From d1cb6b1b95f14da2c8e67904de4955838d3a097e Mon Sep 17 00:00:00 2001 From: realaravinth Date: Mon, 22 Aug 2022 17:23:40 +0530 Subject: [PATCH 1/2] feat: local_settings to store secrets --- .gitignore | 2 ++ sso/local_settings/__init__.py | 0 sso/local_settings/local_settings.example.py | 30 ++++++++++++++++++++ sso/settings.py | 8 ++++++ 4 files changed, 40 insertions(+) create mode 100644 sso/local_settings/__init__.py create mode 100644 sso/local_settings/local_settings.example.py diff --git a/.gitignore b/.gitignore index 68bc17f..459c313 100644 --- a/.gitignore +++ b/.gitignore @@ -158,3 +158,5 @@ cython_debug/ # and can be added to the global gitignore or merged into this file. For a more nuclear # option (not recommended) you can uncomment the following to ignore the entire idea folder. #.idea/ +sso/local_settings.py +sso/local_settings/local_settings.py diff --git a/sso/local_settings/__init__.py b/sso/local_settings/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/sso/local_settings/local_settings.example.py b/sso/local_settings/local_settings.example.py new file mode 100644 index 0000000..2ab2ff5 --- /dev/null +++ b/sso/local_settings/local_settings.example.py @@ -0,0 +1,30 @@ +""" +Django settings for dashboard project. + +Generated by 'django-admin startproject' using Django 4.0.3. + +For more information on this file, see +https://docs.djangoproject.com/en/4.0/topics/settings/ + +For the full list of settings and their values, see +https://docs.djangoproject.com/en/4.0/ref/settings/ +""" +import environ +import os + +env = environ.Env() + +# Quick-start development settings - unsuitable for production +# See https://docs.djangoproject.com/en/4.0/howto/deployment/checklist/ + +# SECURITY WARNING: keep the secret key used in production secret! +# A new SECRET_KEY can be generated by running the following command: +# openssl rand -hex 32 +SECRET_KEY = "django-insecure-44zt@)$td7_yh(01q^hrce%h(311n!djn%%#s1b7$cvfy!pf7y" + +# SECURITY WARNING: don't run with debug turned on in production! +DEBUG = True + +ALLOWED_HOSTS = [] + +print("Finished importing local_settings.ci.py") diff --git a/sso/settings.py b/sso/settings.py index c31137b..b4093d2 100644 --- a/sso/settings.py +++ b/sso/settings.py @@ -135,3 +135,11 @@ OAUTH2_PROVIDER = { "openid": "OpenID Connect scope", }, } + +try: + from .local_settings.local_settings import * + + print("Found local_settings") +except ModuleNotFoundError: + print("No local_settings available, using defaults") + pass From 2e9cc6aa7f7ea3c6dafd6b3e15864fb11d76de88 Mon Sep 17 00:00:00 2001 From: realaravinth Date: Mon, 22 Aug 2022 17:32:31 +0530 Subject: [PATCH 2/2] feat: use local_settings in docker-compose --- .dockerignore | 3 +++ Dockerfile | 4 ++-- docker-compose.yml | 2 +- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.dockerignore b/.dockerignore index 68bc17f..632535f 100644 --- a/.dockerignore +++ b/.dockerignore @@ -158,3 +158,6 @@ cython_debug/ # and can be added to the global gitignore or merged into this file. For a more nuclear # option (not recommended) you can uncomment the following to ignore the entire idea folder. #.idea/ + +sso/local_settings.py +sso/local_settings/local_settings.py diff --git a/Dockerfile b/Dockerfile index c6cae4c..df9598c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,8 @@ FROM python:3 ENV PYTHONDONTWRITEBYTECODE=1 ENV PYTHONUNBUFFERED=1 -RUN useradd -ms /bin/bash -u 1001 mystiq-sso -USER mystiq-sso +#RUN useradd -ms /bin/bash -u 1001 mystiq-sso +#USER mystiq-sso WORKDIR /code LABEL org.opencontainers.image.source https://git.batsense.net/mystiq/sso COPY requirements.txt /code/ diff --git a/docker-compose.yml b/docker-compose.yml index 4df104e..8751547 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -17,7 +17,7 @@ services: python manage.py migrate && python manage.py runserver 0.0.0.0:8000" volumes: - - .:/code + - ./sso/local_settings:/code/sso/local_settings/ ports: - 8000:8000 # environment: