99 lines
3.4 KiB
Python
99 lines
3.4 KiB
Python
import os
|
|
from pathlib import Path
|
|
BASE_DIR = Path(__file__).resolve().parent.parent
|
|
|
|
SECRET_KEY = os.getenv("DJANGO_SECRET_KEY","dev-insecure")
|
|
DEBUG = os.getenv("DJANGO_DEBUG","False") == "True"
|
|
ALLOWED_HOSTS = os.getenv("DJANGO_ALLOWED_HOSTS","*").split(",")
|
|
|
|
CSRF_TRUSTED_ORIGINS = [x.strip() for x in os.getenv("CSRF_TRUSTED_ORIGINS","").split(",") if x.strip()]
|
|
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
|
|
|
|
INSTALLED_APPS = [
|
|
"django.contrib.admin","django.contrib.auth","django.contrib.contenttypes",
|
|
"django.contrib.sessions","django.contrib.messages","django.contrib.staticfiles",
|
|
"core","mozilla_django_oidc",
|
|
]
|
|
MIDDLEWARE = [
|
|
"django.middleware.security.SecurityMiddleware",
|
|
"django.contrib.sessions.middleware.SessionMiddleware",
|
|
"django.middleware.common.CommonMiddleware",
|
|
"django.middleware.csrf.CsrfViewMiddleware",
|
|
"django.contrib.auth.middleware.AuthenticationMiddleware",
|
|
"django.contrib.messages.middleware.MessageMiddleware",
|
|
"django.middleware.clickjacking.XFrameOptionsMiddleware",
|
|
"core.middleware.CurrentUserMiddleware",
|
|
]
|
|
ROOT_URLCONF = "illustrations.urls"
|
|
TEMPLATES = [{
|
|
"BACKEND":"django.template.backends.django.DjangoTemplates",
|
|
"DIRS":[BASE_DIR/"templates"],
|
|
"APP_DIRS":True,
|
|
"OPTIONS":{"context_processors":[
|
|
"django.template.context_processors.debug",
|
|
"django.template.context_processors.request",
|
|
"django.contrib.auth.context_processors.auth",
|
|
"django.contrib.messages.context_processors.messages",
|
|
# ✅ add this line to expose {{ APP_VERSION }} in templates
|
|
"core.context_processors.app_version",
|
|
"core.context_processors.pending_announcement",
|
|
]},
|
|
}]
|
|
WSGI_APPLICATION="illustrations.wsgi.application"
|
|
|
|
DATABASES = {
|
|
"default": {
|
|
"ENGINE":"django.db.backends.postgresql",
|
|
"NAME": os.getenv("POSTGRES_DB","illustrations"),
|
|
"USER": os.getenv("POSTGRES_USER","illustrations"),
|
|
"PASSWORD": os.getenv("POSTGRES_PASSWORD","illustrations"),
|
|
"HOST": os.getenv("POSTGRES_HOST","db"),
|
|
"PORT": int(os.getenv("POSTGRES_PORT","5432")),
|
|
}
|
|
}
|
|
|
|
AUTHENTICATION_BACKENDS = (
|
|
"core.auth_oidc.AuthentikOIDCBackend", # OIDC via Authentik
|
|
"django.contrib.auth.backends.ModelBackend", # keep existing username/password login
|
|
)
|
|
|
|
|
|
LANGUAGE_CODE="en-us"
|
|
TIME_ZONE="America/Chicago"
|
|
USE_I18N=True
|
|
USE_TZ=True
|
|
|
|
STATIC_URL="static/"
|
|
STATIC_ROOT=BASE_DIR/"staticfiles"
|
|
STATICFILES_DIRS=[BASE_DIR/"static"]
|
|
|
|
LOGIN_URL="/login/"
|
|
LOGIN_REDIRECT_URL="/search/"
|
|
LOGOUT_REDIRECT_URL="/login/"
|
|
STATICFILES_STORAGE = "django.contrib.staticfiles.storage.ManifestStaticFilesStorage"
|
|
|
|
# --- Authentik OIDC ---
|
|
OIDC_RP_CLIENT_ID = os.getenv("OIDC_RP_CLIENT_ID", "")
|
|
OIDC_RP_CLIENT_SECRET = os.getenv("OIDC_RP_CLIENT_SECRET", "")
|
|
|
|
OIDC_OP_AUTHORIZATION_ENDPOINT = os.getenv("OIDC_OP_AUTHORIZATION_ENDPOINT", "")
|
|
OIDC_OP_TOKEN_ENDPOINT = os.getenv("OIDC_OP_TOKEN_ENDPOINT", "")
|
|
OIDC_OP_USER_ENDPOINT = os.getenv("OIDC_OP_USER_ENDPOINT", "")
|
|
OIDC_OP_JWKS_ENDPOINT = os.getenv("OIDC_OP_JWKS_ENDPOINT", "")
|
|
|
|
OIDC_RP_SCOPES = os.getenv("OIDC_RP_SCOPES", "openid email profile")
|
|
OIDC_CREATE_USER = True
|
|
USE_X_FORWARDED_HOST = True
|
|
OIDC_RP_SIGN_ALGO = "RS256"
|
|
|
|
|
|
|
|
|
|
OPENAI_API_KEY = os.environ.get("OPENAI_API_KEY", "")
|
|
# Ensure MEDIA_ROOT exists (you likely already have this)
|
|
MEDIA_ROOT = os.path.join(BASE_DIR, "media")
|
|
MEDIA_URL = "/media/"
|
|
|
|
TEMPLATES[0]['OPTIONS']['context_processors'] += [
|
|
'core.context_processors.available_themes',
|
|
] |