diff options
Diffstat (limited to 'modoboa')
-rw-r--r-- | modoboa/gunicorn.conf.py | 8 | ||||
-rw-r--r-- | modoboa/settings.py | 356 |
2 files changed, 364 insertions, 0 deletions
diff --git a/modoboa/gunicorn.conf.py b/modoboa/gunicorn.conf.py new file mode 100644 index 0000000..061243c --- /dev/null +++ b/modoboa/gunicorn.conf.py @@ -0,0 +1,8 @@ +backlog = 2048 +bind = "unix:/opt/modoboa/gunicorn.sock" +pidfile = "/opt/modoboa/gunicorn.pid" +daemon = False +debug = True +workers = 2 +logfile = "/var/log/modoboa/gunicorn.log" +loglevel = "debug" diff --git a/modoboa/settings.py b/modoboa/settings.py new file mode 100644 index 0000000..3539785 --- /dev/null +++ b/modoboa/settings.py @@ -0,0 +1,356 @@ +""" +Django settings for instance01 project. + +For more information on this file, see +https://docs.djangoproject.com/en/2.2/topics/settings/ + +For the full list of settings and their values, see +https://docs.djangoproject.com/en/2.2/ref/settings/ +""" + +from logging.handlers import SysLogHandler +import os + + + +# Build paths inside the project like this: os.path.join(BASE_DIR, ...) +BASE_DIR = os.path.realpath(os.path.dirname(os.path.dirname(__file__))) + + +# Quick-start development settings - unsuitable for production +# See https://docs.djangoproject.com/en/2.2/howto/deployment/checklist/ + +# SECURITY WARNING: keep the secret key used in production secret! +SECRET_KEY = 'xxx' + +# SECURITY WARNING: don't run with debug turned on in production! +DEBUG = False + +ALLOWED_HOSTS = [ + 'modoboa-theia-local.local', +] + +SITE_ID = 1 + +# A list of all the people who get code error notifications. When DEBUG=False +# and a view raises an exception, Django will email these people with the full +# exception information. +# See https://docs.djangoproject.com/en/dev/ref/settings/#admins +#ADMINS = [('Administrator', 'admin@example.net')] + +# The email address that error messages come from, such as those sent to ADMINS +#SERVER_EMAIL = 'webmaster@example.net' + +# Security settings + +X_FRAME_OPTIONS = "SAMEORIGIN" +CSRF_COOKIE_DOMAIN = "modoboa-theia.local" +CSRF_COOKIE_SECURE = True +SESSION_COOKIE_SECURE = True + +# Application definition + +INSTALLED_APPS = ( + 'django.contrib.auth', + 'django.contrib.contenttypes', + 'django.contrib.sessions', + 'django.contrib.messages', + 'django.contrib.sites', + 'django.contrib.staticfiles', + 'reversion', + 'ckeditor', + 'ckeditor_uploader', + 'rest_framework', + 'rest_framework.authtoken', + 'phonenumber_field', + 'django_otp', + 'django_otp.plugins.otp_totp', + 'django_otp.plugins.otp_static', + +) + +# A dedicated place to register Modoboa applications +# Do not delete it. +# Do not change the order. +MODOBOA_APPS = ( + 'modoboa', + 'modoboa.core', + 'modoboa.lib', + 'modoboa.admin', + 'modoboa.transport', + 'modoboa.relaydomains', + 'modoboa.limits', + 'modoboa.parameters', + 'modoboa.dnstools', + 'modoboa.policyd', + 'modoboa.maillog', + # Modoboa extensions here. + 'modoboa_dmarc', + 'modoboa_imap_migration', +# 'modoboa_pdfcredentials', + 