Refactor secret / local settings handling

This commit is contained in:
Nico Schottelius 2020-05-02 00:16:29 +02:00
parent 62d9ccbbef
commit 2cda6441f4
5 changed files with 60 additions and 60 deletions

View file

@ -1,21 +0,0 @@
from django.core.management.utils import get_random_secret_key
# XML-RPC interface of opennebula
OPENNEBULA_URL = 'https://opennebula.ungleich.ch:2634/RPC2'
# user:pass for accessing opennebula
OPENNEBULA_USER_PASS = 'user:password'
POSTGRESQL_DB_NAME="uncloud"
# See https://django-auth-ldap.readthedocs.io/en/latest/authentication.html
LDAP_ADMIN_DN=""
LDAP_ADMIN_PASSWORD=""
LDAP_SERVER_URI = ""
# Stripe (Credit Card payments)
STRIPE_KEY=""
STRIPE_PUBLIC_KEY=""
# The django secret key
SECRET_KEY=get_random_secret_key()

View file

@ -13,41 +13,32 @@ https://docs.djangoproject.com/en/3.0/ref/settings/
import os import os
import ldap import ldap
# Uncommitted file with secrets from django.core.management.utils import get_random_secret_key
import uncloud.secrets
from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion
# Uncommitted file with local settings i.e logging
try:
from uncloud.local_settings import LOGGING, DATABASES
except ModuleNotFoundError:
LOGGING = {} LOGGING = {}
# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql',
'NAME': uncloud.secrets.POSTGRESQL_DB_NAME,
'HOST': os.environ.get('DATABASE_HOST', '::1'),
'USER': os.environ.get('DATABASE_USER', 'postgres'),
}
}
# Build paths inside the project like this: os.path.join(BASE_DIR, ...) # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
}
}
# Quick-start development settings - unsuitable for production # Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/ # See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = uncloud.secrets.SECRET_KEY
# SECURITY WARNING: don't run with debug turned on in production! # SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True DEBUG = True
ALLOWED_HOSTS = []
# Application definition # Application definition
@ -123,7 +114,12 @@ AUTH_PASSWORD_VALIDATORS = [
################################################################################ ################################################################################
# AUTH/LDAP # AUTH/LDAP
AUTH_LDAP_SERVER_URI = uncloud.secrets.LDAP_SERVER_URI AUTH_LDAP_SERVER_URI = ""
AUTH_LDAP_BIND_DN = ""
AUTH_LDAP_BIND_PASSWORD = ""
AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=example,dc=com",
ldap.SCOPE_SUBTREE,
"(uid=%(user)s)")
AUTH_LDAP_USER_ATTR_MAP = { AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName", "first_name": "givenName",
@ -131,13 +127,6 @@ AUTH_LDAP_USER_ATTR_MAP = {
"email": "mail" "email": "mail"
} }
AUTH_LDAP_BIND_DN = uncloud.secrets.LDAP_ADMIN_DN
AUTH_LDAP_BIND_PASSWORD = uncloud.secrets.LDAP_ADMIN_PASSWORD
AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
################################################################################ ################################################################################
# AUTH/Django # AUTH/Django
AUTHENTICATION_BACKENDS = [ AUTHENTICATION_BACKENDS = [
@ -158,7 +147,6 @@ REST_FRAMEWORK = {
} }
# Internationalization # Internationalization
# https://docs.djangoproject.com/en/3.0/topics/i18n/ # https://docs.djangoproject.com/en/3.0/topics/i18n/
@ -177,3 +165,28 @@ USE_TZ = True
# https://docs.djangoproject.com/en/3.0/howto/static-files/ # https://docs.djangoproject.com/en/3.0/howto/static-files/
STATIC_URL = '/static/' STATIC_URL = '/static/'
STATICFILES_DIRS = [ os.path.join(BASE_DIR, "static") ] STATICFILES_DIRS = [ os.path.join(BASE_DIR, "static") ]
# XML-RPC interface of opennebula
OPENNEBULA_URL = 'https://opennebula.example.com:2634/RPC2'
# user:pass for accessing opennebula
OPENNEBULA_USER_PASS = 'user:password'
# See https://django-auth-ldap.readthedocs.io/en/latest/authentication.html
LDAP_ADMIN_DN=""
LDAP_ADMIN_PASSWORD=""
LDAP_SERVER_URI = ""
# Stripe (Credit Card payments)
STRIPE_KEY=""
STRIPE_PUBLIC_KEY=""
# The django secret key
SECRET_KEY=get_random_secret_key()
# Overwrite settings with local settings, if existing
try:
from uncloud.local_settings import *
except (ModuleNotFoundError, ImportError):
pass

