Mathis/allianceauth
1
0
Fork 0
mirror of https://gitlab.com/allianceauth/allianceauth.git synced 2025-07-09 12:30:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'v4.x' of https://gitlab.com/allianceauth/allianceauth into v4-bumps

Browse Source
This commit is contained in:
Ariel Rin 2023-05-03 12:24:46 +10:00
commit 2b7d24fc28
No known key found for this signature in database
GPG Key ID: 078FB6C6B214CAB3
59 changed files with 8906 additions and 5708 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@ -69,11 +69,7 @@ celerybeat-schedule
#gitlab configs
.gitlab/
#transifex
.tx/
#other
.flake8
.pylintrc
Makefile
.isort.cfg

29
.gitlab-ci.yml
View File

@ -89,7 +89,7 @@ test-3.10-core:
test-3.11-core:
<<: *only-default
image: python:3.11-rc-bullseye
image: python:3.11-bullseye
script:
- tox -e py311-core
artifacts:
@ -98,6 +98,18 @@ test-3.11-core:
coverage_report:
coverage_format: cobertura
path: coverage.xml
test-pvpy-core:
<<: *only-default
image: pypy:3.9-bullseye
script:
- tox -e pypy-all
artifacts:
when: always
reports:
coverage_report:
coverage_format: cobertura
path: coverage.xml
allow_failure: true
test-3.12-core:
@ -151,7 +163,7 @@ test-3.10-all:
test-3.11-all:
<<: *only-default
image: python:3.11-rc-bullseye
image: python:3.11-bullseye
script:
- tox -e py311-all
artifacts:
@ -160,6 +172,19 @@ test-3.11-all:
coverage_report:
coverage_format: cobertura
path: coverage.xml
coverage: '/(?i)total.*? (100(?:\.0+)?\%|[1-9]?\d(?:\.\d+)?\%)$/'
test-pvpy-all:
<<: *only-default
image: pypy:3.9-bullseye
script:
- tox -e pypy-all
artifacts:
when: always
reports:
coverage_report:
coverage_format: cobertura
path: coverage.xml
allow_failure: true
test-3.12-all:

6
.isort.cfg Normal file
View File

@ -0,0 +1,6 @@
[settings]
profile=django
sections=FUTURE,STDLIB,THIRDPARTY,DJANGO,ESI,FIRSTPARTY,LOCALFOLDER
known_esi=esi
known_django=django
skip_gitignore=true

36
.pre-commit-config.yaml
View File

@ -5,7 +5,7 @@
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.3.0
rev: v4.4.0
hooks:
- id: check-case-conflict
- id: check-json
@ -13,27 +13,49 @@ repos:
- id: check-yaml
- id: fix-byte-order-marker
- id: trailing-whitespace
exclude: (\.min\.css|\.min\.js|\.mo|\.po|swagger\.json)$
exclude: |
(?x)(
\.min\.css|
\.min\.js|
\.po|
\.mo|
swagger\.json
)
- id: end-of-file-fixer
exclude: (\.min\.css|\.min\.js|\.mo|\.po|swagger\.json)$
exclude: |
(?x)(
\.min\.css|
\.min\.js|
\.po|
\.mo|
swagger\.json
)
- id: mixed-line-ending
args: [ '--fix=lf' ]
- id: fix-encoding-pragma
args: [ '--remove' ]
- repo: https://github.com/editorconfig-checker/editorconfig-checker.python
rev: 2.4.0
rev: 2.7.1
hooks:
- id: editorconfig-checker
exclude: ^(LICENSE|allianceauth\/static\/allianceauth\/css\/themes\/bootstrap-locals.less|allianceauth\/eveonline\/swagger.json|(.*.po)|(.*.mo))
exclude: |
(?x)(
LICENSE|
allianceauth\/static\/allianceauth\/css\/themes\/bootstrap-locals.less|
\.po|
\.mo|
swagger\.json
)
- repo: https://github.com/asottile/pyupgrade
rev: v2.34.0
rev: v3.3.1
hooks:
- id: pyupgrade
args: [ --py38-plus ]
- repo: https://github.com/asottile/setup-cfg-fmt
rev: v1.20.1
rev: v2.2.0
hooks:
- id: setup-cfg-fmt
args: [ --include-version-classifiers ]

