class Production(Common): DEBUG = False DATABASE_URL = values.DatabaseURLValue( 'sqlite:////data/kubeportal.sqlite3', environ_prefix='KUBEPORTAL') DATABASES = DATABASE_URL STATIC_ROOT = values.Value('', environ_prefix='KUBEPORTAL') STATICFILES_DIRS = values.TupleValue('', environ_prefix='KUBEPORTAL') REDIRECT_HOSTS = values.TupleValue(None, environ_prefix='KUBEPORTAL') EMAIL_HOST = values.Value('localhost', environ_prefix='KUBEPORTAL') LOG_LEVEL_PORTAL = values.Value('ERROR', environ_prefix='KUBEPORTAL') LOG_LEVEL_REQUEST = values.Value('ERROR', environ_prefix='KUBEPORTAL') # read the environment variables immediately because they're used to # configure the loggers below LOG_LEVEL_PORTAL.setup('LOG_LEVEL_PORTAL') LOG_LEVEL_REQUEST.setup('LOG_LEVEL_REQUEST') LOGGING = { 'version': 1, 'disable_existing_loggers': False, 'formatters': { 'verbose': { 'format': "[%(asctime)s] %(levelname)s %(message)s" }, }, 'handlers': { 'mail_admins': { 'level': 'ERROR', 'class': 'django.utils.log.AdminEmailHandler', 'formatter': 'verbose' }, 'console': { 'level': 'DEBUG', 'class': 'logging.StreamHandler', 'formatter': 'verbose' }, }, 'loggers': { 'django.request': { 'handlers': ['mail_admins', 'console'], 'level': LOG_LEVEL_REQUEST.value, 'propagate': True }, 'KubePortal': { 'handlers': ['mail_admins', 'console', ], 'level': LOG_LEVEL_PORTAL.value, 'propagate': True }, } }
class Production(Common): CLUSTER_API_SERVER = values.Value('', environ_prefix='KUBEPORTAL') DEBUG = False DATABASE_URL = values.DatabaseURLValue( 'sqlite:////data/kubeportal.sqlite3', environ_prefix='KUBEPORTAL') DATABASES = DATABASE_URL STATIC_ROOT = values.Value('', environ_prefix='KUBEPORTAL') STATICFILES_DIRS = values.TupleValue('', environ_prefix='KUBEPORTAL') REDIRECT_HOSTS = values.TupleValue(None, environ_prefix='KUBEPORTAL') EMAIL_HOST = values.Value('localhost', environ_prefix='KUBEPORTAL')
class Production(Common): """ The in-production settings. """ # Security SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(31_536_000) SECURE_REDIRECT_EXEMPT = values.ListValue([]) SECURE_SSL_HOST = values.Value(None) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue( ("HTTP_X_FORWARDED_PROTO", "https")) AWS_REGION = values.Value("us-east-1", environ_prefix=None) AWS_ACCESS_KEY_ID = values.SecretValue(environ_prefix=None) AWS_SECRET_ACCESS_KEY = values.SecretValue(environ_prefix=None) AWS_S3_BUCKET_NAME = values.Value(environ_prefix=None) CONTRACTS_DOCUMENT_STORAGE = "django_s3_storage.storage.S3Storage" @property def CACHES(self): return { "default": { "BACKEND": "django_redis.cache.RedisCache", "LOCATION": f"{self.REDIS_URL}/1", "OPTIONS": { "CLIENT_CLASS": "django_redis.client.DefaultClient" }, } }
class Production(Common): """ The production settings. """ INSTALLED_APPS = Common.INSTALLED_APPS + ( 'djangosecure', 'raven.contrib.django.raven_compat', ) SPEAKER_SUBMISSION = False ALLOWED_HOSTS = [ 'speakers.herokuapp.com', 'calltospeakers.com', 'www.calltospeakers.com', ] # django-secure SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_FRAME_DENY = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue( ('HTTP_X_FORWARDED_PROTO', 'https'))
class Production(Base): DEBUG = False TEMPLATE_DEBUG = False ALLOWED_HOSTS = values.TupleValue(('example.com', )) CELERY_ALWAYS_EAGER = values.BooleanValue(False) COMPRESS_ENABLED = values.BooleanValue(True) COMPRESS_OFFLINE = values.BooleanValue(True)
class Staging(Common): """ The in-staging settings. """ INSTALLED_APPS = Common.INSTALLED_APPS + ('storages', ) # django-secure now integrated inside django 1.8+ SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_FRAME_DENY = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue( ('HTTP_X_FORWARDED_PROTO', 'https')) AWS_ACCESS_KEY_ID = values.Value(environ_prefix=None) AWS_SECRET_ACCESS_KEY = values.Value(environ_prefix=None) AWS_STORAGE_BUCKET_NAME = 'grp-portfolio-media' AWS_QUERYSTRING_AUTH = values.BooleanValue(False) S3_URL = 'http://%s.s3.amazonaws.com/' % AWS_STORAGE_BUCKET_NAME MEDIA_ROOT = '/media/' MEDIA_URL = S3_URL + MEDIA_ROOT DEFAULT_FILE_STORAGE = 'storages.backends.s3boto.S3BotoStorage' EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' PROTOCOL = 'https'
