOTIFICATIONS_CONFIG = { 'USE_JSONFIELD': True}
|
|
|
|
# Password validation
|
|
# https://docs.djangoproject.com/en/3.0/ref/settings/#auth-password-validators
|
|
|
|
AUTH_PASSWORD_VALIDATORS = [
|
|
{
|
|
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
|
|
},
|
|
{
|
|
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
|
|
},
|
|
{
|
|
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
|
|
},
|
|
{
|
|
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
|
|
},
|
|
]
|
|
###############################################################################
|
|
# Authall Settings
|
|
ACCOUNT_AUTHENTICATION_METHOD = "username"
|
|
ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS = 1
|
|
ACCOUNT_EMAIL_REQUIRED = True
|
|
ACCOUNT_UNIQUE_EMAIL = True
|
|
MAX_EMAIL_ADDRESSES = 1
|
|
################################################################################
|
|
# AUTH/LDAP
|
|
|
|
LDAP_ENABLED = True
|
|
AUTH_LDAP_SERVER_HOST = env('AUTH_LDAP_SERVER_HOST')
|
|
AUTH_LDAP_SERVER_URI = env('AUTH_LDAP_SERVER_URI')
|
|
AUTH_LDAP_BIND_DN = env('AUTH_LDAP_BIND_DN')
|
|
AUTH_LDAP_BIND_PASSWORD = env('AUTH_LDAP_BIND_PASSWORD')
|
|
|
|
AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=customers,dc=ungleich,dc=ch"
|
|
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=customers,dc=ungleich,dc=ch",
|
|
ldap.SCOPE_SUBTREE,
|
|
"(uid=%(user)s)")
|
|
# BIND_AS_AUTHENTICATING_USER = True
|
|
START_TLS = True
|
|
LDAP_ADMIN_DN = env("LDAP_ADMIN_DN")
|
|
LDAP_ADMIN_PASSWORD = env("LDAP_ADMIN_PASSWORD")
|
|
LDAP_CUSTOMER_GROUP_ID = env("LDAP_CUSTOMER_GROUP_ID")
|
|
LDAP_CUSTOMER_DN=env("LDAP_CUSTOMER_DN")
|
|
|
|
#AUTH_LDAP_USER_QUERY_FIELD = "email"
|
|
AUTH_LDAP_USER_ATTR_MAP = {
|
|
"first_name": "cn",
|
|
"last_name": "sn",
|
|
"email": "mail"
|
|
}
|
|
LDAP_DEFAULT_START_UID = int(env('LDAP_DEFAULT_START_UID'))
|
|
|
|
LDAP_MAX_UID_FILE_PATH = os.environ.get('LDAP_MAX_UID_FILE_PATH',
|
|
os.path.join(os.path.abspath(os.path.dirname(__file__)), 'ldap_max_uid_file')
|
|
)
|
|
################################################################################
|
|
# AUTH/Django
|
|
AUTHENTICATION_BACKENDS = [
|
|
"django_auth_ldap.backend.LDAPBackend",
|
|
"django.contrib.auth.backends.ModelBackend",
|
|
'allauth.account.auth_backends.AuthenticationBackend',
|
|
]
|
|
|
|
|
|
|
|
AUTH_USER_MODEL = 'uncloud_auth.User'
|
|
ACCOUNT_FORMS = {
|
|
'signup': 'uncloud_auth.forms.MySignupForm',
|
|
'change_password': 'uncloud_auth.forms.MyChangePasswordForm',
|
|
'set_password': 'uncloud_auth.forms.MySetPasswordForm',
|
|
'reset_password_from_key': 'uncloud_auth.forms.MyResetPasswordKeyForm',
|
|
}
|
|
|
|
################################################################################
|
|
# AUTH/REST
|
|
REST_FRAMEWORK = {
|
|
'DEFAULT_AUTHENTICATION_CLASSES': [
|
|
'rest_framework.authentication.BasicAuthentication',
|
|
'rest_framework.authentication.SessionAuthentication',
|
|
]
|
|
}
