diff --git a/.gitignore b/.gitignore index b9a37144..b21c4330 100644 --- a/.gitignore +++ b/.gitignore @@ -10,6 +10,7 @@ .venv* env/ local/ +settings.env pip-log.txt static/css/all-min.css static/images/dynamic diff --git a/README.md b/README.md index 28fb6f93..6a1e3851 100644 --- a/README.md +++ b/README.md @@ -55,9 +55,7 @@ At the end: ### Configuration -TODO. This is not working yet. - -Some features of the site require additional configuration. To set configuration variables, create a file named `.env` and optionally set any of the following variables (defaults are shown where applicable): +Some features of the site require additional configuration. To set configuration variables, create a file named `settings.env` and optionally set any of the following variables (defaults are shown where applicable): # Database server. # See https://github.com/kennethreitz/dj-database-url @@ -85,26 +83,7 @@ Some features of the site require additional configuration. To set configuration # and kept secure. You can generate a key with `./manage.py generate_secret_key` SECRET_KEY=(randomly generated on each run if not specified) - # Some accounts... - GOOGLE_ANALYTICS_KEY= - - # For captchas... - RECAPTCHA_PUBLIC_KEY= - RECAPTCHA_PRIVATE_KEY= - - # For social login... - TWITTER_OAUTH_TOKEN= - TWITTER_OAUTH_TOKEN_SECRET= - TWITTER_ACCESS_TOKEN= - TWITTER_ACCESS_TOKEN_SECRET= - FACEBOOK_APP_ID= - FACEBOOK_APP_SECRET= - FACEBOOK_AUTH_SCOPE= - GOOGLE_APP_ID= - GOOGLE_APP_ID= - GOOGLE_AUTH_SCOPE= - -See `.env.server.template` for details +See `settings.env.template` for details, especially for values used in production. # Credits diff --git a/build/vagrant_manage.py b/build/vagrant_manage.py index 3df19d44..93beb3f3 100755 --- a/build/vagrant_manage.py +++ b/build/vagrant_manage.py @@ -1,4 +1,9 @@ #!/bin/bash cd /vagrant export DEBUG=1 +if [ -f settings.env ]; then + echo "using settings.env" + set -o allexport + source settings.env; +fi ./manage.py "$@" diff --git a/.env.server.template b/settings.env.template similarity index 89% rename from .env.server.template rename to settings.env.template index 76d30a73..8a16b26a 100644 --- a/.env.server.template +++ b/settings.env.template @@ -33,22 +33,16 @@ AWS_SECRET_ACCESS_KEY=... # Comma-separated list of strings representing the host/domain names that this # site can serve. # See https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts - ALLOWED_HOSTS=* - # URL-formatted string representing the database connection configuration. # See https://github.com/kennethreitz/dj-database-url#url-schema - -#DATABASE_URL=... - +DATABASE_URL=... # URL representing the cache connection configuration # See https://github.com/ghickman/django-cache-url#supported-caches - CACHE_URL=locmem://opendataiscool - # URL representing the haystack connection configurations. # See https://github.com/simpleenergy/dj-haystack-url#url-schema # @@ -57,29 +51,26 @@ CACHE_URL=locmem://opendataiscool # # For a production deployment you may want to use Solr instead, e.g.: # solr:http://localhost:8983/solr/person - HAYSTACK_PERSON_CONNECTION=simple HAYSTACK_BILL_CONNECTION=simple HAYSTACK_STATE_CONNECTION=simple - # Django uses a secret key to provide cryptographic signing. It should be random # and kept secure. You can generate a key with `./manage.py generate_secret_key` - SECRET_KEY= CONGRESS_LEGISLATORS_PATH=../congress-legislators/ -RSS_CAMPAIGN_QUERYSTRING=?utm_campaign=govtrack_feed&utm_source=govtrack/feed&utm_medium=rss +RSS_CAMPAIGN_QUERYSTRING="?utm_campaign=govtrack_feed&utm_source=govtrack/feed&utm_medium=rss" +# External account keys. GOOGLE_ANALYTICS_KEY=fill this in - RECAPTCHA_PUBLIC_KEY=fill this in RECAPTCHA_PRIVATE_KEY=fill this in - TWITTER_OAUTH_TOKEN=fill this in TWITTER_OAUTH_TOKEN_SECRET=fill this in - FACEBOOK_APP_ID=fill this in FACEBOOK_APP_SECRET=fill this in -FACEBOOK_AUTH_SCOPE= - +FACEBOOK_AUTH_SCOPE=email +GOOGLE_APP_ID=fill this in +GOOGLE_APP_SECRET=fill this in +GOOGLE_AUTH_SCOPE="openid email" diff --git a/settings_env.py b/settings_env.py index 63ddd1f7..f2a4f08a 100644 --- a/settings_env.py +++ b/settings_env.py @@ -56,23 +56,33 @@ def get_env_boolvar(var_name, default=NOT_SET): } CONGRESS_LEGISLATORS_PATH = get_env_variable('CONGRESS_LEGISLATORS_PATH', default='data/congress-legislators') -GEOIP_DB_PATH = None RSS_CAMPAIGN_QUERYSTRING = get_env_variable('RSS_CAMPAIGN_QUERYSTRING', default="?utm_campaign=govtrack_feed&utm_source=govtrack/feed&utm_medium=rss") from django.utils.crypto import get_random_string default_secret_key = get_random_string(50, 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)') SECRET_KEY = get_env_variable('SECRET_KEY', default=default_secret_key) -GOOGLE_ANALYTICS_KEY = get_env_variable('GOOGLE_ANALYTICS_KEY', default='') - -# for registration -RECAPTCHA_PUBLIC_KEY = get_env_variable('RECAPTCHA_PUBLIC_KEY', default='') -RECAPTCHA_PRIVATE_KEY = get_env_variable('RECAPTCHA_PRIVATE_KEY', default='') -TWITTER_OAUTH_TOKEN = get_env_variable('TWITTER_OAUTH_TOKEN', default='') -TWITTER_OAUTH_TOKEN_SECRET = get_env_variable('TWITTER_OAUTH_TOKEN_SECRET', default='') -FACEBOOK_APP_ID = get_env_variable('FACEBOOK_APP_ID', default='') -FACEBOOK_APP_SECRET = get_env_variable('FACEBOOK_APP_SECRET', default='') -FACEBOOK_AUTH_SCOPE = get_env_variable('FACEBOOK_AUTH_SCOPE', default='') # can be an empty string +# Copy some environment variables into the Django settings object. +copy_env_vars = [ + # For accounts logic. + "RECAPTCHA_PUBLIC_KEY", + "RECAPTCHA_PRIVATE_KEY", + "TWITTER_OAUTH_TOKEN", # also for automated tweets and used to update @GovTrack/Members-of-Congress twitter list + "TWITTER_OAUTH_TOKEN_SECRET", + "FACEBOOK_APP_ID", # also used for Facebook widgets + "FACEBOOK_APP_SECRET", + "FACEBOOK_AUTH_SCOPE", + "GOOGLE_APP_ID", + "GOOGLE_APP_SECRET", + "GOOGLE_AUTH_SCOPE", + + # For us... + "GOOGLE_ANALYTICS_KEY", + "TWITTER_ACCESS_TOKEN", # for automated tweets and to update @GovTrack/Members-of-Congress twitter list + "TWITTER_ACCESS_TOKEN_SECRET", +] +for var in copy_env_vars: + locals()[var] = get_env_variable(var, default='') # TODO. The ad-free payment requires something like this: #import paypalrestsdk