· 7 years ago · Jan 16, 2018, 05:04 PM
1
2import os, json
3
4# a massive hack to see if we're testing, in which case we use different settings
5import sys
6TESTING = 'test' in sys.argv
7
8# go through environment variables and override them
9def get_from_env(var, default):
10 if not TESTING and os.environ.has_key(var):
11 return os.environ[var]
12 else:
13 return default
14
15DEBUG = (get_from_env('DEBUG', '1') == '1')
16TEMPLATE_DEBUG = DEBUG
17
18# add admins of the form:
19# ('Ben Adida', 'ben@adida.net'),
20# if you want to be emailed about errors.
21ADMINS = (
22)
23
24MANAGERS = ADMINS
25
26# is this the master Helios web site?
27MASTER_HELIOS = (get_from_env('MASTER_HELIOS', '0') == '1')
28
29# show ability to log in? (for example, if the site is mostly used by voters)
30# if turned off, the admin will need to know to go to /auth/login manually
31SHOW_LOGIN_OPTIONS = (get_from_env('SHOW_LOGIN_OPTIONS', '1') == '1')
32
33# sometimes, when the site is not that social, it's not helpful
34# to display who created the election
35SHOW_USER_INFO = (get_from_env('SHOW_USER_INFO', '1') == '1')
36
37DATABASES = {
38 'default': {
39 'ENGINE': 'django.db.backends.postgresql_psycopg2',
40 'HOST': 'localhost',
41 'USER': 'helios',
42 'NAME': 'helios',
43 'PASSWORD': 'helios'
44 }
45}
46
47SOUTH_DATABASE_ADAPTERS = {'default':'south.db.postgresql_psycopg2'}
48
49# override if we have an env variable
50if get_from_env('DATABASE_URL', None):
51 import dj_database_url
52 DATABASES['default'] = dj_database_url.config()
53 DATABASES['default']['ENGINE'] = 'django.db.backends.postgresql_psycopg2'
54 DATABASES['default']['CONN_MAX_AGE'] = 600
55
56# Local time zone for this installation. Choices can be found here:
57# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
58# although not all choices may be available on all operating systems.
59# If running in a Windows environment this must be set to the same as your
60# system time zone.
61TIME_ZONE = 'America/Los_Angeles'
62
63# Language code for this installation. All choices can be found here:
64# http://www.i18nguy.com/unicode/language-identifiers.html
65LANGUAGE_CODE = 'en-us'
66
67SITE_ID = 1
68
69# If you set this to False, Django will make some optimizations so as not
70# to load the internationalization machinery.
71USE_I18N = True
72
73# Absolute path to the directory that holds media.
74# Example: "/home/media/media.lawrence.com/"
75MEDIA_ROOT = ''
76
77# URL that handles the media served from MEDIA_ROOT. Make sure to use a
78# trailing slash if there is a path component (optional in other cases).
79# Examples: "http://media.lawrence.com", "http://example.com/media/"
80MEDIA_URL = ''
81
82# URL prefix for admin media -- CSS, JavaScript and images. Make sure to use a
83# trailing slash.
84# Examples: "http://foo.com/media/", "/media/".
85STATIC_URL = '/media/'
86
87# Make this unique, and don't share it with anybody.
88SECRET_KEY = get_from_env('SECRET_KEY', 'replaceme')
89
90# If debug is set to false and ALLOWED_HOSTS is not declared, django raises "CommandError: You must set settings.ALLOWED_HOSTS if DEBUG is False."
91# If in production, you got a bad request (400) error
92#More info: https://docs.djangoproject.com/en/1.7/ref/settings/#allowed-hosts (same for 1.6)
93
94ALLOWED_HOSTS = get_from_env('ALLOWED_HOSTS', 'localhost').split(",")
95
96# Secure Stuff
97if (get_from_env('SSL', '0') == '1'):
98 SECURE_SSL_REDIRECT = True
99 SESSION_COOKIE_SECURE = True
100
101 # tuned for Heroku
102 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
103
104SESSION_COOKIE_HTTPONLY = True
105
106# one week HSTS seems like a good balance for MITM prevention
107if (get_from_env('HSTS', '0') == '1'):
108 SECURE_HSTS_SECONDS = 3600 * 24 * 7
109 # not doing subdomains for now cause that is not likely to be necessary and can screw things up.
