summaryrefslogtreecommitdiffstats
path: root/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/vvp/charts/vvp-em-uwsgi/resources/config')
-rw-r--r--kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/__init__.py332
-rw-r--r--kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/envbool.py44
-rw-r--r--kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/gunicorn.ini20
-rw-r--r--kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/storage.py48
4 files changed, 0 insertions, 444 deletions
diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/__init__.py b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/__init__.py
deleted file mode 100644
index ed57ca604d..0000000000
--- a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/__init__.py
+++ /dev/null
@@ -1,332 +0,0 @@
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""
-Django settings for VVP project.
-
-Environment variables that must exist:
-
- ENVIRONMENT
- SECRET_KEY
- SECRET_WEBHOOK_TOKEN
- SECRET_GITLAB_AUTH_TOKEN
- SECRET_JENKINS_PASSWORD
- SECRET_CMS_APP_CLIENT_ID
- SECRET_CMS_APP_CLIENT_SECRET
-
-Environment variables that must exist in production:
-
- EMAIL_HOST
- EMAIL_HOST_PASSWORD
- EMAIL_HOST_USER
- EMAIL_PORT
-
-"""
-
-import os
-from vvp.settings.envbool import envbool
-from corsheaders.defaults import default_headers
-from boto.s3.connection import OrdinaryCallingFormat
-import datetime
-
-# With this file at ice/settings/__init__.py, we need three applications of
-# dirname() to find the project root.
-import engagementmanager
-PROJECT_PATH = os.path.dirname(os.path.dirname(engagementmanager.__file__))
-LOGS_PATH = os.path.join(PROJECT_PATH, "logs")
-
-ENVIRONMENT = os.environ['ENVIRONMENT']
-PROGRAM_NAME_URL_PREFIX = os.environ['PROGRAM_NAME_URL_PREFIX']
-SERVICE_PROVIDER = os.environ['SERVICE_PROVIDER']
-PROGRAM_NAME = os.environ['PROGRAM_NAME']
-SERVICE_PROVIDER_DOMAIN = os.environ['SERVICE_PROVIDER_DOMAIN']
-
-# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/
-SECRET_KEY = os.environ["SECRET_KEY"]
-
-# https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts
-# Anything in the Host header that does not match our expected domain should
-# raise SuspiciousOperation exception.
-ALLOWED_HOSTS = ['*']
-
-DEBUG = envbool('DJANGO_DEBUG_MODE', False)
-
-if ENVIRONMENT == 'production':
- EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
- EMAIL_HOST = os.environ['EMAIL_HOST']
- EMAIL_HOST_PASSWORD = os.environ['EMAIL_HOST_PASSWORD']
- EMAIL_HOST_USER = os.environ['EMAIL_HOST_USER']
- EMAIL_PORT = os.environ['EMAIL_PORT']
-else:
- EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
-
-# Note: Only SSL email backends are allowed
-EMAIL_USE_SSL = True
-
-REST_FRAMEWORK = {
- # Use Django's standard `django.contrib.auth` permissions,
- # or allow read-only access for unauthenticated users.
- 'EXCEPTION_HANDLER': 'engagementmanager.utils.exception_handler.ice_exception_handler',
- 'PAGE_SIZE': 10,
- 'DEFAULT_PERMISSION_CLASSES': (
- 'rest_framework.permissions.IsAuthenticated',
- ),
- 'DEFAULT_AUTHENTICATION_CLASSES': (
- 'rest_framework.authentication.SessionAuthentication',
- 'rest_framework.authentication.BasicAuthentication',
- 'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
- ),
- 'DEFAULT_PARSER_CLASSES': (
- 'engagementmanager.rest.parsers.XSSJSONParser',
- 'engagementmanager.rest.parsers.XSSFormParser',
- 'engagementmanager.rest.parsers.XSSMultiPartParser',
- )
-}
-
-JWT_AUTH = {
- 'JWT_AUTH_HEADER_PREFIX': 'token',
- 'JWT_ALGORITHM': 'HS256',
- 'JWT_EXPIRATION_DELTA': datetime.timedelta(days=1),
- 'JWT_DECODE_HANDLER': 'engagementmanager.utils.authentication.ice_jwt_decode_handler',
-}
-
-APPEND_SLASH = False
-
-# Application definition
-INSTALLED_APPS = [
- 'django.contrib.auth', # required by d.c.admin
- 'corsheaders',
- 'django.contrib.contenttypes', # required by d.c.admin
- 'django.contrib.sessions', # required by d.c.admin
- 'django.contrib.messages', # required by d.c.admin
- 'django.contrib.staticfiles',
- 'django.contrib.admin', # django admin site
- 'rest_framework',
- 'engagementmanager.apps.EngagementmanagerConfig',
- 'validationmanager.apps.ValidationmanagerConfig',
-]
-
-MIDDLEWARE_CLASSES = [
- 'django.middleware.security.SecurityMiddleware',
- 'django.contrib.sessions.middleware.SessionMiddleware',
- 'django.middleware.common.CommonMiddleware',
- 'django.contrib.auth.middleware.AuthenticationMiddleware', # required by d.c.admin
- 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
- 'django.contrib.messages.middleware.MessageMiddleware',
- 'django.middleware.clickjacking.XFrameOptionsMiddleware',
- 'corsheaders.middleware.CorsMiddleware',
-]
-
-ROOT_URLCONF = 'vvp.urls'
-
-TEMPLATES = [
- {
- 'BACKEND': 'django.template.backends.django.DjangoTemplates',
- 'DIRS': [PROJECT_PATH + '/web/templates'],
- 'APP_DIRS': True,
- 'OPTIONS': {
- 'context_processors': [
- 'django.template.context_processors.debug',
- 'django.template.context_processors.request',
- 'django.contrib.auth.context_processors.auth', # required by d.c.admin
- 'django.contrib.messages.context_processors.messages', # required by d.c.admin
- ],
- },
- },
-]
-
-WSGI_APPLICATION = 'vvp.wsgi.application'
-
-
-# Database
-# https://docs.djangoproject.com/en/1.9/ref/settings/#databases
-DATABASES = {
- 'default': {
- 'ENGINE': 'django.db.backends.postgresql',
- 'NAME': os.environ['PGDATABASE'],
- 'USER': os.environ['PGUSER'],
- 'PASSWORD': os.environ['PGPASSWORD'],
- 'HOST': os.environ['PGHOST'],
- 'PORT': os.environ['PGPORT'],
- }
-}
-
-
-# Password validation
-# https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators
-AUTH_PASSWORD_VALIDATORS = [
- {'NAME': 'django.contrib.auth.password_validation.%s' % s} for s in [
- 'UserAttributeSimilarityValidator',
- 'MinimumLengthValidator',
- 'CommonPasswordValidator',
- 'NumericPasswordValidator',
- ]]
-
-
-# Internationalization
-# https://docs.djangoproject.com/en/1.9/topics/i18n/
-LANGUAGE_CODE = 'en-us'
-TIME_ZONE = 'UTC'
-USE_I18N = True
-USE_L10N = True
-USE_TZ = True
-
-CORS_ALLOW_HEADERS = default_headers + ('ICE-USER-ID',)
-
-# Static files (CSS, JavaScript, Images)
-# https://docs.djangoproject.com/en/1.9/howto/static-files/
-STATIC_ROOT = os.environ['STATIC_ROOT']
-
-
-LOGGING = {
- 'version': 1,
- 'disable_existing_loggers': False,
- 'formatters': { # All possible attributes are: https://docs.python.org/3/library/logging.html#logrecord-attributes
- 'verbose': {
- 'format': '%(asctime)s %(levelname)s %(name)s %(module)s %(lineno)d %(process)d %(thread)d %(message)s'
- },
- 'simple': {
- 'format': '%(asctime)s %(levelname)s %(name)s %(message)s'
- },
- },
- 'handlers': {
- 'console': {
- 'class': 'logging.StreamHandler',
- 'formatter': 'simple'
- },
- 'vvp-info.log': {
- 'level': 'INFO', # handler will ignore DEBUG (only process INFO, WARN, ERROR, CRITICAL, FATAL)
- 'class': 'logging.FileHandler',
- 'filename': os.path.join(LOGS_PATH, 'vvp-info.log'),
- 'formatter': 'verbose'
- },
- 'vvp-debug.log': {
- 'level': 'DEBUG',
- 'class': 'logging.FileHandler',
- 'filename': os.path.join(LOGS_PATH, 'vvp-debug.log'),
- 'formatter': 'verbose'
- },
- 'vvp-requests.log': {
- 'level': 'ERROR',
- 'class': 'logging.FileHandler',
- 'filename': os.path.join(LOGS_PATH, 'vvp-requests.log'),
- 'formatter': 'verbose'
- },
- 'vvp-db.log': {
- 'level': 'ERROR',
- 'class': 'logging.FileHandler',
- 'filename': os.path.join(LOGS_PATH, 'vvp-db.log'),
- 'formatter': 'verbose',
- },
- },
- 'loggers': {
- 'vvp.logger': {
- 'handlers': ['vvp-info.log', 'vvp-debug.log', 'vvp-requests.log', 'vvp-db.log', 'console'],
- 'level': 'DEBUG' if DEBUG else 'INFO',
- },
- 'django': {
- 'handlers': ['console'],
- 'level': 'INFO' if DEBUG else 'ERROR',
- },
- 'django.request': {
- 'handlers': ['vvp-requests.log', 'console'],
- 'level': 'INFO' if DEBUG else 'ERROR',
- },
- 'django.db.backends': {
- 'handlers': ['vvp-db.log', 'console'],
- 'level': 'DEBUG' if DEBUG else 'ERROR',
- 'propagate': False,
- },
- # silence the hundred lines of useless "missing variable in template"
- # complaints per admin pageview.
