7 files changed, 489 insertions, 0 deletions
diff --git a/rpki/django_settings/__init__.py b/rpki/django_settings/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/rpki/django_settings/__init__.py
diff --git a/rpki/django_settings/common.py b/rpki/django_settings/common.py
new file mode 100644
index 00000000..2f41fe77
--- /dev/null
+++ b/rpki/django_settings/common.py
@@ -0,0 +1,125 @@
+# $Id$
+
+# Copyright (C) 2014  Dragon Research Labs ("DRL")
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND DRL DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL DRL BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+"""
+This module contains common configuration settings for Django libraries.
+
+Most of our CA code uses at least the Django ORM; the web interface
+uses a lot more of Django.  We also want to handle all normal user
+configuration via rpki.conf, so some of the code here is just pulling
+settings from rpki.conf and stuffing them into the form Django wants.
+"""
+
+__version__ = "$Id$"
+
+import os
+import rpki.config
+import rpki.autoconf
+
+# Some configuration, including SQL authorization, comes from rpki.conf.
+cfg = rpki.config.parser()
+
+
+# Do -not- turn on DEBUG here except for short-lived tests, otherwise
+# long-running programs like irdbd will eventually run out of memory
+# and crash.  This is also why this is controlled by an environment
+# variable rather than by an rpki.conf setting: just because we want
+# debugging enabled in the GUI doesn't mean we want it in irdb.
+#
+# If you must enable debugging, you may need to add code that uses
+# django.db.reset_queries() to clear the query list manually, but it's
+# probably better just to run with debugging disabled, since that's
+# the expectation for production code.
+#
+# https://docs.djangoproject.com/en/dev/faq/models/#why-is-django-leaking-memory
+
+if os.getenv("RPKI_DJANGO_DEBUG") == "yes":
+    DEBUG = True
+
+
+# Database configuration differs from program to program, but includes
+# a lot of boilerplate.  So we define a class here to handle this,
+# then use it and clean up in the modules that import from this one.
+
+class DatabaseConfigurator(object):
+
+    default_sql_engine = "mysql"
+    cfg     = None
+    section = None
+
+    def configure(self, cfg, section):  # pylint: disable=W0621
+        self.cfg = cfg
+        self.section = section
+        engine = cfg.get("sql-engine", section = section,
+                         default = self.default_sql_engine)
+        return dict(
+            default = getattr(self, engine))
+
+    @property
+    def mysql(self):
+        return dict(
+            ENGINE   = "django.db.backends.mysql",
+            NAME     = cfg.get("sql-database", section = self.section),
+            USER     = cfg.get("sql-username", section = self.section),
+            PASSWORD = cfg.get("sql-password", section = self.section),
+            #
+            # Using "latin1" here is totally evil and wrong, but
+            # without it MySQL 5.6 (and, probably, later versions)
+            # whine incessantly about bad UTF-8 characters in BLOB
+            # columns.  Which makes no freaking sense at all, but this
+            # is MySQL, which has the character set management interface
+            # from hell, so good luck with that.  If anybody really
+            # understands how to fix this, tell me; for now, we force
+            # MySQL to revert to the default behavior in MySQL 5.5.
+            #
+            OPTIONS  = dict(charset = "latin1"))
+
+    @property
+    def sqlite3(self):
+        return dict(
+            ENGINE   = "django.db.backends.sqlite3",
+            NAME     = cfg.get("sql-database", section = self.section))
+
+    @property
+    def postgresql(self):
+        return dict(
+            ENGINE   = "django.db.backends.postgresql_psycopg2",
+            NAME     = cfg.get("sql-database", section = self.section),
+            USER     = cfg.get("sql-username", section = self.section),
+            PASSWORD = cfg.get("sql-password", section = self.section))
+
+
+# Apps are also handled by the modules that import this one, now that
+# we don't require South.
+
+
+# Silence whining about MIDDLEWARE_CLASSES
+
+MIDDLEWARE_CLASSES = ()
+
+# That would be it if we just need the ORM, but Django throws a hissy
+# fit if SECRET_KEY isn't set, whether we use it for anything or not.
+#
+# Make this unique, and don't share it with anybody.
+if cfg.has_option("secret-key", section = "web_portal"):
+    SECRET_KEY = cfg.get("secret-key", section = "web_portal")
+else:
+    SECRET_KEY = os.urandom(66).encode("hex")
+
+
+# Django defaults to thinking everybody lives in Chicago.
+
+TIME_ZONE = "UTC"
diff --git a/rpki/django_settings/gui.py b/rpki/django_settings/gui.py
new file mode 100644
index 00000000..071d845f
--- /dev/null
+++ b/rpki/django_settings/gui.py
@@ -0,0 +1,159 @@
+# $Id$
+
+# Copyright (C) 2014  Dragon Research Labs ("DRL")
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND DRL DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL DRL BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+"""
+This module contains GUI-specific configuration settings for Django libraries.
+"""
+
+# Pull in the irdb configuration, which in turn pulls in the common configuration.