class Staging(Common): """ The in-staging settings. """ # Security BASE_DIR = os.path.dirname(os.path.dirname(__file__)) SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) SECURE_REDIRECT_EXEMPT = values.ListValue([]) SECURE_SSL_HOST = values.Value(None) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue( ('HTTP_X_FORWARDED_PROTO', 'https') ) WEBPACK_LOADER = { 'DEFAULT': { 'BUNDLE_DIR_NAME': 'bundles/', 'STATS_FILE': os.path.join(BASE_DIR, 'webpack-stats.prod.json'), } }
class Production(Base): """Settings for the production environment.""" USE_X_FORWARDED_HOST = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue(('HTTP_X_FORWARDED_PROTO', 'https')) LOGGING_USE_JSON = values.Value(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) # 1 year DEFAULT_FILE_STORAGE = values.Value('storages.backends.s3boto3.S3Boto3Storage')
class Production(Base): """Settings for the production environment.""" USE_X_FORWARDED_HOST = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue(('HTTP_X_FORWARDED_PROTO', 'https')) LOGGING_USE_JSON = values.Value(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) # 1 year DEFAULT_FILE_STORAGE = values.Value('normandy.base.storage.S3Boto3PermissiveStorage') AWS_S3_FILE_OVERWRITE = False
class Production(Base): """Settings for the production environment.""" SECURE_PROXY_SSL_HEADER = values.TupleValue(("HTTP_X_FORWARDED_PROTO", "https")) LOGGING_USE_JSON = values.Value(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) # 1 year DEFAULT_FILE_STORAGE = values.Value("normandy.base.storage.NormandyS3Boto3Storage") AWS_S3_FILE_OVERWRITE = False METRICS_USE_STATSD = values.Value(True)
class Production(Base): DEBUG = False @property def TEMPLATES(self): TEMP = super().TEMPLATES TEMP[0]['OPTIONS']['debug'] = False return TEMP ALLOWED_HOSTS = values.TupleValue(('example.com', )) CELERY_TASK_ALWAYS_EAGER = values.BooleanValue(False) STATICFILES_STORAGE = 'django.contrib.staticfiles.storage.ManifestStaticFilesStorage'
class Production(Common): # Security SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) SECURE_REDIRECT_EXEMPT = values.ListValue([]) SECURE_SSL_HOST = values.Value(None) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue( ('HTTP_X_FORWARDED_PROTO', 'https')) ALLOWED_HOSTS = ['*']
class Production(Base): DEBUG = False @property def TEMPLATES(self): TEMP = super(Production, self).TEMPLATES TEMP[0]['OPTIONS']['debug'] = False return TEMP ALLOWED_HOSTS = values.TupleValue(('example.com', )) CELERY_ALWAYS_EAGER = values.BooleanValue(False) COMPRESS_ENABLED = values.BooleanValue(True) COMPRESS_OFFLINE = values.BooleanValue(True)
class Production(Base): """Settings for the production environment.""" USE_X_FORWARDED_HOST = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue( ('HTTP_X_FORWARDED_PROTO', 'https')) LOGGING_USE_JSON = values.Value(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) # 1 year DEFAULT_FILE_STORAGE = values.Value( 'normandy.base.storage.S3Boto3PermissiveStorage') AWS_S3_FILE_OVERWRITE = False # Custom CORS settings that overrides the CORS class's configuration. # In production we harden it down a bit extra. CORS_ORIGIN_ALLOW_ALL = values.BooleanValue(False)
class Production(Common): """ The in-production settings. """ # Security SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) SECURE_REDIRECT_EXEMPT = values.ListValue([]) SECURE_SSL_HOST = values.Value(None) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue(("HTTP_X_FORWARDED_PROTO", "https"))
class Staging(BaseSettings): SECRET_KEY = values.SecretValue() # Security SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) SECURE_REDIRECT_EXEMPT = values.ListValue([]) SECURE_SSL_HOST = values.Value(None) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue( ('HTTP_X_FORWARDED_PROTO', 'https'))
class Staging(Common): """ The in-staging settings. """ INSTALLED_APPS = Common.INSTALLED_APPS + ('djangosecure', ) # django-secure SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_FRAME_DENY = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue( ('HTTP_X_FORWARDED_PROTO', 'https'))
class Staging(Common): """ The in-staging settings. """ STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage' # Security SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) SECURE_REDIRECT_EXEMPT = values.ListValue([]) SECURE_SSL_HOST = values.Value(None) SECURE_PROXY_SSL_HEADER = values.TupleValue( ('HTTP_X_FORWARDED_PROTO', 'https'))
class Staging(Common): """ The in-staging settings. """ # Security BASE_DIR = os.path.dirname(os.path.dirname(__file__)) SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) SECURE_REDIRECT_EXEMPT = values.ListValue([]) SECURE_SSL_HOST = values.Value(None) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue( ('HTTP_X_FORWARDED_PROTO', 'https'))
class Staging(Common): """ The in-staging settings. """ SESSION_COOKIE_SECURE = values.BooleanValue(False) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(False) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(False) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(False) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) SECURE_REDIRECT_EXEMPT = values.ListValue(["localhost", "127.0.0.1"]) SECURE_SSL_HOST = values.Value(None) SECURE_SSL_REDIRECT = values.BooleanValue(False) SECURE_PROXY_SSL_HEADER = values.TupleValue( ("HTTP_X_FORWARDED_PROTO", "https")) DATABASES = values.DatabaseURLValue("postgresql://*****:*****@postgres/pg")
class Staging(Common): """ The in-staging settings. """ # Security SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) SECURE_REDIRECT_EXEMPT = values.ListValue([]) SECURE_SSL_HOST = values.Value(None) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue( ('HTTP_X_FORWARDED_PROTO', 'https')) CSRF_COOKIE_SECURE = values.BooleanValue(True) X_FRAME_OPTIONS = 'DENY' SECURE_HSTS_PRELOAD = values.BooleanValue(True)
class Staging(Common): """ The in-staging settings. """ # Security SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) SECURE_REDIRECT_EXEMPT = values.ListValue([]) SECURE_SSL_HOST = values.Value(None) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue( ('HTTP_X_FORWARDED_PROTO', 'https') ) DATABASES = Common.DATABASES DATABASES = values.DatabaseURLValue( 'postgres://*****:*****@localhost/default' )
class Heroku(Common): INSTALLED_APPS = Common.INSTALLED_APPS SECRET_KEY = os.getenv('DJANGO_SECRET_KEY') # Site # https://docs.djangoproject.com/en/2.0/ref/settings/#allowed-hosts ALLOWED_HOSTS = ["*"] INSTALLED_APPS += ("gunicorn", ) RQ_QUEUES = { 'default': { 'URL': os.getenv('REDIS_URL', 'redis://localhost:6379/0'), # If you're on Heroku 'DEFAULT_TIMEOUT': 600, }, } CORS_ORIGIN_ALLOW_ALL = values.BooleanValue( False, environ_name='CORS_ORIGIN_ALLOW_ALL') CORS_ORIGIN_WHITELIST = values.TupleValue( ('http://localhost:8000', ), environ_name='CORS_ORIGIN_WHITELIST')
class Staging(Common): """ The in-staging settings. """ ALLOWED_HOSTS = [ 'staging.smartz.io', 'stage.smartz.io', '.stage.smartz.io' ] # Security SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) SECURE_REDIRECT_EXEMPT = values.ListValue([]) SECURE_SSL_HOST = values.Value(None) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue( ('HTTP_X_FORWARDED_PROTO', 'https')) SMARTZ_SHOW_SWAGGER_SCHEMA = True
