simplify configuration via environment

2025-03-19 10:06:38 +01:00 · 2025-03-19 10:06:38 +01:00 · afbbcbc22d
commit afbbcbc22d
parent c5fe0157b0
2 changed files with 21 additions and 16 deletions
--- a/panel/default.nix
+++ b/panel/default.nix
@ -23,14 +23,15 @@ in
      NPINS_DIRECTORY = toString ../npins;
      # explicitly use nix, as e.g. lix does not have configurable-impure-env
      NIX_DIR = pkgs.nix;
+      REPO_DIR = toString ../.;
+      CREDENTIALS_DIRECTORY = builtins.toString ./.credentials;
+      DATABASE_URL = "sqlite:///${toString ./src}/db.sqlite3";
    };
    shellHook = ''
      # in production, secrets are passed via CREDENTIALS_DIRECTORY by systemd.
      # use this directory for testing with local secrets
-      mkdir -p .credentials
+      mkdir -p $CREDENTIALS_DIRECTORY
      echo secret > ${builtins.toString ./.credentials}/SECRET_KEY
-      export CREDENTIALS_DIRECTORY=${builtins.toString ./.credentials}
-      export DATABASE_URL="sqlite:///${toString ./src}/db.sqlite3"
    '';
  };

--- a/panel/src/panel/settings.py
+++ b/panel/src/panel/settings.py
@ -173,22 +173,26 @@ DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'

 # Customization via user settings
 # This must be at the end, as it must be able to override the above
-# TODO: we may want to do this with a flat environment instead, and get all values from `os.environ.get()`.
-#       this would make it more obvious which moving parts there are, if that environment is specified for development/staging/production in a visible place.
-user_settings_file = env.get("USER_SETTINGS_FILE", None)
-if user_settings_file is not None:
-    spec = importlib.util.spec_from_file_location("user_settings", user_settings_file)
-    if spec is None or spec.loader is None:
-        raise RuntimeError("User settings specification failed!")
-    module = importlib.util.module_from_spec(spec)
-    spec.loader.exec_module(module)
-    sys.modules["user_settings"] = module
-    from user_settings import *  # noqa: F403 # pyright: ignore [reportMissingImports]
+# TODO(@fricklerhandwerk):
+#     we may want to do this with a flat environment instead, and get all values from `os.environ.get()`.
+#     this would make it more obvious which moving parts there are, if that environment is specified for development/staging/production in a visible place.
+user_settings_file = env["USER_SETTINGS_FILE"]
+spec = importlib.util.spec_from_file_location("user_settings", user_settings_file)
+if spec is None or spec.loader is None:
+    raise RuntimeError("User settings specification failed!")
+module = importlib.util.module_from_spec(spec)
+spec.loader.exec_module(module)
+sys.modules["user_settings"] = module
+from user_settings import *  # noqa: F403 # pyright: ignore [reportMissingImports]

 # non-Django application settings

+# TODO(@fricklerhandwerk):
+#     The correct thing to do here would be using a helper function such as with `get_secret()` that will catch the exception and explain what's wrong and where to put the right values.
+#     Replacing the `USER_SETTINGS_FILE` mechanism following the comment there would probably be a good thing.
+
 # a dir of nix supporting experimental feature `configurable-impure-env`.
-nix_bin_dir=f"{env.get("NIX_DIR")}/bin/"
+nix_bin_dir=f"{env['NIX_DIR']}/bin/"
 # path of the root flake to trigger nixops from, see #94.
 # to deploy this should be specified, for dev just use a relative path.
-repo_dir = env.get("REPO_DIR") or f"{os.getcwd()}/.."
+repo_dir = env["REPO_DIR"]