addons-server/settings.py

"""This is the standard development settings file.

If you need to overload settings, please do so in a local_settings.py file (it
won't be tracked in git).

"""
import os
from urlparse import urlparse

from olympia.lib.settings_base import *  # noqa

WSGI_APPLICATION = 'olympia.wsgi.application'

DEBUG = True
DEBUG_PROPAGATE_EXCEPTIONS = False

# These apps are great during development.
INSTALLED_APPS += (
    'olympia.landfill',
)

# Using locmem deadlocks in certain scenarios. This should all be fixed,
# hopefully, in Django1.7. At that point, we may try again, and remove this to
# not require memcache installation for newcomers.
# A failing scenario is:
# 1/ log in
# 2/ click on "Submit a new addon"
# 3/ click on "I accept this Agreement" => request never ends
#
# If this is changed back to locmem, make sure to use it from "caching" (by
# default in Django for locmem, a timeout of "0" means "don't cache it", while
# on other backends it means "cache forever"):
#      'BACKEND': 'caching.backends.locmem.LocMemCache'
CACHES = {
    'default': {
        'BACKEND': 'caching.backends.memcached.MemcachedCache',
        'LOCATION': os.environ.get('MEMCACHE_LOCATION', 'localhost:11211'),
    }
}

# For local development, we don't need syslog and mozlog loggers.
USE_SYSLOG = False
USE_MOZLOG = False

# If you're not running on SSL you'll want this to be False.
SESSION_COOKIE_SECURE = False
SESSION_COOKIE_DOMAIN = None

CELERY_TASK_ALWAYS_EAGER = False

# If you want to allow self-reviews for add-ons/apps, then enable this.
# In production we do not want to allow this.
ALLOW_SELF_REVIEWS = True

# Assuming you did `npm install` (and not `-g`) like you were supposed to, this
# will be the path to the `stylus` and `lessc` executables.
STYLUS_BIN = os.getenv('STYLUS_BIN', path('node_modules/stylus/bin/stylus'))
LESS_BIN = os.getenv('LESS_BIN', path('node_modules/less/bin/lessc'))
CLEANCSS_BIN = os.getenv(
    'CLEANCSS_BIN',
    path('node_modules/clean-css-cli/bin/cleancss'))
UGLIFY_BIN = os.getenv(
    'UGLIFY_BIN',
    path('node_modules/uglify-js/bin/uglifyjs'))
ADDONS_LINTER_BIN = os.getenv(
    'ADDONS_LINTER_BIN',
    path('node_modules/addons-linter/bin/addons-linter'))

# Locally we typically don't run more than 1 elasticsearch node. So we set
# replicas to zero.
ES_DEFAULT_NUM_REPLICAS = 0

SITE_URL = os.environ.get('OLYMPIA_SITE_URL') or 'http://localhost:8000'
SERVICES_DOMAIN = urlparse(SITE_URL).netloc
SERVICES_URL = SITE_URL

ALLOWED_HOSTS = ALLOWED_HOSTS + [SERVICES_DOMAIN]

ADDON_COLLECTOR_ID = 1

# Default AMO user id to use for tasks (from users.json fixture in zadmin).
TASK_USER_ID = 10968

# Set to True if we're allowed to use X-SENDFILE.
XSENDFILE = False


AES_KEYS = {
    'api_key:secret': os.path.join(
        ROOT, 'src', 'olympia', 'api', 'tests', 'assets', 'test-api-key.txt'),
}

