Moved secrets to credentials.py

This commit is contained in:
Philip Sargent 2021-03-31 13:00:09 +01:00
parent b3b2356a7e
commit 577bd51613
3 changed files with 167 additions and 4 deletions

2
.gitignore vendored
View File

@ -5,7 +5,6 @@ syntax: glob
db* db*
*.sqlite *.sqlite
*.sql *.sql
localsettings.py
*~ *~
parsing_log.txt parsing_log.txt
troggle troggle
@ -43,3 +42,4 @@ _1623.pos
_1623.err _1623.err
diffsettings.txt diffsettings.txt
_16230.svx _16230.svx
credentials.py

161
localsettings.py Normal file
View File

@ -0,0 +1,161 @@
import sys
import os
import urllib.parse
from pathlib import Path
"""Settings for a troggle installation which may vary among different
installations: for development or deployment, in a docker image or
python virtual environment (venv), on ubuntu, debian or in Windows
System for Linux (WSL), on the main server or in the potato hut,
using SQLite or mariaDB.
It sets the directory locations for the major parts of the system so
that e.g. expofiles can be on a different filesystem.
This file is included at the end of the main troggle/settings.py file so that
it overwrites defaults in that file.
"""
# link 'localsettings.py' to localsettingsWSL.py for use on a Windows 10 machine running WSL1
print(" * importing troggle/localsettings.py")
#-----------------------------------------------------------------
# THINK before you push this to a repo
# - have you checked that credentials.py is in .gitignore ?
# - have you run pre-push.sh to copy files and remove passwords?
# - we don't want to have to change the expo system password !
#-----------------------------------------------------------------
# default values, then get overwritten by real secrets
EXPOUSERPASS = "nnn:gggggg"
EMAIL_HOST_PASSWORD = "insert-real-email-password-here"
from credentials import EXPOUSERPASS
from credentials import EMAIL_HOST_PASSWORD
SERVERPORT = '8000'
EXPOFILESREMOTE = False # if True, then re-routes urls in expofiles to remote sever
#SECURE_SSL_REDIRECT = True # breaks 7 tests in test suite 301 not 200 (or 302) and runserver fails completely
# --------------------- MEDIA redirections BEGIN ---------------------
#REPOS_ROOT_PATH = '/mnt/d/CUCC-Expo/t37/'
REPOS_ROOT_PATH = Path(__file__).parent.parent
LIBDIR = REPOS_ROOT_PATH / 'lib' / 'python3.7'
TROGGLE_PATH = Path(__file__).parent
TEMPLATE_PATH = os.fspath(TROGGLE_PATH / 'templates')
MEDIA_ROOT = os.fspath(TROGGLE_PATH / 'media')
# URL that handles the media served from MEDIA_ROOT. Make sure to use a
# trailing slash if there is a path component (optional in other cases).
MEDIA_URL = '/site-media/'
DIR_ROOT = ''#this should end in / if a value is given
URL_ROOT = '/'
URL_ROOT = 'http://localhost:'+ SERVERPORT +'/'
MEDIA_URL = urllib.parse.urljoin(URL_ROOT , '/site_media/')
SURVEYS_URL = urllib.parse.urljoin(URL_ROOT , '/survey_scans/')
PHOTOS_URL = urllib.parse.urljoin(URL_ROOT , '/photos/')
SVX_URL = urllib.parse.urljoin(URL_ROOT , '/survex/')
STATIC_URL = urllib.parse.urljoin(URL_ROOT , '/static/') # used by Django admin pages. Do not delete.
JSLIB_URL = urllib.parse.urljoin(URL_ROOT , '/javascript/') # always fails, try to revive it ?
#STATIC_ROOT removed after merging content into MEDIA_ROOT. See urls.py & core/views_surveys.py
# --------------------- MEDIA redirections END ---------------------
PUBLIC_SITE = True
DEBUG = True # Always keep this True, even when on public server. Otherwise NO USEFUL ERROR MESSAGES !
# executables:
CAVERN = 'cavern' # for parsing .svx files and producing .3d files
SURVEXPORT = 'survexport' # for parsing .3d files and producing .pos files
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3', # 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
'NAME' : 'troggle.sqlite',
# 'NAME' : ':memory:',
'USER' : 'expo', # Not used with sqlite3.
'PASSWORD' : 'sekrit', # Not used with sqlite3.
'HOST' : '', # Set to empty string for localhost. Not used with sqlite3.
'PORT' : '', # Set to empty string for default. Not used with sqlite3.
}
}
# add in 358 when they don't make it crash horribly
NOTABLECAVESHREFS = [ "290", "291", "359", "264", "258", "204", "76", "107"]
PYTHON_PATH = REPOS_ROOT_PATH / 'troggle'
sys.path.append(os.fspath(REPOS_ROOT_PATH))
sys.path.append(os.fspath(PYTHON_PATH))
LOGFILE = PYTHON_PATH / 'troggle.log'
PYTHON_PATH = os.fspath(PYTHON_PATH)
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [
TEMPLATE_PATH
],
'OPTIONS': {
'debug': 'DEBUG',
'context_processors': [
# django.template.context_processors.csrf, # is always enabled and cannot be removed, sets csrf_token
'django.contrib.auth.context_processors.auth', # knowledge of logged-on user & permissions
'core.context.troggle_context', # in core/troggle.py
'django.template.context_processors.debug',
#'django.template.context_processors.request', # copy of current request, added in trying to make csrf work
'django.template.context_processors.i18n',
'django.template.context_processors.media', # includes a variable MEDIA_URL
'django.template.context_processors.static', # includes a variable STATIC_URL
'django.template.context_processors.tz',
'django.contrib.messages.context_processors.messages',
],
'loaders': [
'django.template.loaders.filesystem.Loader',
'django.template.loaders.app_directories.Loader', #For each app, inc admin, in INSTALLED_APPS, loader looks for /templates
# insert your own TEMPLATE_LOADERS here
]
},
},
]
EXPOUSER = 'expo'
# EXPOUSERPASS = "nnn:gggggg" # loaded from credentials.py
EXPOUSER_EMAIL = 'philip.sargent@gmail.com'
EMAIL_HOST = "smtp-auth.mythic-beasts.com"
EMAIL_HOST_USER = "django-test@klebos.net" # Philip Sargent really
# EMAIL_HOST_PASSWORD = "insert-real-email-password-here" # loaded from credentials.py
EMAIL_PORT=587
EMAIL_USE_TLS = True
DEFAULT_FROM_EMAIL = 'django-test@klebos.net'
SURVEX_DATA = REPOS_ROOT_PATH / "loser"
TUNNEL_DATA = REPOS_ROOT_PATH / "drawings"
THREEDCACHEDIR = REPOS_ROOT_PATH / 'expowebcache' / '3d'
EXPOWEB = REPOS_ROOT_PATH / "expoweb"
SURVEYS = REPOS_ROOT_PATH
SURVEY_SCANS = '/mnt/f/expofiles/surveyscans/'
FILES = '/mnt/f/expofiles/'
CAVEDESCRIPTIONS = EXPOWEB / "cave_data"
ENTRANCEDESCRIPTIONS = EXPOWEB / "entrance_data"
EXPOWEB_URL = ''
SURVEYS_URL = '/survey_scans/'
EXPOFILES ='/mnt/f/expofiles/'
# Sanitise these to be strings as all other code is expecting strings
# and we have not made the change to pathlib Path type in the other localsettings-* variants yet.
CAVEDESCRIPTIONS = os.fspath(CAVEDESCRIPTIONS)
ENTRANCEDESCRIPTIONS = os.fspath(ENTRANCEDESCRIPTIONS)
LOGFILE = os.fspath(LOGFILE)
SURVEYS = os.fspath(SURVEYS)
EXPOWEB = os.fspath(EXPOWEB)
THREEDCACHEDIR = os.fspath(THREEDCACHEDIR)
TUNNEL_DATA = os.fspath(TUNNEL_DATA)
SURVEX_DATA = os.fspath(SURVEX_DATA)
REPOS_ROOT_PATH = os.fspath(REPOS_ROOT_PATH)
print(" + finished importing troggle/localsettings.py")

