From 3d88d0571c5ac64b6beb79187d78c574fa295957 Mon Sep 17 00:00:00 2001 From: navanchauhan Date: Sun, 7 Aug 2022 14:41:30 -0400 Subject: [PATCH] remove useless --- conf/php-fpm.conf | 430 ------------------------------------------- conf/settings.py | 456 ---------------------------------------------- 2 files changed, 886 deletions(-) delete mode 100644 conf/php-fpm.conf delete mode 100644 conf/settings.py diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf deleted file mode 100644 index ab1a471..0000000 --- a/conf/php-fpm.conf +++ /dev/null @@ -1,430 +0,0 @@ -; Start a new pool named 'www'. -; the variable $pool can be used in any directive and will be replaced by the -; pool name ('www' here) -[__NAMETOCHANGE__] - -; Per pool prefix -; It only applies on the following directives: -; - 'access.log' -; - 'slowlog' -; - 'listen' (unixsocket) -; - 'chroot' -; - 'chdir' -; - 'php_values' -; - 'php_admin_values' -; When not set, the global prefix (or /usr) applies instead. -; Note: This directive can also be relative to the global prefix. -; Default Value: none -;prefix = /path/to/pools/$pool - -; Unix user/group of processes -; Note: The user is mandatory. If the group is not set, the default user's group -; will be used. -user = __USER__ -group = __USER__ - -; The address on which to accept FastCGI requests. -; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on -; a specific port; -; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on -; a specific port; -; 'port' - to listen on a TCP socket to all addresses -; (IPv6 and IPv4-mapped) on a specific port; -; '/path/to/unix/socket' - to listen on a unix socket. -; Note: This value is mandatory. -listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock - -; Set listen(2) backlog. -; Default Value: 511 (-1 on FreeBSD and OpenBSD) -;listen.backlog = 511 - -; Set permissions for unix socket, if one is used. In Linux, read/write -; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. -; Default Values: user and group are set as the running user -; mode is set to 0660 -listen.owner = www-data -listen.group = www-data -;listen.mode = 0660 -; When POSIX Access Control Lists are supported you can set them using -; these options, value is a comma separated list of user/group names. -; When set, listen.owner and listen.group are ignored -;listen.acl_users = -;listen.acl_groups = - -; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. -; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original -; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address -; must be separated by a comma. If this value is left blank, connections will be -; accepted from any ip address. -; Default Value: any -;listen.allowed_clients = 127.0.0.1 - -; Specify the nice(2) priority to apply to the pool processes (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool processes will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user -; or group is differrent than the master process user. It allows to create process -; core dump and ptrace the process for the pool user. -; Default Value: no -; process.dumpable = yes - -; Choose how the process manager will control the number of child processes. -; Possible Values: -; static - a fixed number (pm.max_children) of child processes; -; dynamic - the number of child processes are set dynamically based on the -; following directives. With this process management, there will be -; always at least 1 children. -; pm.max_children - the maximum number of children that can -; be alive at the same time. -; pm.start_servers - the number of children created on startup. -; pm.min_spare_servers - the minimum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is less than this -; number then some children will be created. -; pm.max_spare_servers - the maximum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is greater than this -; number then some children will be killed. -; ondemand - no children are created at startup. Children will be forked when -; new