sanitize passwords before push to git on server

README.txt

@@ -1,4 +1,4 @@
-Updated 22 October 2021
+Updated 23 October 2021
 
 Troggle is an application for caving expedition data management, 
 originally created for use on Cambridge University Caving Club (CUCC)expeditions 
@@ -8,6 +8,8 @@ Troggle has been forked into two projects. The original one is maintained by Aar
 and was used for Erebus caves. The CUCC variant uses files as the definitive data, 
 not the database and lives at http://expo.survex.com/repositories/troggle/.git/
 
+For the server setup, see /_deploy/debian/wookey-exposerver-recipe.txt
+
 See copyright notices in
 http://expo.survex.com/handbook/computing/contribute.html
 

_deploy/wsl/check-for-later-copy-of-localsettings.WSL.txt

@@ -0,0 +1,3 @@
+The copy in this /_deploy/ folder may not be the latest if active development
+has been going on in the parent folder. Check there for a later copy of
+the localsettingsWSL file.

_deploy/wsl/localsettingsWSL.py

@@ -27,10 +27,10 @@ print(" * importing troggle/localsettings.py")
 #-----------------------------------------------------------------
 # default values,  real secrets imported from credentials.py
 
-SECRET_KEY = "z514d%crn*fpd*ewt_27m_r^a#vaeozn0---^fj!355qki*vj2"
-EXPOUSERPASS = "161:gosser"
-EXPOADMINUSERPASS = "gosser:161"
-EMAIL_HOST_PASSWORD = "smtp-django-test" 
+SECRET_KEY = "real-SECRET_KEY--imported-from-localsettings.py"
+EXPOUSERPASS = "nnn:gggggg - real-expo-password---imported-from-localsettings.py"
+EXPOADMINUSERPASS = "gggggg:nnn - real-expo-password---imported-from-localsettings.py"
+EMAIL_HOST_PASSWORD = "real-email-password---imported-from-localsettings.py"
 
 EXPOFILESREMOTE = False # if True, then re-routes urls in expofiles to remote sever. Tests are then less accurate.
 #SECURE_SSL_REDIRECT = True # breaks 7 tests in test suite 301 not 200 (or 302) and runserver fails completely
@@ -130,8 +130,8 @@ TEMPLATES = [
 ]
 
 # Passwords are loaded from credentials.py by settings.py
-#EXPOUSERPASS = "nnn:gggggg" # overwritten by loading from credentials.py 
-#EMAIL_HOST_PASSWORD = "insert-real-email-password-here" # overwritten by loading from credentials.py
+EXPOUSERPASS = "nnn:gggggg - real-expo-password---imported-from-localsettings.py"
+EMAIL_HOST_PASSWORD = "real-email-password---imported-from-localsettings.py"
 
 EXPOUSER = 'expo'
 EXPOUSER_EMAIL = 'philip.sargent@gmail.com'

pre-push.sh

@@ -1,6 +1,7 @@
 #! /bin/sh
 # create and sanitise files for pushing to repo
-# Philip Sargent 2021/04/06
+# catatrophically forgot to sanitize localsettingsWSL.py - oops.
+# Philip Sargent 2021/10/23
 echo deprecations.
 python -Wall manage.py check -v 3 2>deprecations.txt >/dev/null
 echo diffsettings.
@@ -14,18 +15,22 @@ python manage.py inspectdb > troggle-inspectdb.py
 echo remove passwords.
 cp localsettings.py localsettingsWSL.py
 sed -i '/EXPOUSERPASS/ s/^.*$/EXPOUSERPASS = "nnn:gggggg - real-expo-password---imported-from-localsettings.py"/' diffsettings.txt
+sed -i '/EXPOUSERPASS/ s/^.*$/EXPOUSERPASS = "nnn:gggggg - real-expo-password---imported-from-localsettings.py"/' localsettingsWSL.py
 echo "    reset: EXPOUSERPASS = \"nnn:gggggg\"  - real-expo-password---imported-from-localsettings.py"
 
-sed -i '/EXPOADMINUSERPASS/ s/^.*$/EXPOADMINUSERPASS = "nnn:gggggg - real-expo-password---imported-from-localsettings.py"/' diffsettings.txt
+sed -i '/EXPOADMINUSERPASS/ s/^.*$/EXPOADMINUSERPASS = "gggggg:nnn - real-expo-password---imported-from-localsettings.py"/' diffsettings.txt
+sed -i '/EXPOADMINUSERPASS/ s/^.*$/EXPOADMINUSERPASS = "gggggg:nnn - real-expo-password---imported-from-localsettings.py"/' localsettingsWSL.py
 echo "    reset: EXPOUSERPASS = \"gggggg:nnn\"  - real-expo-password---imported-from-localsettings.py"
 
 sed -i '/EMAIL_HOST_PASSWORD/ s/^.*$/EMAIL_HOST_PASSWORD = "real-email-password---imported-from-localsettings.py"/' diffsettings.txt
+sed -i '/EMAIL_HOST_PASSWORD/ s/^.*$/EMAIL_HOST_PASSWORD = "real-email-password---imported-from-localsettings.py"/' localsettingsWSL.py
 echo "    reset: EMAIL_HOST_PASSWORD = \"real-email-password--imported-from-localsettings.py\""
 
 sed -i '/SECRET_KEY/ s/^.*$/SECRET_KEY = "real-SECRET_KEY--imported-from-localsettings.py"/' diffsettings.txt
+sed -i '/SECRET_KEY/ s/^.*$/SECRET_KEY = "real-SECRET_KEY--imported-from-localsettings.py"/' localsettingsWSL.py
 echo "    reset: SECRET_KEY = \"real-SECRET_KEY--imported-from-localsettings.py\""
 
-
+mv localsettingsWSL.py _deploy/wsl
 #
 # Do these before final testing, *not* just before pushing:
 # in ./pre-run.sh