creylopez
/
django-ex
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 2 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1673 Commits
11 Branches
6.7 MiB
 
 
 
 
Tree: 3f2ff37734
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3f2ff37734'
${ noResults }
django-ex/edivorce/settings/openshift.py

137 lines
5.6 KiB
Raw Blame History

from mozilla_django_oidc import utils as mozilla_django_oidc_utils
from .base import *
def openshift_db_config():
'''
Database config based on the django-ex openshift sample application
'''
service_name = os.getenv('DATABASE_SERVICE_NAME', '').upper()
engines = {
'sqlite': 'django.db.backends.sqlite3',
'postgresql': 'django.db.backends.postgresql',
'mysql': 'django.db.backends.mysql',
}
if service_name:
engine = engines.get(os.getenv('DATABASE_ENGINE'), engines['sqlite'])
else:
engine = engines['sqlite']
name = os.getenv('DATABASE_NAME')
if not name and engine == engines['sqlite']:
name = os.path.join(PROJECT_ROOT, 'db.sqlite3')
return {
'ENGINE': engine,
'NAME': name,
'USER': os.getenv('DATABASE_USER'),
'PASSWORD': os.getenv('DATABASE_PASSWORD'),
'HOST': os.getenv('{}_SERVICE_HOST'.format(service_name)),
'PORT': os.getenv('{}_SERVICE_PORT'.format(service_name)),
}
DATABASES = {
'default': openshift_db_config()
}
# Django Compressor offline compression (triggered by wsgi.py during OpenShift deployment)
COMPRESS_ENABLED = True
COMPRESS_OFFLINE = True
# The app will be served out of the subdirectory justice.gov.bc.ca/divorce via reverse-proxy
#
# See nginx-proxy/conf.d/server.conf for related settings
#
DEPLOYMENT_TYPE = env('ENVIRONMENT_TYPE', 'unittest')
PROXY_URL_PREFIX = os.getenv('PROXY_URL_PREFIX', '/divorce')
PROXY_BASE_URL = os.getenv('PROXY_BASE_URL', 'https://justice.gov.bc.ca')
if DEPLOYMENT_TYPE == 'dev':
DEBUG = True
CSRF_COOKIE_AGE = None
SESSION_COOKIE_AGE = 3600
REGISTER_BCEID_URL = 'https://www.test.bceid.ca/directories/bluepages/details.aspx?serviceID=5522'
REGISTER_BCSC_URL = 'https://logontest7.gov.bc.ca/clp-cgi/fed/fedLaunch.cgi?partner=fed38&partnerList=fed38&flags=0001:0,7&TARGET=http://dev.justice.gov.bc.ca/divorce/oidc/authenticate'
EDIVORCE_KEYCLOAK_BASE_URL = 'https://dev.oidc.gov.bc.ca'
EFILING_HUB_API_BASE_URL = 'https://fla-nginx-proxy-qzaydf-dev.pathfinder.gov.bc.ca/api'
EFILING_HUB_KEYCLOAK_BASE_URL = 'https://dev.oidc.gov.bc.ca'
if DEPLOYMENT_TYPE == 'test':
REGISTER_BCEID_URL = 'https://www.test.bceid.ca/directories/bluepages/details.aspx?serviceID=5521'
REGISTER_BCSC_URL = 'https://logontest7.gov.bc.ca/clp-cgi/fed/fedLaunch.cgi?partner=fed38&partnerList=fed38&flags=0001:0,7&TARGET=http://test.justice.gov.bc.ca/divorce/oidc/authenticate'
EDIVORCE_KEYCLOAK_BASE_URL = 'https://test.oidc.gov.bc.ca'
EFILING_HUB_API_BASE_URL = 'https://efiling-api-nginx-proxy-qzaydf-test.pathfinder.gov.bc.ca/api'
EFILING_HUB_KEYCLOAK_BASE_URL = 'https://sso-test.pathfinder.gov.bc.ca'
if DEPLOYMENT_TYPE == 'prod':