requests will connect. The following parameter are used: -; pm.max_children - the maximum number of children that -; can be alive at the same time. -; pm.process_idle_timeout - The number of seconds after which -; an idle process will be killed. -; Note: This value is mandatory. -pm = dynamic - -; The number of child processes to be created when pm is set to 'static' and the -; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. -; This value sets the limit on the number of simultaneous requests that will be -; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. -; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP -; CGI. The below defaults are based on a server without much resources. Don't -; forget to tweak pm.* to fit your needs. -; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' -; Note: This value is mandatory. -pm.max_children = 5 - -; The number of child processes created on startup. -; Note: Used only when pm is set to 'dynamic' -; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 2 - -; The desired minimum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 1 - -; The desired maximum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 3 - -; The number of seconds after which an idle process will be killed. -; Note: Used only when pm is set to 'ondemand' -; Default Value: 10s -;pm.process_idle_timeout = 10s; - -; The number of requests each child process should execute before respawning. -; This can be useful to work around memory leaks in 3rd party libraries. For -; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. -; Default Value: 0 -;pm.max_requests = 500 - -; The URI to view the FPM status page. If this value is not set, no URI will be -; recognized as a status page. It shows the following informations: -; pool - the name of the pool; -; process manager - static, dynamic or ondemand; -; start time - the date and time FPM has started; -; start since - number of seconds since FPM has started; -; accepted conn - the number of request accepted by the pool; -; listen queue - the number of request in the queue of pending -; connections (see backlog in listen(2)); -; max listen queue - the maximum number of requests in the queue -; of pending connections since FPM has started; -; listen queue len - the size of the socket queue of pending connections; -; idle processes - the number of idle processes; -; active processes - the number of active processes; -; total processes - the number of idle + active processes; -; max active processes - the maximum number of active processes since FPM -; has started; -; max children reached - number of times, the process limit has been reached, -; when pm tries to start more children (works only for -; pm 'dynamic' and 'ondemand'); -; Value are updated in real time. -; Example output: -; pool: www -; process manager: static -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 62636 -; accepted conn: 190460 -; listen queue: 0 -; max listen queue: 1 -; listen queue len: 42 -; idle processes: 4 -; active processes: 11 -; total processes: 15 -; max active processes: 12 -; max children reached: 0 -; -; By default the status page output is formatted as text/plain. Passing either -; 'html', 'xml' or 'json' in the query string will return the corresponding -; output syntax. Example: -; http://www.foo.bar/status -; http://www.foo.bar/status?json -; http://www.foo.bar/status?html -; http://www.foo.bar/status?xml -; -; By default the status page only outputs short status. Passing 'full' in the -; query string will also return status for each pool process. -; Example: -; http://www.foo.bar/status?full -; http://www.foo.bar/status?json&full -; http://www.foo.bar/status?html&full -; http://www.foo.bar/status?xml&full -; The Full status returns for each process: -; pid - the PID of the process; -; state - the state of the process (Idle, Running, ...); -; start time - the date and time the process has started; -; start since - the number of seconds since the process has started; -; requests - the number of requests the process has served; -; request duration - the duration in µs of the requests; -; request method - the request method (GET, POST, ...); -; request URI - the request URI with the query string; -; content length - the content length of the request (only with POST); -; user - the user (PHP_AUTH_USER) (or '-' if not set); -; script - the main script called (or '-' if not set); -; last request cpu - the %cpu the last request consumed -; it's always 0 if the process is not in Idle state -; because CPU calculation is done when the request -; processing has terminated; -; last request memory - the max amount of memory the last request consumed -; it's always 0 if the process is not in Idle state -; because memory calculation is done when the request -; processing has terminated; -; If the process is in Idle state, then informations are related to the -; last request the process has served. Otherwise informations are related to -; the current request being served. -; Example output: -; ************************ -; pid: 31330 -; state: Running -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 63087 -; requests: 12808 -; request duration: 1250261 -; request method: GET -; request URI: /test_mem.php?N=10000 -; content length: 0 -; user: - -; script: /home/fat/web/docs/php/test_mem.php -; last request cpu: 0.00 -; last request memory: 0 -; -; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/share/php/7.0/fpm/status.html -; -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;pm.status_path = /status - -; The ping URI to call the monitoring page of FPM. If this value is not set, no -; URI will be recognized as a ping page. This could be used to test from outside -; that FPM is alive and responding, or to -; - create a graph of FPM availability (rrd or such); -; - remove a server from a group if it is not responding (load balancing); -; - trigger alerts for the operating team (24/7). -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;ping.path = /ping - -; This directive may be used to customize the response of a ping request. The -; response is formatted as text/plain with a 200 response code. -; Default Value: pong -;ping.response = pong - -; The access log file -; Default: not set -;access.log = log/$pool.access.log - -; The access log format. -; The following syntax is allowed -; %%: the '%' character -; %C: %CPU used by the request -; it can accept the following format: -; - %{user}C for user CPU only -; - %{system}C for system CPU only -; - %{total}C for user + system CPU (default) -; %d: time taken to serve the request -; it can accept the following format: -; - %{seconds}d (default) -; - %{miliseconds}d -; - %{mili}d -; - %{microseconds}d -; - %{micro}d -; %e: an environment variable (same as $_ENV or $_SERVER) -; it must be associated with embraces to specify the name of the env -; variable. Some exemples: -; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e -; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e -; %f: script filename -; %l: content-length of the request (for POST request only) -; %m: request method -; %M: peak of memory allocated by PHP -; it can accept the following format: -; - %{bytes}M (default) -; - %{kilobytes}M -; - %{kilo}M -; - %{megabytes}M -; - %{mega}M -; %n: pool name -; %o: output header -; it must be associated with embraces to specify the name of the header: -; - %{Content-Type}o -; - %{X-Powered-By}o -; - %{Transfert-Encoding}o -; - .... -; %p: PID of the child that serviced the request -; %P: PID of the parent of the child that serviced the request -; %q: the query string -; %Q: the '?' character if query string exists -; %r: the request URI (without the query string, see %q and %Q) -; %R: remote IP address -; %s: status (response code) -; %t: server time the request was received -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; The strftime(3) format must be encapsuled in a %{}t tag -; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t -; %T: time the log has been written (the request has finished) -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; The strftime(3) format must be encapsuled in a %{}t tag -; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t -; %u: remote user -; -; Default: "%R - %u %t \"%m %r\" %s" -;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - -; The log file for slow requests -; Default Value: not set -; Note: slowlog is mandatory if request_slowlog_timeout is set -;slowlog = log/$pool.log.slow - -; The timeout for serving a single request after which a PHP backtrace will be -; dumped to the 'slowlog' file. A value of '0s' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_slowlog_timeout = 0 - -; The timeout for serving a single request after which the worker process will -; be killed. This option should be used when the 'max_execution_time' ini option -; does not stop script execution for some reason. A value of '0' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -request_terminate_timeout = 1d - -; Set open file descriptor rlimit. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Chroot to this directory at the start. This value must be defined as an -; absolute path. When this value is not set, chroot is not used. -; Note: you can prefix with '$prefix' to chroot to the pool prefix or one -; of its subdirectories. If the pool prefix is not set, the global prefix -; will be used instead. -; Note: chrooting is a great security feature and should be used whenever -; possible. However, all PHP paths will be relative to the chroot -; (error_log, sessions.save_path, ...). -; Default Value: not set -;chroot = - -; Chdir to this directory at the start. -; Note: relative path can be used. -; Default Value: current directory or / when chroot -chdir = __FINALPATH__ - -; Redirect worker stdout and stderr into main error log. If not set, stdout and -; stderr will be redirected to /dev/null according to FastCGI specs. -; Note: on highloaded environement, this can cause some delay in the page -; process time (several ms). -; Default Value: no -;catch_workers_output = yes - -; Clear environment in FPM workers -; Prevents arbitrary environment variables from reaching FPM worker processes -; by clearing the environment in workers before env vars specified in this -; pool configuration are added. -; Setting to "no" will make all environment variables available to PHP code -; via getenv(), $_ENV and $_SERVER. -; Default Value: yes -;clear_env = no - -; Limits the extensions of the main script FPM will allow to parse. This can -; prevent configuration mistakes on the web server side. You should only limit -; FPM to .php extensions to prevent malicious users to use other extensions to -; execute php code. -; Note: set an empty value to allow all extensions. -; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 .php7 - -; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from -; the current environment. -; Default Value: clean env -;env[HOSTNAME] = $HOSTNAME -;env[PATH] = /usr/local/bin:/usr/bin:/bin -;env[TMP] = /tmp -;env[TMPDIR] = /tmp -;env[TEMP] = /tmp - -; Additional php.ini defines, specific to this pool of workers. These settings -; overwrite the values previously defined in the php.ini. The directives are the -; same as the PHP SAPI: -; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. -; php_admin_value/php_admin_flag - these directives won't be overwritten by -; PHP call 'ini_set' -; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. - -; Defining 'extension' will load the corresponding shared extension from -; extension_dir. Defining 'disable_functions' or 'disable_classes' will not -; overwrite previously defined php.ini values, but will append the new value -; instead. - -; Note: path INI options can be relative and will be expanded with the prefix -; (pool, global or /usr) - -; Default Value: nothing is defined by default except the values in php.ini and -; specified at startup with the -d argument -;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com -;php_flag[display_errors] = off -;php_admin_value[error_log] = /var/log/fpm-php.www.log -;php_admin_flag[log_errors] = on -;php_admin_value[memory_limit] = 32M - -; Common values to change to increase file upload limit -; php_admin_value[upload_max_filesize] = 50M -; php_admin_value[post_max_size] = 50M -; php_admin_flag[mail.add_x_header] = Off - -; Other common parameters -; php_admin_value[max_execution_time] = 600 -; php_admin_value[max_input_time] = 300 -; php_admin_value[memory_limit] = 256M -; php_admin_flag[short_open_tag] = On diff --git a/conf/settings.py b/conf/settings.py deleted file mode 100644 index 56bb350..0000000 --- a/conf/settings.py +++ /dev/null @@ -1,456 +0,0 @@ -""" -Django settings for recipes project. - -Generated by 'django-admin startproject' using Django 2.0.1. - -For more information on this file, see -https://docs.djangoproject.com/en/2.0/topics/settings/ - -For the full list of settings and their values, see -https://docs.djangoproject.com/en/2.0/ref/settings/ -""" -import ast -import json -import os -import re - -from django.contrib import messages -from django.utils.translation import gettext_lazy as _ -from dotenv import load_dotenv - -load_dotenv() -BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) - -# Get vars from .env files -SECRET_KEY = os.getenv('SECRET_KEY') if os.getenv('SECRET_KEY') else 'INSECURE_STANDARD_KEY_SET_IN_ENV' - -DEBUG = bool(int(os.getenv('DEBUG', True))) - -SOCIAL_DEFAULT_ACCESS = bool(int(os.getenv('SOCIAL_DEFAULT_ACCESS', False))) -SOCIAL_DEFAULT_GROUP = os.getenv('SOCIAL_DEFAULT_GROUP', 'guest') - -SPACE_DEFAULT_MAX_RECIPES = int(os.getenv('SPACE_DEFAULT_MAX_RECIPES', 0)) -SPACE_DEFAULT_MAX_USERS = int(os.getenv('SPACE_DEFAULT_MAX_USERS', 0)) -SPACE_DEFAULT_MAX_FILES = int(os.getenv('SPACE_DEFAULT_MAX_FILES', 0)) -SPACE_DEFAULT_ALLOW_SHARING = bool(int(os.getenv('SPACE_DEFAULT_ALLOW_SHARING', True))) - -INTERNAL_IPS = os.getenv('INTERNAL_IPS').split(',') if os.getenv('INTERNAL_IPS') else ['127.0.0.1'] - -# allow djangos wsgi server to server mediafiles -GUNICORN_MEDIA = bool(int(os.getenv('GUNICORN_MEDIA', True))) - -REVERSE_PROXY_AUTH = bool(int(os.getenv('REVERSE_PROXY_AUTH', False))) - -# default value for user preference 'comment' -COMMENT_PREF_DEFAULT = bool(int(os.getenv('COMMENT_PREF_DEFAULT', True))) -FRACTION_PREF_DEFAULT = bool(int(os.getenv('FRACTION_PREF_DEFAULT', False))) -KJ_PREF_DEFAULT = bool(int(os.getenv('KJ_PREF_DEFAULT', False))) -STICKY_NAV_PREF_DEFAULT = bool(int(os.getenv('STICKY_NAV_PREF_DEFAULT', True))) - -# minimum interval that users can set for automatic sync of shopping lists -SHOPPING_MIN_AUTOSYNC_INTERVAL = int(os.getenv('SHOPPING_MIN_AUTOSYNC_INTERVAL', 5)) - -ALLOWED_HOSTS = os.getenv('ALLOWED_HOSTS').split(',') if os.getenv('ALLOWED_HOSTS') else ['*'] - -if os.getenv('CSRF_TRUSTED_ORIGINS'): - CSRF_TRUSTED_ORIGINS = os.getenv('CSRF_TRUSTED_ORIGINS').split(',') - -CORS_ORIGIN_ALLOW_ALL = True - -LOGIN_REDIRECT_URL = "index" -LOGOUT_REDIRECT_URL = "index" -ACCOUNT_LOGOUT_REDIRECT_URL = "index" -ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL = "index" - -SESSION_EXPIRE_AT_BROWSER_CLOSE = False -SESSION_COOKIE_AGE = 365 * 60 * 24 * 60 - -CRISPY_TEMPLATE_PACK = 'bootstrap4' -DJANGO_TABLES2_TEMPLATE = 'cookbook/templates/generic/table_template.html' -DJANGO_TABLES2_PAGE_RANGE = 8 - -HCAPTCHA_SITEKEY = os.getenv('HCAPTCHA_SITEKEY', '') -HCAPTCHA_SECRET = os.getenv('HCAPTCHA_SECRET', '') - -SHARING_ABUSE = bool(int(os.getenv('SHARING_ABUSE', False))) -SHARING_LIMIT = int(os.getenv('SHARING_LIMIT', 0)) - -ACCOUNT_SIGNUP_FORM_CLASS = 'cookbook.forms.AllAuthSignupForm' - -TERMS_URL = os.getenv('TERMS_URL', '') -PRIVACY_URL = os.getenv('PRIVACY_URL', '') -IMPRINT_URL = os.getenv('IMPRINT_URL', '') -HOSTED = bool(int(os.getenv('HOSTED', False))) - -MESSAGE_TAGS = { - messages.ERROR: 'danger' -} - -# Application definition - -INSTALLED_APPS = [ - 'dal', - 'dal_select2', - 'django.contrib.admin', - 