--- /dev/null
+#-*- coding: utf-8 -*-
+"""
+Django settings for HyperKitty + Postorius
+"""
+
+import os
+BASE_DIR = os.path.dirname(os.path.abspath(__file__))
+VAR_DIR = "/var/spool"
+
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = 'change-that-at-install-time'
+
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = False
+
+TEMPLATE_DEBUG = DEBUG
+
+ADMINS = (
+ ('Mailman Admin', 'root@localhost'),
+)
+
+# CAS Settings
+CAS_SERVER_URL = ""
+CAS_LOGOUT_COMPLETELY = True
+CAS_PROVIDE_URL_TO_LOGOUT = True
+CAS_FORCE_SSL_SERVICE_URL = False
+CAS_GATEWAY = False
+# Users are created in the response callback because they don't exists
+# beforhand and don't need to be re-created afterwards.
+CAS_AUTO_CREATE_USER = False
+#CAS_CUSTOM_FORBIDDEN = path.to.some_view
+
+CAS_RESPONSE_CALLBACKS = (
+ 'lf_mailman.views.callbackfunction',
+ )
+
+#CAS_SUPERUSER_GROUP = ( )
+
+# Hosts/domain names that are valid for this site; required if DEBUG is False
+# See https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts
+ALLOWED_HOSTS = ["localhost"]
+# And for BrowserID too, see
+# http://django-browserid.rtfd.org/page/user/settings.html#django.conf.settings.BROWSERID_AUDIENCES
+BROWSERID_AUDIENCES = [ "http://localhost", "http://localhost:8000" ]
+
+# Mailman API credentials
+MAILMAN_REST_SERVER = MAILMAN_API_URL = 'http://localhost:8001'
+MAILMAN_API_USER = MAILMAN_USER = 'restadmin'
+MAILMAN_API_PASS = MAILMAN_PASS = 'restpass'
+MAILMAN_ARCHIVER_KEY = 'SecretArchiverAPIKey'
+MAILMAN_ARCHIVER_FROM = ('127.0.0.1', '::1', '::ffff:127.0.0.1')
+
+# Application definition
+
+INSTALLED_APPS = (
+ 'django.contrib.auth',
+ 'django.contrib.contenttypes',
+ 'django.contrib.sessions',
+ #'django.contrib.sites',
+ 'django.contrib.messages',
+ 'django.contrib.staticfiles',
+ # Uncomment the next line to enable the admin:
+ 'django.contrib.admin',
+ # Uncomment the next line to enable admin documentation:
+ # 'django.contrib.admindocs',
+ 'cas',
+ 'lf_mailman',
+ 'hyperkitty',
+ 'social.apps.django_app.default',
+ 'rest_framework',
+ 'django_gravatar',
+ 'crispy_forms',
+ 'paintstore',
+ 'compressor',
+ 'django_browserid',
+ 'haystack',
+ 'django_extensions',
+ 'postorius',
+)
+
+
+MIDDLEWARE_CLASSES = (
+ 'django.middleware.common.CommonMiddleware',
+ 'django.contrib.sessions.middleware.SessionMiddleware',
+ 'django.middleware.csrf.CsrfViewMiddleware',
+ 'django.contrib.auth.middleware.AuthenticationMiddleware',
+ 'django.contrib.messages.middleware.MessageMiddleware',
+ # Uncomment the next line for simple clickjacking protection:
+ # 'django.middleware.clickjacking.XFrameOptionsMiddleware',
+ # Uncomment the next line, and set PROXY_DOMAIN to proxy requests
+ # through CAS
+ #'cas.middleware.ProxyMiddleware',
+ 'cas.middleware.CASMiddleware',
+ 'hyperkitty.middleware.SSLRedirect',
+ 'hyperkitty.middleware.TimezoneMiddleware',
+)
+
+ROOT_URLCONF = 'mailman_web.urls'
+
+# CSS theme for postorius
+MAILMAN_THEME = "default"
+
+
+# Database
+# https://docs.djangoproject.com/en/1.6/ref/settings/#databases
+
+DATABASES = {
+ 'default': {
+ 'ENGINE': 'django.db.backends.postgresql_psycopg2', # Last part is one of 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
+ 'NAME': 'mailmanweb', # Example, change as needed
+ 'USER': 'mailmanweb', # Example, change as needed
+ 'PASSWORD': 'change-this-password', # Example, obviously
+ 'HOST': '127.0.0.1', # Empty for localhost through domain sockets or '127.0.0.1' for localhost through TCP.
+ 'PORT': '', # Set to empty string for default.
