0a4ba2001b
modified: .env.example new file: compta/__pycache__/__init__.cpython-310.pyc new file: compta/__pycache__/admin.cpython-310.pyc new file: compta/__pycache__/apps.cpython-310.pyc new file: compta/__pycache__/models.cpython-310.pyc modified: compta/admin.py new file: compta/categories_indy.py modified: compta/indy.py modified: compta/management/commands/seed_reference.py new file: compta/migrations/0010_categorie_compte_pcg.py modified: compta/models.py modified: compta/templates/compta/base.html new file: compta/templates/compta/gestion.html modified: compta/urls.py new file: compta/views_gestion.py new file: config/__pycache__/__init__.cpython-310.pyc new file: config/__pycache__/settings.cpython-310.pyc modified: config/settings.py modified: entrypoint.sh
124 lines
4.1 KiB
Python
124 lines
4.1 KiB
Python
"""
|
|
Configuration Django — JB Compta.
|
|
Tous les paramètres sensibles viennent de variables d'environnement
|
|
(fichier .env en développement, variables Portainer en production).
|
|
"""
|
|
from pathlib import Path
|
|
import os
|
|
|
|
from dotenv import load_dotenv
|
|
|
|
BASE_DIR = Path(__file__).resolve().parent.parent
|
|
load_dotenv(BASE_DIR / ".env")
|
|
|
|
|
|
def env_bool(name: str, default: bool = False) -> bool:
|
|
return os.getenv(name, str(default)).lower() in ("1", "true", "yes", "on")
|
|
|
|
|
|
SECRET_KEY = os.getenv("DJANGO_SECRET_KEY", "dev-insecure-change-me")
|
|
DEBUG = env_bool("DJANGO_DEBUG", False)
|
|
ALLOWED_HOSTS = os.getenv("DJANGO_ALLOWED_HOSTS", "*").split(",")
|
|
CSRF_TRUSTED_ORIGINS = [
|
|
o for o in os.getenv("DJANGO_CSRF_TRUSTED_ORIGINS", "").split(",") if o
|
|
]
|
|
|
|
# Derrière un reverse-proxy (Traefik, Nginx…) qui termine le TLS.
|
|
# Active-le avec DJANGO_BEHIND_PROXY=1 pour que Django reconnaisse le HTTPS
|
|
# transmis par le proxy (en-tête X-Forwarded-Proto) et sécurise les cookies.
|
|
if env_bool("DJANGO_BEHIND_PROXY", False):
|
|
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
|
|
USE_X_FORWARDED_HOST = True
|
|
SESSION_COOKIE_SECURE = True
|
|
CSRF_COOKIE_SECURE = True
|
|
# Redirige HTTP -> HTTPS seulement si demandé (laisser 0 si Traefik le fait déjà).
|
|
SECURE_SSL_REDIRECT = env_bool("DJANGO_SSL_REDIRECT", False)
|
|
|
|
INSTALLED_APPS = [
|
|
"django.contrib.admin",
|
|
"django.contrib.auth",
|
|
"django.contrib.contenttypes",
|
|
"django.contrib.sessions",
|
|
"django.contrib.messages",
|
|
"django.contrib.staticfiles",
|
|
"compta",
|
|
]
|
|
|
|
MIDDLEWARE = [
|
|
"django.middleware.security.SecurityMiddleware",
|
|
"whitenoise.middleware.WhiteNoiseMiddleware",
|
|
"django.contrib.sessions.middleware.SessionMiddleware",
|
|
"django.middleware.common.CommonMiddleware",
|
|
"django.middleware.csrf.CsrfViewMiddleware",
|
|
"django.contrib.auth.middleware.AuthenticationMiddleware",
|
|
"django.contrib.messages.middleware.MessageMiddleware",
|
|
"django.middleware.clickjacking.XFrameOptionsMiddleware",
|
|
]
|
|
|
|
ROOT_URLCONF = "config.urls"
|
|
|
|
TEMPLATES = [
|
|
{
|
|
"BACKEND": "django.template.backends.django.DjangoTemplates",
|
|
"DIRS": [],
|
|
"APP_DIRS": True,
|
|
"OPTIONS": {
|
|
"context_processors": [
|
|
"django.template.context_processors.debug",
|
|
"django.template.context_processors.request",
|
|
"django.contrib.auth.context_processors.auth",
|
|
"django.contrib.messages.context_processors.messages",
|
|
],
|
|
},
|
|
},
|
|
]
|
|
|
|
WSGI_APPLICATION = "config.wsgi.application"
|
|
|
|
# Base de données : PostgreSQL existant (sinon SQLite en repli pour les tests)
|
|
if os.getenv("DB_NAME"):
|
|
DATABASES = {
|
|
"default": {
|
|
"ENGINE": "django.db.backends.postgresql",
|
|
"NAME": os.getenv("DB_NAME"),
|
|
"USER": os.getenv("DB_USER", "jb"),
|
|
"PASSWORD": os.getenv("DB_PASSWORD", ""),
|
|
"HOST": os.getenv("DB_HOST", "localhost"),
|
|
"PORT": os.getenv("DB_PORT", "5432"),
|
|
"CONN_MAX_AGE": 60,
|
|
}
|
|
}
|
|
else:
|
|
DATABASES = {
|
|
"default": {
|
|
"ENGINE": "django.db.backends.sqlite3",
|
|
"NAME": BASE_DIR / "db.sqlite3",
|
|
}
|
|
}
|
|
|
|
AUTH_PASSWORD_VALIDATORS = [
|
|
{"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator"},
|
|
{"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator"},
|
|
{"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"},
|
|
{"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator"},
|
|
]
|
|
|
|
LANGUAGE_CODE = "fr-fr"
|
|
TIME_ZONE = "Europe/Paris"
|
|
USE_I18N = True
|
|
USE_TZ = True
|
|
|
|
STATIC_URL = "static/"
|
|
STATIC_ROOT = BASE_DIR / "staticfiles"
|
|
STORAGES = {
|
|
"default": {"BACKEND": "django.core.files.storage.FileSystemStorage"},
|
|
"staticfiles": {"BACKEND": "whitenoise.storage.CompressedStaticFilesStorage"},
|
|
}
|
|
|
|
DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
|
|
|
|
# Connexion via la page de l'app (ouverte à tout utilisateur actif, pas seulement staff)
|
|
LOGIN_URL = "/login/"
|
|
LOGIN_REDIRECT_URL = "/dashboard/"
|
|
LOGOUT_REDIRECT_URL = "/login/"
|