Move secrets values to the top

Probably not the best way to do it, but it'll do.

We should add some logic to bail if certain values are unset.
Logic in settings, *gross*, I know.
This commit is contained in:
Sachi King 2017-03-31 14:53:30 +11:00
parent dc532cc4f8
commit cfa9a60f11

View file

@ -3,19 +3,52 @@ import saml2
import saml2.saml import saml2.saml
from django.utils.crypto import get_random_string from django.utils.crypto import get_random_string
PROJECT_ROOT = os.path.abspath(os.path.join(os.path.dirname(__file__), os.pardir)) PROJECT_ROOT = os.path.abspath(os.path.join(os.path.dirname(__file__), os.pardir))
PACKAGE_ROOT = os.path.abspath(os.path.dirname(__file__)) PACKAGE_ROOT = os.path.abspath(os.path.dirname(__file__))
BASE_DIR = PACKAGE_ROOT BASE_DIR = PACKAGE_ROOT
DEBUG = True # bool(int(os.environ.get("DEBUG", "1")))
### USER SETTINGS
DEBUG = True
DATABASES = { DATABASES = {
"default": { "default": {
"ENGINE": "django.db.backends.sqlite3", "ENGINE": "django.db.backends.sqlite3",
"NAME": os.path.join(PROJECT_ROOT, "dev.db"), "NAME": os.path.join(PROJECT_ROOT, "dev.db"),
} }
} }
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
THEME_CONTACT_EMAIL = "team@lca2018.org"
SECRET_KEY = os.environ.get("DJANGO_SECRET_KEY", get_random_string(length=64))
PINAX_STRIPE_PUBLIC_KEY = os.environ.get("STRIPE_PUBLIC_KEY", "your test public key")
PINAX_STRIPE_SECRET_KEY = os.environ.get("STRIPE_SECRET_KEY", "your test secret key")
PINAX_STRIPE_SEND_EMAIL_RECEIPTS = False
saml2_entityid = 'http://example.com/saml2/metadata/'
saml2_sp_name = 'Federated Django sample SP'
saml2_sp_assertion_service = 'http://example.com/saml2/acs/'
saml2_sp_slo_rdir = 'http://example.com/saml2/ls/'
smal2_sp_slo_post = 'http://example.com/saml2/ls/post'
saml2_base_dir = os.path.join(PACKAGE_ROOT, 'saml2')
saml2_idp_metadata = {
'local': [os.path.join(saml2_base_dir, 'remote_metadata.xml')],
},
saml2_signing_key = os.path.join(saml2_base_dir, 'cert.key')
saml2_signing_crt = os.path.join(saml2_base_dir, 'cert.pem')
saml2_encr_key = os.path.join(saml2_base_dir, 'enc.key')
saml2_encr_crt = os.path.join(saml2_base_dir, 'enc.crt')
saml2_contact = [
{'given_name': os.environ.get("META_GIVEN_NAME", 'Bastard'),
'sur_name': os.environ.get('META_FAM_NAME', 'Operator'),
'company': os.environ.get('META_COMPANY', 'Corp1'),
'email_address': os.environ.get('META_EMAIL', 'op@example.com'),
'contact_type': 'technical'},
],
### Standard settings
CACHES = { CACHES = {
'default': { 'default': {
@ -24,7 +57,7 @@ CACHES = {
} }
ALLOWED_HOSTS = ['lca2018.org'] ALLOWED_HOSTS = ['lca2018.org', '127.0.0.1', 'localhost']
TIME_ZONE = "Australia/Sydney" TIME_ZONE = "Australia/Sydney"
DATE_FORMAT = "j F Y" DATE_FORMAT = "j F Y"
@ -50,8 +83,6 @@ STATICFILES_FINDERS = [
"django.contrib.staticfiles.finders.AppDirectoriesFinder", "django.contrib.staticfiles.finders.AppDirectoriesFinder",
] ]
SECRET_KEY = os.environ.get("DJANGO_SECRET_KEY", get_random_string(length=64))
TEMPLATES = [ TEMPLATES = [
{ {
"BACKEND": "django.template.backends.django.DjangoTemplates", "BACKEND": "django.template.backends.django.DjangoTemplates",
@ -221,10 +252,6 @@ FIXTURE_DIRS = [
os.path.join(PROJECT_ROOT, "fixtures"), os.path.join(PROJECT_ROOT, "fixtures"),
] ]
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
THEME_CONTACT_EMAIL = "team@lca2018.org"
AUTHENTICATION_BACKENDS = [ AUTHENTICATION_BACKENDS = [
'symposion.teams.backends.TeamPermissionsBackend', 'symposion.teams.backends.TeamPermissionsBackend',
'django.contrib.auth.backends.ModelBackend', 'django.contrib.auth.backends.ModelBackend',