+ }
+}
+
+
+# If you're behind a proxy, use the X-Forwarded-Host header
+# See https://docs.djangoproject.com/en/1.5/ref/settings/#use-x-forwarded-host
+#USE_X_FORWARDED_HOST = True
+# And if your proxy does your SSL encoding for you, set SECURE_PROXY_SSL_HEADER
+# see https://docs.djangoproject.com/en/1.5/ref/settings/#secure-proxy-ssl-header
+#SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
+
+# Internationalization
+# https://docs.djangoproject.com/en/1.6/topics/i18n/
+
+LANGUAGE_CODE = 'en-us'
+
+TIME_ZONE = 'America/Chicago'
+
+USE_I18N = True
+
+USE_L10N = True
+
+USE_TZ = True
+
+
+# Static files (CSS, JavaScript, Images)
+# https://docs.djangoproject.com/en/1.6/howto/static-files/
+
+# Absolute filesystem path to the directory that will hold user-uploaded files.
+# Example: "/var/www/example.com/media/"
+MEDIA_ROOT = ''
+
+# URL that handles the media served from MEDIA_ROOT. Make sure to use a
+# trailing slash.
+# Examples: "http://example.com/media/", "http://media.example.com/"
+MEDIA_URL = ''
+
+# Absolute path to the directory static files should be collected to.
+# Don't put anything in this directory yourself; store your static files
+# in apps' "static/" subdirectories and in STATICFILES_DIRS.
+# Example: "/var/www/example.com/static/"
+#STATIC_ROOT = ''
+STATIC_ROOT = os.path.join(VAR_DIR, "mailman-web", "static")
+
+# URL prefix for static files.
+# Example: "http://example.com/static/", "http://static.example.com/"
+STATIC_URL = '/static/'
+
+# Additional locations of static files
+STATICFILES_DIRS = (
+ # Put strings here, like "/home/html/static" or "C:/www/django/static".
+ # Always use forward slashes, even on Windows.
+ # Don't forget to use absolute paths, not relative paths.
+)
+
+# List of finder classes that know how to find static files in
+# various locations.
+STATICFILES_FINDERS = (
+ 'django.contrib.staticfiles.finders.FileSystemFinder',
+ 'django.contrib.staticfiles.finders.AppDirectoriesFinder',
+# 'django.contrib.staticfiles.finders.DefaultStorageFinder',
+ 'compressor.finders.CompressorFinder',
+)
+
+
+TEMPLATE_CONTEXT_PROCESSORS = (
+ "django.contrib.auth.context_processors.auth",
+ "django.contrib.messages.context_processors.messages",
+ "django.core.context_processors.debug",
+ "django.core.context_processors.i18n",
+ "django.core.context_processors.media",
+ "django.core.context_processors.static",
+ "django.core.context_processors.csrf",
+ "django.core.context_processors.request",
+ "django.core.context_processors.tz",
+ "django.contrib.messages.context_processors.messages",
+ "social.apps.django_app.context_processors.backends",
+ "social.apps.django_app.context_processors.login_redirect",
+ "hyperkitty.context_processors.export_settings",
+ "hyperkitty.context_processors.postorius_info",
+ "postorius.context_processors.postorius",
+)
+
+TEMPLATE_DIRS = (
+ # Put strings here, like "/home/html/django_templates" or "C:/www/django/templates".
+ # Always use forward slashes, even on Windows.
+ # Don't forget to use absolute paths, not relative paths.
+)
+
+# Django 1.6+ defaults to a JSON serializer, but it won't work with django-openid, see
+# https://bugs.launchpad.net/django-openid-auth/+bug/1252826
+SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer'
+
+
+LOGIN_URL = '/archives/accounts/login/'
+LOGIN_REDIRECT_URL = '/archives/'
+LOGIN_ERROR_URL = '/archives/accounts/login/'
+
+BROWSERID_USERNAME_ALGO = lambda email: email # Use the email as identifier
+BROWSERID_VERIFY_CLASS = "django_browserid.views.Verify"
+
+
+
+#
+# Social auth
+#
+
+AUTHENTICATION_BACKENDS = (
+ #'social.backends.open_id.OpenIdAuth',
+ # http://python-social-auth.readthedocs.org/en/latest/backends/google.html
+ 'social.backends.google.GoogleOpenId',
+ 'cas.backends.CASBackend',
+ #'social.backends.google.GoogleOAuth2',
+ #'social.backends.twitter.TwitterOAuth',
+ 'social.backends.yahoo.YahooOpenId',
+ 'django_browserid.auth.BrowserIDBackend',
+ 'django.contrib.auth.backends.ModelBackend',
+)
+
+SOCIAL_AUTH_USERNAME_IS_FULL_EMAIL = True
+
+# http://python-social-auth.readthedocs.org/en/latest/pipeline.html#authentication-pipeline
+SOCIAL_AUTH_PIPELINE = (
+ 'social.pipeline.social_auth.social_details',
+ 'social.pipeline.social_auth.social_uid',
+ 'social.pipeline.social_auth.auth_allowed',
+ 'social.pipeline.social_auth.social_user',
+ 'social.pipeline.user.get_username',
+ # Associates the current social details with another user account with
+ # a similar email address. Disabled by default, enable with care:
+ # http://python-social-auth.readthedocs.org/en/latest/use_cases.html#associate-users-by-email
+ #'social.pipeline.social_auth.associate_by_email',
+ 'social.pipeline.user.create_user',
+ 'social.pipeline.social_auth.associate_user',
+ 'social.pipeline.social_auth.load_extra_data',
+ 'social.pipeline.user.user_details',
+)
+
+
+
+#
+# Gravatar
+# https://github.com/twaddington/django-gravatar
+#
+# Gravatar base url.
