diff --git a/README.md b/README.md index 5539aa6..3251844 100644 --- a/README.md +++ b/README.md @@ -2,19 +2,37 @@ The YunoHost team uses [Weblate](https://weblate.org) for translations: https://translate.yunohost.org -## Admin +## Admin account -An admin user is created at installation, the login is what you provided at installation, the password is *weblate*. +An admin user is created at installation, the login is what you provided at installation, the password is **weblate**. -# Github +## Github You'll need to give weblate a github user and a token. Please read [github's documentation about token](https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/). +This user will only be used to open the pull-request, each translation keep his author. + +## Settings and upgrades + +Almost everything related to Weblate's configuration is handled in a `settings.py` file. +You'll probably edit it to enable or disable diverse features, it is stored in `$final_path/venv/lib/python2.7/site-packages/weblate/settings.py`. + +Unfortunatly, this settings file also gets upgrades for each release. + +This package will : + +* generate a default settings file for your current installation, +* send you a diff with your actual settings (the content will be sent to *root*, and only basic information for weblate's admin), +* generate a default settings file the new weblate's version, that will **replace** your actual `settings.py`. + +You'll have to **manually** add your previous changes to this new `settings.py`. + +# Miscellaneous ## Weblate and databases Weblate [recommands PostgreSQL](https://docs.weblate.org/en/latest/admin/install.html#database-setup-for-weblate), but YunoHost uses Mysql. -Carefull, this application install PostgreSQL and change the default configuration to ask for every connexion and every user a password (local all all password). +Carefull, this application install PostgreSQL and change the default configuration to ask for every connexion and every user a password (*local all all password*). ## LDAP connexion diff --git a/conf/settings.py b/conf/settings.py index d053616..aabf755 100644 --- a/conf/settings.py +++ b/conf/settings.py @@ -60,10 +60,7 @@ DATA_DIR = os.path.join(BASE_DIR, 'data') # Local time zone for this installation. Choices can be found here: # http://en.wikipedia.org/wiki/List_of_tz_zones_by_name # although not all choices may be available on all operating systems. -# On Unix systems, a value of None will cause Django to use the same -# timezone as the operating system. -# If running in a Windows environment this must be set to the same as your -# system time zone. +# In a Windows environment this must be set to your system time zone. TIME_ZONE = 'UTC' # Language code for this installation. All choices can be found here: @@ -235,8 +232,9 @@ SOCIAL_AUTH_PIPELINE = ( 'social_core.pipeline.mail.mail_validation', 'weblate.accounts.pipeline.revoke_mail_code', 'weblate.accounts.pipeline.ensure_valid', - 'weblate.accounts.pipeline.reauthenticate', + 'weblate.accounts.pipeline.remove_account', 'social_core.pipeline.social_auth.associate_by_email', + 'weblate.accounts.pipeline.reauthenticate', 'weblate.accounts.pipeline.verify_username', 'social_core.pipeline.user.create_user', 'social_core.pipeline.social_auth.associate_user', @@ -298,6 +296,17 @@ AUTH_PASSWORD_VALIDATORS = [ { 'NAME': 'weblate.accounts.password_validation.CharsPasswordValidator', }, + { + 'NAME': 'weblate.accounts.password_validation.PastPasswordsValidator', + }, + # Optional password strength validation by django-zxcvbn-password + # { + # 'NAME': 'zxcvbn_password.ZXCVBNValidator', + # 'OPTIONS': { + # 'min_score': 3, + # 'user_attributes': ('username', 'email', 'first_name') + # } + # }, ] # Middleware @@ -316,10 +325,8 @@ MIDDLEWARE_CLASSES = ( ROOT_URLCONF = 'weblate.urls' +# Django and Weblate apps INSTALLED_APPS = ( - # Has to be first to override Django admin templates: - 'weblate.wladmin', - 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', @@ -340,16 +347,15 @@ INSTALLED_APPS = ( 'weblate.screenshots', 'weblate.accounts', 'weblate.utils', + 'weblate.wladmin', + 'weblate', # Optional: Git exporter # 'weblate.gitexport', - - # This application has to be placed last! - 'weblate', ) # Path to locales -LOCALE_PATHS = (os.path.join(BASE_DIR, 'locale'), ) +LOCALE_PATHS = (os.path.join(BASE_DIR, 'weblate', 'locale'), ) # Custom exception reporter to include some details DEFAULT_EXCEPTION_REPORTER_FILTER = \ @@ -576,6 +582,9 @@ AUTO_LOCK = True AUTO_LOCK_TIME = 60 LOCK_TIME = 15 * 60 +# Use simple language codes for default language/country combinations +SIMPLIFY_LANGUAGES = True + # Render forms using bootstrap CRISPY_TEMPLATE_PACK = 'bootstrap3' diff --git a/conf/settings_history/settings.2.16.py b/conf/settings_history/settings.2.16.py new file mode 100644 index 0000000..d053616 --- /dev/null +++ b/conf/settings_history/settings.2.16.py @@ -0,0 +1,699 @@ +# -*- coding: utf-8 -*- +# +# Copyright © 2012 - 2017 Michal Čihař +# +# This file is part of Weblate +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +from __future__ import unicode_literals +import platform +import os +from logging.handlers import SysLogHandler + +# +# Django settings for Weblate project. +# + +DEBUG = False + +ADMINS = ( + ('__ADMIN__', '__ADMINMAIL__'), +) + +MANAGERS = ADMINS + +DATABASES = { + 'default': { + # Database engine + 'ENGINE': 'django.db.backends.postgresql_psycopg2', + # Database name + 'NAME': '__NAME__', + # Database user + 'USER': '__NAME__', + # Database password + 'PASSWORD': '__DB_PWD__', + # Set to empty string for localhost + 'HOST': 'localhost', + # Set to empty string for default + 'PORT': '5432', + } +} + +BASE_DIR = '__FINALPATH__' + +# Data directory +DATA_DIR = os.path.join(BASE_DIR, 'data') + +# Local time zone for this installation. Choices can be found here: +# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name +# although not all choices may be available on all operating systems. +# On Unix systems, a value of None will cause Django to use the same +# timezone as the operating system. +# If running in a Windows environment this must be set to the same as your +# system time zone. +TIME_ZONE = 'UTC' + +# Language code for this installation. All choices can be found here: +# http://www.i18nguy.com/unicode/language-identifiers.html +LANGUAGE_CODE = 'en-us' + +LANGUAGES = ( + ('az', 'Azərbaycan'), + ('be', 'Беларуская'), + ('be@latin', 'Biełaruskaja'), + ('bg', 'Български'), + ('br', 'Brezhoneg'), + ('ca', 'Català'), + ('cs', 'Čeština'), + ('da', 'Dansk'), + ('de', 'Deutsch'), + ('en', 'English'), + ('en-gb', 'English (United Kingdom)'), + ('el', 'Ελληνικά'), + ('es', 'Español'), + ('fi', 'Suomi'), + ('fr', 'Français'), + ('fy', 'Frysk'), + ('gl', 'Galego'), + ('he', 'עברית'), + ('hu', 'Magyar'), + ('id', 'Indonesia'), + ('it', 'Italiano'), + ('ja', '日本語'), + ('ko', '한국어'), + ('ksh', 'Kölsch'), + ('nb', 'Norsk bokmål'), + ('nl', 'Nederlands'), + ('pl', 'Polski'), + ('pt', 'Português'), + ('pt-br', 'Português brasileiro'), + ('ru', 'Русский'), + ('sk', 'Slovenčina'), + ('sl', 'Slovenščina'), + ('sr', 'Српски'), + ('sv', 'Svenska'), + ('tr', 'Türkçe'), + ('uk', 'Українська'), + ('zh-hans', '简体字'), + ('zh-hant', '正體字'), +) + +SITE_ID = 1 + +# If you set this to False, Django will make some optimizations so as not +# to load the internationalization machinery. +USE_I18N = True + +# If you set this to False, Django will not format dates, numbers and +# calendars according to the current locale. +USE_L10N = True + +# If you set this to False, Django will not use timezone-aware datetimes. +USE_TZ = True + +# URL prefix to use, please see documentation for more details +URL_PREFIX = '__PATHURL__' + +# Absolute filesystem path to the directory that will hold user-uploaded files. +# Example: "/home/media/media.lawrence.com/media/" +MEDIA_ROOT = os.path.join(DATA_DIR, 'media') + +# URL that handles the media served from MEDIA_ROOT. Make sure to use a +# trailing slash. +# Examples: "http://media.lawrence.com/media/", "http://example.com/media/" +MEDIA_URL = '{0}/media/'.format(URL_PREFIX) + +# Absolute path to the directory static files should be collected to. +# Don't put anything in this directory yourself; store your static files +# in apps' "static/" subdirectories and in STATICFILES_DIRS. +# Example: "/home/media/media.lawrence.com/static/" +STATIC_ROOT = os.path.join(DATA_DIR, 'static') + +# URL prefix for static files. +# Example: "http://media.lawrence.com/static/" +STATIC_URL = '{0}/static/'.format(URL_PREFIX) + +# Additional locations of static files +STATICFILES_DIRS = ( + # Put strings here, like "/home/html/static" or "C:/www/django/static". + # Always use forward slashes, even on Windows. + # Don't forget to use absolute paths, not relative paths. +) + +# List of finder classes that know how to find static files in +# various locations. +STATICFILES_FINDERS = ( + 'django.contrib.staticfiles.finders.FileSystemFinder', + 'django.contrib.staticfiles.finders.AppDirectoriesFinder', + 'compressor.finders.CompressorFinder', +) + +# Make this unique, and don't share it with anybody. +# You can generate it using examples/generate-secret-key +SECRET_KEY = '__KEY__' # noqa + +TEMPLATES = [ + { + 'BACKEND': 'django.template.backends.django.DjangoTemplates', + 'OPTIONS': { + 'context_processors': [ + 'django.contrib.auth.context_processors.auth', + 'django.template.context_processors.debug', + 'django.template.context_processors.i18n', + 'django.template.context_processors.request', + 'django.template.context_processors.csrf', + 'django.contrib.messages.context_processors.messages', + 'weblate.trans.context_processors.weblate_context', + ], + 'loaders': [ + ('django.template.loaders.cached.Loader', [ + 'django.template.loaders.filesystem.Loader', + 'django.template.loaders.app_directories.Loader', + ]), + ], + }, + }, +] + + +# GitHub username for sending pull requests. +# Please see the documentation for more details. +GITHUB_USERNAME = "__GITHUBUSER__" + +# Authentication configuration +AUTHENTICATION_BACKENDS = ( + 'social_core.backends.email.EmailAuth', + # 'social_core.backends.google.GoogleOAuth2', + # 'social_core.backends.github.GithubOAuth2', + # 'social_core.backends.bitbucket.BitbucketOAuth', + 'social_core.backends.suse.OpenSUSEOpenId', + 'social_core.backends.ubuntu.UbuntuOpenId', + 'social_core.backends.fedora.FedoraOpenId', + # 'social_core.backends.facebook.FacebookOAuth2', + 'weblate.accounts.auth.WeblateUserBackend', +) + +# Social auth backends setup +SOCIAL_AUTH_GITHUB_KEY = '' +SOCIAL_AUTH_GITHUB_SECRET = '' +SOCIAL_AUTH_GITHUB_SCOPE = ['user:email'] + +SOCIAL_AUTH_BITBUCKET_KEY = '' +SOCIAL_AUTH_BITBUCKET_SECRET = '' +SOCIAL_AUTH_BITBUCKET_VERIFIED_EMAILS_ONLY = True + +SOCIAL_AUTH_FACEBOOK_KEY = '' +SOCIAL_AUTH_FACEBOOK_SECRET = '' +SOCIAL_AUTH_FACEBOOK_SCOPE = ['email', 'public_profile'] + +SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = '' +SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = '' + +# Social auth settings +SOCIAL_AUTH_PIPELINE = ( + 'social_core.pipeline.social_auth.social_details', + 'social_core.pipeline.social_auth.social_uid', + 'social_core.pipeline.social_auth.auth_allowed', + 'social_core.pipeline.social_auth.social_user', + 'weblate.accounts.pipeline.store_params', + 'weblate.accounts.pipeline.verify_open', + 'social_core.pipeline.user.get_username', + 'weblate.accounts.pipeline.require_email', + 'social_core.pipeline.mail.mail_validation', + 'weblate.accounts.pipeline.revoke_mail_code', + 'weblate.accounts.pipeline.ensure_valid', + 'weblate.accounts.pipeline.reauthenticate', + 'social_core.pipeline.social_auth.associate_by_email', + 'weblate.accounts.pipeline.verify_username', + 'social_core.pipeline.user.create_user', + 'social_core.pipeline.social_auth.associate_user', + 'social_core.pipeline.social_auth.load_extra_data', + 'weblate.accounts.pipeline.cleanup_next', + 'weblate.accounts.pipeline.user_full_name', + 'weblate.accounts.pipeline.store_email', + 'weblate.accounts.pipeline.notify_connect', + 'weblate.accounts.pipeline.password_reset', +) +SOCIAL_AUTH_DISCONNECT_PIPELINE = ( + 'social_core.pipeline.disconnect.allowed_to_disconnect', + 'social_core.pipeline.disconnect.get_entries', + 'social_core.pipeline.disconnect.revoke_tokens', + 'weblate.accounts.pipeline.cycle_session', + 'weblate.accounts.pipeline.adjust_primary_mail', + 'weblate.accounts.pipeline.notify_disconnect', + 'social_core.pipeline.disconnect.disconnect', + 'weblate.accounts.pipeline.cleanup_next', +) + +# Custom authentication strategy +SOCIAL_AUTH_STRATEGY = 'weblate.accounts.strategy.WeblateStrategy' + +# Raise exceptions so that we can handle them later +SOCIAL_AUTH_RAISE_EXCEPTIONS = True + +SOCIAL_AUTH_EMAIL_VALIDATION_FUNCTION = \ + 'weblate.accounts.pipeline.send_validation' +SOCIAL_AUTH_EMAIL_VALIDATION_URL = \ + '{0}/accounts/email-sent/'.format(URL_PREFIX) +SOCIAL_AUTH_LOGIN_ERROR_URL = \ + '{0}/accounts/login/'.format(URL_PREFIX) +SOCIAL_AUTH_EMAIL_FORM_URL = \ + '{0}/accounts/email/'.format(URL_PREFIX) +SOCIAL_AUTH_NEW_ASSOCIATION_REDIRECT_URL = \ + '{0}/accounts/profile/#auth'.format(URL_PREFIX) +SOCIAL_AUTH_PROTECTED_USER_FIELDS = ('email',) +SOCIAL_AUTH_SLUGIFY_USERNAMES = True +SOCIAL_AUTH_SLUGIFY_FUNCTION = 'weblate.accounts.pipeline.slugify_username' + +# Password validation configuration +AUTH_PASSWORD_VALIDATORS = [ + { + 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', + 'OPTIONS': { + 'min_length': 6, + } + }, + { + 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', + }, + { + 'NAME': 'weblate.accounts.password_validation.CharsPasswordValidator', + }, +] + +# Middleware +MIDDLEWARE_CLASSES = ( + 'django.contrib.sessions.middleware.SessionMiddleware', + 'django.middleware.common.CommonMiddleware', + 'django.middleware.locale.LocaleMiddleware', + 'django.middleware.csrf.CsrfViewMiddleware', + 'weblate.accounts.middleware.AuthenticationMiddleware', + 'django.contrib.messages.middleware.MessageMiddleware', + 'django.middleware.clickjacking.XFrameOptionsMiddleware', + 'social_django.middleware.SocialAuthExceptionMiddleware', + 'weblate.accounts.middleware.RequireLoginMiddleware', + 'weblate.middleware.SecurityMiddleware', +) + +ROOT_URLCONF = 'weblate.urls' + +INSTALLED_APPS = ( + # Has to be first to override Django admin templates: + 'weblate.wladmin', + + 'django.contrib.auth', + 'django.contrib.contenttypes', + 'django.contrib.sessions', + 'django.contrib.sites', + 'django.contrib.messages', + 'django.contrib.staticfiles', + 'django.contrib.admin.apps.SimpleAdminConfig', + 'django.contrib.admindocs', + 'django.contrib.sitemaps', + 'social_django', + 'crispy_forms', + 'compressor', + 'rest_framework', + 'rest_framework.authtoken', + 'weblate.trans', + 'weblate.lang', + 'weblate.permissions', + 'weblate.screenshots', + 'weblate.accounts', + 'weblate.utils', + + # Optional: Git exporter + # 'weblate.gitexport', + + # This application has to be placed last! + 'weblate', +) + +# Path to locales +LOCALE_PATHS = (os.path.join(BASE_DIR, 'locale'), ) + +# Custom exception reporter to include some details +DEFAULT_EXCEPTION_REPORTER_FILTER = \ + 'weblate.trans.debug.WeblateExceptionReporterFilter' + +# Default logging of Weblate messages +# - to syslog in production (if available) +# - otherwise to console +# - you can also choose 'logfile' to log into separate file +# after configuring it below + +# Detect if we can connect to syslog +HAVE_SYSLOG = False +if platform.system() != 'Windows': + try: + SysLogHandler(address='/dev/log', facility=SysLogHandler.LOG_LOCAL2) + HAVE_SYSLOG = True + except IOError: + HAVE_SYSLOG = False + +if DEBUG or not HAVE_SYSLOG: + DEFAULT_LOG = 'console' +else: + DEFAULT_LOG = 'syslog' + +# A sample logging configuration. The only tangible logging +# performed by this configuration is to send an email to +# the site admins on every HTTP 500 error when DEBUG=False. +# See http://docs.djangoproject.com/en/stable/topics/logging for +# more details on how to customize your logging configuration. +LOGGING = { + 'version': 1, + 'disable_existing_loggers': False, + 'filters': { + 'require_debug_false': { + '()': 'django.utils.log.RequireDebugFalse' + } + }, + 'formatters': { + 'syslog': { + 'format': 'weblate[%(process)d]: %(levelname)s %(message)s' + }, + 'simple': { + 'format': '%(levelname)s %(message)s' + }, + 'logfile': { + 'format': '%(asctime)s %(levelname)s %(message)s' + }, + }, + 'handlers': { + 'mail_admins': { + 'level': 'ERROR', + 'filters': ['require_debug_false'], + 'class': 'django.utils.log.AdminEmailHandler', + 'include_html': True, + }, + 'console': { + 'level': 'DEBUG', + 'class': 'logging.StreamHandler', + 'formatter': 'simple' + }, + 'syslog': { + 'level': 'DEBUG', + 'class': 'logging.handlers.SysLogHandler', + 'formatter': 'syslog', + 'address': '/dev/log', + 'facility': SysLogHandler.LOG_LOCAL2, + }, + # Logging to a file + # 'logfile': { + # 'level':'DEBUG', + # 'class':'logging.handlers.RotatingFileHandler', + # 'filename': "/var/log/weblate/weblate.log", + # 'maxBytes': 100000, + # 'backupCount': 3, + # 'formatter': 'logfile', + # }, + }, + 'loggers': { + 'django.request': { + 'handlers': ['mail_admins', DEFAULT_LOG], + 'level': 'ERROR', + 'propagate': True, + }, + # Logging database queries + # 'django.db.backends': { + # 'handlers': [DEFAULT_LOG], + # 'level': 'DEBUG', + # }, + 'weblate': { + 'handlers': [DEFAULT_LOG], + 'level': 'DEBUG', + }, + # Logging VCS operations + # 'weblate-vcs': { + # 'handlers': [DEFAULT_LOG], + # 'level': 'DEBUG', + # }, + # Python Social Auth logging + # 'social': { + # 'handlers': [DEFAULT_LOG], + # 'level': 'DEBUG', + # }, + } +} + +# Logging of management commands to console +if (os.environ.get('DJANGO_IS_MANAGEMENT_COMMAND', False) and + 'console' not in LOGGING['loggers']['weblate']['handlers']): + LOGGING['loggers']['weblate']['handlers'].append('console') + +# Remove syslog setup if it's not present +if not HAVE_SYSLOG: + del LOGGING['handlers']['syslog'] + +# List of machine translations +# MACHINE_TRANSLATION_SERVICES = ( +# 'weblate.trans.machine.apertium.ApertiumAPYTranslation', +# 'weblate.trans.machine.glosbe.GlosbeTranslation', +# 'weblate.trans.machine.google.GoogleTranslation', +# 'weblate.trans.machine.microsoft.MicrosoftCognitiveTranslation', +# 'weblate.trans.machine.mymemory.MyMemoryTranslation', +# 'weblate.trans.machine.tmserver.AmagamaTranslation', +# 'weblate.trans.machine.tmserver.TMServerTranslation', +# 'weblate.trans.machine.yandex.YandexTranslation', +# 'weblate.trans.machine.weblatetm.WeblateSimilarTranslation', +# 'weblate.trans.machine.weblatetm.WeblateTranslation', +# ) + +# Machine translation API keys + +# URL of the Apertium APy server +MT_APERTIUM_APY = None + +# Microsoft Translator service, register at +# https://datamarket.azure.com/developer/applications/ +MT_MICROSOFT_ID = None +MT_MICROSOFT_SECRET = None + +# Microsoft Cognitive Services Translator API, register at +# https://portal.azure.com/ +MT_MICROSOFT_COGNITIVE_KEY = None + +# MyMemory identification email, see +# https://mymemory.translated.net/doc/spec.php +MT_MYMEMORY_EMAIL = None + +# Optional MyMemory credentials to access private translation memory +MT_MYMEMORY_USER = None +MT_MYMEMORY_KEY = None + +# Google API key for Google Translate API +MT_GOOGLE_KEY = None + +# API key for Yandex Translate API +MT_YANDEX_KEY = None + +# tmserver URL +MT_TMSERVER = None + +# Title of site to use +SITE_TITLE = 'Weblate' + +# Whether site uses https +ENABLE_HTTPS = True + +# Use HTTPS when creating redirect URLs for social authentication, see +# documentation for more details: +# http://python-social-auth-docs.readthedocs.io/en/latest/configuration/settings.html#processing-redirects-and-urlopen +SOCIAL_AUTH_REDIRECT_IS_HTTPS = ENABLE_HTTPS + +# Make CSRF cookie HttpOnly, see documentation for more details: +# https://docs.djangoproject.com/en/1.11/ref/settings/#csrf-cookie-httponly +CSRF_COOKIE_HTTPONLY = True +CSRF_COOKIE_SECURE = ENABLE_HTTPS +# Store CSRF token in session (since Django 1.11) +CSRF_USE_SESSIONS = True +SESSION_COOKIE_SECURE = ENABLE_HTTPS +# Session cookie age (in seconds) +SESSION_COOKIE_AGE = 1209600 + +# URL of login +LOGIN_URL = '{0}/accounts/login/'.format(URL_PREFIX) + +# URL of logout +LOGOUT_URL = '{0}/accounts/logout/'.format(URL_PREFIX) + +# Default location for login +LOGIN_REDIRECT_URL = '{0}/'.format(URL_PREFIX) + +# Anonymous user name +ANONYMOUS_USER_NAME = 'anonymous' + +# Reverse proxy settings +IP_BEHIND_REVERSE_PROXY = False +IP_PROXY_HEADER = 'HTTP_X_FORWARDED_FOR' +IP_PROXY_OFFSET = 0 + +# Sending HTML in mails +EMAIL_SEND_HTML = True + +# Subject of emails includes site title +EMAIL_SUBJECT_PREFIX = '[{0}] '.format(SITE_TITLE) + +EMAIL_BACKEND = 'django_sendmail_backend.backends.EmailBackend' + +# Enable remote hooks +ENABLE_HOOKS = True + +# Whether to run hooks in background +BACKGROUND_HOOKS = True + +# Number of nearby messages to show in each direction +NEARBY_MESSAGES = 5 + +# Enable lazy commits +LAZY_COMMITS = True + +# Offload indexing +OFFLOAD_INDEXING = True + +# Translation locking +AUTO_LOCK = True +AUTO_LOCK_TIME = 60 +LOCK_TIME = 15 * 60 + +# Render forms using bootstrap +CRISPY_TEMPLATE_PACK = 'bootstrap3' + +# List of quality checks +# CHECK_LIST = ( +# 'weblate.trans.checks.same.SameCheck', +# 'weblate.trans.checks.chars.BeginNewlineCheck', +# 'weblate.trans.checks.chars.EndNewlineCheck', +# 'weblate.trans.checks.chars.BeginSpaceCheck', +# 'weblate.trans.checks.chars.EndSpaceCheck', +# 'weblate.trans.checks.chars.EndStopCheck', +# 'weblate.trans.checks.chars.EndColonCheck', +# 'weblate.trans.checks.chars.EndQuestionCheck', +# 'weblate.trans.checks.chars.EndExclamationCheck', +# 'weblate.trans.checks.chars.EndEllipsisCheck', +# 'weblate.trans.checks.chars.EndSemicolonCheck', +# 'weblate.trans.checks.chars.MaxLengthCheck', +# 'weblate.trans.checks.format.PythonFormatCheck', +# 'weblate.trans.checks.format.PythonBraceFormatCheck', +# 'weblate.trans.checks.format.PHPFormatCheck', +# 'weblate.trans.checks.format.CFormatCheck', +# 'weblate.trans.checks.format.PerlFormatCheck', +# 'weblate.trans.checks.format.JavascriptFormatCheck', +# 'weblate.trans.checks.consistency.PluralsCheck', +# 'weblate.trans.checks.consistency.SamePluralsCheck', +# 'weblate.trans.checks.consistency.ConsistencyCheck', +# 'weblate.trans.checks.consistency.TranslatedCheck', +# 'weblate.trans.checks.chars.NewlineCountingCheck', +# 'weblate.trans.checks.markup.BBCodeCheck', +# 'weblate.trans.checks.chars.ZeroWidthSpaceCheck', +# 'weblate.trans.checks.markup.XMLValidityCheck', +# 'weblate.trans.checks.markup.XMLTagsCheck', +# 'weblate.trans.checks.source.OptionalPluralCheck', +# 'weblate.trans.checks.source.EllipsisCheck', +# 'weblate.trans.checks.source.MultipleFailingCheck', +# ) + +# List of automatic fixups +# AUTOFIX_LIST = ( +# 'weblate.trans.autofixes.whitespace.SameBookendingWhitespace', +# 'weblate.trans.autofixes.chars.ReplaceTrailingDotsWithEllipsis', +# 'weblate.trans.autofixes.chars.RemoveZeroSpace', +# 'weblate.trans.autofixes.chars.RemoveControlChars', +# ) + +# List of scripts to use in custom processing +# POST_UPDATE_SCRIPTS = ( +# ) +# PRE_COMMIT_SCRIPTS = ( +# ) + +# E-mail address that error messages come from. +SERVER_EMAIL = 'noreply@__DOMAIN__' + +# Default email address to use for various automated correspondence from +# the site managers. Used for registration emails. +DEFAULT_FROM_EMAIL = '__ADMINMAIL__' + +# List of URLs your site is supposed to serve +ALLOWED_HOSTS = ['__DOMAIN__'] + +# Example configuration to use memcached for caching +CACHES = { + 'default': { + 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', + 'LOCATION': '127.0.0.1:__MEMCPORT__', + }, + 'avatar': { + 'BACKEND': 'django.core.cache.backends.filebased.FileBasedCache', + 'LOCATION': os.path.join(BASE_DIR, 'avatar-cache'), + 'TIMEOUT': 3600, + 'OPTIONS': { + 'MAX_ENTRIES': 1000, + }, + } +} + +# REST framework settings for API +REST_FRAMEWORK = { + # Use Django's standard `django.contrib.auth` permissions, + # or allow read-only access for unauthenticated users. + 'DEFAULT_PERMISSION_CLASSES': [ + 'rest_framework.permissions.IsAuthenticatedOrReadOnly' + ], + 'DEFAULT_AUTHENTICATION_CLASSES': ( + 'rest_framework.authentication.TokenAuthentication', + 'rest_framework.authentication.SessionAuthentication', + ), + 'DEFAULT_THROTTLE_CLASSES': ( + 'rest_framework.throttling.AnonRateThrottle', + 'rest_framework.throttling.UserRateThrottle' + ), + 'DEFAULT_THROTTLE_RATES': { + 'anon': '100/day', + 'user': '1000/day' + }, + 'DEFAULT_PAGINATION_CLASS': ( + 'rest_framework.pagination.PageNumberPagination' + ), + 'PAGE_SIZE': 20, + 'VIEW_DESCRIPTION_FUNCTION': 'weblate.api.views.get_view_description', + 'UNAUTHENTICATED_USER': 'weblate.accounts.models.get_anonymous', +} + +# Example for restricting access to logged in users +# LOGIN_REQUIRED_URLS = ( +# r'/(.*)$', +# ) + +# In such case you will want to include some of the exceptions +# LOGIN_REQUIRED_URLS_EXCEPTIONS = ( +# r'/accounts/(.*)$', # Required for login +# r'/static/(.*)$', # Required for development mode +# r'/widgets/(.*)$', # Allowing public access to widgets +# r'/data/(.*)$', # Allowing public access to data exports +# r'/hooks/(.*)$', # Allowing public access to notification hooks +# r'/api/(.*)$', # Allowing access to API +# ) + +# Force sane test runner +TEST_RUNNER = 'django.test.runner.DiscoverRunner' diff --git a/conf/settings_history/settings.2.17.1.py b/conf/settings_history/settings.2.17.1.py new file mode 100644 index 0000000..aabf755 --- /dev/null +++ b/conf/settings_history/settings.2.17.1.py @@ -0,0 +1,708 @@ +# -*- coding: utf-8 -*- +# +# Copyright © 2012 - 2017 Michal Čihař +# +# This file is part of Weblate +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +from __future__ import unicode_literals +import platform +import os +from logging.handlers import SysLogHandler + +# +# Django settings for Weblate project. +# + +DEBUG = False + +ADMINS = ( + ('__ADMIN__', '__ADMINMAIL__'), +) + +MANAGERS = ADMINS + +DATABASES = { + 'default': { + # Database engine + 'ENGINE': 'django.db.backends.postgresql_psycopg2', + # Database name + 'NAME': '__NAME__', + # Database user + 'USER': '__NAME__', + # Database password + 'PASSWORD': '__DB_PWD__', + # Set to empty string for localhost + 'HOST': 'localhost', + # Set to empty string for default + 'PORT': '5432', + } +} + +BASE_DIR = '__FINALPATH__' + +# Data directory +DATA_DIR = os.path.join(BASE_DIR, 'data') + +# Local time zone for this installation. Choices can be found here: +# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name +# although not all choices may be available on all operating systems. +# In a Windows environment this must be set to your system time zone. +TIME_ZONE = 'UTC' + +# Language code for this installation. All choices can be found here: +# http://www.i18nguy.com/unicode/language-identifiers.html +LANGUAGE_CODE = 'en-us' + +LANGUAGES = ( + ('az', 'Azərbaycan'), + ('be', 'Беларуская'), + ('be@latin', 'Biełaruskaja'), + ('bg', 'Български'), + ('br', 'Brezhoneg'), + ('ca', 'Català'), + ('cs', 'Čeština'), + ('da', 'Dansk'), + ('de', 'Deutsch'), + ('en', 'English'), + ('en-gb', 'English (United Kingdom)'), + ('el', 'Ελληνικά'), + ('es', 'Español'), + ('fi', 'Suomi'), + ('fr', 'Français'), + ('fy', 'Frysk'), + ('gl', 'Galego'), + ('he', 'עברית'), + ('hu', 'Magyar'), + ('id', 'Indonesia'), + ('it', 'Italiano'), + ('ja', '日本語'), + ('ko', '한국어'), + ('ksh', 'Kölsch'), + ('nb', 'Norsk bokmål'), + ('nl', 'Nederlands'), + ('pl', 'Polski'), + ('pt', 'Português'), + ('pt-br', 'Português brasileiro'), + ('ru', 'Русский'), + ('sk', 'Slovenčina'), + ('sl', 'Slovenščina'), + ('sr', 'Српски'), + ('sv', 'Svenska'), + ('tr', 'Türkçe'), + ('uk', 'Українська'), + ('zh-hans', '简体字'), + ('zh-hant', '正體字'), +) + +SITE_ID = 1 + +# If you set this to False, Django will make some optimizations so as not +# to load the internationalization machinery. +USE_I18N = True + +# If you set this to False, Django will not format dates, numbers and +# calendars according to the current locale. +USE_L10N = True + +# If you set this to False, Django will not use timezone-aware datetimes. +USE_TZ = True + +# URL prefix to use, please see documentation for more details +URL_PREFIX = '__PATHURL__' + +# Absolute filesystem path to the directory that will hold user-uploaded files. +# Example: "/home/media/media.lawrence.com/media/" +MEDIA_ROOT = os.path.join(DATA_DIR, 'media') + +# URL that handles the media served from MEDIA_ROOT. Make sure to use a +# trailing slash. +# Examples: "http://media.lawrence.com/media/", "http://example.com/media/" +MEDIA_URL = '{0}/media/'.format(URL_PREFIX) + +# Absolute path to the directory static files should be collected to. +# Don't put anything in this directory yourself; store your static files +# in apps' "static/" subdirectories and in STATICFILES_DIRS. +# Example: "/home/media/media.lawrence.com/static/" +STATIC_ROOT = os.path.join(DATA_DIR, 'static') + +# URL prefix for static files. +# Example: "http://media.lawrence.com/static/" +STATIC_URL = '{0}/static/'.format(URL_PREFIX) + +# Additional locations of static files +STATICFILES_DIRS = ( + # Put strings here, like "/home/html/static" or "C:/www/django/static". + # Always use forward slashes, even on Windows. + # Don't forget to use absolute paths, not relative paths. +) + +# List of finder classes that know how to find static files in +# various locations. +STATICFILES_FINDERS = ( + 'django.contrib.staticfiles.finders.FileSystemFinder', + 'django.contrib.staticfiles.finders.AppDirectoriesFinder', + 'compressor.finders.CompressorFinder', +) + +# Make this unique, and don't share it with anybody. +# You can generate it using examples/generate-secret-key +SECRET_KEY = '__KEY__' # noqa + +TEMPLATES = [ + { + 'BACKEND': 'django.template.backends.django.DjangoTemplates', + 'OPTIONS': { + 'context_processors': [ + 'django.contrib.auth.context_processors.auth', + 'django.template.context_processors.debug', + 'django.template.context_processors.i18n', + 'django.template.context_processors.request', + 'django.template.context_processors.csrf', + 'django.contrib.messages.context_processors.messages', + 'weblate.trans.context_processors.weblate_context', + ], + 'loaders': [ + ('django.template.loaders.cached.Loader', [ + 'django.template.loaders.filesystem.Loader', + 'django.template.loaders.app_directories.Loader', + ]), + ], + }, + }, +] + + +# GitHub username for sending pull requests. +# Please see the documentation for more details. +GITHUB_USERNAME = "__GITHUBUSER__" + +# Authentication configuration +AUTHENTICATION_BACKENDS = ( + 'social_core.backends.email.EmailAuth', + # 'social_core.backends.google.GoogleOAuth2', + # 'social_core.backends.github.GithubOAuth2', + # 'social_core.backends.bitbucket.BitbucketOAuth', + 'social_core.backends.suse.OpenSUSEOpenId', + 'social_core.backends.ubuntu.UbuntuOpenId', + 'social_core.backends.fedora.FedoraOpenId', + # 'social_core.backends.facebook.FacebookOAuth2', + 'weblate.accounts.auth.WeblateUserBackend', +) + +# Social auth backends setup +SOCIAL_AUTH_GITHUB_KEY = '' +SOCIAL_AUTH_GITHUB_SECRET = '' +SOCIAL_AUTH_GITHUB_SCOPE = ['user:email'] + +SOCIAL_AUTH_BITBUCKET_KEY = '' +SOCIAL_AUTH_BITBUCKET_SECRET = '' +SOCIAL_AUTH_BITBUCKET_VERIFIED_EMAILS_ONLY = True + +SOCIAL_AUTH_FACEBOOK_KEY = '' +SOCIAL_AUTH_FACEBOOK_SECRET = '' +SOCIAL_AUTH_FACEBOOK_SCOPE = ['email', 'public_profile'] + +SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = '' +SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = '' + +# Social auth settings +SOCIAL_AUTH_PIPELINE = ( + 'social_core.pipeline.social_auth.social_details', + 'social_core.pipeline.social_auth.social_uid', + 'social_core.pipeline.social_auth.auth_allowed', + 'social_core.pipeline.social_auth.social_user', + 'weblate.accounts.pipeline.store_params', + 'weblate.accounts.pipeline.verify_open', + 'social_core.pipeline.user.get_username', + 'weblate.accounts.pipeline.require_email', + 'social_core.pipeline.mail.mail_validation', + 'weblate.accounts.pipeline.revoke_mail_code', + 'weblate.accounts.pipeline.ensure_valid', + 'weblate.accounts.pipeline.remove_account', + 'social_core.pipeline.social_auth.associate_by_email', + 'weblate.accounts.pipeline.reauthenticate', + 'weblate.accounts.pipeline.verify_username', + 'social_core.pipeline.user.create_user', + 'social_core.pipeline.social_auth.associate_user', + 'social_core.pipeline.social_auth.load_extra_data', + 'weblate.accounts.pipeline.cleanup_next', + 'weblate.accounts.pipeline.user_full_name', + 'weblate.accounts.pipeline.store_email', + 'weblate.accounts.pipeline.notify_connect', + 'weblate.accounts.pipeline.password_reset', +) +SOCIAL_AUTH_DISCONNECT_PIPELINE = ( + 'social_core.pipeline.disconnect.allowed_to_disconnect', + 'social_core.pipeline.disconnect.get_entries', + 'social_core.pipeline.disconnect.revoke_tokens', + 'weblate.accounts.pipeline.cycle_session', + 'weblate.accounts.pipeline.adjust_primary_mail', + 'weblate.accounts.pipeline.notify_disconnect', + 'social_core.pipeline.disconnect.disconnect', + 'weblate.accounts.pipeline.cleanup_next', +) + +# Custom authentication strategy +SOCIAL_AUTH_STRATEGY = 'weblate.accounts.strategy.WeblateStrategy' + +# Raise exceptions so that we can handle them later +SOCIAL_AUTH_RAISE_EXCEPTIONS = True + +SOCIAL_AUTH_EMAIL_VALIDATION_FUNCTION = \ + 'weblate.accounts.pipeline.send_validation' +SOCIAL_AUTH_EMAIL_VALIDATION_URL = \ + '{0}/accounts/email-sent/'.format(URL_PREFIX) +SOCIAL_AUTH_LOGIN_ERROR_URL = \ + '{0}/accounts/login/'.format(URL_PREFIX) +SOCIAL_AUTH_EMAIL_FORM_URL = \ + '{0}/accounts/email/'.format(URL_PREFIX) +SOCIAL_AUTH_NEW_ASSOCIATION_REDIRECT_URL = \ + '{0}/accounts/profile/#auth'.format(URL_PREFIX) +SOCIAL_AUTH_PROTECTED_USER_FIELDS = ('email',) +SOCIAL_AUTH_SLUGIFY_USERNAMES = True +SOCIAL_AUTH_SLUGIFY_FUNCTION = 'weblate.accounts.pipeline.slugify_username' + +# Password validation configuration +AUTH_PASSWORD_VALIDATORS = [ + { + 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', + 'OPTIONS': { + 'min_length': 6, + } + }, + { + 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', + }, + { + 'NAME': 'weblate.accounts.password_validation.CharsPasswordValidator', + }, + { + 'NAME': 