10
.tx/config Normal file
View File

@ -0,0 +1,10 @@
[main]
host = https://www.transifex.com
lang_map = zh-Hans: zh_Hans
[o:alliance-auth:p:alliance-auth:r:django-po]
file_filter = allianceauth/locale/<lang>/LC_MESSAGES/django.po
source_file = allianceauth/locale/en/LC_MESSAGES/django.po
source_lang = en
type = PO
minimum_perc = 0

10
.tx/config_20230406134150.bak Executable file
View File

@ -0,0 +1,10 @@
[main]
host = https://www.transifex.com
lang_map = zh-Hans:zh_Hans
[alliance-auth.django-po]
file_filter = allianceauth/locale/<lang>/LC_MESSAGES/django.po
minimum_perc = 0
source_file = allianceauth/locale/en/LC_MESSAGES/django.po
source_lang = en
type = PO

6
README.md
View File

@ -36,7 +36,7 @@ Main features:
- Can be easily extended with additional services and apps. Many are provided by the community and can be found here: [Community Creations](https://gitlab.com/allianceauth/community-creations)
- English :flag_gb:, Chinese :flag_cn:, German :flag_de:, Spanish :flag_es:, Korean :flag_kr: and Russian :flag_ru: localization
- English :flag_gb:, Chinese :flag_cn:, German :flag_de:, Spanish :flag_es:, Korean :flag_kr:, Russian :flag_ru:, Italian :flag_it:, French :flag_fr:, Japanese :flag_jp: and Ukrainian :flag_ua: Localization
For further details about AA - including an installation guide and a full list of included services and plugin apps - please see the [official documentation](http://allianceauth.rtfd.io).
@ -56,13 +56,15 @@ Here is an example of the Alliance Auth web site with some plug-ins apps and ser
- [Aaron Kable](https://gitlab.com/aaronkable/)
- [Ariel Rin](https://gitlab.com/soratidus999/)
- [Basraah](https://gitlab.com/basraah/)
- [Col Crunch](https://gitlab.com/colcrunch/)
- [Erik Kalkoken](https://gitlab.com/ErikKalkoken/)
- [Rounon Dax](https://gitlab.com/ppfeufer)
- [snipereagle1](https://gitlab.com/mckernanin)
### Former Developers
- [Adarnof](https://gitlab.com/adarnof/)
- [Basraah](https://gitlab.com/basraah/)
### Beta Testers / Bug Fixers

2
allianceauth/__init__.py
View File

@ -1,7 +1,7 @@
# This will make sure the app is always imported when
# Django starts so that shared_task will use this app.
__version__ = '3.1.1'
__version__ = '3.4.0'
__title__ = 'Alliance Auth'
__url__ = 'https://gitlab.com/allianceauth/allianceauth'
NAME = f'{__title__} v{__version__}'

18
allianceauth/authentication/backends.py
View File

@ -2,6 +2,7 @@ import logging
from django.contrib.auth.backends import ModelBackend
from django.contrib.auth.models import User, Permission
from django.contrib import messages
from .models import UserProfile, CharacterOwnership, OwnershipRecord
@ -37,7 +38,13 @@ class StateBackend(ModelBackend):
ownership = CharacterOwnership.objects.get(character__character_id=token.character_id)
if ownership.owner_hash == token.character_owner_hash:
logger.debug(f'Authenticating {ownership.user} by ownership of character {token.character_name}')
if ownership.user.profile.main_character:
if ownership.user.profile.main_character.character_id == token.character_id:
return ownership.user
else: ## this is an alt, enforce main only.
if request:
messages.error("Unable to authenticate with this Character, Please log in with the main character associated with this account.")
return None
else:
logger.debug(f'{token.character_name} has changed ownership. Creating new user account.')
ownership.delete()
@ -57,11 +64,18 @@ class StateBackend(ModelBackend):
if records.exists():
# we've seen this character owner before. Re-attach to their old user account
user = records[0].user
if user.profile.main_character:
if ownership.user.profile.main_character.character_id != token.character_id:
## this is an alt, enforce main only due to trust issues in SSO.
if request:
messages.error("Unable to authenticate with this Character, Please log in with the main character associated with this account. Then add this character from the dashboard.")
return None
token.user = user
co = CharacterOwnership.objects.create_by_token(token)
logger.debug(f'Authenticating {user} by matching owner hash record of character {co.character}')
if not user.profile.main_character:
# set this as their main by default if they have none
# set this as their main by default as they have none
user.profile.main_character = co.character
user.profile.save()
return user