+#GRAVATAR_URL = 'http://cdn.libravatar.org/'
+# Gravatar base secure https url.
+#GRAVATAR_SECURE_URL = 'https://seccdn.libravatar.org/'
+# Gravatar size in pixels.
+#GRAVATAR_DEFAULT_SIZE = '80'
+# An image url or one of the following: 'mm', 'identicon', 'monsterid', 'wavatar', 'retro'.
+#GRAVATAR_DEFAULT_IMAGE = 'mm'
+# One of the following: 'g', 'pg', 'r', 'x'.
+#GRAVATAR_DEFAULT_RATING = 'g'
+# True to use https by default, False for plain http.
+#GRAVATAR_DEFAULT_SECURE = True
+
+#
+# django-compressor
+# https://pypi.python.org/pypi/django_compressor
+#
+COMPRESS_PRECOMPILERS = (
+ ('text/less', 'lessc {infile} {outfile}'),
+)
+COMPRESS_OFFLINE = True
+# needed for debug mode
+#INTERNAL_IPS = ('127.0.0.1',)
+
+# Django Crispy Forms
+CRISPY_TEMPLATE_PACK = 'bootstrap3'
+CRISPY_FAIL_SILENTLY = not DEBUG
+
+
+#
+# Full-text search engine
+#
+HAYSTACK_CONNECTIONS = {
+ 'default': {
+ 'ENGINE': 'haystack.backends.whoosh_backend.WhooshEngine',
+ 'PATH': os.path.join(VAR_DIR, "mailman-web", "fulltext_index"),
+ },
+}
+
+
+# A sample logging configuration. The only tangible logging
+# performed by this configuration is to send an email to
+# the site admins on every HTTP 500 error when DEBUG=False.
+# See http://docs.djangoproject.com/en/dev/topics/logging for
+# more details on how to customize your logging configuration.
+LOGGING = {
+ 'version': 1,
+ 'disable_existing_loggers': False,
+ 'filters': {
+ 'require_debug_false': {
+ '()': 'django.utils.log.RequireDebugFalse'
+ }
+ },
+ 'handlers': {
+ 'mail_admins': {
+ 'level': 'ERROR',
+ 'filters': ['require_debug_false'],
+ 'class': 'django.utils.log.AdminEmailHandler'
+ },
+ 'file':{
+ 'level': 'INFO',
+ #'class': 'logging.handlers.RotatingFileHandler',
+ 'class': 'logging.handlers.WatchedFileHandler',
+ 'filename': '/var/log/mailman-web/mailman-web.log',
+ 'formatter': 'verbose',
+ },
+ },
+ 'loggers': {
+ #'django.request': {
+ # 'handlers': ['mail_admins'],
+ # 'level': 'ERROR',
+ # 'propagate': True,
+ #},
+ 'django.request': {
+ 'handlers': ['file'],
+ 'level': 'ERROR',
+ 'propagate': True,
+ },
+ 'django': {
+ 'handlers': ['file'],
+ 'level': 'ERROR',
+ 'propagate': True,
+ },
+ 'hyperkitty': {
+ 'handlers': ['file'],
+ 'level': 'INFO',
+ 'propagate': True,
+ },
+ },
+ 'formatters': {
+ 'verbose': {
+ 'format': '%(levelname)s %(asctime)s %(module)s %(process)d %(thread)d %(message)s'
+ },
+ 'simple': {
+ 'format': '%(levelname)s %(message)s'
+ },
+ },
+ 'root': {
+ 'handlers': ['file'],
+ 'level': 'INFO',
+ },
+}
+
+
+## Cache: use the local memcached server
+#CACHES = {
+# 'default': {
+# 'BACKEND': 'django.core.cache.backends.memcached.PyLibMCCache',
+# 'LOCATION': '127.0.0.1:11211',
+# }
+#}
+
+
+
+#
+# HyperKitty-specific
+#
+
+APP_NAME = 'Mailing-list archives'
+
+# Allow authentication with the internal user database?
