bstein/ariadne
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ariadne/ariadne/settings.py

248 lines
11 KiB
Python
Raw Blame History

from __future__ import annotations
from dataclasses import dataclass
import os
def _env(name: str, default: str = "") -> str:
value = os.getenv(name, default)
return value.strip() if isinstance(value, str) else default
def _env_bool(name: str, default: str = "false") -> bool:
return _env(name, default).lower() in {"1", "true", "yes", "y", "on"}
def _env_int(name: str, default: int) -> int:
raw = _env(name, str(default))
try:
return int(raw)
except ValueError:
return default
def _env_float(name: str, default: float) -> float:
raw = _env(name, str(default))
try:
return float(raw)
except ValueError:
return default
@dataclass(frozen=True)
class Settings:
app_name: str
bind_host: str
bind_port: int
portal_database_url: str
portal_public_base_url: str
log_level: str
keycloak_url: str
keycloak_realm: str
keycloak_client_id: str
keycloak_issuer: str
keycloak_jwks_url: str
keycloak_admin_url: str
keycloak_admin_realm: str
keycloak_admin_client_id: str
keycloak_admin_client_secret: str
portal_admin_users: list[str]
portal_admin_groups: list[str]
account_allowed_groups: list[str]
allowed_flag_groups: list[str]
default_user_groups: list[str]
mailu_domain: str
mailu_sync_url: str
mailu_sync_wait_timeout_sec: float
mailu_mailbox_wait_timeout_sec: float
mailu_db_host: str
mailu_db_port: int
mailu_db_name: str
mailu_db_user: str
mailu_db_password: str
nextcloud_namespace: str
nextcloud_mail_sync_cronjob: str
nextcloud_mail_sync_wait_timeout_sec: float
nextcloud_mail_sync_job_ttl_sec: int
wger_namespace: str
wger_user_sync_cronjob: str
wger_user_sync_wait_timeout_sec: float
wger_admin_cronjob: str
firefly_namespace: str
firefly_user_sync_cronjob: str
firefly_user_sync_wait_timeout_sec: float
vault_namespace: str
vault_k8s_auth_cronjob: str
vault_oidc_cronjob: str
vault_job_wait_timeout_sec: float
comms_namespace: str
comms_guest_name_cronjob: str
comms_pin_invite_cronjob: str
comms_reset_room_cronjob: str
comms_seed_room_cronjob: str
comms_job_wait_timeout_sec: float
vaultwarden_namespace: str
vaultwarden_pod_label: str
vaultwarden_pod_port: int
vaultwarden_service_host: str
vaultwarden_admin_secret_name: str
vaultwarden_admin_secret_key: str
vaultwarden_admin_session_ttl_sec: float
vaultwarden_admin_rate_limit_backoff_sec: float
vaultwarden_retry_cooldown_sec: float
vaultwarden_failure_bailout: int
smtp_host: str
smtp_port: int
smtp_username: str
smtp_password: str
smtp_starttls: bool
smtp_use_tls: bool
smtp_from: str
smtp_timeout_sec: float
welcome_email_enabled: bool
provision_poll_interval_sec: float
provision_retry_cooldown_sec: float
schedule_tick_sec: float
k8s_api_timeout_sec: float
mailu_sync_cron: str
nextcloud_sync_cron: str
vaultwarden_sync_cron: str
wger_admin_cron: str
vault_k8s_auth_cron: str
vault_oidc_cron: str
comms_guest_name_cron: str
comms_pin_invite_cron: str
comms_reset_room_cron: str
comms_seed_room_cron: str
keycloak_profile_cron: str
metrics_path: str
@classmethod
def from_env(cls) -> "Settings":
keycloak_url = _env("KEYCLOAK_URL", "https://sso.bstein.dev").rstrip("/")
keycloak_realm = _env("KEYCLOAK_REALM", "atlas")
keycloak_client_id = _env("KEYCLOAK_CLIENT_ID", "bstein-dev-home")
keycloak_issuer = _env("KEYCLOAK_ISSUER", f"{keycloak_url}/realms/{keycloak_realm}").rstrip("/")
keycloak_jwks_url = _env("KEYCLOAK_JWKS_URL", f"{keycloak_issuer}/protocol/openid-connect/certs").rstrip("/")
admin_users = [u for u in (_env("PORTAL_ADMIN_USERS", "bstein")).split(",") if u.strip()]
admin_groups = [g for g in (_env("PORTAL_ADMIN_GROUPS", "admin")).split(",") if g.strip()]
allowed_groups = [g for g in (_env("ACCOUNT_ALLOWED_GROUPS", "dev,admin")).split(",") if g.strip()]
flag_groups = [g for g in (_env("ALLOWED_FLAG_GROUPS", "demo,test")).split(",") if g.strip()]
default_groups = [g for g in (_env("DEFAULT_USER_GROUPS", "dev")).split(",") if g.strip()]
mailu_db_port = _env_int("MAILU_DB_PORT", 5432)
mailu_domain = _env("MAILU_DOMAIN", "bstein.dev")
smtp_port = _env_int("SMTP_PORT", 25)
return cls(
app_name=_env("ARIADNE_APP_NAME", "ariadne"),
bind_host=_env("ARIADNE_BIND_HOST", "0.0.0.0"),
bind_port=_env_int("ARIADNE_BIND_PORT", 8080),
portal_database_url=_env("PORTAL_DATABASE_URL", ""),
portal_public_base_url=_env("PORTAL_PUBLIC_BASE_URL", "https://bstein.dev").rstrip("/"),
log_level=_env("ARIADNE_LOG_LEVEL", "INFO"),
keycloak_url=keycloak_url,
keycloak_realm=keycloak_realm,
keycloak_client_id=keycloak_client_id,
keycloak_issuer=keycloak_issuer,
keycloak_jwks_url=keycloak_jwks_url,
keycloak_admin_url=_env("KEYCLOAK_ADMIN_URL", keycloak_url).rstrip("/"),
keycloak_admin_realm=_env("KEYCLOAK_ADMIN_REALM", keycloak_realm),
keycloak_admin_client_id=_env("KEYCLOAK_ADMIN_CLIENT_ID", ""),
keycloak_admin_client_secret=_env("KEYCLOAK_ADMIN_CLIENT_SECRET", ""),
portal_admin_users=admin_users,
portal_admin_groups=admin_groups,
account_allowed_groups=allowed_groups,
allowed_flag_groups=flag_groups,
default_user_groups=default_groups,
mailu_domain=mailu_domain,
mailu_sync_url=_env(
"MAILU_SYNC_URL",
"http://mailu-sync-listener.mailu-mailserver.svc.cluster.local:8080/events",
).rstrip("/"),
mailu_sync_wait_timeout_sec=_env_float("MAILU_SYNC_WAIT_TIMEOUT_SEC", 60.0),
mailu_mailbox_wait_timeout_sec=_env_float("MAILU_MAILBOX_WAIT_TIMEOUT_SEC", 60.0),
mailu_db_host=_env("MAILU_DB_HOST", "postgres-service.postgres.svc.cluster.local"),
mailu_db_port=mailu_db_port,
mailu_db_name=_env("MAILU_DB_NAME", "mailu"),
mailu_db_user=_env("MAILU_DB_USER", "mailu"),
mailu_db_password=_env("MAILU_DB_PASSWORD", ""),
nextcloud_namespace=_env("NEXTCLOUD_NAMESPACE", "nextcloud"),
nextcloud_mail_sync_cronjob=_env("NEXTCLOUD_MAIL_SYNC_CRONJOB", "nextcloud-mail-sync"),
nextcloud_mail_sync_wait_timeout_sec=_env_float("NEXTCLOUD_MAIL_SYNC_WAIT_TIMEOUT_SEC", 90.0),
nextcloud_mail_sync_job_ttl_sec=_env_int("NEXTCLOUD_MAIL_SYNC_JOB_TTL_SEC", 3600),
wger_namespace=_env("WGER_NAMESPACE", "health"),
wger_user_sync_cronjob=_env("WGER_USER_SYNC_CRONJOB", "wger-user-sync"),
wger_user_sync_wait_timeout_sec=_env_float("WGER_USER_SYNC_WAIT_TIMEOUT_SEC", 60.0),
wger_admin_cronjob=_env("WGER_ADMIN_CRONJOB", "wger-admin-ensure"),
firefly_namespace=_env("FIREFLY_NAMESPACE", "finance"),
firefly_user_sync_cronjob=_env("FIREFLY_USER_SYNC_CRONJOB", "firefly-user-sync"),
firefly_user_sync_wait_timeout_sec=_env_float("FIREFLY_USER_SYNC_WAIT_TIMEOUT_SEC", 90.0),
