Merge production settings in base settings

.env_example

@@ -1,6 +1,6 @@
 DJANGO_APP_STAGE=prod
 # Only used in dev mode, change to "postgresql" if you want to use PostgreSQL in dev
-DJANGO_DEV_STORE_METHOD=sqllite
+DJANGO_DEV_STORE_METHOD=sqlite
 DJANGO_DB_HOST=localhost
 DJANGO_DB_NAME=note_db
 DJANGO_DB_USER=note
@@ -8,13 +8,17 @@ DJANGO_DB_PASSWORD=CHANGE_ME
 DJANGO_DB_PORT=
 DJANGO_SECRET_KEY=CHANGE_ME
 DJANGO_SETTINGS_MODULE=note_kfet.settings
+DJANGO_ALLOWED_HOST=localhost
 CONTACT_EMAIL=tresorerie.bde@localhost
-NOTE_URL=localhost
+DOMAIN=localhost
+
 # Config for mails. Only used in production
 NOTE_MAIL=notekfet@localhost
 EMAIL_HOST=smtp.localhost
-EMAIL_PORT=465
+EMAIL_PORT=25
 EMAIL_USER=notekfet@localhost
 EMAIL_PASSWORD=CHANGE_ME
+
+# Wiki configuration
 WIKI_USER=NoteKfet2020
-WIKI_PASSWORD=
+WIKI_PASSWORD=

README.md

@@ -107,7 +107,7 @@ On supposera pour la suite que vous utilisez Debian/Ubuntu sur un serveur tout n
     et on renseigne des secrets et des paramètres :
     
         DJANGO_APP_STAGE=dev # ou "prod" 
-        DJANGO_DEV_STORE_METHOD=sqllite # ou "postgres"
+        DJANGO_DEV_STORE_METHOD=sqlite # ou "postgres"
         DJANGO_DB_HOST=localhost
         DJANGO_DB_NAME=note_db
         DJANGO_DB_USER=note
@@ -115,13 +115,13 @@ On supposera pour la suite que vous utilisez Debian/Ubuntu sur un serveur tout n
         DJANGO_DB_PORT=
         DJANGO_SECRET_KEY=CHANGE_ME
         DJANGO_SETTINGS_MODULE="note_kfet.settings
+        DJANGO_ALLOWED_HOST=localhost # URL où accéder à la note
         DOMAIN=localhost # note.example.com
         CONTACT_EMAIL=tresorerie.bde@localhost
-        NOTE_URL=localhost # URL où accéder à la note
         # Le reste n'est utile qu'en production, pour configurer l'envoi des mails
         NOTE_MAIL=notekfet@localhost
         EMAIL_HOST=smtp.localhost
-        EMAIL_PORT=465
+        EMAIL_PORT=25
         EMAIL_USER=notekfet@localhost
         EMAIL_PASSWORD=CHANGE_ME
         WIKI_USER=NoteKfet2020

note_kfet/settings/__init__.py

@@ -3,8 +3,7 @@
 
 from django.utils.translation import gettext_lazy as _
 import re
-
+import os
-from .base import *
 
 
 def read_env():
@@ -30,12 +29,15 @@ def read_env():
             os.environ.setdefault(key, val)
 
 
+# Try to load environment variables from project .env
 read_env()
 
-app_stage = os.environ.get('DJANGO_APP_STAGE', 'dev')
+# Load base settings
-if app_stage == 'prod':
+from .base import *
-    from .production import *
+
-else:
+# If in dev mode, then override some settings
+app_stage = os.getenv('DJANGO_APP_STAGE', 'dev')
+if app_stage == 'dev':
     from .development import *
 
 try:

note_kfet/settings/base.py

@@ -1,6 +1,9 @@
 # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+# This file implements sane defaults to use in production.
+# Some settings are overridable with an environment variable.
+
 import os
 
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
@@ -10,12 +13,14 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__fil
 # See https://docs.djangoproject.com/en/2.2/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = os.getenv('DJANGO_SECRET_KEY', 'CHANGE_ME_IN_LOCAL_SETTINGS!')
+SECRET_KEY = os.getenv('DJANGO_SECRET_KEY', 'CHANGE_ME_IN_ENV_SETTINGS')
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = os.getenv('DJANGO_DEBUG', False)
 
-ALLOWED_HOSTS = []
+ALLOWED_HOSTS = [
+    os.getenv('DJANGO_ALLOWED_HOST', 'localhost'),
+]
 