'django.contrib.auth', - 'django.contrib.contenttypes', - 'django.contrib.sessions', - 'django.contrib.messages', - 'django.contrib.sites', - 'django.contrib.staticfiles', - 'django.contrib.postgres', - 'oauth2_provider', - 'django_prometheus', - 'django_tables2', - 'corsheaders', - 'crispy_forms', - 'rest_framework', - 'rest_framework.authtoken', - 'django_cleanup.apps.CleanupConfig', - 'webpack_loader', - 'django_js_reverse', - 'hcaptcha', - 'allauth', - 'allauth.account', - 'allauth.socialaccount', - 'cookbook.apps.CookbookConfig', - 'treebeard', -] - -SOCIAL_PROVIDERS = os.getenv('SOCIAL_PROVIDERS').split(',') if os.getenv('SOCIAL_PROVIDERS') else [] -SOCIALACCOUNT_EMAIL_VERIFICATION = 'none' -INSTALLED_APPS = INSTALLED_APPS + SOCIAL_PROVIDERS - -ACCOUNT_SIGNUP_EMAIL_ENTER_TWICE = True -ACCOUNT_MAX_EMAIL_ADDRESSES = 3 -ACCOUNT_EMAIL_REQUIRED = True -ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS = 90 -ACCOUNT_LOGOUT_ON_GET = True - -try: - SOCIALACCOUNT_PROVIDERS = ast.literal_eval( - os.getenv('SOCIALACCOUNT_PROVIDERS') if os.getenv('SOCIALACCOUNT_PROVIDERS') else '{}') -except ValueError: - SOCIALACCOUNT_PROVIDERS = json.loads( - os.getenv('SOCIALACCOUNT_PROVIDERS').replace("'", '"') if os.getenv('SOCIALACCOUNT_PROVIDERS') else '{}') - -SESSION_COOKIE_DOMAIN = os.getenv('SESSION_COOKIE_DOMAIN', None) -SESSION_COOKIE_NAME = os.getenv('SESSION_COOKIE_NAME', 'sessionid') - -ENABLE_SIGNUP = bool(int(os.getenv('ENABLE_SIGNUP', False))) - -ENABLE_METRICS = bool(int(os.getenv('ENABLE_METRICS', False))) - -ENABLE_PDF_EXPORT = bool(int(os.getenv('ENABLE_PDF_EXPORT', False))) -EXPORT_FILE_CACHE_DURATION = int(os.getenv('EXPORT_FILE_CACHE_DURATION', 600)) - -MIDDLEWARE = [ - 'corsheaders.middleware.CorsMiddleware', - 'django.middleware.security.SecurityMiddleware', - 'whitenoise.middleware.WhiteNoiseMiddleware', - 'django.contrib.sessions.middleware.SessionMiddleware', - 'django.middleware.common.CommonMiddleware', - 'django.middleware.csrf.CsrfViewMiddleware', - 'django.contrib.auth.middleware.AuthenticationMiddleware', - 'django.contrib.messages.middleware.MessageMiddleware', - 'django.middleware.locale.LocaleMiddleware', - 'django.middleware.clickjacking.XFrameOptionsMiddleware', - 'cookbook.helper.scope_middleware.ScopeMiddleware', -] - -SORT_TREE_BY_NAME = bool(int(os.getenv('SORT_TREE_BY_NAME', False))) -DISABLE_TREE_FIX_STARTUP = bool(int(os.getenv('DISABLE_TREE_FIX_STARTUP', False))) - -if bool(int(os.getenv('SQL_DEBUG', False))): - MIDDLEWARE += ('recipes.middleware.SqlPrintingMiddleware',) - -if ENABLE_METRICS: - MIDDLEWARE += 'django_prometheus.middleware.PrometheusAfterMiddleware', - -# Auth related settings -AUTHENTICATION_BACKENDS = [] - -# LDAP -LDAP_AUTH = bool(os.getenv('LDAP_AUTH', False)) -if LDAP_AUTH: - import ldap - from django_auth_ldap.config import LDAPSearch - - AUTHENTICATION_BACKENDS.append('django_auth_ldap.backend.LDAPBackend') - AUTH_LDAP_SERVER_URI = os.getenv('AUTH_LDAP_SERVER_URI') - AUTH_LDAP_BIND_DN = os.getenv('AUTH_LDAP_BIND_DN') - AUTH_LDAP_BIND_PASSWORD = os.getenv('AUTH_LDAP_BIND_PASSWORD') - AUTH_LDAP_USER_SEARCH = LDAPSearch( - os.getenv('AUTH_LDAP_USER_SEARCH_BASE_DN'), - ldap.SCOPE_SUBTREE, - os.getenv('AUTH_LDAP_USER_SEARCH_FILTER_STR', '(uid=%(user)s)'), - ) - AUTH_LDAP_USER_ATTR_MAP = ast.literal_eval(os.getenv('AUTH_LDAP_USER_ATTR_MAP')) if os.getenv('AUTH_LDAP_USER_ATTR_MAP') else { - 'first_name': 'givenName', - 'last_name': 'sn', - 'email': 'mail', - } - AUTH_LDAP_ALWAYS_UPDATE_USER = bool(int(os.getenv('AUTH_LDAP_ALWAYS_UPDATE_USER', True))) - AUTH_LDAP_CACHE_TIMEOUT = int(os.getenv('AUTH_LDAP_CACHE_TIMEOUT', 3600)) - if 'AUTH_LDAP_TLS_CACERTFILE' in os.environ: - AUTH_LDAP_GLOBAL_OPTIONS = {ldap.OPT_X_TLS_CACERTFILE: os.getenv('AUTH_LDAP_TLS_CACERTFILE')} - if DEBUG: - LOGGING = { - "version": 1, - "disable_existing_loggers": False, - "handlers": {"console": {"class": "logging.StreamHandler"}}, - "loggers": {"django_auth_ldap": {"level": "DEBUG", "handlers": ["console"]}}, - } - -AUTHENTICATION_BACKENDS += [ - 'django.contrib.auth.backends.ModelBackend', - 'allauth.account.auth_backends.AuthenticationBackend', -] - -# django allauth site id -SITE_ID = int(os.getenv('ALLAUTH_SITE_ID', 1)) - -ACCOUNT_ADAPTER = 'cookbook.helper.AllAuthCustomAdapter' - -if REVERSE_PROXY_AUTH: - MIDDLEWARE.insert(8, 'recipes.middleware.CustomRemoteUser') - AUTHENTICATION_BACKENDS.append('django.contrib.auth.backends.RemoteUserBackend') - -# Password validation -# https://docs.djangoproject.com/en/2.0/ref/settings/#auth-password-validators - -AUTH_PASSWORD_VALIDATORS = [ - { - 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', - }, - { - 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', - }, - { - 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', - }, - { - 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', - }, -] - -SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') - -OAUTH2_PROVIDER = { - 'SCOPES': {'read': 'Read scope', 'write': 'Write scope', 'bookmarklet': 'only access to bookmarklet'} -} -READ_SCOPE = 'read' -WRITE_SCOPE = 'write' - - -REST_FRAMEWORK = { - 'DEFAULT_AUTHENTICATION_CLASSES': ( - 'rest_framework.authentication.SessionAuthentication', - 'oauth2_provider.contrib.rest_framework.OAuth2Authentication', - 'rest_framework.authentication.BasicAuthentication', - ), - 'DEFAULT_PERMISSION_CLASSES': [ - 'rest_framework.permissions.IsAuthenticated', - ], -} - -ROOT_URLCONF = 'recipes.urls' - -TEMPLATES = [ - { - 'BACKEND': 'django.template.backends.django.DjangoTemplates', - 'DIRS': [os.path.join(BASE_DIR, 'templates'), os.path.join(BASE_DIR, 'cookbook', 'templates')], - 'APP_DIRS': True, - 'OPTIONS': { - 'context_processors': [ - 'django.template.context_processors.debug', - 'django.template.context_processors.request', - 'django.contrib.auth.context_processors.auth', - 'django.contrib.messages.context_processors.messages', - 'django.template.context_processors.media', - 'cookbook.helper.context_processors.context_settings', - ], - }, - }, -] - -WSGI_APPLICATION = 'recipes.wsgi.application' - -# Database -# Load settings from env files -if os.getenv('DATABASE_URL'): - match = re.match( - r'(?P\w+):\/\/(?P[\w\d_-]+)(:(?P[^@]+))?@(?P[^:/]+)(:(?P\d+))?(\/(?P[\w\d\/\._-]+))?', - os.getenv('DATABASE_URL') - ) - settings = match.groupdict() - schema = settings['schema'] - if schema.startswith('postgres'): - engine = 'django.db.backends.postgresql' - elif schema == 'sqlite': - engine = 'django.db.backends.sqlite3' - else: - raise Exception("Unsupported database schema: '%s'" % schema) - - DATABASES = { - 'default': { - 'ENGINE': engine, - 'OPTIONS': ast.literal_eval(os.getenv('DB_OPTIONS')) if os.getenv('DB_OPTIONS') else {}, - 'HOST': settings['host'], - 'PORT': settings['port'], - 'USER': settings['user'], - 'PASSWORD': settings['password'], - 'NAME': settings['database'], - 'CONN_MAX_AGE': 600, - } - } -else: - DATABASES = { - 'default': { - 'ENGINE': os.getenv('DB_ENGINE') if os.getenv('DB_ENGINE') else 'django.db.backends.sqlite3', - 'OPTIONS': ast.literal_eval(os.getenv('DB_OPTIONS')) if os.getenv('DB_OPTIONS') else {}, - 'HOST': os.getenv('POSTGRES_HOST'), - 'PORT': os.getenv('POSTGRES_PORT'), - 'USER': os.getenv('POSTGRES_USER'), - 'PASSWORD': os.getenv('POSTGRES_PASSWORD'), - 'NAME': os.getenv('POSTGRES_DB') if os.getenv('POSTGRES_DB') else 'db.sqlite3', - 'CONN_MAX_AGE': 60, - } - } - -# Local testing DB -# DATABASES = { -# 'default': { -# 'ENGINE': 'django.db.backends.postgresql', -# 'HOST': 'localhost', -# 'PORT': 5432, -# 'USER': 'postgres', -# 'PASSWORD': 'postgres', # set to local pw -# 'NAME': 'postgres', -# 'CONN_MAX_AGE': 600, -# } -# } - -# SQLite testing DB -# DATABASES = { -# 'default': { -# 'ENGINE': 'django.db.backends.sqlite3', -# 'OPTIONS': ast.literal_eval(os.getenv('DB_OPTIONS')) if os.getenv('DB_OPTIONS') else {}, -# 'NAME': 'db.sqlite3', -# 'CONN_MAX_AGE': 600, -# } -# } - -CACHES = { - 'default': { - 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache', - 'LOCATION': 'default', - } -} - -# Vue webpack settings -VUE_DIR = os.path.join(BASE_DIR, 'vue') - -WEBPACK_LOADER = { - 'DEFAULT': { - 'CACHE': not DEBUG, - 'BUNDLE_DIR_NAME': 'vue/', # must end with slash - 'STATS_FILE': os.path.join(VUE_DIR, 'webpack-stats.json'), - 'POLL_INTERVAL': 0.1, - 'TIMEOUT': None, - 'IGNORE': [r'.