Commit db35ae0a authored by David Seaward's avatar David Seaward

switch entire site name to "middleware"

parent b4462f79
# stored as /etc/opt/purist/account/config.ini
# stored as /etc/opt/purist/middleware/config.ini
# note that % must be escaped as %%
[settings]
SITE_TITLE = Title
SITE_BYLINE = Example byline
SITE_DOMAIN = example.com
DEBUG = True
DEBUG_ALL_ACCESS = True
DEBUG_CHANGE_PASSWORD = False
DEBUG_SKIP_ACTIVATION_COMMAND = True
ALLOWED_HOSTS = localhost
STATIC_ROOT = /var/opt/purist/account/static
REGISTRATION_OPEN = True
REG_PERSON_BASE_DN = ou=people,dc=example,dc=com
REG_PERSON_OBJECT_CLASSES = inetOrgPerson,organizationalPerson,person
REG_GROUP_BASE_DN = dc=comms,dc=example,dc=com
REG_GROUP_OBJECT_CLASSES = groupOfNames
AUTH_LDAP_SERVER_URI = ldap://ldap.example.com
AUTH_LDAP_START_TLS = True
AUTH_LDAP_BIND_DN = cn=admin,dc=example,dc=com
AUTH_LDAP_USER_SEARCH_BASE_DN = ou=people,dc=example,dc=com
SQLITE_DB_PATH = /var/opt/purist/account/db.sqlite3
STATICFILES_DIRS = /var/opt/purist/brand,/var/opt/purist/downloads
WOO_URL = https://example.com
WOO_WP_API = True
WOO_VERSION = wc/v1
WOO_PRODUCT_LIST = 123,124
WOO1_FIELD_LIST = Existing username,Username
OVPN_HOSTNAME = ssh.example.com
OVPN_PORT = 22
OVPN_USERNAME = username
OVPN_FILEPATH = "/path/to/{IDENTITY}/{IDENTITY}.ovpn"
SUBSCRIPTION_LINK = https://www.example.com
SITE_TITLE=Title
SITE_BYLINE=Example byline
SITE_DOMAIN=example.com
SITE_PROVIDER=Provider
SITE_PROVIDER_LINK=https://example.com
DEBUG=True
DEBUG_ALL_ACCESS=True
DEBUG_CHANGE_PASSWORD=False
DEBUG_SKIP_ACTIVATION_COMMAND=True
# change to false after initial setup
ALLOWED_HOSTS=localhost
STATIC_ROOT=/var/opt/purist/middleware/static
REGISTRATION_OPEN=True
REG_PERSON_BASE_DN=ou=people,dc=example,dc=com
REG_PERSON_OBJECT_CLASSES=inetOrgPerson,organizationalPerson,person
REG_GROUP_BASE_DN=ou=groups,dc=example,dc=com
REG_GROUP_OBJECT_CLASSES=groupOfNames
AUTH_LDAP_SERVER_URI=ldap://ldap.example.com
AUTH_LDAP_START_TLS=True
AUTH_LDAP_BIND_DN=cn=admin,dc=example,dc=com
AUTH_LDAP_USER_SEARCH_BASE_DN=ou=people,dc=example,dc=com
SQLITE_DB_PATH=/var/opt/purist/middleware/db.sqlite3
STATICFILES_DIRS=/var/opt/purist/brand,/var/opt/purist/downloads
WOO_URL=https://example.com
WOO_WP_API=True
WOO_VERSION=wc/v1
WOO_PRODUCT_LIST=123,124
WOO1_FIELD_LIST=Existing username,Username
OVPN_HOSTNAME=ssh.example.com
OVPN_PORT=22
OVPN_USERNAME=username
OVPN_FILEPATH="/path/to/{IDENTITY}/{IDENTITY}.ovpn"
SUBSCRIPTION_LINK=https://www.example.com
# stored as /etc/opt/purist/account/secret.ini
# stored as /etc/opt/purist/middleware/secret.ini
# note that % must be escaped as %%
[settings]
DJANGO_SECRET_KEY=random_key
AUTH_LDAP_BIND_PASSWORD=ldap_password
DJANGO_SECRET_KEY = random_key
AUTH_LDAP_BIND_PASSWORD = ldap_password
WOO_CONSUMER_KEY = woo_key
WOO_CONSUMER_SECRET = woo_secret
# stored as /etc/nginx/sites-available/purist_account
# and symlink /etc/nginx/sites-enabled/purist_account
# stored as /etc/nginx/sites-available/purist_middleware
# and symlink /etc/nginx/sites-enabled/purist_middleware
# naive redirect of HTTP to HTTPS
# deep links are ignored
......@@ -14,7 +14,7 @@ server {
# the upstream component nginx needs to connect to
upstream django {
server unix:/var/opt/purist/account/uwsgi.sock; # for a file socket
server unix:/var/opt/purist/middleware/uwsgi.sock; # for a file socket
}
# the main server block
......@@ -24,14 +24,14 @@ server {
# SSL configuration
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /path/to/fullchain.pem; # TODO: update path
ssl_certificate_key /path/to/privkey.pem; # TODO: update path
ssl_certificate /path/to/fullchain.pem; # TODO: update path
ssl_certificate_key /path/to/privkey.pem; # TODO: update path
charset utf-8;
# error_log /var/log/nginx/error.log debug; # optional
location /static/ {
alias /var/opt/purist/account/static/;
alias /var/opt/purist/middleware/static/;
}
location /favicon.ico {
......@@ -43,3 +43,4 @@ server {
include /etc/nginx/uwsgi_params;
}
}
; stored as /etc/supervisor/conf.d/purist_account_monitor.conf
; stored as /etc/supervisor/conf.d/purist_middleware_monitor.conf
; Copyright 2017 Purism SPC and contributors
; SPDX-License-Identifier: AGPL-3.0+
......@@ -8,13 +8,13 @@
; https://github.com/celery/celery/blob/master/extra/supervisord/celerybeat.conf
; SPDX-License-Identifier: BSD-3-Clause
[program:purist_account_monitor]
command=/opt/purist/account_virtualenv/bin/celery worker -B --app purist_account --scheduler django_celery_beat.schedulers:DatabaseScheduler --loglevel=INFO
directory=/opt/purist/account
[program:purist_middleware_monitor]
command=/opt/purist/middleware_virtualenv/bin/celery worker -B --app middleware --scheduler django_celery_beat.schedulers:DatabaseScheduler --loglevel=INFO
directory=/opt/purist/middleware
user=www-data
numprocs=1
stdout_logfile=/var/log/purist/account/beat.log
stderr_logfile=/var/log/purist/account/beat.log
stdout_logfile=/var/log/purist/middleware/beat.log
stderr_logfile=/var/log/purist/middleware/beat.log
autostart=true
autorestart=true
startsecs=10
......
# stored as /etc/uwsgi-emperor/vassals/purist_account.ini
[uwsgi]
socket = /var/opt/purist/account/uwsgi.sock
chmod-socket = 775
chdir = /opt/purist/account
master = true
virtualenv = /opt/purist/account_virtualenv
env = DJANGO_SETTINGS_MODULE=purist_account.settings
module = purist_account.wsgi:application
uid = www-data
gid = www-data
processes = 1
threads = 1
plugins = python3,logfile
logger = file:/var/log/uwsgi/app/purist_account.log
vacuum = true
# stored as /etc/uwsgi-emperor/vassals/purist_middleware.ini
[uwsgi]
socket = /var/opt/purist/middleware/uwsgi.sock
chmod-socket = 775
chdir = /opt/purist/middleware
master = true
virtualenv = /opt/purist/middleware_virtualenv
env = DJANGO_SETTINGS_MODULE=middleware.settings
module = middleware.wsgi:application
uid = www-data
gid = www-data
processes = 1
threads = 1
plugins = python3,logfile
logger = file:/var/log/uwsgi/app/purist_middleware.log
vacuum = true
......@@ -3,7 +3,7 @@ import os
import sys
if __name__ == "__main__":
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "purist_account.settings")
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "middleware.settings")
try:
from django.core.management import execute_from_command_line
except ImportError:
......
from .celery import app as celery_app
__all__ = ['celery_app']
# Copyright 2017 Purism SPC and contributors
# SPDX-License-Identifier: AGPL-3.0+
# Original file from Celery 4.0.2 documentation
# Copyright 2009-2016 Ask Solem
# http://docs.celeryproject.org/en/latest/django/first-steps-with-django.html
# SPDX-License-Identifier: CC-BY-SA-4.0
import os
from celery import Celery
# set the default Django settings module for the 'celery' program.
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'purist_account.settings')
app = Celery('purist_account_monitor')
# Using a string here means the worker don't have to serialize
# the configuration object to child processes.
# - namespace='CELERY' means all celery-related configuration keys
# should have a `CELERY_` prefix.
app.config_from_object('django.conf:settings', namespace='CELERY')
# Load task modules from all registered Django app configs.
app.autodiscover_tasks()
@app.task(bind=True)
def debug_task(self):
print('Request: {0!r}'.format(self.request))
import ldap
from decouple import Config, Csv, RepositoryIni
from django_auth_ldap.config import LDAPSearch
from .settings_original import *
#
# LOAD CONFIGURATION FILE
#
CONFIG_PATH = '/etc/opt/purist/middleware/config.ini'
SECRET_PATH = '/etc/opt/purist/middleware/secret.ini'
config = Config(RepositoryIni(CONFIG_PATH))
secret_config = Config(RepositoryIni(SECRET_PATH))
#
# SECURITY
#
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = secret_config("DJANGO_SECRET_KEY")
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = config("DEBUG", cast=bool)
DEBUG_ALL_ACCESS = config("DEBUG_ALL_ACCESS", cast=bool)
DEBUG_CHANGE_PASSWORD = config("DEBUG_CHANGE_PASSWORD", cast=bool)
DEBUG_SKIP_ACTIVATION_COMMAND = config("DEBUG_SKIP_ACTIVATION_COMMAND", cast=bool)
# Required if DEBUG is False
ALLOWED_HOSTS = config("ALLOWED_HOSTS", cast=Csv())
#
# INSTALLED APPLICATIONS
#
INSTALLED_APPS += ["crispy_forms", "django_agpl", "django_celery_beat", "ldapregister", "limitmonitor", "purist"]
#
# AGPL APPLICATION
#
AGPL_ROOT = os.path.abspath(os.path.dirname(__file__) + "/..")
# no special exclusions are required, configuration and secrets are not stored in the site folder
AGPL_EXCLUDE_DIRS = [
r'\.git$',
r'\.idea$',
]
AGPL_FILENAME_PREFIX = 'purist_middleware'
#
# REGISTRATION APPLICATION
#
REGISTRATION_OPEN = config("REGISTRATION_OPEN", cast=bool)
REG_PERSON_BASE_DN = config("REG_PERSON_BASE_DN")
REG_PERSON_OBJECT_CLASSES = config("REG_PERSON_OBJECT_CLASSES", cast=Csv())
REG_GROUP_BASE_DN = config("REG_GROUP_BASE_DN")
REG_GROUP_OBJECT_CLASSES = config("REG_GROUP_OBJECT_CLASSES", cast=Csv())
#
# AUTHENTICATION
#
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'purist.custom.PassphraseValidator',
},
]
AUTHENTICATION_BACKENDS = (
'purist.custom.AuthenticationBackend',
)
AUTH_LDAP_SERVER_URI = config("AUTH_LDAP_SERVER_URI")
AUTH_LDAP_START_TLS = config("AUTH_LDAP_START_TLS", cast=bool)
AUTH_LDAP_BIND_DN = config("AUTH_LDAP_BIND_DN")
AUTH_LDAP_BIND_PASSWORD = secret_config("AUTH_LDAP_BIND_PASSWORD")
BASE_DN = config("AUTH_LDAP_USER_SEARCH_BASE_DN")
AUTH_LDAP_USER_SEARCH = LDAPSearch(BASE_DN, ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
# must match `base_dn` and primary key in `ldapregister.models.LdapPerson`
AUTH_USER_MODEL = 'purist.User'
#
# DATABASE
#
# See also:
# https://docs.djangoproject.com/en/1.11/ref/settings/#databases
# and https://pypi.python.org/pypi/django-ldapdb/
# (re-uses LDAP connection details from authentication settings)
SQLITE_DB_PATH = config("SQLITE_DB_PATH")
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': SQLITE_DB_PATH,
},
'ldap': {
'ENGINE': 'ldapdb.backends.ldap',
'NAME': AUTH_LDAP_SERVER_URI,
'USER': AUTH_LDAP_BIND_DN,
'PASSWORD': AUTH_LDAP_BIND_PASSWORD,
'TLS': AUTH_LDAP_START_TLS,
},
}
DATABASE_ROUTERS = ['ldapdb.router.Router']
#
# STATIC AND SITE SETTINGS
#
STATIC_ROOT = config("STATIC_ROOT")
STATICFILES_DIRS = config("STATICFILES_DIRS", cast=Csv())
SITE_TITLE = config("SITE_TITLE")
SITE_BYLINE = config("SITE_BYLINE")
SITE_DOMAIN = config("SITE_DOMAIN")
LINK_SUBSCRIPTION = config("LINK_SUBSCRIPTION")
#
# WOOCOMMERCE
#
WOO_URL = config("WOO_URL")
WOO_WP_API = config("WOO_WP_API", cast=bool)
WOO_VERSION = config("WOO_VERSION")
WOO_CONSUMER_KEY = secret_config("WOO_CONSUMER_KEY")
WOO_CONSUMER_SECRET = secret_config("WOO_CONSUMER_SECRET")
WOO_PRODUCT_LIST = config("WOO_PRODUCT_LIST", cast=Csv(int))
#
# WOO1 PARSER
#
WOO1_FIELD_LIST = config("WOO1_FIELD_LIST", cast=Csv())
#
# SSH CONNECTION TO OPENVPN SERVER
#
OVPN_HOSTNAME = config("OVPN_HOSTNAME")
OVPN_PORT = config("OVPN_PORT", cast=int)
OVPN_USERNAME = config("OVPN_USERNAME")
OVPN_FILEPATH = config("OVPN_FILEPATH")
"""
Django settings for purist_account project.
Generated by 'django-admin startproject' using Django 1.11.2.
For more information on this file, see
https://docs.djangoproject.com/en/1.11/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/1.11/ref/settings/
"""
import os
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.11/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'secret'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = []
# Application definition
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
ROOT_URLCONF = 'purist_account.urls'
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
],
},
},
{
'BACKEND': 'django.template.backends.jinja2.Jinja2',
'DIRS': [],
'APP_DIRS': True,
'OPTIONS': {
'extensions': [
'jdj_tags.extensions.DjangoCompat',
],
},
},
]
WSGI_APPLICATION = 'purist_account.wsgi.application'
# Database
# https://docs.djangoproject.com/en/1.11/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
}
}
# Password validation
# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
# Internationalization
# https://docs.djangoproject.com/en/1.11/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.11/howto/static-files/
STATIC_URL = '/static/'
"""purist_account URL Configuration
The `urlpatterns` list routes URLs to views. For more information please see:
https://docs.djangoproject.com/en/1.11/topics/http/urls/
Examples:
Function views
1. Add an import: from my_app import views
2. Add a URL to urlpatterns: url(r'^$', views.home, name='home')
Class-based views
1. Add an import: from other_app.views import Home
2. Add a URL to urlpatterns: url(r'^$', Home.as_view(), name='home')
Including another URLconf
1. Import the include() function: from django.conf.urls import url, include
2. Add a URL to urlpatterns: url(r'^blog/', include('blog.urls'))
"""
from django.conf.urls import include, url
from django.contrib import admin
from django.views.generic import RedirectView
from registration.backends.simple.views import RegistrationView
import ldapregister.views
import limitmonitor.views
from ldapregister.forms import RegistrationForm
#
# Set admin titles for this site
#
admin.site.site_title = "Site administration"
admin.site.site_header = "Site administration"
#
# Define patterns for this site
#
urlpatterns = [
url(r'^$', ldapregister.views.home, name='home'),
url(r'^admin/', admin.site.urls),
url(r'^accounts/$', RedirectView.as_view(url='/')),
url(r'^accounts/profile/$', limitmonitor.views.userlimit, name='profile'),
url(r'^accounts/profile/purist.ovpn', limitmonitor.views.ovpn_userfile, name='ovpn_userfile'),
url(r'^accounts/register/$', RegistrationView.as_view(form_class=RegistrationForm), name='registration_register'),
url(r'^accounts/', include('registration.backends.simple.urls')),
url(r'^download/', include('django_agpl.urls')),
]
"""
WSGI config for purist_account project.
It exposes the WSGI callable as a module-level variable named ``application``.
For more information on this file, see
https://docs.djangoproject.com/en/1.11/howto/deployment/wsgi/
"""
import os
from django.core.wsgi import get_wsgi_application
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "purist_account.settings")
application = get_wsgi_application()
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment