Project

General

Profile

Actions

Task #10411

open

Migrate ula.ungleich.ch into Kubernetes and upgrade it to latest Django

Added by Nico Schottelius over 2 years ago. Updated over 2 years ago.

Status:
In Progress
Priority:
Normal
Target version:
-
Start date:
03/19/2022
Due date:
% Done:

0%

Estimated time:
PM Check date:
Actions #1

Updated by Nico Schottelius over 2 years ago

Upgrade


WARNINGS:
ipv6ula.ULA: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'.
    HINT: Configure the DEFAULT_AUTO_FIELD setting or the UbookmarkConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'.
ipv6ula.User: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'.
    HINT: Configure the DEFAULT_AUTO_FIELD setting or the UbookmarkConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'.

System check identified 2 issues (0 silenced).

----------------------------------------------------------------------
Ran 0 tests in 0.000s

OK

Adding

DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'

And tests are ok:

(venv) [19:38] bridge:ipv6ula% python manage.py test
Found 0 test(s).
System check identified no issues (0 silenced).

----------------------------------------------------------------------
Ran 0 tests in 0.000s

OK
(venv) [19:38] bridge:ipv6ula% 

Actions #2

Updated by Nico Schottelius over 2 years ago

Migrate to k8s

The local_settings.py contains:

import ldap
from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion

ALLOWED_HOSTS = [ '*' ]

AUTH_LDAP_SERVER_URI="ldaps://ldap1.ungleich.ch,ldaps://ldap2.ungleich.ch" 
AUTH_LDAP_BIND_DN="..." 
AUTH_LDAP_BIND_PASSWORD="...." 
AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)")

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql',
        'NAME': 'app'
    }
}

Solutions/k8s integrations

Move settings towards environment variables

  • Import ldap by default (settings.py)
  • Read the following variables from env:
    • ALLOWED_HOSTS
    • DEBUG
    • AUTH_LDAP_SERVER_URI, AUTH_LDAP_BIND_DN, AUTH_LDAP_BIND_PASSWORD, AUTH_LDAP_USER_SEARCH
  • Add/inject postgresql variables

Very app specific, but easily possible.

A more generic way

  • Define postgresql = default db
  • Supply postgresql config as /db.py or similar
  • If the project includes secret.py, decrypt it using sealed-secrets or sops or similar
Actions

Also available in: Atom PDF