+\.hot-update.js', r'.+\.map'], - } -} - -# Internationalization -# https://docs.djangoproject.com/en/2.0/topics/i18n/ - -LANGUAGE_CODE = 'en' - -TIME_ZONE = os.getenv('TIMEZONE') if os.getenv('TIMEZONE') else 'Europe/Berlin' - -USE_I18N = True - -USE_L10N = True - -USE_TZ = True - -LANGUAGES = [ - ('hy', _('Armenian ')), - ('bg', _('Bulgarian')), - ('ca', _('Catalan')), - ('cs', _('Czech')), - ('da', _('Danish')), - ('nl', _('Dutch')), - ('en', _('English')), - ('fr', _('French')), - ('de', _('German')), - ('it', _('Italian')), - ('lv', _('Latvian')), - ('pl', _('Polish')), - ('ru', _('Russian')), - ('es', _('Spanish')), - ('sv', _('Swedish')), -] - -# Static files (CSS, JavaScript, Images) -# https://docs.djangoproject.com/en/2.0/howto/static-files/ - -SCRIPT_NAME = os.getenv('SCRIPT_NAME', '') -# path for django_js_reverse to generate the javascript file containing all urls. Only done because the default command (collectstatic_js_reverse) fails to update the manifest -JS_REVERSE_OUTPUT_PATH = os.path.join(BASE_DIR, "cookbook/static/django_js_reverse") -JS_REVERSE_SCRIPT_PREFIX = os.getenv('JS_REVERSE_SCRIPT_PREFIX', SCRIPT_NAME) - -STATIC_URL = os.getenv('STATIC_URL', '/static/') -STATIC_ROOT = os.path.join(BASE_DIR, "staticfiles") - -AWS_ENABLED = True if os.getenv('S3_ACCESS_KEY', False) else False - -if os.getenv('S3_ACCESS_KEY', ''): - DEFAULT_FILE_STORAGE = 'cookbook.helper.CustomStorageClass.CachedS3Boto3Storage' - - AWS_ACCESS_KEY_ID = os.getenv('S3_ACCESS_KEY', '') - AWS_SECRET_ACCESS_KEY = os.getenv('S3_SECRET_ACCESS_KEY', '') - AWS_STORAGE_BUCKET_NAME = os.getenv('S3_BUCKET_NAME', '') - AWS_QUERYSTRING_AUTH = bool(int(os.getenv('S3_QUERYSTRING_AUTH', True))) - AWS_QUERYSTRING_EXPIRE = int(os.getenv('S3_QUERYSTRING_EXPIRE', 3600)) - AWS_S3_SIGNATURE_VERSION = os.getenv('S3_SIGNATURE_VERSION', 's3v4') - AWS_S3_REGION_NAME = os.getenv('S3_REGION_NAME', None) - - if os.getenv('S3_ENDPOINT_URL', ''): - AWS_S3_ENDPOINT_URL = os.getenv('S3_ENDPOINT_URL', '') - if os.getenv('S3_CUSTOM_DOMAIN', ''): - AWS_S3_CUSTOM_DOMAIN = os.getenv('S3_CUSTOM_DOMAIN', '') - - MEDIA_URL = os.getenv('MEDIA_URL', '/media/') - MEDIA_ROOT = os.path.join(BASE_DIR, "mediafiles") -else: - MEDIA_URL = os.getenv('MEDIA_URL', '/media/') - MEDIA_ROOT = os.path.join(BASE_DIR, "mediafiles") - -# Serve static files with gzip -STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage' - -TEST_RUNNER = "cookbook.helper.CustomTestRunner.CustomTestRunner" - -# settings for cross site origin (CORS) -# all origins allowed to support bookmarklet -# all of this may or may not work with nginx or other web servers -# TODO make this user configurable - enable or disable bookmarklets -# TODO since token auth is enabled - this all should be https by default -CORS_ORIGIN_ALLOW_ALL = True - -# enable CORS only for bookmarklet api and only for posts, get and options -CORS_URLS_REGEX = r'^/api/bookmarklet-import.*$' -CORS_ALLOW_METHODS = ['GET', 'OPTIONS', 'POST'] -# future versions of django will make undeclared default django.db.models.BigAutoField which will force migrations on all models -DEFAULT_AUTO_FIELD = 'django.db.models.AutoField' - -EMAIL_HOST = os.getenv('EMAIL_HOST', '') -EMAIL_PORT = int(os.getenv('EMAIL_PORT', 25)) -EMAIL_HOST_USER = os.getenv('EMAIL_HOST_USER', '') -EMAIL_HOST_PASSWORD = os.getenv('EMAIL_HOST_PASSWORD', '') -EMAIL_USE_TLS = bool(int(os.getenv('EMAIL_USE_TLS', False))) -EMAIL_USE_SSL = bool(int(os.getenv('EMAIL_USE_SSL', False))) -DEFAULT_FROM_EMAIL = os.getenv('DEFAULT_FROM_EMAIL', 'webmaster@localhost') -ACCOUNT_EMAIL_SUBJECT_PREFIX = os.getenv('ACCOUNT_EMAIL_SUBJECT_PREFIX', '[Tandoor Recipes] ') # allauth sender prefix