View File

@ -21,6 +21,10 @@ import django
print("* importing troggle/settings.py") print("* importing troggle/settings.py")
# default value, then gets overwritten by real secrets
SECRET_KEY = "not-the-real-secret-key-a#vaeozn0---^fj!355qki*vj2"
from credentials import SECRET_KEY
# Note that this builds upon the django system installed # Note that this builds upon the django system installed
# global settings in # global settings in
# django/conf/global_settings.py which is automatically loaded first. # django/conf/global_settings.py which is automatically loaded first.
@ -31,7 +35,7 @@ print("* importing troggle/settings.py")
# Django settings for troggle project. # Django settings for troggle project.
ALLOWED_HOSTS = ['expo.survex.com', '.survex.com', 'localhost', '127.0.0.1', '192.168.0.5' ] ALLOWED_HOSTS = ['*', 'expo.survex.com', '.survex.com', 'localhost', '127.0.0.1', '192.168.0.5' ]
ADMINS = ( ADMINS = (
# ('Your Name', 'your_email@domain.com'), # ('Your Name', 'your_email@domain.com'),
@ -103,8 +107,6 @@ LOGBOOK_PARSER_SETTINGS = {
APPEND_SLASH = False APPEND_SLASH = False
SMART_APPEND_SLASH = True SMART_APPEND_SLASH = True
# Make this unique, and don't share it with anybody.
SECRET_KEY = "not-the-real-secret-key-a#vaeozn0---^fj!355qki*vj2"
LOGIN_REDIRECT_URL = '/' LOGIN_REDIRECT_URL = '/'
SECURE_CONTENT_TYPE_NOSNIFF = True SECURE_CONTENT_TYPE_NOSNIFF = True