Refactor settings.py to allow to extend and override them
Steering's configuration is in steering/settings.py
, the file can be replaced and made available to the Docker container, but this is not straightforward, and it requires to include all the settings of the application, even the ones that don't need to be extended or overridden.
I would like to refactor the settings (file) into a module to provide a cleaner path to extend and override some of the settings if required.
This would allow to use, for example, steering/settings/ldap.py
to add LDAP authentication.
# steering/settings/ldap.py
from . import *
from django_auth_ldap.config import LDAPSearch, PosixGroupType
AUTHENTICATION_BACKENDS = (
"django_auth_ldap.backend.LDAPBackend",
"django.contrib.auth.backends.ModelBackend",
)
AUTH_LDAP_SERVER_URI = "ldap://ldap.local"
AUTH_LDAP_BIND_DN = "cn=reader,dc=local"
AUTH_LDAP_BIND_PASSWORD = os.getenv("AUTH_LDAP_BIND_PASSWORD")
AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=local"
AUTH_LDAP_GROUP_SEARCH = LDAPSearch(
"ou=groups,dc=local",
ldap.SCOPE_SUBTREE,
"(objectClass=posixGroup)",
)
AUTH_LDAP_GROUP_TYPE = PosixGroupType()
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail",
}
AUTH_LDAP_USER_FLAGS_BY_GROUP = {
"is_active": "cn=active,ou=django,ou=groups,dc=local",
"is_staff": "cn=staff,ou=django,ou=groups,dc=local",
"is_superuser": "cn=superuser,ou=django,ou=groups,dc=local",
}
AUTH_LDAP_ALWAYS_UPDATE_USER = True
AUTH_LDAP_FIND_GROUP_PERMS = True
AUTH_LDAP_MIRROR_GROUPS = True
To enable the settings module, the environment variable DJANGO_SETTINGS_MODULE
should point to steering.settings.ldap
, and the ldap.py
file can be mounted as a volume in a docker-compose.override.yml
file.