'weblate.accounts.password_validation.PastPasswordsValidator', + }, + # Optional password strength validation by django-zxcvbn-password + # { + # 'NAME': 'zxcvbn_password.ZXCVBNValidator', + # 'OPTIONS': { + # 'min_score': 3, + # 'user_attributes': ('username', 'email', 'first_name') + # } + # }, +] + +# Middleware +MIDDLEWARE_CLASSES = ( + 'django.contrib.sessions.middleware.SessionMiddleware', + 'django.middleware.common.CommonMiddleware', + 'django.middleware.locale.LocaleMiddleware', + 'django.middleware.csrf.CsrfViewMiddleware', + 'weblate.accounts.middleware.AuthenticationMiddleware', + 'django.contrib.messages.middleware.MessageMiddleware', + 'django.middleware.clickjacking.XFrameOptionsMiddleware', + 'social_django.middleware.SocialAuthExceptionMiddleware', + 'weblate.accounts.middleware.RequireLoginMiddleware', + 'weblate.middleware.SecurityMiddleware', +) + +ROOT_URLCONF = 'weblate.urls' + +# Django and Weblate apps +INSTALLED_APPS = ( + 'django.contrib.auth', + 'django.contrib.contenttypes', + 'django.contrib.sessions', + 'django.contrib.sites', + 'django.contrib.messages', + 'django.contrib.staticfiles', + 'django.contrib.admin.apps.SimpleAdminConfig', + 'django.contrib.admindocs', + 'django.contrib.sitemaps', + 'social_django', + 'crispy_forms', + 'compressor', + 'rest_framework', + 'rest_framework.authtoken', + 'weblate.trans', + 'weblate.lang', + 'weblate.permissions', + 'weblate.screenshots', + 'weblate.accounts', + 'weblate.utils', + 'weblate.wladmin', + 'weblate', + + # Optional: Git exporter + # 'weblate.gitexport', +) + +# Path to locales +LOCALE_PATHS = (os.path.join(BASE_DIR, 'weblate', 'locale'), ) + +# Custom exception reporter to include some details +DEFAULT_EXCEPTION_REPORTER_FILTER = \ + 'weblate.trans.debug.WeblateExceptionReporterFilter' + +# Default logging of Weblate messages +# - to syslog in production (if available) +# - otherwise to console +# - you can also choose 'logfile' to log into separate file +# after configuring it below + +# Detect if we can connect to syslog +HAVE_SYSLOG = False +if platform.system() != 'Windows': + try: + SysLogHandler(address='/dev/log', facility=SysLogHandler.LOG_LOCAL2) + HAVE_SYSLOG = True + except IOError: + HAVE_SYSLOG = False + +if DEBUG or not HAVE_SYSLOG: + DEFAULT_LOG = 'console' +else: + DEFAULT_LOG = 'syslog' + +# A sample logging configuration. The only tangible logging +# performed by this configuration is to send an email to +# the site admins on every HTTP 500 error when DEBUG=False. +# See http://docs.djangoproject.com/en/stable/topics/logging for +# more details on how to customize your logging configuration. +LOGGING = { + 'version': 1, + 'disable_existing_loggers': False, + 'filters': { + 'require_debug_false': { + '()': 'django.utils.log.RequireDebugFalse' + } + }, + 'formatters': { + 'syslog': { + 'format': 'weblate[%(process)d]: %(levelname)s %(message)s' + }, + 'simple': { + 'format': '%(levelname)s %(message)s' + }, + 'logfile': { + 'format': '%(asctime)s %(levelname)s %(message)s' + }, + }, + 'handlers': { + 'mail_admins': { + 'level': 'ERROR', + 'filters': ['require_debug_false'], + 'class': 'django.utils.log.AdminEmailHandler', + 'include_html': True, + }, + 'console': { + 'level': 'DEBUG', + 'class': 'logging.StreamHandler', + 'formatter': 'simple' + }, + 'syslog': { + 'level': 'DEBUG', + 'class': 'logging.handlers.SysLogHandler', + 'formatter': 'syslog', + 'address': '/dev/log', + 'facility': SysLogHandler.LOG_LOCAL2, + }, + # Logging to a file + # 'logfile': { + # 'level':'DEBUG', + # 'class':'logging.handlers.RotatingFileHandler', + # 'filename': "/var/log/weblate/weblate.log", + # 'maxBytes': 100000, + # 'backupCount': 3, + # 'formatter': 'logfile', + # }, + }, + 'loggers': { + 'django.request': { + 'handlers': ['mail_admins', DEFAULT_LOG], + 'level': 'ERROR', + 'propagate': True, + }, + # Logging database queries + # 'django.db.backends': { + # 'handlers': [DEFAULT_LOG], + # 'level': 'DEBUG', + # }, + 'weblate': { + 'handlers': [DEFAULT_LOG], + 'level': 'DEBUG', + }, + # Logging VCS operations + # 'weblate-vcs': { + # 'handlers': [DEFAULT_LOG], + # 'level': 'DEBUG', + # }, + # Python Social Auth logging + # 'social': { + # 'handlers': [DEFAULT_LOG], + # 'level': 'DEBUG', + # }, + } +} + +# Logging of management commands to console +if (os.environ.get('DJANGO_IS_MANAGEMENT_COMMAND', False) and + 'console' not in LOGGING['loggers']['weblate']['handlers']): + LOGGING['loggers']['weblate']['handlers'].append('console') + +# Remove syslog setup if it's not present +if not HAVE_SYSLOG: + del LOGGING['handlers']['syslog'] + +# List of machine translations +# MACHINE_TRANSLATION_SERVICES = ( +# 'weblate.trans.machine.apertium.ApertiumAPYTranslation', +# 'weblate.trans.machine.glosbe.GlosbeTranslation', +# 'weblate.trans.machine.google.GoogleTranslation', +# 'weblate.trans.machine.microsoft.MicrosoftCognitiveTranslation', +# 'weblate.trans.machine.mymemory.MyMemoryTranslation', +# 'weblate.trans.machine.tmserver.AmagamaTranslation', +# 'weblate.trans.machine.tmserver.TMServerTranslation', +# 'weblate.trans.machine.yandex.YandexTranslation', +# 'weblate.trans.machine.weblatetm.WeblateSimilarTranslation', +# 'weblate.trans.machine.weblatetm.WeblateTranslation', +# ) + +# Machine translation API keys + +# URL of the Apertium APy server +MT_APERTIUM_APY = None + +# Microsoft Translator service, register at +# https://datamarket.azure.com/developer/applications/ +MT_MICROSOFT_ID = None +MT_MICROSOFT_SECRET = None + +# Microsoft Cognitive Services Translator API, register at +# https://portal.azure.com/ +MT_MICROSOFT_COGNITIVE_KEY = None + +# MyMemory identification email, see +# https://mymemory.translated.net/doc/spec.php +MT_MYMEMORY_EMAIL = None + +# Optional MyMemory credentials to access private translation memory +MT_MYMEMORY_USER = None +MT_MYMEMORY_KEY = None + +# Google API key for Google Translate API +MT_GOOGLE_KEY = None + +# API key for Yandex Translate API +MT_YANDEX_KEY = None + +# tmserver URL +MT_TMSERVER = None + +# Title of site to use +SITE_TITLE = 'Weblate' + +# Whether site uses https +ENABLE_HTTPS = True + +# Use HTTPS when creating redirect URLs for social authentication, see +# documentation for more details: +# http://python-social-auth-docs.readthedocs.io/en/latest/configuration/settings.html#processing-redirects-and-urlopen +SOCIAL_AUTH_REDIRECT_IS_HTTPS = ENABLE_HTTPS + +# Make CSRF cookie HttpOnly, see documentation for more details: +# https://docs.djangoproject.com/en/1.11/ref/settings/#csrf-cookie-httponly +CSRF_COOKIE_HTTPONLY = True +CSRF_COOKIE_SECURE = ENABLE_HTTPS +# Store CSRF token in session (since Django 1.11) +CSRF_USE_SESSIONS = True +SESSION_COOKIE_SECURE = ENABLE_HTTPS +# Session cookie age (in seconds) +SESSION_COOKIE_AGE = 1209600 + +# URL of login +LOGIN_URL = '{0}/accounts/login/'.format(URL_PREFIX) + +# URL of logout +LOGOUT_URL = '{0}/accounts/logout/'.format(URL_PREFIX) + +# Default location for login +LOGIN_REDIRECT_URL = '{0}/'.format(URL_PREFIX) + +# Anonymous user name +ANONYMOUS_USER_NAME = 'anonymous' + +# Reverse proxy settings +IP_BEHIND_REVERSE_PROXY = False +IP_PROXY_HEADER = 'HTTP_X_FORWARDED_FOR' +IP_PROXY_OFFSET = 0 + +# Sending HTML in mails +EMAIL_SEND_HTML = True + +# Subject of emails includes site title +EMAIL_SUBJECT_PREFIX = '[{0}] '.format(SITE_TITLE) + +EMAIL_BACKEND = 'django_sendmail_backend.backends.EmailBackend' + +# Enable remote hooks +ENABLE_HOOKS = True + +# Whether to run hooks in background +BACKGROUND_HOOKS = True + +# Number of nearby messages to show in each direction +NEARBY_MESSAGES = 5 + +# Enable lazy commits +LAZY_COMMITS = True + +# Offload indexing +OFFLOAD_INDEXING = True + +# Translation locking +AUTO_LOCK = True +AUTO_LOCK_TIME = 60 +LOCK_TIME = 15 * 60 + +# Use simple language codes for default language/country combinations +SIMPLIFY_LANGUAGES = True + +# Render forms using bootstrap +CRISPY_TEMPLATE_PACK = 'bootstrap3' + +# List of quality checks +# CHECK_LIST = ( +# 'weblate.trans.checks.same.SameCheck', +# 'weblate.trans.checks.chars.BeginNewlineCheck', +# 'weblate.trans.checks.chars.EndNewlineCheck', +# 'weblate.trans.checks.chars.BeginSpaceCheck', +# 'weblate.trans.checks.chars.EndSpaceCheck', +# 'weblate.trans.checks.chars.EndStopCheck', +# 'weblate.trans.checks.chars.EndColonCheck', +# 'weblate.trans.checks.chars.EndQuestionCheck', +# 'weblate.trans.checks.chars.EndExclamationCheck', +# 'weblate.trans.checks.chars.EndEllipsisCheck', +# 'weblate.trans.checks.chars.EndSemicolonCheck', +# 'weblate.trans.checks.chars.MaxLengthCheck', +# 'weblate.trans.checks.format.PythonFormatCheck', +# 'weblate.trans.checks.format.PythonBraceFormatCheck', +# 'weblate.trans.checks.format.PHPFormatCheck', +# 'weblate.trans.checks.format.CFormatCheck', +# 'weblate.trans.checks.format.PerlFormatCheck', +# 'weblate.trans.checks.format.JavascriptFormatCheck', +# 'weblate.trans.checks.consistency.PluralsCheck', +# 'weblate.trans.checks.consistency.SamePluralsCheck', +# 'weblate.trans.checks.consistency.ConsistencyCheck', +# 'weblate.trans.checks.consistency.TranslatedCheck', +# 'weblate.trans.checks.chars.NewlineCountingCheck', +# 'weblate.trans.checks.markup.BBCodeCheck', +# 'weblate.trans.checks.chars.ZeroWidthSpaceCheck', +# 'weblate.trans.checks.markup.XMLValidityCheck', +# 'weblate.trans.checks.markup.XMLTagsCheck', +# 'weblate.trans.checks.source.OptionalPluralCheck', +# 'weblate.trans.checks.source.EllipsisCheck', +# 'weblate.trans.checks.source.MultipleFailingCheck', +# ) + +# List of automatic fixups +# AUTOFIX_LIST = ( +# 'weblate.trans.autofixes.whitespace.SameBookendingWhitespace', +# 'weblate.trans.autofixes.chars.ReplaceTrailingDotsWithEllipsis', +# 'weblate.trans.autofixes.chars.RemoveZeroSpace', +# 'weblate.trans.autofixes.chars.RemoveControlChars', +# ) + +# List of scripts to use in custom processing +# POST_UPDATE_SCRIPTS = ( +# ) +# PRE_COMMIT_SCRIPTS = ( +# ) + +# E-mail address that error messages come from. +SERVER_EMAIL = 'noreply@__DOMAIN__' + +# Default email address to use for various automated correspondence from +# the site managers. Used for registration emails. +DEFAULT_FROM_EMAIL = '__ADMINMAIL__' + +# List of URLs your site is supposed to serve +ALLOWED_HOSTS = ['__DOMAIN__'] + +# Example configuration to use memcached for caching +CACHES = { + 'default': { + 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', + 'LOCATION': '127.0.0.1:__MEMCPORT__', + }, + 'avatar': { + 'BACKEND': 'django.core.cache.backends.filebased.FileBasedCache', + 'LOCATION': os.path.join(BASE_DIR, 'avatar-cache'), + 'TIMEOUT': 3600, + 'OPTIONS': { + 'MAX_ENTRIES': 1000, + }, + } +} + +# REST framework settings for API +REST_FRAMEWORK = { + # Use Django's standard `django.contrib.auth` permissions, + # or allow read-only access for unauthenticated users. + 'DEFAULT_PERMISSION_CLASSES': [ + 'rest_framework.permissions.IsAuthenticatedOrReadOnly' + ], + 'DEFAULT_AUTHENTICATION_CLASSES': ( + 'rest_framework.authentication.TokenAuthentication', + 'rest_framework.authentication.SessionAuthentication', + ), + 'DEFAULT_THROTTLE_CLASSES': ( + 'rest_framework.throttling.AnonRateThrottle', + 'rest_framework.throttling.UserRateThrottle' + ), + 'DEFAULT_THROTTLE_RATES': { + 'anon': '100/day', + 'user': '1000/day' + }, + 'DEFAULT_PAGINATION_CLASS': ( + 'rest_framework.pagination.PageNumberPagination' + ), + 'PAGE_SIZE': 20, + 'VIEW_DESCRIPTION_FUNCTION': 'weblate.api.views.get_view_description', + 'UNAUTHENTICATED_USER': 'weblate.accounts.models.get_anonymous', +} + +# Example for restricting access to logged in users +# LOGIN_REQUIRED_URLS = ( +# r'/(.*)$', +# ) + +# In such case you will want to include some of the exceptions +# LOGIN_REQUIRED_URLS_EXCEPTIONS = ( +# r'/accounts/(.*)$', # Required for login +# r'/static/(.*)$', # Required for development mode +# r'/widgets/(.*)$', # Allowing public access to widgets +# r'/data/(.*)$', # Allowing public access to data exports +# r'/hooks/(.*)$', # Allowing public access to notification hooks +# r'/api/(.*)$', # Allowing access to API +# ) + +# Force sane test runner +TEST_RUNNER = 'django.test.runner.DiscoverRunner' diff --git a/manifest.json b/manifest.json index ccfe9bd..61f299e 100644 --- a/manifest.json +++ b/manifest.json @@ -8,7 +8,7 @@ "description": { "en": "A translation platform using Git and Python" }, - "version": "2.16.0", + "version": "2.17.1", "url": "https://weblate.org", "license": "AGPL-3.0", "maintainer": { diff --git a/scripts/_common.sh b/scripts/_common.sh index 4384a8a..16bd5ee 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,5 +1,43 @@ #!/bin/bash +current_version="2.17.1" + +weblate_fill_settings() { + settings="$1" + + ynh_replace_string "__NAME__" "$app" "$settings" + ynh_replace_string "__DB_PWD__" "$db_pwd" "$settings" + ynh_replace_string "__ADMIN__" "$admin" "$settings" + ynh_replace_string "__ADMINMAIL__" "$admin_mail" "$settings" + ynh_replace_string "__DOMAIN__" "$domain" "$settings" + ynh_replace_string "__KEY__" "$key" "$settings" + ynh_replace_string "__FINALPATH__" "$final_path" "$settings" + ynh_replace_string "__MEMCPORT__" "$memc_port" "$settings" + ynh_replace_string "__GITHUBUSER__" "$github_account" "$settings" + + # root install as an empty PATHURL to prevent '//static' + if [ "$path_url" == "/" ] + then + ynh_replace_string "__PATHURL__" "" "$settings" + else + ynh_replace_string "__PATHURL__" "$path_url" "$settings" + fi +} + +ynh_check_if_checksum_is_different() { + local file=$1 + local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' + local checksum_value=$(ynh_app_setting_get $app $checksum_setting_name) + local check=0 + + if ! echo "$checksum_value $file" | sudo md5sum -c --status + then # If the checksum is now different + check=1 + fi + + echo "$check" +} + ynh_psql_test_if_first_run() { if [ -f /etc/yunohost/psql ]; then diff --git a/scripts/install b/scripts/install index 6b47f34..2be03c9 100755 --- a/scripts/install +++ b/scripts/install @@ -200,7 +200,7 @@ virtualenv "${final_path}/venv" ( set +eu source "${final_path}/venv/bin/activate" - "${final_path}/venv/bin/pip" install Weblate==2.16 + "${final_path}/venv/bin/pip" install Weblate=="$current_version" "${final_path}/venv/bin/pip" install pytz python-bidi PyYaML Babel pyuca pylibravatar pydns psycopg2 python-memcached # specific to YunoHost package: "${final_path}/venv/bin/pip" install django_sendmail_backend @@ -218,23 +218,8 @@ memc_port=$(ynh_find_port 8080) settings="$final_path/venv/lib/python2.7/site-packages/weblate/settings.py" cp ../conf/settings.py "$settings" -ynh_replace_string "__NAME__" "$app" "$settings" -ynh_replace_string "__DB_PWD__" "$db_pwd" "$settings" -ynh_replace_string "__ADMIN__" "$admin" "$settings" -ynh_replace_string "__ADMINMAIL__" "$admin_mail" "$settings" -ynh_replace_string "__DOMAIN__" "$domain" "$settings" -ynh_replace_string "__KEY__" "$key" "$settings" -ynh_replace_string "__FINALPATH__" "$final_path" "$settings" -ynh_replace_string "__MEMCPORT__" "$memc_port" "$settings" -ynh_replace_string "__GITHUBUSER__" "$github_account" "$settings" - -# root install as an empty PATHURL to prevent '//static' -if [ "$path_url" == "/" ] -then - ynh_replace_string "__PATHURL__" "" "$settings" -else - ynh_replace_string "__PATHURL__" "$path_url" "$settings" -fi +weblate_fill_settings "$settings" +ynh_app_setting_set "$app" memc_port "$memc_port" #================================================= # SPECIFIC SETUP Filling up the database @@ -300,6 +285,8 @@ then # ynh panel is not needed ynh_replace_string " include conf.d/" " #include conf.d/" "$finalnginxconf" + + ynh_store_file_checksum "$finalnginxconf" fi #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 3eabd82..61e4641 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -22,6 +22,21 @@ final_path=$(ynh_app_setting_get "$app" final_path) db_name=$(ynh_app_setting_get "$app" db_name) domain=$(ynh_app_setting_get "$app" domain) +#================================================= +# Get previous version number +#================================================= + +( + set +eu + source "${final_path}/venv/bin/activate" + "${final_path}/venv/bin/pip" install --upgrade pip + "${final_path}/venv/bin/pip" freeze --local > freeze.pip +) +previous_version=$(cat freeze.pip | grep "Weblate==" | sed "s|Weblate==||") + +previous_version_file="../conf/settings_history/settings.$previous_version.py" +test -e "$previous_version_file" || ynh_die "Previous version unknown: $previous_version" + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -87,17 +102,88 @@ chsh --shell /bin/bash "$app" # PIP INSTALLATION #================================================= +old_settings="./settings.$previous_version.old.py" +settings_diff="./settings.diff" +settings="$final_path/venv/lib/python2.7/site-packages/weblate/settings.py" + +db_pwd=$(ynh_app_setting_get "$app" psqlpwd) +admin=$(ynh_app_setting_get "$app" admin) +admin_mail=$(ynh_user_get_info "$admin" mail) +key=$(ynh_string_random) +memc_port=$(ynh_app_setting_get "$app" memc_port) +github_account=$(ynh_app_setting_get "$app" github_account) + +#save memc_port if it doesn't exist +if [[ -z "$memc_port" ]] +then + memc_port=$(cat "$settings" \ + | grep "'LOCATION': '127.0.0.1:" \ + | sed "s|.*:\\(.*\\)'.*|\\1|") + ynh_app_setting_set "$app" memc_port "$memc_port" +fi + ( set +eu source "${final_path}/venv/bin/activate" - "${final_path}/venv/bin/pip" install Weblate==2.16 + "${final_path}/venv/bin/pip" install Weblate=="$current_version" "${final_path}/venv/bin/pip" install pytz python-bidi PyYaML Babel pyuca pylibravatar pydns psycopg2 python-memcached # specific to YunoHost package: "${final_path}/venv/bin/pip" install django_sendmail_backend ) +check=$(ynh_check_if_checksum_is_different "$settings") + +if [[ "$check" -eq 1 ]] +then + echo "Settings.py was modified localy, running diff before using the new default file for $current_version." + # generate previous defaults settings + cp "$previous_version_file" "$old_settings" + weblate_fill_settings "$old_settings" + + # store diff between defaults and local settings + diff --unified "$old_settings" "$settings" > "$settings_diff" + + # generate new defaults settings + cp ../conf/settings.py "$settings" + weblate_fill_settings "$settings" + + # send diff to the server administrator + mail_subject="'$app' settings diff from $previous_version to $current_version" + mail_message=" + Weblate was updated from version $previous_version to $current_version + + A new settings.py has been created in: + $settings + + You may have changed your defaults settings. + To help you to apply it again, here is a diff file with every changes you did. + + Please note secret key is updated, this is normal. + + For any issue, please file a bug in: https://github.com/YunoHost-Apps/weblate_ynh + " + + echo "$mail_message" | mail -s "$mail_subject" root -u root -a "$settings_diff" + + # inform weblate's admin + mail_subject="'$app' was updated from $previous_version to $current_version" + mail_message=" + Weblate was updated from version $previous_version to $current_version + + A new settings.py has been created and a diff has been sent to root user. + Your administrator may have to update your settings.py to have a fully working installation. + " + + echo "$mail_subject" | mail -s "$mail_subject" "$admin_mail" +else + echo "Settings.py was not modified, using the new default file for $current_version." + # generate new defaults settings + cp ../conf/settings.py "$settings" + weblate_fill_settings "$settings" +fi + #================================================= -# Migrate databases +# Run migration scripts #================================================= ( @@ -106,10 +192,11 @@ chsh --shell /bin/bash "$app" export DJANGO_SETTINGS_MODULE="weblate.settings" cd "${final_path}" weblate migrate --noinput + weblate collectstatic --noinput + weblate setuplang + weblate setupgroups ) -# Verify the checksum and backup the file if it's different -ynh_backup_if_checksum_is_different "$final_path/venv/lib/python2.7/site-packages/weblate/settings.py" # Recalculate and store the config file checksum into the app settings ynh_store_file_checksum "$final_path/venv/lib/python2.7/site-packages/weblate/settings.py" @@ -140,10 +227,14 @@ then # ynh panel is not needed ynh_replace_string " include conf.d/" " #include conf.d/" "$finalnginxconf" + + ynh_store_file_checksum "$finalnginxconf" fi #================================================= # RELOAD NGINX #================================================= +systemctl stop "$app.service" +systemctl start "$app.service" systemctl reload nginx