'modoboa_postfix_autoreply', + 'modoboa_sievefilters', + 'modoboa_webmail', + +) + +INSTALLED_APPS += MODOBOA_APPS + +AUTH_USER_MODEL = 'core.User' + +MIDDLEWARE = ( + 'x_forwarded_for.middleware.XForwardedForMiddleware', + 'django.contrib.sessions.middleware.SessionMiddleware', + 'django.middleware.common.CommonMiddleware', + 'django.middleware.csrf.CsrfViewMiddleware', + 'django.contrib.auth.middleware.AuthenticationMiddleware', + 'django_otp.middleware.OTPMiddleware', + 'modoboa.core.middleware.TwoFAMiddleware', + 'django.contrib.messages.middleware.MessageMiddleware', + 'django.middleware.locale.LocaleMiddleware', + 'django.middleware.clickjacking.XFrameOptionsMiddleware', + 'modoboa.core.middleware.LocalConfigMiddleware', + 'modoboa.lib.middleware.AjaxLoginRedirect', + 'modoboa.lib.middleware.CommonExceptionCatcher', + 'modoboa.lib.middleware.RequestCatcherMiddleware', +) + +AUTHENTICATION_BACKENDS = ( + # 'modoboa.lib.authbackends.LDAPBackend', + # 'modoboa.lib.authbackends.SMTPBackend', + 'django.contrib.auth.backends.ModelBackend', +) + +# SMTP authentication +# AUTH_SMTP_SERVER_ADDRESS = 'localhost' +# AUTH_SMTP_SERVER_PORT = 25 +# AUTH_SMTP_SECURED_MODE = None # 'ssl' or 'starttls' are accepted + + +TEMPLATES = [ + { + 'BACKEND': 'django.template.backends.django.DjangoTemplates', + 'DIRS': [], + 'APP_DIRS': True, + 'OPTIONS': { + 'context_processors': [ + 'django.template.context_processors.debug', + 'django.template.context_processors.request', + 'django.contrib.auth.context_processors.auth', + 'django.template.context_processors.i18n', + 'django.template.context_processors.media', + 'django.template.context_processors.static', + 'django.template.context_processors.tz', + 'django.contrib.messages.context_processors.messages', + 'modoboa.core.context_processors.top_notifications', + ], + 'debug': False, + }, + }, +] + +ROOT_URLCONF = 'instance01.urls' + +WSGI_APPLICATION = 'instance01.wsgi.application' + + +# Database +# https://docs.djangoproject.com/en/2.2/ref/settings/#databases + +DATABASES = { + + 'default': { + 'ENGINE': 'django.db.backends.mysql', + 'NAME': '$db', + 'USER': '$dbuser', + 'PASSWORD': '$dbsec', + 'HOST': '$dbhost', + 'PORT': '', + 'ATOMIC_REQUESTS': True, + 'OPTIONS' : { + "init_command" : 'SET foreign_key_checks = 0;', + }, + }, + +} + +# Internationalization +# https://docs.djangoproject.com/en/2.2/topics/i18n/ + +LANGUAGE_CODE = 'en' + +TIME_ZONE = 'UTC' + +USE_I18N = True + +USE_L10N = True + +USE_TZ = True + +# Static files (CSS, JavaScript, Images) +# https://docs.djangoproject.com/en/2.2/howto/static-files/ + +STATIC_URL = '/sitestatic/' +STATIC_ROOT = os.path.join(BASE_DIR, 'sitestatic') +STATICFILES_DIRS = ( + '/opt/modoboa/modoboa-venv/lib/python3.6/site-packages/modoboa/bower_components', +) + +MEDIA_URL = '/media/' +MEDIA_ROOT = os.path.join(BASE_DIR, 'media') + +# Rest framework settings + +REST_FRAMEWORK = { + 'DEFAULT_AUTHENTICATION_CLASSES': ( + 'rest_framework.authentication.TokenAuthentication', + 