Move secrets values to the top

Probably not the best way to do it, but it'll do.

We should add some logic to bail if certain values are unset.
Logic in settings, *gross*, I know.
This commit is contained in:
Sachi King 2017-03-31 14:53:30 +11:00
parent dc532cc4f8
commit cfa9a60f11

View file

@ -3,19 +3,52 @@ import saml2
import saml2.saml
from django.utils.crypto import get_random_string
PROJECT_ROOT = os.path.abspath(os.path.join(os.path.dirname(__file__), os.pardir))
PACKAGE_ROOT = os.path.abspath(os.path.dirname(__file__))
BASE_DIR = PACKAGE_ROOT
DEBUG = True # bool(int(os.environ.get("DEBUG", "1")))
### USER SETTINGS
DEBUG = True
DATABASES = {
"default": {
"ENGINE": "django.db.backends.sqlite3",
"NAME": os.path.join(PROJECT_ROOT, "dev.db"),
}
}
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
THEME_CONTACT_EMAIL = "team@lca2018.org"
SECRET_KEY = os.environ.get("DJANGO_SECRET_KEY", get_random_string(length=64))
PINAX_STRIPE_PUBLIC_KEY = os.environ.get("STRIPE_PUBLIC_KEY", "your test public key")
PINAX_STRIPE_SECRET_KEY = os.environ.get("STRIPE_SECRET_KEY", "your test secret key")
PINAX_STRIPE_SEND_EMAIL_RECEIPTS = False
saml2_entityid = 'http://example.com/saml2/metadata/'
saml2_sp_name = 'Federated Django sample SP'
saml2_sp_assertion_service = 'http://example.com/saml2/acs/'
saml2_sp_slo_rdir = 'http://example.com/saml2/ls/'
smal2_sp_slo_post = 'http://example.com/saml2/ls/post'
saml2_base_dir = os.path.join(PACKAGE_ROOT, 'saml2')
saml2_idp_metadata = {
'local': [os.path.join(saml2_base_dir, 'remote_metadata.xml')],
},
saml2_signing_key = os.path.join(saml2_base_dir, 'cert.key')
saml2_signing_crt = os.path.join(saml2_base_dir, 'cert.pem')
saml2_encr_key = os.path.join(saml2_base_dir, 'enc.key')
saml2_encr_crt = os.path.join(saml2_base_dir, 'enc.crt')
saml2_contact = [
{'given_name': os.environ.get("META_GIVEN_NAME", 'Bastard'),
'sur_name': os.environ.get('META_FAM_NAME', 'Operator'),
'company': os.environ.get('META_COMPANY', 'Corp1'),
'email_address': os.environ.get('META_EMAIL', 'op@example.com'),
'contact_type': 'technical'},
],
### Standard settings
CACHES = {
'default': {
@ -24,7 +57,7 @@ CACHES = {
}
ALLOWED_HOSTS = ['lca2018.org']
ALLOWED_HOSTS = ['lca2018.org', '127.0.0.1', 'localhost']
TIME_ZONE = "Australia/Sydney"
DATE_FORMAT = "j F Y"
@ -50,8 +83,6 @@ STATICFILES_FINDERS = [
"django.contrib.staticfiles.finders.AppDirectoriesFinder",
]
SECRET_KEY = os.environ.get("DJANGO_SECRET_KEY", get_random_string(length=64))
TEMPLATES = [
{
"BACKEND": "django.template.backends.django.DjangoTemplates",
@ -221,10 +252,6 @@ FIXTURE_DIRS = [
os.path.join(PROJECT_ROOT, "fixtures"),
]
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
THEME_CONTACT_EMAIL = "team@lca2018.org"
AUTHENTICATION_BACKENDS = [
