forked from Fediversity/Fediversity
enable and document using manage.py in online environment
allows e.g. making users from cli
This commit is contained in:
parent
e13f24eba0
commit
4cdc2702e0
SSH key fingerprint:
SHA256:COspvLoLJ5WC5rFb9ZDe5urVCkK4LJZOsjfF4duRJFU
2 changed files with 11 additions and 20 deletions
panel
|
|
@ -55,3 +55,9 @@ The Fediversity Panel is a web service for managing Fediversity deployments with
|
|||
```
|
||||
|
||||
- Use the [Django Debug Toolbar](https://github.com/django-commons/django-debug-toolbar) for troubleshooting in the browser
|
||||
|
||||
When deployed, `manage` may be accessed like:
|
||||
|
||||
```sh
|
||||
sudo DATABASE_URL=sqlite:////var/lib/panel/db.sqlite3 manage
|
||||
```
|
||||
|
|
|
|||
|
|
@ -25,24 +25,9 @@ BASE_DIR = Path(__file__).resolve().parent.parent
|
|||
# Quick-start development settings - unsuitable for production
|
||||
# See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/
|
||||
|
||||
def get_secret(name: str, encoding: str = "utf-8") -> str:
|
||||
# In the NixOS deployment, this variable is set by `systemd` via `LoadCredential`
|
||||
# https://systemd.io/CREDENTIALS/
|
||||
credentials_dir = env.get("CREDENTIALS_DIRECTORY")
|
||||
|
||||
if credentials_dir is None:
|
||||
raise RuntimeError("No credentials directory available.")
|
||||
|
||||
try:
|
||||
with open(f"{credentials_dir}/{name}", encoding=encoding) as f:
|
||||
secret = f.read().removesuffix("\n")
|
||||
except FileNotFoundError:
|
||||
raise RuntimeError(f"No secret named {name} found in {credentials_dir}.")
|
||||
|
||||
return secret
|
||||
|
||||
# mandatory for the systemd service, but not set (or needed) for manage.py.
|
||||
# SECURITY WARNING: keep the secret key used in production secret!
|
||||
SECRET_KEY = get_secret("SECRET_KEY")
|
||||
SECRET_KEY = env.get("CREDENTIALS_DIRECTORY")
|
||||
|
||||
# SECURITY WARNING: don't run with debug turned on in production!
|
||||
DEBUG = True
|
||||
|
|
@ -189,11 +174,11 @@ if user_settings_file is not None:
|
|||
# non-Django application settings
|
||||
|
||||
# TODO(@fricklerhandwerk):
|
||||
# The correct thing to do here would be using a helper function such as with `get_secret()` that will catch the exception and explain what's wrong and where to put the right values.
|
||||
# The correct thing to do here would be using a helper function that will catch the exception and explain what's wrong and where to put the right values.
|
||||
# Replacing the `USER_SETTINGS_FILE` mechanism following the comment there would probably be a good thing.
|
||||
|
||||
# a dir of nix supporting experimental feature `configurable-impure-env`.
|
||||
nix_bin=env['NIX_BIN']
|
||||
nix_bin=env.get('NIX_BIN')
|
||||
# path of the root flake to trigger nixops from, see #94.
|
||||
# to deploy this should be specified, for dev just use a relative path.
|
||||
repo_dir = env["REPO_DIR"]
|
||||
repo_dir = env.get("REPO_DIR")
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue