From 47d65253ebef86c7feb76a61e2aef3d6ac41aa59 Mon Sep 17 00:00:00 2001
From: Oliver Falk <oliver@linux-kernel.at>
Date: Tue, 12 Jun 2018 09:18:36 +0200
Subject: [PATCH] OpenShift online ready

---
 .gitlab-ci.yml                |  2 +-
 config.py                     | 39 +++++++++++++++++++++++++++++++++--
 config_local.py               |  1 -
 create.sh                     | 21 +++++++++++++++++++
 ivatar/context_processors.py  |  4 ++--
 ivatar/ivataraccount/forms.py |  5 +++--
 ivatar/ivataraccount/views.py |  8 +++----
 requirements.txt              | 38 +++++++++++++++++++++++++---------
 8 files changed, 96 insertions(+), 22 deletions(-)
 create mode 100755 create.sh

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index d80364a..19e8483 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -2,7 +2,7 @@ image: centos:centos7
 
 before_script:
   - yum install -y -t https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
-  - yum -y -t install python34 python34-pip python34-devel unzip mysql-devel gcc git
+  - yum -y -t install python34 python34-pip python34-devel unzip mysql-devel gcc git openldap-devel
   - pip3 install virtualenv --upgrade
   - virtualenv -p python3 /tmp/.virtualenv
   - source /tmp/.virtualenv/bin/activate
diff --git a/config.py b/config.py
index 0b480f9..6fbbbf0 100644
--- a/config.py
+++ b/config.py
@@ -1,10 +1,19 @@
+'''
+Configuration overrides for settings.py
+'''
+
 import os
-from ivatar.settings import BASE_DIR
+from socket import gethostname, gethostbyname
 from django.urls import reverse_lazy
+from ivatar.settings import BASE_DIR
 
 ADMIN_USERS = []
 ALLOWED_HOSTS = [
     'localhost',
+    gethostname(),
+    gethostbyname(gethostname()),
+    '.openshiftapps.com',
+    '127.0.0.1',
 ]
 
 from ivatar.settings import INSTALLED_APPS  # noqa
@@ -12,6 +21,7 @@ INSTALLED_APPS.extend([
     'django_extensions',
     'django_openid_auth',
     'bootstrap4',
+    'anymail',
     'ivatar',
     'ivatar.ivataraccount',
 ])
@@ -40,7 +50,6 @@ TEMPLATES[0]['OPTIONS']['context_processors'].append(
 OPENID_CREATE_USERS = True
 OPENID_UPDATE_DETAILS_FROM_SREG = True
 
-SITE_URL = 'https://ivatar.io'
 SITE_NAME = 'ivatar'
 IVATAR_VERSION = '0.1'
 
@@ -72,5 +81,31 @@ BOOTSTRAP4 = {
     },
 }
 
+ANYMAIL = {
+    'MAILGUN_API_KEY': '9ea63b269bf14734e928f7aa99f7b891-47317c98-19591231',
+    'MAILGUN_SENDER_DOMAIN': 'sandbox86e598eae2de47bcac3926e6d24d789a.mailgun.org',
+}
+EMAIL_BACKEND = 'anymail.backends.mailgun.EmailBackend'
+DEFAULT_FROM_EMAIL = 'ivatar@linux-kernel.at'
+
+try:
+    from ivatar.settings import DATABASES
+except Exception:  # pragma: no cover
+    DATABASES = []  # pragma: no cover
+if not 'default' in DATABASES:
+    DATABASES['default'] = {
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
+    }
+
+if 'MYSQL_DATABASE' in os.environ:
+    DATABASES['default'] = {
+        'ENGINE': 'django.db.backends.mysql',
+        'NAME': os.environ['MYSQL_DATABASE'],
+        'USER': os.environ['MYSQL_USER'],
+        'PASSWORD': os.environ['MYSQL_PASSWORD'],
+        'HOST': 'mysql',
+    }
+
 if os.path.isfile(os.path.join(BASE_DIR, 'config_local.py')):
     from config_local import *  # noqa # flake8: noqa # NOQA # pragma: no cover
diff --git a/config_local.py b/config_local.py
index e42e0c0..cb6aa6a 100644
--- a/config_local.py
+++ b/config_local.py
@@ -6,5 +6,4 @@ from ivatar.settings import TEMPLATES  # noqa
 
 SESSION_COOKIE_SECURE = False
 DEBUG = True
-SITE_URL = 'http://localhost:8383'
 TEMPLATES[0]['OPTIONS']['debug'] = True
diff --git a/create.sh b/create.sh
new file mode 100755
index 0000000..af17f2f
--- /dev/null
+++ b/create.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+oc new-project ivatar
+# Take care, the following environment variable must be set either in bashrc/profile or locally in this session
+oc secrets new-basicauth lkernat-gitlab-openshift-falko-access-token --password=$LKERNAT_GITLAB_OPENSHIFT_ACCESS_TOKEN
+oc secrets add serviceaccount/builder secrets/lkernat-gitlab-openshift-falko-access-token
+MYSQL_PASSWORD=`openssl rand -base64 16`
+MYSQL_ROOT_PASSWORD=`openssl rand -base64 16`
+oc new-app --source-secret=lkernat-gitlab-openshift-falko-access-token \
+  python~https://git.linux-kernel.at/oliver/ivatar.git \
+  mysql-persistent \
+  --group=python+mysql-persistent \
+  -e MYSQL_USER=ivatar \
+  -p MYSQL_USER=ivatar \
+  -e MYSQL_PASSWORD=$MYSQL_PASSWORD \
+  -p MYSQL_PASSWORD=$MYSQL_PASSWORD \
+  -e MYSQL_DATABASE=ivatar \
+  -p MYSQL_DATABASE=ivatar \
+  -e MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD \
+  -p MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
+oc expose svc/ivatar
diff --git a/ivatar/context_processors.py b/ivatar/context_processors.py
index 6a673f6..15b9081 100644
--- a/ivatar/context_processors.py
+++ b/ivatar/context_processors.py
@@ -2,7 +2,7 @@
 Default: useful variables for the base page templates.
 '''
 
