settings_local.example.py 2.68 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
# Re2o est un logiciel d'administration développé initiallement au rezometz. Il
# se veut agnostique au réseau considéré, de manière à être installable en
# quelques clics.
#
# Copyright © 2017  Gabriel Détraz
# Copyright © 2017  Goulven Kermarec
# Copyright © 2017  Augustin Lemesle
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

23 24
from __future__ import unicode_literals

25
SECRET_KEY = 'SUPER_SECRET_KEY'
chirac's avatar
chirac committed
26

27
DB_PASSWORD = 'SUPER_SECRET_DB'
chirac's avatar
chirac committed
28

29 30 31 32
# AES key for secret key encryption
AES_KEY = 'WHAT_A_WONDERFULL_KEY'


chirac's avatar
chirac committed
33 34 35
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False

Gabriel Detraz's avatar
Gabriel Detraz committed
36 37 38 39
ADMINS = [('Example', 'rezo-admin@example.org')]

SERVER_EMAIL = 'no-reply@example.org'

chirac's avatar
chirac committed
40
# Obligatoire, liste des host autorisés
41
ALLOWED_HOSTS = ['URL_SERVER']
chirac's avatar
chirac committed
42 43 44

DATABASES = {
    'default': {
45
        'ENGINE': 'db_engine',
46 47
        'NAME': 'db_name_value',
        'USER': 'db_user_value',
chirac's avatar
chirac committed
48
        'PASSWORD': DB_PASSWORD,
49
        'HOST': 'db_host_value',
Gabriel Detraz's avatar
Gabriel Detraz committed
50 51 52
    },
    'ldap': {
        'ENGINE': 'ldapdb.backends.ldap',
53 54
        'NAME': 'ldap://ldap_host_ip/',
        'USER': 'ldap_dn',
55
        # 'TLS': True,
56
        'PASSWORD': 'SUPER_SECRET_LDAP',
Gabriel Detraz's avatar
Gabriel Detraz committed
57
     }
chirac's avatar
chirac committed
58 59
}

60 61 62 63 64 65
# Security settings, à activer une fois https en place
SECURE_CONTENT_TYPE_NOSNIFF = False
SECURE_BROWSER_XSS_FILTER = False
SESSION_COOKIE_SECURE = False
CSRF_COOKIE_SECURE = False
CSRF_COOKIE_HTTPONLY = False
chirac's avatar
chirac committed
66 67 68
X_FRAME_OPTIONS = 'DENY'
SESSION_COOKIE_AGE = 60 * 60 * 3

chirac's avatar
chirac committed
69
LOGO_PATH = "static_files/logo.png"
70

71 72 73
EMAIL_HOST = 'MY_EMAIL_HOST'
EMAIL_PORT = MY_EMAIL_PORT

Gabriel Detraz's avatar
Gabriel Detraz committed
74 75
# Reglages pour la bdd ldap
LDAP = {
76 77 78 79
    'base_user_dn' : 'cn=Utilisateurs,dc=example,dc=org',
    'base_userservice_dn' : 'ou=service-users,dc=example,dc=org',
    'base_usergroup_dn' : 'ou=posix,ou=groups,dc=example,dc=org',
    'base_userservicegroup_dn' : 'ou=services,ou=groups,dc=example,dc=org',
Gabriel Detraz's avatar
Gabriel Detraz committed
80 81 82
    'user_gid' : 500,
    }

83

Gabriel Detraz's avatar
Gabriel Detraz committed
84 85 86 87 88 89 90 91 92 93
UID_RANGES = {
    'users' : [21001,30000],
    'service-users' : [20000,21000],
}

# Chaque groupe a un gid assigné, voici la place libre pour assignation
GID_RANGES = {
    'posix' : [501, 600],
}

94
OPTIONNAL_APPS = ()
95