2013-09-10 01:20:43 +04:00
###############################################################################
# MISC PROJECT SETTINGS
###############################################################################
2013-06-15 12:10:11 +04:00
ADMINS = (
#('Joe Admin', 'joeadmin@example.com'),
)
DATABASES = {
' default ' : {
' ENGINE ' : ' django.db.backends.postgresql_psycopg2 ' ,
2013-06-23 21:21:02 +04:00
' NAME ' : ' awx ' ,
' USER ' : ' awx ' ,
2013-06-15 12:10:11 +04:00
' PASSWORD ' : ' AWsecret ' ,
' HOST ' : ' ' ,
' PORT ' : ' ' ,
}
}
2013-06-28 14:07:58 +04:00
# Use SQLite for unit tests instead of PostgreSQL.
if len ( sys . argv ) > = 2 and sys . argv [ 1 ] == ' test ' :
DATABASES = {
' default ' : {
' ENGINE ' : ' django.db.backends.sqlite3 ' ,
' NAME ' : ' var/lib/awx/awx.sqlite3 ' ,
# Test database cannot be :memory: for celery/inventory tests.
' TEST_NAME ' : ' /var/lib/awx/awx_test.sqlite3 ' ,
}
}
2013-06-23 21:21:02 +04:00
STATIC_ROOT = ' /var/lib/awx/public/static '
2013-06-15 12:10:11 +04:00
2013-06-23 21:21:02 +04:00
PROJECTS_ROOT = ' /var/lib/awx/projects '
2013-06-15 12:10:11 +04:00
2013-06-23 21:21:02 +04:00
SECRET_KEY = file ( ' /etc/awx/SECRET_KEY ' , ' rb ' ) . read ( ) . strip ( )
2013-06-15 12:10:11 +04:00
ALLOWED_HOSTS = [ ' * ' ]
2013-07-16 09:39:17 +04:00
AWX_TASK_ENV [ ' HOME ' ] = ' /var/lib/awx '
AWX_TASK_ENV [ ' USER ' ] = ' awx '
2013-09-10 01:20:43 +04:00
###############################################################################
# EMAIL SETTINGS
###############################################################################
2013-06-15 12:10:11 +04:00
SERVER_EMAIL = ' root@localhost '
DEFAULT_FROM_EMAIL = ' webmaster@localhost '
2013-06-23 23:40:07 +04:00
EMAIL_SUBJECT_PREFIX = ' [AnsibleWorks] '
2013-06-15 12:10:11 +04:00
EMAIL_HOST = ' localhost '
EMAIL_PORT = 25
EMAIL_HOST_USER = ' '
EMAIL_HOST_PASSWORD = ' '
EMAIL_USE_TLS = False
2013-09-08 00:14:43 +04:00
2013-09-10 01:20:43 +04:00
###############################################################################
# LOGGING SETTINGS
###############################################################################
LOGGING [ ' handlers ' ] [ ' syslog ' ] = {
# ERROR captures 500 errors, WARNING also logs 4xx responses.
' level ' : ' ERROR ' ,
' filters ' : [ ' require_debug_false ' ] ,
' class ' : ' logging.handlers.SysLogHandler ' ,
' address ' : ' /dev/log ' ,
' facility ' : ' local0 ' ,
' formatter ' : ' simple ' ,
}
###############################################################################
# LDAP AUTHENTICATION SETTINGS
###############################################################################
# Refer to django-auth-ldap docs for more details:
2013-09-08 00:14:43 +04:00
# http://pythonhosted.org/django-auth-ldap/authentication.html
2013-09-10 01:20:43 +04:00
# LDAP server URI, such as "ldap://ldap.example.com:389" (non-SSL) or
# "ldaps://ldap.example.com:636" (SSL). LDAP authentication is disable if this
# parameter is empty.
2013-09-08 00:14:43 +04:00
AUTH_LDAP_SERVER_URI = ' '