-from ivatar.settings import IVATAR_VERSION, SITE_NAME, SITE_URL
+from ivatar.settings import IVATAR_VERSION, SITE_NAME
 from ipware import get_client_ip
 
 
@@ -19,5 +19,5 @@ def basepage(request):
     context['client_ip'] = client_ip
     context['ivatar_version'] = IVATAR_VERSION
     context['site_name'] = SITE_NAME
-    context['site_url'] = SITE_URL
+    context['site_url'] = request.build_absolute_uri('/')
     return context
diff --git a/ivatar/ivataraccount/forms.py b/ivatar/ivataraccount/forms.py
index b01215a..a8547ec 100644
--- a/ivatar/ivataraccount/forms.py
+++ b/ivatar/ivataraccount/forms.py
@@ -35,10 +35,11 @@ class AddEmailForm(forms.Form):
         # TODO: Domain restriction as in libravatar?
         return self.cleaned_data['email'].lower()
 
-    def save(self, user):
+    def save(self, request):
         '''
         Save the model, ensuring some safety
         '''
+        user = request.user
         # Enforce the maximum number of unconfirmed emails a user can have
         num_unconfirmed = user.unconfirmedemail_set.count()
 
@@ -66,7 +67,7 @@ class AddEmailForm(forms.Form):
         unconfirmed.user = user
         unconfirmed.save()
 
-        link = settings.SITE_URL + \
+        link = request.build_absolute_uri('/') + \
             reverse(
                 'confirm_email',
                 kwargs={'verification_key': unconfirmed.verification_key})
diff --git a/ivatar/ivataraccount/views.py b/ivatar/ivataraccount/views.py
index 463fd78..bc91d33 100644
--- a/ivatar/ivataraccount/views.py
+++ b/ivatar/ivataraccount/views.py
@@ -21,7 +21,7 @@ from .forms import AddEmailForm, UploadPhotoForm, AddOpenIDForm
 from .models import UnconfirmedEmail, ConfirmedEmail, Photo
 from .models import UnconfirmedOpenId, ConfirmedOpenId, DjangoOpenIDStore
 
-from ivatar.settings import MAX_NUM_PHOTOS, MAX_PHOTO_SIZE, SITE_URL
+from ivatar.settings import MAX_NUM_PHOTOS, MAX_PHOTO_SIZE
 
 import io
 
@@ -91,7 +91,7 @@ class AddEmailView(SuccessMessageMixin, FormView):
     success_url = reverse_lazy('profile')
 
     def form_valid(self, form):
-        if not form.save(self.request.user):
+        if not form.save(self.request):
             messages.error(self.request, _('Address not added'))
         else:
             messages.success(self.request, _('Address added successfully'))
@@ -447,7 +447,7 @@ class RedirectOpenIDView(View):
             messages.error(request, _('OpenID discovery failed'))
             return HttpResponseRedirect(reverse_lazy('profile'))
 
-        realm = SITE_URL  # pragma: no cover
+        realm = request.build_absolute_uri('/')  # pragma: no cover
         return_url = realm + reverse(  # pragma: no cover
             'confirm_openid', args=[kwargs['openid_id']])
         return HttpResponseRedirect(  # pragma: no cover
@@ -461,7 +461,7 @@ class ConfirmOpenIDView(View):  # pragma: no cover
 
     def do_request(self, data, *args, **kwargs):
         session = {'id': self.request.session.session_key}
-        current_url = SITE_URL + self.request.path
+        current_url = self.request.build_absolute_uri('/') + self.request.path
         openid_consumer = consumer.Consumer(session, DjangoOpenIDStore())
         info = openid_consumer.complete(data, current_url)
         if info.status == consumer.FAILURE:
diff --git a/requirements.txt b/requirements.txt
index d8a8ccd..234cd15 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,14 +1,32 @@
+autopep8
+bcrypt
 defusedxml
 Django
-git+https://github.com/ofalk/django-openid-auth
-python3-openid
-pytz
-six
-Pillow
-py3dns
-bcrypt
-django-extensions
-PyMySQL
-django-ipware
+django-auth-ldap
 django-bootstrap4
+django-coverage-plugin
+django-extensions
+django-ipware
+django-user-accounts
+fabric
+flake8-respect-noqa
+git+https://github.com/ofalk/django-openid-auth
+Pillow
+pip
+py3dns
+pydocstyle
 pyLibravatar
+pylint
+PyMySQL
+python3-openid
+python-coveralls
+python-language-server
+pytz
+rope
+setuptools
+six
+social-auth-app-django
+wheel
+yapf
+django-anymail[mailgun]
+mysqlclient