diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000..e00633c8 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,4 @@ +**/*.pyc +**/.*.sw* +*.tar +__pycache__ diff --git a/.gitignore b/.gitignore index 975adb01..ffc6a44b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,13 +1,17 @@ .cache/ .coverage .facsimile -*.pyc +*.env *.log +*.py[cod] *.sqlite -*.swp +*.sw* +*.tar OLD.* ci-dev.peeringdb.com/ config/facsimile/*.yaml genstatic/ -peeringdb_com +mainsite/settings/beta.py +mainsite/settings/prod.py +mainsite/settings/tutor.py venv diff --git a/config/VERSION b/Ctl/VERSION similarity index 100% rename from config/VERSION rename to Ctl/VERSION diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/etc/django-uwsgi.ini b/Ctl/docker/django-uwsgi.ini similarity index 64% rename from config/facsimile/tmpl/_ALL_/_DEPLOY_/etc/django-uwsgi.ini rename to Ctl/docker/django-uwsgi.ini index 27c92673..1a9ed250 100644 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/etc/django-uwsgi.ini +++ b/Ctl/docker/django-uwsgi.ini @@ -1,16 +1,15 @@ - [uwsgi] # project base dir -chdir={{env.home}}/peeringdb +chdir=/srv/www.peeringdb.com # wsgi app to run -module={{env.django.settings}}.wsgi +module=mainsite.wsgi # virtualenv -home={{env.home}}/venv +home=/srv/www.peeringdb.com/venv -# TODO instance ID + port base -socket=127.0.0.1:{{env.rc.base.admport}} -logger=syslog:uwsgi.pdb,local0 +# should be set from environment variable UWSGI_SOCKET +# socket=127.0.0.1:7002 +#logger=syslog:uwsgi.pdb,local0 # headers only # see nginx.conf's "large_client_header_buffers" for details diff --git a/Ctl/docker/entrypoint.sh b/Ctl/docker/entrypoint.sh new file mode 100755 index 00000000..c37d9eec --- /dev/null +++ b/Ctl/docker/entrypoint.sh @@ -0,0 +1,37 @@ +#!/bin/sh + + +if [[ "$PDB_NO_MIGRATE" == "" ]]; then + echo applying migrations - django_peeringdb + # always fake, since peeeringdb_server does not use concrete models + manage migrate django_peeringdb --fake + echo applying all migrations + manage migrate +fi + + +cd /srv/www.peeringdb.com + +case "$1" in + "uwsgi" ) + echo starting uwsgi + exec venv/bin/uwsgi --ini etc/django-uwsgi.ini + ;; + "inetd" ) + inetd -f -e -q 1024 + ;; + "in.whois" ) + exec ./in.whoisd + ;; + "whois" ) + line=$(head -1 | tr -cd '[:alnum:]._-') + exec manage pdb_whois "$line" + ;; + "/bin/sh" ) + echo dropping to shell + exec /bin/sh + ;; + * ) + exec manage $@ + ;; +esac diff --git a/Ctl/docker/inetd.conf b/Ctl/docker/inetd.conf new file mode 100644 index 00000000..84810c24 --- /dev/null +++ b/Ctl/docker/inetd.conf @@ -0,0 +1 @@ +whois stream tcp nowait pdb /srv/www.peeringdb.com/in.whoisd diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..ef8aa656 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,91 @@ +FROM python:3.7-alpine as base + +ARG virtual_env=/srv/www.peeringdb.com/venv + +ENV VIRTUAL_ENV="$virtual_env" +ENV PATH="$VIRTUAL_ENV/bin:$PATH" + + +# build container +FROM base as builder + +RUN apk --update --no-cache add \ + g++ \ + libjpeg-turbo-dev \ + linux-headers \ + make \ + mariadb-dev + +# create venv +RUN pip install -U pip pipenv +RUN python3 -m venv "$VIRTUAL_ENV" + +WORKDIR /srv/www.peeringdb.com +ADD Pipfile* ./ +RUN pipenv install --ignore-pipfile + +# inetd +RUN apk add busybox-extras + + +#### final image here + +FROM base as final + +ARG uid=996 + +# extra settings file if needed +ARG ADD_SETTINGS_FILE=mainsite/settings/dev.py + +# add dependencies +RUN apk add gettext libjpeg-turbo mariadb-connector-c + +RUN adduser -Du $uid pdb + +WORKDIR /srv/www.peeringdb.com +COPY --from=builder "$VIRTUAL_ENV" "$VIRTUAL_ENV" + +RUN mkdir -p api-cache etc locale media static var/log +COPY manage.py . +# container exec whois +COPY in.whoisd . +COPY Ctl/VERSION etc +COPY docs/ docs +COPY mainsite/ mainsite +COPY $ADD_SETTINGS_FILE mainsite/settings/ +COPY peeringdb_server/ peeringdb_server +COPY fixtures/ fixtures + +COPY scripts/manage /usr/bin/ + +# inetd for whois +COPY --from=builder /usr/sbin/inetd /usr/sbin/ +COPY Ctl/docker/inetd.conf /etc/ + +RUN chown -R pdb:pdb api-cache locale media var/log + +#### test image here +FROM final as tester + +WORKDIR /srv/www.peeringdb.com +ADD Pipfile* ./ +COPY tests/ tests + +RUN pip install -U pipenv +RUN pipenv install --dev --ignore-pipfile -v +RUN echo `which python` +RUN pip freeze +RUN pytest -x -v -rA --cov-report term-missing --cov=peeringdb_server tests/ + +#### entry point from final image, not tester +FROM final + +COPY Ctl/docker/entrypoint.sh . +COPY Ctl/docker/django-uwsgi.ini etc/ + +ENV UWSGI_SOCKET="127.0.0.1:7002" + +USER pdb + +ENTRYPOINT ["./entrypoint.sh"] +CMD ["runserver", "0.0.0.0:8080"] diff --git a/config/facsimile/ci.yaml b/config/facsimile/ci.yaml deleted file mode 100644 index 905fb0e7..00000000 --- a/config/facsimile/ci.yaml +++ /dev/null @@ -1,52 +0,0 @@ - -home: ci-dev.peeringdb.com - -contact: - email: {{environ.USER}}@localhost - from: {{environ.USER}}@localhost - notify: {{environ.USER}}@localhost - sponsorship: {{environ.USER}}@localhost - -rc: - db: - default: - host: localhost - name: peeringdb - ssl: - crt: - key: - api: - url: http://localhost/api - depth_result_limit: 250 - cache: - enabled: true - dir: ci-dev.peeringdb.com/etc/api-cache - log: ci-dev.peeringdb.com/var/log/api-cache.log - -recaptcha: - public_key: captcha-public-key-goes-here - -oauth: - enabled: false - -misc: - base_url : http://localhost - session: - domain: localhost - secure: False - suggestions: - org_id: 18982 - -django: - settings: ci_peeringdb_com - -deploy: - destdir: ci-dev.peeringdb.com - user: {{environ.USER}} - postcmd: - - chmod 0755 ci-dev.peeringdb.com/peeringdb/in.whoisd - - public: - listen: 0.0.0.0 - fq_name: no - diff --git a/config/facsimile/dev.example.yaml b/config/facsimile/dev.example.yaml deleted file mode 100644 index d57cba71..00000000 --- a/config/facsimile/dev.example.yaml +++ /dev/null @@ -1,59 +0,0 @@ - -home: {{environ.HOME}}/srv/dev.peeringdb.com - -release_env: dev - -contact: - email: {{environ.USER}}@localhost - from: {{environ.USER}}@localhost - notify: {{environ.USER}}@localhost - sponsorship: {{environ.USER}}@localhost - -rc: - db: - default: - host: localhost - name: {{environ.USER}}_peeringdb - prefix: {{environ.USER}}_ - #read: - # host: localhost - # name: {{environ.USER}}_peeringdb - # prefix: {{environ.USER}}_ - ssl: - crt: - key: - api: - url: http://localhost/api - depth_result_limit: 250 - cache: - enabled: true - dir: {{environ.HOME}}/srv/dev.peeringdb.com/etc/api-cache - log: {{environ.HOME}}/srv/dev.peeringdb.com/var/log/api-cache.log - -recaptcha: - public_key: captcha-public-key-goes-here - -oauth: - enabled: false - -misc: - base_url : http://localhost - session: - domain: localhost - secure: False - suggestions: - org_id: 18982 - -django: - settings: peeringdb_com - -deploy: - destdir: {{environ.HOME}}/srv/dev.peeringdb.com - user: {{environ.USER}} - postcmd: - - chmod 0755 {{environ.HOME}}/srv/dev.peeringdb.com/peeringdb/in.whoisd - - public: - listen: 0.0.0.0 - fq_name: no - diff --git a/config/facsimile/facsimile.yaml b/config/facsimile/facsimile.yaml deleted file mode 100644 index d430696b..00000000 --- a/config/facsimile/facsimile.yaml +++ /dev/null @@ -1,12 +0,0 @@ - -facsimile: - name: peeringdb - components: - peeringdb: - class: Facsimile - repo: git@github.com:peeringdb/peeringdb.git - - venv: - class: VirtualEnv - repo: git@github.com:peeringdb/peeringdb.git - diff --git a/config/facsimile/modules.yaml b/config/facsimile/modules.yaml deleted file mode 100644 index 0061ab09..00000000 --- a/config/facsimile/modules.yaml +++ /dev/null @@ -1,30 +0,0 @@ -- name: peeringdb - genconfig: false - write_sql: true - db: - name: peeringdb - selectable: [] - -- name: djangokey - genconfig: false - write_sql: false - -- name: deskpro - genconfig: false - write_sql: false - -- name: google_geoloc_api - genconfig: false - write_sql: false - -- name: lacnic_rdap_apikey - genconfig: false - write_sql: false - -- name: recaptcha - genconfig: false - write_sql: false - -- name: email - genconfig: false - write_sql: false diff --git a/config/facsimile/peeringdb.yaml b/config/facsimile/peeringdb.yaml deleted file mode 100644 index 379c998a..00000000 --- a/config/facsimile/peeringdb.yaml +++ /dev/null @@ -1,285 +0,0 @@ -release_env: dev -rc: - base: - port: 7003 - admport: 7002 - deskpro: - url: https://peeringdb.deskpro.com/api/v2/20180226 - -misc: - show_auto_prod_sync_warning: False - tutorial_mode: False - suggestions: - org_id: 0 - session: - domain: peeringdb.com - secure: True - ixf: - postmortem: - limit: 250 - ratelimits: - request_login_POST: "4/m" - view_request_ownership_POST: "3/m" - view_request_ownership_GET: "3/m" - view_affiliate_to_org_POST: "3/m" - resend_confirmation_mail: "2/m" - view_verify_POST: "2/m" - view_username_retrieve_initiate: "2/m" - request_translation: "2/m" - view_import_ixlan_ixf_preview: "1/m" - view_import_net_ixf_postmortem: "1/m" - api: - throtteling: - enabled: true - anon: "100/second" - user: "100/second" - compat: - client: - min: "0,6" - max: "255,0" - backends: - - name: django_peeringdb - min: "0,6" - max: "255,0" - maintenance: - lockfile: "maintenance.lock" - -locale: - # enable these locale - - en - - pt - - it - - cs_CZ - - de_DE - - el_GR - - es_ES - - fr_FR - - ja_JP - - ro_RO - - ru_RU - - zh_CN - - zh_TW - - -data_quality: - # maximum value to allow in network.info_prefixes4 - max_prefix_v4_limit: 500000 - # maximum value to allow in network.info_prefixes6 - max_prefix_v6_limit: 50000 - # minimum allowed length of a v4 prefix - min_prefixlen_v4: 18 - # maximum allowed length of a v4 prefix - max_prefixlen_v4: 28 - # minimum allowed length of a v6 prefix - min_prefixlen_v6: 64 - # maximum allowed length of a v6 prefix - max_prefixlen_v6: 116 - - -install: - groups: - - - type: tmpl - dir: tmpl - render_files: true - skip: ^\. - - # peeringdb static files - - type: copy - dir: $SRC_DIR$/peeringdb_server/static - pattern: ^$SRC_DIR$ - replace: peeringdb - skip: ^\. - - - type: copy - pattern: ^$SRC_DIR$ - replace: peeringdb - files: - - $SRC_DIR$/manage.py - - $SRC_DIR$/docs/api_list.md - - $SRC_DIR$/docs/api_retrieve.md - - $SRC_DIR$/docs/api_delete.md - - $SRC_DIR$/docs/api_create.md - - $SRC_DIR$/docs/api_update.md - - $SRC_DIR$/peeringdb_server/api_cache.py - - $SRC_DIR$/peeringdb_server/__init__.py - - $SRC_DIR$/peeringdb_server/admin.py - - $SRC_DIR$/peeringdb_server/models.py - - $SRC_DIR$/peeringdb_server/views.py - - $SRC_DIR$/peeringdb_server/data_views.py - - $SRC_DIR$/peeringdb_server/org_admin_views.py - - $SRC_DIR$/peeringdb_server/autocomplete_views.py - - $SRC_DIR$/peeringdb_server/apps.py - - $SRC_DIR$/peeringdb_server/signals.py - - $SRC_DIR$/peeringdb_server/inet.py - - $SRC_DIR$/peeringdb_server/mail.py - - $SRC_DIR$/peeringdb_server/urls.py - - $SRC_DIR$/peeringdb_server/search.py - - $SRC_DIR$/peeringdb_server/stats.py - - $SRC_DIR$/peeringdb_server/deskpro.py - - $SRC_DIR$/peeringdb_server/serializers.py - - $SRC_DIR$/peeringdb_server/admin_commandline_tools.py - - $SRC_DIR$/peeringdb_server/rest.py - - $SRC_DIR$/peeringdb_server/renderers.py - - $SRC_DIR$/peeringdb_server/settings.py - - $SRC_DIR$/peeringdb_server/forms.py - - $SRC_DIR$/peeringdb_server/export_views.py - - $SRC_DIR$/peeringdb_server/validators.py - - $SRC_DIR$/peeringdb_server/db_router.py - - $SRC_DIR$/peeringdb_server/mock.py - - $SRC_DIR$/peeringdb_server/maintenance.py - - $SRC_DIR$/peeringdb_server/import_views.py - - $SRC_DIR$/peeringdb_server/ixf.py - - $SRC_DIR$/peeringdb_server/client_adaptor/load.py - - $SRC_DIR$/peeringdb_server/client_adaptor/backend.py - - $SRC_DIR$/peeringdb_server/client_adaptor/__init__.py - - $SRC_DIR$/peeringdb_server/client_adaptor/setup.py - - $SRC_DIR$/peeringdb_server/management/__init__.py - - $SRC_DIR$/peeringdb_server/management/commands/__init__.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_deskpro_publish.py - - $SRC_DIR$/peeringdb_server/management/commands/_db_command.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_api_cache.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_api_test.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_fac_merge.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_fac_merge_undo.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_renumber_lans.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_undelete.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_reversion_inspect.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_status.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_whois.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_sponsorship_notify.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_batch_replace.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_ixp_merge.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_geosync.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_ixf_ixp_member_import.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_stats.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_deskpro_requeue.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_generate_test_data.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_wipe.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_maintenance.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_process_admin_tool_command.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_load_data.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_fix_status_history.py - - $SRC_DIR$/peeringdb_server/management/commands/pdb_migrate_ixlans.py - - $SRC_DIR$/peeringdb_server/migrations/__init__.py - - $SRC_DIR$/peeringdb_server/migrations/0001_initial.py - - $SRC_DIR$/peeringdb_server/migrations/0002_partnernship_model.py - - $SRC_DIR$/peeringdb_server/migrations/0003_add_lat_lon_to_address_models.py - - $SRC_DIR$/peeringdb_server/migrations/0004_geocode_fields.py - - $SRC_DIR$/peeringdb_server/migrations/0005_lat_lon_field_rename.py - - $SRC_DIR$/peeringdb_server/migrations/0006_network_allow_ixp_update.py - - $SRC_DIR$/peeringdb_server/migrations/0007_ixlan_json_member_list_url.py - - $SRC_DIR$/peeringdb_server/migrations/0008_ixf_import_log.py - - $SRC_DIR$/peeringdb_server/migrations/0009_rename_json_member_list_field.py - - $SRC_DIR$/peeringdb_server/migrations/0010_rename_ixf_ixp_member_list_url.py - - $SRC_DIR$/peeringdb_server/migrations/0011_commandline_tool.py - - $SRC_DIR$/peeringdb_server/migrations/0012_deskpro.py - - $SRC_DIR$/peeringdb_server/migrations/0013_user_locale.py - - $SRC_DIR$/peeringdb_server/migrations/0014_clt_description.py - - $SRC_DIR$/peeringdb_server/migrations/0015_email_address.py - - $SRC_DIR$/peeringdb_server/migrations/0016_auto_20190110_2321.py - - $SRC_DIR$/peeringdb_server/migrations/0017_ixf_ixp_import_enabled.py - - $SRC_DIR$/peeringdb_server/migrations/0018_set_ixf_ixp_import_enabled.py - - $SRC_DIR$/peeringdb_server/migrations/0019_auto_20190819_1133.py - - $SRC_DIR$/peeringdb_server/migrations/0020_vqueue_item_unique.py - - $SRC_DIR$/peeringdb_server/migrations/0020_sponsorship_multi_org.py - - $SRC_DIR$/peeringdb_server/migrations/0021_sponsorship_drop_single_org_relation_fields.py - - $SRC_DIR$/peeringdb_server/migrations/0022_ixlan_remove_auto_increment.py - - $SRC_DIR$/peeringdb_server/migrations/0023_netfac_local_asn.py - - $SRC_DIR$/peeringdb_server/migrations/0024_netixlan_asn.py - - $SRC_DIR$/peeringdb_server/migrations/0025_E164_phonenumbers.py - - $SRC_DIR$/peeringdb_server/migrations/0026_help_text_228.py - - $SRC_DIR$/peeringdb_server/migrations/0027_never_via_route_servers.py - - $SRC_DIR$/peeringdb_server/migrations/0028_ixlan_remove_auto_increment.py - - $SRC_DIR$/fixtures/initial_data.json - - $SRC_DIR$/peeringdb_server/templates/admin/admin_extended.html - - $SRC_DIR$/peeringdb_server/templates/admin/user-organizations.html - - $SRC_DIR$/peeringdb_server/templates/site/request-ownership.html - - $SRC_DIR$/peeringdb_server/templates/admin/org_merge_tool.html - - $SRC_DIR$/peeringdb_server/templates/admin/change_form.html - - $SRC_DIR$/peeringdb_server/templates/admin/peeringdb_server/commandlinetool/change_list.html - - $SRC_DIR$/peeringdb_server/templates/admin/peeringdb_server/commandlinetool/preview_command.html - - $SRC_DIR$/peeringdb_server/templates/admin/peeringdb_server/commandlinetool/prepare_command.html - - $SRC_DIR$/peeringdb_server/templates/admin/peeringdb_server/commandlinetool/run_command.html - - $SRC_DIR$/peeringdb_server/templates/site/verify.html - - $SRC_DIR$/peeringdb_server/templates/site/register.html - - $SRC_DIR$/peeringdb_server/templates/site/oauth-login.html - - $SRC_DIR$/peeringdb_server/templates/account/email_confirm.html - - $SRC_DIR$/peeringdb_server/templates/account/login.html - - $SRC_DIR$/peeringdb_server/templates/site/index.html - - $SRC_DIR$/peeringdb_server/templates/site/header.html - - $SRC_DIR$/peeringdb_server/templates/site/footer.html - - $SRC_DIR$/peeringdb_server/templates/site/view_header.html - - $SRC_DIR$/peeringdb_server/templates/site/view.html - - $SRC_DIR$/peeringdb_server/templates/site/error.html - - $SRC_DIR$/peeringdb_server/templates/site/error_404.html - - $SRC_DIR$/peeringdb_server/templates/site/error_403.html - - $SRC_DIR$/peeringdb_server/templates/site/maintenance.html - - $SRC_DIR$/peeringdb_server/templates/site/profile-change-password.html - - $SRC_DIR$/peeringdb_server/templates/site/profile-change-email.html - - $SRC_DIR$/peeringdb_server/templates/site/profile-affiliate.html - - $SRC_DIR$/peeringdb_server/templates/site/profile-confirm-email.html - - $SRC_DIR$/peeringdb_server/templates/site/profile-pick-language.html - - $SRC_DIR$/peeringdb_server/templates/site/view_network_side.html - - $SRC_DIR$/peeringdb_server/templates/site/view_network_bottom.html - - $SRC_DIR$/peeringdb_server/templates/site/view_exchange_side.html - - $SRC_DIR$/peeringdb_server/templates/site/view_exchange_bottom.html - - $SRC_DIR$/peeringdb_server/templates/site/view_facility_side.html - - $SRC_DIR$/peeringdb_server/templates/site/view_facility_bottom.html - - $SRC_DIR$/peeringdb_server/templates/site/view_network_assets.html - - $SRC_DIR$/peeringdb_server/templates/site/view_facility_assets.html - - $SRC_DIR$/peeringdb_server/templates/site/view_exchange_assets.html - - $SRC_DIR$/peeringdb_server/templates/site/view_organization_side.html - - $SRC_DIR$/peeringdb_server/templates/site/view_organization_bottom.html - - $SRC_DIR$/peeringdb_server/templates/site/view_organization_assets.html - - $SRC_DIR$/peeringdb_server/templates/site/view_exchange_tools.html - - $SRC_DIR$/peeringdb_server/templates/site/view_organization_tools.html - - $SRC_DIR$/peeringdb_server/templates/site/entity_create.html - - $SRC_DIR$/peeringdb_server/templates/site/view_network_tools.html - - $SRC_DIR$/peeringdb_server/templates/site/view_facility_tools.html - - $SRC_DIR$/peeringdb_server/templates/site/login.html - - $SRC_DIR$/peeringdb_server/templates/site/inline_search.html - - $SRC_DIR$/peeringdb_server/templates/site/inline_search_hidden.html - - $SRC_DIR$/peeringdb_server/templates/site/verification_banner.html - - $SRC_DIR$/peeringdb_server/templates/site/tutorial_mode_banner.html - - $SRC_DIR$/peeringdb_server/templates/site/beta_banner.html - - $SRC_DIR$/peeringdb_server/templates/site/header-sponsorships.html - - $SRC_DIR$/peeringdb_server/templates/site/search_result_frame.html - - $SRC_DIR$/peeringdb_server/templates/site/search_result.html - - $SRC_DIR$/peeringdb_server/templates/site/base.html - - $SRC_DIR$/peeringdb_server/templates/site/advanced-search.html - - $SRC_DIR$/peeringdb_server/templates/site/password-reset.html - - $SRC_DIR$/peeringdb_server/templates/site/header-partnerships.html - - $SRC_DIR$/peeringdb_server/templates/site/partnerships.html - - $SRC_DIR$/peeringdb_server/templates/site/username-retrieve-complete.html - - $SRC_DIR$/peeringdb_server/templates/site/username-retrieve.html - - $SRC_DIR$/peeringdb_server/templates/site/entity_suggest.html - - $SRC_DIR$/peeringdb_server/templates/site/view_suggest_fac.html - - $SRC_DIR$/peeringdb_server/templates/site/view_suggest_ix.html - - $SRC_DIR$/peeringdb_server/templates/site/view_suggest_net.html - - $SRC_DIR$/peeringdb_server/templates/site/advanced-search-org.html - - $SRC_DIR$/peeringdb_server/templates/email/username-retrieve.txt - - $SRC_DIR$/peeringdb_server/templates/email/password-reset.txt - - $SRC_DIR$/peeringdb_server/templates/email/notify-org-admin-user-affil.txt - - $SRC_DIR$/peeringdb_server/templates/email/notify-pdb-admin-user-affil.txt - - $SRC_DIR$/peeringdb_server/templates/email/notify-org-admin-user-affil-denied.txt - - $SRC_DIR$/peeringdb_server/templates/email/notify-org-admin-user-affil-approved.txt - - $SRC_DIR$/peeringdb_server/templates/email/notify-sponsorship-admin-expiration.txt - - $SRC_DIR$/peeringdb_server/templates/email/notify-pdb-admin-vq.txt - - $SRC_DIR$/peeringdb_server/templates/email/notify-pdb-admin-asnauto-skipvq.txt - - $SRC_DIR$/peeringdb_server/templates/email/notify-pdb-admin-asnauto-entity-creation.txt - - $SRC_DIR$/peeringdb_server/templates/email/notify-pdb-admin-asnauto-affil.txt - - $SRC_DIR$/peeringdb_server/templates/email/notify-org-admin-merge.txt - - $SRC_DIR$/peeringdb_server/templates/email/notify-user-uoar-ownership-approved.txt - - $SRC_DIR$/peeringdb_server/templates/email/notify-pdb-admin-rdap-error.txt - - $SRC_DIR$/peeringdb_server/templates/rest_framework_swagger/base.html - - $SRC_DIR$/peeringdb_server/templatetags/__init__.py - - $SRC_DIR$/peeringdb_server/templatetags/util.py - - $SRC_DIR$/peeringdb_server/templates/site/advanced-search-net.html - - $SRC_DIR$/peeringdb_server/templates/site/advanced-search-fac.html - - $SRC_DIR$/peeringdb_server/templates/site/advanced-search-ix.html - - $SRC_DIR$/peeringdb_server/templates/site/sponsorships.html - - $SRC_DIR$/peeringdb_server/templates/site/simple_content.html - - $SRC_DIR$/peeringdb_server/templates/site/aup.html - - $SRC_DIR$/peeringdb_server/templates/site/about.html - - $SRC_DIR$/peeringdb_server/templates/oauth2_provider/base.html diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/etc/mime.types b/config/facsimile/tmpl/_ALL_/_DEPLOY_/etc/mime.types deleted file mode 100644 index 89be9a4c..00000000 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/etc/mime.types +++ /dev/null @@ -1,89 +0,0 @@ - -types { - text/html html htm shtml; - text/css css; - text/xml xml; - image/gif gif; - image/jpeg jpeg jpg; - application/javascript js; - application/atom+xml atom; - application/rss+xml rss; - - text/mathml mml; - text/plain txt; - text/vnd.sun.j2me.app-descriptor jad; - text/vnd.wap.wml wml; - text/x-component htc; - - image/png png; - image/tiff tif tiff; - image/vnd.wap.wbmp wbmp; - image/x-icon ico; - image/x-jng jng; - image/x-ms-bmp bmp; - image/svg+xml svg svgz; - image/webp webp; - - application/font-woff woff; - application/java-archive jar war ear; - application/json json; - application/mac-binhex40 hqx; - application/msword doc; - application/pdf pdf; - application/postscript ps eps ai; - application/rtf rtf; - application/vnd.apple.mpegurl m3u8; - application/vnd.ms-excel xls; - application/vnd.ms-fontobject eot; - application/vnd.ms-powerpoint ppt; - application/vnd.wap.wmlc wmlc; - application/vnd.google-earth.kml+xml kml; - application/vnd.google-earth.kmz kmz; - application/x-7z-compressed 7z; - application/x-cocoa cco; - application/x-java-archive-diff jardiff; - application/x-java-jnlp-file jnlp; - application/x-makeself run; - application/x-perl pl pm; - application/x-pilot prc pdb; - application/x-rar-compressed rar; - application/x-redhat-package-manager rpm; - application/x-sea sea; - application/x-shockwave-flash swf; - application/x-stuffit sit; - application/x-tcl tcl tk; - application/x-x509-ca-cert der pem crt; - application/x-xpinstall xpi; - application/xhtml+xml xhtml; - application/xspf+xml xspf; - application/zip zip; - - application/octet-stream bin exe dll; - application/octet-stream deb; - application/octet-stream dmg; - application/octet-stream iso img; - application/octet-stream msi msp msm; - - application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; - application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; - application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; - - audio/midi mid midi kar; - audio/mpeg mp3; - audio/ogg ogg; - audio/x-m4a m4a; - audio/x-realaudio ra; - - video/3gpp 3gpp 3gp; - video/mp2t ts; - video/mp4 mp4; - video/mpeg mpeg mpg; - video/quicktime mov; - video/webm webm; - video/x-flv flv; - video/x-m4v m4v; - video/x-mng mng; - video/x-ms-asf asx asf; - video/x-ms-wmv wmv; - video/x-msvideo avi; -} diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/etc/my.cnf b/config/facsimile/tmpl/_ALL_/_DEPLOY_/etc/my.cnf deleted file mode 100644 index 7e4f08de..00000000 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/etc/my.cnf +++ /dev/null @@ -1,2 +0,0 @@ -[client] -password={{module.peeringdb.password}} diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/etc/uwsgi_params b/config/facsimile/tmpl/_ALL_/_DEPLOY_/etc/uwsgi_params deleted file mode 100644 index b57e8e78..00000000 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/etc/uwsgi_params +++ /dev/null @@ -1,15 +0,0 @@ - -uwsgi_param QUERY_STRING $query_string; -uwsgi_param REQUEST_METHOD $request_method; -uwsgi_param CONTENT_TYPE $content_type; -uwsgi_param CONTENT_LENGTH $content_length; - -uwsgi_param REQUEST_URI $request_uri; -uwsgi_param PATH_INFO $document_uri; -uwsgi_param DOCUMENT_ROOT $document_root; -uwsgi_param SERVER_PROTOCOL $server_protocol; - -uwsgi_param REMOTE_ADDR $remote_addr; -uwsgi_param REMOTE_PORT $remote_port; -uwsgi_param SERVER_PORT $server_port; -uwsgi_param SERVER_NAME $server_name; diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/d111_migrate.sh b/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/d111_migrate.sh deleted file mode 100644 index 8d1e4557..00000000 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/d111_migrate.sh +++ /dev/null @@ -1,15 +0,0 @@ -if [ -d "peeringdb_server" ]; then - echo "Moving peeringdb migrations directory temporarily ..." - mv peeringdb_server/migrations peeringdb_server/migrations_ignore - echo "Fake applying NSP migrations ..." - python manage.py migrate django_namespace_perms --fake - echo "Applying django migrations ..." - python manage.py migrate - echo "Restoring peeringdb migrations directory ..." - mv peeringdb_server/migrations_ignore peeringdb_server/migrations - echo "Fake applying peeringdb_server migrations ..." - python manage.py pdb_d111_migrate - echo "Done!" -else - echo "Script needs to be run in peeringdb project directory (same location as peeringdb_server)" -fi diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/01-local.conf b/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/01-local.conf deleted file mode 100644 index 54ea4913..00000000 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/01-local.conf +++ /dev/null @@ -1,164 +0,0 @@ - -ALLOWED_HOSTS = ['*'] -{% if env.release_env == 'dev' %} -DEBUG = True -TEMPLATES[0]["OPTIONS"]["debug"] = DEBUG -MAIL_DEBUG = DEBUG -#INSTALLED_APPS += ( -# 'debug_toolbar', -# ) -#DEBUG_TOOLBAR_PATCH_SETTINGS = False -{% else %} -DEBUG = False -{% endif %} - -RELEASE_ENV = '{{ env.release_env }}' -TUTORIAL_MODE = {{ env.misc.tutorial_mode }} - -PACKAGE_VERSION='{{facs.version}}' - -{% if env.misc.tutorial_mode %} -EMAIL_SUBJECT_PREFIX='[PDB TUTORIAL] ' -DISABLE_VERIFICATION_QUEUE_EMAILS = True -DISABLE_VERIFICATION_QUEUE = True -AUTO_APPROVE_AFFILIATION = True -AUTO_VERIFY_USERS = True -{% else %} -EMAIL_SUBJECT_PREFIX='[{{env.release_env}}] ' -{% endif %} - -# from for errors -SERVER_EMAIL='{{env.contact.email}}' -# from for users -DEFAULT_FROM_EMAIL='{{env.contact.email}}' -SPONSORSHIPS_EMAIL='{{env.contact.sponsorship}}' -ADMINS = ( - ('Support', '{{env.contact.email}}'), -) - -{% if env.mail %} -EMAIL_HOST = '{{env.mail.host}}' -EMAIL_PORT = {{env.mail.port}} -EMAIL_HOST_USER = '{{env.mail.user}}' -EMAIL_HOST_PASSWORD = '{{module.email.password}}' -EMAIL_USE_TLS = {{env.mail.tls}} -{% endif %} - - -STATIC_ROOT = '{{env.home}}/static' -STATIC_URL = '/s/{{facs.version}}/' - -MEDIA_ROOT = '{{env.home}}/media' -MEDIA_URL = '/m/{{facs.version}}/' - -SECRET_KEY = '{{module.djangokey.password}}' - -{% if env.misc.session.domain %} -SESSION_COOKIE_DOMAIN = '{{ env.misc.session.domain }}' -{% endif %} - -SESSION_COOKIE_SECURE = {{ env.misc.session.secure }} - -RECAPTCHA_PUBLIC_KEY = '{{ env.recaptcha.public_key }}' -RECAPTCHA_SECRET_KEY = '{{ module.recaptcha.password }}' - -DESKPRO_KEY = '{{ module.deskpro.password }}' -DESKPRO_URL = '{{ env.rc.deskpro.url }}' - -API_URL = '{{env.rc.api.url}}' -API_DEPTH_ROW_LIMIT = {{env.rc.api.depth_result_limit}} -API_CACHE_ROOT = '{{env.rc.api.cache.dir}}' -API_CACHE_ENABLED = {% if env.rc.api.cache.enabled %}True{% else %}False{% endif %} - -GOOGLE_GEOLOC_API_KEY = '{{ module.google_geoloc_api.password }}' - -RDAP_LACNIC_APIKEY = '{{ module.lacnic_rdap_apikey.password }}' - -{% if "log" in env.rc.api.cache %} -API_CACHE_LOG = "{{ env.rc.api.cache.log }}" -{% else %} -API_CACHE_LOG = os.path.join(API_CACHE_ROOT,'log.log') -{% endif %} - -MAINTENANCE_MODE_LOCKFILE = "{{ env.misc.maintenance.lockfile }}" - -DATABASES = { -{% for db_name, db in env.rc.db.items() %} - '{{db_name}}': { - 'ENGINE': 'django.db.backends.{{env.rc.db.engine | default('mysql')}}', - 'HOST': '{{db.host}}', - 'PORT': '{{db.port}}', - 'NAME': '{{db.prefix}}{{module.peeringdb.db.name}}', - 'USER': '{{db.prefix}}{{module.peeringdb.name}}', - 'PASSWORD': '{{module.peeringdb.password}}', - }, -{% endfor %} -} - -{% if 'read' in env.rc.db %} -DATABASE_ROUTERS = ["peeringdb_server.db_router.DatabaseRouter"] -{% endif %} - -CONN_MAX_AGE = 3600 - -SECURE_PROXY_SSL_HEADER = ('HTTP_X_FWD_PROTO', 'https') - -OAUTH_ENABLED = {% if env.oauth.enabled %}True{% else %}False{% endif %} - -# In a beta environment that gets sync'd from production this -# flag allows you to enable / disable showing of next sync date in -# the beta notification banner -SHOW_AUTO_PROD_SYNC_WARNING = {{ env.misc.show_auto_prod_sync_warning }} - - -LOGGING = { - 'version': 1, - 'disable_existing_loggers': False, - 'handlers': { - # Include the default Django email handler for errors - # This is what you'd get without configuring logging at all. - 'mail_admins': { - 'class': 'django.utils.log.AdminEmailHandler', - 'level': 'ERROR', - # But the emails are plain text by default - HTML is nicer - 'include_html': True, - }, - # Log to a text file that can be rotated by logrotate - 'logfile': { - 'class': 'logging.handlers.WatchedFileHandler', - 'filename': '{{env.home}}/var/log/django.log' - }, - 'console': { - 'level': 'DEBUG', - 'class': 'logging.StreamHandler', - }, - }, - 'loggers': { - # Again, default Django configuration to email unhandled exceptions - 'django.request': { - 'handlers': ['mail_admins'], - 'level': 'ERROR', - 'propagate': True, - }, - # Might as well log any errors anywhere else in Django - 'django': { -# 'handlers': ['console', 'logfile'], -# 'level': 'DEBUG', - 'handlers': ['logfile'], - 'level': 'ERROR', - 'propagate': False, - }, - # Your own app - this assumes all your logger names start with "myapp." - '': { - 'handlers': ['logfile'], - 'level': 'WARNING', # Or maybe INFO or DEBUG - 'propagate': False - }, - }, -} - -if DEBUG: - # make all loggers use the console. - for logger in LOGGING['loggers']: - LOGGING['loggers'][logger]['handlers'] = ['console'] - diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/10-base_pdb.conf b/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/10-base_pdb.conf deleted file mode 100644 index 00b8c952..00000000 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/10-base_pdb.conf +++ /dev/null @@ -1,142 +0,0 @@ - -ADMINS = ( - ('Support', '{{env.contact.email}}'), -) - -NSP_MODE = "crud" - -AUTH_USER_MODEL = 'peeringdb_server.User' - -GRAPPELLI_ADMIN_TITLE = 'PeeringDB' - -TABLE_PREFIX = "peeringdb_" -ABSTRACT_ONLY = True - -LOGIN_URL = "/login" -LOGIN_REDIRECT_URL = "/" - -BASE_URL = "{{env.misc.base_url}}" -PASSWORD_RESET_URL = "{{env.misc.base_url}}/reset-password" - -ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL = "/login" -ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL = "/verify" -ACCOUNT_EMAIL_REQUIRED = True - -# all suggested entities will be created under this org -SUGGEST_ENTITY_ORG = {{env.misc.suggestions.org_id}} - -CSRF_FAILURE_VIEW = 'peeringdb_server.views.view_http_error_csrf' - -RECAPTCHA_VERIFY_URL = 'https://www.google.com/recaptcha/api/siteverify' - -#'user' user group -USER_GROUP_ID=2 - -#'guest' user group -GUEST_GROUP_ID=1 - -MIDDLEWARE += ( - 'peeringdb_server.maintenance.Middleware', - 'oauth2_provider.middleware.OAuth2TokenMiddleware', - 'corsheaders.middleware.CorsMiddleware', -) - -MOBI_DETECT_TABLET = True - -INSTALLED_APPS += [ - 'dal', - 'dal_select2', - 'grappelli', - 'django.contrib.admin', - 'allauth', - 'allauth.account', - 'allauth.socialaccount', - 'allauth.socialaccount.providers.google', - 'allauth.socialaccount.providers.facebook', - 'bootstrap3', - 'corsheaders', - 'crispy_forms', - 'django_countries', - 'django_inet', - 'django_namespace_perms', - 'django_peeringdb', - 'django_tables2', - 'oauth2_provider', - 'peeringdb_server', - 'reversion', - 'captcha', - 'django_handleref', - ] - -# django_peeringdb settings -PEERINGDB_ABSTRACT_ONLY = True - -# add user defined iso code for Kosovo -COUNTRIES_OVERRIDE = { - 'XK': _('Kosovo'), -} - -AUTHENTICATION_BACKENDS += ( - 'oauth2_provider.backends.OAuth2Backend', - 'allauth.account.auth_backends.AuthenticationBackend', -) - -# No one specific host is allow Allow-Origin at this point] -# Origin for API get request is handled via signals (signals.py) -CORS_ORIGIN_WHITELIST = [] - -# don't allow cookies -CORS_ALLOW_CREDENTIALS = False - -# only allow for cross origin requests for GET and OPTIONS -CORS_ALLOW_METHODS = ["GET", "OPTIONS"] - -OAUTH2_PROVIDER = { - 'SCOPES': { - 'profile': 'user profile', - 'email': 'email address', - 'networks': 'list of user networks and permissions', - }, - 'ALLOWED_REDIRECT_URI_SCHEMES': ['https'], - 'REQUEST_APPROVAL_PROMPT': 'auto', -} - -# maximum value to allow in network.info_prefixes4 -DATA_QUALITY_MAX_PREFIX_V4_LIMIT = {{ env.data_quality.max_prefix_v4_limit }} - -# maximum value to allow in network.info_prefixes6 -DATA_QUALITY_MAX_PREFIX_V6_LIMIT = {{ env.data_quality.max_prefix_v6_limit }} - -# minimum value to allow for prefix length on a v4 prefix -DATA_QUALITY_MIN_PREFIXLEN_V4 = {{ env.data_quality.min_prefixlen_v4 }} - -# maximum value to allow for prefix length on a v4 prefix -DATA_QUALITY_MAX_PREFIXLEN_V4 = {{ env.data_quality.max_prefixlen_v4 }} - -# minimum value to allow for prefix length on a v6 prefix -DATA_QUALITY_MIN_PREFIXLEN_V6 = {{ env.data_quality.min_prefixlen_v6 }} - -# maximum value to allow for prefix length on a v6 prefix -DATA_QUALITY_MAX_PREFIXLEN_V6 = {{ env.data_quality.max_prefixlen_v6 }} - - -RATELIMITS = { -{% for k,v in env.misc.ratelimits.items() %} - "{{ k }}" : "{{ v }}", -{% endfor %} -} - -IXF_POSTMORTEM_LIMIT = {{ env.misc.ixf.postmortem.limit }} - -CACHES = { - "default" : { - "BACKEND" : "django.core.cache.backends.db.DatabaseCache", - "LOCATION" : "django_cache", - "OPTIONS" : { - # maximum number of entries in the cache - "MAX_ENTRIES" : 5000, - # once max entries are reach delete 500 of the oldest entries - "CULL_FREQUENCY" : 10 - } - } -} diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/10-locale.conf b/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/10-locale.conf deleted file mode 100644 index 924c2f23..00000000 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/10-locale.conf +++ /dev/null @@ -1,39 +0,0 @@ - -# If you set this to False, Django will make some optimizations so as not -# to load the internationalization machinery. -USE_I18N = True -#LANGUAGE_SESSION_KEY -#LANGUAGE_COOKIE_NAME -#LANGUAGE_COOKIE_AGE -#LANGUAGE_COOKIE_DOMAIN -#LANGUAGE_COOKIE_PATH -PROJECT_PATH = os.path.dirname(os.path.dirname(__file__)) -LOCALE_PATHS = ( - '', - os.path.join(PROJECT_PATH, 'locale/'), -) - -LANGUAGES = [ -{% if 'ar' in env.locale %}('ar', _('Arabic')),{% endif %} -{% if 'zh_CN' in env.locale %}('zh-cn', _('Chinese (Simplified)')),{% endif %} -{% if 'zh_TW' in env.locale %}('zh-tw', _('Chinese (Traditional)')),{% endif %} -{% if 'cs_CZ' in env.locale %}('cs-cz', _('Czech')),{% endif %} -{% if 'en' in env.locale %}('en', _('(English)')),{% endif %} -{% if 'fr_FR' in env.locale %}('fr-fr', _('French')),{% endif %} -{% if 'de_DE' in env.locale %}('de-de', _('German')),{% endif %} -{% if 'el_GR' in env.locale %}('el-gr', _('Greek')),{% endif %} -{% if 'it' in env.locale %}('it', _('Italian')),{% endif %} -{% if 'ja_JP' in env.locale %}('ja-jp', _('Japanese')),{% endif %} -{% if 'ko' in env.locale %}('ko', _('Korean')),{% endif %} -{% if 'pt' in env.locale %}('pt', _('Portuguese')),{% endif %} -{% if 'ro_RO' in env.locale %}('ro-ro', _('Romanian')),{% endif %} -{% if 'ru_RU' in env.locale %}('ru-ru', _('Russian')),{% endif %} -{% if 'es_ES' in env.locale %}('es-es', _('Spanish')),{% endif %} -] - -# Language code for this installation. All choices can be found here: -# http://www.i18nguy.com/unicode/language-identifiers.html -LANGUAGE_CODE = 'en-us' -# If you set this to False, Django will not format dates, numbers and -# calendars according to the