""" Django settings for checkout project. Generated by 'django-admin startproject' using Django 3.1. For more information on this file, see https://docs.djangoproject.com/en/3.1/topics/settings/ For the full list of settings and their values, see https://docs.djangoproject.com/en/3.1/ref/settings/ """ import os from pathlib import Path import environ # Build paths inside the project like this: BASE_DIR / 'subdir'. from django.contrib import messages BASE_DIR = Path(__file__).resolve(strict=True).parent.parent env = environ.Env( DEBUG=(bool, False), SECRET_KEY=(str, "s#!83!8e$3s89m)r$1ghsgxbndf8=#^qt(_*o%xbq0j2t8#db5"), ADMINS=(list, []), MAILGUN_API_KEY=(str, ""), MAILGUN_SENDER_DOMAIN=(str, ""), SERVER_EMAIL=(str, ""), EMAIL_REPLY_TO=(list, []), AUTHORIZED_EMAILS=(list, []), LIBRARIAN_EMAILS=(list, []), HOSTS=(list, []), TIME_ZONE=(str, "Europe/Paris"), LANGUAGE_CODE=(str, "fr-fr"), ) env_file = os.getenv("ENV_FILE", None) if env_file: environ.Env.read_env(env_file) # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/3.1/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = env("SECRET_KEY") admins = env("ADMINS") if admins: ADMINS = list(map(lambda x: tuple(x.split("|")), admins)) DEFAULT_FROM_EMAIL = env("SERVER_EMAIL") SERVER_EMAIL = env("SERVER_EMAIL") EMAIL_SUBJECT_PREFIX = "[Manuels] " EMAIL_TIMEOUT = 30 ANYMAIL = { "MAILGUN_API_KEY": env("MAILGUN_API_KEY"), "MAILGUN_SENDER_DOMAIN": env("MAILGUN_SENDER_DOMAIN"), "MAILGUN_API_URL": "https://api.mailgun.net/v3", } EMAIL_BACKEND = "anymail.backends.mailgun.EmailBackend" AUTHORIZED_EMAILS = env("AUTHORIZED_EMAILS") LIBRARIAN_EMAILS = env("LIBRARIAN_EMAILS") EMAIL_REPLY_TO = env("EMAIL_REPLY_TO") # SECURITY WARNING: don't run with debug turned on in production! DEBUG = env("DEBUG") ALLOWED_HOSTS = ["localhost"] # Required for healthcheck if DEBUG: ALLOWED_HOSTS.append("127.0.0.1") ALLOWED_HOSTS.extend(env("HOSTS")) SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https") SESSION_COOKIE_SECURE = not DEBUG CSRF_COOKIE_SECURE = not DEBUG # Application definition INSTALLED_APPS = [ "whitenoise.runserver_nostatic", "django.contrib.admin", "django.contrib.auth", "django.contrib.contenttypes", "django.contrib.sessions", "django.contrib.messages", "django.contrib.staticfiles", "anymail", "bootstrap4", "manuels", "import_export", ] MIDDLEWARE = [ "django.middleware.security.SecurityMiddleware", "whitenoise.middleware.WhiteNoiseMiddleware", "django.middleware.gzip.GZipMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", ] ROOT_URLCONF = "manuels_collection.urls" TEMPLATES = [ { "BACKEND": "django.template.backends.django.DjangoTemplates", "DIRS": [], "APP_DIRS": True, "OPTIONS": { "context_processors": [ "django.template.context_processors.debug", "django.template.context_processors.request", "django.contrib.auth.context_processors.auth", "django.contrib.messages.context_processors.messages", ], }, }, ] WSGI_APPLICATION = "manuels_collection.wsgi.application" CACHES = { "default": { "BACKEND": "django.core.cache.backends.db.DatabaseCache", "LOCATION": "manuels_cache", } } # Database # https://docs.djangoproject.com/en/3.1/ref/settings/#databases default_db_path = BASE_DIR / "db.sqlite3" DATABASES = { "default": env.db(default=f"sqlite:///{default_db_path}"), } INTERNAL_IPS = [ "127.0.0.1", "localhost", ] # Password validation # https://docs.djangoproject.com/en/3.1/ref/settings/#auth-password-validators AUTH_PASSWORD_VALIDATORS = [ { "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator" }, {"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator"}, {"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"}, {"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator"}, ] # Internationalization # https://docs.djangoproject.com/en/3.1/topics/i18n/ LANGUAGE_CODE = env("LANGUAGE_CODE") TIME_ZONE = env("TIME_ZONE") USE_I18N = True USE_TZ = True # Logging LOG_LEVEL = "DEBUG" if DEBUG else "INFO" LOGGING = { "version": 1, "disable_existing_loggers": False, "formatters": { "verbose": { "format": "[%(asctime)s] [%(process)d] [%(levelname)s] %(module)s - %(message)s" }, }, "handlers": { "console": {"class": "logging.StreamHandler", "formatter": "verbose"}, }, "loggers": { "manuels": {"handlers": ["console"], "level": LOG_LEVEL}, }, } # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/3.1/howto/static-files/ STATIC_URL = "static/" STATIC_ROOT = BASE_DIR.parent / "staticfiles" STATICFILES_STORAGE = "whitenoise.storage.CompressedManifestStaticFilesStorage" MEDIA_URL = "media/" MEDIA_ROOT = BASE_DIR.parent / "media" LOGIN_REDIRECT_URL = "rooms-list" LOGIN_URL = "admin:login" SECURE_REFERRER_POLICY = "strict-origin-when-cross-origin" SECURE_HSTS_INCLUDE_SUBDOMAINS = True SECURE_HSTS_PRELOAD = True SECURE_HSTS_SECONDS = 63072000 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https") # CSP CSP_DEFAULT_SRC = ("'none'",) CSP_IMG_SRC = ("'self'", "data:") CSP_SCRIPT_SRC = ("'self'", "'unsafe-inline'") CSP_CONNECT_SRC = ("'self'",) CSP_STYLE_SRC = ("'self'", "'unsafe-inline'") CSP_MANIFEST_SRC = ("'self'",) CSP_FONT_SRC = ("'self'",) CSP_BASE_URI = ("'none'",) CSP_FORM_ACTION = ("'self'",) DEFAULT_AUTO_FIELD = "django.db.models.AutoField" MESSAGE_TAGS = {messages.ERROR: "danger"}