Revision 97801513
/dev/null | ||
---|---|---|
1 |
import os |
|
2 |
import sys |
|
3 |
|
|
4 |
sys.path.append('/path/to/') |
|
5 |
sys.path.append('/path/to/djnro') |
|
6 |
|
|
7 |
os.environ['DJANGO_SETTINGS_MODULE'] = 'djnro.settings' |
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
import django.core.handlers.wsgi |
|
12 |
application = django.core.handlers.wsgi.WSGIHandler() |
b/djnro/settings.py.dist | ||
---|---|---|
44 | 44 |
'PASSWORD': '', # Not used with sqlite3. |
45 | 45 |
'HOST': '', # Set to empty string for localhost. Not used with sqlite3. |
46 | 46 |
'PORT': '', # Set to empty string for default. Not used with sqlite3. |
47 |
<<<<<<< refs/remotes/origin/wheezy:djnro/settings.py.dist |
|
47 | 48 |
'STORAGE_ENGINE': 'INNODB', |
49 |
======= |
|
50 |
'STORAGE_ENGINE': 'INNODB', |
|
51 |
>>>>>>> local:settings.py.dist |
|
48 | 52 |
} |
49 | 53 |
} |
50 | 54 |
|
... | ... | |
96 | 100 |
# Examples: "http://media.lawrence.com/media/", "http://example.com/media/" |
97 | 101 |
MEDIA_URL = '' |
98 | 102 |
|
103 |
<<<<<<< refs/remotes/origin/wheezy:djnro/settings.py.dist |
|
99 | 104 |
# Absolute path to the directory static files should be collected to. |
100 | 105 |
# Don't put anything in this directory yourself; store your static files |
101 | 106 |
# in apps' "static/" subdirectories and in STATICFILES_DIRS. |
... | ... | |
105 | 110 |
# URL prefix for static files. |
106 | 111 |
# Example: "http://media.lawrence.com/static/" |
107 | 112 |
STATIC_URL = 'http://example.com/static' |
113 |
======= |
|
114 |
# URL prefix for admin media -- CSS, JavaScript and images. Make sure to use a |
|
115 |
# trailing slash. |
|
116 |
# Examples: "http://foo.com/media/", "/media/". |
|
117 |
ADMIN_MEDIA_PREFIX = '/media/' |
|
118 |
|
|
119 |
STATIC_URL = '/static/' |
|
120 |
STATIC_ROOT = '/path/to/static/root' |
|
121 |
STATICFILES_DIRS = [ |
|
122 |
'/path/to/staticfiles/dirs', |
|
123 |
] |
|
124 |
|
|
125 |
# Make this unique, and don't share it with anybody. |
|
126 |
SECRET_KEY = 'x)gmuyo2h=l@tmpyh4b(-!gki%@u$-=3^@z+vf&&!ci7$*!+k9' |
|
127 |
>>>>>>> local:settings.py.dist |
|
108 | 128 |
|
109 | 129 |
# Additional locations of static files |
110 | 130 |
STATICFILES_DIRS = ( |
... | ... | |
113 | 133 |
# Don't forget to use absolute paths, not relative paths. |
114 | 134 |
) |
115 | 135 |
|
136 |
<<<<<<< refs/remotes/origin/wheezy:djnro/settings.py.dist |
|
116 | 137 |
# List of finder classes that know how to find static files in |
117 | 138 |
# various locations. |
118 | 139 |
STATICFILES_FINDERS = ( |
119 | 140 |
'django.contrib.staticfiles.finders.FileSystemFinder', |
120 | 141 |
'django.contrib.staticfiles.finders.AppDirectoriesFinder', |
121 | 142 |
# 'django.contrib.staticfiles.finders.DefaultStorageFinder', |
143 |
======= |
|
144 |
AUTHENTICATION_BACKENDS = ( |
|
145 |
'djangobackends.shibauthBackend.shibauthBackend', |
|
146 |
'djangobackends.ldapBackend.ldapBackend', |
|
147 |
'social_auth.backends.twitter.TwitterBackend', |
|
148 |
#'social_auth.backends.facebook.FacebookBackend', |
|
149 |
'social_auth.backends.google.GoogleBackend', |
|
150 |
#'social_auth.backends.contrib.linkedin.LinkedinBackend', |
|
151 |
#'social_auth.backends.contrib.yahoo.YahooOAuthBackend', |
|
152 |
#'social_auth.backends.yahoo.YahooBackend', |
|
153 |
'social_auth.backends.OpenIDBackend', |
|
154 |
