diff --git a/flaschengeist/__init__.py b/flaschengeist/__init__.py index 1f13a7c..25564a2 100644 --- a/flaschengeist/__init__.py +++ b/flaschengeist/__init__.py @@ -3,18 +3,11 @@ Initialize app, CORS, database and add it to the application. """ -import yaml import logging import pkg_resources from pathlib import Path -from logging.config import dictConfig from werkzeug.local import LocalProxy __version__ = pkg_resources.get_distribution("flaschengeist").version _module_path = Path(__file__).parent -logger = LocalProxy(lambda: logging.getLogger(__name__)) - - -with (_module_path / "logging.yml").open(mode="rb") as file: - config = yaml.safe_load(file.read()) - logging.config.dictConfig(config) +logger = LocalProxy(lambda: logging.getLogger(__name__)) \ No newline at end of file diff --git a/flaschengeist/app.py b/flaschengeist/app.py index 32648f0..9d28eb4 100644 --- a/flaschengeist/app.py +++ b/flaschengeist/app.py @@ -38,14 +38,14 @@ def __load_plugins(app): for entry_point in pkg_resources.iter_entry_points("flaschengeist.plugin"): logger.debug("Found plugin: >{}<".format(entry_point.name)) plugin = None - if config.get(entry_point.name, "enabled", fallback=False): - plugin = entry_point.load()(config[entry_point.name] if config.has_section(entry_point.name) else {}) + if entry_point.name in config and config[entry_point.name].get("enabled", False): + plugin = entry_point.load()(config[entry_point.name]) if plugin.blueprint: app.register_blueprint(plugin.blueprint) logger.info("Load plugin >{}<".format(entry_point.name)) if isinstance(plugin, AuthPlugin): logger.debug("Found authentication plugin: %s", entry_point.name) - if entry_point.name == config["FLASCHENGEIST"]["AUTH"]: + if entry_point.name == config["FLASCHENGEIST"]["auth"]: app.config["FG_AUTH_BACKEND"] = plugin else: del plugin diff --git a/flaschengeist/flaschengeist.example.cfg b/flaschengeist/flaschengeist.example.toml similarity index 67% rename from flaschengeist/flaschengeist.example.cfg rename to flaschengeist/flaschengeist.example.toml index 938602c..093a9a8 100644 --- a/flaschengeist/flaschengeist.example.cfg +++ b/flaschengeist/flaschengeist.example.toml @@ -1,30 +1,27 @@ [FLASCHENGEIST] # Select authentication provider (builtin: auth_plain, auth_ldap) -AUTH = auth_plain +auth = "auth_plain" # Enable if you run flaschengeist behind a proxy, e.g. nginx + gunicorn -# PROXY = false +#proxy = false # Set root path, prefixes all routes -# ROOT = / +#root = / +# Set secret key +secret_key = "V3ryS3cr3t" + +[LOGGING] +file = "/tmp/flaschengeist-debug.log" +# DEBUG INFO WARNING ERROR +#level = "WARNING" [DATABASE] -USER = -HOST = -PASSWORD = -DATABASE = +user = "user" +host = "127.0.0.1" +password = "password" +database = "database" [auth_plain] enabled = true -#[mail] -# enabled = true -# SERVER = -# PORT = -# USER = -# PASSWORD = -# MAIL = -# SSL or STARTLS -# CRYPT = SSL - #[auth_ldap] # enabled = true # URL = @@ -38,8 +35,18 @@ enabled = true ############################ # Configuration of plugins # ############################ +#[mail] +# enabled = true +# SERVER = +# PORT = +# USER = +# PASSWORD = +# MAIL = +# SSL or STARTLS +# CRYPT = SSL + [geruecht] -enabled = true +enabled = false [schubu] enabled = false diff --git a/flaschengeist/logging.toml b/flaschengeist/logging.toml new file mode 100644 index 0000000..7ff7c08 --- /dev/null +++ b/flaschengeist/logging.toml @@ -0,0 +1,29 @@ +version = 1 +disable_existing_loggers = false + +[formatters] + [formatters.simple] + format = "%(asctime)s - %(name)s - %(message)s" + [formatters.extended] + format = "%(asctime)s — %(filename)s - %(funcName)s - %(lineno)d - %(threadName)s - %(name)s — %(levelname)s — %(message)s" + +[handlers] + [handlers.console] + class = "logging.StreamHandler" + level = "DEBUG" + formatter = "simple" + stream = "ext://sys.stdout" + [handlers.file] + class = "logging.handlers.WatchedFileHandler" + level = "WARNING" + formatter = "extended" + encoding = "utf8" + filename = "flaschengeist.log" + +[loggers] + [loggers.werkzeug] + level = "WARNING" + +[root] + level = "WARNING" + handlers = ["console"] \ No newline at end of file diff --git a/flaschengeist/logging.yml b/flaschengeist/logging.yml deleted file mode 100644 index ddb8341..0000000 --- a/flaschengeist/logging.yml +++ /dev/null @@ -1,31 +0,0 @@ -version: 1 -disable_existing_loggers: True - -formatters: - debug: - format: "%(asctime)s — %(filename)s - %(funcName)s - %(lineno)d - %(threadName)s - %(name)s — %(levelname)s — %(message)s" - - simple: - format: "%(asctime)s - %(name)s - %(message)s" - -handlers: - console: - class: logging.StreamHandler - level: DEBUG - formatter: debug - stream: ext://sys.stdout - - debug: - class: logging.handlers.WatchedFileHandler - level: DEBUG - formatter: debug - filename: flaschengeist-debug.log - encoding: utf8 - -loggers: - werkzeug: - level: WARNING - -root: - level: DEBUG - handlers: [console, debug] diff --git a/flaschengeist/modules/auth_ldap/__init__.py b/flaschengeist/modules/auth_ldap/__init__.py index 1ed906b..17fbe84 100644 --- a/flaschengeist/modules/auth_ldap/__init__.py +++ b/flaschengeist/modules/auth_ldap/__init__.py @@ -12,20 +12,18 @@ import flaschengeist.system.controller.userController as userController class AuthLDAP(AuthPlugin): - def __init__(self, config): + def __init__(self, cfg): super().