+
+from .irdb import *                     # pylint: disable=W0401,W0614
+
+__version__ = "$Id$"
+
+import socket
+
+# GUI uses the IRDB database configuration, so we don't need to set
+# anything here.
+
+# Where to put static files.
+STATIC_ROOT = rpki.autoconf.datarootdir + "/rpki/media"
+
+# Must end with a slash!
+STATIC_URL = "/media/"
+
+# Where to email server errors.
+ADMINS = (("Administrator", "root@localhost"),)
+
+LOGGING = {
+    "version": 1,
+    "formatters": {
+        "verbose": {
+            # see http://docs.python.org/2.7/library/logging.html#logging.LogRecord
+            "format": "%(levelname)s %(asctime)s %(name)s %(message)s"
+        },
+    },
+    "handlers": {
+        "stderr": {
+            "class": "logging.StreamHandler",
+            "level": "DEBUG",
+            "formatter": "verbose",
+        },
+        "mail_admins": {
+            "level": "ERROR",
+            "class": "django.utils.log.AdminEmailHandler",
+        },
+    },
+    "loggers": {
+        "django": {
+            "level": "ERROR",
+            "handlers": ["stderr", "mail_admins"],
+        },
+        "rpki.gui": {
+            "level": "WARNING",
+            "handlers": ["stderr"],
+        },
+    },
+}
+
+def select_tz():
+    "Find a supported timezone that looks like UTC"
+    for tz in ("UTC", "GMT", "Etc/UTC", "Etc/GMT"):
+        if os.path.exists("/usr/share/zoneinfo/" + tz):
+            return tz
+    # Can't determine the proper timezone, fall back to UTC and let Django
+    # report the error to the user.
+    return "UTC"
+
+# Local time zone for this installation. Choices can be found here:
+# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
+# although not all choices may be available on all operating systems.
+# If running in a Windows environment this must be set to the same as your
+# system time zone.
+TIME_ZONE = select_tz()
+
+# See https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts
+# for details on why you might need this.
+def get_allowed_hosts():
+    allowed_hosts = set(cfg.multiget("allowed-hosts", section = "web_portal"))
+    allowed_hosts.add(socket.getfqdn())
+    allowed_hosts.add("127.0.0.1")
+    allowed_hosts.add("::1")
+    try:
+        import netifaces
+        for interface in netifaces.interfaces():
+            addresses = netifaces.ifaddresses(interface)
+            for af in (netifaces.AF_INET, netifaces.AF_INET6):
+                if af in addresses:
+                    for address in addresses[af]:
+                        if "addr" in address:
+                            allowed_hosts.add(address["addr"])
+    except ImportError:
+        pass
+    return list(allowed_hosts)
+
+ALLOWED_HOSTS = get_allowed_hosts()
+
+DOWNLOAD_DIRECTORY = cfg.get("download-directory", "/var/tmp", section = "web_portal")
+
+# List of callables that know how to import templates from various sources.
+TEMPLATE_LOADERS = (
+    "django.template.loaders.filesystem.Loader",
+    "django.template.loaders.app_directories.Loader",
+    "django.template.loaders.eggs.Loader"
+)
+
+MIDDLEWARE_CLASSES = (
+    "django.middleware.common.CommonMiddleware",
+    "django.contrib.sessions.middleware.SessionMiddleware",
+    "django.middleware.csrf.CsrfViewMiddleware",
+    "django.contrib.auth.middleware.AuthenticationMiddleware",
+    "django.contrib.messages.middleware.MessageMiddleware"
+)
+
+ROOT_URLCONF = "rpki.gui.urls"
+
+INSTALLED_APPS.extend((
+    "django.contrib.auth",
+    #"django.contrib.admin",
+    #"django.contrib.admindocs",
+    "django.contrib.contenttypes",
+    "django.contrib.sessions",
+    "django.contrib.staticfiles",
+    "rpki.gui.app",
+    "rpki.gui.gui_rpki_cache",
+    "rpki.gui.routeview",
+    "rpki.rcynicdb"
+))
+
+TEMPLATE_CONTEXT_PROCESSORS = (
+    "django.contrib.auth.context_processors.auth",
+    "django.core.context_processors.debug",
+    "django.core.context_processors.i18n",
+    "django.core.context_processors.media",
+    "django.contrib.messages.context_processors.messages",
+    "django.core.context_processors.request",
+    "django.core.context_processors.static"
+)
+
+# Allow local site to override any setting above -- but if there's
+# anything that local sites routinely need to modify, please consider
+# putting that configuration into rpki.conf and just adding code here
+# to read that configuration.
+try:
+    from local_settings import *        # pylint: disable=W0401,F0401
+except ImportError:
+    pass
diff --git a/rpki/django_settings/irdb.py b/rpki/django_settings/irdb.py
new file mode 100644
index 00000000..da42a111
--- /dev/null
+++ b/rpki/django_settings/irdb.py
@@ -0,0 +1,47 @@
+# $Id$
+
+# Copyright (C) 2014  Dragon Research Labs ("DRL")
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND DRL DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL DRL BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+"""
+This module contains configuration settings for Django libraries.  All
+of the back-end programs (rpkic, irdbd, etc) use this configuration;
+the GUI code also uses this but adds a bunch of other stuff, thus has
+its own settings file.
+"""
+
+from .common import *                   # pylint: disable=W0401,W0614
+
+__version__ = "$Id$"
+
+
+# Database configuration.
+
+DATABASES = DatabaseConfigurator().configure(cfg, "irdbd")
+del DatabaseConfigurator
+
+
+# Apps.
+
+INSTALLED_APPS = ["rpki.irdb"]
+
+
+# Allow local site to override any setting above -- but if there's
+# anything that local sites routinely need to modify, please consider
+# putting that configuration into rpki.conf and just adding code here
+# to read that configuration.
+try:
+    from local_settings import *        # pylint: disable=W0401,F0401
+except ImportError:
+    pass
diff --git a/rpki/django_settings/pubd.py b/rpki/django_settings/pubd.py
new file mode 100644
index 00000000..6bd9fdc0
--- /dev/null
+++ b/rpki/django_settings/pubd.py
@@ -0,0 +1,45 @@
+# $Id$
+
+# Copyright (C) 2014  Dragon Research Labs ("DRL")
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND DRL DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL DRL BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+"""
+This module contains configuration settings for Django libraries for
+the pubd program.
+"""
+
+from .common import *                   # pylint: disable=W0401,W0614
+
+__version__ = "$Id$"
+
+
+# Database configuration.
+
+DATABASES = DatabaseConfigurator().configure(cfg, "pubd")
+del DatabaseConfigurator
+
+
+# Apps.
+
+INSTALLED_APPS =  ["rpki.pubdb"]
+
+
+# Allow local site to override any setting above -- but if there's
+# anything that local sites routinely need to modify, please consider
+# putting that configuration into rpki.conf and just adding code here
+# to read that configuration.
+try:
+    from local_settings import *        # pylint: disable=W0401,F0401
+except ImportError:
+    pass
diff --git a/rpki/django_settings/rcynic.py b/rpki/django_settings/rcynic.py
new file mode 100644
index 00000000..0845604c
--- /dev/null
+++ b/rpki/django_settings/rcynic.py
@@ -0,0 +1,68 @@
+# $Id$
+
+# Copyright (C) 2014  Dragon Research Labs ("DRL")
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND DRL DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL DRL BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+"""
+This module contains configuration settings for Django libraries.
+At present, rcynicng only uses the Django ORM, not the rest of Django.
+Unlike the CA tools rcynicng defaults to using SQLite3 as its database
+engine, so we tweak the defaults a little before instantiating the
+database configuration here.
+"""
+
+from .common import *                   # pylint: disable=W0401,W0614
+
+__version__ = "$Id$"
+
+
+# Database configuration.
+
+class DBConfigurator(DatabaseConfigurator):
+
+    default_sql_engine = "sqlite3"
+
+    @property
+    def sqlite3(self):
+        return dict(
+            ENGINE   = "django.db.backends.sqlite3",
+            NAME     = cfg.get("sql-database", section = self.section, default = "rcynic.db"))
+
+
+DATABASES = DBConfigurator().configure(cfg, "rcynic")
+
+del DBConfigurator
+del DatabaseConfigurator
+
+
+# Apps.
+
+INSTALLED_APPS = ["rpki.rcynicdb"]
+
+
+# Debugging
+#
+# DO NOT ENABLE DJANGO DEBUGGING IN PRODUCTION!
+#
+#DEBUG = True
+
+
+# Allow local site to override any setting above -- but if there's
+# anything that local sites routinely need to modify, please consider
+# putting that configuration into rpki.conf and just adding code here
+# to read that configuration.
+try:
+    from local_settings import *        # pylint: disable=W0401,F0401
+except ImportError:
+    pass
diff --git a/rpki/django_settings/rpkid.py b/rpki/django_settings/rpkid.py
new file mode 100644
index 00000000..e34518bb
--- /dev/null
+++ b/rpki/django_settings/rpkid.py
@@ -0,0 +1,45 @@
+# $Id$
+
+# Copyright (C) 2014  Dragon Research Labs ("DRL")
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND DRL DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL DRL BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+"""
+This module contains configuration settings for Django libraries for
+the rpkid program.
+"""
+
+from .common import *                   # pylint: disable=W0401,W0614
+
+__version__ = "$Id$"
+
+
+# Database configuration.
+
+DATABASES = DatabaseConfigurator().configure(cfg, "rpkid")
+del DatabaseConfigurator
+
+
+# Apps.
+
+INSTALLED_APPS = ["rpki.rpkidb"]
+
+
+# Allow local site to override any setting above -- but if there's
+# anything that local sites routinely need to modify, please consider
+# putting that configuration into rpki.conf and just adding code here
+# to read that configuration.
+try:
+    from local_settings import *        # pylint: disable=W0401,F0401
+except ImportError:
+    pass