'django.contrib.auth.backends.ModelBackend', |
|
155 |
>>>>>>> local:settings.py.dist |
|
122 | 156 |
) |
123 | 157 |
|
124 | 158 |
# Make this unique, and don't share it with anybody. |
... | ... | |
197 | 231 |
'django.contrib.markup', |
198 | 232 |
'django.contrib.admin', |
199 | 233 |
'django.contrib.admindocs', |
234 |
'django.contrib.staticfiles', |
|
200 | 235 |
'edumanage', |
201 | 236 |
'accounts', |
202 | 237 |
'south', |
203 | 238 |
'registration', |
204 | 239 |
'tinymce', |
205 | 240 |
'social_auth', |
241 |
<<<<<<< refs/remotes/origin/wheezy:djnro/settings.py.dist |
|
206 | 242 |
'utils', |
243 |
======= |
|
244 |
|
|
245 |
>>>>>>> local:settings.py.dist |
|
207 | 246 |
) |
208 | 247 |
|
209 | 248 |
# A sample logging configuration. The only tangible logging |
... | ... | |
284 | 323 |
# If it's the same with LANGUAGES, simply do URL_NAME_LANGS = LANGUAGES |
285 | 324 |
URL_NAME_LANGS = ( |
286 | 325 |
('en', 'English' ), |
326 |
<<<<<<< refs/remotes/origin/wheezy:djnro/settings.py.dist |
|
287 | 327 |
('el', 'Ελληνικά'), |
328 |
======= |
|
329 |
('el', u'Ελληνικά'), |
|
330 |
>>>>>>> local:settings.py.dist |
|
288 | 331 |
) |
289 | 332 |
|
290 | 333 |
# Frontend country specific vars, eg. Greece |
291 | 334 |
NRO_COUNTRY_NAME = _('My Country') |
292 |
# Variable used by context_processor to display the "eduroam | <country_code>" in base.html
|
|
335 |
# Variable used by context_processor to display the "eduroam | <country_code>" in base.html |
|
293 | 336 |
NRO_COUNTRY_CODE = 'gr' |
294 | 337 |
# main domain url used in right top icon, eg. http://www.grnet.gr |
295 | 338 |
NRO_DOMAIN_MAIN_URL = "http://www.example.com" |
... | ... | |
297 | 340 |
NRO_PROV_BY_DICT = {"name": "GRNET NOC", "url": "//noc.grnet.gr"} |
298 | 341 |
#provider social media contact (Use: // to preserve https) |
299 | 342 |
NRO_PROV_SOCIAL_MEDIA_CONTACT = [ |
300 |
{"url":"//facebook.com/noc.grnet.gr", "icon":"/static/img/facebook_img.png", "name":"Facebook"},
|
|
343 |
{"url":"//facebook.com/noc.grnet.gr", "icon":"/static/img/facebook_img.png", "name":"Facebook"}, |
|
301 | 344 |
{"url":"//twitter.com/grnetnoc", "icon":"/static/img/twitter_img.png", "name":"Twitter"}, |
302 | 345 |
] |
303 | 346 |
# map center (lat, lng) |
304 | 347 |
MAP_CENTER = (36.97, 23.71) |
305 |
#Helpdesk, used in base.html:
|
|
348 |
#Helpdesk, used in base.html: |
|
306 | 349 |
NRO_DOMAIN_HELPDESK_DICT = {"name": _("Domain Helpdesk"), 'email':'helpdesk@example.com', 'phone': '12324567890', 'uri': 'helpdesk.example.com'} |
307 | 350 |
|
308 | 351 |
#Countries for Realm model: |
b/docs/source/install.rst | ||
---|---|---|
23 | 23 |
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
24 | 24 |
|
25 | 25 |
The following variables/settings need to be altered or set: |
26 |
|
|
26 |
|
|
27 | 27 |
Set Admin contacts:: |
28 | 28 |
|
29 | 29 |
ADMINS = ( |
... | ... | |
59 | 59 |
SECRET_KEY = '<put something really random here, eg. %$#%@#$^2312351345#$%3452345@#$%@#$234#@$hhzdavfsdcFDGVFSDGhn>' |
60 | 60 |
|
61 | 61 |
Django social auth needs changes in the Authentication Backends depending on which social auth you want to enable:: |
62 |
|
|
62 |
|
|
63 | 63 |
AUTHENTICATION_BACKENDS = ( |
64 |
'djnro.djangobackends.shibauthBackend.shibauthBackend',
|
|
64 |
'djnro.djangobackends.shibauthBackend.shibauthBackend', |
|
65 | 65 |
... |
66 | 66 |
'django.contrib.auth.backends.ModelBackend', |
67 | 67 |
) |
... | ... | |
73 | 73 |
) |
74 | 74 |
|
75 | 75 |
As the application includes a "Nearest Eduroam" functionality, world eduroam points are harvested via the eduroam.org kml file:: |
76 |
|
|
76 |
|
|
77 | 77 |
EDUROAM_KML_URL = 'http://monitor.eduroam.org/kml/all.kml' |
78 | 78 |
|
79 |
<<<<<<< refs/remotes/origin/wheezy |
|
79 | 80 |
Depending on your AAI policy set an appropriate authEntitlement:: |
80 | 81 |
|
82 |
======= |
|
83 |
Depending on your AAI policy set an appropriate authEntitlement |
|
84 |
|
|
85 |
>>>>>>> local |
|
81 | 86 |
SHIB_AUTH_ENTITLEMENT = 'urn:mace:example.com:pki:user' |
82 | 87 |
|
83 | 88 |
Mail server parameters:: |
... | ... | |
91 | 96 |
|
92 | 97 |
Set your cache backend (if you want to use one). For production instances you can go with memcached. For development you can switch to the provided dummy instance:: |
93 | 98 |
|
99 |
<<<<<<< refs/remotes/origin/wheezy |
|
94 | 100 |
CACHES = { |
95 | 101 |
'default': { |
96 | 102 |
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', |
97 | 103 |
'LOCATION': '127.0.0.1:11211', |
98 | 104 |
} |
99 | 105 |
} |
106 |
======= |
|
107 |
|
|
108 |
CACHE_BACKEND = 'memcached://127.0.0.1:11211/?timeout=5184000' |
|
109 |
>>>>>>> local |
|
100 | 110 |
|
101 | 111 |
Models Name_i18n and URL_i18n include a language choice field |
102 | 112 |
If languages are the same with LANGUAGES variable, simply do URL_NAME_LANGS = LANGUAGES else set your own:: |
... | ... | |
110 | 120 |
|
111 | 121 |
# Frontend country specific vars, eg. Greece |
112 | 122 |
NRO_COUNTRY_NAME = _('My Country') |
113 |
# Variable used by context_processor to display the "eduroam | <country_code>" in base.html
|
|
123 |
# Variable used by context_processor to display the "eduroam | <country_code>" in base.html |
|
114 | 124 |
NRO_COUNTRY_CODE = 'gr' |
115 | 125 |
# main domain url used in right top icon, eg. http://www.grnet.gr |
116 | 126 |
NRO_DOMAIN_MAIN_URL = "http://www.example.com" |
... | ... | |
118 | 128 |
NRO_PROV_BY_DICT = {"name": "EXAMPLE DEV TEAM", "url": "http://devteam.example.com"} |
119 | 129 |
#NRO social media contact (Use: // to preserve https) |
120 | 130 |
NRO_PROV_SOCIAL_MEDIA_CONTACT = [ |
121 |
{"url":"//soc.media.url", "icon":"icon.png", "name":"NAME1(eg. Facebook)"},
|
|
131 |
{"url":"//soc.media.url", "icon":"icon.png", "name":"NAME1(eg. Facebook)"}, |
|
122 | 132 |
{"url":"//soc.media.url", "icon":"icon.png", "name":"NAME2(eg. Twitter)"}, |
123 | 133 |
] |
124 | 134 |
# map center (lat, lng) |
125 | 135 |
MAP_CENTER = (36.97, 23.71) |
126 |
#Helpdesk, used in base.html:
|
|
136 |
#Helpdesk, used in base.html: |
|
127 | 137 |
NRO_DOMAIN_HELPDESK_DICT = {"name": _("Domain Helpdesk"), 'email':'helpdesk@example.com', 'phone': '12324567890', 'uri': 'helpdesk.example.com'} |
128 | 138 |
|
129 |
Set the Realm country for REALM model::
|
|
139 |
Set the Realm country for REALM model:: |
|
130 | 140 |
|
131 | 141 |
#Countries for Realm model: |
132 | 142 |
REALM_COUNTRIES = ( |
... | ... | |
144 | 154 |
|
145 | 155 |
Django Social Auth parameters:: |
146 | 156 |
|
157 |
<<<<<<< refs/remotes/origin/wheezy |
|
147 | 158 |
TWITTER_CONSUMER_KEY = '' |
148 | 159 |
TWITTER_CONSUMER_SECRET = '' |
149 | 160 |
|
... | ... | |
218 | 229 |
} |
219 | 230 |
|
220 | 231 |