# FxA config for local development only.
FXA_CONFIG = {
    'default': {
        'client_id': 'f336377c014eacf0',
        'client_secret':
            '5a36054059674b09ea56709c85b862c388f2d493d735070868ae8f476e16a80d',
        'content_host': 'https://stable.dev.lcip.org',
        'oauth_host': 'https://oauth-stable.dev.lcip.org/v1',
        'profile_host': 'https://stable.dev.lcip.org/profile/v1',
        'redirect_url': 'http://olympia.test/api/v3/accounts/authenticate/',
        'scope': 'profile',
    },
    'internal': {
        'client_id': '0f95f6474c24c1dc',
        'client_secret':
            'ca45e503a1b4ec9e2a3d4855d79849e098da18b7dfe42b6bc76dfed420fc1d38',
        'content_host': 'https://stable.dev.lcip.org',
        'oauth_host': 'https://oauth-stable.dev.lcip.org/v1',
        'profile_host': 'https://stable.dev.lcip.org/profile/v1',
        'redirect_url': 'http://localhost:3000/fxa-authenticate',
        'scope': 'profile',
        'skip_register_redirect': True,
    },
    'local': {
        'client_id': '1778aef72d1adfb3',
        'client_secret':
            '3feebe3c009c1a0acdedd009f3530eae2b88859f430fa8bb951ea41f2f859b18',
        'content_host': 'https://stable.dev.lcip.org',
        'oauth_host': 'https://oauth-stable.dev.lcip.org/v1',
        'profile_host': 'https://stable.dev.lcip.org/profile/v1',
        'redirect_url': 'http://localhost:3000/api/v3/accounts/authenticate/',
        'scope': 'profile',
    },
}
FXA_CONFIG['amo'] = FXA_CONFIG['internal']
ALLOWED_FXA_CONFIGS = ['default', 'amo', 'local']

# CSP report endpoint which returns a 204 from addons-nginx in local dev.
CSP_REPORT_URI = '/csp-report'

# Allow GA over http + www subdomain in local development.
HTTP_GA_SRC = 'http://www.google-analytics.com'
CSP_FRAME_SRC += ('https://www.sandbox.paypal.com',)
CSP_IMG_SRC += (HTTP_GA_SRC,)
CSP_SCRIPT_SRC += (HTTP_GA_SRC, "'self'")

# Auth token required to authorize inbound email.
INBOUND_EMAIL_SECRET_KEY = 'totally-unsecure-secret-string'
# Validation key we need to send in POST response.
INBOUND_EMAIL_VALIDATION_KEY = 'totally-unsecure-validation-string'

# For the Github webhook API.
GITHUB_API_USER = ''
GITHUB_API_TOKEN = ''

# If you have settings you want to overload, put them in a local_settings.py.
try:
    from local_settings import *  # noqa
except ImportError:
    pass
Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00			`"""This is the standard development settings file.`

			`If you need to overload settings, please do so in a local_settings.py file (it`
			`won't be tracked in git).`

			`"""`
Use docker (bug 1075456) 2014-10-01 15:44:44 +04:00			`import os`
Add configured domain to ALLOWED_HOSTS. Fixes circleci tests and our runserver. (#3918) * Add configured domain to ALLOWED_HOSTS. Fixes circleci tests and our runserver. * Correctly map uitests to olympia.dev 2016-11-02 18:56:10 +03:00			`from urlparse import urlparse`
Use docker (bug 1075456) 2014-10-01 15:44:44 +04:00
Update setup.cfg, fix package imports, syntax errors, various cleanups. * Update installed apps, fix grouping and naming. * Fix app-names in settings * re-add startup import to manage.py for now Various more import fixes, all import rewrites are now done. This unfortunately still failes because of some circular imports depending on django not being setup early enough. 2015-12-16 11:46:10 +03:00			`from olympia.lib.settings_base import * # noqa`
Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00
Allow setting the recursion limit with RECURSION_LIMIT (fixes #1911) 2016-03-15 17:22:16 +03:00			`WSGI_APPLICATION = 'olympia.wsgi.application'`

Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00			`DEBUG = True`
better experience for local dev: display 500 django page 2015-03-16 12:50:22 +03:00			`DEBUG_PROPAGATE_EXCEPTIONS = False`
Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00
			`# These apps are great during development.`
			`INSTALLED_APPS += (`
Update setup.cfg, fix package imports, syntax errors, various cleanups. * Update installed apps, fix grouping and naming. * Fix app-names in settings * re-add startup import to manage.py for now Various more import fixes, all import rewrites are now done. This unfortunately still failes because of some circular imports depending on django not being setup early enough. 2015-12-16 11:46:10 +03:00			`'olympia.landfill',`
Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00			`)`