'symposion.teams.backends.TeamPermissionsBackend',
'django.contrib.auth.backends.ModelBackend',
@ -252,16 +279,10 @@ PROPOSAL_FORMS = {
"openhardware-miniconf": "pinaxcon.proposals.forms.OpenHardwareProposalForm",
}
# PINAX_PAGES_HOOKSET = "pinaxcon.hooks.PinaxPagesHookSet"
# PINAX_BOXES_HOOKSET = "pinaxcon.hooks.PinaxBoxesHookSet"
# Registrasion bits:
ATTENDEE_PROFILE_MODEL = "pinaxcon.registrasion.models.AttendeeProfile"
ATTENDEE_PROFILE_FORM = "pinaxcon.registrasion.forms.ProfileForm"
INVOICE_CURRENCY = "AUD"
PINAX_STRIPE_PUBLIC_KEY = os.environ.get("STRIPE_PUBLIC_KEY", "your test public key")
PINAX_STRIPE_SECRET_KEY = os.environ.get("STRIPE_SECRET_KEY", "your test secret key")
PINAX_STRIPE_SEND_EMAIL_RECEIPTS = False
ATTENDEE_PROFILE_FORM = "pinaxcon.registrasion.forms.ProfileForm"
@ -277,8 +298,6 @@ NOSE_ARGS = [
'--cover-package=registrasion.controllers,registrasion.models',
]
BASEDIR = os.path.dirname(os.path.abspath(__file__))
BASEDIR = os.path.join(BASEDIR, 'saml2')
SAML_ATTRIBUTE_MAPPING = {
'uid': ('username', ),
'mail': ('email', ),
@ -287,44 +306,34 @@ SAML_ATTRIBUTE_MAPPING = {
}
SAML_CONFIG = {
'xmlsec_binary': '/usr/bin/xmlsec1',
'entityid': 'http://example.com/saml2/metadata/',
'attribute_map_dir': os.path.join(BASEDIR, 'attribute-maps'),
'entityid': saml2_entityid,
'attribute_map_dir': os.path.join(PACKAGE_ROOT, 'saml2/attribute-maps'),
'service': {
'sp': {
'name': 'Federated Django sample SP',
'name': saml2_sp_name,
'endpoints': {
'assertion_consumer_service': [
'http://example.com/saml2/acs/',
saml2_sp_assertion_service,
],
'single_logout_service': [
('http://example.com/saml2/ls/',
saml2.BINDING_HTTP_REDIRECT),
('http://example.com/saml2/ls/post',
saml2.BINDING_HTTP_POST),
(saml2_sp_slo_rdir, saml2.BINDING_HTTP_REDIRECT),
(smal2_sp_slo_post, saml2.BINDING_HTTP_POST),
],
},
'logout_requests_signed': True,
'required_attributes': ['uid', 'mail', 'givenName', 'sn'],
},
},
'metadata': {
'local': [os.path.join(BASEDIR, 'remote_metadata.xml')],
},
'metadata': saml2_idp_metadata,
'debug': 1,
'key_file': os.path.join(BASEDIR, 'cert.key'),
'cert_file': os.path.join(BASEDIR, 'cert.pem'),
'key_file': saml2_signing_key,
'cert_file': saml2_signing_crt,
'encryption_keypairs': [{
'key_file': os.path.join(BASEDIR, 'enc.key'),
'cert_file': os.path.join(BASEDIR, 'enc.cert'),
'key_file': saml2_encr_key,
'cert_file': saml2_encr_crt,
}],
'contact_person': [
{'given_name': os.environ.get("META_GIVEN_NAME", 'Bastard'),
'sur_name': os.environ.get('META_FAM_NAME', 'Operator'),
'company': os.environ.get('META_COMPANY', 'Corp1'),
'email_address': os.environ.get('META_EMAIL', 'op@example.com'),
'contact_type': 'technical'},
],
'valid_for': 1,
'contact_person': saml2_contact,
'valid_for': 10,
}
DEFAULT_FILE_STORAGE = 'gapc_storage.storage.GoogleCloudStorage'