For more administrative info on eduroam CAT, you can visit: `A guide to eduroam CAT for federation administrators <https://confluence.terena.org/display/H2eduroam/A+guide+to+eduroam+CAT+for+federation+administrators>`_. |
232 |
======= |
|
233 |
TWITTER_CONSUMER_KEY = '' |
|
234 |
TWITTER_CONSUMER_SECRET = '' |
|
235 |
|
|
236 |
FACEBOOK_APP_ID = '' |
|
237 |
FACEBOOK_API_SECRET = '' |
|
238 |
|
|
239 |
LINKEDIN_CONSUMER_KEY = '' |
|
240 |
LINKEDIN_CONSUMER_SECRET = '' |
|
241 |
|
|
242 |
LINKEDIN_SCOPE = ['r_basicprofile', 'r_emailaddress'] |
|
243 |
LINKEDIN_EXTRA_FIELD_SELECTORS = ['email-address', 'headline', 'industry'] |
|
244 |
LINKEDIN_EXTRA_DATA = [('id', 'id'), |
|
245 |
('first-name', 'first_name'), |
|
246 |
('last-name', 'last_name'), |
|
247 |
('email-address', 'email_address'), |
|
248 |
('headline', 'headline'), |
|
249 |
('industry', 'industry')] |
|
250 |
|
|
251 |
YAHOO_CONSUMER_KEY = '' |
|
252 |
YAHOO_CONSUMER_SECRET = '' |
|
253 |
|
|
254 |
GOOGLE_SREG_EXTRA_DATA = [] |
|
255 |
|
|
256 |
SOCIAL_AUTH_FORCE_POST_DISCONNECT = True |
|
257 |
|
|
258 |
FACEBOOK_EXTENDED_PERMISSIONS = ['email'] |
|
259 |
|
|
260 |
SOCIAL_AUTH_LOGIN_REDIRECT_URL = '/manage/' |
|
261 |
LOGIN_REDIRECT_URL = '/manage/' |
|
262 |
SOCIAL_AUTH_INACTIVE_USER_URL = '/manage/' |
|
263 |
|
|
264 |
SOCIAL_AUTH_FORCE_POST_DISCONNECT = True |
|
265 |
SOCIAL_AUTH_REDIRECT_IS_HTTPS = True |
|
266 |
SOCIAL_AUTH_CREATE_USERS = True |
|
267 |
SOCIAL_AUTH_FORCE_RANDOM_USERNAME = False |
|
268 |
SOCIAL_AUTH_SANITIZE_REDIRECTS = False |
|
269 |
|
|
270 |
|
|
271 |
|
|
272 |
SOCIAL_AUTH_PIPELINE = ( |
|
273 |
'social_auth.backends.pipeline.social.social_auth_user', |
|
274 |
'social_auth.backends.pipeline.user.get_username', |
|
275 |
'social_auth.backends.pipeline.user.create_user', |
|
276 |
'social_auth.backends.pipeline.social.associate_user', |
|
277 |
'social_auth.backends.pipeline.social.load_extra_data', |
|
278 |
'social_auth.backends.pipeline.user.update_user_details', |
|
279 |
) |
|
280 |
|
|
281 |
>>>>>>> local |
|
221 | 282 |
|
222 | 283 |
Database Sync |
223 | 284 |
^^^^^^^^^^^^^ |
... | ... | |
239 | 300 |
|
240 | 301 |
WSGIDaemonProcess djnro processes=3 threads=20 display-name=%{GROUP} |
241 | 302 |
WSGIProcessGroup djnro |
242 |
|
|
303 |
|
|
243 | 304 |
... |
244 |
|
|
305 |
|
|
245 | 306 |
<VirtualHost *:443> |
246 | 307 |
ServerName example.com |
247 | 308 |
ServerAdmin admin@example.com |
248 | 309 |
ServerSignature On |
249 |
|
|
310 |
|
|
250 | 311 |
SSLEngine on |
251 | 312 |
SSLCertificateFile ... |
252 | 313 |
SSLCertificateChainFile ... |
253 | 314 |
SSLCertificateKeyFile ... |
254 |
|
|
315 |
|
|
255 | 316 |
# Shibboleth SP configuration |
256 | 317 |
ShibConfig /etc/shibboleth/shibboleth2.xml |
257 | 318 |
Alias /shibboleth-sp /usr/share/shibboleth |
258 |
|
|
319 |
|
|
259 | 320 |
# Integration of Shibboleth into Django app: |
260 |
|
|
321 |
|
|
261 | 322 |
<Location /login> |
262 | 323 |
AuthType shibboleth |
263 | 324 |
ShibRequireSession On |
264 | 325 |
ShibUseHeaders On |
265 | 326 |
require valid-user |
266 | 327 |
</Location> |
267 |
|
|
268 |
|
|
328 |
|
|
329 |
|
|
269 | 330 |
<Location /Shibboleth.sso> |
270 | 331 |
SetHandler shib |
271 | 332 |
</Location> |
272 |
|
|
273 |
|
|
333 |
|
|
334 |
|
|
274 | 335 |
Alias /static /path/to/djnro/static |
275 | 336 |
WSGIScriptAlias / /path/to/djnro/apache/django.wsgi |
276 | 337 |
</VirtualHost> |