class SSL(object): """Default settings for SSL-enabled servers. Please read Django's SSL/HTTPS documentation and modify this configuration as needed. Be advised that the default settings will not work with all web servers. """ CSRF_COOKIE_SECURE = values.BooleanValue(True) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) SECURE_HSTS_SECONDS = values.IntegerValue(3600) SECURE_PROXY_SSL_HEADER = values.TupleValue(None) SECURE_REDIRECT_EXEMPT = values.ListValue([]) SECURE_SSL_HOST = values.Value('www.example.com') SECURE_SSL_REDIRECT = values.BooleanValue(True) SESSION_COOKIE_SECURE = values.BooleanValue(True)
class Base(Configuration): DEBUG = values.BooleanValue(True) TEMPLATE_DEBUG = values.BooleanValue(DEBUG) DATABASES = values.DatabaseURLValue('sqlite:///dev.db') CONN_MAX_AGE = None INSTALLED_APPS = values.ListValue([ 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.sites', 'django.contrib.messages', 'django.contrib.staticfiles', 'django.contrib.admin', 'django_comments', 'django.contrib.flatpages', 'django.contrib.sitemaps', # external 'haystack', 'djcelery', 'taggit', 'floppyforms', 'overextends', 'tastypie', 'tastypie_swagger', 'storages', 'compressor', # local 'froide.foirequest', 'froide.foirequestfollower', 'froide.frontpage', 'froide.publicbody', 'froide.account', 'froide.redaction', 'froide.foisite', 'froide.helper', ]) CACHES = values.CacheURLValue('dummy://') # ############# Site Configuration ######### # Make this unique, and don't share it with anybody. SECRET_KEY = 'make_me_unique!!' SITE_NAME = values.Value('Froide') SITE_EMAIL = values.Value('*****@*****.**') SITE_URL = values.Value('http://*****:*****@example.com'), ) MANAGERS = ADMINS INTERNAL_IPS = values.TupleValue(('127.0.0.1', )) # ############## PATHS ############### PROJECT_ROOT = os.path.abspath(os.path.dirname(__file__)) LOCALE_PATHS = values.TupleValue( (os.path.abspath(os.path.join(PROJECT_ROOT, '..', "locale")), )) GEOIP_PATH = None # Absolute filesystem path to the directory that will hold user-uploaded files. # Example: "/home/media/media.lawrence.com/media/" MEDIA_ROOT = os.path.abspath(os.path.join(PROJECT_ROOT, "..", "files")) # Sub path in MEDIA_ROOT that will hold FOI attachments FOI_MEDIA_PATH = values.Value('foi') # Absolute path to the directory static files should be collected to. # Don't put anything in this directory yourself; store your static files # in apps' "static/" subdirectories and in STATICFILES_DIRS. # Example: "/home/media/media.lawrence.com/static/" STATIC_ROOT = os.path.abspath(os.path.join(PROJECT_ROOT, "..", "public")) # Additional locations of static files STATICFILES_DIRS = (os.path.join(PROJECT_ROOT, "static"), ) COMPRESS_ENABLED = values.BooleanValue(False) COMPRESS_JS_FILTERS = ['compressor.filters.jsmin.JSMinFilter'] COMPRESS_CSS_FILTERS = [ 'compressor.filters.css_default.CssAbsoluteFilter', 'compressor.filters.cssmin.CSSMinFilter' ] COMPRESS_PARSER = 'compressor.parser.HtmlParser' # Additional locations of template files TEMPLATE_DIRS = (os.path.join(PROJECT_ROOT, "templates"), ) # ########## URLs ################# ROOT_URLCONF = values.Value('froide.urls') # URL that handles the media served from MEDIA_ROOT. Make sure to use a # trailing slash. # Examples: "http://media.lawrence.com/media/", "http://example.com/media/" MEDIA_URL = values.Value('/files/') # URL prefix for static files. # Example: "http://media.lawrence.com/static/" # URL that handles the static files like app media. # Example: "http://media.lawrence.com" STATIC_URL = values.Value('/static/') USE_X_ACCEL_REDIRECT = values.BooleanValue(False) X_ACCEL_REDIRECT_PREFIX = values.Value('/protected') # ## URLs that can be translated to a secret value SECRET_URLS = values.DictValue({"admin": "admin"}) # ######## Backends, Finders, Processors, Classes #### AUTH_USER_MODEL = values.Value('account.User') CUSTOM_AUTH_USER_MODEL_DB = values.Value('') # List of