diff --git a/django-cas-server/Dockerfile b/django-cas-server/Dockerfile new file mode 100644 index 0000000..04052cb --- /dev/null +++ b/django-cas-server/Dockerfile @@ -0,0 +1,21 @@ +FROM python:3-buster + +ENV PYTHONUNBUFFERED 1 +ENV DJANGO_DB_NAME=cas +ENV DJANGO_DB_HOST=postgres +ENV DJANGO_DB_USER=cas +ENV DJANGO_HOST=cas.auro.re +ENV DJANGO_CAS_LDAP_SERVER=10.128.0.11 +ENV DJANGO_CAS_LDAP_USER=cn=cas,ou=service-users,dc=auro,dc=re +ENV DJANGO_CAS_LDAP_BASE_DN=cn=Utilisateurs,dc=auro,dc=re + +RUN mkdir /code +WORKDIR /code + +COPY requirements.txt /code/ +RUN pip install -r requirements.txt + +COPY . /code/ + +ENTRYPOINT ["./entrypoint.sh"] +EXPOSE 8000 diff --git a/django-cas-server/cas/__init__.py b/django-cas-server/cas/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/django-cas-server/cas/settings.py b/django-cas-server/cas/settings.py new file mode 100644 index 0000000..313ada1 --- /dev/null +++ b/django-cas-server/cas/settings.py @@ -0,0 +1,176 @@ +""" +Django settings for cas project. + +Generated by 'django-admin startproject' using Django 1.11. + +For more information on this file, see +https://docs.djangoproject.com/en/1.11/topics/settings/ + +For the full list of settings and their values, see +https://docs.djangoproject.com/en/1.11/ref/settings/ +""" + +import os + +# Build paths inside the project like this: os.path.join(BASE_DIR, ...) +BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + + +# Quick-start development settings - unsuitable for production +# See https://docs.djangoproject.com/en/1.11/howto/deployment/checklist/ + +# SECURITY WARNING: keep the secret key used in production secret! +SECRET_KEY = os.getenv('DJANGO_SECRET_KEY') + +# SECURITY WARNING: don't run with debug turned on in production! +DEBUG = os.getenv('DJANGO_DEBUG', False) + +ALLOWED_HOSTS = [os.getenv('DJANGO_HOST')] + +# Suivi des erreurs sur root@ +EMAIL_SUBJECT_PREFIX = "[CAS] " +ADMINS = ( + ('Intranet', 'root@crans.org'), +) + +# Application definition + +INSTALLED_APPS = [ + 'django.contrib.admin', + 'django.contrib.auth', + 'django.contrib.contenttypes', + 'django.contrib.sessions', + 'django.contrib.messages', + 'django.contrib.staticfiles', + 'cas_server', +] + +MIDDLEWARE = [ + 'django.middleware.security.SecurityMiddleware', + 'whitenoise.middleware.WhiteNoiseMiddleware', + 'django.contrib.sessions.middleware.SessionMiddleware', + 'django.middleware.common.CommonMiddleware', + 'django.middleware.csrf.CsrfViewMiddleware', + 'django.contrib.auth.middleware.AuthenticationMiddleware', + 'django.contrib.messages.middleware.MessageMiddleware', + 'django.middleware.clickjacking.XFrameOptionsMiddleware', + 'django.middleware.locale.LocaleMiddleware', +] + +ROOT_URLCONF = 'cas.urls' + +TEMPLATES = [ + { + 'BACKEND': 'django.template.backends.django.DjangoTemplates', + 'DIRS': [], + 'APP_DIRS': True, + 'OPTIONS': { + 'context_processors': [ + 'django.template.context_processors.debug', + 'django.template.context_processors.request', + 'django.contrib.auth.context_processors.auth', + 'django.contrib.messages.context_processors.messages', + ], + }, + }, +] + +WSGI_APPLICATION = 'cas.wsgi.application' + + +# Database +# https://docs.djangoproject.com/en/1.11/ref/settings/#databases + +DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.postgresql', + 'NAME': os.getenv('DJANGO_DB_NAME'), + 'HOST': os.getenv('DJANGO_DB_HOST'), + 'USER': os.getenv('DJANGO_DB_USER'), + 'PASSWORD': os.getenv('DJANGO_DB_PASSWORD'), + } +} + + +# Password validation +# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators + +AUTH_PASSWORD_VALIDATORS = [ + { + 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', + }, +] + + +# Internationalization +# https://docs.djangoproject.com/en/1.11/topics/i18n/ + +LANGUAGE_CODE = 'en-us' + +TIME_ZONE = 'UTC' + +USE_I18N = True + +USE_L10N = True + +USE_TZ = True + + +# Static files (CSS, JavaScript, Images) +# https://docs.djangoproject.com/en/1.11/howto/static-files/ + +STATIC_URL = '/static/' + + +# Below are custom parameters + +STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage' +STATICFILES_DIRS = [os.path.join(BASE_DIR, "static")] +STATIC_ROOT = os.path.join(BASE_DIR, "staticfiles") + +CAS_AUTH_CLASS = "cas_server.auth.LdapAuthUser" +CAS_LDAP_SERVER = os.getenv('DJANGO_CAS_LDAP_SERVER') +CAS_LDAP_USER = os.getenv('DJANGO_CAS_LDAP_USER') +CAS_LDAP_PASSWORD = os.getenv('DJANGO_CAS_LDAP_PASSWORD') +CAS_LDAP_BASE_DN = os.getenv('DJANGO_CAS_LDAP_BASE_DN') + +CAS_INFO_MESSAGES_ORDER = ["cas_explained"] + +SESSION_COOKIE_AGE = 86400 +SESSION_EXPIRE_AT_BROWSER_CLOSE = True +SESSION_COOKIE_HTTPONLY = True + +LOGGING = { + 'version': 1, + 'disable_existing_loggers': False, + 'formatters': { + 'cas_syslog': { + 'format': 'cas: %(levelname)s %(message)s' + }, + }, + 'handlers': { + 'cas_syslog': { + 'level': 'INFO', + 'class': 'logging.handlers.SysLogHandler', + 'address': '/dev/log', + 'formatter': 'cas_syslog', + }, + }, + 'loggers': { + 'cas_server': { + 'handlers': ['cas_syslog'], + 'level': 'INFO', + 'propagate': True, + }, + }, +} + diff --git a/django-cas-server/cas/urls.py b/django-cas-server/cas/urls.py new file mode 100644 index 0000000..f182d34 --- /dev/null +++ b/django-cas-server/cas/urls.py @@ -0,0 +1,23 @@ +"""cas URL Configuration + +The `urlpatterns` list routes URLs to views. For more information please see: + https://docs.djangoproject.com/en/1.11/topics/http/urls/ +Examples: +Function views + 1. Add an import: from my_app import views + 2. Add a URL to urlpatterns: url(r'^$', views.home, name='home') +Class-based views + 1. Add an import: from other_app.views import Home + 2. Add a URL to urlpatterns: url(r'^$', Home.as_view(), name='home') +Including another URLconf + 1. Import the include() function: from django.conf.urls import url, include + 2. Add a URL to urlpatterns: url(r'^blog/', include('blog.urls')) +""" +from django.conf.urls import include, url +from django.contrib import admin + +urlpatterns = [ + url(r'^admin/', admin.site.urls), + url(r'^', include('cas_server.urls', namespace="cas_server")), +] + diff --git a/django-cas-server/cas/wsgi.py b/django-cas-server/cas/wsgi.py new file mode 100644 index 0000000..804320f --- /dev/null +++ b/django-cas-server/cas/wsgi.py @@ -0,0 +1,16 @@ +""" +WSGI config for cas project. + +It exposes the WSGI callable as a module-level variable named ``application``. + +For more information on this file, see +https://docs.djangoproject.com/en/1.11/howto/deployment/wsgi/ +""" + +import os + +from django.core.wsgi import get_wsgi_application + +os.environ.setdefault("DJANGO_SETTINGS_MODULE", "cas.settings") + +application = get_wsgi_application() diff --git a/django-cas-server/entrypoint.sh b/django-cas-server/entrypoint.sh new file mode 100755 index 0000000..71b0b93 --- /dev/null +++ b/django-cas-server/entrypoint.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +# Collect static files +python manage.py collectstatic --noinput + +# Apply database migrations +sleep 3 # wait for db +python manage.py migrate + +# Start server +gunicorn cas.wsgi:application --bind 0.0.0.0:8000 --workers 2 --log-level debug diff --git a/django-cas-server/manage.py b/django-cas-server/manage.py new file mode 100755 index 0000000..aff64b6 --- /dev/null +++ b/django-cas-server/manage.py @@ -0,0 +1,22 @@ +#!/usr/bin/env python +import os +import sys + +if __name__ == "__main__": + os.environ.setdefault("DJANGO_SETTINGS_MODULE", "cas.settings") + try: + from django.core.management import execute_from_command_line + except ImportError: + # The above import may fail for some other reason. Ensure that the + # issue is really that Django is missing to avoid masking other + # exceptions on Python 2. + try: + import django + except ImportError: + raise ImportError( + "Couldn't import Django. Are you sure it's installed and " + "available on your PYTHONPATH environment variable? Did you " + "forget to activate a virtual environment?" + ) + raise + execute_from_command_line(sys.argv) diff --git a/django-cas-server/requirements.txt b/django-cas-server/requirements.txt new file mode 100644 index 0000000..5ac7318 --- /dev/null +++ b/django-cas-server/requirements.txt @@ -0,0 +1,4 @@ +django-cas-server +gunicorn +psycopg2 +whitenoise diff --git a/django-cas-server/static/cas_server/logo.png b/django-cas-server/static/cas_server/logo.png new file mode 100644 index 0000000..7b12fba Binary files /dev/null and b/django-cas-server/static/cas_server/logo.png differ diff --git a/docker-compose.yml b/docker-compose.yml index 046026b..d18c514 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -57,12 +57,13 @@ services: postgres: # Don't upgrade PostgreSQL by simply changing the version number # You need to migrate the Database to the new PostgreSQL version + # When creating for the first time, + # you need to create codimd and cas users and databases. image: postgres:9.6-alpine restart: always environment: - POSTGRES_USER: codimd - POSTGRES_PASSWORD: codimdpass - POSTGRES_DB: codimd + - POSTGRES_USER=postgres + - "POSTGRES_PASSWD=${POSTGRES_PASSWD}" volumes: - ./postgres_data:/var/lib/postgresql/data @@ -77,3 +78,15 @@ services: - ./codimd_uploads_data:/codimd/public/uploads depends_on: - postgres + + cas: + build: django-cas-server + restart: always + environment: + DJANGO_DB_PASSWORD: "${DJANGO_CAS_DB_PASSWORD}" + DJANGO_SECRET_KEY: "${DJANGO_CAS_SECRET_KEY}" + DJANGO_CAS_LDAP_PASSWORD: "${DJANGO_CAS_LDAP_PASSWORD}" + ports: + - "8085:8000" + depends_on: + - postgres