WSGI_APPLICATION = 'application.wsgi.application' # Database DATABASES = { 'default': { {%- if cookiecutter.database == '(none)' %} 'ENGINE': 'django.db.backends.sqlite3', 'NAME': join(BASE_DIR, 'db.sqlite3'), {%- elif cookiecutter.database == 'Postgres' %} 'ENGINE': 'django.db.backends.postgresql', 'NAME': env('POSTGRES_DATABASE', default='postgres'), 'USER': env('POSTGRES_USER', default='postgres'), 'PASSWORD': env('POSTGRES_PASSWORD', default=None), 'HOST': env('POSTGRES_HOST', default='database'), 'PORT': env.int('POSTGRES_PORT', default=5432), {%- elif cookiecutter.database == 'MySQL/MariaDB' %} 'ENGINE': 'django.db.backends.mysql', 'NAME': env('MYSQL_DATABASE', default='mysql'), 'USER': env('MYSQL_USER', default='mysql'), 'PASSWORD': env('MYSQL_PASSWORD', default='mysql'), 'HOST': env('MYSQL_HOST', default='database'), 'PORT': env.int('MYSQL_PORT', default=3306), {%- endif %} } } # Password validation AUTH_PASSWORD_VALIDATORS = [ {
SESSION_EXPIRE_AT_BROWSER_CLOSE = True X_FRAME_OPTIONS = "DENY" ################## # EMAIL SETTINGS # ################## EMAIL_BACKEND = ENV.str( "EMAIL_BACKEND", default="django.core.mail.backends.console.EmailBackend") DEFAULT_FROM_EMAIL = ENV.str("DEFAULT_FROM_EMAIL", default="") SERVER_EMAIL = ENV.str("SERVER_EMAIL", default="") EMAIL_HOST = ENV.str("EMAIL_HOST", default="") EMAIL_PORT = ENV.int("EMAIL_PORT", default=587) EMAIL_USE_TLS = True EMAIL_HOST_USER = ENV.str("EMAIL_HOST_USER", default="") EMAIL_HOST_PASSWORD = ENV.str("EMAIL_HOST_PASSWORD", default="") #################### # DYNAMIC SETTINGS # #################### # set_dynamic_settings() will rewrite globals based on what has been # defined so far, in order to provide some better defaults where # applicable. We also allow this settings module to be imported # without Mezzanine installed, as the case may be when using the # fabfile, where setting the dynamic settings below isn't strictly # required.
}, "root": { "handlers": ["stdout", "ecs"], "level": env.str("LOG_LEVEL", "info").upper() }, } # Enable security features in hosted environments SECURE_HSTS_ENABLED = env.bool("SECURE_HSTS_ENABLED", False) SECURE_HSTS_SECONDS = 60 * 60 * 24 * 365 if SECURE_HSTS_ENABLED else None # 1 year SECURE_BROWSER_XSS_FILTER = not DEBUG SECURE_CONTENT_TYPE_NOSNIFF = not DEBUG SESSION_COOKIE_SECURE = not DEBUG SESSION_EXPIRE_SECONDS = env.int("SESSION_EXPIRE_SECONDS", default=60 * 60) CSRF_COOKIE_SECURE = not DEBUG CSRF_COOKIE_HTTPONLY = not DEBUG X_FRAME_OPTIONS = "SAMEORIGIN" # Content Security Policy CSP_DEFAULT_SRC = env.tuple("CSP_DEFAULT_SRC", default=("'self'", )) CSP_STYLE_SRC = env.tuple("CSP_STYLE_SRC", default=("'self'", )) CSP_SCRIPT_SRC = env.tuple("CSP_SCRIPT_SRC", default=("'self'", )) CSP_FONT_SRC = env.tuple("CSP_FONT_SRC", default=("'self'", )) CSP_REPORT_ONLY = env.bool("CSP_REPORT_ONLY", False) CSP_INCLUDE_NONCE_IN = env.tuple("CSP_INCLUDE_NONCE_IN", default=("script-src", ))
