diff --git a/django-cas/Dockerfile b/django-cas/Dockerfile new file mode 100644 index 0000000..d1ae237 --- /dev/null +++ b/django-cas/Dockerfile @@ -0,0 +1,20 @@ +# Django CAS server Dockerfile +# +# https://github.com/nitmir/django-cas-server +# +# Author: erdnaxe + +FROM debian:buster-slim + +RUN apt-get update && apt-get install -y \ + python3-django-cas-server \ + python3-psycopg2 \ + python3-whitenoise \ + python3-ldap3 \ + gunicorn3 + +COPY ./code /code/ +WORKDIR /code/ +EXPOSE 8000 +ENTRYPOINT ["./docker-entrypoint.sh"] + diff --git a/django-cas/code/cas/__init__.py b/django-cas/code/cas/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/django-cas/code/cas/settings.py b/django-cas/code/cas/settings.py new file mode 100644 index 0000000..5f440f5 --- /dev/null +++ b/django-cas/code/cas/settings.py @@ -0,0 +1,181 @@ +""" +Django settings for cas project. + +Generated by 'django-admin startproject' using Django 1.11. + +For more information on this file, see +https://docs.djangoproject.com/en/1.11/topics/settings/ + +For the full list of settings and their values, see +https://docs.djangoproject.com/en/1.11/ref/settings/ +""" + +import os + +# Build paths inside the project like this: os.path.join(BASE_DIR, ...) +BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + + +# Quick-start development settings - unsuitable for production +# See https://docs.djangoproject.com/en/1.11/howto/deployment/checklist/ + +# SECURITY WARNING: keep the secret key used in production secret! +SECRET_KEY = os.getenv('DJANGO_SECRET_KEY') + +# SECURITY WARNING: don't run with debug turned on in production! +DEBUG = os.getenv('DJANGO_DEBUG', False) + +ALLOWED_HOSTS = [os.getenv('DJANGO_HOST')] + +# Suivi des erreurs sur root@ +EMAIL_SUBJECT_PREFIX = "[CAS] " +ADMINS = ( + ('Intranet', 'root@crans.org'), +) + +# Application definition + +INSTALLED_APPS = [ + 'django.contrib.admin', + 'django.contrib.auth', + 'django.contrib.contenttypes', + 'django.contrib.sessions', + 'django.contrib.messages', + 'django.contrib.staticfiles', + 'cas_server', +] + +MIDDLEWARE = [ + 'django.middleware.security.SecurityMiddleware', + 'whitenoise.middleware.WhiteNoiseMiddleware', + 'django.contrib.sessions.middleware.SessionMiddleware', + 'django.middleware.common.CommonMiddleware', + 'django.middleware.csrf.CsrfViewMiddleware', + 'django.contrib.auth.middleware.AuthenticationMiddleware', + 'django.contrib.messages.middleware.MessageMiddleware', + 'django.middleware.clickjacking.XFrameOptionsMiddleware', + 'django.middleware.locale.LocaleMiddleware', +] + +ROOT_URLCONF = 'cas.urls' + +TEMPLATES = [ + { + 'BACKEND': 'django.template.backends.django.DjangoTemplates', + 'DIRS': [], + 'APP_DIRS': True, + 'OPTIONS': { + 'context_processors': [ + 'django.template.context_processors.debug', + 'django.template.context_processors.request', + 'django.contrib.auth.context_processors.auth', + 'django.contrib.messages.context_processors.messages', + ], + }, + }, +] + +WSGI_APPLICATION = 'cas.wsgi.application' + + +# Database +# https://docs.djangoproject.com/en/1.11/ref/settings/#databases + +DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.postgresql', + 'NAME': os.getenv('DJANGO_DB_NAME'), + 'HOST': os.getenv('DJANGO_DB_HOST'), + 'USER': os.getenv('DJANGO_DB_USER'), + 'PASSWORD': os.getenv('DJANGO_DB_PASSWORD'), + } +} + + +# Password validation +# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators + +AUTH_PASSWORD_VALIDATORS = [ + { + 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', + }, +] + + +# Internationalization +# https://docs.djangoproject.com/en/1.11/topics/i18n/ + +LANGUAGE_CODE = 'en-us' + +TIME_ZONE = 'UTC' + +USE_I18N = True + +USE_L10N = True + +USE_TZ = True + + +# Static files (CSS, JavaScript, Images) +# https://docs.djangoproject.com/en/1.11/howto/static-files/ + +STATIC_URL = '/static/' + + +# Below are custom parameters + +STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage' +STATICFILES_DIRS = [os.path.join(BASE_DIR, "static")] +STATIC_ROOT = os.path.join(BASE_DIR, "static_files/") + +CAS_AUTH_CLASS = "cas_server.auth.LdapAuthUser" +CAS_LDAP_SERVER = os.getenv('DJANGO_CAS_LDAP_SERVER') +CAS_LDAP_USER = os.getenv('DJANGO_CAS_LDAP_USER') +CAS_LDAP_PASSWORD = os.getenv('DJANGO_CAS_LDAP_PASSWORD') +CAS_LDAP_BASE_DN = os.getenv('DJANGO_CAS_LDAP_BASE_DN') + +CAS_LOGO_URL = "/static/auro.png" + +CAS_INFO_MESSAGES_ORDER = ["cas_explained"] + +CAS_NEW_VERSION_HTML_WARNING = False +CAS_NEW_VERSION_EMAIL_WARNING = False + +SESSION_COOKIE_AGE = 86400 +SESSION_EXPIRE_AT_BROWSER_CLOSE = True +SESSION_COOKIE_HTTPONLY = True + +LOGGING = { + 'version': 1, + 'disable_existing_loggers': False, + 'formatters': { + 'cas_syslog': { + 'format': 'cas: %(levelname)s %(message)s' + }, + }, + 'handlers': { + 'cas_syslog': { + 'level': 'INFO', + 'class': 'logging.handlers.SysLogHandler', + 'address': '/dev/log', + 'formatter': 'cas_syslog', + }, + }, + 'loggers': { + 'cas_server': { + 'handlers': ['cas_syslog'], + 'level': 'INFO', + 'propagate': True, + }, + }, +} + diff --git a/django-cas/code/cas/urls.py b/django-cas/code/cas/urls.py new file mode 100644 index 0000000..f182d34 --- /dev/null +++ b/django-cas/code/cas/urls.py @@ -0,0 +1,23 @@ +"""cas URL Configuration + +The `urlpatterns` list routes URLs to views. For more information please see: + https://docs.djangoproject.com/en/1.11/topics/http/urls/ +Examples: +Function views + 1. Add an import: from my_app import views + 2. Add a URL to urlpatterns: url(r'^$', views.home, name='home') +Class-based views + 1. Add an import: from other_app.views import Home + 2. Add a URL to urlpatterns: url(r'^$', Home.as_view(), name='home') +Including another URLconf + 1. Import the include() function: from django.conf.urls import url, include + 2. Add a URL to urlpatterns: url(r'^blog/', include('blog.urls')) +""" +from django.conf.urls import include, url +from django.contrib import admin + +urlpatterns = [ + url(r'^admin/', admin.site.urls), + url(r'^', include('cas_server.urls', namespace="cas_server")), +] + diff --git a/django-cas/code/cas/wsgi.py b/django-cas/code/cas/wsgi.py new file mode 100644 index 0000000..804320f --- /dev/null +++ b/django-cas/code/cas/wsgi.py @@ -0,0 +1,16 @@ +""" +WSGI config for cas project. + +It exposes the WSGI callable as a module-level variable named ``application``. + +For more information on this file, see +https://docs.djangoproject.com/en/1.11/howto/deployment/wsgi/ +""" + +import os + +from django.core.wsgi import get_wsgi_application + +os.environ.setdefault("DJANGO_SETTINGS_MODULE", "cas.settings") + +application = get_wsgi_application() diff --git a/django-cas/code/docker-entrypoint.sh b/django-cas/code/docker-entrypoint.sh new file mode 100755 index 0000000..a767ee2 --- /dev/null +++ b/django-cas/code/docker-entrypoint.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +# Collect static files +echo "Collect static files" +python3 manage.py collectstatic --noinput + +# Apply database migrations +echo "Apply database migrations" +sleep 5 # wait for db +python3 manage.py migrate + +# Start server +echo "Starting server" +gunicorn3 cas.wsgi:application --bind 0.0.0.0:8000 --workers 4 diff --git a/django-cas/code/manage.py b/django-cas/code/manage.py new file mode 100755 index 0000000..aff64b6 --- /dev/null +++ b/django-cas/code/manage.py @@ -0,0 +1,22 @@ +#!/usr/bin/env python +import os +import sys + +if __name__ == "__main__": + os.environ.setdefault("DJANGO_SETTINGS_MODULE", "cas.settings") + try: + from django.core.management import execute_from_command_line + except ImportError: + # The above import may fail for some other reason. Ensure that the + # issue is really that Django is missing to avoid masking other + # exceptions on Python 2. + try: + import django + except ImportError: + raise ImportError( + "Couldn't import Django. Are you sure it's installed and " + "available on your PYTHONPATH environment variable? Did you " + "forget to activate a virtual environment?" + ) + raise + execute_from_command_line(sys.argv) diff --git a/django-cas/code/static/auro.png b/django-cas/code/static/auro.png new file mode 100644 index 0000000..7b12fba Binary files /dev/null and b/django-cas/code/static/auro.png differ diff --git a/django-cas/docker-compose.yml b/django-cas/docker-compose.yml new file mode 100644 index 0000000..b376d96 --- /dev/null +++ b/django-cas/docker-compose.yml @@ -0,0 +1,36 @@ +version: '3.7' + +services: + database: + # Don't upgrade PostgreSQL by simply changing the version number + # You need to migrate the Database to the new PostgreSQL version + image: postgres:9.6-alpine + environment: + POSTGRES_USER: cas + POSTGRES_PASSWORD: caspass + POSTGRES_DB: cas + volumes: + - ./data_db:/var/lib/postgresql/data + restart: always + + cas: + build: + context: . + environment: + DJANGO_DB_NAME: cas + DJANGO_DB_HOST: database + DJANGO_DB_USER: cas + DJANGO_DB_PASSWORD: caspass + DJANGO_SECRET_KEY: "Please change me in production !" + DJANGO_HOST: localhost + DJANGO_DEBUG: "false" + DJANGO_CAS_LDAP_SERVER: "re2o-ldap.adm.auro.re" + DJANGO_CAS_LDAP_USER: "cn=cas,ou=service-users,dc=auro,dc=re" + DJANGO_CAS_LDAP_PASSWORD: "Change me in prod !" + DJANGO_CAS_LDAP_BASE_DN: "cn=Utilisateurs,dc=auro,dc=re" + ports: + - "8085:8000" + restart: always + depends_on: + - database +