__init__() - defaults = {"PORT": "389", "USE_SSL": "False"} - for name in defaults: - if name not in config: - config[name] = defaults[name] + config = {"PORT": 389, "USE_SSL": False} + config.update(cfg) app.config.update( LDAP_SERVER=config["URL"], - LDAP_PORT=config.getint("PORT"), + LDAP_PORT=config["PORT"], LDAP_BINDDN=config["BINDDN"], LDAP_USE_TLS=False, - LDAP_USE_SSL=config.getboolean("USE_SSL"), + LDAP_USE_SSL=config["USE_SSL"], LDAP_TLS_VERSION=ssl.PROTOCOL_TLSv1_2, LDAP_REQUIRE_CERT=ssl.CERT_NONE, FORCE_ATTRIBUTE_VALUE_AS_LIST=True, @@ -34,8 +32,9 @@ class AuthLDAP(AuthPlugin): app.config["LDAP_SECRET"] = (config["SECRET"],) self.ldap = LDAPConn(app) self.dn = config["BASEDN"] - self.admin_dn = config["ADMIN_DN"] - self.admin_secret = config["ADMIN_SECRET"] + if "ADMIN_DN" in config: + self.admin_dn = config["ADMIN_DN"] + self.admin_secret = config["ADMIN_SECRET"] def login(self, user, password): if not user: diff --git a/flaschengeist/system/config.py b/flaschengeist/system/config.py index d4b9978..fa6aae3 100644 --- a/flaschengeist/system/config.py +++ b/flaschengeist/system/config.py @@ -1,44 +1,55 @@ +import logging.config import os -import configparser +import toml from pathlib import Path from werkzeug.middleware.proxy_fix import ProxyFix from .. import _module_path, logger -default = {"MAIL": {"CRYPT": "SSL/STARTLS"}} - -config = configparser.ConfigParser() -config.read_dict(default) +# Default config: +config = {} paths = [_module_path, Path.home() / ".config"] if "FLASCHENGEIST_CONF" in os.environ: paths.append(Path(os.environ.get("FLASCHENGEIST_CONF"))) for loc in paths: try: - with (loc / "flaschengeist.cfg").open() as source: + with (loc / "flaschengeist.toml").open() as source: logger.info("Reading config file from >{}<".format(loc)) - config.read_file(source) + config.update(toml.load(source)) except IOError: pass - # Always enable this builtin plugins! -config.read_dict({"auth": {"enabled": True}, "roles": {"enabled": True}, "users": {"enabled": True}}) +config.update({"auth": {"enabled": True}, "roles": {"enabled": True}, "users": {"enabled": True}}) def configure_app(app): - if not config.has_option("FLASCHENGEIST", "SECRET_KEY"): + logger_config = toml.load(_module_path / "logging.toml") + if "LOGGING" in config: + if "level" in config["LOGGING"]: + logger_config["loggers"]["flaschengeist"] = {"level": config["LOGGING"]["level"]} + if "file" in config["LOGGING"]: + logger_config["root"]["handlers"].append("file") + logger_config["handlers"]["file"]["filename"] = config["LOGGING"]["file"] + path = Path(config["LOGGING"]["file"]) + path.parent.mkdir(parents=True, exist_ok=True) + logging.config.dictConfig(logger_config) + + if "secret_key" not in config["FLASCHENGEIST"]: logger.warn("No secret key was configured, please configure one for production systems!") - app.config["SECRET_KEY"] = config.get("FLASCHENGEIST", "SECRET_KEY", fallback="0a657b97ef546da90b2db91862ad4e29") + app.config["SECRET_KEY"] = "0a657b97ef546da90b2db91862ad4e29" + else: + app.config["SECRET_KEY"] = config["FLASCHENGEIST"]["secret_key"] app.config["SQLALCHEMY_DATABASE_URI"] = "mysql://{user}:{passwd}@{host}/{database}".format( - user=config["DATABASE"]["USER"], - passwd=config["DATABASE"]["PASSWORD"], - host=config["DATABASE"]["HOST"], - database=config["DATABASE"]["DATABASE"], + user=config["DATABASE"]["user"], + passwd=config["DATABASE"]["password"], + host=config["DATABASE"]["host"], + database=config["DATABASE"]["database"] ) app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False - if config.has_option("FLASCHENGEIST", "ROOT"): - logger.debug("Setting application root to >{}<".format(config["FLASCHENGEIST"]["ROOT"])) - app.config["APPLICATION_ROOT"] = config["FLASCHENGEIST"]["ROOT"] - if config.getboolean("FLASCHENGEIST", "PROXY", fallback=False): + if "root" in config["FLASCHENGEIST"]: + logger.debug("Setting application root to >{}<".format(config["FLASCHENGEIST"]["root"])) + app.config["APPLICATION_ROOT"] = config["FLASCHENGEIST"]["root"] + if config["FLASCHENGEIST"].get("proxy", False): logger.debug("Fixing wsgi_app for using behind a proxy server") app.wsgi_app = ProxyFix(app.wsgi_app, x_proto=1, x_host=1)