finder classes that know how to find static files in # various locations. STATICFILES_FINDERS = ( 'django.contrib.staticfiles.finders.AppDirectoriesFinder', 'django.contrib.staticfiles.finders.FileSystemFinder', 'compressor.finders.CompressorFinder', ) AUTHENTICATION_BACKENDS = [ "froide.helper.auth.EmailBackend", "django.contrib.auth.backends.ModelBackend", ] TEMPLATE_CONTEXT_PROCESSORS = ( 'django.core.context_processors.debug', 'django.core.context_processors.i18n', 'django.core.context_processors.media', 'django.core.context_processors.static', 'django.core.context_processors.request', 'django.contrib.auth.context_processors.auth', 'django.contrib.messages.context_processors.messages', 'froide.helper.context_processors.froide', 'froide.helper.context_processors.site_settings') # List of callables that know how to import templates from various sources. TEMPLATE_LOADERS = [ 'django.template.loaders.filesystem.Loader', 'django.template.loaders.app_directories.Loader', ] MIDDLEWARE_CLASSES = [ 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.locale.LocaleMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', ] # ######### I18N and L10N ################## # Local time zone for this installation. Choices can be found here: # http://en.wikipedia.org/wiki/List_of_tz_zones_by_name # although not all choices may be available on all operating systems. # On Unix systems, a value of None will cause Django to use the same # timezone as the operating system. # If running in a Windows environment this must be set to the same as your # system time zone. TIME_ZONE = values.Value('Europe/Berlin') USE_TZ = values.BooleanValue(True) # Language code for this installation. All choices can be found here: # http://www.i18nguy.com/unicode/language-identifiers.html LANGUAGE_CODE = values.Value('en-us') LANGUAGES = ( ('en', gettext('English')), ('es', gettext('Spanish')), ('fi-fi', gettext('Finnish (Finland)')), ('de', gettext('German')), ('da-dk', gettext('Danish (Denmark)')), ('it', gettext('Italian')), ('pt', gettext('Portuguese')), ('sv-se', gettext('Swedish (Sweden)')), ('sv-fi', gettext('Swedish (Finland)')), ('zh-cn', gettext('Chinese (Simplified)')), ('zh-hk', gettext('Chinese (Traditional, Hong Kong)')), ) # If you set this to False, Django will make some optimizations so as not # to load the internationalization machinery. USE_I18N = values.BooleanValue(True) # If you set this to False, Django will not format dates, numbers and # calendars according to the current locale USE_L10N = values.BooleanValue(True) DATE_FORMAT = values.Value("d. F Y") SHORT_DATE_FORMAT = values.Value("d.m.Y") DATE_INPUT_FORMATS = values.TupleValue(("%d.%m.%Y", )) SHORT_DATETIME_FORMAT = values.Value("d.m.Y H:i") DATETIME_INPUT_FORMATS = values.TupleValue(("%d.%m.%Y %H:%M", )) TIME_FORMAT = values.Value("H:i") TIME_INPUT_FORMATS = values.TupleValue(("%H:%M", )) HOLIDAYS = [ (1, 1), # New Year's Day (12, 25), # Christmas (12, 26) # Second day of Christmas ] # Weekends are non-working days HOLIDAYS_WEEKENDS = True # Calculates other holidays based on easter sunday HOLIDAYS_FOR_EASTER = (0, -2, 1, 39, 50, 60) # ######## Logging ########## # A sample logging configuration. LOGGING = { 'version': 1, 'disable_existing_loggers': True, 'root': { 'level': 'WARNING', 'handlers': [], }, 'filters': { 'require_debug_false': { '()': 'django.utils.log.RequireDebugFalse' } }, 'formatters': { 'verbose': { 'format': '%(levelname)s %(asctime)s %(module)s %(process)d %(thread)d %(message)s' }, }, 'handlers': { 'mail_admins': { 'level': 'ERROR', 'filters': ['require_debug_false'], 'class': 'django.utils.log.AdminEmailHandler' }, 'console': { 'level': 'DEBUG', 'class': 'logging.StreamHandler', } }, 'loggers': { 'froide': { 'handlers': ['console'], 'propagate': True, 'level': 'DEBUG', }, 'django.request': { 'handlers': ['mail_admins'], 