From 6e452b2ee9d87faeba5241f6b62c2460f3b24629 Mon Sep 17 00:00:00 2001 From: Philip Sargent Date: Thu, 25 May 2023 12:53:41 +0300 Subject: [PATCH] current settings on server - sanitized --- .gitignore | 2 + .../localsettings2023-04-05-cleansed.py | 160 ++++++++++++++++++ ...=> localsettingsserver2023-01-cleansed.py} | 2 +- .../{settings.py => settings2023-02-10.py} | 0 _deploy/debian/settings2023-04-23.py | 147 ++++++++++++++++ 5 files changed, 310 insertions(+), 1 deletion(-) create mode 100644 _deploy/debian/localsettings2023-04-05-cleansed.py rename _deploy/debian/{localsettingsserver.py => localsettingsserver2023-01-cleansed.py} (98%) rename _deploy/debian/{settings.py => settings2023-02-10.py} (100%) create mode 100644 _deploy/debian/settings2023-04-23.py diff --git a/.gitignore b/.gitignore index 51eb283..e629ee9 100644 --- a/.gitignore +++ b/.gitignore @@ -66,6 +66,8 @@ troggle.sqlite - Shortcut.lnk _deploy/debian/localsettings-jan.py _deploy/debian/localsettings-nw.py py310d32 +_deploy/debian/localsettingsserver2023-01-secret.py +_deploy/debian/localsettings2023-04-05-secret.py pydebianbullseye javascript diff --git a/_deploy/debian/localsettings2023-04-05-cleansed.py b/_deploy/debian/localsettings2023-04-05-cleansed.py new file mode 100644 index 0000000..2544dff --- /dev/null +++ b/_deploy/debian/localsettings2023-04-05-cleansed.py @@ -0,0 +1,160 @@ +import os +import sys +import urllib.parse +from pathlib import Path + +"""Settings for a troggle installation which may vary among different +installations: for development or deployment, in a docker image or +python virtual environment (venv), on ubuntu, debian or in Windows +System for Linux (WSL), on the main server or in the potato hut, +using SQLite or mariaDB. + +It sets the directory locations for the major parts of the system so +that e.g. expofiles can be on a different filesystem. + +This file is included at the end of the main troggle/settings.py file so that +it overwrites defaults in that file. + +NOTE this file is vastly out of sync with troggle/_deploy/wsl/localsettings.py +which is the most recent version used in active maintenance. There should be +essential differences, but there and many, many non-essential differences which +should be eliminated for clarity and to use modern idioms. 8 March 2023. +""" + +print(" * importing troggle/localsettings.py") + +# DO NOT check this file into the git repo - it contains real passwords. + +EXPOFILESREMOTE = False # if True, then re-routes urls in expofiles to remote sever +#SECURE_SSL_REDIRECT = True # breaks 7 tests in test suite 301 not 200 (or 302) and runserver fails completely + +DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.mysql', # 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'. + 'NAME' : 'troggle', # Or path to database file if using sqlite3. + 'USER' : 'expo', # Not used with sqlite3. + 'PASSWORD' : '123456789012345', # Not used with sqlite3. Not a real password. + 'HOST' : '', # Set to empty string for localhost. Not used with sqlite3. + 'PORT' : '', # Set to empty string for default. Not used with sqlite3. + } +} + + +EXPOUSER = 'expo' +EXPOUSERPASS = 'Not a real password' +EXPOADMINUSER = 'expoadmin' +EXPOADMINUSERPASS = 'Not a real password' +EXPOUSER_EMAIL = 'wookey@wookware.org' +EXPOADMINUSER_EMAIL = 'wookey@wookware.org' + +REPOS_ROOT_PATH = '/home/expo/' +sys.path.append(REPOS_ROOT_PATH) +sys.path.append(REPOS_ROOT_PATH + 'troggle') +# Define the path to the django app (troggle in this case) +PYTHON_PATH = REPOS_ROOT_PATH + 'troggle/' + + +PHOTOS_YEAR = "2023" +# add in 358 when they don't make it crash horribly +NOTABLECAVESHREFS = [ "290", "291", "359", "264", "258", "204", "76", "107"] + +TEMPLATES = [ + { + 'BACKEND': 'django.template.backends.django.DjangoTemplates', + 'DIRS': [ + PYTHON_PATH + "templates" + ], + 'OPTIONS': { + 'debug': 'DEBUG', + 'context_processors': [ + # django.template.context_processors.csrf, # is always enabled and cannot be removed, sets csrf_token + 'django.contrib.auth.context_processors.auth', # knowledge of logged-on user & permissions + 'core.context.troggle_context', # in core/troggle.py + 'django.template.context_processors.debug', + #'django.template.context_processors.request', # copy of current request, added in trying to make csrf work + 'django.template.context_processors.i18n', + 'django.template.context_processors.media', # includes a variable MEDIA_URL + 'django.template.context_processors.static', # includes a variable STATIC_URL + 'django.template.context_processors.tz', + 'django.contrib.messages.context_processors.messages', + ], + 'loaders': [ + 'django.template.loaders.filesystem.Loader', + 'django.template.loaders.app_directories.Loader', #For each app, inc admin, in INSTALLED_APPS, loader looks for /templates + # insert your own TEMPLATE_LOADERS here + ] + }, + }, +] + +PUBLIC_SITE = True + +# This should be False for normal running +DEBUG = False +CACHEDPAGES = True # experimental page cache for a handful of page types + + +# executables: +CAVERN = 'cavern' # for parsing .svx files and producing .3d files +SURVEXPORT = 'survexport' # for parsing .3d files and producing .pos files + +PV = "python" + str(sys.version_info.major) + "." + str(sys.version_info.minor) +LIBDIR = Path(REPOS_ROOT_PATH) / 'lib' / PV + +EXPOWEB = Path(REPOS_ROOT_PATH + 'expoweb/') +SURVEYS = REPOS_ROOT_PATH +SURVEY_SCANS = REPOS_ROOT_PATH + 'expofiles/surveyscans/' +FILES = REPOS_ROOT_PATH + 'expofiles' +PHOTOS_ROOT = REPOS_ROOT_PATH + 'expofiles/photos/' + +TROGGLE_PATH = Path(__file__).parent +TEMPLATE_PATH = TROGGLE_PATH / 'templates' +MEDIA_ROOT = TROGGLE_PATH / 'media' +JSLIB_ROOT = TROGGLE_PATH / 'media' / 'jslib' # used for CaveViewer JS utility + + +CAVEDESCRIPTIONS = EXPOWEB / "cave_data" +ENTRANCEDESCRIPTIONS = EXPOWEB / "entrance_data" + + +PYTHON_PATH = REPOS_ROOT_PATH + 'troggle/' + + +#URL_ROOT = 'http://expo.survex.com/' +URL_ROOT = '/' +DIR_ROOT = Path("") #this should end in / if a value is given +EXPOWEB_URL = '/' +SURVEYS_URL = '/survey_scans/' + +REPOS_ROOT_PATH = Path(REPOS_ROOT_PATH) + +SURVEX_DATA = REPOS_ROOT_PATH / "loser" +DRAWINGS_DATA = REPOS_ROOT_PATH / "drawings" + + +EXPOFILES = REPOS_ROOT_PATH / "expofiles" +SCANS_ROOT = EXPOFILES / "surveyscans" +PHOTOS_ROOT = EXPOFILES / "photos" + +#EXPOFILES = urllib.parse.urljoin(REPOS_ROOT_PATH, 'expofiles/') +PHOTOS_URL = urllib.parse.urljoin(URL_ROOT, '/photos/') + +# MEDIA_URL is used by urls.py in a regex. See urls.py & core/views_surveys.py +MEDIA_URL = '/site_media/' + + +STATIC_URL = urllib.parse.urljoin(URL_ROOT , '/static/') # used by Django admin pages. Do not delete. +JSLIB_URL = urllib.parse.urljoin(URL_ROOT , '/javascript/') # always fails, try to revive it ? +# STATIC_ROOT removed after merging content into MEDIA_ROOT. See urls.py & core/views/surveys.py + +#TINY_MCE_MEDIA_ROOT = STATIC_ROOT + '/tiny_mce/' # not needed while TinyMCE not installed +#TINY_MCE_MEDIA_URL = STATIC_URL + '/tiny_mce/' # not needed while TinyMCE not installed + +LOGFILE = '/var/log/troggle/troggle.log' +IMPORTLOGFILE = '/var/log/troggle/import.log' + +# Sanitise these to be strings as Django seems to be particularly sensitive to crashing if they aren't +STATIC_URL = str(STATIC_URL) + "/" +MEDIA_URL = str(MEDIA_URL) + "/" + +print(" + finished importing troggle/localsettings.py") diff --git a/_deploy/debian/localsettingsserver.py b/_deploy/debian/localsettingsserver2023-01-cleansed.py similarity index 98% rename from _deploy/debian/localsettingsserver.py rename to _deploy/debian/localsettingsserver2023-01-cleansed.py index d99e61d..a1e22ca 100644 --- a/_deploy/debian/localsettingsserver.py +++ b/_deploy/debian/localsettingsserver2023-01-cleansed.py @@ -32,7 +32,7 @@ DATABASES = { 'ENGINE': 'django.db.backends.mysql', # 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'. 