110 SECURE_HSTS_INCLUDE_SUBDOMAINS = False
111
112SECURE_BROWSER_XSS_FILTER = True
113SECURE_CONTENT_TYPE_NOSNIFF = True
114
115# List of callables that know how to import templates from various sources.
116TEMPLATE_LOADERS = (
117 'django.template.loaders.filesystem.Loader',
118 'django.template.loaders.app_directories.Loader'
119)
120
121MIDDLEWARE_CLASSES = (
122 # make all things SSL
123 #'sslify.middleware.SSLifyMiddleware',
124
125 # secure a bunch of things
126 'djangosecure.middleware.SecurityMiddleware',
127 'django.middleware.clickjacking.XFrameOptionsMiddleware',
128
129 'django.middleware.common.CommonMiddleware',
130 'django.contrib.sessions.middleware.SessionMiddleware',
131 'django.contrib.auth.middleware.AuthenticationMiddleware'
132)
133
134ROOT_URLCONF = 'urls'
135
136ROOT_PATH = os.path.dirname(__file__)
137TEMPLATE_DIRS = (
138 ROOT_PATH,
139 os.path.join(ROOT_PATH, 'templates')
140)
141
142INSTALLED_APPS = (
143# 'django.contrib.auth',
144# 'django.contrib.contenttypes',
145 'djangosecure',
146 'django.contrib.sessions',
147 #'django.contrib.sites',
148 ## needed for queues
149 'djcelery',
150 'kombu.transport.django',
151 ## in Django 1.7 we now use built-in migrations, no more south
152 ## 'south',
153 ## HELIOS stuff
154 'helios_auth',
155 'helios',
156 'server_ui',
157)
158
159##
160## HELIOS
161##
162
163
164MEDIA_ROOT = ROOT_PATH + "media/"
165
166# a relative path where voter upload files are stored
167VOTER_UPLOAD_REL_PATH = "voters/%Y/%m/%d"
168
169
170# Change your email settings
171DEFAULT_FROM_EMAIL = get_from_env('DEFAULT_FROM_EMAIL', 'ben@adida.net')
172DEFAULT_FROM_NAME = get_from_env('DEFAULT_FROM_NAME', 'Ben for Helios')
173SERVER_EMAIL = '%s <%s>' % (DEFAULT_FROM_NAME, DEFAULT_FROM_EMAIL)
174
175LOGIN_URL = '/auth/'
176LOGOUT_ON_CONFIRMATION = True
177
178# The two hosts are here so the main site can be over plain HTTP
179# while the voting URLs are served over SSL.
180URL_HOST = get_from_env("URL_HOST", "http://localhost:8000").rstrip("/")
181
182# IMPORTANT: you should not change this setting once you've created
183# elections, as your elections' cast_url will then be incorrect.
184# SECURE_URL_HOST = "https://localhost:8443"
185SECURE_URL_HOST = get_from_env("SECURE_URL_HOST", URL_HOST).rstrip("/")
186
187# election stuff
188SITE_TITLE = get_from_env('SITE_TITLE', 'Helios Voting')
189MAIN_LOGO_URL = get_from_env('MAIN_LOGO_URL', '/static/logo.png')
190ALLOW_ELECTION_INFO_URL = (get_from_env('ALLOW_ELECTION_INFO_URL', '0') == '1')
191
192# FOOTER links
193FOOTER_LINKS = json.loads(get_from_env('FOOTER_LINKS', '[]'))
194FOOTER_LOGO_URL = get_from_env('FOOTER_LOGO_URL', None)
195
196WELCOME_MESSAGE = get_from_env('WELCOME_MESSAGE', "This is the default message")
197
198HELP_EMAIL_ADDRESS = get_from_env('HELP_EMAIL_ADDRESS', 'help@heliosvoting.org')
199
200AUTH_TEMPLATE_BASE = "server_ui/templates/base.html"
201HELIOS_TEMPLATE_BASE = "server_ui/templates/base.html"
202HELIOS_ADMIN_ONLY = False
203HELIOS_VOTERS_UPLOAD = True
204HELIOS_VOTERS_EMAIL = True
205
206# are elections private by default?
207HELIOS_PRIVATE_DEFAULT = False
208
209# authentication systems enabled
210#AUTH_ENABLED_AUTH_SYSTEMS = ['password','facebook','twitter', 'google', 'yahoo']
211AUTH_ENABLED_AUTH_SYSTEMS = get_from_env('AUTH_ENABLED_AUTH_SYSTEMS', 'google').split(",")
212AUTH_DEFAULT_AUTH_SYSTEM = get_from_env('AUTH_DEFAULT_AUTH_SYSTEM', None)
213
214# google
215GOOGLE_CLIENT_ID = get_from_env('GOOGLE_CLIENT_ID', '')
216GOOGLE_CLIENT_SECRET = get_from_env('GOOGLE_CLIENT_SECRET', '')
217
218# facebook
219FACEBOOK_APP_ID = get_from_env('FACEBOOK_APP_ID','')
220FACEBOOK_API_KEY = get_from_env('FACEBOOK_API_KEY','')
221FACEBOOK_API_SECRET = get_from_env('FACEBOOK_API_SECRET','')
222
223# twitter
224TWITTER_API_KEY = ''
225TWITTER_API_SECRET = ''
226TWITTER_USER_TO_FOLLOW = 'heliosvoting'
227TWITTER_REASON_TO_FOLLOW = "we can direct-message you when the result has been computed in an election in which you participated"
228
229# the token for Helios to do direct messaging
230TWITTER_DM_TOKEN = {"oauth_token": "", "oauth_token_secret": "", "user_id": "", "screen_name": ""}
231
232# LinkedIn
233LINKEDIN_API_KEY = ''
234LINKEDIN_API_SECRET = ''
235
236# CAS (for universities)
237CAS_USERNAME = get_from_env('CAS_USERNAME', "")
238CAS_PASSWORD = get_from_env('CAS_PASSWORD', "")
239CAS_ELIGIBILITY_URL = get_from_env('CAS_ELIGIBILITY_URL', "")
240CAS_ELIGIBILITY_REALM = get_from_env('CAS_ELIGIBILITY_REALM', "")
241
242# Clever
243CLEVER_CLIENT_ID = get_from_env('CLEVER_CLIENT_ID', "")
244CLEVER_CLIENT_SECRET = get_from_env('CLEVER_CLIENT_SECRET', "")
245
246# email server
247EMAIL_HOST = get_from_env('EMAIL_HOST', 'localhost')
248EMAIL_PORT = int(get_from_env('EMAIL_PORT', "2525"))
249EMAIL_HOST_USER = get_from_env('EMAIL_HOST_USER', '')
250EMAIL_HOST_PASSWORD = get_from_env('EMAIL_HOST_PASSWORD', '')
251EMAIL_USE_TLS = (get_from_env('EMAIL_USE_TLS', '0') == '1')
252
253# to use AWS Simple Email Service
254# in which case environment should contain
255# AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
256if get_from_env('EMAIL_USE_AWS', '0') == '1':
257 EMAIL_BACKEND = 'django_ses.SESBackend'
258
259# set up logging
260import logging
261logging.basicConfig(
262 level = logging.DEBUG,
263 format = '%(asctime)s %(levelname)s %(message)s'
264)
265
266
267# set up django-celery
268# BROKER_BACKEND = "kombu.transport.DatabaseTransport"
269BROKER_URL = "django://"
270CELERY_RESULT_DBURI = DATABASES['default']
271import djcelery
272djcelery.setup_loader()
273
274
275# for testing
276TEST_RUNNER = 'djcelery.contrib.test_runner.CeleryTestSuiteRunner'
277# this effectively does CELERY_ALWAYS_EAGER = True
278
279# Rollbar Error Logging
280ROLLBAR_ACCESS_TOKEN = get_from_env('ROLLBAR_ACCESS_TOKEN', None)
281if ROLLBAR_ACCESS_TOKEN:
282 print "setting up rollbar"
283 MIDDLEWARE_CLASSES += ('rollbar.contrib.django.middleware.RollbarNotifierMiddleware',)
284 ROLLBAR = {
285 'access_token': ROLLBAR_ACCESS_TOKEN,
286 'environment': 'development' if DEBUG else 'production',
287 }