From 5d87a457f193e18916304c1ddbdc45803d511c21 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Fri, 2 Aug 2019 14:34:52 +0200 Subject: [PATCH] Update example settings --- med/settings.py | 44 ++++++++-- med/settings_local.example.py | 148 +++++++--------------------------- 2 files changed, 67 insertions(+), 125 deletions(-) diff --git a/med/settings.py b/med/settings.py index ad98ba1..bbdc225 100644 --- a/med/settings.py +++ b/med/settings.py @@ -16,7 +16,7 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) SECRET_KEY = 'CHANGE_ME_IN_LOCAL_SETTINGS!' # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True +DEBUG = False ADMINS = ( # ('Admin', 'webmaster@example.com'), @@ -70,8 +70,8 @@ TEMPLATES = [ { 'BACKEND': 'django.template.backends.django.DjangoTemplates', 'DIRS': [ - os.path.join(BASE_DIR, 'templates').replace('\\', '/'), - ], + os.path.join(BASE_DIR, 'templates').replace('\\', '/'), + ], 'APP_DIRS': True, 'OPTIONS': { 'context_processors': [ @@ -153,10 +153,10 @@ PAGINATION_LARGE_NUMBER = 8 # django-bootstrap3 config dictionnary BOOTSTRAP3 = { - 'jquery_url': '/static/js/jquery-2.2.4.min.js', - 'base_url': '/static/bootstrap/', - 'include_jquery': True, - } + 'jquery_url': '/static/js/jquery-2.2.4.min.js', + 'base_url': '/static/bootstrap/', + 'include_jquery': True, +} BOOTSTRAP_BASE_URL = '/static/bootstrap/' STATICFILES_DIRS = ( os.path.join(BASE_DIR, 'static'), @@ -170,6 +170,36 @@ PASSWORD_HASHERS = ( AUTH_USER_MODEL = 'users.User' LOGIN_URL = '/login/' LOGIN_REDIRECT_URL = '/' +SITE_NAME = "Med" + +# Association information +LOGO_PATH = "static_files/logo.png" +ASSO_NAME = "Med" +ASSO_ADDRESS_LINE1 = "61 Avenue du président Wilson" +ASSO_ADDRESS_LINE2 = "94230 Cachan" +ASSO_SIRET = "" +ASSO_EMAIL = "med@lists.crans.org" +ASSO_PHONE = "01 02 03 04 05" + +services_urls = { +} + +# Number of hours a token remains valid after having been created. Numeric and string +# versions should have the same meaning. +REQ_EXPIRE_HRS = 48 +REQ_EXPIRE_STR = '48 heures' + +# Email `From` field +EMAIL_FROM = 'club-med@crans.org' + +MINIMUM_LEVEL = 0 # Découvert autorisé +SEARCH_RESULT = 15 # Affichage des résultats +MAX_EMPRUNT = 5 # Max emprunts +SEARCH_DISPLAY_PAGE = 20 # Affichage des resultats de recherche + +# Utilisateurs autorisés pour la page clef +AUTHORIZED_IP_RANGE = "138.231.0.0/16" +AUTHORIZED_IP6_RANGE = "2a06:e042::/32" try: from .settings_local import * diff --git a/med/settings_local.example.py b/med/settings_local.example.py index 3c0b2fc..4fa2d27 100644 --- a/med/settings_local.example.py +++ b/med/settings_local.example.py @@ -1,129 +1,41 @@ -# Re2o est un logiciel d'administration développé initiallement au rezometz. Il -# se veut agnostique au réseau considéré, de manière à être installable en -# quelques clics. -# -# Copyright © 2017 Gabriel Détraz -# Copyright © 2017 Goulven Kermarec -# Copyright © 2017 Augustin Lemesle -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# -*- mode: python; coding: utf-8 -*- +# Copyright (C) 2018-2019 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later -SECRET_KEY = 'SUPER_SECRET' +# Needed to filter which host are trusted +ALLOWED_HOSTS = ['127.0.0.1', 'med.crans.org', 'zamok.crans.org'] -DB_PASSWORD = 'SUPER_SECRET' +# Emails +EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' +# EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' +# EMAIL_USE_SSL = False +# EMAIL_HOST = 'smtp.crans.org' +# EMAIL_PORT = 25 +# EMAIL_HOST_USER = 'change_me' +# EMAIL_HOST_PASSWORD = 'change_me' + +SERVER_EMAIL = 'club-med@crans.org' + +# Security settings +SECURE_CONTENT_TYPE_NOSNIFF = False +SECURE_BROWSER_XSS_FILTER = False +SESSION_COOKIE_SECURE = False +CSRF_COOKIE_SECURE = False +CSRF_COOKIE_HTTPONLY = False +X_FRAME_OPTIONS = 'DENY' +SESSION_COOKIE_AGE = 60 * 60 * 3 + +SECRET_KEY = 'CHANGE ME !!!' # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = False - -ADMINS = [('Example', 'rezo-admin@example.org')] - -SERVER_EMAIL = 'no-reply@example.org' - -# Obligatoire, liste des host autorisés -ALLOWED_HOSTS = ['test.example.org'] +DEBUG = True DATABASES = { 'default': { 'ENGINE': 'django.db.backends.mysql', - 'NAME': 're2o', - 'USER': 're2o', - 'PASSWORD': DB_PASSWORD, + 'NAME': 'club-med', + 'USER': 'club-med', + 'PASSWORD': 'CHANGE ME !!!', 'HOST': 'localhost', }, - 'ldap': { - 'ENGINE': 'ldapdb.backends.ldap', - 'NAME': 'ldap://10.0.0.0/', - 'USER': 'cn=admin,dc=ldap,dc=example,dc=org', - 'PASSWORD': 'SUPER_SECRET', - } } - -# Security settings -SECURE_CONTENT_TYPE_NOSNIFF = True -SECURE_BROWSER_XSS_FILTER = True -SESSION_COOKIE_SECURE = True -CSRF_COOKIE_SECURE = True -CSRF_COOKIE_HTTPONLY = True -X_FRAME_OPTIONS = 'DENY' -SESSION_COOKIE_AGE = 60 * 60 * 3 - -# Association information - -SITE_NAME = "Re2o.rez" - -# Main extension used in asso -MAIN_EXTENSION = ".rez" - -LOGO_PATH = "static_files/logo.png" -ASSO_NAME = "Asso reseau" -ASSO_ADDRESS_LINE1 = "2, rue Edouard Belin" -ASSO_ADDRESS_LINE2 = "57070 Metz" -ASSO_SIRET = "" -ASSO_EMAIL = "tresorier@ecole.fr" -ASSO_PHONE = "01 02 03 04 05" -ASSO_PSEUDO = "rezo" - -services_urls = { -#Fill IT : ex : 'gitlab': { -# 'url': 'https://gitlab.rezometz.org', -# 'logo': 'gitlab.png', -# 'description': 'Gitlab is cool 8-)'}, - } - -# Number of hours a token remains valid after having been created. Numeric and string -# versions should have the same meaning. -REQ_EXPIRE_HRS = 48 -REQ_EXPIRE_STR = '48 heures' - -# Email `From` field -EMAIL_FROM = 'www-data@serveur.net' - -EMAIL_HOST = 'smtp.example.org' - -# Reglages pour la bdd ldap -LDAP = { - 'base_user_dn' : 'cn=Utilisateurs,dc=ldap,dc=example,dc=org', - 'base_userservice_dn' : 'ou=service-users,dc=ldap,dc=example,dc=org', - 'base_usergroup_dn' : 'ou=posix,ou=groups,dc=ldap,dc=example,dc=org', - 'user_gid' : 500, - } - -UID_RANGES = { - 'users' : [21001,30000], - 'service-users' : [20000,21000], -} - -# Chaque groupe a un gid assigné, voici la place libre pour assignation -GID_RANGES = { - 'posix' : [501, 600], -} - -# Affchage des résultats -SEARCH_RESULT = 15 - -# Max machines et max alias autorisés par personne -MAX_INTERFACES = 4 -MAX_ALIAS = 4 - -# Liste des vlans id disponible sur un switch -VLAN_ID_LIST = [7,8,42,69] - -# Décision radius à prendre -RADIUS_VLAN_DECISION = { - 'VLAN_NOK' : 42, - 'VLAN_OK' : 69, -} - -OPTIONNAL_APPS = ()