'rest_framework.authentication.SessionAuthentication', + ), +} + +# Modoboa settings +# MODOBOA_CUSTOM_LOGO = os.path.join(MEDIA_URL, "custom_logo.png") + +# DOVECOT_LOOKUP_PATH = ('/path/to/dovecot', ) + +MODOBOA_API_URL = 'https://api.modoboa.org/1/' + +DISABLE_DASHBOARD_EXTERNAL_QUERIES = False + +# REDIS + +REDIS_HOST = '$rdbhost' +REDIS_PORT = 6379 +REDIS_QUOTA_DB = 0 +REDIS_URL = 'redis://{}:{}/{}'.format(REDIS_HOST, REDIS_PORT, REDIS_QUOTA_DB) + +# Password validation +# https://docs.djangoproject.com/en/2.2/ref/settings/#auth-password-validators + +AUTH_PASSWORD_VALIDATORS = [ + { + 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', + }, + { + 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', + }, + { + 'NAME': 'modoboa.core.password_validation.ComplexityValidator', + 'OPTIONS': { + 'upper': 1, + 'lower': 1, + 'digits': 1, + 'specials': 0 + } + }, +] + +# 2FA + +OTP_TOTP_ISSUER = "3gy.de" + +# CKeditor + +CKEDITOR_UPLOAD_PATH = "uploads/" + +CKEDITOR_IMAGE_BACKEND = "pillow" + +CKEDITOR_RESTRICT_BY_USER = True + +CKEDITOR_BROWSE_SHOW_DIRS = True + +CKEDITOR_ALLOW_NONIMAGE_FILES = False + +CKEDITOR_CONFIGS = { + 'default': { + 'allowedContent': True, + 'toolbar': 'Modoboa', + 'width': None, + 'toolbar_Modoboa': [ + ['Bold', 'Italic', 'Underline'], + ['JustifyLeft', 'JustifyCenter', 'JustifyRight', 'JustifyBlock'], + ['BidiLtr', 'BidiRtl', 'Language'], + ['NumberedList', 'BulletedList', '-', 'Outdent', 'Indent'], + ['Undo', 'Redo'], + ['Link', 'Unlink', 'Anchor', '-', 'Smiley'], + ['TextColor', 'BGColor', '-', 'Source'], + ['Font', 'FontSize'], + ['Image', ], + ['SpellChecker'] + ], + }, +} + +# Logging configuration + +LOGGING = { + 'version': 1, + 'formatters': { + 'syslog': { + 'format': '%(name)s: %(levelname)s %(message)s' + }, + }, + 'handlers': { + 'mail-admins': { + 'level': 'ERROR', + 'class': 'django.utils.log.AdminEmailHandler', + 'include_html': True + }, + 'syslog-auth': { + 'class': 'logging.handlers.SysLogHandler', + 'facility': SysLogHandler.LOG_AUTH, + 'formatter': 'syslog' + }, + 'syslog-mail': { + 'class': 'logging.handlers.SysLogHandler', + 'facility': SysLogHandler.LOG_MAIL, + 'formatter': 'syslog' + }, + 'modoboa': { + 'class': 'modoboa.core.loggers.SQLHandler', + } + }, + 'loggers': { + 'django': { + 'handlers': ['mail-admins'], + 'level': 'ERROR', + 'propagate': False + }, + 'modoboa.auth': { + 'handlers': ['syslog-auth', 'modoboa'], + 'level': 'INFO', + 'propagate': False + }, + 'modoboa.admin': { + 'handlers': ['modoboa'], + 'level': 'INFO', + 'propagate': False + }, + 'modoboa.policyd': { + 'handlers': ['syslog-mail'], + 'level': 'INFO', + 'propagate': False + } + } +} + +SILENCED_SYSTEM_CHECKS = [ + "security.W019", # modoboa uses iframes to display e-mails +] + +PHONENUMBER_DB_FORMAT = 'INTERNATIONAL' + +# Load settings from extensions + +try: + from modoboa_imap_migration import settings as modoboa_imap_migration_settings + modoboa_imap_migration_settings.apply(globals()) +except AttributeError: + from modoboa_imap_migration.settings import * # noqa + |