Bit of a settings fixup to make it work with t.s
This commit is contained in:
parent
849c221aee
commit
a3f45a001b
|
@ -4,3 +4,4 @@ notes.md
|
|||
.git
|
||||
.venv
|
||||
.pre-commit-config.yaml
|
||||
.env
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
TAKAHE_DATABASE_URL="postgres://postgres:insecure_password@db/takahe"
|
||||
TAKAHE_DATABASE_SERVER="sqlite://takahe.db"
|
||||
TAKAHE_DEBUG=true
|
||||
TAKAHE_SECRET_KEY="insecure_secret"
|
||||
TAKAHE_CSRF_TRUSTED_ORIGINS=["http://127.0.0.1:8000", "https://127.0.0.1:8000"]
|
||||
TAKAHE_USE_PROXY_HEADERS=true
|
||||
TAKAHE_EMAIL_BACKEND="console://console"
|
||||
TAKAHE_EMAIL_SERVER="console://console"
|
||||
TAKAHE_MAIN_DOMAIN="example.com"
|
||||
TAKAHE_ENVIRONMENT="development"
|
|
@ -11,7 +11,7 @@ COPY . /takahe
|
|||
|
||||
WORKDIR /takahe
|
||||
|
||||
RUN TAKAHE_DATABASE_URL="postgres://dummy:dummy@localhost/postgres" python3 manage.py collectstatic
|
||||
RUN TAKAHE_DATABASE_SERVER="postgres://x@example.com/x" python3 manage.py collectstatic
|
||||
|
||||
EXPOSE 8000
|
||||
|
||||
|
|
|
@ -61,36 +61,33 @@ Environment Variables
|
|||
All of these variables are *required* for a working installation, and should
|
||||
be provided from the first boot.
|
||||
|
||||
* ``PGHOST``, ``PGPORT``, ``PGUSER``, ``PGDATABASE``, and ``PGPASSWORD`` are the
|
||||
standard PostgreSQL environment variables for configuring your database.
|
||||
* ``TAKAHE_DATABASE_SERVER`` should be a database DSN for your database (you can use
|
||||
the standard ``PG*`` variables too if you want)
|
||||
|
||||
* ``TAKAHE_SECRET_KEY`` must be a fixed, random value (it's used for internal
|
||||
cryptography). Don't change this unless you want to invalidate all sessions.
|
||||
|
||||
* ``TAKAHE_MEDIA_BACKEND`` must be one of ``local``, ``s3`` or ``gcs``.
|
||||
* ``TAKAHE_MEDIA_BACKEND`` must be a URI starting with ``local://``, ``s3://`` or ``gcs://``.
|
||||
|
||||
* If it is set to ``local``, you must also provide ``TAKAHE_MEDIA_ROOT``,
|
||||
* If it is set to ``local://``, you must also provide ``TAKAHE_MEDIA_ROOT``,
|
||||
the path to the local media directory, and ``TAKAHE_MEDIA_URL``, a
|
||||
fully-qualified URL prefix that serves that directory.
|
||||
|
||||
* If it is set to ``gcs``, you must also provide ``TAKAHE_MEDIA_BUCKET``,
|
||||
the name of the bucket to store files in. The bucket must be publicly
|
||||
readable and have "uniform access control" enabled.
|
||||
* If it is set to ``gcs://``, it must be in the form ``gcs://bucket-name``
|
||||
(note the two slashes if you just want a bucket name)
|
||||
|
||||
* If it is set to ``s3``, you must also provide ``TAKAHE_MEDIA_BUCKET``,
|
||||
the name of the bucket to store files in.
|
||||
* If it is set to ``s3://``, it must be in the form ``s3://access-key:secret-key@endpoint-url/bucket-name``
|
||||
|
||||
* ``TAKAHE_MAIN_DOMAIN`` should be the domain name (without ``https://``) that
|
||||
will be used for default links (such as in emails). It does *not* need to be
|
||||
the same as any domain you are hosting user accounts on.
|
||||
|
||||
* ``TAKAHE_EMAIL_HOST`` and ``TAKAHE_EMAIL_PORT`` (along with
|
||||
``TAKAHE_EMAIL_USER`` and ``TAKAHE_EMAIL_PASSWORD``, if needed) should point
|
||||
to an SMTP server Takahe can use for sending email. Email is *required*, to
|
||||
allow account creation and password resets.
|
||||
* ``TAKAHE_EMAIL_SERVER`` should be set to an ``smtp://`` or ``sendgrid://`` URI
|
||||
|
||||
* If you are using SendGrid, you can just set an API key in
|
||||
``TAKAHE_EMAIL_SENDGRID_KEY`` instead.