|
|
|
|
|
|
# Internationalization
|
|
# https://docs.djangoproject.com/en/3.0/topics/i18n/
|
|
|
|
LANGUAGE_CODE = 'en-us'
|
|
|
|
TIME_ZONE = 'UTC'
|
|
|
|
USE_I18N = True
|
|
|
|
USE_L10N = True
|
|
|
|
USE_TZ = True
|
|
|
|
|
|
# Static files (CSS, JavaScript, Images)
|
|
# https://docs.djangoproject.com/en/3.0/howto/static-files/
|
|
STATIC_URL = '/static/'
|
|
STATIC_ROOT = os.path.join(BASE_DIR, "static")
|
|
STATICFILES_FINDERS = [
|
|
'django.contrib.staticfiles.finders.FileSystemFinder',
|
|
'django.contrib.staticfiles.finders.AppDirectoriesFinder',
|
|
'compressor.finders.CompressorFinder',
|
|
]
|
|
COMPRESS_ENABLED = True
|
|
|
|
#VM Deployment TEMPLATE
|
|
GITLAB_SERVER = env('GITLAB_SERVER')
|
|
GITLAB_OAUTH_TOKEN = env('GITLAB_OAUTH_TOKEN')
|
|
GITLAB_PROJECT_ID = env('GITLAB_PROJECT_ID')
|
|
GITLAB_AUTHOR_EMAIL = env('GITLAB_AUTHOR_EMAIL')
|
|
GITLAB_AUTHOR_NAME = env('GITLAB_AUTHOR_NAME')
|
|
GITLAB_YAML_DIR = env('GITLAB_YAML_DIR')
|
|
GITLAB_DNS_PROJECT_ID = env('GITLAB_DNS_PROJECT_ID')
|
|
MATRIX_DNS_MAIN_DOMAIN = env('MATRIX_DNS_MAIN_DOMAIN')
|
|
GITLAB_DNS_OAUTH_TOKEN = env('GITLAB_DNS_OAUTH_TOKEN')
|
|
|
|
# XML-RPC interface of opennebula
|
|
OPENNEBULA_URL = 'https://opennebula.example.com:2634/RPC2'
|
|
|
|
# user:pass for accessing opennebula
|
|
OPENNEBULA_USER_PASS = 'user:password'
|
|
|
|
# Stripe (Credit Card payments)
|
|
STRIPE_KEY=env('STRIPE_KEY')
|
|
STRIPE_PUBLIC_KEY=env('STRIPE_PUBLIC_KEY')
|
|
BILL_PAYMENT_DELAY = 0
|
|
MIN_PER_TRANSACTION = 5
|
|
# The django secret key
|
|
SECRET_KEY=get_random_secret_key()
|
|
|
|
ALLOWED_HOSTS = env('ALLOWED_HOSTS')
|
|
|
|
# required for hardcopy / pdf rendering: https://github.com/loftylabs/django-hardcopy
|
|
CHROME_PATH = '/usr/bin/chromium-browser'
|
|
|
|
# Username that is created by default and owns the configuration objects
|
|
UNCLOUD_ADMIN_NAME = "uncloud-admin"
|
|
|
|
LOGIN_REDIRECT_URL = '/'
|
|
LOGOUT_REDIRECT_URL = '/'
|
|
|
|
EMAIL_USE_TLS = True
|
|
EMAIL_HOST = env('EMAIL_HOST')
|
|
|
|
EMAIL_PORT = 25
|
|
EMAIL_HOST_USER = DEFAULT_FROM_EMAIL = env('EMAIL_HOST_USER')
|
|
EMAIL_HOST_PASSWORD = env('EMAIL_HOST_PASSWORD')
|
|
DEFAULT_FROM_EMAIL = 'support@ungleich.ch'
|
|
RENEWAL_FROM_EMAIL = 'support@ungleich.ch'
|
|
|
|
##############
|
|
# Jobs
|
|
Q_CLUSTER = {
|
|
'name': 'uncloud',
|
|
'workers': 1,
|
|
'recycle': 500,
|
|
'timeout': 60,
|
|
'compress': True,
|
|
'cpu_affinity': 1,
|
|
'save_limit': 250,
|
|
'queue_limit': 500,
|
|
'label': 'Django Q',
|
|
'redis': {
|
|
'host': '127.0.0.1',
|
|
'port': 6379,
|
|
'db': 0, }
|
|
}
|
|
|
|
REPORT_FORMAT = {
|
|
'page_height': 200,
|
|
'page_width':175,
|
|
'orientation': 'Portrait',
|
|
'header_spacing': 65,
|
|
'margin_bottom':25,
|
|
'header_line': False,
|
|
}
|
|
|
|
|
|
# Overwrite settings with local settings, if existing
|
|
try:
|
|
from uncloud.local_settings import *
|
|
except (ModuleNotFoundError, ImportError):
|
|
pass
|