diff options
author | Bryan Newbold <bnewbold@robocracy.org> | 2019-01-08 16:28:27 -0800 |
---|---|---|
committer | Bryan Newbold <bnewbold@robocracy.org> | 2019-01-08 16:28:27 -0800 |
commit | 16f2e78298dbd2231f5f337ea17c89a6a131a052 (patch) | |
tree | 6e72581e625e73c97cbab72d0f9c35665c99e5d7 /python/fatcat_web/web_config.py | |
parent | eb40a5f274f3608db34309cfd16739a7642ef5e7 (diff) | |
parent | ffb721f90c5d97ee80885209bf45feb85ca9625c (diff) | |
download | fatcat-16f2e78298dbd2231f5f337ea17c89a6a131a052.tar.gz fatcat-16f2e78298dbd2231f5f337ea17c89a6a131a052.zip |
Merge branch 'bnewbold-crude-auth'
Fixed a conflict in:
python/fatcat_export.py
Diffstat (limited to 'python/fatcat_web/web_config.py')
-rw-r--r-- | python/fatcat_web/web_config.py | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/python/fatcat_web/web_config.py b/python/fatcat_web/web_config.py new file mode 100644 index 00000000..cbe519b0 --- /dev/null +++ b/python/fatcat_web/web_config.py @@ -0,0 +1,64 @@ + +""" +Default configuration for fatcat web interface (Flask application). + +In production, we currently reconfigure these values using environment +variables, not by (eg) deploying a variant copy of this file. + +This config is *only* for the web interface, *not* for any of the workers or +import scripts. +""" + +import os +import raven +import subprocess + +basedir = os.path.abspath(os.path.dirname(__file__)) + +class Config(object): + GIT_REVISION = subprocess.check_output(["git", "describe", "--always"]).strip().decode('utf-8') + + # This is, effectively, the QA/PROD flag + FATCAT_DOMAIN = os.environ.get("FATCAT_DOMAIN", default="qa.fatcat.wiki") + FATCAT_API_AUTH_TOKEN = os.environ.get("FATCAT_API_AUTH_TOKEN", default=None) + FATCAT_API_HOST = os.environ.get("FATCAT_API_HOST", default="https://{}/v0".format(FATCAT_DOMAIN)) + + # can set this to https://search.fatcat.wiki for some experimentation + ELASTICSEARCH_BACKEND = os.environ.get("ELASTICSEARCH_BACKEND", default="http://localhost:9200") + ELASTICSEARCH_INDEX = os.environ.get("ELASTICSEARCH_INDEX", default="fatcat") + + # for flask things, like session cookies + FLASK_SECRET_KEY = os.environ.get("FLASK_SECRET_KEY", default=None) + SECRET_KEY = FLASK_SECRET_KEY + + GITLAB_CLIENT_ID = os.environ.get("GITLAB_CLIENT_ID", default=None) + GITLAB_CLIENT_SECRET = os.environ.get("GITLAB_CLIENT_SECRET", default=None) + + IA_XAUTH_URI = "https://archive.org/services/xauthn/" + IA_XAUTH_CLIENT_ID = os.environ.get("IA_XAUTH_CLIENT_ID", default=None) + IA_XAUTH_CLIENT_SECRET = os.environ.get("IA_XAUTH_CLIENT_SECRET", default=None) + + # protect cookies (which include API tokens) + SESSION_COOKIE_HTTPONLY = True + SESSION_COOKIE_SECURE = True + SESSION_COOKIE_SAMESITE = 'Lax' + PERMANENT_SESSION_LIFETIME = 2678400 # 31 days, in seconds + + try: + GIT_RELEASE = raven.fetch_git_sha('..') + except Exception as e: + print("WARNING: couldn't set sentry git release automatically: " + str(e)) + GIT_RELEASE = None + + SENTRY_CONFIG = { + #'include_paths': ['fatcat_web', 'fatcat_client', 'fatcat_tools'], + 'enable-threads': True, # for uWSGI + 'release': GIT_RELEASE, + 'tags': { + 'fatcat_domain': FATCAT_DOMAIN, + }, + } + + # "Even more verbose" debug options + #SQLALCHEMY_ECHO = True + #DEBUG = True |