277 | 338 |
|
278 | 339 |
*Info*: It is strongly suggested to allow access to /admin|overview|alt-login *ONLY* from trusted subnets. |
279 |
|
|
340 |
|
|
280 | 341 |
Once you are done, restart apache. |
281 | 342 |
|
282 | 343 |
Initial Data |
... | ... | |
285 | 346 |
The approach in the application is that the NRO sets the environment for the local eduroam admins. Towards that direction, the NRO has to insert the initial data for his/her clients/institutions in the *Institutions* Model |
286 | 347 |
|
287 | 348 |
Next Steps (Set your Logo) |
349 |
<<<<<<< refs/remotes/origin/wheezy |
|
288 | 350 |
^^^^^^^^^^^^^^^^^^^^^^^^^^ |
289 |
The majority of branding is done via the NRO variables in settings.py. You might also want to change the logo of the application. Inside the static/img/eduroam_branding folder you will find the xcf (Gimp) logo files logo_holder, logo small. Edit with Gimp according to your needs and save as logo_holder.png and logo_small.png inside the static/img folder. To change the domain logo on top right, replace the static/img/right_logo_small.png file with your own logo (86x40). |
|
351 |
The majority of branding is done via the NRO variables in settings.py. You might also want to change the logo of the application. Inside the static/img/eduroam_branding folder you will find the xcf (Gimp) logo files logo_holder, logo small. Edit with Gimp according to your needs and save as logo_holder.png and logo_small.png inside the static/img folder. To change the domain logo on top right, replace the static/img/right_logo_small.png file with your own logo (86x40). |
|
352 |
======= |
|
353 |
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
|
354 |
The majority of branding is done via the NRO variables in settings.py. You might also want to change the logo of the application. Inside the static/img/eduroam_branding folder you will find the xcf (Gimp) logo files logo_holder, logo small. Edit with Gimp according to your needs and save as logo_holder.png and logo_small.png inside the static/img folder. To change the domain logo on top right, replace the static/img/right_logo_small.png file with your own logo (86x40). |
|
355 |
>>>>>>> local |
b/docs/source/require.rst | ||
---|---|---|
9 | 9 |
DjNRO heavily depends on the following: |
10 | 10 |
|
11 | 11 |
* Python (<3 & >=2.6) |
12 |
<<<<<<< refs/remotes/origin/wheezy |
|
12 | 13 |
* Django (1.4) - python-django |
14 |
======= |
|
15 |
* Django (>=1.4) - python-django |
|
16 |
>>>>>>> local |
|
13 | 17 |
* memcached |
14 | 18 |
* python-mysqldb (If you wish to use MySQL as the DB backend) |
15 | 19 |
* mysql-client-5.1 |
... | ... | |
22 | 26 |
* libapache2-mod-wsgi |
23 | 27 |
* apache2-shibboleth : The server should be setup as a Shibboleth SP |
24 | 28 |
* A mail server - Tested with exim |
29 |
* python-oauth2 |
|
30 |
* python-requests |
|
31 |
* python-lxml |
|
32 |
* python-yaml |
|
25 | 33 |
|
26 | 34 |
Django Social Auth |
27 | 35 |
------------------ |
... | ... | |
35 | 43 |
* django-social-auth |
36 | 44 |
|
37 | 45 |
* OpenId support depends on python-openid |
46 |
<<<<<<< refs/remotes/origin/wheezy |
|
38 | 47 |
|
39 | 48 |
* OAuth support depends on python-oauth2 |
49 |
======= |
|
50 |
|
|
51 |
* OAuth support depends on python-oauth2 |
|
52 |
|
|
53 |
|
|
54 |
|
|
55 |
|
|
56 |
>>>>>>> local |
Also available in: Unified diff