from coldfront.config.env import ENV from django.core.exceptions import ImproperlyConfigured try: import ldap except ImportError: raise ImproperlyConfigured('Please run: pip install ldap3') #------------------------------------------------------------------------------ # This enables searching for users via LDAP #------------------------------------------------------------------------------ LDAP_USER_SEARCH_SERVER_URI = ENV.str('LDAP_USER_SEARCH_SERVER_URI') LDAP_USER_SEARCH_BASE = ENV.str('LDAP_USER_SEARCH_BASE') LDAP_USER_SEARCH_BIND_DN = ENV.str('LDAP_USER_SEARCH_BIND_DN') LDAP_USER_SEARCH_BIND_PASSWORD = ENV.str('LDAP_USER_SEARCH_BIND_PASSWORD') ADDITIONAL_USER_SEARCH_CLASSES = [ 'coldfront.plugins.ldap_user_search.utils.LDAPUserSearch', ]
'PLUGIN_AUTH_LDAP': 'plugins/ldap.py', 'PLUGIN_LDAP_USER_SEARCH': 'plugins/ldap_user_search.py', } # This allows plugins to be enabled via environment variables. Can alternatively # add the relevant configs to local_settings.py for key, pc in plugin_configs.items(): if ENV.bool(key, default=False): coldfront_configs.append(pc) # Local settings overrides local_configs = [ # Local settings relative to coldfront.config package 'local_settings.py', # System wide settings for production deployments '/etc/coldfront/local_settings.py', # Local settings relative to coldfront project root PROJECT_ROOT('local_settings.py') ] if ENV.str('COLDFRONT_CONFIG', default='') != '': # Local settings from path specified via environment variable local_configs.append(environ.Path(ENV.str('COLDFRONT_CONFIG'))()) for lc in local_configs: coldfront_configs.append(optional(lc)) include(*coldfront_configs)
from coldfront.config.base import SETTINGS_EXPORT from coldfront.config.env import ENV #------------------------------------------------------------------------------ # Advanced ColdFront configurations #------------------------------------------------------------------------------ #------------------------------------------------------------------------------ # General Center Information #------------------------------------------------------------------------------ CENTER_NAME = ENV.str('CENTER_NAME', default='HPC Resources') CENTER_HELP_URL = ENV.str('CENTER_HELP_URL', default='') CENTER_PROJECT_RENEWAL_HELP_URL = ENV.str('CENTER_PROJECT_RENEWAL_HELP_URL', default='') CENTER_BASE_URL = ENV.str('CENTER_BASE_URL', default='') #------------------------------------------------------------------------------ # Enable Project Review #------------------------------------------------------------------------------ PROJECT_ENABLE_PROJECT_REVIEW = ENV.bool('PROJECT_ENABLE_PROJECT_REVIEW', default=True) #------------------------------------------------------------------------------ # Allocation related #------------------------------------------------------------------------------ ALLOCATION_ENABLE_CHANGE_REQUESTS_BY_DEFAULT = ENV.bool( 'ALLOCATION_ENABLE_CHANGE_REQUESTS', default=True) ALLOCATION_CHANGE_REQUEST_EXTENSION_DAYS = ENV.list( 'ALLOCATION_CHANGE_REQUEST_EXTENSION_DAYS', cast=int, default=[30, 60, 90]) ALLOCATION_ENABLE_ALLOCATION_RENEWAL = ENV.bool( 'ALLOCATION_ENABLE_ALLOCATION_RENEWAL', default=True)
