From f33647aae784cfdccd35f3d3a79d50bafaa990e1 Mon Sep 17 00:00:00 2001 From: Ricky Elrod Date: Tue, 6 Sep 2016 04:26:53 +0000 Subject: [PATCH] modernpaste config templates Signed-off-by: Ricky Elrod --- roles/modernpaste/tasks/main.yml | 26 +++++++ roles/modernpaste/templates/config.py | 84 +++++++++++++++++++++ roles/modernpaste/templates/flask_config.py | 8 ++ 3 files changed, 118 insertions(+) create mode 100644 roles/modernpaste/templates/config.py create mode 100644 roles/modernpaste/templates/flask_config.py diff --git a/roles/modernpaste/tasks/main.yml b/roles/modernpaste/tasks/main.yml index 635d1da011..700b5eb08e 100644 --- a/roles/modernpaste/tasks/main.yml +++ b/roles/modernpaste/tasks/main.yml @@ -22,3 +22,29 @@ tags: - packages - modernpaste + +- name: modernpaste config + template: src=config.py dest=/etc/modern-paste/config.py owner=apache group=apache mode=600 + tags: + - config + - modernpaste + notify: reload httpd + +- name: modernpaste flask config + template: src=flask_config.py dest=/etc/modern-paste/flask_config.py owner=apache group=apache mode=600 + tags: + - config + - modernpaste + notify: reload httpd + +- name: set sebooleans so paste can talk to the db + seboolean: name=httpd_can_network_connect_db state=true persistent=true + tags: + - config + - selinux + - modernpaste + +- name: startup apache + service: name=httpd enabled=yes state=started + tags: + - modernpaste diff --git a/roles/modernpaste/templates/config.py b/roles/modernpaste/templates/config.py new file mode 100644 index 0000000000..9735066908 --- /dev/null +++ b/roles/modernpaste/templates/config.py @@ -0,0 +1,84 @@ +import constants + + +# Domain from which you will access this app +# If running on a port other than 80, append it after a colon at the end of the domain, e.g. 'domain.com:8080' +DOMAIN = 'modernpaste.stg.fedoraproject.org' + +# Use HTTPS by default? +# This is only used for deciding whether to use the http:// or https:// prefix when constructing full URLs, +# and is not related to your web server configuration. +DEFAULT_HTTPS = True + +# The type of build environment +# build_environment.DEV won't minify CSS and Closure-compile JavaScript; build_environment.PROD will. +# Dev and prod environments also use separate databases, modern_paste_dev and modern_paste, respectively. +BUILD_ENVIRONMENT = constants.build_environment.PROD + +# Option to use encrypted IDs rather than integer IDs +# Set this to True if you want paste IDs to be encrypted, e.g. displayed as h0GZ19np17iT~CtpuIH3NcnRi-rYnlYzizqToCmG3BY= +# If False, IDs will be displayed as regular, incrementing integers, e.g. 1, 2, 3, etc. +USE_ENCRYPTED_IDS = True + +# Choose to allow paste attachments +# This will allow for users to attach files and images to pastes. If disabled, the MAX_ATTACHMENT_SIZE and +# ATTACHMENTS_DIR configuration constants will be ignored. +ENABLE_PASTE_ATTACHMENTS = True + +# Allow only paste attachments below a certain size threshold, in MB +# Set this to 0 for an unlimited file size. +MAX_ATTACHMENT_SIZE = 5 + +# Location to store paste attachments +# Please use an absolute path and ensure that it is writable by www-data. +ATTACHMENTS_DIR = '/var/www/modern-paste-attachments' + +# Choose to enable or disable user registration +# If False, the web interface will not allow access to the user registration page. Additionally, the API endpoint +# for creating new users will respond with an error. +# This is useful for private or internal installations that aren't intended for public use. +ENABLE_USER_REGISTRATION = False + +# Choose to require users to be logged in to post pastes +# If True, the web interface will allow access to the paste post interface only if the user is signed in. Additionally, +# the API endpoint for creating new pastes will respond with an error if not authenticated with an API key tied to an +# existing, active user. +# This is useful for private or internal installations that aren't intended for public use. +REQUIRE_LOGIN_TO_PASTE = False + +# AES key for generating encrypted IDs +# This is only relevant if USE_ENCRYPTED_IDS above is True. If not, this config parameter can be ignored. +# It is recommended, but not strictly required, for you to replace the string below with the output of os.urandom(32), +# so that the encrypted IDs generated for the app are specific to this installation. +ID_ENCRYPTION_KEY = '6\x80\x18\xdc\xcf \xad\x14U\xa7\x05X\x7f\x81\x01\xd5\x19i\xf3S;\xcaL\xcf\xe2\x8d\x82\x1a\x12\xd9}\x8c' + +# Flask session secret key +# IMPORTANT NOTE: Open up a Python terminal, and replace the below with the output of os.urandom(32) +# This secret key should be different for every installation of Modern Paste. +FLASK_SECRET_KEY = '{{modernpaste_stg_session_key}}' + +# Languages +# A list of all languages you want to support with the app. Add 'text' for plain text support. +# Only use strings from the directory app/static/build/lib/codemirror/mode +LANGUAGES = [ + 'text', + 'clike', + 'cmake', + 'coffeescript', + 'css', + 'diff', + 'fortran', + 'htmlmixed', + 'javascript', + 'jinja2', + 'markdown', + 'octave', + 'php', + 'python', + 'sass', + 'sql', + 'verilog', + 'vhdl', + 'xml', + 'yaml', +] diff --git a/roles/modernpaste/templates/flask_config.py b/roles/modernpaste/templates/flask_config.py new file mode 100644 index 0000000000..685b8fd496 --- /dev/null +++ b/roles/modernpaste/templates/flask_config.py @@ -0,0 +1,8 @@ +import config +import constants + +SQLALCHEMY_DATABASE_URI = 'postgres://{{modernpaste_stg_db_user}}:{{modernpaste_stg_db_password}}@db01/modernpaste' +SQLALCHEMY_TRACK_MODIFICATIONS = False + +# Flask session secret key +SECRET_KEY = config.FLASK_SECRET_KEY