production.py 5.56 KB
Newer Older
Thom Wiggers's avatar
Thom Wiggers committed
1
"""
2
Django production settings for thaliawebsite project.
Thom Wiggers's avatar
Thom Wiggers committed
3

4 5 6 7
Many of these settings override settings from settings.py.

This file is loaded by __init__.py if the environment variable
`DJANGO_PRODUCTION` is set.
Thom Wiggers's avatar
Thom Wiggers committed
8 9

See https://docs.djangoproject.com/en/dev/howto/deployment/checklist/
Thom Wiggers's avatar
Thom Wiggers committed
10
"""
11
import base64
12
import json
Thom Wiggers's avatar
Thom Wiggers committed
13
import os
14

15 16
import sentry_sdk
from sentry_sdk.integrations.django import DjangoIntegration
17

18
from . import settings
19

Thom Wiggers's avatar
Thom Wiggers committed
20 21 22 23 24 25
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.abspath(os.path.join(
    os.path.dirname(os.path.abspath(__file__)),
    '..', '..'))


Thom Wiggers's avatar
Thom Wiggers committed
26 27 28 29 30 31 32 33
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = os.environ.get(
    'DJANGO_SECRET',
    '#o-0d1q5&^&06tn@8pr1f(n3$crafd++^%sacao7hj*ea@c)^t')

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = os.environ.get('DJANGO_DEBUG') == 'True'

34 35
if 'DJANGO_HOSTS' in os.environ:
    ALLOWED_HOSTS = os.environ.get('DJANGO_HOSTS').split(',')
Thom Wiggers's avatar
Thom Wiggers committed
36

Thom Wiggers's avatar
Thom Wiggers committed
37
# Database settings
Thom Wiggers's avatar
Thom Wiggers committed
38 39 40
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql',
41
        'USER': os.environ.get('POSTGRES_USER', 'postgres'),
42
        'PASSWORD': os.environ.get('POSTGRES_PASSWORD', ''),
43
        'NAME': os.environ.get('POSTGRES_DB'),
Thom Wiggers's avatar
Thom Wiggers committed
44 45 46 47
        'HOST': os.environ.get('DJANGO_POSTGRES_HOST'),
        'PORT': 5432,
    }
}
Thom Wiggers's avatar
Thom Wiggers committed
48 49 50 51

# Persistent database connections
CONN_MAX_AGE = '60'

Thom Wiggers's avatar
Thom Wiggers committed
52 53 54 55
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/dev/howto/static-files/

# Where to store uploaded files
Thom Wiggers's avatar
Thom Wiggers committed
56
MEDIA_ROOT = '/concrexit/media'
Thom Wiggers's avatar
Thom Wiggers committed
57 58
MEDIA_URL = '/media/'  # Public is included by the db fields

59 60
if not settings.DEBUG:
    SENDFILE_BACKEND = 'sendfile.backends.nginx'
61 62
SENDFILE_URL = '/media/'
SENDFILE_ROOT = '/concrexit/media/'
Thom Wiggers's avatar
Thom Wiggers committed
63 64

STATIC_URL = '/static/'
Thom Wiggers's avatar
Thom Wiggers committed
65
STATIC_ROOT = '/concrexit/static'
Thom Wiggers's avatar
Thom Wiggers committed
66

Thom Wiggers's avatar
Thom Wiggers committed
67 68
if not DEBUG:
    COMPRESS_OFFLINE = True
69 70 71 72 73 74 75 76

PASSWORD_HASHERS = [
    'django.contrib.auth.hashers.Argon2PasswordHasher',
    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
    'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
    'django.contrib.auth.hashers.BCryptPasswordHasher',
]
Thom Wiggers's avatar
Thom Wiggers committed
77 78

WIKI_API_KEY = os.environ.get('WIKI_API_KEY', 'changeme')
Thom Wiggers's avatar
Thom Wiggers committed
79
MIGRATION_KEY = os.environ.get('MIGRATION_KEY')
80
MAILINGLIST_API_SECRET = os.environ.get('MAILINGLIST_API_SECRET', '')
81
MEMBERS_SENTRY_API_SECRET = os.environ.get('MEMBERS_SENTRY_API_SECRET', '')
82 83
ACTIVEMEMBERS_NEXTCLOUD_API_SECRET = os.environ.get(
    'ACTIVEMEMBERS_NEXTCLOUD_API_SECRET', '')
Thom Wiggers's avatar
Thom Wiggers committed
84

85 86
GOOGLE_MAPS_API_KEY = os.environ.get('GOOGLE_MAPS_API_KEY', '')
GOOGLE_MAPS_API_SECRET = os.environ.get('GOOGLE_MAPS_API_SECRET', '')
87

88
FIREBASE_CREDENTIALS = os.environ.get('FIREBASE_CREDENTIALS', '{}')
89 90 91
if not (FIREBASE_CREDENTIALS == '{}'):
    FIREBASE_CREDENTIALS = base64.urlsafe_b64decode(FIREBASE_CREDENTIALS)
FIREBASE_CREDENTIALS = json.loads(FIREBASE_CREDENTIALS)
92

Sébastiaan Versteeg's avatar
Sébastiaan Versteeg committed
93 94 95 96 97
# Conscribo settings
CONSCRIBO_ACCOUNT = os.environ.get('CONSCRIBO_ACCOUNT', '')
CONSCRIBO_USER = os.environ.get('CONSCRIBO_USER', '')
CONSCRIBO_PASSWORD = os.environ.get('CONSCRIBO_PASSWORD', '')

Thom Wiggers's avatar
Thom Wiggers committed
98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114
if os.environ.get('DJANGO_SSLONLY'):
    SECURE_SSL_REDIRECT = True
    SESSION_COOKIE_SECURE = True
    CSRF_COOKIE_SECURE = True

# Use caching template loader
TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [os.path.join(BASE_DIR, 'templates')],
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.template.context_processors.media',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
115
                'announcements.context_processors.announcements',
116 117
                'thaliawebsite.context_processors.source_commit',
                'thaliawebsite.context_processors.thumbnail_sizes',
Thom Wiggers's avatar
Thom Wiggers committed
118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142
            ],
            'loaders': [
                ('django.template.loaders.cached.Loader', [
                    'django.template.loaders.filesystem.Loader',
                    'django.template.loaders.app_directories.Loader',
                ]),
            ],
        },
    },
]

# ADMINS
ADMINS = [('Technicie', 'www@thalia.nu')]

# Email backend
if os.environ.get('DJANGO_EMAIL_HOST'):
    EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
    EMAIL_HOST = os.environ['DJANGO_EMAIL_HOST']
    EMAIL_PORT = os.environ['DJANGO_EMAIL_PORT']
    EMAIL_HOST_USER = os.environ.get('DJANGO_EMAIL_HOST_USER')
    EMAIL_HOST_PASSWORD = os.environ.get('DJANGO_EMAIL_HOST_PASSWORD')
    EMAIL_USE_TLS = os.environ.get('DJANGO_EMAIL_USE_TLS', False) == 'True'
    EMAIL_USE_SSL = os.environ.get('DJANGO_EMAIL_USE_SSL', False) == 'True'
    EMAIL_TIMEOUT = 10

143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171
LOGGING = {
    'version': 1,
    'disable_existing_loggers': True,
    'filters': {
        'require_debug_false': {
            '()': 'django.utils.log.RequireDebugFalse',
        },
    },
    'formatters': {
        'verbose': {
            'format': '%(levelname)s %(asctime)s %(module)s '
                      '%(process)d %(thread)d %(message)s'
        },
    },
    'handlers': {
        'console': {
            'level': 'DEBUG',
            'class': 'logging.StreamHandler',
            'formatter': 'verbose'
        },
    },
    'loggers': {
        'django': {
            'handlers': ['console'],
            'level': 'INFO',
        },
    },
}

172 173 174 175 176 177
sentry_sdk.init(
    dsn=os.environ.get('SENTRY_DSN'),
    integrations=[DjangoIntegration()],
    release=os.environ.get('SOURCE_COMMIT'),
    send_default_pii=True
)