base.py 5.66 KB
Newer Older
1
2
3
4
# For running a containerized version of the service that gets secrets
# from environment variables. Builds on base.py settings.
import os
from django.core.exceptions import ImproperlyConfigured
5
from ..base import *
6

7
# Get required variables from environment variables ---------------------------
8
9
10
11
12
# Get database user from environment and check
db_user = os.environ.get('DJANGO_DB_USER', None)
if db_user is None:
    raise ImproperlyConfigured('Could not get database user from envvars.')

13
# Get database password from environment and check
14
15
db_password = os.environ.get('DJANGO_DB_PASSWORD', None)
if db_password is None:
16
17
    raise ImproperlyConfigured('Could not get database password from envvars.')

18
19
20
21
22
# Get database name from environment and check
db_name = os.environ.get('DJANGO_DB_NAME', None)
if db_name is None:
    raise ImproperlyConfigured('Could not get database name from envvars.')

23
24
25
26
27
# Secret key for a Django installation
SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY', None)
if SECRET_KEY is None:
    raise ImproperlyConfigured('Could not get secret key from envvars.')

28
29
30
31
# Get primary FQDN
SERVER_FQDN = os.environ.get('DJANGO_PRIMARY_FQDN', None)
if SERVER_FQDN is None:
    raise ImproperlyConfigured('Could not get FQDN from envvars.')
32
LIGO_FQDN = SERVER_FQDN
33

34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# Get LVAlert server
lvalert_server = os.environ.get('LVALERT_SERVER', None)
if lvalert_server is None:
    raise ImproperlyConfigured('Could not get LVAlert server from envvars.')

# Get LVAlert Overseer listen port
lvalert_overseer_port = os.environ.get('LVALERT_OVERSEER_PORT', None)
if lvalert_overseer_port is None:
    raise ImproperlyConfigured('Could not get LVAlert overseer port '
        'from envvars.')

# Get LVAlert username
lvalert_user = os.environ.get('LVALERT_USER', None)
if lvalert_user is None:
    raise ImproperlyConfigured('Could not get LVAlert username from envvars.')

# Get LVAlert password
lvalert_password = os.environ.get('LVALERT_PASSWORD', None)
if lvalert_password is None:
    raise ImproperlyConfigured('Could not get LVAlert password from envvars.')

55
# Get Twilio account information from environment
56
57
58
59
60
61
62
TWILIO_ACCOUNT_SID = os.environ.get('DJANGO_TWILIO_ACCOUNT_SID', None)
if TWILIO_ACCOUNT_SID is None:
    raise ImproperlyConfigured('Could not get Twilio acct SID from envvars.')

TWILIO_AUTH_TOKEN = os.environ.get('DJANGO_TWILIO_AUTH_TOKEN', None)
if TWILIO_AUTH_TOKEN is None:
    raise ImproperlyConfigured('Could not get Twilio auth token from envvars.')
63

64
# Get email settings from environment
65
66
67
68
69
70
71
EMAIL_BACKEND = 'django_ses.SESBackend'
AWS_SES_ACCESS_KEY_ID = get_from_env('AWS_SES_ACCESS_KEY_ID')
AWS_SES_SECRET_ACCESS_KEY = get_from_env('AWS_SES_SECRET_ACCESS_KEY')
AWS_SES_REGION_NAME = get_from_env('AWS_SES_REGION_NAME',
    default_value='us-west-2', fail_if_not_found=False)
AWS_SES_REGION_ENDPOINT = get_from_env('AWS_SES_REGION_ENDPOINT',
    default_value='email.us-west-2.amazonaws.com', fail_if_not_found=False)
72
AWS_SES_AUTO_THROTTLE = 0.25
73
74
ALERT_EMAIL_FROM = get_from_env('DJANGO_ALERT_EMAIL_FROM')

75

76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
# Priority server settings ----------------------------------------------------
PRIORITY_SERVER = False
is_priority_server = get_from_env('DJANGO_PRIORITY_SERVER', None,
    fail_if_not_found=False)
if (isinstance(is_priority_server, str) and
    is_priority_server.lower() in ['true', 't']):
    PRIORITY_SERVER = True

# If priority server, only allow priority users to the API
if PRIORITY_SERVER:
    # Add custom permissions for the API
    default_perms = list(REST_FRAMEWORK['DEFAULT_PERMISSION_CLASSES'])
    default_perms = ['api.permissions.IsPriorityUser'] + default_perms
    REST_FRAMEWORK['DEFAULT_PERMISSION_CLASSES'] = tuple(default_perms)


92
# Database settings -----------------------------------------------------------
93
94
DATABASES = {
    'default' : {
95
        'NAME': db_name,
96
        'ENGINE': 'django.db.backends.mysql',
97
        'USER': db_user,
98
        'PASSWORD': db_password,
99
100
101
102
        'HOST': os.environ.get('DJANGO_DB_HOST', ''),
        'PORT': os.environ.get('DJANGO_DB_PORT', ''),
        'OPTIONS': {
            'init_command': 'SET storage_engine=MyISAM',
103
104
            # NOTE: for mysql>=5.7 this will need to be changed to
            #'init_command': 'SET default_storage_engine=MyISAM',
105
106
107
108
        },
    }
}

109
110
111
# Main server "hostname" - a little hacky but OK
SERVER_HOSTNAME = SERVER_FQDN.split('.')[0]

112
113
114
115
116
117
118
119
120
121
# LVAlert Overseer settings - get from environment
LVALERT_OVERSEER_INSTANCES = [
    {
        "lvalert_server": lvalert_server,
        "listen_port": int(lvalert_overseer_port),
        "username": lvalert_user,
        "password": lvalert_password,
    },
]

122
123
124
125
126
127
128
# Use full client certificate to authenticate
REST_FRAMEWORK['DEFAULT_AUTHENTICATION_CLASSES'] = (
    'api.backends.GraceDbAuthenticatedAuthentication',
    'api.backends.GraceDbX509FullCertAuthentication',
    'api.backends.GraceDbBasicAuthentication',
)

129
130
131
132
133
# Update allowed hosts from environment variables -----------------------------
hosts_from_env = os.environ.get('DJANGO_ALLOWED_HOSTS', None)
if hosts_from_env is not None:
    ALLOWED_HOSTS += hosts_from_env.split(',')
ALLOWED_HOSTS += [SERVER_FQDN]
134

135
# Email settings - dependent on server hostname and FQDN ----------------------
136
SERVER_EMAIL = ALERT_EMAIL_FROM
137
138
ALERT_EMAIL_TO = []
ALERT_EMAIL_BCC = []
139
ALERT_TEST_EMAIL_FROM = ALERT_EMAIL_FROM
140
141
142
143
144
145
ALERT_TEST_EMAIL_TO = []
# EMBB email settings
EMBB_MAIL_ADDRESS = 'embb@{fqdn}.ligo.org'.format(fqdn=SERVER_FQDN)
EMBB_SMTP_SERVER = 'localhost'
EMBB_MAIL_ADMINS = [admin[1] for admin in ADMINS]
EMBB_IGNORE_ADDRESSES = ['Mailer-Daemon@{fqdn}'.format(fqdn=SERVER_FQDN)]
146
147
148
149

# Set up logging to stdout only
for key in LOGGING['loggers']:
    LOGGING['loggers'][key]['handlers'] = ['console']
150
LOGGING['loggers']['django.request']['handlers'].append('mail_admins')