From 57c1176d9e918c9d11ecd4a1e8bea3f138c8cf6a Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Fri, 27 Apr 2012 09:04:12 -0500 Subject: Remove misleading comment from settings.py We're not using cache middleware anymore, and this bug is fixed anyway. Signed-off-by: Dan McGee --- settings.py | 2 -- 1 file changed, 2 deletions(-) (limited to 'settings.py') diff --git a/settings.py b/settings.py index 52339c53..50ed6c18 100644 --- a/settings.py +++ b/settings.py @@ -68,8 +68,6 @@ TEMPLATE_LOADERS = ( 'django.template.loaders.app_directories.Loader', ) -# This bug is a real bummer: -# http://code.djangoproject.com/ticket/14105 MIDDLEWARE_CLASSES = ( 'django.middleware.common.CommonMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', -- cgit v1.2.3 From 4c446e5cf71e6755f87ca08cf851569a2c13614b Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Sat, 28 Jul 2012 11:45:08 -0500 Subject: Convert releng URLs to https by default Signed-off-by: Dan McGee --- settings.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'settings.py') diff --git a/settings.py b/settings.py index 50ed6c18..8b74e554 100644 --- a/settings.py +++ b/settings.py @@ -127,10 +127,10 @@ INSTALLED_APPS = ( PGP_SERVER = 'pgp.mit.edu:11371' # URL to fetch a current list of available ISOs -ISO_LIST_URL = 'http://releng.archlinux.org/isos/' +ISO_LIST_URL = 'https://releng.archlinux.org/isos/' # URL to the PXE netboot instructions -PXEBOOT_URL = 'http://releng.archlinux.org/pxeboot/' +PXEBOOT_URL = 'https://releng.archlinux.org/pxeboot/' # URL for SVN access for fetching commit messages (note absence of packages or # community bit on the end, repo.svn_root is appended) -- cgit v1.2.3 From aa7f51e6bd80fded21fabf3135ebe78ff32b24c7 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Mon, 13 Aug 2012 09:38:47 -0500 Subject: Enable rate-limiting log filter Signed-off-by: Dan McGee --- settings.py | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) (limited to 'settings.py') diff --git a/settings.py b/settings.py index 8b74e554..80df6f43 100644 --- a/settings.py +++ b/settings.py @@ -78,6 +78,7 @@ MIDDLEWARE_CLASSES = ( 'django.middleware.doc.XViewMiddleware', ) +# Base of the URL hierarchy ROOT_URLCONF = 'urls' # URL to serve static files @@ -123,6 +124,31 @@ INSTALLED_APPS = ( 'retro', ) +# Logging configuration for not getting overspammed +LOGGING = { + 'version': 1, + 'filters': { + 'ratelimit': { + '()': 'main.log.RateLimitFilter', + } + }, + 'handlers': { + 'mail_admins': { + 'level': 'ERROR', + 'filters': ['ratelimit'], + 'class': 'django.utils.log.AdminEmailHandler', + } + }, + 'loggers': { + 'django.request': { + 'handlers': ['mail_admins'], + 'level': 'ERROR', + 'propagate': True, + }, + }, +} + + ## Server used for linking to PGP keysearch results PGP_SERVER = 'pgp.mit.edu:11371' -- cgit v1.2.3 From 62bb3db8ada68a22c7a58f32b2e6bed63f19e53c Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Fri, 26 Oct 2012 17:36:12 -0500 Subject: Remove usages of 'django.contrib.markup' Switch to the news model being able to spit out the HTML version of the content, and don't use the markup contrib module. This is deprecated as of Django 1.5 so we can move off it now to save trouble down the road when it is fully removed. Signed-off-by: Dan McGee --- settings.py | 1 - 1 file changed, 1 deletion(-) (limited to 'settings.py') diff --git a/settings.py b/settings.py index 80df6f43..7038a71b 100644 --- a/settings.py +++ b/settings.py @@ -107,7 +107,6 @@ INSTALLED_APPS = ( 'django.contrib.sites', 'django.contrib.sitemaps', 'django.contrib.admin', - 'django.contrib.markup', 'django.contrib.staticfiles', 'south', 'django_countries', -- cgit v1.2.3 From ca560f954f7e0865eccb70d1573999c78b286fe3 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Sun, 30 Dec 2012 12:42:54 -0600 Subject: Enable clickjacking protection via middleware See https://docs.djangoproject.com/en/1.4/ref/clickjacking/ for details. This middleware was added to the default configuration in Django 1.4. Signed-off-by: Dan McGee --- settings.py | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'settings.py') diff --git a/settings.py b/settings.py index 7038a71b..ba1e301b 100644 --- a/settings.py +++ b/settings.py @@ -74,6 +74,7 @@ MIDDLEWARE_CLASSES = ( 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', + 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'django.middleware.http.ConditionalGetMiddleware', 'django.middleware.doc.XViewMiddleware', ) @@ -99,6 +100,9 @@ MESSAGE_STORAGE = 'django.contrib.messages.storage.session.SessionStorage' SESSION_ENGINE = 'django.contrib.sessions.backends.cached_db' SESSION_COOKIE_HTTPONLY = True +# Clickjacking protection +X_FRAME_OPTIONS = 'DENY' + INSTALLED_APPS = ( 'django.contrib.auth', 'django.contrib.contenttypes', -- cgit v1.2.3 From 3e7c519ae224800375a488d2c961db7cdcf8ee51 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Sun, 30 Dec 2012 22:18:27 -0600 Subject: Remove several context processors we don't use We're not using any of the injected values these context processors provide in our templates, so remove them from our default config. Signed-off-by: Dan McGee --- settings.py | 3 --- 1 file changed, 3 deletions(-) (limited to 'settings.py') diff --git a/settings.py b/settings.py index ba1e301b..53358077 100644 --- a/settings.py +++ b/settings.py @@ -49,9 +49,6 @@ AUTH_PROFILE_MODULE = 'devel.UserProfile' TEMPLATE_CONTEXT_PROCESSORS = ( 'django.contrib.auth.context_processors.auth', 'django.core.context_processors.debug', - 'django.core.context_processors.i18n', - 'django.core.context_processors.media', - 'django.core.context_processors.static', 'django.contrib.messages.context_processors.messages', 'main.context_processors.secure', ) -- cgit v1.2.3 From 90af2119c25527185e36fb75e6a75107f2d6e5cf Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Sun, 13 Jan 2013 21:27:35 -0600 Subject: Disable XView Middleware This is the default now in Django anyway: https://code.djangoproject.com/ticket/7317 Signed-off-by: Dan McGee --- settings.py | 1 - 1 file changed, 1 deletion(-) (limited to 'settings.py') diff --git a/settings.py b/settings.py index 53358077..8ed5cb61 100644 --- a/settings.py +++ b/settings.py @@ -73,7 +73,6 @@ MIDDLEWARE_CLASSES = ( 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'django.middleware.http.ConditionalGetMiddleware', - 'django.middleware.doc.XViewMiddleware', ) # Base of the URL hierarchy -- cgit v1.2.3 From 3a6398f42d04ea6a677bf7b6d5115175e9011432 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Tue, 15 Jan 2013 21:27:37 -0600 Subject: Add new AlwaysCommitMiddleware to the stack The reason for this is documented in the middleware itself. Without this, pgbouncer is of little use to us since it has to throw away every connection we try to route through it because of unclean disconnects. In theory, with the switch to using pgbouncer for all WSGI originating connections and adding this middleware, we should see a notable decrease in connection time to the database. Signed-off-by: Dan McGee --- settings.py | 1 + 1 file changed, 1 insertion(+) (limited to 'settings.py') diff --git a/settings.py b/settings.py index 8ed5cb61..cdc56e3e 100644 --- a/settings.py +++ b/settings.py @@ -66,6 +66,7 @@ TEMPLATE_LOADERS = ( ) MIDDLEWARE_CLASSES = ( + 'main.middleware.AlwaysCommitMiddleware', 'django.middleware.common.CommonMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', -- cgit v1.2.3 From 45108ea4975419a88c2bb10ed7f3f90d6085d852 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Sun, 20 Jan 2013 15:09:18 -0600 Subject: Remove AlwaysCommitMiddleware Let's just go with the Django database option for PostreSQL autocommit mode instead. Signed-off-by: Dan McGee --- settings.py | 1 - 1 file changed, 1 deletion(-) (limited to 'settings.py') diff --git a/settings.py b/settings.py index cdc56e3e..8ed5cb61 100644 --- a/settings.py +++ b/settings.py @@ -66,7 +66,6 @@ TEMPLATE_LOADERS = ( ) MIDDLEWARE_CLASSES = ( - 'main.middleware.AlwaysCommitMiddleware', 'django.middleware.common.CommonMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', -- cgit v1.2.3 From f9252df1138ae388168cf76cb3d654a2abbce4ec Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Mon, 21 Jan 2013 15:14:44 -0600 Subject: Switch to using the cached STATICFILES_STORAGE backend This should finally let us crank up the Expires: header to far-future values in production since updates to JS and CSS files will take effect immediately. Some minor removals were made from retro stylesheets as they were referencing files that don't actually exist because they were missing from the web archive. Signed-off-by: Dan McGee --- settings.py | 3 +++ 1 file changed, 3 insertions(+) (limited to 'settings.py') diff --git a/settings.py b/settings.py index 8ed5cb61..dbc06159 100644 --- a/settings.py +++ b/settings.py @@ -89,6 +89,9 @@ STATICFILES_DIRS = ( os.path.join(DEPLOY_PATH, 'sitestatic'), ) +# Static files backend that allows us to use far future Expires headers +STATICFILES_STORAGE = 'django.contrib.staticfiles.storage.CachedStaticFilesStorage' + # Configure where messages should reside MESSAGE_STORAGE = 'django.contrib.messages.storage.session.SessionStorage' -- cgit v1.2.3 From bc539b6ed174fed1545aabaa4ceb7a7f925cbbed Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Mon, 28 Jan 2013 14:13:53 -0700 Subject: Extract torrent trackers into a settings variable This allows them to be overridden and changed in a central location, like we do with the SVN URL, PXE boot URL, etc. Signed-off-by: Dan McGee --- settings.py | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'settings.py') diff --git a/settings.py b/settings.py index dbc06159..c856bf57 100644 --- a/settings.py +++ b/settings.py @@ -164,6 +164,12 @@ PXEBOOT_URL = 'https://releng.archlinux.org/pxeboot/' # community bit on the end, repo.svn_root is appended) SVN_BASE_URL = 'svn://svn.archlinux.org/' +# Trackers used for ISO download magnet links +TORRENT_TRACKERS = ( + 'udp://tracker.archlinux.org:6969', + 'http://tracker.archlinux.org:6969/announce', +) + ## Import local settings from local_settings import * -- cgit v1.2.3 From 8d79a1ea84756b016fb76d940e95a8885d014dae Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Fri, 8 Feb 2013 21:03:52 -0600 Subject: Minify static files when running collectstatic This doesn't do any super optimizations, but does run the very basic cssmin and jsmin Python tools over the static resources we serve up. Signed-off-by: Dan McGee --- settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'settings.py') diff --git a/settings.py b/settings.py index c856bf57..559a55a0 100644 --- a/settings.py +++ b/settings.py @@ -90,7 +90,7 @@ STATICFILES_DIRS = ( ) # Static files backend that allows us to use far future Expires headers -STATICFILES_STORAGE = 'django.contrib.staticfiles.storage.CachedStaticFilesStorage' +STATICFILES_STORAGE = 'main.storage.MinifiedStaticFilesStorage' # Configure where messages should reside MESSAGE_STORAGE = 'django.contrib.messages.storage.session.SessionStorage' -- cgit v1.2.3 From a22557811a24b68ef85d4271787c48d8d1e4fc99 Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Sun, 21 Apr 2013 02:49:16 -0400 Subject: catch a few more instances of archlinux --- settings.py | 2 ++ 1 file changed, 2 insertions(+) (limited to 'settings.py') diff --git a/settings.py b/settings.py index 49ef1898..1cb85fc1 100644 --- a/settings.py +++ b/settings.py @@ -177,6 +177,8 @@ TORRENT_TRACKERS = ( 'http://tracker.archlinux.org:6969/announce', ) +DOMAIN_RE = r'^(.+\.)?archlinux.org$' + BRANDING_APPNAME = 'archweb' BRANDING_DISTRONAME = 'Arch Linux' BRANDING_SHORTNAME = 'Arch' -- cgit v1.2.3