current locale. -USE_L10N = True diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/20-rest.conf b/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/20-rest.conf deleted file mode 100644 index 04893311..00000000 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/20-rest.conf +++ /dev/null @@ -1,83 +0,0 @@ -INSTALLED_APPS += ( - 'rest_framework', - 'rest_framework_swagger' - ) - -REST_FRAMEWORK = { - 'DEFAULT_AUTHENTICATION_CLASSES': ( - 'rest_framework.authentication.BasicAuthentication', - 'rest_framework.authentication.SessionAuthentication' - ), - - # Use hyperlinked styles by default. - # Only used if the `serializer_class` attribute is not set on a view. - 'DEFAULT_MODEL_SERIALIZER_CLASS': - 'rest_framework.serializers.HyperlinkedModelSerializer', - - # Use Django's standard `django.contrib.auth` permissions, - # or allow read-only access for unauthenticated users. - # Handle rest of permissioning via django-namespace-perms - 'DEFAULT_PERMISSION_CLASSES': [ - 'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly', - 'django_namespace_perms.rest.BasePermission', - ], - - 'DEFAULT_RENDERER_CLASSES': ( - 'peeringdb_server.renderers.MetaJSONRenderer', - ), - - {% if env.misc.api.throtteling.enabled %} - - 'DEFAULT_THROTTLE_CLASSES': ( - 'rest_framework.throttling.AnonRateThrottle', - 'rest_framework.throttling.UserRateThrottle' - ), - - 'DEFAULT_THROTTLE_RATES': { - 'anon': '{{ env.misc.api.throtteling.anon }}', - 'user': '{{ env.misc.api.throtteling.user }}' - }, - - {% endif %} - - "DEFAULT_SCHEMA_CLASS": "rest_framework.schemas.coreapi.AutoSchema", - - - -} - -CLIENT_COMPAT = { - "client" : { - "min": ({{ env.misc.api.compat.client.min }}), - "max": ({{ env.misc.api.compat.client.max }}) - }, - "backends" : { - {% for backend in env.misc.api.compat.backends %} - "{{ backend.name }}" : { - "min" : ({{ backend.min }}), - "max" : ({{ backend.max }}) - }, - {% endfor %} - } -} - - -SWAGGER_SETTINGS = { - 'api_version' : '0.1', - 'api_path' : '/api', - 'enabled_methods' : [ - 'get', - 'post', - 'put', - 'delete' - ], - 'info' : { - 'contact' : '{{env.contact.email}}', - 'description' : 'PeeringDB REST API' - } -} - -API_DOC_STR = {} -for op in ["list","retrieve","create","update","delete"]: - with open(os.path.join(BASE_DIR, "docs", "api_{}.md".format(op)), "r") as fh: - API_DOC_STR[op] = fh.read() diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/50-migration.conf b/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/50-migration.conf deleted file mode 100644 index 5d3e0206..00000000 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.d/50-migration.conf +++ /dev/null @@ -1,13 +0,0 @@ - -PASSWORD_HASHERS = ( - 'django.contrib.auth.hashers.PBKDF2PasswordHasher', - 'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher', - 'django.contrib.auth.hashers.BCryptPasswordHasher', - 'django.contrib.auth.hashers.SHA1PasswordHasher', - 'django.contrib.auth.hashers.MD5PasswordHasher', - 'django.contrib.auth.hashers.CryptPasswordHasher', - 'hashers_passlib.md5_crypt', - 'hashers_passlib.des_crypt', - 'hashers_passlib.bsdi_crypt', -) - diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.py b/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.py deleted file mode 100644 index ce06a925..00000000 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/settings.py +++ /dev/null @@ -1,150 +0,0 @@ -# Django settings - -import os -BASE_DIR = os.path.join(os.path.dirname(os.path.abspath(__file__)), '..') - -# lazy init for translations -_ = lambda s: s - -ADMINS = () -MANAGERS = ADMINS - -TEST_RUNNER = 'django.test.runner.DiscoverRunner' - -# Local time zone for this installation. Choices can be found here: -# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name -# although not all choices may be available on all operating systems. -# In a Windows environment this must be set to your system time zone. -TIME_ZONE = 'UTC' - -SITE_ID = 1 - - -# If you set this to False, Django will not use timezone-aware datetimes. -USE_TZ = True - -# Absolute filesystem path to the directory that will hold user-uploaded files. -# Example: "/home/media/media.lawrence.com/media/" -MEDIA_ROOT = '' - -# URL that handles the media served from MEDIA_ROOT. Make sure to use a -# trailing slash. -# Examples: "http://media.lawrence.com/media/", "http://example.com/media/" -MEDIA_URL = '' - -# Additional locations of static files -STATICFILES_DIRS = ( - # Put strings here, like "/home/html/static" or "C:/www/django/static". - # Always use forward slashes, even on Windows. - # Don't forget to use absolute paths, not relative paths. -) - -# List of finder classes that know how to find static files in -# various locations. -STATICFILES_FINDERS = ( - 'django.contrib.staticfiles.finders.AppDirectoriesFinder', - 'django.contrib.staticfiles.finders.FileSystemFinder', -# 'django.contrib.staticfiles.finders.DefaultStorageFinder', -) - -STATIC_URL = '/s/' - -# List of callables that know how to import templates from various sources. -_TEMPLATE_LOADERS = ( - 'django.template.loaders.filesystem.Loader', - 'django.template.loaders.app_directories.Loader', -# 'django.template.loaders.eggs.Loader', -) - -_TEMPLATE_CONTEXT_PROCESSORS = ( - "django.contrib.auth.context_processors.auth", - "django.template.context_processors.debug", - "django.template.context_processors.request", - "django.template.context_processors.i18n", - "django.template.context_processors.media", - "django.template.context_processors.static", - "django.template.context_processors.tz", - "django.contrib.messages.context_processors.messages", -) - -_TEMPLATE_DIRS = ( - os.path.join(BASE_DIR, "templates"), - os.path.join(BASE_DIR, "peeringdb_server", "templates"), -) - -TEMPLATES = [ - { - "BACKEND" : 'django.template.backends.django.DjangoTemplates', - "DIRS" : _TEMPLATE_DIRS, - "APP_DIRS" : True, - "OPTIONS" : { - "context_processors" : _TEMPLATE_CONTEXT_PROCESSORS, - #"loaders" : _TEMPLATE_LOADERS - } - } -] - -MIDDLEWARE = ( - 'django.middleware.common.CommonMiddleware', - 'django.contrib.sessions.middleware.SessionMiddleware', - 'django.middleware.locale.LocaleMiddleware', - 'django.middleware.csrf.CsrfViewMiddleware', - 'django.contrib.auth.middleware.AuthenticationMiddleware', - 'django.contrib.messages.middleware.MessageMiddleware', - 'django.middleware.clickjacking.XFrameOptionsMiddleware', -) - -ROOT_URLCONF = 'peeringdb_com.urls' - -# Python dotted path to the WSGI application used by Django's runserver. -WSGI_APPLICATION = 'peeringdb_com.wsgi.application' - -CRISPY_TEMPLATE_PACK = 'bootstrap3' - -INSTALLED_APPS = [ - 'django.contrib.auth', - 'django.contrib.contenttypes', - 'django.contrib.sessions', - 'django.contrib.sites', - 'django.contrib.messages', - 'django.contrib.staticfiles', -] - -# A sample logging configuration. The only tangible logging -# performed by this configuration is to send an email to -# the site admins on every HTTP 500 error when DEBUG=False. -# See http://docs.djangoproject.com/en/dev/topics/logging for -# more details on how to customize your logging configuration. -LOGGING = { - 'version': 1, - 'disable_existing_loggers': False, - 'formatters' : {}, - 'filters': { - 'require_debug_false': { - '()': 'django.utils.log.RequireDebugFalse' - } - }, - 'handlers': { - 'mail_admins': { - 'level': 'ERROR', - 'filters': ['require_debug_false'], - 'class': 'django.utils.log.AdminEmailHandler' - } - }, - 'loggers': { - 'django.request': { - 'handlers': ['mail_admins'], - 'level': 'ERROR', - 'propagate': True, - }, - } -} - -AUTHENTICATION_BACKENDS = ("django_namespace_perms.auth.backends.NSPBackend",) - -import os.path -import glob -conffiles = glob.glob(os.path.join(os.path.dirname(__file__), 'settings.d', '*.conf')) -conffiles.sort() -for f in conffiles: - exec(compile(open(os.path.abspath(f)).read(), os.path.abspath(f), "exec")) diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/urls.py b/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/urls.py deleted file mode 100644 index 4cf2b2eb..00000000 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/urls.py +++ /dev/null @@ -1,41 +0,0 @@ -from django.conf.urls import include, url -from django.conf.urls.static import static -from django.conf import settings -from django.views.generic.base import RedirectView - -# auto admin -from django.contrib import admin -admin.autodiscover() - -import peeringdb_server.urls - -import allauth.account.views - -from peeringdb_server.views import view_login - - -urlpatterns = [ - url(r'^grappelli/', include('grappelli.urls')), - #FIXME: adapt to DAL3 changes - #url(r'^autocomplete/', include('dal.urls')), - #FIXME: can remove this if we upgrade to allauth > 0.24.2, upgrade - #has been held off at this point because it requires migrations - url(r'^accounts/confirm-email/(?P[-:\w]+)/$', allauth.account.views.confirm_email, name="account_confirm_email"), - url(r'^accounts/', include('allauth.urls')), - url(r'^cp/peeringdb_server/organizationmerge/add/', RedirectView.as_view(url='/cp/peeringdb_server/organization/org-merge-tool', permanent=False)), - # we want to use default pdb login for admin area, since that is rate limited. - url(r'^cp/login/', view_login), - url(r'^cp/', admin.site.urls), -] -urlpatterns += static(settings.STATIC_URL, document_root=settings.STATIC_ROOT) -urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) - -urlpatterns += [ - url(r'^captcha/', include('captcha.urls')), - ] - -urlpatterns += peeringdb_server.urls.urlpatterns - -handler_404 = 'peeringdb_server.views.view_http_error_404' -handler_403 = 'peeringdb_server.views.view_http_error_403' - diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/var/log/keep b/config/facsimile/tmpl/_ALL_/_DEPLOY_/var/log/keep deleted file mode 100644 index e69de29b..00000000 diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/var/log/merge_import/keep b/config/facsimile/tmpl/_ALL_/_DEPLOY_/var/log/merge_import/keep deleted file mode 100644 index e69de29b..00000000 diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/var/tmp/nxuwsgi/keep b/config/facsimile/tmpl/_ALL_/_DEPLOY_/var/tmp/nxuwsgi/keep deleted file mode 100644 index e69de29b..00000000 diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/var/tmp/unused/keep b/config/facsimile/tmpl/_ALL_/_DEPLOY_/var/tmp/unused/keep deleted file mode 100644 index e69de29b..00000000 diff --git a/config/facsimile/tmpl/_ALL_/init.sql b/config/facsimile/tmpl/_ALL_/init.sql deleted file mode 100644 index ef5857c7..00000000 --- a/config/facsimile/tmpl/_ALL_/init.sql +++ /dev/null @@ -1,23 +0,0 @@ - -{% for k, each in module.items() %} - {% if each.db %} - {% if each.db.name %} -create database if not exists {{env.rc.db.default.prefix}}{{each.db.name}} character set = utf8; -grant all on {{env.rc.db.default.prefix}}{{each.db.name}}.* to '{{env.rc.db.default.prefix}}{{each.name}}'@'localhost' identified by '{{each.password}}'; -grant all on {{env.rc.db.default.prefix}}{{each.db.name}}.* to '{{env.rc.db.default.prefix}}{{each.name}}'@'%' identified by '{{each.password}}'; - {% endif %} - - {% for table in each.db.selectable %} -grant select on {{table}} to '{{env.rc.db.default.prefix}}{{each.name}}'@'localhost' identified by '{{each.password}}'; -grant select on {{table}} to '{{env.rc.db.default.prefix}}{{each.name}}'@'%.%.int' identified by '{{each.password}}'; - {% endfor %} - {% for table in each.db.writable %} -grant all on {{table}} to '{{env.rc.db.default.prefix}}{{each.name}}'@'localhost' identified by '{{each.password}}'; -grant all on {{table}} to '{{env.rc.db.default.prefix}}{{each.name}}'@'%.%.int' identified by '{{each.password}}'; - {% endfor %} - - {% endif %} -{% endfor %} - -flush privileges; - diff --git a/docs/container.md b/docs/container.md new file mode 100644 index 00000000..dbc18cc2 --- /dev/null +++ b/docs/container.md @@ -0,0 +1,63 @@ + +# PeeringDB Container + + +## Building + +```sh +export CONTAINER_TAG=peeringdb:server-`cat Ctl/VERSION` +docker build -t $CONTAINER_TAG -f Dockerfile . +``` + +## Running + +### Environment Variables + +`PDB_NO_MIGRATE`: If set to anything, will skip migrations, otherwise, migrations will always be applied first thing while running. + +`DATABASE_ENGINE` default "mysql" +`DATABASE_HOST` default "127.0.0.1" +`DATABASE_PORT` default "" +`DATABASE_NAME` default "peeringdb" +`DATABASE_USER` default "peeringdb" +`DATABASE_PASSWORD` default "" + + + +### Mount points + +`/srv/www.peeringdb.com/api-cache`: api cache +`/srv/www.peeringdb.com/locale`: translations +`/srv/www.peeringdb.com/mainsite`: site settings +`/srv/www.peeringdb.com/media`: media files +`/srv/www.peeringdb.com/peeringdb_server`: server code +`/srv/www.peeringdb.com/static`: static files +`/srv/www.peeringdb.com/var/log`: log files + + +### Entry point + +The entry point will run migrations and pass directly to django's manage script. + +Other options: + +`/bin/sh` to drop to shell +`inetd` run the inetd whois server + + +### Examples + +Example: Using a shell for development + +This is assuming you have an external synced database running locally + +```sh +export CONTAINER_TAG=peeringdb:server-`cat Ctl/VERSION` +docker run --net=host -it \ + -v `pwd`/mainsite/:/srv/www.peeringdb.com/mainsite \ + -v `pwd`/peeringdb_server:/srv/www.peeringdb.com/peeringdb_server \ + -e DATABASE_PASSWORD=$DB_PASSWORD \ + $CONTAINER_TAG /bin/sh +``` + +Once you're in the container, you can run `manage runserver 0.0.0.0:$PORT` to start a development server. diff --git a/facsimile b/facsimile deleted file mode 120000 index b9303b6a..00000000 --- a/facsimile +++ /dev/null @@ -1 +0,0 @@ -config/facsimile \ No newline at end of file diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/in.whoisd b/in.whoisd similarity index 56% rename from config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/in.whoisd rename to in.whoisd index c48e3a9d..6be0730d 100755 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/in.whoisd +++ b/in.whoisd @@ -1,26 +1,25 @@ -#!{{env.home}}/venv/bin/python - +#!/usr/bin/env python import logging import os import sys -#print "path", sys.path +# print "path", sys.path try: - os.environ.setdefault("DJANGO_SETTINGS_MODULE", "peeringdb_com.settings") + os.environ.setdefault("DJANGO_SETTINGS_MODULE", "mainsite.settings") from django.core.management import execute_from_command_line inp = sys.stdin.readline().strip() if inp: - argv = ['in.whoisd', 'pdb_whois', inp] + argv = ["in.whoisd", "pdb_whois", inp] execute_from_command_line(argv) except BaseException as e: # TODO log here - need to inherit -# log = logging.getLogger('pdb.script.whois') -# log.exception(e) + # log = logging.getLogger('pdb.script.whois') + # log.exception(e) print("an error occurred: {}".format(e)) pass diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/__init__.py b/mainsite/__init__.py similarity index 100% rename from config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/__init__.py rename to mainsite/__init__.py diff --git a/mainsite/settings/__init__.py b/mainsite/settings/__init__.py new file mode 100644 index 00000000..1dfc24f0 --- /dev/null +++ b/mainsite/settings/__init__.py @@ -0,0 +1,623 @@ +# Django settings + +import os + +import django.conf.global_settings + + +_DEFAULT_ARG = object() + + +def print_debug(*args, **kwargs): + if DEBUG: + print(*args, **kwargs) + + +def get_locale_name(code): + """ Gets the readble name for a locale code. """ + language_map = dict(django.conf.global_settings.LANGUAGES) + + # check for exact match + if code in language_map: + return language_map[code] + + # try for the language, fall back to just using the code + language = code.split("-")[0] + return language_map.get(language, code) + + +def set_default(name, value): + """ Sets the default value for the option if it's not already set. """ + if name not in globals(): + globals()[name] = value + + +def set_from_env(name, default=_DEFAULT_ARG): + """ + Sets a global variable from a environment variable of the same name. + + This is useful to leave the option unset and use Django's default (which may change). + """ + if default is _DEFAULT_ARG and name not in os.environ: + return + + globals()[name] = os.environ.get(name, default) + + +def set_option(name, value): + """ Sets and option, first checking for env vars, then checking for value already set, then going to the default value if passed. """ + if name in os.environ: + globals()[name] = os.environ.get(name) + + if name not in globals(): + globals()[name] = value + + +def set_bool(name, value): + """ Sets and option, first checking for env vars, then checking for value already set, then going to the default value if passed. """ + if name in os.environ: + envval = os.environ.get(name).lower() + if envval in ["1", "true", "y", "yes"]: + globals()[name] = True + elif envval in ["0", "false", "n", "no"]: + globals()[name] = False + else: + raise ValueError( + "{} is a boolean, cannot match '{}'".format(name, os.environ[name]) + ) + + if name not in globals(): + globals()[name] = value + + +def try_include(filename): + """ Tries to include another file from the settings directory. """ + print_debug("including {} {}".format(filename, RELEASE_ENV)) + try: + with open(filename) as f: + exec(compile(f.read(), filename, "exec"), globals()) + + print_debug("loaded additional settings file '{}'".format(filename)) + + except FileNotFoundError: + print_debug( + "additional settings file '{}' was not found, skipping".format(filename) + ) + pass + + +def read_file(name): + with open(name) as fh: + return fh.read() + + +_ = lambda s: s + +BASE_DIR = os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..")) + +# set RELEASE_ENV, usually one of dev, beta, tutor, prod +set_option("RELEASE_ENV", "dev") + +set_bool("DEBUG", False) + +if RELEASE_ENV == "dev": + set_bool("DEBUG", True) + +# look for mainsite/settings/${RELEASE_ENV}.py and load if it exists +env_file = os.path.join(os.path.dirname(__file__), "{}.py".format(RELEASE_ENV)) +try_include(env_file) + +print_debug("Release env is '{}'".format(RELEASE_ENV)) + +# set version, default from /srv/www.peeringdb.com/etc/VERSION +set_option( + "PEERINGDB_VERSION", read_file(os.path.join(BASE_DIR, "etc/VERSION")).strip() +) + +# Contact email, from address, support email +set_from_env("SERVER_EMAIL") + +set_from_env("SECRET_KEY") + +# database +set_option("DATABASE_ENGINE", "mysql") +set_option("DATABASE_HOST", "127.0.0.1") +set_option("DATABASE_PORT", "") +set_option("DATABASE_NAME", "peeringdb") +set_option("DATABASE_USER", "peeringdb") +set_option("DATABASE_PASSWORD", "") + +# Keys + +set_from_env("GOOGLE_GEOLOC_API_KEY") + +set_from_env("RDAP_LACNIC_APIKEY") + +set_from_env("RECAPTCHA_PUBLIC_KEY") +set_from_env("RECAPTCHA_SECRET_KEY") + +set_from_env("DESKPRO_KEY") +set_from_env("DESKPRO_URL") + +# Limits + +API_THROTTLE_ENABLED = True +API_THROTTLE_RATE_ANON = "100/second" +API_THROTTLE_RATE_USER = "100/second" + +# maximum value to allow in network.info_prefixes4 +set_option("DATA_QUALITY_MAX_PREFIX_V4_LIMIT", 500000) + +# maximum value to allow in network.info_prefixes6 +set_option("DATA_QUALITY_MAX_PREFIX_V6_LIMIT", 50000) + +# minimum value to allow for prefix length on a v4 prefix +set_option("DATA_QUALITY_MIN_PREFIXLEN_V4", 18) + +# maximum value to allow for prefix length on a v4 prefix +set_option("DATA_QUALITY_MAX_PREFIXLEN_V4", 28) + +# minimum value to allow for prefix length on a v6 prefix +set_option("DATA_QUALITY_MIN_PREFIXLEN_V6", 64) + +# maximum value to allow for prefix length on a v6 prefix +set_option("DATA_QUALITY_MAX_PREFIXLEN_V6", 116) + +RATELIMITS = { + "request_login_POST": "4/m", + "request_translation": "2/m", + "resend_confirmation_mail": "2/m", + "view_request_ownership_POST": "3/m", + "view_request_ownership_GET": "3/m", + "view_affiliate_to_org_POST": "3/m", + "view_verify_POST": "2/m", + "view_username_retrieve_initiate": "2/m", + "view_import_ixlan_ixf_preview": "1/m", + "view_import_net_ixf_postmortem": "1/m", +} + + +# Django config + +ALLOWED_HOSTS = ["*"] +SITE_ID = 1 + +TIME_ZONE = "UTC" +USE_TZ = True + +ADMINS = ("Support", SERVER_EMAIL) +MANAGERS = ADMINS + +MEDIA_ROOT = os.path.abspath(os.path.join(BASE_DIR, "media")) +MEDIA_URL = "/m/{}/".format(PEERINGDB_VERSION) + +STATIC_ROOT = os.path.abspath(os.path.join(BASE_DIR, "static")) +STATIC_URL = "/s/{}/".format(PEERINGDB_VERSION) + +CACHES = { + "default": { + "BACKEND": "django.core.cache.backends.db.DatabaseCache", + "LOCATION": "django_cache", + "OPTIONS": { + # maximum number of entries in the cache + "MAX_ENTRIES": 5000, + # once max entries are reach delete 500 of the oldest entries + "CULL_FREQUENCY": 10, + }, + } +} + +DATABASES = { + "default": { + "ENGINE": "django.db.backends.{}".format(DATABASE_ENGINE), + "HOST": DATABASE_HOST, + "PORT": DATABASE_PORT, + "NAME": DATABASE_NAME, + "USER": DATABASE_USER, + "PASSWORD": DATABASE_PASSWORD, + }, +} + + +LOGGING = { + "version": 1, + "disable_existing_loggers": False, + "handlers": { + # Include the default Django email handler for errors + # This is what you'd get without configuring logging at all. + "mail_admins": { + "class": "django.utils.log.AdminEmailHandler", + "level": "ERROR", + # But the emails are plain text by default - HTML is nicer + "include_html": True, + }, + # Log to a text file that can be rotated by logrotate + "logfile": { + "class": "logging.handlers.WatchedFileHandler", + "filename": os.path.join(BASE_DIR, "var/log/django.log"), + }, + "console": {"level": "DEBUG", "class": "logging.StreamHandler",}, + }, + "loggers": { + # Again, default Django configuration to email unhandled exceptions + "django.request": { + "handlers": ["mail_admins"], + "level": "ERROR", + "propagate": True, + }, + # Might as well log any errors anywhere else in Django + "django": { + # 'handlers': ['console', 'logfile'], + # 'level': 'DEBUG', + "handlers": ["logfile"], + "level": "ERROR", + "propagate": False, + }, + # Your own app - this assumes all your logger names start with "myapp." + "": { + "handlers": ["logfile"], + "level": "WARNING", # Or maybe INFO or DEBUG + "propagate": False, + }, + }, +} +INSTALLED_APPS = [ + "django.contrib.auth", + "django.contrib.contenttypes", + "django.contrib.sessions", + "django.contrib.sites", + "django.contrib.messages", + "django.contrib.staticfiles", + "dal", + "dal_select2", + "grappelli", + "django.contrib.admin", + "allauth", + "allauth.account", + "allauth.socialaccount", + "allauth.socialaccount.providers.google", + "allauth.socialaccount.providers.facebook", + "bootstrap3", + "corsheaders", + "crispy_forms", + "django_countries", + "django_inet", + "django_namespace_perms", + "django_peeringdb", + "django_tables2", + "oauth2_provider", + "peeringdb_server", + "reversion", + "captcha", + "django_handleref", +] + +# List of finder classes that know how to find static files in +# various locations. +STATICFILES_FINDERS = ( + "django.contrib.staticfiles.finders.AppDirectoriesFinder", + "django.contrib.staticfiles.finders.FileSystemFinder", + # 'django.contrib.staticfiles.finders.DefaultStorageFinder', +) + +# List of callables that know how to import templates from various sources. +_TEMPLATE_LOADERS = ( + "django.template.loaders.filesystem.Loader", + "django.template.loaders.app_directories.Loader", + # 'django.template.loaders.eggs.Loader', +) + +_TEMPLATE_CONTEXT_PROCESSORS = ( + "django.contrib.auth.context_processors.auth", + "django.template.context_processors.debug", + "django.template.context_processors.request", + "django.template.context_processors.i18n", + "django.template.context_processors.media", + "django.template.context_processors.static", + "django.template.context_processors.tz", + "django.contrib.messages.context_processors.messages", +) + +_TEMPLATE_DIRS = (os.path.join(BASE_DIR, "peeringdb_server", "templates"),) + +TEMPLATES = [ + { + "BACKEND": "django.template.backends.django.DjangoTemplates", + "DIRS": _TEMPLATE_DIRS, + "APP_DIRS": True, + "OPTIONS": { + "context_processors": _TEMPLATE_CONTEXT_PROCESSORS, + # "loaders" : _TEMPLATE_LOADERS + }, + } +] + +TEST_RUNNER = "django.test.runner.DiscoverRunner" + +MIDDLEWARE = ( + "django.middleware.common.CommonMiddleware", + "django.contrib.sessions.middleware.SessionMiddleware", + "django.middleware.locale.LocaleMiddleware", + "django.middleware.csrf.CsrfViewMiddleware", + "django.contrib.auth.middleware.AuthenticationMiddleware", + "django.contrib.messages.middleware.MessageMiddleware", + "django.middleware.clickjacking.XFrameOptionsMiddleware", +) + +AUTHENTICATION_BACKENDS = list() + +PASSWORD_HASHERS = ( + "django.contrib.auth.hashers.PBKDF2PasswordHasher", + "django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher", + "django.contrib.auth.hashers.BCryptPasswordHasher", + "django.contrib.auth.hashers.SHA1PasswordHasher", + "django.contrib.auth.hashers.MD5PasswordHasher", + "django.contrib.auth.hashers.CryptPasswordHasher", + "hashers_passlib.md5_crypt", + "hashers_passlib.des_crypt", + "hashers_passlib.bsdi_crypt", +) + +ROOT_URLCONF = "mainsite.urls" +CONN_MAX_AGE = 3600 + + +# email vars should be already set from the release environment file +# override here from env if set +set_from_env("EMAIL_HOST") +set_from_env("EMAIL_PORT") +set_from_env("EMAIL_HOST_USER") +set_from_env("EMAIL_HOST_PASSWORD") +set_from_env("EMAIL_USE_TLS") + +set_from_env("SESSION_COOKIE_DOMAIN") +set_from_env("SESSION_COOKIE_SECURE") +set_option("SECURE_PROXY_SSL_HEADER", ("HTTP_X_FWD_PROTO", "https")) + +DEFAULT_FROM_EMAIL = SERVER_EMAIL + + +# Python dotted path to the WSGI application used by Django's runserver. +WSGI_APPLICATION = "mainsite.wsgi.application" + + +AUTH_USER_MODEL = "peeringdb_server.User" + +GRAPPELLI_ADMIN_TITLE = "PeeringDB" + +TABLE_PREFIX = "peeringdb_" +ABSTRACT_ONLY = True + +LOGIN_URL = "/login" +LOGIN_REDIRECT_URL = "/" + +# App config + +CRISPY_TEMPLATE_PACK = "bootstrap3" + +## django-cors-headers + +# No one specific host is allow Allow-Origin at this point] +# Origin for API get request is handled via signals (signals.py) +CORS_ORIGIN_WHITELIST = [] + +# don't allow cookies +CORS_ALLOW_CREDENTIALS = False + +# only allow for cross origin requests for GET and OPTIONS +CORS_ALLOW_METHODS = ["GET", "OPTIONS"] + +## OAuth2 + +# allows PeeringDB to use external OAuth2 sources +set_option("OAUTH_ENABLED", False) + +AUTHENTICATION_BACKENDS += ( + # for OAuth provider + "oauth2_provider.backends.OAuth2Backend", + # for OAuth against external sources + "allauth.account.auth_backends.AuthenticationBackend", +) + +MIDDLEWARE += ( + "peeringdb_server.maintenance.Middleware", + "oauth2_provider.middleware.OAuth2TokenMiddleware", + "corsheaders.middleware.CorsMiddleware", +) + +OAUTH2_PROVIDER = { + "SCOPES": { + "profile": "user profile", + "email": "email address", + "networks": "list of user networks and permissions", + }, + "ALLOWED_REDIRECT_URI_SCHEMES": ["https"], + "REQUEST_APPROVAL_PROMPT": "auto", +} + + +## NSP + +NSP_MODE = "crud" +AUTHENTICATION_BACKENDS += ("django_namespace_perms.auth.backends.NSPBackend",) + + +## Django Rest Framework + +INSTALLED_APPS += ("rest_framework", "rest_framework_swagger") + +REST_FRAMEWORK = { + "DEFAULT_AUTHENTICATION_CLASSES": ( + "rest_framework.authentication.BasicAuthentication", + "rest_framework.authentication.SessionAuthentication", + ), + # Use hyperlinked styles by default. + # Only used if the `serializer_class` attribute is not set on a view. + "DEFAULT_MODEL_SERIALIZER_CLASS": "rest_framework.serializers.HyperlinkedModelSerializer", + # Use Django's standard `django.contrib.auth` permissions, + # or allow read-only access for unauthenticated users. + # Handle rest of permissioning via django-namespace-perms + "DEFAULT_PERMISSION_CLASSES": [ + "rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly", + "django_namespace_perms.rest.BasePermission", + ], + "DEFAULT_RENDERER_CLASSES": ("peeringdb_server.renderers.MetaJSONRenderer",), + "DEFAULT_SCHEMA_CLASS": "rest_framework.schemas.coreapi.AutoSchema", +} + +if API_THROTTLE_ENABLED: + REST_FRAMEWORK.update( + { + "DEFAULT_THROTTLE_CLASSES": ( + "rest_framework.throttling.AnonRateThrottle", + "rest_framework.throttling.UserRateThrottle", + ), + "DEFAULT_THROTTLE_RATES": { + "anon": API_THROTTLE_RATE_ANON, + "user": API_THROTTLE_RATE_USER, + }, + } + ) + + +## PeeringDB + +# TODO for tests + +# from address for sponsorship emails +set_option("SPONSORSHIPS_EMAIL", SERVER_EMAIL) + + +set_option("API_URL", "https://peeringdb.com/api") +API_DEPTH_ROW_LIMIT = 250 +API_CACHE_ENABLED = True +API_CACHE_ROOT = os.path.join(BASE_DIR, "api-cache") +API_CACHE_LOG = os.path.join(BASE_DIR, "var/log/api-cache.log") + +set_option("BASE_URL", "http://localhost") +set_option("PASSWORD_RESET_URL", os.path.join(BASE_URL, "reset-password")) + +ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL = "/login" +ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL = "/verify" +ACCOUNT_EMAIL_REQUIRED = True + + +# add user defined iso code for Kosovo +COUNTRIES_OVERRIDE = { + "XK": _("Kosovo"), +} + + +# Which client config versions we support +set_option( + "CLIENT_COMPAT", + { + "client": {"min": "0,6", "max": "255,0",}, + "backends": {"django_peeringdb": {"min": "0,6", "max": "255,0",},}, + }, +) + +set_option("IXF_POSTMORTEM_LIMIT", 250) + +set_option("MAINTENANCE_MODE_LOCKFILE", "maintenance.lock") + +# django_peeringdb settings +PEERINGDB_ABSTRACT_ONLY = True + +# In a beta environment that gets sync'd from production this +# flag allows you to enable / disable showing of next sync date in +# the beta notification banner +set_option("SHOW_AUTO_PROD_SYNC_WARNING", False) + + +# TODO -- let's make this 1 +# TODO -- why are the ids different for prod, beta, tutor, etc? +# all suggested entities will be created under this org +set_option("SUGGEST_ENTITY_ORG", 20525) + +set_option("TUTORIAL_MODE", False) + +#'guest' user group +GUEST_GROUP_ID = 1 + +#'user' user group +USER_GROUP_ID = 2 + +CSRF_FAILURE_VIEW = "peeringdb_server.views.view_http_error_csrf" + +RECAPTCHA_VERIFY_URL = "https://www.google.com/recaptcha/api/siteverify" + + +## Locale + +LANGUAGE_CODE = "en-us" +USE_I18N = True +USE_L10N = True + +LOCALE_PATHS = (os.path.join(BASE_DIR, "locale"),) + +LANGUAGES = [ + # ("ar", _("Arabic")), + ("cs-cz", _("Czech")), + ("de-de", _("German")), + ("el-gr", _("Greek")), + ("en", _("English")), + ("es-es", _("Spanish")), + ("fr-fr", _("French")), + ("it", _("Italian")), + ("ja-jp", _("Japanese")), + # ("ko", _("Korean")), + ("pt", _("Portuguese")), + ("ro-ro", _("Romanian")), + ("ru-ru", _("Russian")), + ("zh-cn", _("Chinese (Simplified)")), + ("zh-tw", _("Chinese (Traditional)")), +] + + +# enable all languages available in the locale directory +set_option("ENABLE_ALL_LANGUAGES", False) + +if ENABLE_ALL_LANGUAGES: + language_dict = dict(LANGUAGES) + for locale_path in LOCALE_PATHS: + for name in os.listdir(locale_path): + path = os.path.join(locale_path, name) + if not os.path.isdir(os.path.join(path, "LC_MESSAGES")): + continue + code = name.replace("_", "-").lower() + if code not in language_dict: + name = _(get_locale_name(code)) + language_dict[code] = name + + LANGUAGES = sorted(language_dict.items()) + +# dynamic config starts here + +API_DOC_STR = {} +for op in ["list", "retrieve", "create", "update", "delete"]: + with open(os.path.join(BASE_DIR, "docs", "api_{}.md".format(op)), "r") as fh: + API_DOC_STR[op] = fh.read() + + +MAIL_DEBUG = DEBUG +TEMPLATES[0]["OPTIONS"]["debug"] = DEBUG + +if DEBUG: + # make all loggers use the console. + for logger in LOGGING["loggers"]: + LOGGING["loggers"][logger]["handlers"] = ["console"] + + +if TUTORIAL_MODE: + EMAIL_SUBJECT_PREFIX = "[PDB TUTORIAL] " + DISABLE_VERIFICATION_QUEUE_EMAILS = True + DISABLE_VERIFICATION_QUEUE = True + AUTO_APPROVE_AFFILIATION = True + AUTO_VERIFY_USERS = True +else: + EMAIL_SUBJECT_PREFIX = "[{}] ".format(RELEASE_ENV) + +print_debug( + "loaded settings for PeeringDB {} (DEBUG: {})".format(PEERINGDB_VERSION, DEBUG) +) diff --git a/mainsite/settings/dev.py b/mainsite/settings/dev.py new file mode 100644 index 00000000..a5bf1200 --- /dev/null +++ b/mainsite/settings/dev.py @@ -0,0 +1,30 @@ +import logging +import secrets + + +# database config +# set_option("DATABASE_ENGINE", "mysql") +# set_option("DATABASE_HOST", "127.0.0.1") +# set_option("DATABASE_PORT", "") +# set_option("DATABASE_NAME", "peeringdb") +# set_option("DATABASE_USER", "peeringdb") +# set_option("DATABASE_PASSWORD", "") + +set_option("SERVER_EMAIL", "pdb@localhost") + +set_from_env("SECRET_KEY", None) +if not SECRET_KEY: + print_debug("SECRET_KEY not set, generating an ephemeral one") + SECRET_KEY = secrets.token_urlsafe(64) + +# Keys + +GOOGLE_GEOLOC_API_KEY = "" + +RDAP_LACNIC_APIKEY = "" + +RECAPTCHA_PUBLIC_KEY = "" +RECAPTCHA_SECRET_KEY = "" + +DESKPRO_KEY = "" +DESKPRO_URL = "" diff --git a/mainsite/urls.py b/mainsite/urls.py new file mode 100644 index 00000000..43c56528 --- /dev/null +++ b/mainsite/urls.py @@ -0,0 +1,50 @@ +from django.conf.urls import include, url +from django.conf.urls.static import static +from django.conf import settings +from django.views.generic.base import RedirectView + +# auto admin +from django.contrib import admin + +admin.autodiscover() + +import peeringdb_server.urls + +import allauth.account.views + +from peeringdb_server.views import view_login + + +urlpatterns = [ + url(r"^grappelli/", include("grappelli.urls")), + # FIXME: adapt to DAL3 changes + # url(r'^autocomplete/', include('dal.urls')), + # FIXME: can remove this if we upgrade to allauth > 0.24.2, upgrade + # has been held off at this point because it requires migrations + url( + r"^accounts/confirm-email/(?P[-:\w]+)/$", + allauth.account.views.confirm_email, + name="account_confirm_email", + ), + url(r"^accounts/", include("allauth.urls")), + url( + r"^cp/peeringdb_server/organizationmerge/add/", + RedirectView.as_view( + url="/cp/peeringdb_server/organization/org-merge-tool", permanent=False + ), + ), + # we want to use default pdb login for admin area, since that is rate limited. + url(r"^cp/login/", view_login), + url(r"^cp/", admin.site.urls), +] +urlpatterns += static(settings.STATIC_URL, document_root=settings.STATIC_ROOT) +urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) + +urlpatterns += [ + url(r"^captcha/", include("captcha.urls")), +] + +urlpatterns += peeringdb_server.urls.urlpatterns + +handler_404 = "peeringdb_server.views.view_http_error_404" +handler_403 = "peeringdb_server.views.view_http_error_403" diff --git a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/wsgi.py b/mainsite/wsgi.py similarity index 93% rename from config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/wsgi.py rename to mainsite/wsgi.py index 0ee85c03..379fc1fb 100644 --- a/config/facsimile/tmpl/_ALL_/_DEPLOY_/peeringdb/peeringdb_com/wsgi.py +++ b/mainsite/wsgi.py @@ -15,12 +15,13 @@ framework. """ import os -os.environ.setdefault("DJANGO_SETTINGS_MODULE", "peeringdb_com.settings") +os.environ.setdefault("DJANGO_SETTINGS_MODULE", "mainsite.settings") # This application object is used by any WSGI server configured to use this # file. This includes Django's development server, if the WSGI_APPLICATION # setting points here. from django.core.wsgi import get_wsgi_application + application = get_wsgi_application() # Apply WSGI middleware here. diff --git a/manage.py b/manage.py index 78541941..7bdb1c7f 100755 --- a/manage.py +++ b/manage.py @@ -3,7 +3,7 @@ import os import sys if __name__ == "__main__": - os.environ.setdefault("DJANGO_SETTINGS_MODULE", "peeringdb_com.settings") + os.environ.setdefault("DJANGO_SETTINGS_MODULE", "mainsite.settings") from django.core.management import execute_from_command_line diff --git a/peeringdb_server/settings.py b/peeringdb_server/settings.py index 10bfcb83..d56d30cd 100644 --- a/peeringdb_server/settings.py +++ b/peeringdb_server/settings.py @@ -1,7 +1,7 @@ import os from django.conf import settings -PEERINGDB_VERSION = getattr(settings, "PACKAGE_VERSION", "") +PEERINGDB_VERSION = getattr(settings, "PEERINGDB_VERSION", "") RDAP_URL = getattr(settings, "PEERINGDB_RDAP_URL", "https://rdap.db.ripe.net/") RDAP_LACNIC_APIKEY = getattr(settings, "PEERINGDB_RDAP_LACNIC_APIKEY", None) RDAP_RECURSE_ROLES = getattr( diff --git a/scripts/manage b/scripts/manage new file mode 100755 index 00000000..9fa79d22 --- /dev/null +++ b/scripts/manage @@ -0,0 +1,8 @@ +#!/bin/sh + +export PDB_HOME=/srv/www.peeringdb.com + +. $PDB_HOME/venv/bin/activate +cd $PDB_HOME + +./manage.py $@ diff --git a/tests/django_init.py b/tests/django_init.py index 651ad5e6..5586fa79 100644 --- a/tests/django_init.py +++ b/tests/django_init.py @@ -126,7 +126,7 @@ settings.configure( TIME_ZONE="UTC", USE_TZ=True, AUTHENTICATION_BACKENDS=("django_namespace_perms.auth.backends.NSPBackend",), - ROOT_URLCONF="peeringdb_com.urls", + ROOT_URLCONF="mainsite.urls", LOGGING={ "version": 1, "disable_existing_loggers": False, diff --git a/tox.ini b/tox.ini index 14082d0d..bc508625 100644 --- a/tox.ini +++ b/tox.ini @@ -10,11 +10,6 @@ setenv = PYTHONWARNINGS=once PIPENV_IGNORE_VIRTUALENVS=1 -whitelist_externals = - rm - ln - ls - deps = pipenv @@ -25,11 +20,4 @@ passenv = commands = pipenv install --dev --ignore-pipfile - pipenv run facs peeringdb ci {env:PDB_VERSION:0.0.0.0} --src-dir=. - - # this should move to a generated tox path - rm -f peeringdb_com - ln -s ci-dev.peeringdb.com/peeringdb/peeringdb_com/ - ls -al peeringdb_com/ - pipenv run pytest -v -rA --cov-report term-missing --cov=peeringdb_server tests/