import sys from datetime import date """ Django settings for troggle project. For more information on this file, see https://docs.djangoproject.com/en/dev/topics/settings/ For the full list of settings and their values, see https://docs.djangoproject.com/en/dev/ref/settings/ """ # Imports should be grouped in the following order: # 1.Standard library imports. # 2.Related third party imports. # 3.Local application/library specific imports. # 4.You should put a blank line between each group of imports. print("* importing troggle/settings.py") if 'runserver' in sys.argv: print(">>>>running on dev local runserver<<<<") DEVSERVER = True else: DEVSERVER = False EPOCH = date.fromisoformat('1970-01-01') # default value, then gets overwritten by real secrets SECRET_KEY = "not-the-real-secret-key-a#vaeozn0---^fj!355qki*vj2" # executables: GIT = "git" # command for running git CAVERN = "cavern" # for parsing .svx files and producing .3d files SURVEXPORT = "survexport" # for parsing .3d files and producing .pos files MOGRIFY = "mogrify" # for rotating images # Note that this builds upon the django system installed # global settings in # django/conf/global_settings.py which is automatically loaded first. # read https://docs.djangoproject.com/en/dev/topics/settings/ # Django settings for troggle project. ALLOWED_HOSTS = ["*", "expo.survex.com", ".survex.com", "localhost", "127.0.0.1", "192.168.0.5"] ADMINS = ( # ('Your Name', 'your_email@domain.com'), ) MANAGERS = ADMINS # LOGIN_URL = '/accounts/login/' # this is the default value so does not need to be set # Local time zone for this installation. Choices can be found here: # http://en.wikipedia.org/wiki/List_of_tz_zones_by_name # although not all choices may be available on all operating systems. # If running in a Windows environment this must be set to the same as your # system time zone. USE_TZ = True TIME_ZONE = "Europe/London" # Language code for this installation. All choices can be found here: # http://www.i18nguy.com/unicode/language-identifiers.html LANGUAGE_CODE = "en-uk" SITE_ID = 1 # If you set this to False, Django will make some optimizations so as not # to load the internationalization machinery. USE_I18N = True USE_L10N = True FIX_PERMISSIONS = [] # top-level survex file basename (without .svx) # SURVEX_TOPNAME = "1623-and-1626-no-schoenberg-hs" SURVEX_TOPNAME = "troggle_import_root" # same, but without all the 'essentials' gubbins APPEND_SLASH = ( False # never relevant because we have urls that match unknown files and produce an 'edit this page' response ) SMART_APPEND_SLASH = True # not eorking as middleware different after Dj2.0 LOGIN_REDIRECT_URL = "/" # does not seem to have any effect SECURE_CONTENT_TYPE_NOSNIFF = True SECURE_BROWSER_XSS_FILTER = True # SESSION_COOKIE_SECURE = True # if enabled, cannot login to Django control panel, bug elsewhere? # CSRF_COOKIE_SECURE = True # if enabled only sends cookies over SSL X_FRAME_OPTIONS = "DENY" # changed to "DENY" after I eliminated all the iframes e.g. /xmlvalid.html DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" # from Django 3.2 INSTALLED_APPS = ( "django.contrib.admin", "django.contrib.auth", # includes the url redirections for login, logout "django.contrib.contenttypes", "django.contrib.sessions", "django.contrib.messages", "django.contrib.admindocs", "django.forms", # Required to customise widget templates # 'django.contrib.staticfiles', # We put our CSS etc explicitly in the right place so do not need this "troggle.core", ) FORM_RENDERER = "django.forms.renderers.TemplatesSetting" # Required to customise widget templates # See the recommended order of these in https://docs.djangoproject.com/en/dev/ref/middleware/ # Note that this is a radically different onion architecture from earlier versions though it looks the same, # see https://docs.djangoproject.com/en/dev/topics/http/middleware/#upgrading-pre-django-1-10-style-middleware # Seriously, read this: https://www.webforefront.com/django/middlewaredjango.html which is MUCH BETTER than the docs MIDDLEWARE = [ #'django.middleware.security.SecurityMiddleware', # SECURE_SSL_REDIRECT and SECURE_SSL_HOST # we don't use this "django.middleware.gzip.GZipMiddleware", # not needed when expofiles and photos served by apache "django.contrib.sessions.middleware.SessionMiddleware", # Manages sessions, if CSRF_USE_SESSIONS then it needs to be early "django.middleware.common.CommonMiddleware", # DISALLOWED_USER_AGENTS, APPEND_SLASH and PREPEND_WWW "django.middleware.csrf.CsrfViewMiddleware", # Cross Site Request Forgeries by adding hidden form fields to POST "django.contrib.auth.middleware.AuthenticationMiddleware", # Adds the user attribute, representing the currently-logged-in user "django.contrib.admindocs.middleware.XViewMiddleware", # this and docutils needed by admindocs "django.contrib.messages.middleware.MessageMiddleware", # Cookie-based and session-based message support. Needed by admin system "django.middleware.clickjacking.XFrameOptionsMiddleware", # clickjacking protection via the X-Frame-Options header #'django.middleware.security.SecurityMiddleware', # SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, SECURE_REFERRER_POLICY, and SECURE_SSL_REDIRECT #'troggle.core.middleware.SmartAppendSlashMiddleware' # needs adapting after Dj2.0 ] ROOT_URLCONF = "troggle.urls" WSGI_APPLICATION = "troggle.wsgi.application" # change to asgi as soon as we upgrade to Django 3.0 ACCOUNT_ACTIVATION_DAYS = 3 # AUTH_PROFILE_MODULE = 'core.person' # used by removed profiles app ? QM_PATTERN = r"\[\[\s*[Qq][Mm]:([ABC]?)(\d{4})-(\d*)-(\d*)\]\]" # Re-enable TinyMCE when Dj upgraded to v3. Also templates/editexpopage.html # TINYMCE_DEFAULT_CONFIG = { # 'plugins': "table,spellchecker,paste,searchreplace", # 'theme': "advanced", # } # TINYMCE_SPELLCHECKER = False # TINYMCE_COMPRESSOR = True TEST_RUNNER = "django.test.runner.DiscoverRunner" from localsettings import * # localsettings needs to take precedence. Call it to override any existing vars.