'level': 'ERROR', 'propagate': True, }, 'django.db.backends': { 'level': 'ERROR', 'handlers': ['console'], 'propagate': False, } } } # ######## Security ########### CSRF_COOKIE_SECURE = False CSRF_COOKIE_HTTPONLY = True CSRF_FAILURE_VIEW = values.Value('froide.account.views.csrf_failure') # Change this # ALLOWED_HOSTS = () SESSION_COOKIE_AGE = values.IntegerValue(3628800) # six weeks SESSION_COOKIE_HTTPONLY = True SESSION_COOKIE_SECURE = False # ######## Celery ############# CELERY_RESULT_BACKEND = values.Value( 'djcelery.backends.database:DatabaseBackend') CELERYBEAT_SCHEDULER = values.Value( "djcelery.schedulers.DatabaseScheduler") CELERY_ALWAYS_EAGER = values.BooleanValue(True) CELERY_ROUTES = { 'froide.foirequest.tasks.fetch_mail': { "queue": "emailfetch" }, } CELERY_TIMEZONE = TIME_ZONE # ######## Haystack ########### HAYSTACK_CONNECTIONS = { 'default': { 'ENGINE': 'haystack.backends.simple_backend.SimpleEngine', } } # ######### Tastypie ######### TASTYPIE_SWAGGER_API_MODULE = values.Value('froide.urls.v1_api') # ######### Froide settings ######## FROIDE_THEME = None FROIDE_CONFIG = dict( create_new_publicbody=True, publicbody_empty=True, user_can_hide_web=True, public_body_officials_public=True, public_body_officials_email_public=False, request_public_after_due_days=14, payment_possible=True, currency="Euro", default_law=1, search_engine_query= "http://www.google.de/search?as_q=%(query)s&as_epq=&as_oq=&as_eq=&hl=en&lr=&cr=&as_ft=i&as_filetype=&as_qdr=all&as_occt=any&as_dt=i&as_sitesearch=%(domain)s&as_rights=&safe=images", greetings=[rec(u"Dear (?:Mr\.?|Ms\.? .*?)")], closings=[rec(u"Sincerely yours,?")], public_body_boosts={}, dryrun=False, request_throttle= None, # Set to [(15, 7 * 24 * 60 * 60),] for 15 requests in 7 days dryrun_domain="testmail.example.com", allow_pseudonym=False, doc_conversion_binary=None, # replace with libreoffice instance doc_conversion_call_func=None, # see settings_test for use ) # ###### Email ############## # Django settings EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' EMAIL_SUBJECT_PREFIX = values.Value('[Froide] ') SERVER_EMAIL = values.Value('*****@*****.**') DEFAULT_FROM_EMAIL = values.Value('*****@*****.**') # Official Notification Mail goes through # the normal Django SMTP Backend EMAIL_HOST = values.Value("") EMAIL_PORT = values.IntegerValue(587) EMAIL_HOST_USER = values.Value("") EMAIL_HOST_PASSWORD = values.Value("") EMAIL_USE_TLS = values.BooleanValue(True) # Froide special case settings # IMAP settings for fetching mail FOI_EMAIL_PORT_IMAP = values.IntegerValue(993) FOI_EMAIL_HOST_IMAP = values.Value("imap.example.com") FOI_EMAIL_ACCOUNT_NAME = values.Value("*****@*****.**") FOI_EMAIL_ACCOUNT_PASSWORD = values.Value("") FOI_EMAIL_USE_SSL = values.BooleanValue(True) # SMTP settings for sending FoI mail FOI_EMAIL_HOST_USER = values.Value(FOI_EMAIL_ACCOUNT_NAME) FOI_EMAIL_HOST_FROM = values.Value(FOI_EMAIL_HOST_USER) FOI_EMAIL_HOST_PASSWORD = values.Value(FOI_EMAIL_ACCOUNT_PASSWORD) FOI_EMAIL_HOST = values.Value("smtp.example.com") FOI_EMAIL_PORT = values.IntegerValue(537) FOI_EMAIL_USE_TLS = values.BooleanValue(True) # The FoI Mail can use a different account FOI_EMAIL_DOMAIN = values.Value("example.com") FOI_EMAIL_TEMPLATE = None # Example: # FOI_EMAIL_TEMPLATE = lambda user_name, secret: "{username}.{secret}@{domain}" % (user_name, secret, FOI_EMAIL_DOMAIN) # Is the message you can send from fixed # or can you send from any address you like? FOI_EMAIL_FIXED_FROM_ADDRESS = values.BooleanValue(True)
