""" Django settings for closedverse project. Generated by 'django-admin startproject' using Django 2.2.13. For more information on this file, see https://docs.djangoproject.com/en/2.2/topics/settings/ For the full list of settings and their values, see https://docs.djangoproject.com/en/2.2/ref/settings/ """ import os from django.conf.global_settings import PASSWORD_HASHERS # Build paths inside the project like this: os.path.join(BASE_DIR, ...) BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/2.2/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! (If you want a website that can generate key https://miniwebtool.com/django-secret-key-generator/ goto here.) SECRET_KEY = '' # SECURITY WARNING: don't run with debug turned on in production! DEBUG = False # Add your domain or IP here. # Do not include 127.0.0.1 or localhost in production for security reasons. ALLOWED_HOSTS = [ '127.0.0.1', 'localhost', ] DEFAULT_AUTO_FIELD = 'django.db.models.AutoField' STATIC_URL = '/s/' MEDIA_URL = '/i/' # Application definition INSTALLED_APPS = [ 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'markdown_deux', 'closedverse_main', # Comment this out to disable file cleanup. 'django_cleanup.apps.CleanupConfig', ] X_FRAME_OPTIONS='SAMEORIGIN' MIDDLEWARE = [ # Uncomment if you need HTTP_X_FORWARDED_FOR support. If you're using Cloudflare, you will need this.' #'closedverse_main.middleware.ProxyMiddleware', 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'closedverse_main.middleware.ClosedMiddleware', 'closedverse_main.middleware.CheckForBanMiddleware', ] if not DEBUG: MIDDLEWARE += ['whitenoise.middleware.WhiteNoiseMiddleware'] ROOT_URLCONF = 'closedverse.urls' TEMPLATES = [ { 'BACKEND': 'django.template.backends.django.DjangoTemplates', 'DIRS': [], 'APP_DIRS': True, 'OPTIONS': { 'context_processors': [ 'django.template.context_processors.debug', 'django.template.context_processors.request', 'django.contrib.auth.context_processors.auth', 'django.contrib.messages.context_processors.messages', 'closedverse_main.context_processors.brand_name_universal', ], }, }, ] WSGI_APPLICATION = 'closedverse.wsgi.application' # Database # https://docs.djangoproject.com/en/2.2/ref/settings/#databases DATABASES = { 'default': { 'ENGINE': 'django.db.backends.sqlite3', 'NAME': os.path.join(BASE_DIR, 'sql.sqlite3'), } } # Uncomment the below and comment the above DATABASES to use MySQL instead of SQLite. #DATABASES = { # 'default': { # 'ENGINE': 'django.db.backends.mysql', # 'NAME': 'database-name', # 'USER': 'username', # 'PASSWORD': 'user-password', # 'HOST': '127.0.0.1', # 'PORT': '3306', # } #} # Password validation # https://docs.djangoproject.com/en/2.2/ref/settings/#auth-password-validators # only use these when debug is not enabled so that making dummy accounts in debug is easier if not DEBUG: AUTH_PASSWORD_VALIDATORS = [ { 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', }, { 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', }, { 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', }, { 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', }, ] # append the old passlib hasher to the end of PASSWORD_HASHERS # you only need this if your closedverse instance has passwords from before 08/2023, otherwise leave it commented # although django has a bcrypt sha256 method, it's not compatible with passlib's, which is what closedverse used # python3 -m pip install django-hashers-passlib #PASSWORD_HASHERS += ['hashers_passlib.bcrypt_sha256'] # Internationalization # https://docs.djangoproject.com/en/2.2/topics/i18n/ LANGUAGE_CODE = 'en-us' # replace with your own timezone TIME_ZONE = 'America/New_York' # Disable internationalization because Closedverse doesn't use it USE_I18N = False USE_L10N = False USE_TZ = True # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/2.2/howto/static-files/ #STATIC_URL = '/static/' if not DEBUG: # without this, this will not serve static for admin (and other apps potentially) WHITENOISE_USE_FINDERS = True STATICFILES_STORAGE = 'whitenoise.storage.CompressedStaticFilesStorage' STATIC_ROOT = os.path.join(BASE_DIR, 'static/') else: # Define static files in the base directory STATICFILES_DIRS = [ os.path.join(BASE_DIR, 'static/'), ] # Closedverse models and routes for Django AUTH_USER_MODEL = 'closedverse_main.User' CSRF_FAILURE_VIEW = 'closedverse_main.views.csrf_fail' LOGIN_URL = '/login/' LOGIN_REDIRECT_URL = '/login/' # User-uploaded media paths for Closedverse #MEDIA_URL = '/media/' # Must end with a trailing slash MEDIA_ROOT = os.path.join(BASE_DIR, 'media/') # Settings for markdown_deux, a module # that Closedverse uses in user messages MARKDOWN_DEUX_STYLES = { 'default': { 'extras': { 'code-friendly': None, }, 'safe_mode': 'escape', }, } # Initialize version and Git URL CLOSEDVERSE_GIT_VERSION = 'unknown' CLOSEDVERSE_GIT_URL = '' CLOSEDVERSE_GIT_HAS_CHANGES = False # Only set git version/URL if .git folder exists if os.path.isdir(os.path.join(BASE_DIR, '.git')): # Get version from Git. This is shown in the layout git_process = os.popen('git rev-parse HEAD', 'r') CLOSEDVERSE_GIT_VERSION = git_process.read()[:-1] # if this command returns a non-zero exit code, then # there have been some changes so let's indicate that if os.system('git diff-index --quiet HEAD --'): CLOSEDVERSE_GIT_HAS_CHANGES = True git_process = os.popen('git remote get-url origin', 'r') CLOSEDVERSE_GIT_URL = git_process.read()[:-1] try: git_url_without_ext = CLOSEDVERSE_GIT_URL.split('.git')[0] except IndexError: pass else: CLOSEDVERSE_GIT_URL = git_url_without_ext + '/commit/' + CLOSEDVERSE_GIT_VERSION # Google reCAPTCHA (v2) settings # This feature won't work if these fields are not populated. RECAPTCHA_PUBLIC_KEY = None RECAPTCHA_PRIVATE_KEY = None # Key for IPHub service for Closedverse, which detects proxies. IPHUB_KEY = None # If this is set to True, then users will receive an error # upon trying to sign up for the site behind a proxy. # Uses IPHub service and requires an API key defined above. DISALLOW_PROXY = False # Setting this to True forces every user to log in/ # sign up for the site to view any content. FORCE_LOGIN = False # A list of URLs that are always accessible # whether the above value is set or not. LOGIN_EXEMPT_URLS = { r'^login/$', r'^signup/$', r'^logout/$', r'^reset/$', r'^help/rules$', r'^help/contact$', r'^help/login$', r'^s/.*$', } # The max file size allowed. (default: 10*1024*1024") max_file_size = 10*1024*1024 # allow sign ups. allow_signups = True # Whatever the reason may be, you have the option to make your clone invite only. invite_only = False # Minimum level required to view IP addresses and user agents. (default: 10) # Mods under this level will still be able to manage users, however will not be able to view any sensitive data. # Set this to 0 to prevent anyone from viewing data. min_lvl_metadata_perms = 15 # if someone's level is equal or above this, they can edit the most communities on your clone. level_needed_to_man_communities = 5 # if someone's level is equal or above this, they can edit any user with a lower level on your clone. level_needed_to_man_users = 5 # Set the default theme here! Set this to None to use the normal Closedverse theme. site_wide_theme_hex = None # age (minimal 13 due to C.O.P.P.A) age_allowed = "13" # brand name currently being implemented throughout templates brand_name = "Cedar" memo_title = 'Cedar-Django' memo_msg = """

Cedar

what

Why is this person rehosting it?

im bored

""" XFF_TRUSTED_PROXY_DEPTH = 1 XFF_STRICT = True XFF_NO_SPOOFING = True XFF_ALWAYS_PROXY = True XFF_HEADER_REQUIRED = True # uncomment this if you want miis to be retrieved on the server #mii_endpoint = '/origin?a='