use memcache, locmem doesn't work (bug 1050155) 2014-09-02 20:03:20 +04:00			`# Using locmem deadlocks in certain scenarios. This should all be fixed,`
			`# hopefully, in Django1.7. At that point, we may try again, and remove this to`
			`# not require memcache installation for newcomers.`
			`# A failing scenario is:`
			`# 1/ log in`
			`# 2/ click on "Submit a new addon"`
			`# 3/ click on "I accept this Agreement" => request never ends`
			`#`
			`# If this is changed back to locmem, make sure to use it from "caching" (by`
			`# default in Django for locmem, a timeout of "0" means "don't cache it", while`
			`# on other backends it means "cache forever"):`
			`# 'BACKEND': 'caching.backends.locmem.LocMemCache'`
Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00			`CACHES = {`
			`'default': {`
use memcache, locmem doesn't work (bug 1050155) 2014-09-02 20:03:20 +04:00			`'BACKEND': 'caching.backends.memcached.MemcachedCache',`
Use docker (bug 1075456) 2014-10-01 15:44:44 +04:00			`'LOCATION': os.environ.get('MEMCACHE_LOCATION', 'localhost:11211'),`
Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00			`}`
			`}`

Log to console using mozlog json format in dev/stage/prod 2017-04-06 14:00:00 +03:00			`# For local development, we don't need syslog and mozlog loggers.`
			`USE_SYSLOG = False`
			`USE_MOZLOG = False`
Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00
			`# If you're not running on SSL you'll want this to be False.`
			`SESSION_COOKIE_SECURE = False`
			`SESSION_COOKIE_DOMAIN = None`

Upgrade to Celery 4 (#6667) * Update celery, config and dependencies to 4.x * Remove usage of TaskSet, replace with group(), update `ampq` * Enable redis on travis for better celery 4.x testing * Fix lib/celery_tests * Correct test testing email sending retrying on errors * Fix celery subtask mocking errors. * Fix celery broker url env variable * Integrate watchdog for celery autoreload * Ensure dependencies are updated for worker and web container. * Restart all services after the dependency update * Remove explicit celery loader environment variable. * Restart all services in web and worker after running 'update_docker' * Increase sleep time a bit 2017-10-16 12:16:41 +03:00			`CELERY_TASK_ALWAYS_EAGER = False`
Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00
			`# If you want to allow self-reviews for add-ons/apps, then enable this.`
			`# In production we do not want to allow this.`
			`ALLOW_SELF_REVIEWS = True`

			# Assuming you did `npm install` (and not `-g`) like you were supposed to, this
			# will be the path to the `stylus` and `lessc` executables.
Move npm installation to Dockerfile 2015-09-29 11:38:50 +03:00			`STYLUS_BIN = os.getenv('STYLUS_BIN', path('node_modules/stylus/bin/stylus'))`
			`LESS_BIN = os.getenv('LESS_BIN', path('node_modules/less/bin/lessc'))`
Install addons-validator and configure it's path. Fixes #881 2015-11-20 11:08:15 +03:00			`CLEANCSS_BIN = os.getenv(`
			`'CLEANCSS_BIN',`
fix(package): update clean-css to version 4.0.2 (#4504) * fix(package): update clean-css to version 4.0.2 With v4.0 clean-css has split it's command line tools into a separate package. Closes #4475 * fix paths 2017-01-30 16:18:06 +03:00			`path('node_modules/clean-css-cli/bin/cleancss'))`
Install addons-validator and configure it's path. Fixes #881 2015-11-20 11:08:15 +03:00			`UGLIFY_BIN = os.getenv(`
			`'UGLIFY_BIN',`
			`path('node_modules/uglify-js/bin/uglifyjs'))`
Rename addons-validator to addons-linter and update to latest release. Fixes #1742 2016-02-24 12:53:26 +03:00			`ADDONS_LINTER_BIN = os.getenv(`
			`'ADDONS_LINTER_BIN',`
			`path('node_modules/addons-linter/bin/addons-linter'))`
Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00
			`# Locally we typically don't run more than 1 elasticsearch node. So we set`
			`# replicas to zero.`
			`ES_DEFAULT_NUM_REPLICAS = 0`

