2
0
mirror of https://expo.survex.com/repositories/troggle/.git synced 2024-11-25 08:41:51 +00:00

sanitize passwords before push to git on server

This commit is contained in:
Philip Sargent 2021-10-23 21:07:16 +03:00
parent 0fb6f1e4ed
commit 0d7cbbea37
4 changed files with 20 additions and 10 deletions

View File

@ -1,4 +1,4 @@
Updated 22 October 2021 Updated 23 October 2021
Troggle is an application for caving expedition data management, Troggle is an application for caving expedition data management,
originally created for use on Cambridge University Caving Club (CUCC)expeditions originally created for use on Cambridge University Caving Club (CUCC)expeditions
@ -8,6 +8,8 @@ Troggle has been forked into two projects. The original one is maintained by Aar
and was used for Erebus caves. The CUCC variant uses files as the definitive data, and was used for Erebus caves. The CUCC variant uses files as the definitive data,
not the database and lives at http://expo.survex.com/repositories/troggle/.git/ not the database and lives at http://expo.survex.com/repositories/troggle/.git/
For the server setup, see /_deploy/debian/wookey-exposerver-recipe.txt
See copyright notices in See copyright notices in
http://expo.survex.com/handbook/computing/contribute.html http://expo.survex.com/handbook/computing/contribute.html

View File

@ -0,0 +1,3 @@
The copy in this /_deploy/ folder may not be the latest if active development
has been going on in the parent folder. Check there for a later copy of
the localsettingsWSL file.

View File

@ -27,10 +27,10 @@ print(" * importing troggle/localsettings.py")
#----------------------------------------------------------------- #-----------------------------------------------------------------
# default values, real secrets imported from credentials.py # default values, real secrets imported from credentials.py
SECRET_KEY = "z514d%crn*fpd*ewt_27m_r^a#vaeozn0---^fj!355qki*vj2" SECRET_KEY = "real-SECRET_KEY--imported-from-localsettings.py"
EXPOUSERPASS = "161:gosser" EXPOUSERPASS = "nnn:gggggg - real-expo-password---imported-from-localsettings.py"
EXPOADMINUSERPASS = "gosser:161" EXPOADMINUSERPASS = "gggggg:nnn - real-expo-password---imported-from-localsettings.py"
EMAIL_HOST_PASSWORD = "smtp-django-test" EMAIL_HOST_PASSWORD = "real-email-password---imported-from-localsettings.py"
EXPOFILESREMOTE = False # if True, then re-routes urls in expofiles to remote sever. Tests are then less accurate. EXPOFILESREMOTE = False # if True, then re-routes urls in expofiles to remote sever. Tests are then less accurate.
#SECURE_SSL_REDIRECT = True # breaks 7 tests in test suite 301 not 200 (or 302) and runserver fails completely #SECURE_SSL_REDIRECT = True # breaks 7 tests in test suite 301 not 200 (or 302) and runserver fails completely
@ -130,8 +130,8 @@ TEMPLATES = [
] ]
# Passwords are loaded from credentials.py by settings.py # Passwords are loaded from credentials.py by settings.py
#EXPOUSERPASS = "nnn:gggggg" # overwritten by loading from credentials.py EXPOUSERPASS = "nnn:gggggg - real-expo-password---imported-from-localsettings.py"
#EMAIL_HOST_PASSWORD = "insert-real-email-password-here" # overwritten by loading from credentials.py EMAIL_HOST_PASSWORD = "real-email-password---imported-from-localsettings.py"
EXPOUSER = 'expo' EXPOUSER = 'expo'
EXPOUSER_EMAIL = 'philip.sargent@gmail.com' EXPOUSER_EMAIL = 'philip.sargent@gmail.com'

View File

@ -1,6 +1,7 @@
#! /bin/sh #! /bin/sh
# create and sanitise files for pushing to repo # create and sanitise files for pushing to repo
# Philip Sargent 2021/04/06 # catatrophically forgot to sanitize localsettingsWSL.py - oops.
# Philip Sargent 2021/10/23
echo deprecations. echo deprecations.
python -Wall manage.py check -v 3 2>deprecations.txt >/dev/null python -Wall manage.py check -v 3 2>deprecations.txt >/dev/null
echo diffsettings. echo diffsettings.
@ -14,18 +15,22 @@ python manage.py inspectdb > troggle-inspectdb.py
echo remove passwords. echo remove passwords.
cp localsettings.py localsettingsWSL.py cp localsettings.py localsettingsWSL.py
sed -i '/EXPOUSERPASS/ s/^.*$/EXPOUSERPASS = "nnn:gggggg - real-expo-password---imported-from-localsettings.py"/' diffsettings.txt sed -i '/EXPOUSERPASS/ s/^.*$/EXPOUSERPASS = "nnn:gggggg - real-expo-password---imported-from-localsettings.py"/' diffsettings.txt
sed -i '/EXPOUSERPASS/ s/^.*$/EXPOUSERPASS = "nnn:gggggg - real-expo-password---imported-from-localsettings.py"/' localsettingsWSL.py
echo " reset: EXPOUSERPASS = \"nnn:gggggg\" - real-expo-password---imported-from-localsettings.py" echo " reset: EXPOUSERPASS = \"nnn:gggggg\" - real-expo-password---imported-from-localsettings.py"
sed -i '/EXPOADMINUSERPASS/ s/^.*$/EXPOADMINUSERPASS = "nnn:gggggg - real-expo-password---imported-from-localsettings.py"/' diffsettings.txt sed -i '/EXPOADMINUSERPASS/ s/^.*$/EXPOADMINUSERPASS = "gggggg:nnn - real-expo-password---imported-from-localsettings.py"/' diffsettings.txt
sed -i '/EXPOADMINUSERPASS/ s/^.*$/EXPOADMINUSERPASS = "gggggg:nnn - real-expo-password---imported-from-localsettings.py"/' localsettingsWSL.py
echo " reset: EXPOUSERPASS = \"gggggg:nnn\" - real-expo-password---imported-from-localsettings.py" echo " reset: EXPOUSERPASS = \"gggggg:nnn\" - real-expo-password---imported-from-localsettings.py"
sed -i '/EMAIL_HOST_PASSWORD/ s/^.*$/EMAIL_HOST_PASSWORD = "real-email-password---imported-from-localsettings.py"/' diffsettings.txt sed -i '/EMAIL_HOST_PASSWORD/ s/^.*$/EMAIL_HOST_PASSWORD = "real-email-password---imported-from-localsettings.py"/' diffsettings.txt
sed -i '/EMAIL_HOST_PASSWORD/ s/^.*$/EMAIL_HOST_PASSWORD = "real-email-password---imported-from-localsettings.py"/' localsettingsWSL.py
echo " reset: EMAIL_HOST_PASSWORD = \"real-email-password--imported-from-localsettings.py\"" echo " reset: EMAIL_HOST_PASSWORD = \"real-email-password--imported-from-localsettings.py\""
sed -i '/SECRET_KEY/ s/^.*$/SECRET_KEY = "real-SECRET_KEY--imported-from-localsettings.py"/' diffsettings.txt sed -i '/SECRET_KEY/ s/^.*$/SECRET_KEY = "real-SECRET_KEY--imported-from-localsettings.py"/' diffsettings.txt
sed -i '/SECRET_KEY/ s/^.*$/SECRET_KEY = "real-SECRET_KEY--imported-from-localsettings.py"/' localsettingsWSL.py
echo " reset: SECRET_KEY = \"real-SECRET_KEY--imported-from-localsettings.py\"" echo " reset: SECRET_KEY = \"real-SECRET_KEY--imported-from-localsettings.py\""
mv localsettingsWSL.py _deploy/wsl
# #
# Do these before final testing, *not* just before pushing: # Do these before final testing, *not* just before pushing:
# in ./pre-run.sh # in ./pre-run.sh