+# By default, only a login through Persona or your email provider is allowed.
+USE_INTERNAL_AUTH = False
+
+# Use SSL when logged in
+USE_SSL = True
+
+# Only display mailing-lists from the same virtual host as the webserver
+FILTER_VHOST = False
+
+# This is for development purposes
+USE_MOCKUPS = False
+
+
+try:
+ from settings_local import *
+except ImportError:
+ pass
'manage_django_packages' => true,
'manage_webserver' => true,
'postorius_version' => 'present',
+ 'use_cas' => true,
'web_homedir' => '/opt/mailman3-web',
'web_user' => 'mailman3-web',
'options' => {
it { is_expected.to contain_file('/opt/mailman3-web/djangoproject').with(
'owner' => 'mailman3-web',
'group' => 'mailman3-web',
+ 'source' => 'puppet:///modules/mailman3/djangoproject_cas'
).that_requires('User[mailman3-web]') }
it { is_expected.to contain_python__virtualenv('/opt/mailman3-web/virtualenv').with(
'virtualenv' => '/opt/mailman3-web/virtualenv',
) }
+ it { is_expected.to contain_python__pip('django-cas-client').with(
+ 'ensure' => '1.2.0',
+ 'virtualenv' => '/opt/mailman3-web/virtualenv',
+ ) }
+
it { is_expected.to contain_class('mailman3::repo') }
it { is_expected.to contain_package('nodejs-less') }
end
+ context 'with use_cas set to false' do
+
+ let(:params) {
+ {
+ 'django_version' => '1.7',
+ 'hyperkitty_version' => 'present',
+ 'install_web' => true,
+ 'manage_django_packages' => true,
+ 'manage_webserver' => true,
+ 'postorius_version' => 'present',
+ 'use_cas' => false,
+ 'web_homedir' => '/opt/mailman3-web',
+ 'web_user' => 'mailman3-web',
+ 'options' => {
+ 'paths' => {
+ 'var_dir' => '/opt/mailman3-web/data',
+ 'static_dir' => '/opt/mailman3-web/static',
+ 'log_file' => '/opt/mailman3-web/mailman3-web.log',
+ },
+ },
+ }
+ }
+
+ it { is_expected.to contain_file('/opt/mailman3-web/djangoproject').with(
+ 'owner' => 'mailman3-web',
+ 'group' => 'mailman3-web',
+ 'source' => 'puppet:///modules/mailman3/djangoproject'
+ ).that_requires('User[mailman3-web]') }
+
+ it { is_expected.to_not contain_file('/opt/mailman3-web/djangoproject').with(
+ 'owner' => 'mailman3-web',
+ 'group' => 'mailman3-web',
+ 'source' => 'puppet:///modules/mailman3/djangoproject_cas'
+ ).that_requires('User[mailman3-web]') }
+
+ it { is_expected.to_not contain_python__pip('django-cas-client').with(
+ 'ensure' => '1.2.0',
+ 'virtualenv' => '/opt/mailman3-web/virtualenv',
+ ) }
+ end
+
context 'with install_web flag set to false' do
let(:params) {
'manage_django_packages' => true,
'manage_webserver' => true,
'postorius_version' => '',
+ 'use_cas' => true,
'web_homedir' => '/',
'web_user' => 'test',
'options' => {
'manage_django_packages' => false,
'manage_webserver' => false,
'postorius_version' => 'present',
+ 'use_cas' => false,
'web_homedir' => '/opt/mailman3-web',
'web_user' => 'mailman3-web',
'options' => {
'manage_django_packages' => false,
'manage_webserver' => false,
'postorius_version' => 'present',
+ 'use_cas' => false,
'web_homedir' => '/opt/mailman3-web',
'web_user' => 'mailman3-web',
'options' => {
'manage_django_packages' => false,
'manage_webserver' => false,
'postorius_version' => 'present',
+ 'use_cas' => false,
'web_homedir' => '/opt/mailman3-web',
'web_user' => 'mailman3-web',
'options' => {
'manage_django_packages' => false,
'manage_webserver' => false,
'postorius_version' => 'present',
+ 'use_cas' => false,
'web_homedir' => '/opt/mailman3-web',
'web_user' => 'mailman3-web',
'options' => {},
Code Review / puppet / modules / mailman3.git / commitdiff