View file

@ -173,9 +173,6 @@ class VPNNetwork(Product):
wireguard_public_key = models.CharField(max_length=48) wireguard_public_key = models.CharField(max_length=48)
def save(self, *args, **kwargs):
super().save(*args, **kwargs)
def delete(self, *args, **kwargs): def delete(self, *args, **kwargs):
self.network.status = 'free' self.network.status = 'free'
self.network.save() self.network.save()

View file

@ -4,7 +4,7 @@ from django.contrib.auth import get_user_model
from django.core.validators import MinValueValidator from django.core.validators import MinValueValidator
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from django.utils import timezone from django.utils import timezone
from django.core.exceptions import ObjectDoesNotExist from django.core.exceptions import ObjectDoesNotExist, ValidationError
import uuid import uuid
import logging import logging
@ -811,7 +811,7 @@ class Order(models.Model):
# TODO: enforce ending_date - starting_date to be larger than recurring_period. # TODO: enforce ending_date - starting_date to be larger than recurring_period.
creation_date = models.DateTimeField(auto_now_add=True) creation_date = models.DateTimeField(auto_now_add=True)
starting_date = models.DateTimeField() starting_date = models.DateTimeField(default=timezone.now)
ending_date = models.DateTimeField(blank=True, ending_date = models.DateTimeField(blank=True,
null=True) null=True)
@ -918,6 +918,17 @@ class Product(UncloudModel):
# _state.adding is switched to false after super(...) call. # _state.adding is switched to false after super(...) call.
being_created = self._state.adding being_created = self._state.adding
# First time saving - create an order
if not self.order:
billing_address = BillingAddress.get_preferred_address_for(self.owner)
if not billing_address:
raise ValidationError("Cannot create order without a billing address")
self.order = Order(owner=self.owner,
billing_address=billing_address)
super(Product, self).save(*args, **kwargs) super(Product, self).save(*args, **kwargs)
# Make sure we only create records on creation. # Make sure we only create records on creation.

View file

@ -3,9 +3,9 @@ import stripe.error
import logging import logging
from django.core.exceptions import ObjectDoesNotExist from django.core.exceptions import ObjectDoesNotExist
import uncloud_pay.models from django.conf import settings
import uncloud.secrets import uncloud_pay.models
# Static stripe configuration used below. # Static stripe configuration used below.
CURRENCY = 'chf' CURRENCY = 'chf'
@ -14,7 +14,7 @@ CURRENCY = 'chf'
# https://stripe.com/docs/payments/save-and-reuse # https://stripe.com/docs/payments/save-and-reuse
# For internal use only. # For internal use only.
stripe.api_key = uncloud.secrets.STRIPE_KEY stripe.api_key = settings.STRIPE_KEY
# Helper (decorator) used to catch errors raised by stripe logic. # Helper (decorator) used to catch errors raised by stripe logic.
# Catch errors that should not be displayed to the end user, raise again. # Catch errors that should not be displayed to the end user, raise again.
@ -64,7 +64,7 @@ def handle_stripe_error(f):
# Actual Stripe logic. # Actual Stripe logic.
def public_api_key(): def public_api_key():
return uncloud.secrets.STRIPE_PUBLIC_KEY return settings.STRIPE_PUBLIC_KEY
def get_customer_id_for(user): def get_customer_id_for(user):
try: try: