· 6 years ago · Jul 25, 2019, 07:56 PM
1import os, json
2
3# a massive hack to see if we're testing, in which case we use different settings
4import sys
5TESTING = 'test' in sys.argv
6
7# go through environment variables and override them
8def get_from_env(var, default):
9 if not TESTING and var in os.environ:
10 return os.environ[var]
11 else:
12 return default
13
14DEBUG = (get_from_env('DEBUG', '1') == '1')
15_TEMPLATE_DEBUG = DEBUG
16
17# add admins of the form:
18# ('Ben Adida', 'ben@adida.net'),
19# if you want to be emailed about errors.
20ADMINS = (
21)
22
23MANAGERS = ADMINS
24
25# is this the master Helios web site?
26MASTER_HELIOS = (get_from_env('MASTER_HELIOS', '0') == '1')
27
28# show ability to log in? (for example, if the site is mostly used by voters)
29# if turned off, the admin will need to know to go to /auth/login manually
30SHOW_LOGIN_OPTIONS = (get_from_env('SHOW_LOGIN_OPTIONS', '1') == '1')
31
32# sometimes, when the site is not that social, it's not helpful
33# to display who created the election
34SHOW_USER_INFO = (get_from_env('SHOW_USER_INFO', '1') == '1')
35
36DATABASES = {
37 'default': {
38 'ENGINE': 'django.db.backends.postgresql_psycopg2',
39 'NAME': 'helios',
40 'HOST': 'localhost',
41 'USER': 'helios',
42 'PASSWORD': 'helios',
43 }
44}
45
46SOUTH_DATABASE_ADAPTERS = {'default':'south.db.postgresql_psycopg2'}
47
48# override if we have an env variable
49if get_from_env('DATABASE_URL', None):
50 import dj_database_url
51 DATABASES['default'] = dj_database_url.config()
52 DATABASES['default']['ENGINE'] = 'django.db.backends.postgresql_psycopg2'
53 DATABASES['default']['CONN_MAX_AGE'] = 600
54
55 # require SSL
56 DATABASES['default']['OPTIONS'] = {'sslmode': 'require'}
57
58# Local time zone for this installation. Choices can be found here:
59# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
60# although not all choices may be available on all operating systems.
61# If running in a Windows environment this must be set to the same as your
62# system time zone.
63TIME_ZONE = 'US/Eastern'
64
65# Language code for this installation. All choices can be found here:
66# http://www.i18nguy.com/unicode/language-identifiers.html
67LANGUAGE_CODE = 'en-us'
68
69SITE_ID = 1
70
71# If you set this to False, Django will make some optimizations so as not
72# to load the internationalization machinery.
73USE_I18N = True
74
75# Absolute path to the directory that holds media.
76# Example: "/home/media/media.lawrence.com/"
77MEDIA_ROOT = ''
78
79# URL that handles the media served from MEDIA_ROOT. Make sure to use a
80# trailing slash if there is a path component (optional in other cases).
81# Examples: "http://media.lawrence.com", "http://example.com/media/"
82MEDIA_URL = ''
83
84# URL prefix for admin media -- CSS, JavaScript and images. Make sure to use a
85# trailing slash.
86# Examples: "http://foo.com/media/", "/media/".
87STATIC_URL = '/media/'
88
89# Make this unique, and don't share it with anybody.
90SECRET_KEY = get_from_env('SECRET_KEY', 'replaceme')
91
92# If debug is set to false and ALLOWED_HOSTS is not declared, django raises "CommandError: You must set settings.ALLOWED_HOSTS if DEBUG is False."
93# If in production, you got a bad request (400) error
94#More info: https://docs.djangoproject.com/en/1.7/ref/settings/#allowed-hosts (same for 1.6)
95
96ALLOWED_HOSTS = get_from_env('ALLOWED_HOSTS','*').split(",")
97
98# Secure Stuff
99if (get_from_env('SSL', '0') == '1'):
100 SECURE_SSL_REDIRECT = True
101 SESSION_COOKIE_SECURE = True
102
103 # tuned for Heroku
104 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
105
106SESSION_COOKIE_HTTPONLY = True
107
108# let's go with one year because that's the way to do it now
109STS = False
110if (get_from_env('HSTS', '0') == '1'):
111 STS = True
112 # we're using our own custom middleware now
113 # SECURE_HSTS_SECONDS = 31536000
114 # not doing subdomains for now cause that is not likely to be necessary and can screw things up.
115 # SECURE_HSTS_INCLUDE_SUBDOMAINS = True
116
117SECURE_BROWSER_XSS_FILTER = True
118SECURE_CONTENT_TYPE_NOSNIFF = True
119
120# List of callables that know how to import templates from various sources.
121_TEMPLATE_LOADERS = (
122 'django.template.loaders.filesystem.Loader',
123 'django.template.loaders.app_directories.Loader'
124)
125
126MIDDLEWARE = [
127 # make all things SSL
128 #'sslify.middleware.SSLifyMiddleware',
129
130 # secure a bunch of things
131# 'helios.security.HSTSMiddleware',
132
133 'django.middleware.security.SecurityMiddleware',
134 'django.contrib.sessions.middleware.SessionMiddleware',
135 'django.middleware.common.CommonMiddleware',
136 'django.contrib.auth.middleware.AuthenticationMiddleware',
137 'django.middleware.clickjacking.XFrameOptionsMiddleware',
138]
139
140_MIDDLEWARE = [
141 'django.middleware.security.SecurityMiddleware',
142# 'helios.security.HSTSMiddleware',
143 'django.middleware.clickjacking.XFrameOptionsMiddleware',
144
145 'django.middleware.common.CommonMiddleware',
146 'django.contrib.sessions.middleware.SessionMiddleware',
147 'django.contrib.auth.middleware.AuthenticationMiddleware'
148]
149
150ROOT_URLCONF = 'urls'
151
152ROOT_PATH = os.path.dirname(__file__)
153TEMPLATES = (
154 os.path.join(ROOT_PATH, 'theme', 'templates'),
155 '/srv/LIBREO/libreo/themes/nova/',
156 '/srv/LIBREO/libreo/themes/nova/templates',
157 ROOT_PATH,
158 os.path.join(ROOT_PATH, 'templates')
159)
160
161INSTALLED_APPS = (
162 'django.contrib.auth',
163 'django.contrib.contenttypes',
164 'django.contrib.sessions',
165 'django.contrib.staticfiles',
166 'django.contrib.messages',
167
168 #'django.contrib.sites',
169 ## needed for queues
170 'djcelery',
171 'kombu.transport.django',
172 ## in Django 1.7 we now use built-in migrations, no more south
173 ## 'south',
174 ## HELIOS stuff
175 'helios_auth',
176 'helios',
177 'theme',
178 'helios_tendenci',
179)
180
181##
182## HELIOS
183##
184
185
186MEDIA_ROOT = ROOT_PATH + "media/"
187
188# a relative path where voter upload files are stored
189VOTER_UPLOAD_REL_PATH = "voters/%Y/%m/%d"
190
191
192# Change your email settings
193DEFAULT_FROM_EMAIL = get_from_env('DEFAULT_FROM_EMAIL', 'ben@adida.net')
194DEFAULT_FROM_NAME = get_from_env('DEFAULT_FROM_NAME', 'Ben for Helios')
195SERVER_EMAIL = '%s <%s>' % (DEFAULT_FROM_NAME, DEFAULT_FROM_EMAIL)
196
197LOGIN_URL = '/auth/'
198LOGOUT_ON_CONFIRMATION = False
199
200# The two hosts are here so the main site can be over plain HTTP
201# while the voting URLs are served over SSL.
202URL_HOST = get_from_env("URL_HOST", "http://localhost:8000").rstrip("/")
203
204# IMPORTANT: you should not change this setting once you've created
205# elections, as your elections' cast_url will then be incorrect.
206# SECURE_URL_HOST = "https://localhost:8443"
207SECURE_URL_HOST = get_from_env("SECURE_URL_HOST", URL_HOST).rstrip("/")
208
209# election stuff
210SITE_TITLE = get_from_env('SITE_TITLE', 'Helios Voting')
211MAIN_LOGO_URL = get_from_env('MAIN_LOGO_URL', '/static/logo.png')
212ALLOW_ELECTION_INFO_URL = (get_from_env('ALLOW_ELECTION_INFO_URL', '0') == '1')
213
214# FOOTER links
215FOOTER_LINKS = json.loads(get_from_env('FOOTER_LINKS', '[]'))
216FOOTER_LOGO_URL = get_from_env('FOOTER_LOGO_URL', None)
217
218WELCOME_MESSAGE = get_from_env('WELCOME_MESSAGE', "This is the default message")
219
220HELP_EMAIL_ADDRESS = get_from_env('HELP_EMAIL_ADDRESS', 'help@heliosvoting.org')
221
222AUTH_TEMPLATE_BASE = "theme/templates/helios-base.html"
223HELIOS_TEMPLATE_BASE = "theme/templates/helios-base.html"
224HELIOS_ADMIN_ONLY = False
225HELIOS_VOTERS_UPLOAD = True
226HELIOS_VOTERS_EMAIL = True
227
228# are elections private by default?
229HELIOS_PRIVATE_DEFAULT = False
230
231# authentication systems enabled
232#AUTH_ENABLED_AUTH_SYSTEMS = ['password','facebook','twitter', 'google', 'yahoo']
233AUTH_ENABLED_AUTH_SYSTEMS = get_from_env('AUTH_ENABLED_AUTH_SYSTEMS', 'google').split(",")
234AUTH_DEFAULT_AUTH_SYSTEM = get_from_env('AUTH_DEFAULT_AUTH_SYSTEM', None)
235
236# google
237GOOGLE_CLIENT_ID = get_from_env('GOOGLE_CLIENT_ID', '')
238GOOGLE_CLIENT_SECRET = get_from_env('GOOGLE_CLIENT_SECRET', '')
239
240# facebook
241FACEBOOK_APP_ID = get_from_env('FACEBOOK_APP_ID','')
242FACEBOOK_API_KEY = get_from_env('FACEBOOK_API_KEY','')
243FACEBOOK_API_SECRET = get_from_env('FACEBOOK_API_SECRET','')
244
245# twitter
246TWITTER_API_KEY = ''
247TWITTER_API_SECRET = ''
248TWITTER_USER_TO_FOLLOW = 'heliosvoting'
249TWITTER_REASON_TO_FOLLOW = "we can direct-message you when the result has been computed in an election in which you participated"
250
251# the token for Helios to do direct messaging
252TWITTER_DM_TOKEN = {"oauth_token": "", "oauth_token_secret": "", "user_id": "", "screen_name": ""}
253
254# LinkedIn
255LINKEDIN_API_KEY = ''
256LINKEDIN_API_SECRET = ''
257
258# CAS (for universities)
259CAS_USERNAME = get_from_env('CAS_USERNAME', "")
260CAS_PASSWORD = get_from_env('CAS_PASSWORD', "")
261CAS_ELIGIBILITY_URL = get_from_env('CAS_ELIGIBILITY_URL', "")
262CAS_ELIGIBILITY_REALM = get_from_env('CAS_ELIGIBILITY_REALM', "")
263
264# Clever
265CLEVER_CLIENT_ID = get_from_env('CLEVER_CLIENT_ID', "")
266CLEVER_CLIENT_SECRET = get_from_env('CLEVER_CLIENT_SECRET', "")
267
268# email server
269EMAIL_HOST = get_from_env('EMAIL_HOST', 'localhost')
270EMAIL_PORT = int(get_from_env('EMAIL_PORT', "2525"))
271EMAIL_HOST_USER = get_from_env('EMAIL_HOST_USER', '')
272EMAIL_HOST_PASSWORD = get_from_env('EMAIL_HOST_PASSWORD', '')
273EMAIL_USE_TLS = (get_from_env('EMAIL_USE_TLS', '0') == '1')
274
275# to use AWS Simple Email Service
276# in which case environment should contain
277# AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
278if get_from_env('EMAIL_USE_AWS', '0') == '1':
279 EMAIL_BACKEND = 'django_ses.SESBackend'
280
281# set up logging
282import logging
283logging.basicConfig(
284 level = logging.DEBUG,
285 format = '%(asctime)s %(levelname)s %(message)s'
286)
287
288
289# set up django-celery
290# BROKER_BACKEND = "kombu.transport.DatabaseTransport"
291BROKER_URL = "django://"
292CELERY_RESULT_DBURI = DATABASES['default']
293import djcelery
294djcelery.setup_loader()
295
296
297# for testing
298TEST_RUNNER = 'djcelery.contrib.test_runner.CeleryTestSuiteRunner'
299# this effectively does CELERY_ALWAYS_EAGER = True
300
301# Rollbar Error Logging
302ROLLBAR_ACCESS_TOKEN = get_from_env('ROLLBAR_ACCESS_TOKEN', None)
303if ROLLBAR_ACCESS_TOKEN:
304 print("setting up rollbar")
305 MIDDLEWARE_CLASSES += ('rollbar.contrib.django.middleware.RollbarNotifierMiddleware',)
306 ROLLBAR = {
307 'access_token': ROLLBAR_ACCESS_TOKEN,
308 'environment': 'development' if DEBUG else 'production',
309 }
310
311TEMPLATES = [
312 {
313 'BACKEND': 'django.template.backends.django.DjangoTemplates',
314 'OPTIONS': {
315 'context_processors': [
316 'django.template.context_processors.debug',
317 'django.template.context_processors.request',
318 'django.contrib.auth.context_processors.auth',
319 'django.contrib.messages.context_processors.messages',
320 'django.template.context_processors.request',
321 'helios_tendenci.context_processors.theme',
322 ],
323 'loaders': [
324 'django.template.loaders.filesystem.Loader',
325 'django.template.loaders.app_directories.Loader',
326 ],
327 },
328 },
329]
330
331TENDENCI_CAS_URL = 'http://192.168.122.236:10000/cas/'
332TENDENCI_GROUPS_URL = 'http://192.168.122.236:10000/helios/groups/'
333
334STATICFILES_DIRS = (
335 ROOT_PATH + '/helios/media',
336 ROOT_PATH + '/heliosbooth',
337 ROOT_PATH + '/heliosverifier',
338 ROOT_PATH + '/helios_auth/media',
339 ROOT_PATH + '/server_ui/media',
340 '/srv/LIBREO/libreo/static/',
341)
342
343THEMES_DIR = '/srv/LIBREO/libreo/themes/'
344
345# from django.conf.global_settings import TEMPLATE_CONTEXT_PROCESSORS
346
347# TEMPLATE_CONTEXT_PROCESSORS += (
348# 'helios_tendenci.context_processors.theme',
349# )
350TENDENCI_TOP_BAR_URL = 'http://tendenci:9000/helios/top_bar/'
351TENDENCI_TEMPLATE_BASE = '/srv/LIBREO/libreo/themes/nova/templates/default-fullwidth.html'