if ENV.bool('PLUGIN_MOKEY', default=False): #------------------------------------------------------------------------------ # Enable Mokey/Hydra OpenID Connect Authentication Backend #------------------------------------------------------------------------------ INSTALLED_APPS += [ 'coldfront.plugins.mokey_oidc', ] AUTHENTICATION_BACKENDS += [ 'coldfront.plugins.mokey_oidc.auth.OIDCMokeyAuthenticationBackend', ] else: AUTHENTICATION_BACKENDS += [ 'mozilla_django_oidc.auth.OIDCAuthenticationBackend', ] MIDDLEWARE += [ 'mozilla_django_oidc.middleware.SessionRefresh', ] OIDC_OP_JWKS_ENDPOINT = ENV.str('OIDC_OP_JWKS_ENDPOINT') OIDC_RP_SIGN_ALGO = ENV.str('OIDC_RP_SIGN_ALGO') OIDC_RP_CLIENT_ID = ENV.str('OIDC_RP_CLIENT_ID') OIDC_RP_CLIENT_SECRET = ENV.str('OIDC_RP_CLIENT_SECRET') OIDC_OP_AUTHORIZATION_ENDPOINT = ENV.str('OIDC_OP_AUTHORIZATION_ENDPOINT') OIDC_OP_TOKEN_ENDPOINT = ENV.str('OIDC_OP_TOKEN_ENDPOINT') OIDC_OP_USER_ENDPOINT = ENV.str('OIDC_OP_USER_ENDPOINT') OIDC_VERIFY_SSL = ENV.bool('OIDC_VERIFY_SSL', default=True) OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS = ENV.int( 'OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS', default=3600)
from coldfront.config.base import INSTALLED_APPS from coldfront.config.env import ENV INSTALLED_APPS += [ 'coldfront.plugins.slurm', ] SLURM_SACCTMGR_PATH = ENV.str('SLURM_SACCTMGR_PATH', default='/usr/bin/sacctmgr') SLURM_NOOP = ENV.str('SLURM_NOOP', False) SLURM_IGNORE_USERS = ENV.list('SLURM_IGNORE_USERS', default=['root']) SLURM_IGNORE_ACCOUNTS = ENV.list('SLURM_IGNORE_ACCOUNTS', default=[])
import coldfront from django.core.exceptions import ImproperlyConfigured from django.core.management.utils import get_random_secret_key from coldfront.config.env import ENV, PROJECT_ROOT #------------------------------------------------------------------------------ # Base Django config for ColdFront #------------------------------------------------------------------------------ VERSION = coldfront.VERSION BASE_DIR = PROJECT_ROOT() ALLOWED_HOSTS = ENV.list('ALLOWED_HOSTS', default=['*']) DEBUG = ENV.bool('DEBUG', default=False) WSGI_APPLICATION = 'coldfront.config.wsgi.application' ROOT_URLCONF = 'coldfront.config.urls' SECRET_KEY = ENV.str('SECRET_KEY', default='') if len(SECRET_KEY) == 0: SECRET_KEY = get_random_secret_key() #------------------------------------------------------------------------------ # Locale settings #------------------------------------------------------------------------------ LANGUAGE_CODE = ENV.str('LANGUAGE_CODE', default='en-us') TIME_ZONE = ENV.str('TIME_ZONE', default='America/New_York') USE_I18N = True USE_L10N = True USE_TZ = True #------------------------------------------------------------------------------ # Django Apps #------------------------------------------------------------------------------
from coldfront.config.base import AUTHENTICATION_BACKENDS from coldfront.config.env import ENV from django.core.exceptions import ImproperlyConfigured try: import ldap from django_auth_ldap.config import GroupOfNamesType, LDAPSearch except ImportError: raise ImproperlyConfigured( 'Please run: pip install ldap3 django_auth_ldap') #------------------------------------------------------------------------------ # LDAP user authentication using django-auth-ldap. This will enable LDAP # user/password logins. You can also override this in local_settings.py #------------------------------------------------------------------------------ AUTH_LDAP_SERVER_URI = ENV.str('AUTH_LDAP_SERVER_URI') AUTH_LDAP_USER_SEARCH_BASE = ENV.str('AUTH_LDAP_USER_SEARCH_BASE') AUTH_LDAP_START_TLS = ENV.bool('AUTH_LDAP_START_TLS', default=True) AUTH_LDAP_BIND_DN = ENV.str('AUTH_LDAP_BIND_DN', default='') AUTH_LDAP_BIND_PASSWORD = ENV.str('AUTH_LDAP_BIND_PASSWORD', default='') AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = ENV.bool( 'AUTH_LDAP_BIND_AS_AUTHENTICATING_USER', default=False) AUTH_LDAP_MIRROR_GROUPS = ENV.bool('AUTH_LDAP_MIRROR_GROUPS', default=True) AUTH_LDAP_GROUP_SEARCH_BASE = ENV.str('AUTH_LDAP_GROUP_SEARCH_BASE') AUTH_LDAP_USER_SEARCH = LDAPSearch(AUTH_LDAP_USER_SEARCH_BASE, ldap.SCOPE_ONELEVEL, '(uid=%(user)s)') AUTH_LDAP_GROUP_SEARCH = LDAPSearch(AUTH_LDAP_GROUP_SEARCH_BASE, ldap.SCOPE_ONELEVEL, '(objectClass=groupOfNames)') AUTH_LDAP_GROUP_TYPE = GroupOfNamesType() AUTH_LDAP_USER_ATTR_MAP = ENV.dict('AUTH_LDAP_USER_ATTR_MAP',
from coldfront.config.base import INSTALLED_APPS from coldfront.config.env import ENV INSTALLED_APPS += [ 'coldfront.plugins.iquota', ] IQUOTA_KEYTAB = ENV.str('IQUOTA_KEYTAB') IQUOTA_CA_CERT = ENV.str('IQUOTA_CA_CERT') IQUOTA_API_HOST = ENV.str('IQUOTA_API_HOST') IQUOTA_API_PORT = ENV.str('IQUOTA_API_PORT', default='8080')
from coldfront.config.env import ENV #------------------------------------------------------------------------------ # Email/Notification settings #------------------------------------------------------------------------------ EMAIL_ENABLED = ENV.bool('EMAIL_ENABLED', default=False) EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' EMAIL_HOST = ENV.str('EMAIL_HOST', default='localhost') EMAIL_PORT = ENV.int('EMAIL_PORT', default=25) EMAIL_HOST_USER = ENV.str('EMAIL_HOST_USER', default='') EMAIL_HOST_PASSWORD = ENV.str('EMAIL_HOST_PASSWORD', default='') EMAIL_USE_TLS = ENV.bool('EMAIL_USE_TLS', default=False) EMAIL_TIMEOUT = ENV.int('EMAIL_TIMEOUT', default=3) EMAIL_SUBJECT_PREFIX = ENV.str('EMAIL_SUBJECT_PREFIX', default='[ColdFront]') EMAIL_ADMIN_LIST = ENV.list('EMAIL_ADMIN_LIST') EMAIL_SENDER = ENV.str('EMAIL_SENDER') EMAIL_TICKET_SYSTEM_ADDRESS = ENV.str('EMAIL_TICKET_SYSTEM_ADDRESS') EMAIL_DIRECTOR_EMAIL_ADDRESS = ENV.str('EMAIL_DIRECTOR_EMAIL_ADDRESS') EMAIL_PROJECT_REVIEW_CONTACT = ENV.str('EMAIL_PROJECT_REVIEW_CONTACT') EMAIL_DEVELOPMENT_EMAIL_LIST = ENV.list('EMAIL_DEVELOPMENT_EMAIL_LIST') EMAIL_OPT_OUT_INSTRUCTION_URL = ENV.str('EMAIL_OPT_OUT_INSTRUCTION_URL', default='') EMAIL_ALLOCATION_EXPIRING_NOTIFICATION_DAYS = ENV.list( 'EMAIL_ALLOCATION_EXPIRING_NOTIFICATION_DAYS', cast=int, default=[7, 14, 30]) EMAIL_SIGNATURE = ENV.str('EMAIL_SIGNATURE', default='', multiline=True)
from coldfront.config.base import INSTALLED_APPS from coldfront.config.env import ENV #------------------------------------------------------------------------------ # Enable XDMoD support #------------------------------------------------------------------------------ INSTALLED_APPS += [ 'coldfront.plugins.xdmod', ] XDMOD_API_URL = ENV.str('XDMOD_API_URL')
