switch from settings.py to ini-file in /etc/opt/

fbfc6b74 · David Seaward · 44336009 · fbfc6b74
Commit fbfc6b74 authored Jun 09, 2017 by David Seaward
Hide whitespace changes
Inline Side-by-side

Showing with 24 additions and 16 deletions

purist_account/settings.py purist_account/settings.py +24 -16

No files found.
--- a/purist_account/settings.py
+++ b/purist_account/settings.py
@@ -5,23 +5,31 @@ Start the site with `python manage.py --settings=settings_local runserver`
 FIXME: switch to storing strict yaml in /etc/
 """

-from .settings import *
+from .settings_original import *
 # from registration_defaults.settings import *
 import ldap
 from django_auth_ldap.config import LDAPSearch
+from decouple import Config, Csv, RepositoryIni
+
+#
+# LOAD CONFIGURATION FILE
+#
+
+config = Config(RepositoryIni('/etc/opt/account_website/config.ini'))
+secret_config = Config(RepositoryIni('/etc/opt/account_website/secret.ini'))

 #
 # SECURITY
 #

 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'local_secret'
+SECRET_KEY = secret_config("DJANGO_SECRET_KEY")

 # SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = False
+DEBUG = config("DEBUG", cast=bool)

 # Required if DEBUG is False
-ALLOWED_HOSTS = ['example.com']
+ALLOWED_HOSTS = config("ALLOWED_HOSTS", cast=Csv())

 #
 # REGISTRATION APPLICATION
@@ -30,14 +38,13 @@ ALLOWED_HOSTS = ['example.com']
 # INSTALLED_APPS = ["registration_defaults", ] + INSTALLED_APPS + ["ldapregister", ]
 INSTALLED_APPS += ["ldapregister", ]

-REGISTRATION_OPEN = True
+REGISTRATION_OPEN = config("REGISTRATION_OPEN", cast=bool)

+REG_PERSON_BASE_DN = config("REG_PERSON_BASE_DN")
+REG_PERSON_OBJECT_CLASSES = config("REG_PERSON_OBJECT_CLASSES", cast=Csv())

-REG_PERSON_BASE_DN = "ou=people,dc=example,dc=com"
-REG_PERSON_OBJECT_CLASSES = ['inetOrgPerson', 'organizationalPerson', 'person', ]
-
-REG_GROUP_BASE_DN = "dc=example,dc=com"
-REG_GROUP_OBJECT_CLASSES = ['groupOfNames', ]
+REG_GROUP_BASE_DN = config("REG_GROUP_BASE_DN")
+REG_GROUP_OBJECT_CLASSES = config("REG_GROUP_OBJECT_CLASSES", cast=Csv())

 #
 #  AUTHENTICATION
@@ -50,12 +57,14 @@ AUTHENTICATION_BACKENDS = (
    # 'django.contrib.auth.backends.ModelBackend',
 )

-AUTH_LDAP_SERVER_URI = "ldap://ldap.example.com"
-AUTH_LDAP_START_TLS = True
+AUTH_LDAP_SERVER_URI = config("AUTH_LDAP_SERVER_URI")
+AUTH_LDAP_START_TLS = config("AUTH_LDAP_START_TLS", cast=bool)
+
+AUTH_LDAP_BIND_DN = config("AUTH_LDAP_BIND_DN")
+AUTH_LDAP_BIND_PASSWORD = secret_config("AUTH_LDAP_BIND_PASSWORD")

-AUTH_LDAP_BIND_DN = "cn=application,dc=example,dc=com"
-AUTH_LDAP_BIND_PASSWORD = "password"
-AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=example,dc=com", ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
+BASE_DN = config("AUTH_LDAP_USER_SEARCH_BASE_DN")
+AUTH_LDAP_USER_SEARCH = LDAPSearch(BASE_DN, ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
 # must match `base_dn` and primary key in `ldapregister.models.LdapPerson`

 AUTH_USER_MODEL = 'ldapregister.User'
@@ -84,4 +93,3 @@ DATABASES = {
 }

 DATABASE_ROUTERS = ['ldapdb.router.Router']
-