class Base(Core): """Settings that may change on a per-environment basis, some with defaults.""" # General settings DEBUG = values.BooleanValue(False) # Database settings DATABASES = values.DatabaseURLValue( 'postgres://postgres@localhost/morgoth') # Security settings SECRET_KEY = values.SecretValue() ALLOWED_HOSTS = values.ListValue([]) AUTH_PASSWORD_VALIDATORS = [ { 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator' }, { 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator' }, { 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator' }, { 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator' }, ] PASSWORD_HASHERS = values.ListValue([ 'django.contrib.auth.hashers.BCryptSHA256PasswordHasher', 'django.contrib.auth.hashers.PBKDF2PasswordHasher', ]) USE_X_FORWARDED_HOST = values.BooleanValue(False) SECURE_PROXY_SSL_HEADER = values.TupleValue() SECURE_HSTS_SECONDS = values.IntegerValue(3600) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) CSRF_COOKIE_HTTPONLY = values.BooleanValue(True) CSRF_COOKIE_SECURE = values.BooleanValue(True) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_REDIRECT_EXEMPT = values.ListValue([]) SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) X_FRAME_OPTIONS = values.Value('DENY') # Media and static settings STATIC_URL = '/static/' STATIC_ROOT = values.Value(os.path.join(Core.BASE_DIR, 'static')) MEDIA_URL = values.Value('/media/') MEDIA_ROOT = values.Value(os.path.join(Core.BASE_DIR, 'media')) STATICFILES_DIRS = (os.path.join(Core.BASE_DIR, 'assets'), ) STATICFILES_STORAGE = values.Value( 'whitenoise.django.GzipManifestStaticFilesStorage') ADMIN_ENABLED = values.BooleanValue(True) # statsd STATSD_HOST = values.Value('localhost') STATSD_PORT = values.IntegerValue(8125) STATSD_IPV6 = values.BooleanValue(False) STATSD_PREFIX = values.Value('morgoth') STATSD_MAXUDPSIZE = values.IntegerValue(512)
class Production(Base): """Settings for the production environment.""" USE_X_FORWARDED_HOST = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue( ('HTTP_X_FORWARDED_PROTO', 'https'))
class Production(Base): """Settings for the production environment.""" USE_X_FORWARDED_HOST = values.BooleanValue(True) SECURE_PROXY_SSL_HEADER = values.TupleValue(('HTTP_X_FORWARDED_PROTO', 'https')) LOGGING_USE_JSON = values.Value(True) SECURE_HSTS_SECONDS = values.IntegerValue(31536000) # 1 year
class Base(Core): """Settings that may change per-environment, some with defaults.""" # Flags that affect other settings, via setting methods below LOGGING_USE_JSON = values.BooleanValue(False) USE_OIDC = values.BooleanValue(False) # General settings DEBUG = values.BooleanValue(False) ADMINS = values.SingleNestedListValue([]) SILENCED_SYSTEM_CHECKS = values.ListValue([ # Check CSRF cookie http only. disabled because we read the # CSRF cookie in JS for forms in React. 'security.W017', ]) # Authentication def AUTHENTICATION_BACKENDS(self): if self.USE_OIDC: return ['normandy.base.auth_backends.LoggingRemoteUserBackend'] else: return ['normandy.base.auth_backends.LoggingModelBackend'] OIDC_REMOTE_AUTH_HEADER = values.Value('HTTP_REMOTE_USER') OIDC_LOGOUT_URL = values.Value(None) # Middleware that _most_ environments will need. Subclasses can override this list. EXTRA_MIDDLEWARE = [ 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', ] def MIDDLEWARE(self): """ Determine middleware by combining the core set and per-environment set. """ middleware = Core.MIDDLEWARE + self.EXTRA_MIDDLEWARE if self.USE_OIDC: middleware.append('normandy.base.middleware.ConfigurableRemoteUserMiddleware') return middleware def LOGGING(self): return { 'version': 1, 'disable_existing_loggers': False, 'formatters': { 'json': { '()': 'mozilla_cloud_services_logger.formatters.JsonLogFormatter', 'logger_name': 'normandy', }, 'development': { 'format': '%(levelname)s %(asctime)s %(name)s %(message)s', }, }, 'handlers': { 'console': { 'level': 'DEBUG', 'class': 'logging.StreamHandler', 'formatter': 'json' if self.LOGGING_USE_JSON else 'development', }, }, 'root': { 'handlers': ['console'], 'level': 'WARNING', }, 'loggers': { 'normandy': { 'propagate': False, 'handlers': ['console'], 'level': 