|
||||
* If you are using SMTP, it is ``smtp://username:password@host:port/``. You
|
||||
can also put ``?tls=true`` or ``?ssl=true`` on the end to enable encryption.
|
||||
|
||||
* If you are using SendGrid, you should set the URI to ``sendgrid://api-key``
|
||||
|
||||
* ``TAKAHE_EMAIL_FROM`` is the email address that emails from the system will
|
||||
appear to come from.
|
||||
|
@ -99,12 +96,13 @@ be provided from the first boot.
|
|||
be automatically promoted to administrator when it signs up. You only need
|
||||
this for initial setup, and can unset it after that if you like.
|
||||
|
||||
* ``TAKAHE_STATOR_TOKEN`` should be a random string that you are using to
|
||||
protect the stator (task runner) endpoint. You'll use this value later.
|
||||
* If you don't want to run Stator as a background process but as a view,
|
||||
set ``TAKAHE_STATOR_TOKEN`` to a random string that you are using to
|
||||
protect it; you'll use this when setting up the URL to be called.
|
||||
|
||||
* If your installation is behind a HTTPS endpoint that is proxying it, set
|
||||
``TAKAHE_SECURE_HEADER`` to the header name used to signify that HTTPS is
|
||||
being used (usually ``X-Forwarded-Proto``)
|
||||
``TAKAHE_USE_PROXY_HEADERS`` to ``true``. (The HTTPS proxy header must be called
|
||||
``X-Forwarded-Proto``).
|
||||
|
||||
* If you want to receive emails about internal site errors, set
|
||||
``TAKAHE_ERROR_EMAILS`` to a comma-separated list of email addresses that
|
||||
|
|
|
@ -31,25 +31,32 @@ class Settings(BaseSettings):
|
|||
"""
|
||||
|
||||
#: The default database.
|
||||
DATABASE_URL: Optional[PostgresDsn]
|
||||
DATABASE_SERVER: Optional[PostgresDsn]
|
||||
|
||||
#: The currently running environment, used for things such as sentry
|
||||
#: error reporting.
|
||||
ENVIRONMENT: Environments = "development"
|
||||
|
||||
#: Should django run in debug mode?
|
||||
DEBUG: bool = False
|
||||
|
||||
#: Set a secret key used for signing values such as sessions. Randomized
|
||||
#: by default, so you'll logout everytime the process restarts.
|
||||
SECRET_KEY: str = Field(default_factory=lambda: secrets.token_hex(128))
|
||||
|
||||
#: Set a secret key used to protect the stator. Randomized by default.
|
||||
STATOR_TOKEN: str = Field(default_factory=lambda: secrets.token_hex(128))
|
||||
|
||||
#: If set, a list of allowed values for the HOST header. The default value
|
||||
#: of '*' means any host will be accepted.
|
||||
ALLOWED_HOSTS: List[str] = Field(default_factory=lambda: ["*"])
|
||||
|
||||
#: If set, a list of hosts to accept for CORS.
|
||||
CORS_HOSTS: List[str] = Field(default_factory=list)
|
||||
|
||||
#: If set, a list of hosts to accept for CSRF.
|
||||
CSRF_HOSTS: List[str] = Field(default_factory=list)
|
||||
|
||||
#: If enabled, trust the HTTP_X_FORWARDED_FOR header.
|
||||
USE_PROXY_HEADERS: bool = False
|
||||
|
||||
|
@ -59,25 +66,25 @@ class Settings(BaseSettings):
|
|||
#: Fallback domain for links.
|
||||
MAIN_DOMAIN: str = "example.com"
|
||||
|
||||
EMAIL_DSN: AnyUrl = "console://localhost"
|
||||
EMAIL_SERVER: AnyUrl = "console://localhost"
|
||||
EMAIL_FROM: EmailStr = "test@example.com"
|
||||
AUTO_ADMIN_EMAIL: Optional[EmailStr] = None
|
||||
ERROR_EMAILS: Optional[List[EmailStr]] = None
|
||||
|
||||
MEDIA_URL: str = "/media/"
|
||||
MEDIA_ROOT: str = str(BASE_DIR / "MEDIA")
|
||||
MEDIA_ROOT: str = str(BASE_DIR / "media")
|
||||
MEDIA_BACKEND: Optional[AnyUrl] = None
|
||||
|
||||
PGHOST: Optional[str] = None
|
||||
PGPORT: int = 5432
|
||||
PGPORT: Optional[int] = 5432
|
||||
PGNAME: str = "takahe"
|
||||
PGUSER: str = "postgres"
|
||||
PGPASSWORD: Optional[str] = None
|
||||
|
||||
@validator("PGHOST", always=True)
|
||||
def validate_db(cls, PGHOST, values): # noqa
|
||||
if not values.get("DATABASE_URL") and not PGHOST:
|
||||
raise ValueError("Either DATABASE_URL or PGHOST are required.")
