There are many settings in /etc/karaage3/settings.py
that can be customized for local requirements.
Any Django settings can be used, although it is recommended only to modify the settings described in this section.
HTTP_HOST
Default: FQDN hostname
FQDN host, used in default settings for ALLOWED_HOSTS
, REGISTRATION_BASE_URL
, and ADMIN_BASE_URL
.
Not a Django setting, but listed here regardless.
DEBUG
Default: False
Never deploy a site into production with DEBUG turned on.
Did you catch that? NEVER deploy a site into production with DEBUG turned on.
One of the main features of debug mode is the display of detailed error pages. If your app raises an exception when DEBUG is True, Django will display a detailed traceback, including a lot of metadata about your environment, such as all the currently defined Django settings (from settings.py).
See django:DEBUG
.
ALLOWED_HOSTS
Default: ['%(HOST)']
A list of strings representing the host/domain names that this Django site can serve. This is a security measure to prevent an attacker from poisoning caches and password reset emails with links to malicious hosts by submitting requests with a fake HTTP Host
header, which is possible even under many seemingly-safe web server configurations.
%(HOST)
will be substituted with the HTTP_HOST
setting.
See django:ALLOWED_HOSTS
.
SESSION_COOKIE_SECURE
Default: True
Whether to use a secure cookie for the CSRF cookie. If this is set to True
, the cookie will be marked as "secure," which means browsers may ensure that the cookie is only sent under an HTTPS connection.
See django:SESSION_COOKIE_SECURE
.
ADMINS
Default: ()
(Empty tuple)
A tuple that lists people who get code error notifications. When DEBUG=False
and a view raises an exception, Django will email these people with the full exception information. Each member of the tuple should be a tuple of (Full name, email address).
See django:ADMINS
.
MANAGERS
Default: ()
(Empty tuple)
A tuple in the same format as ADMINS
that specifies who should get broken link notifications when :py~django.middleware.common.BrokenLinkEmailsMiddleware
is enabled.
See django:MANAGERS
.
DATABASES
Default: {}
(Empty dictionary)
A tuple in the same format as ADMINS
that specifies who should get broken link notifications when :py~django.middleware.common.BrokenLinkEmailsMiddleware
is enabled.
See django:DATABASES
.
SERVER_EMAIL
Default: 'root@localhost'
The email address that error messages come from, such as those sent to ADMINS
and MANAGERS
.
See django:SERVER_EMAIL
.
EMAIL_HOST
Default: 'localhost'
The host to use for sending email.
See django:EMAIL_HOST
.
EMAIL_SUBJECT_PREFIX
Default: '[Django] '
Subject-line prefix for email messages sent with django.core.mail.mail_admins
or django.core.mail.mail_managers
. You'll probably want to include the trailing space.
See django:EMAIL_SUBJECT_PREFIX
.
TIME_ZONE
Default: 'America/Chicago'
A string representing the time zone for this installation, or None
. See the list of time zones.
See django:TIME_ZONE
.
LANGUAGE_CODE
Default: 'en-us'
A string representing the language code for this installation. This should be in standard language ID format <language code>
. For example, U.S. English is "en-us"
. See also the list of language identifiers.
See django:LANGUAGE_CODE
.
SECRET_KEY
Default: ''
(Empty string)
A secret key for a particular Django installation. This is used to provide cryptographic signing, and should be set to a unique, unpredictable value.
See django:SECRET_KEY
.
LOGGING
Default: A logging configuration dictionary.
A data structure containing configuration information. The contents of this data structure will be passed as the argument to the configuration method described in LOGGING_CONFIG
.
See django:LOGGING
.
Pipeline is an asset packaging library for Django, providing both CSS and JavaScript concatenation and compression, built-in JavaScript template support, and optional data-URI image and font embedding.
PIPELINE_CSS_COMPRESSOR
Default: 'pipeline.compressors.yui.YUICompressor'
Django pipeline setting.
Compressor class to be applied to CSS files.
If empty or None, CSS files won’t be compressed.
PIPELINE_JS_COMPRESSOR
Default: 'pipeline.compressors.yui.YUICompressor'
Django pipeline setting.
Compressor class to be applied to JS files.
If empty or None, JavaScript files won’t be compressed.
These are settings defined and used by Karaage core.
ACCOUNTS_EMAIL
Default: No default; must be set
Users are advised to contact this address if having problems. This is also used as the from address in outgoing emails.
ACCOUNTS_ORG_NAME
Default: No default; must be set
This organisation name, used in outgoing emails.
REGISTRATION_BASE_URL
Default: 'https://%(HOST)s/users'
Registration base URL - Used in email templates.
%(HOST)
will be substituted with the HTTP_HOST
setting.
ADMIN_BASE_URL
Default: 'https://%(HOST)s/kgadmin'
Admin base URL - Used in email templates.
%(HOST)
will be substituted with the HTTP_HOST
setting.
AUP_URL
Default: Django template karaage/common/aup-detail.html
Path to AUP policy. Note that setting this will not disable the Karaage default page, it might be better to replace the AUP with a file in the templates directory karaage/common/aup-detail.html
if required.
ALLOW_REGISTRATIONS
Default: False
Plugin: kgapplications
Do we allow anonymous users to request accounts?
ALLOW_NEW_PROJECTS
Default: True
Plugin: kgapplications
Do we allow applications for new projects?
USAGE_IS_PUBLIC
Do we allow any logged in user to access all usage information?
PLUGINS
Default: []
(Empty list)
A list of classes that define Karaage plugins. For more information on creating plugins from scratch, please see the Karaage programmers documentation.
DATASTORES
Default: []
(Empty list)
This is a list of dictionaries, that define the data stores
<data store>
.
An example:
DATASTORES = [
{
'DESCRIPTION': 'LDAP datastore',
'ENGINE': 'karaage.datastores.ldap.DataStore',
...
}
]
The settings for each datastore will vary depending on the value of ENGINE
supplied. For more information, see /datastores
.
LDAP
Default: {}
(Empty dictionary)
This setting defines LDAP settings for a connection to a LDAP server. It is only used if you have configured DATASTORES
to use ldap.
An example:
LDAP = {
'default': {
'ENGINE': 'tldap.backend.fake_transactions',
'URI': 'ldap://localhost',
'USER': 'cn=admin,dc=example,dc=org',
'PASSWORD': 'topsecret',
'USE_TLS': False,
'TLS_CA': None,
}
}
USERNAME_VALIDATION_RE
Default: '[-\w]+'
Regular expression that defines a valid username for a person
or an account
.
Warning
Do not change unless you are sure you understand the potential security ramifications in doing so.
USERNAME_VALIDATION_ERROR_MSG
Default: 'Usernames can only contain letters, numbers and underscores'
Error message that is displayed to user if the username for a person
or account
doesn't pass the USERNAME_VALIDATION_RE
check.
PROJECT_VALIDATION_RE
Default: '[-\w]+'
Regular expression that defines a valid username for projects
<project>
.
Warning
Do not change unless you are sure you understand the potential security ramifications in doing so.
PROJECT_VALIDATION_ERROR_MSG
Default: 'Project names can only contain letters, numbers and underscores'
Error message that is displayed to user if a name for a project
doesn't pass the PROJECT_VALIDATION_RE
check.
GROUP_VALIDATION_RE
Default: '[-\w]+'
Regular expression that defines a valid name for a group
.
Warning
Do not change unless you are sure you understand the potential security ramifications in doing so.
GROUP_VALIDATION_ERROR_MSG
Default: 'Group names can only contain letters, numbers and underscores'
Error message that is displayed to user if a name for a group
doesn't pass the GROUP_VALIDATION_RE
check.
Settings specific to the Karaage applications plugin.
EMAIL_MATCH_TYPE
default: 'exclude'
Settings to restrict the valid list of email addresses we allow in applications. EMAIL_MATCH_TYPE
can be 'include'
or 'exclude'
. If 'include'
then the email address must match one of the RE entries in EMAIL_MATCH_LIST
. If 'exclude'
then then email address must not match of the the RE entries in :setting:EMAIL_MATCH_LIST.
EMAIL_MATCH_LIST
Default: []
(Empty list)
Settings to restrict the valid list of email addresses we allow in applications. EMAIL_MATCH_TYPE
can be 'include'
or 'exclude'
. If 'include'
then the email address must match one of the RE entries in EMAIL_MATCH_LIST
. If 'exclude'
then then email address must not match of the the RE entries in :setting:EMAIL_MATCH_LIST.