 
 # Application definition
@@ -97,9 +102,10 @@ WSGI_APPLICATION = 'note_kfet.wsgi.application'
 
 DATABASES = {
     'default': {
-        'ENGINE': os.getenv('DJANGO_DB_ENGINE', 'django.db.backends.sqlite3'),
+        'ENGINE': os.getenv('DJANGO_DB_ENGINE', 'django.db.backends.postgresql'),
-        'NAME': os.getenv('DJANGO_DB_NAME', os.path.join(BASE_DIR, 'db.sqlite3')),
+        'NAME': os.getenv('DJANGO_DB_NAME', 'note_db'),
         'USER': os.getenv('DJANGO_DB_USER', 'note'),
+        'PASSWORD': os.getenv('DJANGO_DB_PASSWORD', 'CHANGE_ME_IN_ENV_SETTINGS'),
         'HOST': os.getenv('DJANGO_DB_HOST', 'localhost'),
         'PORT': os.getenv('DJANGO_DB_PORT', ''),  # Use default port
     }
@@ -164,7 +170,6 @@ STATIC_ROOT = os.path.join(BASE_DIR, "static/")
 # Add /apps/ directory to Python modules search path
 import sys
 sys.path.append(os.path.realpath(os.path.join(BASE_DIR, 'apps')))
-print(BASE_DIR, sys.path)
 
 # Use /locale/ for locale files
 LOCALE_PATHS = [os.path.join(BASE_DIR, 'locale')]
@@ -188,6 +193,19 @@ AUTHENTICATION_BACKENDS = (
 MEDIA_ROOT = os.path.join(BASE_DIR, "media")
 MEDIA_URL = '/media/'
 
+# Use mailer in production to place emails in a queue before sending them to avoid spam
+EMAIL_BACKEND = 'mailer.backend.DbBackend'
+MAILER_EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
+EMAIL_USE_SSL = os.getenv('EMAIL_USE_SSL', False)
+EMAIL_HOST = os.getenv('EMAIL_HOST', 'smtp.example.org')
+EMAIL_PORT = os.getenv('EMAIL_PORT', 25)
+EMAIL_HOST_USER = os.getenv('EMAIL_USER', None)
+EMAIL_HOST_PASSWORD = os.getenv('EMAIL_PASSWORD', None)
+
+# Mail will be sent from this address
+SERVER_EMAIL = os.getenv("NOTE_MAIL", "notekfet@example.com")
+DEFAULT_FROM_EMAIL = "NoteKfet2020 <" + SERVER_EMAIL + ">"
+
 # Django REST Framework
 REST_FRAMEWORK = {
     'DEFAULT_PERMISSION_CLASSES': [
@@ -209,6 +227,9 @@ FORM_RENDERER = 'django.forms.renderers.TemplatesSetting'
 # After login redirect user to transfer page
 LOGIN_REDIRECT_URL = '/note/transfer/'
 
+# An user session will expired after 3 hours
+SESSION_COOKIE_AGE = 60 * 60 * 3
+
 # Use Crispy Bootstrap4 theme
 CRISPY_TEMPLATE_PACK = 'bootstrap4'
 
@@ -218,11 +239,6 @@ DJANGO_TABLES2_TEMPLATE = 'django_tables2/bootstrap4.html'
 # Use only one Django Sites
 SITE_ID = 1
 
-# When a server error occured, send an email to these addresses
-ADMINS = (
-    # ('Admin', 'webmaster@example.com'),
-)
-
 # Default regex to validate users aliases
 ALIAS_VALIDATOR_REGEX = r''
 

note_kfet/settings/development.py

@@ -5,30 +5,15 @@
 # Development Settings #
 ########################
 # For local dev on your machine:
-#  - Enabled by default
+#  - debug by default
-#  - use sqlite as a db engine , Debug is True.
+#  - use sqlite as a db engine by default
 #  - standalone mail server
-#  - and more ...
+#  - and more...
-
 
