kiara/Fediversity
1
0
Fork 0
forked from Fediversity/Fediversity
Code Pull requests Activity

simplify configuration via environment

Browse source
This commit is contained in:
Valentin Gagarin 2025-03-19 10:06:38 +01:00
parent c5fe0157b0
commit afbbcbc22d
2 changed files with 21 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
panel/default.nix
View file

@ -23,14 +23,15 @@ in
NPINS_DIRECTORY = toString ../npins; NPINS_DIRECTORY = toString ../npins;
# explicitly use nix, as e.g. lix does not have configurable-impure-env # explicitly use nix, as e.g. lix does not have configurable-impure-env
NIX_DIR = pkgs.nix; NIX_DIR = pkgs.nix;
REPO_DIR = toString ../.;
CREDENTIALS_DIRECTORY = builtins.toString ./.credentials;
DATABASE_URL = "sqlite:///${toString ./src}/db.sqlite3";
}; };
shellHook = '' shellHook = ''
# in production, secrets are passed via CREDENTIALS_DIRECTORY by systemd. # in production, secrets are passed via CREDENTIALS_DIRECTORY by systemd.
# use this directory for testing with local secrets # use this directory for testing with local secrets
mkdir -p .credentials mkdir -p $CREDENTIALS_DIRECTORY
echo secret > ${builtins.toString ./.credentials}/SECRET_KEY echo secret > ${builtins.toString ./.credentials}/SECRET_KEY
export CREDENTIALS_DIRECTORY=${builtins.toString ./.credentials}
export DATABASE_URL="sqlite:///${toString ./src}/db.sqlite3"
''; '';
}; };

14
panel/src/panel/settings.py
View file

@ -173,10 +173,10 @@ DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
# Customization via user settings # Customization via user settings
# This must be at the end, as it must be able to override the above # This must be at the end, as it must be able to override the above
# TODO: we may want to do this with a flat environment instead, and get all values from `os.environ.get()`. # TODO(@fricklerhandwerk):
# we may want to do this with a flat environment instead, and get all values from `os.environ.get()`.
# this would make it more obvious which moving parts there are, if that environment is specified for development/staging/production in a visible place. # this would make it more obvious which moving parts there are, if that environment is specified for development/staging/production in a visible place.
user_settings_file = env.get("USER_SETTINGS_FILE", None) user_settings_file = env["USER_SETTINGS_FILE"]
if user_settings_file is not None:
spec = importlib.util.spec_from_file_location("user_settings", user_settings_file) spec = importlib.util.spec_from_file_location("user_settings", user_settings_file)
if spec is None or spec.loader is None: if spec is None or spec.loader is None:
raise RuntimeError("User settings specification failed!") raise RuntimeError("User settings specification failed!")
@ -187,8 +187,12 @@ if user_settings_file is not None:
# non-Django application settings # non-Django application settings
# TODO(@fricklerhandwerk):
# The correct thing to do here would be using a helper function such as with `get_secret()` that will catch the exception and explain what's wrong and where to put the right values.
# Replacing the `USER_SETTINGS_FILE` mechanism following the comment there would probably be a good thing.
# a dir of nix supporting experimental feature `configurable-impure-env`. # a dir of nix supporting experimental feature `configurable-impure-env`.
nix_bin_dir=f"{env.get("NIX_DIR")}/bin/" nix_bin_dir=f"{env['NIX_DIR']}/bin/"
# path of the root flake to trigger nixops from, see #94. # path of the root flake to trigger nixops from, see #94.
# to deploy this should be specified, for dev just use a relative path. # to deploy this should be specified, for dev just use a relative path.
repo_dir = env.get("REPO_DIR") or f"{os.getcwd()}/.." repo_dir = env["REPO_DIR"]