62
allianceauth/authentication/templates/authentication/tokens.html Normal file
View File

@ -0,0 +1,62 @@
{% extends "allianceauth/base.html" %}
{% load i18n %}
{% block page_title %}{% translate "Dashboard" %}{% endblock %}
{% block content %}
<h1 class="page-header text-center">{% translate "Token Management" %}</h1>
<div class="col-sm-12">
<table class="table table-aa" id="table_tokens" style="width:100%">
<thead>
<tr>
<th>{% translate "Scopes" %}</th>
<th class="text-right">{% translate "Actions" %}</th>
<th>{% translate "Character" %}</th>
</tr>
</thead>
<tbody>
{% for t in tokens %}
<tr>
<td styl="white-space:initial;">{% for s in t.scopes.all %}<span class="label label-default">{{s.name}}</span> {% endfor %}</td>
<td nowrap class="text-right"><a href="{% url 'authentication:token_delete' t.id %}" class="btn btn-danger"><i class="fas fa-trash"></i></a> <a href="{% url 'authentication:token_refresh' t.id %}" class="btn btn-success"><i class="fas fa-sync-alt"></i></a></td>
<td>{{t.character_name}}</td>
</tr>
{% endfor %}
</tbody>
</table>
{% translate "This page is a best attempt, but backups or database logs can still contain your tokens. Always revoke tokens on https://community.eveonline.com/support/third-party-applications/ where possible."|urlize %}
</div>
{% endblock %}
{% block extra_javascript %}
{% include 'bundles/datatables-js.html' %}
{% endblock %}
{% block extra_css %}
{% include 'bundles/datatables-css.html' %}
{% endblock %}
{% block extra_script %}
$(document).ready(function(){
let grp = 2;
var table = $('#table_tokens').DataTable({
"columnDefs": [{ orderable: false, targets: [0,1] },{ "visible": false, "targets": grp }],
"order": [[grp, 'asc']],
"drawCallback": function (settings) {
var api = this.api();
var rows = api.rows({ page: 'current' }).nodes();
var last = null;
api.column(grp, { page: 'current' })
.data()
.each(function (group, i) {
if (last !== group) {
$(rows).eq(i).before('<tr class="info"><td colspan="3">' + group + '</td></tr>');
last = group;
}
});
},
"stateSave": true,
});
});
{% endblock %}

2
allianceauth/authentication/templates/public/lang_select.html
View File

@ -6,7 +6,7 @@
{% get_language_info_list for LANGUAGES as languages %}
{% for language in languages %}
<option value="{{ language.code }}"{% if language.code == LANGUAGE_CODE %} selected="selected"{% endif %}>
{{ language.name_local }} ({{ language.code }})
{{ language.name_local|capfirst }} ({{ language.code }})
</option>
{% endfor %}
</select>

17
allianceauth/authentication/tests/test_backend.py
View File

@ -116,10 +116,17 @@ class TestAuthenticate(TestCase):
user = StateBackend().authenticate(token=t)
self.assertEqual(user, self.user)
""" Alt Login disabled
def test_authenticate_alt_character(self):
t = Token(character_id=self.alt_character.character_id, character_owner_hash='2')
user = StateBackend().authenticate(token=t)
self.assertEqual(user, self.user)
"""
def test_authenticate_alt_character_fail(self):
t = Token(character_id=self.alt_character.character_id, character_owner_hash='2')
user = StateBackend().authenticate(token=t)
self.assertEqual(user, None)
def test_authenticate_unclaimed_character(self):
t = Token(character_id=self.unclaimed_character.character_id, character_name=self.unclaimed_character.character_name, character_owner_hash='3')
@ -128,6 +135,7 @@ class TestAuthenticate(TestCase):
self.assertEqual(user.username, 'Unclaimed_Character')
self.assertEqual(user.profile.main_character, self.unclaimed_character)
""" Alt Login disabled
def test_authenticate_character_record(self):
t = Token(character_id=self.unclaimed_character.character_id, character_name=self.unclaimed_character.character_name, character_owner_hash='4')
OwnershipRecord.objects.create(user=self.old_user, character=self.unclaimed_character, owner_hash='4')
@ -135,6 +143,15 @@ class TestAuthenticate(TestCase):
self.assertEqual(user, self.old_user)
self.assertTrue(CharacterOwnership.objects.filter(owner_hash='4', user=self.old_user).exists())
self.assertTrue(user.profile.main_character)
"""
def test_authenticate_character_record_fails(self):
t = Token(character_id=self.unclaimed_character.character_id, character_name=self.unclaimed_character.character_name, character_owner_hash='4')
OwnershipRecord.objects.create(user=self.old_user, character=self.unclaimed_character, owner_hash='4')
user = StateBackend().authenticate(token=t)
self.assertEqual(user, self.old_user)
self.assertTrue(CharacterOwnership.objects.filter(owner_hash='4', user=self.old_user).exists())
self.assertTrue(user.profile.main_character)
def test_iterate_username(self):
t = Token(character_id=self.unclaimed_character.character_id,

15
allianceauth/authentication/urls.py
View File

@ -22,5 +22,20 @@ urlpatterns = [
views.add_character,
name='add_character'
),
path(
'account/tokens/manage/',
views.token_management,
name='token_management'
),
path(
'account/tokens/delete/<int:token_id>',
views.token_delete,
name='token_delete'
),
path(
'account/tokens/refresh/<int:token_id>',
views.token_refresh,
name='token_refresh'
),
path('dashboard/', views.dashboard, name='dashboard'),
]

38
allianceauth/authentication/views.py
View File

@ -61,6 +61,44 @@ def dashboard(request):
}
return render(request, 'authentication/dashboard.html', context)
@login_required
def token_management(request):
tokens = request.user.token_set.all()
context = {
'tokens': tokens
}
return render(request, 'authentication/tokens.html', context)
@login_required
def token_delete(request, token_id=None):
try:
token = Token.objects.get(id=token_id)
if request.user == token.user:
token.delete()
messages.success(request, "Token Deleted.")
else:
messages.error(request, "This token does not belong to you.")
except Token.DoesNotExist:
messages.warning(request, "Token does not exist")
return redirect('authentication:token_management')
@login_required
def token_refresh(request, token_id=None):
try:
token = Token.objects.get(id=token_id)
if request.user == token.user:
try:
token.refresh()
messages.success(request, "Token refreshed.")
except Exception as e:
messages.warning(request, f"Failed to refresh token. {e}")
else:
messages.error(request, "This token does not belong to you.")
except Token.DoesNotExist:
messages.warning(request, "Token does not exist")
return redirect('authentication:token_management')
@login_required
@token_required(scopes=settings.LOGIN_TOKEN_SCOPES)

12
allianceauth/eveonline/providers.py
View File

@ -8,6 +8,7 @@ from django.conf import settings
from esi.clients import esi_client_factory
from allianceauth import __version__
from allianceauth.utils.django import StartupCommand
SWAGGER_SPEC_PATH = os.path.join(os.path.dirname(
@ -175,15 +176,16 @@ class EveProvider:
class EveSwaggerProvider(EveProvider):
def __init__(self, token=None, adapter=None):
if settings.DEBUG:
if settings.DEBUG or StartupCommand().is_management_command:
self._client = None
logger.info(
'DEBUG mode detected: ESI client will be loaded on-demand.'
)
logger.info('ESI client will be loaded on-demand')
else:
logger.info('Loading ESI client')
try:
self._client = esi_client_factory(
token=token, spec_file=SWAGGER_SPEC_PATH, app_info_text=("allianceauth v" + __version__)
token=token,
spec_file=SWAGGER_SPEC_PATH,
app_info_text=f"allianceauth v{__version__}"
)
except (HTTPError, RefResolutionError):
logger.exception(

BIN
allianceauth/locale/de/LC_MESSAGES/django.mo
View File

Binary file not shown.

1141
allianceauth/locale/de/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

1125
allianceauth/locale/en/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
allianceauth/locale/es/LC_MESSAGES/django.mo
View File

Binary file not shown.

