From cf050a92ef57918f3dab40487ea561e92343c5f2 Mon Sep 17 00:00:00 2001 From: mpeltriaux Date: Wed, 3 Apr 2024 13:45:08 +0200 Subject: [PATCH 1/3] # Environment * refactors settings into env usage * adds proxy usage for schneider parcel fetching (using public web address instead of internal ip address) --- .env.sample | 41 ++++++++++++++++++++ .gitignore | 1 + intervention/settings.py | 10 +++-- konova/settings.py | 1 - konova/sub_settings/django_settings.py | 44 ++++++++++------------ konova/sub_settings/proxy_settings.py | 7 ++-- konova/sub_settings/schneider_settings.py | 7 ++-- konova/sub_settings/sso_settings.py | 7 ++-- konova/sub_settings/wfs_parcel_settings.py | 12 ------ konova/tasks.py | 2 +- konova/utils/mailer.py | 4 +- konova/utils/schneider/fetcher.py | 2 + konova/views/map_proxy.py | 4 +- requirements.txt | 1 + 14 files changed, 88 insertions(+), 55 deletions(-) create mode 100644 .env.sample delete mode 100644 konova/sub_settings/wfs_parcel_settings.py diff --git a/.env.sample b/.env.sample new file mode 100644 index 0000000..8c791f5 --- /dev/null +++ b/.env.sample @@ -0,0 +1,41 @@ +# General +SECRET_KEY=CHANGE_ME +DEBUG=True +ALLOWED_HOSTS=127.0.0.1,localhost,example.org +BASE_URL=http://localhost:8002 +ADMINS=Admin1:mail@example.org,Admin2:mail2@example.org + +# Database +DB_USER=postgres +DB_PASSWORD= +DB_NAME=konova +DB_HOST=127.0.0.1 +DB_PORT=5432 + +# E-Mail +SMTP_HOST=localhost +SMTP_PORT=25 +REPLY_TO_ADDR=ksp-servicestelle@sgdnord.rlp.de +DEFAULT_FROM_EMAIL=service@ksp.de + +# Proxy +PROXY=http://10.240.20.164:8080 +GEOPORTAL_RLP_USER=CHANGE_ME +GEOPORTAL_RLP_PASSWORD=CHANGE_ME + +# Schneider +SCHNEIDER_BASE_URL=https://schneider.naturschutz.rlp.de +SCHNEIDER_AUTH_TOKEN=CHANGE_ME +SCHNEIDER_AUTH_HEADER=auth + +# SSO +SSO_SERVER_BASE_URL=https://login.naturschutz.rlp.de +SSO_PRIVATE_KEY=CHANGE_ME +SSO_PUBLIC_KEY=CHANGE_ME + +# RabbitMQ +## For connections to EGON +EGON_RABBITMQ_HOST=CHANGE_ME +EGON_RABBITMQ_PORT=CHANGE_ME +EGON_RABBITMQ_USER=CHANGE_ME +EGON_RABBITMQ_PW=CHANGE_ME \ No newline at end of file diff --git a/.gitignore b/.gitignore index 5599d7b..aee9ab1 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ /.idea/ /.coverage /htmlcov/ +/.env diff --git a/intervention/settings.py b/intervention/settings.py index 8d3d624..23f828f 100644 --- a/intervention/settings.py +++ b/intervention/settings.py @@ -5,6 +5,8 @@ Contact: michel.peltriaux@sgdnord.rlp.de Created on: 30.11.20 """ +from konova.sub_settings.django_settings import env + INTERVENTION_IDENTIFIER_LENGTH = 6 INTERVENTION_IDENTIFIER_TEMPLATE = "EIV-{}" @@ -14,7 +16,7 @@ INTERVENTION_LANIS_LAYER_NAME_UNRECORDED_OLD_ENTRY = "eiv_unrecorded_old_entries # EGON connection settings via rabbitmq # NEEDED FOR BACKWARDS COMPATIBILITY -EGON_RABBITMQ_HOST = "CHANGE_ME" -EGON_RABBITMQ_PORT = "CHANGE_ME" -EGON_RABBITMQ_USER = "CHANGE_ME" -EGON_RABBITMQ_PW = "CHANGE_ME" +EGON_RABBITMQ_HOST = env("EGON_RABBITMQ_HOST") +EGON_RABBITMQ_PORT = env("EGON_RABBITMQ_PORT") +EGON_RABBITMQ_USER = env("EGON_RABBITMQ_USER") +EGON_RABBITMQ_PW = env("EGON_RABBITMQ_PW") diff --git a/konova/settings.py b/konova/settings.py index e1e0e46..c1ad3b9 100644 --- a/konova/settings.py +++ b/konova/settings.py @@ -18,7 +18,6 @@ from konova.sub_settings.proxy_settings import * from konova.sub_settings.sso_settings import * from konova.sub_settings.table_settings import * from konova.sub_settings.lanis_settings import * -from konova.sub_settings.wfs_parcel_settings import * from konova.sub_settings.logging_settings import * # Max upload size for POST forms diff --git a/konova/sub_settings/django_settings.py b/konova/sub_settings/django_settings.py index 7eefa7e..b4b0a03 100644 --- a/konova/sub_settings/django_settings.py +++ b/konova/sub_settings/django_settings.py @@ -10,6 +10,8 @@ For the full list of settings and their values, see https://docs.djangoproject.com/en/3.1/ref/settings/ """ import os + +import environ from django.utils.translation import gettext_lazy as _ from django.conf.locale.de import formats as de_formats @@ -24,28 +26,24 @@ BASE_DIR = os.path.dirname( ) ) -# Quick-start development settings - unsuitable for production -# See https://docs.djangoproject.com/en/3.1/howto/deployment/checklist/ +env = environ.Env() +# Take environment variables from .env.dev file +environ.Env.read_env(os.path.join(BASE_DIR, '.env')) # SECURITY WARNING: keep the secret key used in production secret! -SECRET_KEY = '5=9-)2)h$u9=!zrhia9=lj-2#cpcb8=#$7y+)l$5tto$3q(n_+' +SECRET_KEY = env("SECRET_KEY") # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True +DEBUG = env.bool("DEBUG", default=False) -ADMINS = [ - ('KSP-Servicestelle', 'ksp-servicestelle@sgdnord.rlp.de'), -] +ADMINS = [x.split(':') for x in env.list('ADMINS')] -BASE_URL = "http://localhost:8001" +ALLOWED_HOSTS = env.list("ALLOWED_HOSTS") -ALLOWED_HOSTS = [ - "127.0.0.1", - "localhost", -] +BASE_URL = env("BASE_URL") CSRF_TRUSTED_ORIGINS = [ - "http://localhost", # not only host but schema (http/s) as well! + BASE_URL ] # Authentication settings @@ -131,10 +129,11 @@ WSGI_APPLICATION = 'konova.wsgi.application' DATABASES = { 'default': { 'ENGINE': 'django.contrib.gis.db.backends.postgis', - 'NAME': 'konova', - 'USER': 'postgres', - 'HOST': '127.0.0.1', - 'PORT': '5432', + 'NAME': env("DB_NAME"), + 'USER': env("DB_USER"), + 'PASSWORD': env("DB_PASSWORD"), + 'HOST': env("DB_HOST"), + 'PORT': env("DB_PORT"), } } DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" @@ -230,13 +229,10 @@ if DEBUG: EMAIL_BACKEND = 'django.core.mail.backends.filebased.EmailBackend' EMAIL_FILE_PATH = '/tmp/app-messages' # change this to a proper location -DEFAULT_FROM_EMAIL = "service@ksp.de" # The default email address for the 'from' element +DEFAULT_FROM_EMAIL = env("DEFAULT_FROM_EMAIL") # The default email address for the 'from' element SERVER_EMAIL = DEFAULT_FROM_EMAIL # The default email sender address, which is used by Django to send errors via mail -EMAIL_HOST = "localhost" -EMAIL_REPLY_TO = "ksp-servicestelle@sgdnord.rlp.de" -SUPPORT_MAIL_RECIPIENT = EMAIL_REPLY_TO -EMAIL_PORT = "25" -#EMAIL_HOST_USER = "" -#EMAIL_HOST_PASSWORD = "" +EMAIL_HOST = env("SMTP_HOST") +EMAIL_REPLY_TO = env("REPLY_TO_ADDR") +EMAIL_PORT = env("SMTP_PORT") EMAIL_USE_TLS = False EMAIL_USE_SSL = False diff --git a/konova/sub_settings/proxy_settings.py b/konova/sub_settings/proxy_settings.py index 559344a..aef3151 100644 --- a/konova/sub_settings/proxy_settings.py +++ b/konova/sub_settings/proxy_settings.py @@ -5,12 +5,13 @@ Contact: michel.peltriaux@sgdnord.rlp.de Created on: 31.01.22 """ +from konova.sub_settings.django_settings import env -proxy = "" +proxy = env("PROXY") PROXIES = { "http": proxy, "https": proxy, } -CLIENT_PROXY_AUTH_USER = "CHANGE_ME" -CLIENT_PROXY_AUTH_PASSWORD = "CHANGE_ME" \ No newline at end of file +GEOPORTAL_RLP_USER = env("GEOPORTAL_RLP_USER") +GEOPORTAL_RLP_PASSWORD = env("GEOPORTAL_RLP_PASSWORD") diff --git a/konova/sub_settings/schneider_settings.py b/konova/sub_settings/schneider_settings.py index caf4ec2..920a0c3 100644 --- a/konova/sub_settings/schneider_settings.py +++ b/konova/sub_settings/schneider_settings.py @@ -5,7 +5,8 @@ Contact: ksp-servicestelle@sgdnord.rlp.de Created on: 14.12.22 """ +from konova.sub_settings.django_settings import env -base_url = "http://127.0.0.1:8002" -auth_header = "auth" -auth_header_token = "CHANGE_ME" +base_url = env("SCHNEIDER_BASE_URL") +auth_header = env("SCHNEIDER_AUTH_HEADER") +auth_header_token = env("SCHNEIDER_AUTH_TOKEN") diff --git a/konova/sub_settings/sso_settings.py b/konova/sub_settings/sso_settings.py index 20417f0..0d9a069 100644 --- a/konova/sub_settings/sso_settings.py +++ b/konova/sub_settings/sso_settings.py @@ -5,9 +5,10 @@ Contact: michel.peltriaux@sgdnord.rlp.de Created on: 31.01.22 """ +from konova.sub_settings.django_settings import env # SSO settings -SSO_SERVER_BASE = "http://127.0.0.1:8000/" +SSO_SERVER_BASE = env("SSO_SERVER_BASE_URL") SSO_SERVER = f"{SSO_SERVER_BASE}sso/" -SSO_PRIVATE_KEY = "QuziFeih7U8DZvQQ1riPv2MXz0ZABupHED9wjoqZAqeMQaqkqTfxJDRXgSIyASwJ" -SSO_PUBLIC_KEY = "AGGK7E8eT5X5u2GD38ygGG3GpAefmIldJiiWW7gldRPqCG1CzmUfGdvPSGDbEY2n" \ No newline at end of file +SSO_PRIVATE_KEY = env("SSO_PRIVATE_KEY") +SSO_PUBLIC_KEY = env("SSO_PUBLIC_KEY") diff --git a/konova/sub_settings/wfs_parcel_settings.py b/konova/sub_settings/wfs_parcel_settings.py deleted file mode 100644 index 37744a7..0000000 --- a/konova/sub_settings/wfs_parcel_settings.py +++ /dev/null @@ -1,12 +0,0 @@ -""" -Author: Michel Peltriaux -Organization: Struktur- und Genehmigungsdirektion Nord, Rhineland-Palatinate, Germany -Contact: michel.peltriaux@sgdnord.rlp.de -Created on: 31.01.22 - -""" - -# Parcel WFS settings -PARCEL_WFS_BASE_URL = "https://www.geoportal.rlp.de/registry/wfs/519" -PARCEL_WFS_USER = "ksp" -PARCEL_WFS_PW = "CHANGE_ME" \ No newline at end of file diff --git a/konova/tasks.py b/konova/tasks.py index ea68cde..d9045a0 100644 --- a/konova/tasks.py +++ b/konova/tasks.py @@ -7,7 +7,7 @@ from django.core.exceptions import ObjectDoesNotExist @shared_task def celery_update_parcels(geometry_id: str, recheck: bool = True): - from konova.models import Geometry, ParcelIntersection + from konova.models import Geometry try: geom = Geometry.objects.get(id=geometry_id) geom.parcels.clear() diff --git a/konova/utils/mailer.py b/konova/utils/mailer.py index d60f3b9..bdb6061 100644 --- a/konova/utils/mailer.py +++ b/konova/utils/mailer.py @@ -9,7 +9,7 @@ from django.core.mail import send_mail from django.template.loader import render_to_string from django.utils.translation import gettext_lazy as _ -from konova.sub_settings.django_settings import DEFAULT_FROM_EMAIL, EMAIL_REPLY_TO, SUPPORT_MAIL_RECIPIENT +from konova.sub_settings.django_settings import DEFAULT_FROM_EMAIL, EMAIL_REPLY_TO class Mailer: @@ -416,7 +416,7 @@ class Mailer: "EMAIL_REPLY_TO": EMAIL_REPLY_TO, } msg = render_to_string("email/api/verify_token.html", context) - user_mail_address = [SUPPORT_MAIL_RECIPIENT] + user_mail_address = [EMAIL_REPLY_TO] self.send( user_mail_address, _("Request for new API token"), diff --git a/konova/utils/schneider/fetcher.py b/konova/utils/schneider/fetcher.py index 87aa751..7e246bf 100644 --- a/konova/utils/schneider/fetcher.py +++ b/konova/utils/schneider/fetcher.py @@ -11,6 +11,7 @@ from json import JSONDecodeError import requests from konova.sub_settings import schneider_settings +from konova.sub_settings.proxy_settings import PROXIES class ParcelFetcher: @@ -43,6 +44,7 @@ class ParcelFetcher: response = requests.post( url=post_url, + proxies=PROXIES, data=self.geojson, headers={ self.auth_header: self.auth_header_token diff --git a/konova/views/map_proxy.py b/konova/views/map_proxy.py index d6ebe03..790ab8d 100644 --- a/konova/views/map_proxy.py +++ b/konova/views/map_proxy.py @@ -18,7 +18,7 @@ from django.utils.translation import gettext_lazy as _ from requests.auth import HTTPDigestAuth -from konova.sub_settings.proxy_settings import PROXIES, CLIENT_PROXY_AUTH_USER, CLIENT_PROXY_AUTH_PASSWORD +from konova.sub_settings.proxy_settings import PROXIES, GEOPORTAL_RLP_USER, GEOPORTAL_RLP_PASSWORD class BaseClientProxyView(View): @@ -90,7 +90,7 @@ class ClientProxyParcelWFS(BaseClientProxyView): url = f"{base_url}?{urlencode(params, doseq=True)}" url = url.replace("typename", "typenames") - auth = HTTPDigestAuth(CLIENT_PROXY_AUTH_USER, CLIENT_PROXY_AUTH_PASSWORD) + auth = HTTPDigestAuth(GEOPORTAL_RLP_USER, GEOPORTAL_RLP_PASSWORD) content, response_code = self.perform_url_call(url, auth=auth) error_detected = response_code != 200 diff --git a/requirements.txt b/requirements.txt index fa809b9..6d03192 100644 --- a/requirements.txt +++ b/requirements.txt @@ -19,6 +19,7 @@ django-autocomplete-light==3.11.0 django-bootstrap-modal-forms==3.0.4 django-bootstrap4==24.1 django-debug-toolbar==4.2.0 +django-environ==0.11.2 django-filter==24.1 django-fontawesome-5==1.0.18 django-simple-sso==1.2.0 From 5c8b2ac1f8aef7900b0180e0a3039f7d9f02262c Mon Sep 17 00:00:00 2001 From: mpeltriaux Date: Wed, 3 Apr 2024 13:45:52 +0200 Subject: [PATCH 2/3] # Env * updates env.sample --- .env.sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.env.sample b/.env.sample index 8c791f5..4c8d5e6 100644 --- a/.env.sample +++ b/.env.sample @@ -19,7 +19,7 @@ REPLY_TO_ADDR=ksp-servicestelle@sgdnord.rlp.de DEFAULT_FROM_EMAIL=service@ksp.de # Proxy -PROXY=http://10.240.20.164:8080 +PROXY=CHANGE_ME GEOPORTAL_RLP_USER=CHANGE_ME GEOPORTAL_RLP_PASSWORD=CHANGE_ME From 8a67033e0dd16074bab29e2164e8a449c82f438e Mon Sep 17 00:00:00 2001 From: mpeltriaux Date: Fri, 14 Jun 2024 13:04:25 +0200 Subject: [PATCH 3/3] # Updates sso * adds env usage for sso settings --- .env.sample | 5 +++-- konova/sub_settings/sso_settings.py | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.env.sample b/.env.sample index 4c8d5e6..9398e5a 100644 --- a/.env.sample +++ b/.env.sample @@ -30,8 +30,9 @@ SCHNEIDER_AUTH_HEADER=auth # SSO SSO_SERVER_BASE_URL=https://login.naturschutz.rlp.de -SSO_PRIVATE_KEY=CHANGE_ME -SSO_PUBLIC_KEY=CHANGE_ME +OAUTH_CODE_VERIFIER=CHANGE_ME +OAUTH_CLIENT_ID=CHANGE_ME +OAUTH_CLIENT_SECRET=CHANGE_ME # RabbitMQ ## For connections to EGON diff --git a/konova/sub_settings/sso_settings.py b/konova/sub_settings/sso_settings.py index 03eb92d..7ff6677 100644 --- a/konova/sub_settings/sso_settings.py +++ b/konova/sub_settings/sso_settings.py @@ -15,4 +15,4 @@ SSO_SERVER = f"{SSO_SERVER_BASE}sso/" OAUTH_CODE_VERIFIER = env("OAUTH_CODE_VERIFIER") OAUTH_CLIENT_ID = env("OAUTH_CLIENT_ID") -OAUTH_CLIENT_SECRET = env("OAUTH_CLIENT_SECRET") \ No newline at end of file +OAUTH_CLIENT_SECRET = env("OAUTH_CLIENT_SECRET")