2013-09-10 01:20:43 +04:00
# DN of user to bind for all search queries. Normally in the format
# "CN=Some User,OU=Users,DC=example,DC=com" but may also be specified as
# "DOMAIN\username" for Active Directory.
2013-09-08 00:14:43 +04:00
AUTH_LDAP_BIND_DN = ' '
2013-09-10 01:20:43 +04:00
# Password using to bind above user account.
2013-09-08 00:14:43 +04:00
AUTH_LDAP_BIND_PASSWORD = ' '
2013-09-10 01:20:43 +04:00
# Enable TLS when the connection is not using SSL.
2013-09-08 00:14:43 +04:00
AUTH_LDAP_START_TLS = False
2013-09-10 01:20:43 +04:00
# Imports needed for remaining LDAP configuration.
import ldap
from django_auth_ldap . config import LDAPSearch , LDAPSearchUnion
from django_auth_ldap . config import ActiveDirectoryGroupType
2013-09-08 00:14:43 +04:00
# LDAP search query to find users.
2013-09-10 01:20:43 +04:00
AUTH_LDAP_USER_SEARCH = LDAPSearch (
' OU=Users,DC=example,DC=com ' , # Base DN
ldap . SCOPE_SUBTREE , # SCOPE_BASE, SCOPE_ONELEVEL, SCOPE_SUBTREE
' (sAMAccountName= %(user)s ) ' , # Query
)
# Alternative to user search, if user DNs are all of the same format.
#AUTH_LDAP_USER_DN_TEMPLATE = 'uid=%(user)s,OU=Users,DC=example,DC=com'
# Mapping of LDAP to user atrributes (key is user attribute name, value is LDAP
# attribute name).
AUTH_LDAP_USER_ATTR_MAP = {
' first_name ' : ' givenName ' ,
' last_name ' : ' sn ' ,
' email ' : ' mail ' ,
}
# LDAP search query to find groups. Does not support LDAPSearchUnion.
AUTH_LDAP_GROUP_SEARCH = LDAPSearch (
' DC=example,DC=com ' , # Base DN
ldap . SCOPE_SUBTREE , # SCOPE_BASE, SCOPE_ONELEVEL, SCOPE_SUBTREE
' (objectClass=group) ' , # Query
)
# Type of group returned by the search above. Should be one of the types
# listed at: http://pythonhosted.org/django-auth-ldap/groups.html#types-of-groups
AUTH_LDAP_GROUP_TYPE = ActiveDirectoryGroupType ( )
# Group DN required to login. If specified, user must be a member of this
# group to login via LDAP.
AUTH_LDAP_REQUIRE_GROUP = ' '
# Group DN denied from login. If specified, user will not be allowed to login
# if a member of this group.
AUTH_LDAP_DENY_GROUP = ' '
# User profile flags updated from group membership (key is user attribute name,
# value is group DN).
AUTH_LDAP_USER_FLAGS_BY_GROUP = {
#'is_superuser': 'CN=Domain Admins,CN=Users,DC=example,DC=com',
}
# Mapping between organization admins/users and LDAP groups. Keys are
# organization names (will be created if not present). Values are dictionaries
# of options for each organization's membership, where each can contain the
# following parameters:
# - remove: True/False. Defaults to False. Specifies the default for
# remove_admins or remove_users if those parameters aren't explicitly set.
# - admins: None, True/False, string or list/tuple of strings.
# If None, organization admins will not be updated.
# If True/False, all LDAP users will be added/removed as admins.
# If a string or list of strings, specifies the group DN(s). User will be
# added as an org admin if the user is a member of ANY of these groups.
# - remove_admins: True/False. Defaults to False. If True, a user who is not an
# member of the given groups will be removed from the organization's admins.
# - users: None, True/False, string or list/tuple of strings. Same rules apply
# as for admins.
# - remove_users: True/False. Defaults to False. If True, a user who is not a
# member of the given groups will be removed from the organization's users.
AUTH_LDAP_ORGANIZATION_MAP = {
#'Test Org': {
# 'admins': 'CN=Domain Admins,CN=Users,DC=example,DC=com',
# 'users': ['CN=Domain Users,CN=Users,DC=example,DC=com'],
#},
#'Test Org 2': {
# 'admins': ['CN=Administrators,CN=Builtin,DC=example,DC=com'],
# 'users': True,
#},
}