'NAME' : 'troggle', # Or path to database file if using sqlite3. 'USER' : 'expo', # Not used with sqlite3. - 'PASSWORD' : 'uFqP56B4XleeyIW', # Not used with sqlite3. + 'PASSWORD' : '123456789012345', # Not used with sqlite3.Not the real password 'HOST' : '', # Set to empty string for localhost. Not used with sqlite3. 'PORT' : '', # Set to empty string for default. Not used with sqlite3. } diff --git a/_deploy/debian/settings.py b/_deploy/debian/settings2023-02-10.py similarity index 100% rename from _deploy/debian/settings.py rename to _deploy/debian/settings2023-02-10.py diff --git a/_deploy/debian/settings2023-04-23.py b/_deploy/debian/settings2023-04-23.py new file mode 100644 index 0000000..938c024 --- /dev/null +++ b/_deploy/debian/settings2023-04-23.py @@ -0,0 +1,147 @@ +""" +Django settings for troggle project. + +For more information on this file, see +https://docs.djangoproject.com/en/dev/topics/settings/ + +For the full list of settings and their values, see +https://docs.djangoproject.com/en/dev/ref/settings/ +""" +# Imports should be grouped in the following order: + +# 1.Standard library imports. +# 2.Related third party imports. +# 3.Local application/library specific imports. +# 4.You should put a blank line between each group of imports. + + + +print("* importing troggle/settings.py") + +# default value, then gets overwritten by real secrets +SECRET_KEY = "not-the-real-secret-key-a#vaeozn0---^fj!355qki*vj2" + +GIT = "git" # command for running git + +# Note that this builds upon the django system installed +# global settings in +# django/conf/global_settings.py which is automatically loaded first. +# read https://docs.djangoproject.com/en/dev/topics/settings/ + +# Build paths inside the project like this: os.path.join(BASE_DIR, ...) +# BASE_DIR = os.path.dirname(os.path.dirname(__file__)) + +# Django settings for troggle project. + +ALLOWED_HOSTS = ["*", "expo.survex.com", ".survex.com", "localhost", "127.0.0.1", "192.168.0.5"] + +ADMINS = ( + # ('Your Name', 'your_email@domain.com'), +) +MANAGERS = ADMINS + +# LOGIN_URL = '/accounts/login/' # this is the default value so does not need to be set + +# Local time zone for this installation. Choices can be found here: +# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name +# although not all choices may be available on all operating systems. +# If running in a Windows environment this must be set to the same as your +# system time zone. +USE_TZ = True +TIME_ZONE = "Europe/London" + +# Language code for this installation. All choices can be found here: +# http://www.i18nguy.com/unicode/language-identifiers.html +LANGUAGE_CODE = "en-uk" + +SITE_ID = 1 + +# If you set this to False, Django will make some optimizations so as not +# to load the internationalization machinery. +USE_I18N = True +USE_L10N = True + +FIX_PERMISSIONS = [] + +# top-level survex file basename (without .svx) +SURVEX_TOPNAME = "1623-and-1626-no-schoenberg-hs" + + +# Caves for which survex files exist, but are not otherwise registered +# replaced (?) by expoweb/cave_data/pendingcaves.txt +# PENDING = ["1626-361", "2007-06", "2009-02", +# "2012-ns-01", "2012-ns-02", "2010-04", "2012-ns-05", "2012-ns-06", +# "2012-ns-07", "2012-ns-08", "2012-ns-12", "2012-ns-14", "2012-ns-15", "2014-bl888", +# "2018-pf-01", "2018-pf-02"] + +APPEND_SLASH = ( + False # never relevant because we have urls that match unknown files and produce an 'edit this page' response +) +SMART_APPEND_SLASH = True # not eorking as middleware different after Dj2.0 + + +LOGIN_REDIRECT_URL = "/" # does not seem to have any effect + +SECURE_CONTENT_TYPE_NOSNIFF = True +SECURE_BROWSER_XSS_FILTER = True +# SESSION_COOKIE_SECURE = True # if enabled, cannot login to Django control panel, bug elsewhere? +# CSRF_COOKIE_SECURE = True # if enabled only sends cookies over SSL +X_FRAME_OPTIONS = "DENY" # changed to "DENY" after I eliminated all the iframes e.g. /xmlvalid.html + +DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" # from Django 3.2 + +INSTALLED_APPS = ( + "django.contrib.admin", + "django.contrib.auth", # includes the url redirections for login, logout + "django.contrib.contenttypes", + "django.contrib.sessions", + "django.contrib.messages", + "django.contrib.admindocs", + "django.forms", # Required to customise widget templates + # 'django.contrib.staticfiles', # We put our CSS etc explicitly in the right place so do not need this + "troggle.core", +) + +FORM_RENDERER = "django.forms.renderers.TemplatesSetting" # Required to customise widget templates + +# See the recommended order of these in https://docs.djangoproject.com/en/dev/ref/middleware/ +# Note that this is a radically different onion architecture from earlier versions though it looks the same, +# see https://docs.djangoproject.com/en/dev/topics/http/middleware/#upgrading-pre-django-1-10-style-middleware +# Seriously, read this: https://www.webforefront.com/django/middlewaredjango.html which is MUCH BETTER than the docs +MIDDLEWARE = [ + #'django.middleware.security.SecurityMiddleware', # SECURE_SSL_REDIRECT and SECURE_SSL_HOST # we don't use this + "django.middleware.gzip.GZipMiddleware", # not needed when expofiles and photos served by apache + "django.contrib.sessions.middleware.SessionMiddleware", # Manages sessions, if CSRF_USE_SESSIONS then it needs to be early + "django.middleware.common.CommonMiddleware", # DISALLOWED_USER_AGENTS, APPEND_SLASH and PREPEND_WWW + "django.middleware.csrf.CsrfViewMiddleware", # Cross Site Request Forgeries by adding hidden form fields to POST + "django.contrib.auth.middleware.AuthenticationMiddleware", # Adds the user attribute, representing the currently-logged-in user + "django.contrib.admindocs.middleware.XViewMiddleware", # this and docutils needed by admindocs + "django.contrib.messages.middleware.MessageMiddleware", # Cookie-based and session-based message support. Needed by admin system + "django.middleware.clickjacking.XFrameOptionsMiddleware", # clickjacking protection via the X-Frame-Options header + #'django.middleware.security.SecurityMiddleware', # SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, SECURE_REFERRER_POLICY, and SECURE_SSL_REDIRECT + #'troggle.core.middleware.SmartAppendSlashMiddleware' # needs adapting after Dj2.0 +] + +ROOT_URLCONF = "troggle.urls" + +WSGI_APPLICATION = "troggle.wsgi.application" # change to asgi as soon as we upgrade to Django 3.0 + +ACCOUNT_ACTIVATION_DAYS = 3 + +# AUTH_PROFILE_MODULE = 'core.person' # used by removed profiles app ? + +QM_PATTERN = "\[\[\s*[Qq][Mm]:([ABC]?)(\d{4})-(\d*)-(\d*)\]\]" + +# Re-enable TinyMCE when Dj upgraded to v3. Also templates/editexpopage.html +# TINYMCE_DEFAULT_CONFIG = { +# 'plugins': "table,spellchecker,paste,searchreplace", +# 'theme': "advanced", +# } +# TINYMCE_SPELLCHECKER = False +# TINYMCE_COMPRESSOR = True + +TEST_RUNNER = "django.test.runner.DiscoverRunner" + +from localsettings import * + +# localsettings needs to take precedence. Call it to override any existing vars.