@ -252,16 +279,10 @@ PROPOSAL_FORMS = {
"openhardware-miniconf": "pinaxcon.proposals.forms.OpenHardwareProposalForm", "openhardware-miniconf": "pinaxcon.proposals.forms.OpenHardwareProposalForm",
} }
# PINAX_PAGES_HOOKSET = "pinaxcon.hooks.PinaxPagesHookSet"
# PINAX_BOXES_HOOKSET = "pinaxcon.hooks.PinaxBoxesHookSet"
# Registrasion bits: # Registrasion bits:
ATTENDEE_PROFILE_MODEL = "pinaxcon.registrasion.models.AttendeeProfile" ATTENDEE_PROFILE_MODEL = "pinaxcon.registrasion.models.AttendeeProfile"
ATTENDEE_PROFILE_FORM = "pinaxcon.registrasion.forms.ProfileForm" ATTENDEE_PROFILE_FORM = "pinaxcon.registrasion.forms.ProfileForm"
INVOICE_CURRENCY = "AUD" INVOICE_CURRENCY = "AUD"
PINAX_STRIPE_PUBLIC_KEY = os.environ.get("STRIPE_PUBLIC_KEY", "your test public key")
PINAX_STRIPE_SECRET_KEY = os.environ.get("STRIPE_SECRET_KEY", "your test secret key")
PINAX_STRIPE_SEND_EMAIL_RECEIPTS = False
ATTENDEE_PROFILE_FORM = "pinaxcon.registrasion.forms.ProfileForm" ATTENDEE_PROFILE_FORM = "pinaxcon.registrasion.forms.ProfileForm"
@ -277,8 +298,6 @@ NOSE_ARGS = [
'--cover-package=registrasion.controllers,registrasion.models', '--cover-package=registrasion.controllers,registrasion.models',
] ]
BASEDIR = os.path.dirname(os.path.abspath(__file__))
BASEDIR = os.path.join(BASEDIR, 'saml2')
SAML_ATTRIBUTE_MAPPING = { SAML_ATTRIBUTE_MAPPING = {
'uid': ('username', ), 'uid': ('username', ),
'mail': ('email', ), 'mail': ('email', ),
@ -287,44 +306,34 @@ SAML_ATTRIBUTE_MAPPING = {
} }
SAML_CONFIG = { SAML_CONFIG = {
'xmlsec_binary': '/usr/bin/xmlsec1', 'xmlsec_binary': '/usr/bin/xmlsec1',
'entityid': 'http://example.com/saml2/metadata/', 'entityid': saml2_entityid,
'attribute_map_dir': os.path.join(BASEDIR, 'attribute-maps'), 'attribute_map_dir': os.path.join(PACKAGE_ROOT, 'saml2/attribute-maps'),
'service': { 'service': {
'sp': { 'sp': {
'name': 'Federated Django sample SP', 'name': saml2_sp_name,
'endpoints': { 'endpoints': {
'assertion_consumer_service': [ 'assertion_consumer_service': [
'http://example.com/saml2/acs/', saml2_sp_assertion_service,
], ],
'single_logout_service': [ 'single_logout_service': [
('http://example.com/saml2/ls/', (saml2_sp_slo_rdir, saml2.BINDING_HTTP_REDIRECT),
saml2.BINDING_HTTP_REDIRECT), (smal2_sp_slo_post, saml2.BINDING_HTTP_POST),
('http://example.com/saml2/ls/post',
saml2.BINDING_HTTP_POST),
], ],
}, },
'logout_requests_signed': True, 'logout_requests_signed': True,
'required_attributes': ['uid', 'mail', 'givenName', 'sn'], 'required_attributes': ['uid', 'mail', 'givenName', 'sn'],
}, },
}, },
'metadata': { 'metadata': saml2_idp_metadata,
'local': [os.path.join(BASEDIR, 'remote_metadata.xml')],
},
'debug': 1, 'debug': 1,
'key_file': os.path.join(BASEDIR, 'cert.key'), 'key_file': saml2_signing_key,
'cert_file': os.path.join(BASEDIR, 'cert.pem'), 'cert_file': saml2_signing_crt,
'encryption_keypairs': [{ 'encryption_keypairs': [{
'key_file': os.path.join(BASEDIR, 'enc.key'), 'key_file': saml2_encr_key,
'cert_file': os.path.join(BASEDIR, 'enc.cert'), 'cert_file': saml2_encr_crt,
}], }],
'contact_person': [ 'contact_person': saml2_contact,
{'given_name': os.environ.get("META_GIVEN_NAME", 'Bastard'), 'valid_for': 10,
'sur_name': os.environ.get('META_FAM_NAME', 'Operator'),
'company': os.environ.get('META_COMPANY', 'Corp1'),
'email_address': os.environ.get('META_EMAIL', 'op@example.com'),
'contact_type': 'technical'},
],
'valid_for': 1,
} }
DEFAULT_FILE_STORAGE = 'gapc_storage.storage.GoogleCloudStorage' DEFAULT_FILE_STORAGE = 'gapc_storage.storage.GoogleCloudStorage'