- 'django.template': {
- 'level': 'DEBUG',
- 'handlers': ['vvp-info.log', 'vvp-debug.log', 'console'],
- 'propagate': False,
- },
- }
-}
-
-
-#############################
-# VVP Related Configuration
-#############################
-CONTACT_FROM_ADDRESS = os.getenv('CONTACT_FROM_ADDRESS', 'dummy@example.com')
-CONTACT_EMAILS = [s.strip() for s in os.getenv('CONTACT_EMAILS', 'user@example.com').split(',') if s]
-DOMAIN = os.getenv('EM_DOMAIN_NAME')
-TOKEN_EXPIRATION_IN_HOURS = 48
-DAILY_SCHEDULED_JOB_HOUR = 20
-NUMBER_OF_POLLED_ACTIVITIES = 5
-TEMP_PASSWORD_EXPIRATION_IN_HOURS = 48
-# This is the DNS name pointing to the private-network ip of the host machine
-# running (a haproxy that points to) (an nginx frontend for) this app
-API_DOMAIN = 'em'
-
-# The authentication token needed by Jenkins or Gitlab to issue webhook updates
-# to us. This is a "secret" shared by Jenkins and Django. It must be part of
-# the URL path component for the Jenkins webhook in ValidationManager to accept
-# a notification. It should be a set of random URL-path-safe characters, with
-# no slash '/'.
-# FIXME: Does this authentication scheme actually gain us anything? What's the
-# threat model
-WEBHOOK_TOKEN = os.environ['SECRET_WEBHOOK_TOKEN']
-
-# The authentication token and URL needed for us to issue requests to the GitLab API.
-GITLAB_TOKEN = os.environ['SECRET_GITLAB_AUTH_TOKEN']
-GITLAB_URL = "http://vvp-gitlab/"
-
-JENKINS_URL = "http://vvp-jenkins:8080/"
-JENKINS_USERNAME = "admin"
-JENKINS_PASSWORD = os.environ['SECRET_JENKINS_PASSWORD']
-
-IS_CL_CREATED_ON_REVIEW_STATE = envbool('IS_CL_CREATED_ON_REVIEW_STATE', False) # Options: True, False
-IS_SIGNAL_ENABLED = envbool('IS_SIGNAL_ENABLED', True)
-RECENT_ENG_TTL = 3 # In days
-CMS_URL = "http://vvp-cms-uwsgi/api/"
-CMS_APP_CLIENT_ID = os.environ['SECRET_CMS_APP_CLIENT_ID']
-CMS_APP_CLIENT_SECRET = os.environ['SECRET_CMS_APP_CLIENT_SECRET']
-
-# slack integration
-SLACK_API_TOKEN = os.environ['SLACK_API_TOKEN']
-ENGAGEMENTS_CHANNEL = os.getenv('ENGAGEMENTS_CHANNEL', '')
-ENGAGEMENTS_NOTIFICATIONS_CHANNEL = os.getenv('ENGAGEMENTS_NOTIFICATIONS_CHANNEL:', '')
-DEVOPS_CHANNEL = os.getenv('DEVOPS_CHANNEL', '')
-DEVOPS_NOTIFICATIONS_CHANNEL = os.getenv('DEVOPS_NOTIFICATIONS_CHANNEL', '')
-
-# S3 configuration for static resources storage and media upload
-
-# used by our custom storage.py
-MEDIA_BUCKET = "em-media"
-STATIC_BUCKET = "em-static"
-
-# django-storages configuration
-AWS_S3_HOST = os.environ['S3_HOST']
-AWS_S3_PORT = int(os.environ['S3_PORT'])
-AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST']
-AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID']
-AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY']
-AWS_AUTO_CREATE_BUCKET = True
-AWS_PRELOAD_METADATA = True
-
-# Set by custom subclass.
