Allow to configure some basic Django settings through environment variables

Author: aarranz

1.3/settings.py

@@ -131,13 +131,19 @@
 
 ## String settings
 STRING_SETTINGS = (
+    "CSRF_COOKIE_NAME",
+    "EMAIL_HOST",
+    "EMAIL_HOST_PASSWORD",
+    "EMAIL_HOST_USER",
     "FIWARE_IDM_SERVER",
     "FIWARE_IDM_PUBLIC_URL",
     "SOCIAL_AUTH_FIWARE_KEY",
     "SOCIAL_AUTH_FIWARE_SECRET",
     "KEYCLOAK_SERVER",
     "KEYCLOAK_REALM",
     "KEYCLOAK_KEY",
+    "SECRET_KEY",
+    "SESSION_COOKIE_NAME",
     "SOCIAL_AUTH_KEYCLOAK_KEY",
     "SOCIAL_AUTH_KEYCLOAK_SECRET",
 )
@@ -146,9 +152,28 @@
     if value != "":
         locals()[setting] = value
 
+## Number settings
+NUMBER_SETTINGS = (
+    "CSRF_COOKIE_AGE",
+    "EMAIL_PORT",
+    "SESSION_COOKIE_AGE",
+)
+for setting in NUMBER_SETTINGS:
+    value = os.environ.get(setting, "").strip()
+    try:
+        locals()[setting] = int(value)
+    except ValueError:
+        pass
+
 ## Boolean settings
 BOOLEAN_SETTINGS = (
+    "CSRF_COOKIE_HTTPONLY",
+    "CSRF_COOKIE_SECURE",
+    "EMAIL_USE_TLS",
+    "EMAIL_USE_SSL",
     "KEYCLOAK_GLOBAL_ROLE",
+    "SESSION_COOKIE_HTTPONLY",
+    "SESSION_COOKIE_SECURE",
 )
 for setting in BOOLEAN_SETTINGS:
     value = os.environ.get(setting, "").strip()
@@ -158,7 +183,7 @@
 
 # FIWARE & Keycloak configuration
 IDM_AUTH = 'fiware' if "FIWARE_IDM_SERVER" in locals() and "SOCIAL_AUTH_FIWARE_KEY" in locals() and "SOCIAL_AUTH_FIWARE_SECRET" in locals() else None
-IDM_AUTH = 'keycloak' if "KEYCLOAK_IDM_SERVER" in locals() and "KEYCLOAK_REALM" in locals() and "KEYCLOAK_KEY" in locals() and "SOCIAL_AUTH_KEYCLOAK_KEY" in locals() and "SOCIAL_AUTH_KEYCLOAK_SECRET" in locals() else IDM_AUTH
+IDM_AUTH = 'keycloak' if "KEYCLOAK_SERVER" in locals() and "KEYCLOAK_REALM" in locals() and "KEYCLOAK_KEY" in locals() and "SOCIAL_AUTH_KEYCLOAK_KEY" in locals() and "SOCIAL_AUTH_KEYCLOAK_SECRET" in locals() else IDM_AUTH
 
 if IDM_AUTH == 'fiware':
     INSTALLED_APPS += (

README.md

@@ -31,7 +31,7 @@ The following environment variables are also honored for configuring your WireCl
     mode. Debug mode should be enabled for running WireCloud in standalone mode)
 - `-e LOGLEVEL=...` (defaults to "INFO")
 - `-e ALLOWED_HOSTS=...` (defaults to "*", whitespace whitespace-separated list
-    of allowed hosts. See [django documentation][ALLOWED_HOSTS] for more
+    of allowed hosts. See [Django documentation][ALLOWED_HOSTS] for more
     details)
 - `-e DEFAULT_LANGUAGE=...` (defaults to "browser", see
     [documentation][DEFAULT_LANGUAGE] for more details)
@@ -68,12 +68,22 @@ The following environment variables are also honored for configuring your WireCl
 - `-e SOCIAL_AUTH_KEYCLOAK_KEY=...` (defaults to nothing)
 - `-e SOCIAL_AUTH_KEYCLOAK_SECRET=...` (defaults to nothing)
 
+In addition to those environment variables, this docker image also allows you to
+configure the following Django settings using environment variables with the
+same name: `CSRF_COOKIE_AGE`, `CSRF_COOKIE_HTTPONLY`, `CSRF_COOKIE_NAME`,
+`CSRF_COOKIE_SECURE`, `EMAIL_HOST`, `EMAIL_HOST_PASSWORD`, `EMAIL_PORT`,
+`EMAIL_HOST_USER`, `EMAIL_USE_SSL`, `EMAIL_USE_TLS`, `SECRET_KEY`,
+`SESSION_COOKIE_AGE`, `SESSION_COOKIE_NAME`, `SESSION_COOKIE_HTTPONLY` and
+`SESSION_COOKIE_SECURE`. See [Django documentation](DJANGO_SETTINGS) for more
+details.
+
 When running WireCloud with TLS behind a reverse proxy such as Apache/NGINX
 which is responsible for doing TLS termination, be sure to set
 the `X-Forwarded-Proto`, `X-Forwarded-Host` and `X-Forwarded-Port` headers
 appropriately.
 
 
+[DJANGO_SETTINGS]: https://docs.djangoproject.com/en/2.1/ref/settings/
 [ALLOWED_HOSTS]: https://docs.djangoproject.com/en/2.1/ref/settings/#allowed-hosts
 [DEFAULT_LANGUAGE]: https://wirecloud.readthedocs.io/en/stable/installation_guide/#default_language
 [LANGUAGE_CODE]: https://docs.djangoproject.com/en/2.1/ref/settings/#language-code

dev/settings.py

@@ -130,13 +130,19 @@
 
 ## String settings
 STRING_SETTINGS = (
+    "CSRF_COOKIE_NAME",
+    "EMAIL_HOST",
+    "EMAIL_HOST_PASSWORD",
+    "EMAIL_HOST_USER",
     "FIWARE_IDM_SERVER",
     "FIWARE_IDM_PUBLIC_URL",
     "SOCIAL_AUTH_FIWARE_KEY",
     "SOCIAL_AUTH_FIWARE_SECRET",
     "KEYCLOAK_SERVER",
     "KEYCLOAK_REALM",
     "KEYCLOAK_KEY",
+    "SECRET_KEY",
+    "SESSION_COOKIE_NAME",
     "SOCIAL_AUTH_KEYCLOAK_KEY",
     "SOCIAL_AUTH_KEYCLOAK_SECRET",
 )
@@ -145,9 +151,28 @@
     if value != "":
         locals()[setting] = value
 
+## Number settings
+NUMBER_SETTINGS = (
+    "CSRF_COOKIE_AGE",
+    "EMAIL_PORT",
+    "SESSION_COOKIE_AGE",
+)
+for setting in NUMBER_SETTINGS:
+    value = os.environ.get(setting, "").strip()
+    try:
+        locals()[setting] = int(value)
+    except ValueError:
+        pass
+
 ## Boolean settings
 BOOLEAN_SETTINGS = (
+    "CSRF_COOKIE_HTTPONLY",
+    "CSRF_COOKIE_SECURE",
+    "EMAIL_USE_TLS",
+    "EMAIL_USE_SSL",
     "KEYCLOAK_GLOBAL_ROLE",
+    "SESSION_COOKIE_HTTPONLY",
+    "SESSION_COOKIE_SECURE",
 )
 for setting in BOOLEAN_SETTINGS:
     value = os.environ.get(setting, "").strip()
@@ -157,7 +182,7 @@
 
 # FIWARE & Keycloak configuration
 IDM_AUTH = 'fiware' if "FIWARE_IDM_SERVER" in locals() and "SOCIAL_AUTH_FIWARE_KEY" in locals() and "SOCIAL_AUTH_FIWARE_SECRET" in locals() else None
-IDM_AUTH = 'keycloak' if "KEYCLOAK_IDM_SERVER" in locals() and "KEYCLOAK_REALM" in locals() and "KEYCLOAK_KEY" in locals() and "SOCIAL_AUTH_KEYCLOAK_KEY" in locals() and "SOCIAL_AUTH_KEYCLOAK_SECRET" in locals() else IDM_AUTH
+IDM_AUTH = 'keycloak' if "KEYCLOAK_SERVER" in locals() and "KEYCLOAK_REALM" in locals() and "KEYCLOAK_KEY" in locals() and "SOCIAL_AUTH_KEYCLOAK_KEY" in locals() and "SOCIAL_AUTH_KEYCLOAK_SECRET" in locals() else IDM_AUTH
 
 if IDM_AUTH == 'fiware':
     INSTALLED_APPS += (