REGISTER_BCEID_URL = 'https://www.bceid.ca/directories/bluepages/details.aspx?serviceID=5203'
REGISTER_BCSC_URL = 'https://logon7.gov.bc.ca/clp-cgi/fed/fedLaunch.cgi?partner=fed49&partnerList=fed49&flags=0001:0,8&TARGET=http://justice.gov.bc.ca/divorce/oidc/authenticate'
EDIVORCE_KEYCLOAK_BASE_URL = 'https://oidc.gov.bc.ca'
EFILING_HUB_API_BASE_URL = 'https://to-be-filled-in-later'
EFILING_HUB_KEYCLOAK_BASE_URL = 'https://oidc.gov.bc.ca'
# Google Tag Manager (Production)
GTM_ID = 'GTM-W4Z2SPS'
if DEPLOYMENT_TYPE == 'unittest':
EDIVORCE_KEYCLOAK_BASE_URL = ''
EFILING_HUB_API_BASE_URL = ''
EFILING_HUB_KEYCLOAK_BASE_URL = ''
PROXY_URL_PREFIX = ''
# Keycloak OpenID Connect settings
EDIVORCE_KEYCLOAK_CLIENT_ID = 'e-divorce-app'
EDIVORCE_KEYCLOAK_REALM = 'tz0e228w'
KEYCLOAK_LOGOUT = f'{EDIVORCE_KEYCLOAK_BASE_URL}/auth/realms/{EDIVORCE_KEYCLOAK_REALM}/protocol/openid-connect/logout'
OIDC_OP_JWKS_ENDPOINT = f'{EDIVORCE_KEYCLOAK_BASE_URL}/auth/realms/{EDIVORCE_KEYCLOAK_REALM}/protocol/openid-connect/certs'
OIDC_OP_AUTHORIZATION_ENDPOINT = f'{EDIVORCE_KEYCLOAK_BASE_URL}/auth/realms/{EDIVORCE_KEYCLOAK_REALM}/protocol/openid-connect/auth'
OIDC_OP_TOKEN_ENDPOINT = f'{EDIVORCE_KEYCLOAK_BASE_URL}/auth/realms/{EDIVORCE_KEYCLOAK_REALM}/protocol/openid-connect/token'
OIDC_OP_USER_ENDPOINT = f'{EDIVORCE_KEYCLOAK_BASE_URL}/auth/realms/{EDIVORCE_KEYCLOAK_REALM}/protocol/openid-connect/userinfo'
OIDC_RP_CLIENT_ID = EDIVORCE_KEYCLOAK_CLIENT_ID
LOGIN_REDIRECT_URL = PROXY_URL_PREFIX + '/signin'
# this is needed to bypass the Keycloak login screen
OIDC_AUTH_REQUEST_EXTRA_PARAMS = {'kc_idp_hint': 'bceid'}
# EFiling Hub Settings
EFILING_HUB_ENABLED = True
EFILING_HUB_KEYCLOAK_REALM = EDIVORCE_KEYCLOAK_REALM
EFILING_HUB_KEYCLOAK_CLIENT_ID = 'e-divorce'
# Internal Relative Urls
FORCE_SCRIPT_NAME = PROXY_URL_PREFIX + '/'
STATIC_URL = PROXY_URL_PREFIX + '/static/'
# Internal Urls (within the OpenShift project)
WEASYPRINT_URL = 'http://weasyprint:5001'
WEASYPRINT_IMAGE_LOOPBACK = 'http://edivorce-django:8080'
WEASYPRINT_CSS_LOOPBACK = WEASYPRINT_IMAGE_LOOPBACK + PROXY_URL_PREFIX
# Basic authentication settings (meant for dev/test environments)
BASICAUTH_ENABLED = os.getenv('BASICAUTH_ENABLED', '').lower() == 'true'
BASICAUTH_USERNAME = os.getenv('BASICAUTH_USERNAME', '')
BASICAUTH_PASSWORD = os.getenv('BASICAUTH_PASSWORD', '')
# Lock down the session cookie settings
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
# CLAMAV settings
CLAMAV_ENABLED = True
CLAMAV_PORT = 3310
CLAMAV_HOST = os.getenv('CLAMAV_HOST', 'clamav')
# Redis settings
REDIS_HOST = os.getenv('REDIS_HOST', 'redis')
REDIS_PORT = 6379
REDIS_DB = ''
REDIS_PASSWORD = os.getenv('REDIS_PASSWORD', '')
def monkey_absolutify(request, path):
return PROXY_BASE_URL + path
# monkey-patching mozilla_django_oidc.utils.absolutify so it doesn't
# return urls prefixed with 'http://edivorce-django:8080' on OpenShift
mozilla_django_oidc_utils.absolutify = monkey_absolutify