Add SITE_URL to local server from environ variable 2015-10-30 20:21:04 +03:00			`SITE_URL = os.environ.get('OLYMPIA_SITE_URL') or 'http://localhost:8000'`
Add configured domain to ALLOWED_HOSTS. Fixes circleci tests and our runserver. (#3918) * Add configured domain to ALLOWED_HOSTS. Fixes circleci tests and our runserver. * Correctly map uitests to olympia.dev 2016-11-02 18:56:10 +03:00			`SERVICES_DOMAIN = urlparse(SITE_URL).netloc`
Set SERVICES_DOMAIN and SERVICES_URL correctly for local development 2016-07-20 12:05:29 +03:00			`SERVICES_URL = SITE_URL`
Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00
Add configured domain to ALLOWED_HOSTS. Fixes circleci tests and our runserver. (#3918) * Add configured domain to ALLOWED_HOSTS. Fixes circleci tests and our runserver. * Correctly map uitests to olympia.dev 2016-11-02 18:56:10 +03:00			`ALLOWED_HOSTS = ALLOWED_HOSTS + [SERVICES_DOMAIN]`

Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00			`ADDON_COLLECTOR_ID = 1`

TASK_USER_ID setting uses an existing fixture for local dev 2015-03-07 18:22:21 +03:00			`# Default AMO user id to use for tasks (from users.json fixture in zadmin).`
			`TASK_USER_ID = 10968`

Don't use X-SENDFILE for local dev 2015-03-07 21:23:18 +03:00			`# Set to True if we're allowed to use X-SENDFILE.`
			`XSENDFILE = False`
Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00
Add tip on how to display the Django Debug Toolbar to the docs 2015-09-22 14:29:46 +03:00
JWT token auth for signing API (bug 1210889) 2015-10-08 22:45:44 +03:00			`AES_KEYS = {`
Update gitignore, updates to mock/patch import paths, minor fixes along the way. 2015-12-28 22:08:27 +03:00			`'api_key:secret': os.path.join(`
			`ROOT, 'src', 'olympia', 'api', 'tests', 'assets', 'test-api-key.txt'),`
JWT token auth for signing API (bug 1210889) 2015-10-08 22:45:44 +03:00			`}`