-# AWS_STORAGE_BUCKET_NAME = "em-static"
-AWS_S3_CALLING_FORMAT = OrdinaryCallingFormat()
-DEFAULT_FILE_STORAGE = 'vvp.settings.storage.S3MediaStorage'
-STATICFILES_STORAGE = 'vvp.settings.storage.S3StaticStorage'
-
-# These seem to have no effect even when we don't override with custom_domain?
-STATIC_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, STATIC_BUCKET)
-MEDIA_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, MEDIA_BUCKET)
-
-STATIC_ROOT = os.environ['STATIC_ROOT']
diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/envbool.py b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/envbool.py
deleted file mode 100644
index 31f4385d16..0000000000
--- a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/envbool.py
+++ /dev/null
@@ -1,44 +0,0 @@
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""
-envbool.py
-
-Return which environment is currently running on (to setting.py).
-
-"""
-import os
-
-
-def envbool(key, default=False, unknown=True):
- """Return a boolean value based on that of an environment variable.
-
- Environment variables have no native boolean type. They are always strings, and may be empty or
- unset (which differs from empty.) Furthermore, notions of what is "truthy" in shell script
- differ from that of python.
-
- This function converts environment variables to python boolean True or False in
- case-insensitive, expected ways to avoid pitfalls:
-
- "True", "true", and "1" become True
- "False", "false", and "0" become False
- unset or empty becomes False by default (toggle with 'default' parameter.)
- any other value becomes True by default (toggle with 'unknown' parameter.)
-
- """
- return {
- 'true': True, '1': True, # 't': True,
- 'false': False, '0': False, # 'f': False.
- '': default,
- }.get(os.getenv(key, '').lower(), unknown)
diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/gunicorn.ini b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/gunicorn.ini
deleted file mode 100644
index 29cca7db93..0000000000
--- a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/gunicorn.ini
+++ /dev/null
@@ -1,20 +0,0 @@
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-bind = ":80"
-chdir = '/srv'
-pidfile = '/tmp/ice-project-master.pid'
-backlog = '5000'
-errorlog = '-'
-loglevel = 'info'
diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/storage.py b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/storage.py
deleted file mode 100644
index c76046a329..0000000000
--- a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/storage.py
+++ /dev/null
@@ -1,48 +0,0 @@
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""
-storage.py
-
-In order to make Django store trusted static files and untrusted media
-(user-uploaded) files in separate s3 buckets, we must create two different
-storage classes.
-
-https://www.caktusgroup.com/blog/2014/11/10/Using-Amazon-S3-to-store-your-Django-sites-static-and-media-files/
-http://www.leehodgkinson.com/blog/my-mezzanine-s3-setup/
-
-"""
-
-# FIXME this module never changes so might not need not be kept in a
-# configmap. Also it is (almost) the same as what we use in cms.
-
-# There is a newer storage based on boto3 but that doesn't support changing
-# the HOST, as we need to for non-amazon s3 services. It does support an
-# "endpoint"; setting AWS_S3_ENDPOINT_URL may cause it to work.
-from storages.backends.s3boto import S3BotoStorage
-from django.conf import settings
-
-
-# NOTE for some reason, collectstatic uploads to bucket/location but the
-# urls constructed are domain/location
-class S3StaticStorage(S3BotoStorage):
- custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.STATIC_BUCKET)
- bucket_name = settings.STATIC_BUCKET
- # location = ...
-
-
-class S3MediaStorage(S3BotoStorage):
- custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.MEDIA_BUCKET)
- bucket_name = settings.MEDIA_BUCKET
- # location = ...