|
118 | 118 | # 'django.contrib.staticfiles.finders.DefaultStorageFinder', |
119 | 119 | # ) |
120 | 120 |
|
121 | | -# Make this unique, and don't share it with anybody. |
| 121 | +# Default value, this value must be overwritten using one of the following |
| 122 | +# environment variables: SECRET_KEY or SECRET_KEY_FILE |
122 | 123 | SECRET_KEY = '4&0+qo=m4yk!7hohzh&xsw=i&g_7t88*-9_^j(xi!fzm9zz^7l' |
123 | 124 |
|
124 | 125 | ROOT_URLCONF = 'wirecloud_instance.urls' |
|
131 | 132 |
|
132 | 133 | ## String settings |
133 | 134 | STRING_SETTINGS = ( |
| 135 | + "CSRF_COOKIE_NAME", |
| 136 | + "EMAIL_HOST", |
| 137 | + "EMAIL_HOST_PASSWORD", |
| 138 | + "EMAIL_HOST_USER", |
134 | 139 | "FIWARE_IDM_SERVER", |
135 | 140 | "FIWARE_IDM_PUBLIC_URL", |
136 | | - "SOCIAL_AUTH_FIWARE_KEY", |
137 | | - "SOCIAL_AUTH_FIWARE_SECRET", |
138 | 141 | "KEYCLOAK_SERVER", |
139 | 142 | "KEYCLOAK_REALM", |
140 | 143 | "KEYCLOAK_KEY", |
| 144 | + "SECRET_KEY", |
| 145 | + "SESSION_COOKIE_NAME", |
| 146 | + "SOCIAL_AUTH_FIWARE_KEY", |
| 147 | + "SOCIAL_AUTH_FIWARE_SECRET", |
| 148 | + "SOCIAL_AUTH_KEYCLOAK_KEY", |
| 149 | + "SOCIAL_AUTH_KEYCLOAK_SECRET", |
| 150 | +) |
| 151 | +SENSITIVE_SETTINGS = ( |
| 152 | + "EMAIL_HOST_PASSWORD", |
| 153 | + "KEYCLOAK_KEY", |
| 154 | + "SECRET_KEY", |
| 155 | + "SOCIAL_AUTH_FIWARE_KEY", |
| 156 | + "SOCIAL_AUTH_FIWARE_SECRET", |
141 | 157 | "SOCIAL_AUTH_KEYCLOAK_KEY", |
142 | 158 | "SOCIAL_AUTH_KEYCLOAK_SECRET", |
143 | 159 | ) |
144 | 160 | for setting in STRING_SETTINGS: |
145 | | - value = os.environ.get(setting, "").strip() |
| 161 | + if setting in SENSITIVE_SETTINGS and (setting + '_FILE') in os.environ: |
| 162 | + filename = os.environ[setting + '_FILE'] |
| 163 | + try: |
| 164 | + with open(filename, 'rb') as f: |
| 165 | + value = f.read() |
| 166 | + except IOError as error: |
| 167 | + print("Error reading the file ({}) pointed out by {}: {}".format(setting + '_FILE', filename, error)) |
| 168 | + print("Ignoring it") |
| 169 | + value = os.environ.get(setting, "").strip() |
| 170 | + else: |
| 171 | + value = os.environ.get(setting, "").strip() |
146 | 172 | if value != "": |
147 | 173 | locals()[setting] = value |
148 | 174 |
|
| 175 | +## Number settings |
| 176 | +NUMBER_SETTINGS = ( |
| 177 | + "CSRF_COOKIE_AGE", |
| 178 | + "EMAIL_PORT", |
| 179 | + "SESSION_COOKIE_AGE", |
| 180 | +) |
| 181 | +for setting in NUMBER_SETTINGS: |
| 182 | + value = os.environ.get(setting, "").strip() |
| 183 | + try: |
| 184 | + locals()[setting] = int(value) |
| 185 | + except ValueError: |
| 186 | + pass |
| 187 | + |
149 | 188 | ## Boolean settings |
150 | 189 | BOOLEAN_SETTINGS = ( |
| 190 | + "CSRF_COOKIE_HTTPONLY", |
| 191 | + "CSRF_COOKIE_SECURE", |
| 192 | + "EMAIL_USE_TLS", |
| 193 | + "EMAIL_USE_SSL", |
151 | 194 | "KEYCLOAK_GLOBAL_ROLE", |
| 195 | + "SESSION_COOKIE_HTTPONLY", |
| 196 | + "SESSION_COOKIE_SECURE", |
152 | 197 | ) |
153 | 198 | for setting in BOOLEAN_SETTINGS: |
154 | 199 | value = os.environ.get(setting, "").strip() |
|
158 | 203 |
|
159 | 204 | # FIWARE & Keycloak configuration |
160 | 205 | IDM_AUTH = 'fiware' if "FIWARE_IDM_SERVER" in locals() and "SOCIAL_AUTH_FIWARE_KEY" in locals() and "SOCIAL_AUTH_FIWARE_SECRET" in locals() else None |
161 | | -IDM_AUTH = 'keycloak' if "KEYCLOAK_IDM_SERVER" in locals() and "KEYCLOAK_REALM" in locals() and "KEYCLOAK_KEY" in locals() and "SOCIAL_AUTH_KEYCLOAK_KEY" in locals() and "SOCIAL_AUTH_KEYCLOAK_SECRET" in locals() else IDM_AUTH |
| 206 | +IDM_AUTH = 'keycloak' if "KEYCLOAK_SERVER" in locals() and "KEYCLOAK_REALM" in locals() and "KEYCLOAK_KEY" in locals() and "SOCIAL_AUTH_KEYCLOAK_KEY" in locals() and "SOCIAL_AUTH_KEYCLOAK_SECRET" in locals() else IDM_AUTH |
162 | 207 |
|
163 | 208 | if IDM_AUTH == 'fiware': |
164 | 209 | INSTALLED_APPS += ( |
|
0 commit comments