""" Django settings for troggle project. For more information on this file, see https://docs.djangoproject.com/en/dev/topics/settings/ For the full list of settings and their values, see https://docs.djangoproject.com/en/dev/ref/settings/ """ #Imports should be grouped in the following order: #1.Standard library imports. #2.Related third party imports. #3.Local application/library specific imports. #4.You should put a blank line between each group of imports. import os import urllib.parse import django print("* importing troggle/settings.py") # default value, then gets overwritten by real secrets SECRET_KEY = "not-the-real-secret-key-a#vaeozn0---^fj!355qki*vj2" GIT = 'git' # command for running git # Note that this builds upon the django system installed # global settings in # django/conf/global_settings.py which is automatically loaded first. # read https://docs.djangoproject.com/en/3.0/topics/settings/ # Build paths inside the project like this: os.path.join(BASE_DIR, ...) #BASE_DIR = os.path.dirname(os.path.dirname(__file__)) # Django settings for troggle project. ALLOWED_HOSTS = ['*', 'expo.survex.com', '.survex.com', 'localhost', '127.0.0.1', '192.168.0.5' ] ADMINS = ( # ('Your Name', 'your_email@domain.com'), ) MANAGERS = ADMINS #LOGIN_URL = '/accounts/login/' # this is the default value so does not need to be set # Local time zone for this installation. Choices can be found here: # http://en.wikipedia.org/wiki/List_of_tz_zones_by_name # although not all choices may be available on all operating systems. # If running in a Windows environment this must be set to the same as your # system time zone. USE_TZ = True TIME_ZONE = 'Europe/London' # Language code for this installation. All choices can be found here: # http://www.i18nguy.com/unicode/language-identifiers.html LANGUAGE_CODE = 'en-uk' SITE_ID = 1 # If you set this to False, Django will make some optimizations so as not # to load the internationalization machinery. USE_I18N = True USE_L10N = True FIX_PERMISSIONS = [] # top-level survex file basename (without .svx) SURVEX_TOPNAME = "1623" MAX_LOGBOOK_ENTRY_TITLE_LENGTH = 200 DEFAULT_LOGBOOK_PARSER = "Parseloghtmltxt" DEFAULT_LOGBOOK_FILE = "logbook.html" # All years since 2010 use the default value for Logbook parser # but several don't work, and are skipped by the parsing code, e.g. 1983 LOGBOOK_PARSER_SETTINGS = { "2010": ("2010/logbook.html", "Parseloghtmltxt"), "2009": ("2009/2009logbook.txt", "Parselogwikitxt"), "2008": ("2008/2008logbook.txt", "Parselogwikitxt"), "2007": ("2007/logbook.html", "Parseloghtmltxt"), "2006": ("2006/logbook.html", "Parseloghtmltxt"), # "2006": ("2006/logbook/logbook_06.txt", "Parselogwikitxt"), "2006": ("2006/logbook.html", "Parseloghtmltxt"), "2005": ("2005/logbook.html", "Parseloghtmltxt"), "2004": ("2004/logbook.html", "Parseloghtmltxt"), "2003": ("2003/logbook.html", "Parseloghtml03"), "2002": ("2002/logbook.html", "Parseloghtmltxt"), "2001": ("2001/log.htm", "Parseloghtml01"), "2000": ("2000/log.htm", "Parseloghtml01"), "1999": ("1999/log.htm", "Parseloghtml01"), "1998": ("1998/log.htm", "Parseloghtml01"), "1997": ("1997/log.htm", "Parseloghtml01"), "1996": ("1996/log.htm", "Parseloghtml01"), "1995": ("1995/log.htm", "Parseloghtml01"), "1994": ("1994/log.htm", "Parseloghtml01"), "1993": ("1993/log.htm", "Parseloghtml01"), "1992": ("1992/log.htm", "Parseloghtml01"), "1991": ("1991/log.htm", "Parseloghtml01"), "1990": ("1990/log.htm", "Parseloghtml01"), "1989": ("1989/log.htm", "Parseloghtml01"), #crashes MySQL "1988": ("1988/log.htm", "Parseloghtml01"), #crashes MySQL "1987": ("1987/log.htm", "Parseloghtml01"), #crashes MySQL "1985": ("1985/log.htm", "Parseloghtml01"), "1984": ("1984/log.htm", "Parseloghtml01"), "1983": ("1983/log.htm", "Parseloghtml01"), "1982": ("1982/log.htm", "Parseloghtml01"), } # Caves for which survex files exist, but are not otherwise registered PENDING = ["2007-06", "2009-02", "2012-ns-01", "2012-ns-02", "2010-04", "2012-ns-05", "2012-ns-06", "2012-ns-07", "2012-ns-08", "2012-ns-12", "2012-ns-14", "2012-ns-15", "2014-bl888", "2018-pf-01", "2018-pf-02"] APPEND_SLASH = False # never relevant because we have urls that match unknown files and produce an 'edit this page' response SMART_APPEND_SLASH = True #not eorking as middleware different after Dj2.0 LOGIN_REDIRECT_URL = '/' SECURE_CONTENT_TYPE_NOSNIFF = True SECURE_BROWSER_XSS_FILTER = True # SESSION_COOKIE_SECURE = True # if enabled, cannot login to Django control panel, bug elsewhere? # CSRF_COOKIE_SECURE = True # if enabled only sends cookies over SSL X_FRAME_OPTIONS = 'DENY' # changed to "DENY" after I eliminated all the iframes e.g. /xmlvalid.html DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' # from Django 3.2 INSTALLED_APPS = ( 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.admindocs', # 'django.contrib.staticfiles', # Using workarounds with expopages #'registration', # only for expo user. REPLACE using django.contrib.auth 'troggle.core', ) # See the recommended order of these in https://docs.djangoproject.com/en/2.2/ref/middleware/ # Note that this is a radically different onion architecture from earlier versions though it looks the same, # see https://docs.djangoproject.com/en/2.0/topics/http/middleware/#upgrading-pre-django-1-10-style-middleware # Seriously, read this: https://www.webforefront.com/django/middlewaredjango.html which is MUCH BETTER than the docs MIDDLEWARE = [ #'django.middleware.security.SecurityMiddleware', # SECURE_SSL_REDIRECT and SECURE_SSL_HOST # we don't use this 'django.middleware.gzip.GZipMiddleware', # not needed when expofiles and photos served by apache 'django.contrib.sessions.middleware.SessionMiddleware', # Manages sessions, if CSRF_USE_SESSIONS then it needs to be early 'django.middleware.common.CommonMiddleware', # DISALLOWED_USER_AGENTS, APPEND_SLASH and PREPEND_WWW 'django.middleware.csrf.CsrfViewMiddleware', # Cross Site Request Forgeries by adding hidden form fields to POST 'django.contrib.auth.middleware.AuthenticationMiddleware', # Adds the user attribute, representing the currently-logged-in user 'django.contrib.admindocs.middleware.XViewMiddleware', # this and docutils needed by admindocs 'django.contrib.messages.middleware.MessageMiddleware', # Cookie-based and session-based message support. Needed by admin system 'django.middleware.clickjacking.XFrameOptionsMiddleware', # clickjacking protection via the X-Frame-Options header #'django.middleware.security.SecurityMiddleware', # SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, SECURE_REFERRER_POLICY, and SECURE_SSL_REDIRECT #'troggle.core.middleware.SmartAppendSlashMiddleware' # needs adapting after Dj2.0 ] ROOT_URLCONF = 'troggle.urls' WSGI_APPLICATION = 'troggle.wsgi.application' # change to asgi as soon as we upgrade to Django 3.0 ACCOUNT_ACTIVATION_DAYS=3 # AUTH_PROFILE_MODULE = 'core.person' # used by removed profiles app ? QM_PATTERN="\[\[\s*[Qq][Mm]:([ABC]?)(\d{4})-(\d*)-(\d*)\]\]" # Re-enable TinyMCE when Dj upgraded to v3. Also templates/editexpopage.html # TINYMCE_DEFAULT_CONFIG = { # 'plugins': "table,spellchecker,paste,searchreplace", # 'theme': "advanced", # } # TINYMCE_SPELLCHECKER = False # TINYMCE_COMPRESSOR = True TEST_RUNNER = 'django.test.runner.DiscoverRunner' from localsettings import * #localsettings needs to take precedence. Call it to override any existing vars.