'DEBUG', }, 'request.summary': { 'propagate': False, 'handlers': ['console'], 'level': 'DEBUG', }, }, } # Remote services DATABASES = values.DatabaseURLValue('postgres://postgres@localhost/normandy') CONN_MAX_AGE = values.IntegerValue(0) GEOIP2_DATABASE = values.Value(os.path.join(Core.BASE_DIR, 'GeoLite2-Country.mmdb')) # Email settings EMAIL_HOST_USER = values.Value() EMAIL_HOST = values.Value() EMAIL_PORT = values.IntegerValue(587) EMAIL_USE_TLS = values.BooleanValue(True) EMAIL_HOST_PASSWORD = values.Value() EMAIL_BACKEND = values.Value('django.core.mail.backends.smtp.EmailBackend') def RAVEN_CONFIG(self): version_path = os.path.join(Core.BASE_DIR, '__version__', 'tag') try: with open(version_path) as f: version = f.read().strip() except IOError: version = None return { 'dsn': values.URLValue(None, environ_name='RAVEN_CONFIG_DSN'), 'release': values.Value(version, environ_name='RAVEN_CONFIG_RELEASE'), } # statsd STATSD_HOST = values.Value('localhost') STATSD_PORT = values.IntegerValue(8125) STATSD_IPV6 = values.BooleanValue(False) STATSD_PREFIX = values.Value('normandy') STATSD_MAXUDPSIZE = values.IntegerValue(512) # Security settings SECRET_KEY = values.SecretValue() ALLOWED_HOSTS = values.ListValue([]) AUTH_PASSWORD_VALIDATORS = [ {'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator'}, {'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator'}, {'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator'}, {'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator'}, ] PASSWORD_HASHERS = values.ListValue([ 'django.contrib.auth.hashers.BCryptSHA256PasswordHasher', 'django.contrib.auth.hashers.PBKDF2PasswordHasher', ]) USE_X_FORWARDED_HOST = values.BooleanValue(False) SECURE_PROXY_SSL_HEADER = values.TupleValue() SECURE_HSTS_SECONDS = values.IntegerValue(3600) SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(True) CSRF_COOKIE_HTTPONLY = values.BooleanValue(False) CSRF_COOKIE_SECURE = values.BooleanValue(True) SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_REDIRECT_EXEMPT = values.ListValue([]) SESSION_COOKIE_SECURE = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) X_FRAME_OPTIONS = values.Value('DENY') REQUIRE_RECIPE_AUTH = values.BooleanValue(True) # Media and static settings STATIC_URL = values.Value('/static/') STATIC_ROOT = values.Value(os.path.join(Core.BASE_DIR, 'static')) MEDIA_URL = values.Value('/media/') MEDIA_ROOT = values.Value(os.path.join(Core.BASE_DIR, 'media')) STATICFILES_DIRS = ( os.path.join(Core.BASE_DIR, 'assets'), ) # URL that the CDN exists at to front cached parts of the site, if any. CDN_URL = values.URLValue(None) # URL that bypasses any CDNs APP_SERVER_URL = values.URLValue(None) # URL for the CSP report-uri directive. CSP_REPORT_URI = values.Value('/__cspreport__') # Normandy settings ADMIN_ENABLED = values.BooleanValue(True) ACTION_IMPLEMENTATION_CACHE_TIME = values.IntegerValue(60 * 60 * 24 * 365) NUM_PROXIES = values.IntegerValue(0) API_CACHE_TIME = values.IntegerValue(30) API_CACHE_ENABLED = values.BooleanValue(True) # If true, approvals must come from two separate users. If false, the same # user can approve their own request. PEER_APPROVAL_ENFORCED = values.BooleanValue(True) # Autograph settings AUTOGRAPH_URL = values.Value() AUTOGRAPH_HAWK_ID = values.Value() AUTOGRAPH_HAWK_SECRET_KEY = values.Value() AUTOGRAPH_SIGNATURE_MAX_AGE = values.IntegerValue(60 * 60 * 24 * 7) AUTOGRAPH_X5U_CACHE_BUST = values.Value(None) # How many days before expiration to warn for expired certificates CERTIFICATES_EXPIRE_EARLY_DAYS = values.IntegerValue(None) PROD_DETAILS_DIR = values.Value(os.path.join(Core.BASE_DIR, 'product_details')) # AWS settings AWS_ACCESS_KEY_ID = values.Value() AWS_SECRET_ACCESS_KEY = values.Value() AWS_STORAGE_BUCKET_NAME = values.Value() GITHUB_URL = values.Value('https://github.com/mozilla/normandy')