from coldfront.config.env import ENV from coldfront.config.base import INSTALLED_APPS, AUTHENTICATION_BACKENDS, TEMPLATES #------------------------------------------------------------------------------ # ColdFront default authentication settings #------------------------------------------------------------------------------ AUTHENTICATION_BACKENDS += [ 'django.contrib.auth.backends.ModelBackend', ] LOGIN_URL = '/user/login' LOGIN_REDIRECT_URL = '/' LOGOUT_REDIRECT_URL = ENV.str('LOGOUT_REDIRECT_URL', LOGIN_URL) SU_LOGIN_CALLBACK = "coldfront.core.utils.common.su_login_callback" SU_LOGOUT_REDIRECT_URL = "/admin/auth/user/" SESSION_COOKIE_AGE = 60 * 15 SESSION_SAVE_EVERY_REQUEST = True SESSION_COOKIE_SAMESITE = 'Strict' SESSION_COOKIE_SECURE = True #------------------------------------------------------------------------------ # Enable administrators to login as other users #------------------------------------------------------------------------------ if ENV.bool('ENABLE_SU', default=True): AUTHENTICATION_BACKENDS += [ 'django_su.backends.SuBackend', ] INSTALLED_APPS.insert(0, 'django_su') TEMPLATES[0]['OPTIONS']['context_processors'].extend([
from coldfront.config.auth import AUTHENTICATION_BACKENDS from coldfront.config.env import ENV from django.core.exceptions import ImproperlyConfigured try: import ldap from django_auth_ldap.config import GroupOfNamesType, LDAPSearch except ImportError: raise ImproperlyConfigured( 'Please run: pip install ldap3 django_auth_ldap') #------------------------------------------------------------------------------ # LDAP user authentication using django-auth-ldap. This will enable LDAP # user/password logins. You can also override this in local_settings.py #------------------------------------------------------------------------------ AUTH_LDAP_SERVER_URI = ENV.str('AUTH_LDAP_SERVER_URI') AUTH_LDAP_USER_SEARCH_BASE = ENV.str('AUTH_LDAP_USER_SEARCH_BASE') AUTH_LDAP_START_TLS = ENV.bool('AUTH_LDAP_START_TLS', default=True) AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True AUTH_LDAP_MIRROR_GROUPS = ENV.bool('AUTH_LDAP_MIRROR_GROUPS', default=True) AUTH_LDAP_GROUP_SEARCH_BASE = ENV.str('AUTH_LDAP_GROUP_SEARCH_BASE') AUTH_LDAP_USER_SEARCH = LDAPSearch(AUTH_LDAP_USER_SEARCH_BASE, ldap.SCOPE_ONELEVEL, '(uid=%(user)s)') AUTH_LDAP_GROUP_SEARCH = LDAPSearch(AUTH_LDAP_GROUP_SEARCH_BASE, ldap.SCOPE_ONELEVEL, '(objectClass=groupOfNames)') AUTH_LDAP_GROUP_TYPE = GroupOfNamesType() AUTH_LDAP_USER_ATTR_MAP = ENV.dict('AUTH_LDAP_USER_ATTR_MAP', default={ 'username': '******', 'first_name': 'givenName',
from coldfront.config.base import INSTALLED_APPS from coldfront.config.env import ENV INSTALLED_APPS += ['coldfront.plugins.system_monitor'] SYSTEM_MONITOR_PANEL_TITLE = ENV.str('SYSMON_TITLE', default='HPC Cluster Status') SYSTEM_MONITOR_ENDPOINT = ENV.str('SYSMON_ENDPOINT') SYSTEM_MONITOR_DISPLAY_MORE_STATUS_INFO_LINK = ENV.str('SYSMON_LINK') SYSTEM_MONITOR_DISPLAY_XDMOD_LINK = ENV.str('SYSMON_XDMOD_LINK')