}, }, ] WSGI_APPLICATION = 'application.wsgi.application' # Database DATABASES = { 'default': { 'ENGINE': 'django.db.backends.postgresql', 'NAME': env('POSTGRES_DATABASE', default='postgres'), 'USER': env('POSTGRES_USER', default='postgres'), 'PASSWORD': env('POSTGRES_PASSWORD', default=None), 'HOST': env('POSTGRES_HOST', default='database'), 'PORT': env.int('POSTGRES_PORT', default=5432), } } # Password validation AUTH_PASSWORD_VALIDATORS = [ { 'NAME': 'django.contrib.auth.password_validation.' 'UserAttributeSimilarityValidator', }, { 'NAME': 'django.contrib.auth.password_validation.' 'MinimumLengthValidator',
# -*- coding: utf-8 -*- from multiprocessing import cpu_count from environ import Env env = Env() bind = '0.0.0.0:80' reload = env.bool('GUNICORN_RELOAD', default=False) workers = env.int('GUNICORN_WORKERS', default=(cpu_count() * 2 + 1)) loglevel = env.str('GUNICORN_LOG_LEVEL', default='error') errorlog = '-' # stderr accesslog = '-' if env.bool('GUNICORN_ACCESS_LOG', default=False) else None
USE_L10N = True USE_TZ = True # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/3.0/howto/static-files/ STATIC_URL = '/static/' CORS_ORIGIN_ALLOW_ALL = True CORS_ORIGIN_ALLOW_ALL = True # Authentication user model AUTH_USER_MODEL = 'user.User' # Mail server SENDGRID_API_KEY = env('SENDGRID_API_KEY') DEFAULT_FROM_EMAIL = env('DEFAULT_FROM_EMAIL') # Frontend config FRONTEND_URL = env('FRONTEND_URL') # Reset password code and confirmation code expire time RESET_PASSWORD_EXPIRE_TIME = env.int('RESET_PASSWORD_EXPIRE_SECOND') # Static file(CSS, JS, Images) STATIC_URL = '/static/' MEDIA_ROOT = os.path.join(BASE_DIR, 'media') IMAGE_ROOT = os.path.join(BASE_DIR, 'image') MEDIA_URL = '/media/'
# https://docs.djangoproject.com/en/2.2/topics/i18n/ # LANGUAGE_CODE = "en-us" TIME_ZONE = "UTC" USE_I18N = True USE_L10N = True USE_TZ = True # # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/2.2/howto/static-files/ # STATIC_URL = "/static/" # # Database # https://docs.djangoproject.com/en/2.2/ref/settings/#databases # DATABASES = {"default": env.db()} # # celery # CELERY_BROKER_URL = env.str("CELERY_BROKER_URL") CELERY_RESULT_BACKEND = "django-db" CELERY_RESULT_EXPIRES = 21600 CELERY_BROKER_TRANSPORT_OPTIONS = {"visibility_timeout": 3600} CELERY_WORKER_REDIRECT_STDOUTS_LEVEL = "INFO" IDLE_ELAPSED_TIME_SEC = env.int("IDLE_ELAPSED_TIME_SEC", 30)
env = Env() # SECURITY # ------------------------------------------------------------------------------ # https://docs.djangoproject.com/en/dev/ref/settings/#secure-proxy-ssl-header SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https") # https://docs.djangoproject.com/en/dev/ref/settings/#secure-ssl-redirect SECURE_SSL_REDIRECT = env.bool("DJANGO_SECURE_SSL_REDIRECT", default=True) # https://docs.djangoproject.com/en/dev/ref/settings/#session-cookie-secure SESSION_COOKIE_SECURE = True # https://docs.djangoproject.com/en/dev/ref/settings/#csrf-cookie-secure CSRF_COOKIE_SECURE = True # https://docs.djangoproject.com/en/dev/topics/security/#ssl-https # https://docs.djangoproject.com/en/dev/ref/settings/#secure-hsts-seconds # NOTICE: set this to 60 seconds first and then to 518400 once you prove the former works SECURE_HSTS_SECONDS = env.int("DJANGO_SECURE_HSTS_SECONDS", default=60) # https://docs.djangoproject.com/en/dev/ref/settings/#secure-hsts-include-subdomains SECURE_HSTS_INCLUDE_SUBDOMAINS = env.bool( "DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS", default=True) # https://docs.djangoproject.com/en/dev/ref/settings/#secure-hsts-preload SECURE_HSTS_PRELOAD = env.bool("DJANGO_SECURE_HSTS_PRELOAD", default=True) # https://docs.djangoproject.com/en/dev/ref/middleware/#x-content-type-options-nosniff SECURE_CONTENT_TYPE_NOSNIFF = env.bool("DJANGO_SECURE_CONTENT_TYPE_NOSNIFF", default=True) # STATIC # ------------------------ STATICFILES_STORAGE = "whitenoise.storage.CompressedManifestStaticFilesStorage" # EMAIL # ------------------------------------------------------------------------------
LANGUAGES = [(code, language_names.get(code, code.title())) for code in env.str('LANGUAGES', default='en,fi').split(',')] LANGUAGE_CODE = LANGUAGES[0][0] MEDIA_ROOT = env.str('MEDIA_ROOT', default=os.path.join(BASE_DIR, 'mediafiles')) MEDIA_URL = '/media/' ROOT_URLCONF = 'cfh.urls' STATIC_ROOT = env.str('STATIC_ROOT', default=os.path.join(BASE_DIR, 'static')) STATIC_URL = '/static/' TIME_ZONE = 'Europe/Helsinki' USE_I18N = True USE_L10N = True USE_TZ = True WSGI_APPLICATION = 'cfh.wsgi.application' GEOREPORT_API_ROOT = env.str('ISSUES_GEOREPORT_API_ROOT', default='api/georeport/v2/') ISSUES_DEFAULT_MODERATION_STATUS = env.str('ISSUES_DEFAULT_MODERATION_STATUS', default='public') ISSUES_GEOMETRY_SRID = env.int('ISSUES_GEOMETRY_SRID', default=4326) LOGIN_REDIRECT_URL = '/' PARLER_LANGUAGES = { None: [{ 'code': code } for (code, name) in LANGUAGES], 'default': { 'fallback': LANGUAGE_CODE, 'hide_untranslated': False, } }
TEMPLATES = [ { "BACKEND": "django.template.backends.jinja2.Jinja2", "DIRS": [], "APP_DIRS": True, "OPTIONS": { "environment": "jinja2.sandbox.SandboxedEnvironment" }, }, ] ROOT_URLCONF = "cruftbot.urls.production" WSGI_APPLICATION = "cruftbot.wsgi.application" SITE_ID = env.int("CRUFTBOT_SITE_ID") DATABASES = {"default": env.db("CRUFTBOT_DATABASE_URL")} AUTH_PASSWORD_VALIDATORS = [ { "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator" }, { "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator" }, { "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"
# to load the internationalization machinery. USE_I18N = True # If you set this to False, Django will not format dates, numbers and # calendars according to the current locale. USE_L10N = True # If you set this to False, Django will not use timezone-aware datetimes. USE_TZ = True # DATABASES # ------------------------------------------------------------------------------ # https://docs.djangoproject.com/en/dev/ref/settings/#databases DATABASES = {"default": env.db("DATABASE_URL")} DATABASES["default"]["ATOMIC_REQUESTS"] = True DATABASES["default"]["CONN_MAX_AGE"] = env.int("CONN_MAX_AGE", default=10) # noqa F405 # https://docs.djangoproject.com/en/stable/ref/settings/#std:setting-DEFAULT_AUTO_FIELD DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" # URLS # ------------------------------------------------------------------------------ # https://docs.djangoproject.com/en/dev/ref/settings/#root-urlconf ROOT_URLCONF = "{{cookiecutter.repo_name}}.config.urls" # https://docs.djangoproject.com/en/dev/ref/settings/#wsgi-application WSGI_APPLICATION = "{{cookiecutter.repo_name}}.config.wsgi.application" # APPS # ------------------------------------------------------------------------------ DJANGO_APPS = [ "django.contrib.auth", "django.contrib.contenttypes",
LANGUAGES = [ (code, language_names.get(code, code.title())) for code in env.str('LANGUAGES', default='en,fi').split(',') ] LANGUAGE_CODE = LANGUAGES[0][0] MEDIA_ROOT = env.str('MEDIA_ROOT', default=os.path.join(BASE_DIR, 'mediafiles')) MEDIA_URL = '/media/' ROOT_URLCONF = 'cfh.urls' STATIC_ROOT = env.str('STATIC_ROOT', default=os.path.join(BASE_DIR, 'static')) STATIC_URL = '/static/' TIME_ZONE = 'Europe/Helsinki' USE_I18N = True USE_L10N = True USE_TZ = True WSGI_APPLICATION = 'cfh.wsgi.application' GEOREPORT_API_ROOT = env.str('ISSUES_GEOREPORT_API_ROOT', default='api/georeport/v2/') ISSUES_DEFAULT_MODERATION_STATUS = env.str('ISSUES_DEFAULT_MODERATION_STATUS', default='public') ISSUES_GEOMETRY_SRID = env.int('ISSUES_GEOMETRY_SRID', default=4326) LOGIN_REDIRECT_URL = '/' PARLER_LANGUAGES = { None: [ {'code': code} for (code, name) in LANGUAGES ], 'default': { 'fallback': LANGUAGE_CODE, 'hide_untranslated': False, } }
'django.contrib.messages.context_processors.messages', ], }, }, ] WSGI_APPLICATION = 'cinemaFriday.wsgi.application' DATABASES = { 'default': { 'ENGINE': 'django.db.backends.postgresql_psycopg2', 'NAME': env.str('POSTGRES_DB'), 'USER': env.str('POSTGRES_USER'), 'PASSWORD': env.str('POSTGRES_PASSWORD'), 'HOST': env.str('PG_HOST'), 'PORT': env.int('PG_PORT'), } } AUTH_PASSWORD_VALIDATORS = [ { 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', }, { 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', }, { 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
# -*- coding: utf-8 -*- from multiprocessing import cpu_count from environ import Env env = Env() bind = ['0.0.0.0:80'] reload = env.bool('GUNICORN_RELOAD', False) workers = env.int('GUNICORN_WORKERS', cpu_count() * 2 + 1) loglevel = env.str('GUNICORN_LOG_LEVEL', 'info') errorlog = '-' # stderr accesslog = '-' if env.bool('GUNICORN_ACCESS_LOG', False) else None
"format": "(asctime)(levelname)(message)(filename)(lineno)(threadName)(name)(thread)(created)(process)(processName)(relativeCreated)(module)(funcName)(levelno)(msecs)(pathname)", # noqa }, }, "handlers": {"console": {"class": "logging.StreamHandler", "formatter": "json",},}, "loggers": {"": {"handlers": ["console"], "level": env.str("LOG_LEVEL", "INFO")},}, } # Enable security features in hosted environments SECURE_HSTS_ENABLED = env.bool("SECURE_HSTS_ENABLED", False) SECURE_HSTS_SECONDS = 60 * 60 * 24 * 365 if SECURE_HSTS_ENABLED else None # 1 year SECURE_BROWSER_XSS_FILTER = not DEBUG SECURE_CONTENT_TYPE_NOSNIFF = not DEBUG SESSION_COOKIE_SECURE = not DEBUG SESSION_EXPIRE_SECONDS = env.int("SESSION_EXPIRE_SECONDS", default=60 * 60) CSRF_COOKIE_SECURE = not DEBUG CSRF_COOKIE_HTTPONLY = not DEBUG X_FRAME_OPTIONS = "SAMEORIGIN" # Content Security Policy CSP_DEFAULT_SRC = env.tuple("CSP_DEFAULT_SRC", default=("'self'",)) CSP_STYLE_SRC = env.tuple("CSP_STYLE_SRC", default=("'self'",)) CSP_SCRIPT_SRC = env.tuple("CSP_SCRIPT_SRC", default=("'self'",)) CSP_FONT_SRC = env.tuple("CSP_FONT_SRC", default=("'self'",)) CSP_REPORT_ONLY = env.bool("CSP_REPORT_ONLY", False) CSP_INCLUDE_NONCE_IN = env.tuple("CSP_INCLUDE_NONCE_IN", default=("script-src",))
# -*- coding: utf-8 -*- from multiprocessing import cpu_count from environ import Env env = Env() bind = '0.0.0.0:80' reload = env.bool('GUNICORN_RELOAD', default=False) workers = env.int('GUNICORN_WORKERS', default=(cpu_count() * 2 + 1)) loglevel = env.str('GUNICORN_LOG_LEVEL', default='error') errorlog = '-' # stderr accesslog = '-' if env.bool('GUNICORN_ACCESS_LOG', default=False) else None timeout = 60
STATICFILES_STORAGE = ENV.str( "STATICFILES_STORAGE", "django.contrib.staticfiles.storage.StaticFilesStorage") STATIC_URL = ENV.str("STATIC_URL", "/static/") STATIC_ROOT = ENV.str("STATIC_ROOT", os.path.join(BASE_DIR, "static")) AWS_STORAGE_BUCKET_NAME = ENV.str("AWS_STORAGE_BUCKET_NAME", None) AWS_S3_CUSTOM_DOMAIN = ENV.str("AWS_S3_CUSTOM_DOMAIN", None) AWS_S3_REGION_NAME = ENV.str("AWS_S3_REGION_NAME", None) AWS_S3_ENDPOINT_URL = ENV.str("AWS_S3_ENDPOINT_URL", None) AWS_DEFAULT_ACL = "public-read" MEDIA_URL = ENV.str("MEDIA_URL", "/media/") MEDIA_ROOT = ENV.str("MEDIA_ROOT", os.path.join(BASE_DIR, "media")) RTMP_SECRET = ENV.str("RTMP_SECRET", None) EXPIRE_VIEWER_SECONDS = ENV.int("EXPIRE_VIEWER_SECONDS", 60) RTMP_ENDPOINT = ENV.str("RTMP_ENDPOINT", None) FFMPEG_PATH = ENV.str("FFMPEG_PATH", "ffmpeg") FFPROBE_PATH = ENV.str("FFPROBE_PATH", "ffprobe") # API # http://www.django-rest-framework.org/ # https://django-oauth-toolkit.readthedocs.io/en/latest/index.html REST_FRAMEWORK = { "DEFAULT_VERSIONING_CLASS": "rest_framework.versioning.URLPathVersioning", "DEFAULT_VERSION": ENV.str("DEFAULT_API_VERSION", "v1"), "ALLOWED_VERSIONS": ENV.list("ALLOWED_API_VERSIONS", default=["v1"]),
from .base import * from environ import Env SECRET_KEY = 'manh5ag9_tgp$l7du6e)mm_+iqr$t-u7rb!9#n6^!hja(&dx1$' ENV_PATH = os.path.join(BASE_DIR, '.env') env = Env() if os.path.exists(ENV_PATH): env.read_env(ENV_PATH) TOKEN_EXPIRED_AFTER_SECONDS = env.int('TOKEN_EXPIRED_AFTER_SECONDS') DEFAULT_FROM_EMAIL = env('DEFAULT_FROM_EMAIL') SENDGRID_API_KEY = env('SENDGRID_API_KEY') DEBUG = True INSTALLED_APPS.append('debug_toolbar') MIDDLEWARE.append('debug_toolbar.middleware.DebugToolbarMiddleware', ) STATIC_URL = '/static/' STATIC_ROOT = os.path.join(BASE_DIR, 'static/') MEDIA_URL = '/media/' MEDIA_ROOT = os.path.join(BASE_DIR, 'media/') INTERNAL_IPS = ['127.0.0.1', '0.0.0.0'] DATABASES = { 'default': { 'ENGINE': 'django.db.backends.mysql', 'HOST': env('DB_HOST'), 'USER': env('DB_USER'), 'PASSWORD': env('DB_PASSWORD'),
STATICFILES_STORAGE = 'whitenoise.storage.CompressedStaticFilesStorage' STATICFILES_FINDERS = ( "django.contrib.staticfiles.finders.FileSystemFinder", "django.contrib.staticfiles.finders.AppDirectoriesFinder", ) TRUSTED_USER_TOKEN = 'ssobypass' USER_DATA_CACHE_TIME = 3600 METADATA_CACHE_TIME = "10600" MOCK_METADATA = False USE_S3_FOR_CSV_DOWNLOADS = env("USE_S3_FOR_CSV_DOWNLOADS", default=True) # CACHE / REDIS # Try to read from PaaS service env vars first REDIS_DB = env.int("REDIS_DB", default=4) if "redis" in VCAP_SERVICES: REDIS_URI = VCAP_SERVICES["redis"][0]["credentials"]["uri"] else: REDIS_URI = env("REDIS_URI") REDIS_URI = f"{REDIS_URI}/{REDIS_DB}" if REDIS_URI: CACHES = { "default": { "BACKEND": "django_redis.cache.RedisCache", "LOCATION": REDIS_URI, "OPTIONS": {"CLIENT_CLASS": "django_redis.client.DefaultClient"}, } }
AWS_BUCKET_ACL: str = env.str(var='AWS_BUCKET_ACL') AWS_S3_SIGNATURE_VERSION: str = env.str(var='AWS_S3_SIGNATURE_VERSION') AWS_S3_REGION_NAME: str = env.str(var='AWS_S3_REGION_NAME') AWS_S3_ENCRYPTION: bool = env.bool(var='AWS_S3_ENCRYPTION') # Celery CELERY_BROKER_URL: str = env.str(var='CELERY_BROKER_URL') CELERY_RESULT_BACKEND: str = env.str(var='CELERY_RESULT_BACKEND') CELERY_TIMEZONE: str = 'Asia/Almaty' CELERY_ENABLE_UTC: bool = True CELERY_ACCEPT_CONTENT: Tuple = ('application/json',) CELERY_TASK_SERIALIZER: str = 'json' CELERY_RESULT_SERIALIZER: str = 'json' CELERY_TASK_ACKS_LATE: bool = True # Email EMAIL_HOST: str = env.str(var='EMAIL_HOST') EMAIL_PORT: int = env.int(var='EMAIL_PORT') EMAIL_HOST_USER: str = env.str(var='EMAIL_HOST_USER') DEFAULT_FROM_EMAIL: str = EMAIL_HOST_USER EMAIL_HOST_PASSWORD: str = env.str(var='EMAIL_HOST_PASSWORD') EMAIL_USE_TLS: bool = env.bool(var='EMAIL_USE_TLS') EMAIL_USE_SSL: bool = env.bool(var='EMAIL_USE_SSL') # Debug toolbar # if DEBUG: # from .helpers.debug_settings import ( # DEFAULT_DEBUG_MIDDLEWARES, DEFAULT_DEBUG_INTERNAL_IPS, # DEFAULT_DEBUG_TOOLBAR_PANELS, DEFAULT_DEBUG_APPS, # DEFAULT_DEBUG_TOOLBAR_CONFIG # ) # # INSTALLED_APPS += ('silk',) + DEFAULT_DEBUG_APPS # MIDDLEWARE += tuple(
return {"BACKEND": "django.core.cache.backends.dummy.DummyCache"} CACHE_MIDDLEWARE_KEY_PREFIX = "startuporganizer" CACHE_MIDDLEWARE_SECONDS = 60 CACHES = {"default": get_memcache_config()} SESSION_ENGINE = "django.contrib.sessions.backends.cache" # Password validation # https://docs.djangoproject.com/en/2.2/ref/settings/#auth-password-validators AUTH_USER_MODEL = "user.User" ACCOUNT_ACTIVATION_DAYS = ENV.int("ACCOUNT_ACTIVATION_DAYS", default=7) # https://django-registration.readthedocs.io/en/3.0.1/activation-workflow.html#salt-security REGISTRATION_SALT = ENV.str("REGISTRATION_SALT", default="registration") PASSWORD_HASHERS = [ "django.contrib.auth.hashers.Argon2PasswordHasher", "django.contrib.auth.hashers.PBKDF2PasswordHasher", ] AUTH_P = "django.contrib.auth.password_validation." AUTH_PASSWORD_VALIDATORS = [ { "NAME": AUTH_P + "UserAttributeSimilarityValidator", "OPTIONS": { "user_attributes": ( "email",