vault_namespace=_env("VAULT_NAMESPACE", "vault"),
vault_k8s_auth_cronjob=_env("VAULT_K8S_AUTH_CRONJOB", "vault-k8s-auth-config"),
vault_oidc_cronjob=_env("VAULT_OIDC_CRONJOB", "vault-oidc-config"),
vault_job_wait_timeout_sec=_env_float("VAULT_JOB_WAIT_TIMEOUT_SEC", 120.0),
comms_namespace=_env("COMMS_NAMESPACE", "comms"),
comms_guest_name_cronjob=_env("COMMS_GUEST_NAME_CRONJOB", "guest-name-randomizer"),
comms_pin_invite_cronjob=_env("COMMS_PIN_INVITE_CRONJOB", "pin-othrys-invite"),
comms_reset_room_cronjob=_env("COMMS_RESET_ROOM_CRONJOB", "othrys-room-reset"),
comms_seed_room_cronjob=_env("COMMS_SEED_ROOM_CRONJOB", "seed-othrys-room"),
comms_job_wait_timeout_sec=_env_float("COMMS_JOB_WAIT_TIMEOUT_SEC", 60.0),
vaultwarden_namespace=_env("VAULTWARDEN_NAMESPACE", "vaultwarden"),
vaultwarden_pod_label=_env("VAULTWARDEN_POD_LABEL", "app=vaultwarden"),
vaultwarden_pod_port=_env_int("VAULTWARDEN_POD_PORT", 80),
vaultwarden_service_host=_env(
"VAULTWARDEN_SERVICE_HOST",
"vaultwarden-service.vaultwarden.svc.cluster.local",
),
vaultwarden_admin_secret_name=_env("VAULTWARDEN_ADMIN_SECRET_NAME", "vaultwarden-admin"),
vaultwarden_admin_secret_key=_env("VAULTWARDEN_ADMIN_SECRET_KEY", "ADMIN_TOKEN"),
vaultwarden_admin_session_ttl_sec=_env_float("VAULTWARDEN_ADMIN_SESSION_TTL_SEC", 300.0),
vaultwarden_admin_rate_limit_backoff_sec=_env_float("VAULTWARDEN_ADMIN_RATE_LIMIT_BACKOFF_SEC", 600.0),
vaultwarden_retry_cooldown_sec=_env_float("VAULTWARDEN_RETRY_COOLDOWN_SEC", 1800.0),
vaultwarden_failure_bailout=_env_int("VAULTWARDEN_FAILURE_BAILOUT", 2),
smtp_host=_env("SMTP_HOST", ""),
smtp_port=smtp_port,
smtp_username=_env("SMTP_USERNAME", ""),
smtp_password=_env("SMTP_PASSWORD", ""),
smtp_starttls=_env_bool("SMTP_STARTTLS", "false"),
smtp_use_tls=_env_bool("SMTP_USE_TLS", "false"),
smtp_from=_env("SMTP_FROM", f"postmaster@{mailu_domain}"),
smtp_timeout_sec=_env_float("SMTP_TIMEOUT_SEC", 10.0),
welcome_email_enabled=_env_bool("WELCOME_EMAIL_ENABLED", "true"),
provision_poll_interval_sec=_env_float("ARIADNE_PROVISION_POLL_INTERVAL_SEC", 5.0),
provision_retry_cooldown_sec=_env_float("ARIADNE_PROVISION_RETRY_COOLDOWN_SEC", 30.0),
schedule_tick_sec=_env_float("ARIADNE_SCHEDULE_TICK_SEC", 5.0),
k8s_api_timeout_sec=_env_float("K8S_API_TIMEOUT_SEC", 5.0),
mailu_sync_cron=_env("ARIADNE_SCHEDULE_MAILU_SYNC", "30 4 * * *"),
nextcloud_sync_cron=_env("ARIADNE_SCHEDULE_NEXTCLOUD_SYNC", "0 5 * * *"),
vaultwarden_sync_cron=_env("ARIADNE_SCHEDULE_VAULTWARDEN_SYNC", "*/15 * * * *"),
wger_admin_cron=_env("ARIADNE_SCHEDULE_WGER_ADMIN", "15 3 * * *"),
vault_k8s_auth_cron=_env("ARIADNE_SCHEDULE_VAULT_K8S_AUTH", "*/15 * * * *"),
vault_oidc_cron=_env("ARIADNE_SCHEDULE_VAULT_OIDC", "*/15 * * * *"),
comms_guest_name_cron=_env("ARIADNE_SCHEDULE_COMMS_GUEST_NAME", "*/1 * * * *"),
comms_pin_invite_cron=_env("ARIADNE_SCHEDULE_COMMS_PIN_INVITE", "*/30 * * * *"),
comms_reset_room_cron=_env("ARIADNE_SCHEDULE_COMMS_RESET_ROOM", "0 0 1 1 *"),
comms_seed_room_cron=_env("ARIADNE_SCHEDULE_COMMS_SEED_ROOM", "*/10 * * * *"),
keycloak_profile_cron=_env("ARIADNE_SCHEDULE_KEYCLOAK_PROFILE", "0 */6 * * *"),
metrics_path=_env("METRICS_PATH", "/metrics"),
)
settings = Settings.from_env()
Reference in New Issue View Git Blame Copy Permalink