|
||||
if not values.get("DATABASE_SERVER") and not PGHOST:
|
||||
raise ValueError("Either DATABASE_SERVER or PGHOST are required.")
|
||||
return PGHOST
|
||||
|
||||
class Config:
|
||||
|
@ -154,8 +161,10 @@ TEMPLATES = [
|
|||
|
||||
WSGI_APPLICATION = "takahe.wsgi.application"
|
||||
|
||||
if SETUP.DATABASE_URL:
|
||||
DATABASES = {"default": dj_database_url.parse(SETUP.DATABASE_URL, conn_max_age=600)}
|
||||
if SETUP.DATABASE_SERVER:
|
||||
DATABASES = {
|
||||
"default": dj_database_url.parse(SETUP.DATABASE_SERVER, conn_max_age=600)
|
||||
}
|
||||
else:
|
||||
DATABASES = {
|
||||
"default": {
|
||||
|
@ -243,11 +252,17 @@ if SETUP.SENTRY_DSN:
|
|||
)
|
||||
|
||||
SERVER_EMAIL = SETUP.EMAIL_FROM
|
||||
if SETUP.EMAIL_DSN:
|
||||
parsed = urllib.parse.urlparse(SETUP.EMAIL_DSN)
|
||||
if SETUP.EMAIL_SERVER:
|
||||
parsed = urllib.parse.urlparse(SETUP.EMAIL_SERVER)
|
||||
query = urllib.parse.parse_qs(parsed.query)
|
||||
if parsed.scheme == "console":
|
||||
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
|
||||
elif parsed.scheme == "sendgrid":
|
||||
EMAIL_HOST = "smtp.sendgrid.net"
|
||||
EMAIL_PORT = 587
|
||||
EMAIL_HOST_USER = "apikey"
|
||||
EMAIL_HOST_PASSWORD = parsed.hostname
|
||||
EMAIL_USE_TLS = True
|
||||
elif parsed.scheme == "smtp":
|
||||
EMAIL_HOST = parsed.hostname
|
||||
EMAIL_PORT = parsed.port
|
||||
|
@ -256,7 +271,7 @@ if SETUP.EMAIL_DSN:
|
|||
EMAIL_USE_TLS = as_bool(query.get("tls"))
|
||||
EMAIL_USE_SSL = as_bool(query.get("ssl"))
|
||||
else:
|
||||
raise ValueError("Unknown schema for EMAIL_DSN.")
|
||||
raise ValueError("Unknown schema for EMAIL_SERVER.")
|
||||
|
||||
|
||||
if SETUP.MEDIA_BACKEND:
|
||||
|
@ -264,7 +279,10 @@ if SETUP.MEDIA_BACKEND:
|
|||
query = urllib.parse.parse_qs(parsed.query)
|
||||
if parsed.scheme == "gcs":
|
||||
DEFAULT_FILE_STORAGE = "storages.backends.gcloud.GoogleCloudStorage"
|
||||
if parsed.path.lstrip("/"):
|
||||
GS_BUCKET_NAME = parsed.path.lstrip("/")
|
||||
else:
|
||||
GS_BUCKET_NAME = parsed.hostname
|
||||
GS_QUERYSTRING_AUTH = False
|
||||
elif parsed.scheme == "s3":
|
||||
DEFAULT_FILE_STORAGE = "storages.backends.s3boto3.S3Boto3Storage"
|
||||
|
@ -273,6 +291,8 @@ if SETUP.MEDIA_BACKEND:
|
|||
AWS_SECRET_ACCESS_KEY = parsed.password
|
||||
port = parsed.port or 443
|
||||
AWS_S3_ENDPOINT_URL = f"{parsed.hostname}:{port}"
|
||||
else:
|
||||
raise ValueError(f"Unsupported media backend {parsed.scheme}")
|
||||
|
||||
if SETUP.ERROR_EMAILS:
|
||||
ADMINS = [("Admin", e) for e in SETUP.ERROR_EMAILS]
|
||||
|
|
Loading…
Reference in New Issue