Initial Firefox Accounts login Fixes #863, fixes #864 2015-11-10 02:19:15 +03:00			`# FxA config for local development only.`
			`FXA_CONFIG = {`
Internal login JSON API (fixes #2425) 2016-04-21 23:31:31 +03:00			`'default': {`
Update fxa config with new client for new redirect url 2018-02-08 11:40:45 +03:00			`'client_id': 'f336377c014eacf0',`
Internal login JSON API (fixes #2425) 2016-04-21 23:31:31 +03:00			`'client_secret':`
Update fxa config with new client for new redirect url 2018-02-08 11:40:45 +03:00			`'5a36054059674b09ea56709c85b862c388f2d493d735070868ae8f476e16a80d',`
Internal login JSON API (fixes #2425) 2016-04-21 23:31:31 +03:00			`'content_host': 'https://stable.dev.lcip.org',`
			`'oauth_host': 'https://oauth-stable.dev.lcip.org/v1',`
			`'profile_host': 'https://stable.dev.lcip.org/profile/v1',`
First part moving to olympia.test 2018-01-26 09:08:08 +03:00			`'redirect_url': 'http://olympia.test/api/v3/accounts/authenticate/',`
Internal login JSON API (fixes #2425) 2016-04-21 23:31:31 +03:00			`'scope': 'profile',`
			`},`
			`'internal': {`
			`'client_id': '0f95f6474c24c1dc',`
			`'client_secret':`
			`'ca45e503a1b4ec9e2a3d4855d79849e098da18b7dfe42b6bc76dfed420fc1d38',`
			`'content_host': 'https://stable.dev.lcip.org',`
			`'oauth_host': 'https://oauth-stable.dev.lcip.org/v1',`
			`'profile_host': 'https://stable.dev.lcip.org/profile/v1',`
Use redirect_url not redirect_uri in internal auth (#2511) 2016-04-27 17:54:15 +03:00			`'redirect_url': 'http://localhost:3000/fxa-authenticate',`
Internal login JSON API (fixes #2425) 2016-04-21 23:31:31 +03:00			`'scope': 'profile',`
Redirect to next_path on register from mobile pages (fixes #4742) (#4747) 2017-02-23 21:19:27 +03:00			`'skip_register_redirect': True,`
Internal login JSON API (fixes #2425) 2016-04-21 23:31:31 +03:00			`},`
Support amo frontend auth more closely to production (#4681) 2017-02-17 19:08:30 +03:00			`'local': {`
			`'client_id': '1778aef72d1adfb3',`
			`'client_secret':`
			`'3feebe3c009c1a0acdedd009f3530eae2b88859f430fa8bb951ea41f2f859b18',`
			`'content_host': 'https://stable.dev.lcip.org',`
			`'oauth_host': 'https://oauth-stable.dev.lcip.org/v1',`
			`'profile_host': 'https://stable.dev.lcip.org/profile/v1',`
			`'redirect_url': 'http://localhost:3000/api/v3/accounts/authenticate/',`
			`'scope': 'profile',`
			`},`
Internal login start endpoint (fixes #2424) 2016-04-20 01:24:45 +03:00			`}`
Support multiple FxA configurations (fixes #3496) Fixes #3505 2016-09-14 08:18:07 +03:00			`FXA_CONFIG['amo'] = FXA_CONFIG['internal']`
Support development FxA config on dev (#3540) 2016-09-21 01:08:09 +03:00			`ALLOWED_FXA_CONFIGS = ['default', 'amo', 'local']`
JWT token auth for signing API (bug 1210889) 2015-10-08 22:45:44 +03:00
Use the csp-report endpoint in addons-nginx 2016-01-11 20:30:32 +03:00			`# CSP report endpoint which returns a 204 from addons-nginx in local dev.`
			`CSP_REPORT_URI = '/csp-report'`

CSP: Allow GA on www subdomain over http for local dev 2016-01-12 00:00:25 +03:00			`# Allow GA over http + www subdomain in local development.`
			`HTTP_GA_SRC = 'http://www.google-analytics.com'`
Add font-src and fix default-src 2016-01-14 16:45:35 +03:00			`CSP_FRAME_SRC += ('https://www.sandbox.paypal.com',)`
CSP: Allow GA on www subdomain over http for local dev 2016-01-12 00:00:25 +03:00			`CSP_IMG_SRC += (HTTP_GA_SRC,)`
Remove 'self' and https://addons.mozilla.org from script-src 2016-09-09 17:01:25 +03:00			`CSP_SCRIPT_SRC += (HTTP_GA_SRC, "'self'")`
CSP: Allow GA on www subdomain over http for local dev 2016-01-12 00:00:25 +03:00
Add API endpoint to process POST email content and add to activity log; emails received send notification emails; review emails and notification emails can be replied to. 2016-08-10 23:04:57 +03:00			`# Auth token required to authorize inbound email.`
Make all responses to email API return a validation response. (#3650) 2016-10-04 13:53:58 +03:00			`INBOUND_EMAIL_SECRET_KEY = 'totally-unsecure-secret-string'`
			`# Validation key we need to send in POST response.`
			`INBOUND_EMAIL_VALIDATION_KEY = 'totally-unsecure-validation-string'`
Add API endpoint to process POST email content and add to activity log; emails received send notification emails; review emails and notification emails can be replied to. 2016-08-10 23:04:57 +03:00
github validate hook again 2016-12-23 03:29:17 +03:00			`# For the Github webhook API.`
			`GITHUB_API_USER = ''`
			`GITHUB_API_TOKEN = ''`

Remove the need for a settings_local.py (bug 1050155) 2014-08-08 16:08:46 +04:00			`# If you have settings you want to overload, put them in a local_settings.py.`
			`try:`
			`from local_settings import * # noqa`
			`except ImportError:`
			`pass`