diff --git a/CadVlan/settings.py b/CadVlan/settings.py index dc3ebba..d36a5be 100644 --- a/CadVlan/settings.py +++ b/CadVlan/settings.py @@ -17,6 +17,13 @@ import logging import os import sys +try: + from importlib import reload # Python 3 linters +except ImportError: + try: + from __builtin__ import reload # Python 2 runtime + except ImportError: + reload = None PROJECT_ROOT_PATH = os.path.dirname(os.path.abspath(__file__)) @@ -65,6 +72,14 @@ # calendars according to the current locale USE_L10N = True +# Hosts and security (env-configurable, safe defaults) +ALLOWED_HOSTS = os.getenv('ALLOWED_HOSTS', '*').split(',') +SESSION_COOKIE_SECURE = os.getenv('SESSION_COOKIE_SECURE', '0') == '1' +CSRF_COOKIE_SECURE = os.getenv('CSRF_COOKIE_SECURE', '0') == '1' +SESSION_COOKIE_HTTPONLY = True +if os.getenv('BEHIND_PROXY', '0') == '1': + SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') + # Absolute filesystem path to the directory that will hold user-uploaded files. # Example: "/home/media/media.lawrence.com/media/" MEDIA_ROOT = os.path.join(PROJECT_ROOT_PATH, 'media') @@ -198,9 +213,7 @@ INSTALLED_APPS += PROJECT_APPS -SESSION_ENGINE = ( - 'django.contrib.sessions.backends.file' -) +SESSION_ENGINE = os.getenv('SESSION_ENGINE', 'django.contrib.sessions.backends.file') SESSION_COOKIE_NAME = 'cadvlan.globo.com' SESSION_COOKIE_AGE = 0 @@ -211,7 +224,7 @@ 'default': { 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', 'LOCATION': [ - '127.0.0.1:11211' + os.getenv('MEMCACHED_HOST', '127.0.0.1:11211') ] } } @@ -421,5 +434,19 @@ }, } } -reload(sys) -sys.setdefaultencoding('utf-8') +LOG_TO_STDOUT = os.getenv('LOG_TO_STDOUT', '0') == '1' +if LOG_TO_STDOUT and isinstance(LOGGING, dict) and 'handlers' in LOGGING: + # Redirect file handlers to stdout/stderr when running in containers + for _handler in ('handlers-request', 'handlers-view'): + if _handler in LOGGING['handlers']: + LOGGING['handlers'][_handler]['class'] = 'logging.StreamHandler' + LOGGING['handlers'][_handler].pop('filename', None) + LOGGING['handlers'][_handler].pop('mode', None) +try: + reload +except NameError: + pass +else: + reload(sys) + if hasattr(sys, 'setdefaultencoding'): + sys.setdefaultencoding('utf-8') diff --git a/Dockerfile b/Dockerfile index 797a576..0ca5894 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,14 +11,16 @@ CMD cd /netapi_webui EXPOSE 8080 +ENV PYTHONUNBUFFERED=1 PIP_NO_CACHE_DIR=1 + RUN apt-get update && \ - apt-get install -y libldap2-dev \ + apt-get install -y --no-install-recommends libldap2-dev \ libsasl2-dev \ libssl-dev \ python-ldap \ net-tools \ - dnsutils + dnsutils && \ + rm -rf /var/lib/apt/lists/* -RUN pip install --upgrade pip -RUN pip install virtualenv && virtualenv venv && . ./venv/bin/activate -RUN pip install -r requirements.txt +RUN pip install --upgrade pip && \ + pip install -r requirements.txt diff --git a/docker-compose.yml b/docker-compose.yml index 5120709..21f2ef2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -16,6 +16,12 @@ services: command: sh scripts/docker/docker-start-debug.sh env_file: - config/netapi_webui.env + environment: + - MEMCACHED_HOST=netapi_webui_cache:11211 + - ALLOWED_HOSTS=localhost,127.0.0.1 + - LOG_TO_STDOUT=1 + # Keep default until you wire to your backend + # - NETWORK_API_URL=http://netapi_app:8000/ volumes: - .:/netapi_webui networks: