This commit is contained in:
Nico Schottelius 2019-01-26 13:54:20 +01:00
parent 9a44d45f39
commit 0f0946b17f
3 changed files with 38 additions and 149 deletions

8
dal/dal/env.sample Normal file
View file

@ -0,0 +1,8 @@
# Create .env to be loaded automatically
LDAPSERVER="ldap://ldap1.ungleich.ch ldap://ldap2.ungleich.ch"
LDAPSEARCHUSER="user here"
LDAPSEARCHUSERPASSWORD="password here"
# Space separated list of search bases for users
LDAPSEARCH="ou=users,dc=ungleich,dc=ch ou=customers,dc=ungleich,dc=ch"

View file

@ -11,77 +11,28 @@ https://docs.djangoproject.com/en/1.10/ref/settings/
"""
import os
import dotenv
import ldap
from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion
from configparser import ConfigParser
# get config
dotenv.read_dotenv()
config = ConfigParser()
config.read('userservice.conf')
# LDAP setup
AUTH_LDAP_SERVER_URI = os.environ['LDAPSERVER']
AUTH_LDAP_BIND_DN = os.environ['LDAPSEARCHUSER']
AUTH_LDAP_BIND_PASSWORD = os.environ['LDAPSEARCHUSERPASSWORD']
# LDAP config
AUTH_LDAP_SERVER_URI = config['LDAP']['LDAPSERVER']
# The search user
AUTH_LDAP_BIND_DN = config['LDAP']['SEARCHUSER']
# The password for the search user
AUTH_LDAP_BIND_PASSWORD = config.get('LDAP','SEARCHUSERPASSWORD', raw=True)
# Search union over two ou
AUTH_LDAP_USER_SEARCH = LDAPSearchUnion(
LDAPSearch("ou=users,dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)"),
LDAPSearch("ou=customers,dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)"),
)
# Basic User
#AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=ungleich,dc=ch"
# Search over just one ou
#AUTH_LDAP_USER_SEARCH = LDAPSearch( LDAPSearch("ou=users,dc=ungleich,dc=ch",
# ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
# )
# Search union over OUs
search_base = os.environ['LDAPSEARCH'].split()
search_base_ldap = [ LDAPSearch(x, ldap.SCOPE_SUBTREE, "(uid=%(user)s)") for x in search_base ]
AUTH_LDAP_USER_SEARCH = LDAPSearchUnion(*search_base_ldap)
# Maps some user keys since ldap has extensive infos
#AUTH_LDAP_USER_ATTR_MAP = {"first_name": "givenName", "last_name": "sn"}
# Maps some profile keys since ldap has extensive infos
#AUTH_LDAP_PROFILE_ATTR_MAP = {"home_directory": "homeDirectory"}
# LDAP config end
# Django nameko config
# Where's the Rabbitmq at
NAMEKO_CONFIG = {
'AMQP_URI': 'amqp://%s' % config['System']['RABBITMQ']
}
# Standard pool size
NAMEKO_POOL_SIZE = 4
# Django nameko config end
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
STATIC_ROOT = os.path.dirname('/home/downhill/ungleich/vuejsuserservice/dal/dal/static/')
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'rn=f&ecp#&#escxpk!0e%a$i3sbm$z@5+g4h9q+w7-83*f2f-i'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = []
# Application definition
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
@ -89,8 +40,6 @@ INSTALLED_APPS = [
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'bootstrap3',
'sekizai',
'dal',
]
@ -104,12 +53,8 @@ MIDDLEWARE = [
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
# Backend for auth
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
# we only use LDAP for this service, so no auth against the standard DB
# 'django.contrib.auth.backends.ModelBackend',
)
@ -134,87 +79,6 @@ TEMPLATES = [
WSGI_APPLICATION = 'dal.wsgi.application'
# Django Bootstrap - Settings
# Added Configuration for bootstrap static files to load over https.
BOOTSTRAP3 = {
# The URL to the jQuery JavaScript file
'jquery_url': '//code.jquery.com/jquery.min.js',
# The Bootstrap base URL
'base_url': '//maxcdn.bootstrapcdn.com/bootstrap/3.3.4/',
# The complete URL to the Bootstrap CSS file
# (None means derive it from base_url)
'css_url': None,
# The complete URL to the Bootstrap CSS file (None means no theme)
'theme_url': None,
# The complete URL to the Bootstrap JavaScript file
# (None means derive it from base_url)
'javascript_url': None,
# Put JavaScript in the HEAD section of the HTML document
# (only relevant if you use bootstrap3.html)
'javascript_in_head': False,
# Include jQuery with Bootstrap JavaScript
# (affects django-bootstrap3 template tags)
'include_jquery': False,
# Label class to use in horizontal forms
'horizontal_label_class': 'col-md-3',
# Field class to use in horizontal forms
'horizontal_field_class': 'col-md-9',
# Set HTML required attribute on required fields
'set_required': True,
# Set HTML disabled attribute on disabled fields
'set_disabled': False,
# Set placeholder attributes to label if no placeholder is provided
'set_placeholder': True,
# Class to indicate required (better to set this in your Django form)
'required_css_class': '',
# Class to indicate error (better to set this in your Django form)
'error_css_class': 'has-error',
# Class to indicate success, meaning the field has valid input
# (better to set this in your Django form)
'success_css_class': 'has-success',
# Renderers (only set these if you have studied the source and understand
# the inner workings)
'formset_renderers': {
'default': 'bootstrap3.renderers.FormsetRenderer',
},
'form_renderers': {
'default': 'bootstrap3.renderers.FormRenderer',
},
'field_renderers': {
'default': 'bootstrap3.renderers.FieldRenderer',
'inline': 'bootstrap3.renderers.InlineFieldRenderer',
},
}
# Database
# https://docs.djangoproject.com/en/1.10/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
}
}
# Password validation
# https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators
@ -252,3 +116,21 @@ USE_TZ = True
# https://docs.djangoproject.com/en/1.10/howto/static-files/
STATIC_URL = '/static/'
############################# To be fixed
STATIC_ROOT = os.path.dirname('/home/downhill/ungleich/vuejsuserservice/dal/dal/static/')
# Database
# https://docs.djangoproject.com/en/1.10/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
}
}
SECRET_KEY = 'rn=f&ecp#&#escxpk!0e%a$i3sbm$z@5+g4h9q+w7-83*f2f-i'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True

View file

@ -1,5 +1,4 @@
django>=2.1.2
django-auth-ldap>=1.7.0
ldap3>=2.5.1
django-bootstrap3>=11.0.0
django-compressor>=2.2
django-dotenv