 import os
 
-# Database
+if os.getenv("DJANGO_DEV_STORE_METHOD", "sqlite") != "postgresql":
-# https://docs.djangoproject.com/en/2.2/ref/settings/#databases
+    # Use an SQLite database
-from . import *
-
-if os.getenv("DJANGO_DEV_STORE_METHOD", "sqllite") == "postgresql":
-    DATABASES = {
-        'default': {
-            'ENGINE': 'django.db.backends.postgresql_psycopg2',
-            'NAME': os.environ.get('DJANGO_DB_NAME', 'note_db'),
-            'USER': os.environ.get('DJANGO_DB_USER', 'note'),
-            'PASSWORD': os.environ.get('DJANGO_DB_PASSWORD', 'CHANGE_ME_IN_ENV_SETTINGS'),
-            'HOST': os.environ.get('DJANGO_DB_HOST', 'localhost'),
-            'PORT': os.environ.get('DJANGO_DB_PORT', ''),  # Use default port
-        }
-    }
-else:
     DATABASES = {
         'default': {
             'ENGINE': 'django.db.backends.sqlite3',
@@ -39,15 +24,14 @@ else:
 # Break it, fix it!
 DEBUG = True
 
-# Mandatory !
+# Allow access from all hostnames
 ALLOWED_HOSTS = ['*']
 
-# Emails
+# Drop emails to server console
 EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
-
 SERVER_EMAIL = 'notekfet@localhost'
 
-# Security settings
+# Disable some security settings
 SECURE_CONTENT_TYPE_NOSNIFF = False
 SECURE_BROWSER_XSS_FILTER = False
 SESSION_COOKIE_SECURE = False
@@ -55,7 +39,3 @@ CSRF_COOKIE_SECURE = False
 CSRF_COOKIE_HTTPONLY = False
 X_FRAME_OPTIONS = 'DENY'
 SESSION_COOKIE_AGE = 60 * 60 * 3
-
-STATIC_ROOT = ''  # not needed in development settings
-STATICFILES_DIRS = [
-    os.path.join(BASE_DIR, 'static')]

note_kfet/settings/production.py

@@ -1,54 +0,0 @@
-# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-import os
-
-########################
-# Production  Settings #
-########################
-# For local dev on your machine:
-#  - Enabled by setting env variable DJANGO_APP_STAGE = 'prod'
-#  - use Postgresql as db engine
-#  - Debug should be false.
-#  - should have a dedicated mail server
-#  - and more ...
-
-DATABASES = {
-    'default': {
-        'ENGINE': 'django.db.backends.postgresql_psycopg2',
-        'NAME': os.environ.get('DJANGO_DB_NAME', 'note_db'),
-        'USER': os.environ.get('DJANGO_DB_USER', 'note'),
-        'PASSWORD': os.environ.get('DJANGO_DB_PASSWORD', 'CHANGE_ME_IN_ENV_SETTINGS'),
-        'HOST': os.environ.get('DJANGO_DB_HOST', 'localhost'),
-        'PORT': os.environ.get('DJANGO_DB_PORT', ''),  # Use default port
-    }
-}
-
-# Break it, fix it!
-DEBUG = False
-
-# Mandatory !
-ALLOWED_HOSTS = [os.environ.get('NOTE_URL', 'localhost')]
-
-SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY', 'CHANGE_ME_IN_ENV_SETTINGS')
-
-# Emails
-EMAIL_BACKEND = 'mailer.backend.DbBackend'  # Mailer place emails in a queue before sending them to avoid spam
-MAILER_EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
-EMAIL_USE_SSL = False
-EMAIL_HOST = os.getenv('EMAIL_HOST', 'smtp.example.org')
-EMAIL_PORT = os.getenv('EMAIL_PORT', 465)
-EMAIL_HOST_USER = os.getenv('EMAIL_USER', None)
-EMAIL_HOST_PASSWORD = os.getenv('EMAIL_PASSWORD', None)
-
-SERVER_EMAIL = os.getenv("NOTE_MAIL", "notekfet@example.com")
-DEFAULT_FROM_EMAIL = "NoteKfet2020 <" + SERVER_EMAIL + ">"
-
-# Security settings
-SECURE_CONTENT_TYPE_NOSNIFF = False
-SECURE_BROWSER_XSS_FILTER = False
-SESSION_COOKIE_SECURE = False
-CSRF_COOKIE_SECURE = False
-CSRF_COOKIE_HTTPONLY = False
-X_FRAME_OPTIONS = 'DENY'
-SESSION_COOKIE_AGE = 60 * 60 * 3

note_kfet/settings/secrets_example.py

@@ -7,4 +7,7 @@ OPTIONAL_APPS = [
 #    'debug_toolbar'
 ]
 
-ADMINS = [('Note Kfet', 'notekfet@example.com')]
+# When a server error occured, send an email to these addresses
+ADMINS = (
+    ('Note Kfet', 'notekfet@example.com'),
+)