Merge pull request 'local_settings.py: clean way to store deployment secrets' (#3) from realaravinth/mystiq-sso:wip-local-settings into master

Reviewed-on: #3
2022-08-22 19:46:44 +05:30 · 2022-08-22 19:46:44 +05:30 · 8f62c31d49
parent 729447e9d6 2e9cc6aa7f
commit 8f62c31d49
7 changed files with 46 additions and 3 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -158,3 +158,6 @@ cython_debug/
 #  and can be added to the global gitignore or merged into this file.  For a more nuclear
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
 #.idea/
+
+sso/local_settings.py
+sso/local_settings/local_settings.py
--- a/.gitignore
+++ b/.gitignore
@ -158,3 +158,5 @@ cython_debug/
 #  and can be added to the global gitignore or merged into this file.  For a more nuclear
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
 #.idea/
+sso/local_settings.py
+sso/local_settings/local_settings.py
--- a/4
+++ b/4
@ -1,8 +1,8 @@
 FROM python:3
 ENV PYTHONDONTWRITEBYTECODE=1
 ENV PYTHONUNBUFFERED=1
-RUN useradd -ms /bin/bash -u 1001 mystiq-sso
-USER mystiq-sso
+#RUN useradd -ms /bin/bash -u 1001 mystiq-sso
+#USER mystiq-sso
 WORKDIR /code
 LABEL org.opencontainers.image.source https://git.batsense.net/mystiq/sso
 COPY requirements.txt /code/
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -17,7 +17,7 @@ services:
             python manage.py migrate &&
             python manage.py runserver 0.0.0.0:8000"
    volumes:
-      - .:/code
+      - ./sso/local_settings:/code/sso/local_settings/
    ports:
      - 8000:8000
        #    environment:
--- a/sso/local_settings/init.py
+++ b/sso/local_settings/init.py
--- a/sso/local_settings/local_settings.example.py
+++ b/sso/local_settings/local_settings.example.py
@ -0,0 +1,30 @@
+"""
+Django settings for dashboard project.
+
+Generated by 'django-admin startproject' using Django 4.0.3.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/4.0/topics/settings/
+
+For the full list of settings and their values, see
+https://docs.djangoproject.com/en/4.0/ref/settings/
+"""
+import environ
+import os
+
+env = environ.Env()
+
+# Quick-start development settings - unsuitable for production
+# See https://docs.djangoproject.com/en/4.0/howto/deployment/checklist/
+
+# SECURITY WARNING: keep the secret key used in production secret!
+# A new SECRET_KEY can be generated by running the following command:
+# openssl rand -hex  32
+SECRET_KEY = "django-insecure-44zt@)$td7_yh(01q^hrce%h(311n!djn%%#s1b7$cvfy!pf7y"
+
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = True
+
+ALLOWED_HOSTS = []
+
+print("Finished importing local_settings.ci.py")
--- a/sso/settings.py
+++ b/sso/settings.py
@ -135,3 +135,11 @@ OAUTH2_PROVIDER = {
        "openid": "OpenID Connect scope",
    },
 }
+
+try:
+    from .local_settings.local_settings import *
+
+    print("Found local_settings")
+except ModuleNotFoundError:
+    print("No local_settings available, using defaults")
+    pass