From 8765ded88f49808214d6516b40c376548c7d1769 Mon Sep 17 00:00:00 2001 From: Charles Connell Date: Sat, 24 May 2014 11:29:00 -0400 Subject: [PATCH] Make ssl redirection a separate config --- .env.example | 2 ++ Procfile | 2 -- README.md | 3 +++ karmaworld/settings/prod.py | 41 ++++++++++++++++++------------------- 4 files changed, 25 insertions(+), 23 deletions(-) diff --git a/.env.example b/.env.example index aab7414..f2ac734 100644 --- a/.env.example +++ b/.env.example @@ -7,6 +7,8 @@ AWS_STORAGE_BUCKET_NAME='bucket_name' CLOUDFRONT_DOMAIN='foo.cloudfront.net' #MTURK_HOST='mechanicalturk.amazonaws.com' +SSL_REDIRECT=true + GOOGLE_CLIENT_SECRETS='{"web": {"json": "goes here"} }' GOOGLE_USER='GoogleApps@Email.Address' GOOGLE_SERVICE_KEY_BASE64='Base64EncodedP12FileContentsGoHere' diff --git a/Procfile b/Procfile index d7235b4..1d0d904 100644 --- a/Procfile +++ b/Procfile @@ -1,4 +1,2 @@ web: gunicorn karmaworld.wsgi -celeryworker: python manage.py celery worker --pidfile=/tmp/celeryd.pid -l info -celerybeat: python manage.py celery beat --pidfile=/tmp/beat.pid -l info celerywrapper: sh celerywrapper.sh diff --git a/README.md b/README.md index 6e429d3..f44917b 100644 --- a/README.md +++ b/README.md @@ -254,6 +254,9 @@ signed by a proper authority. Follow [Heroku's SSL setup](https://devcenter.heroku.com/articles/ssl-endpoint) to get SSL running on your server. +You may set the `SSL_REDIRECT` environment variable to `true` to make KarmaNotes +redirect insecure connections to secure ones. + # Local Install KarmaNotes is a Heroku application. Download the [Heroku toolbelt](https://toolbelt.heroku.com/). diff --git a/karmaworld/settings/prod.py b/karmaworld/settings/prod.py index 5e2be52..ab26094 100644 --- a/karmaworld/settings/prod.py +++ b/karmaworld/settings/prod.py @@ -8,29 +8,21 @@ from S3 import CallingFormat from common import * +########## EMAIL CONFIGURATION try: # Include email is settings are there - SMTP_HOST = os.environ['SMTP_HOST'] - SMTP_USERNAME = os.environ['SMTP_USERNAME'] - SMTP_PASSWORD = os.environ['SMTP_PASSWORD'] - EMAIL = True -except: - EMAIL = False + # See: https://docs.djangoproject.com/en/dev/ref/settings/#email-host + EMAIL_HOST = os.environ['SMTP_HOST'] + + # See: https://docs.djangoproject.com/en/dev/ref/settings/#email-host-user + EMAIL_HOST_USER = os.environ['SMTP_USERNAME'] + + # See: https://docs.djangoproject.com/en/dev/ref/settings/#email-host-password + EMAIL_HOST_PASSWORD = os.environ['SMTP_PASSWORD'] -########## EMAIL CONFIGURATION -if EMAIL: # See: https://docs.djangoproject.com/en/dev/ref/settings/#email-backend EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' - # See: https://docs.djangoproject.com/en/dev/ref/settings/#email-host - EMAIL_HOST = environ.get('EMAIL_HOST', SMTP_HOST) - - # See: https://docs.djangoproject.com/en/dev/ref/settings/#email-host-password - EMAIL_HOST_PASSWORD = environ.get('EMAIL_HOST_PASSWORD', SMTP_PASSWORD) - - # See: https://docs.djangoproject.com/en/dev/ref/settings/#email-host-user - EMAIL_HOST_USER = environ.get('EMAIL_HOST_USER', SMTP_USERNAME) - # See: https://docs.djangoproject.com/en/dev/ref/settings/#email-port EMAIL_PORT = environ.get('EMAIL_PORT', 587) @@ -44,6 +36,11 @@ if EMAIL: # See: https://docs.djangoproject.com/en/dev/ref/settings/#server-email SERVER_EMAIL = EMAIL_HOST_USER + + EMAIL = True + +except: + EMAIL = False ########## END EMAIL CONFIGURATION @@ -105,7 +102,6 @@ CELERY_TIMEZONE = 'UTC' INSTALLED_APPS += ( 'storages', 'gunicorn', - 'sslify', ) # See: http://django-storages.readthedocs.org/en/latest/backends/amazon-S3.html#settings @@ -134,9 +130,12 @@ STATIC_URL = '//' + os.environ['CLOUDFRONT_DOMAIN'] + '/' + AWS_LOCATION + '/' ########## SSL FORWARDING CONFIGURATION SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') -MIDDLEWARE_CLASSES = ( - 'sslify.middleware.SSLifyMiddleware', -) + MIDDLEWARE_CLASSES + +if os.environ.get('SSL_REDIRECT', False) == 'true': + INSTALLED_APPS += ('sslify',) + MIDDLEWARE_CLASSES = ( + 'sslify.middleware.SSLifyMiddleware', + ) + MIDDLEWARE_CLASSES ########## END SSL FORWARDING CONFIGURATION ########## COMPRESSION CONFIGURATION -- 2.25.1