settings.py 6.38 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13
"""
Django settings for ipv6work project.

Generated by 'django-admin startproject' using Django 2.1.2.

For more information on this file, see
https://docs.djangoproject.com/en/2.1/topics/settings/

For the full list of settings and their values, see
https://docs.djangoproject.com/en/2.1/ref/settings/
"""

import os
14
import ldap
Aatish Neupane's avatar
Aatish Neupane committed
15
from decouple import config, Csv
16
from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion
17 18 19 20 21 22 23 24 25 26 27 28

# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))


# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/2.1/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = '+0t^onasc-b+_ry$!6@hpf4o79rw6m%q7dow5#ia+@nla&2@0-'

# SECURITY WARNING: don't run with debug turned on in production!
Aatish Neupane's avatar
Aatish Neupane committed
29
DEBUG = config('DEBUG', cast=bool, default=False)
30

Aatish Neupane's avatar
Aatish Neupane committed
31
ALLOWED_HOSTS = config('ALLOWED_HOSTS', cast=Csv(), default="*")
Aatish Neupane's avatar
Aatish Neupane committed
32
CSRF_TRUSTED_ORIGINS = ['.ungleich.ch']
33 34 35 36 37 38 39 40 41 42 43 44

# Application definition

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
]

45 46 47 48 49 50 51 52 53
# Libraries and other apps
INSTALLED_APPS += [
    'crispy_forms',

    # Used for autocomplete and dynamic creation of tags.
    # Ff this widget is required for admin, place these
    # before 'django.contrib.admin' app
    'dal',
    'dal_select2',
54

55 56
    # for authorization, rules are autodiscovered from rules.py in apps
    'rules.apps.AutodiscoverRulesConfig',
57 58 59
]

# Our apps
60 61
INSTALLED_APPS += [
    'jobs',
62
    'users',
63 64 65 66 67 68 69 70 71
]

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
PCoder's avatar
PCoder committed
72
    'django.middleware.clickjacking.XFrameOptionsMiddleware'
73 74
]

75 76 77 78
IPV6_EXEMPT_URLS = [r'^$']
DISABLE_IPV4_BLOCK = config('DISABLE_IPV4_BLOCK', cast=bool, default=False)


79 80 81 82 83
ROOT_URLCONF = 'ipv6work.urls'

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
84
        'DIRS': ['templates/'],
85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
            ],
        },
    },
]

WSGI_APPLICATION = 'ipv6work.wsgi.application'


# Database
# https://docs.djangoproject.com/en/2.1/ref/settings/#databases

DATABASES = {
    'default': {
Aatish Neupane's avatar
Aatish Neupane committed
105 106
        'ENGINE': config('DATABASE_BACKEND', default='django.db.backends.sqlite3'),
        'NAME': config('DATABASE_NAME', default=os.path.join(BASE_DIR, 'db.sqlite3')),
107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128
    }
}


# Password validation
# https://docs.djangoproject.com/en/2.1/ref/settings/#auth-password-validators

AUTH_PASSWORD_VALIDATORS = [
    {
        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
    },
]

129 130
AUTHENTICATION_BACKENDS = (
    'rules.permissions.ObjectPermissionBackend',
131
    'django_auth_ldap.backend.LDAPBackend',
132
)
133

134
USE_X_FORWARDED_HOST = True
135
FORCE_SCRIPT_NAME = config('FORCE_SCRIPT_NAME', '/ipv6/work/')
136 137 138 139 140 141 142 143

LOGIN_URL = 'login'
LOGOUT_URL = 'logout'
ROOT_URLCONF = 'ipv6work.urls'


LOGIN_REDIRECT_URL = FORCE_SCRIPT_NAME
LOGOUT_REDIRECT_URL = FORCE_SCRIPT_NAME
144

Aatish Neupane's avatar
Aatish Neupane committed
145 146 147 148 149
# This is necessary because when accessing from dynamicweb.ungleich.ch, 
# the browser tries to access 'favicon.ico' which resets the session as
# another Django app (dynamicweb) is running on /.
SESSION_COOKIE_NAME = 'session-ipv6-work'

150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166
# Internationalization
# https://docs.djangoproject.com/en/2.1/topics/i18n/

LANGUAGE_CODE = 'en-us'

TIME_ZONE = 'UTC'

USE_I18N = True

USE_L10N = True

USE_TZ = True


# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/2.1/howto/static-files/

Aatish Neupane's avatar
Aatish Neupane committed
167

168
STATIC_URL = FORCE_SCRIPT_NAME + 'static/'
Aatish Neupane's avatar
Aatish Neupane committed
169

Aatish Neupane's avatar
Aatish Neupane committed
170
STATIC_ROOT = os.path.join(BASE_DIR, 'static/')
171

Aatish Neupane's avatar
Aatish Neupane committed
172
MEDIA_ROOT = os.path.join(BASE_DIR, 'media/')
173
MEDIA_URL = FORCE_SCRIPT_NAME + 'media/'
174 175

CRISPY_TEMPLATE_PACK = 'bootstrap4'
176 177 178 179 180


AUTH_LDAP_SERVER_URI = config('AUTH_LDAP_SERVER_URI')
AUTH_LDAP_BIND_DN = config('AUTH_LDAP_BIND_DN')
AUTH_LDAP_BIND_PASSWORD = config('AUTH_LDAP_BIND_PASSWORD')
181 182 183 184 185 186 187
AUTH_LDAP_USER_SEARCH = LDAPSearchUnion(
    LDAPSearch("ou=users,dc=ungleich,dc=ch",
               ldap.SCOPE_SUBTREE, "(uid=%(user)s)"),
    LDAPSearch("ou=customers,dc=ungleich,dc=ch",
               ldap.SCOPE_SUBTREE, "(uid=%(user)s)"),
)

188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208
AUTH_LDAP_USER_ATTR_MAP = {
    'first_name': 'givenName',
    'last_name': 'sn',
    'email': 'mail',
}
AUTH_LDAP_ALWAYS_UPDATE_USER = True
LOGGING = {
    'disable_existing_loggers': False,
    'version': 1,
    'handlers': {
        'console': {
            'class': 'logging.StreamHandler',
        },
    },
    'loggers': {
        'django_auth_ldap': {
            'level': 'DEBUG',
            'handlers': ['console'],
        },
    },
}
209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239

if config('ENABLE_DEBUG_LOG', False):
    loggers_dict = {}
    LOGGING['handlers']['file'] = {
        'level': 'DEBUG',
        'class': 'logging.FileHandler',
        'filename': os.path.join(BASE_DIR, 'debug.log'),
    }

    MODULES_TO_LOG = config('MODULES_TO_LOG', 'django')
    LOGGING['handlers']['file'] = {
        'level': 'DEBUG',
        'class': 'logging.FileHandler',
        'filename': os.path.join(BASE_DIR, 'debug.log'),
    }

    if MODULES_TO_LOG is None:
        # set MODULES_TO_LOG to django, if it is not set
        MODULES_TO_LOG = 'django'
    modules_to_log_list = MODULES_TO_LOG.split(',')
    for custom_module in modules_to_log_list:
        logger_item = {
            custom_module: {
                'handlers': ['file'],
                'level': 'DEBUG',
                'propagate': True
            }
        }
        loggers_dict.update(logger_item)

    LOGGING['loggers'] = loggers_dict