1401
allianceauth/locale/es/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
allianceauth/locale/fr_FR/LC_MESSAGES/django.mo
View File

Binary file not shown.

1218
allianceauth/locale/fr_FR/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
allianceauth/locale/it_IT/LC_MESSAGES/django.mo
View File

Binary file not shown.

1176
allianceauth/locale/it_IT/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
allianceauth/locale/ja/LC_MESSAGES/django.mo
View File

Binary file not shown.

1735
allianceauth/locale/ja/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
allianceauth/locale/ko_KR/LC_MESSAGES/django.mo
View File

Binary file not shown.

1134
allianceauth/locale/ko_KR/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
allianceauth/locale/ru/LC_MESSAGES/django.mo
View File

Binary file not shown.

1321
allianceauth/locale/ru/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
allianceauth/locale/uk/LC_MESSAGES/django.mo Normal file
View File

Binary file not shown.

2410
allianceauth/locale/uk/LC_MESSAGES/django.po Normal file
View File

File diff suppressed because it is too large Load Diff

BIN
allianceauth/locale/zh_Hans/LC_MESSAGES/django.mo
View File

Binary file not shown.

1128
allianceauth/locale/zh_Hans/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

20
allianceauth/project_template/project_name/settings/base.py
View File

@ -84,17 +84,17 @@ LOCALE_PATHS = (
os.path.join(BASE_DIR, 'locale/'),
)
ugettext = lambda s: s
LANGUAGES = (
('en', ugettext('English')),
('de', ugettext('German')),
('es', ugettext('Spanish')),
('zh-hans', ugettext('Chinese Simplified')),
('ru', ugettext('Russian')),
('ko', ugettext('Korean')),
('fr', ugettext('French')),
('ja', ugettext('Japanese')),
('it', ugettext('Italian')),
("en", "English"),
("de", "German"),
("es", "Spanish"),
("zh-hans", "Chinese Simplified"),
("ru", "Russian"),
("ko", "Korean"),
("fr", "French"),
("ja", "Japanese"),
("it", "Italian"),
("uk", "Ukrainian"),
)
TEMPLATES = [

9
allianceauth/services/modules/mumble/templates/services/mumble/mumble_service_ctrl.html
View File

@ -1,13 +1,16 @@
<tr>
<td class="text-center">{{ service_name }}</td>
<td class="text-center">{{ username }}</td>
<td class="text-center"><a href="mumble://{{ service_url }}">{{ service_url }}</a></td>
<td class="text-center">
{% if username == "" %}
<td class="text-center">{{ service_url }}</td>
<td class="text-center">
<a href="{% url 'mumble:activate' %}" title="Activate" class="btn btn-warning">
<span class="glyphicon glyphicon-ok"></span>
</a>
</td>
{% else %}
<td class="text-center"><a href="mumble://{{ connect_url }}">{{ service_url }}</a></td>
<td class="text-center">
<a href="{% url 'mumble:set_password' %}" title="Set Password" class="btn btn-warning">
<span class="glyphicon glyphicon-pencil"></span>
</a>
@ -20,6 +23,6 @@
<a href="mumble://{{ connect_url }}" class="btn btn-success" title="Connect">
<span class="glyphicon glyphicon-arrow-right"></span>
</a>
{% endif %}
</td>
{% endif %}
</tr>

2
allianceauth/services/modules/teamspeak3/tests.py
View File

@ -457,7 +457,7 @@ class Teamspeak3AdminTestCase(TestCase):
cls.site = AdminSite()
cls.admin = AuthTSgroupAdmin(AuthTS, cls.site)
cls.group = Group.objects.create(name='test')
cls.ts_group = TSgroup.objects.create(ts_group_name='test')
cls.ts_group = TSgroup.objects.create(ts_group_id=1, ts_group_name='test')
def test_field_queryset_no_reserved_names(self):
"""Ensure all groups are listed when no reserved names"""

8
allianceauth/templates/allianceauth/top-menu-user-dropdown.html
View File

@ -53,6 +53,14 @@
<!-- logout / login -->
<li role="separator" class="divider"></li>
{% if user.is_authenticated %}
<li>
<a href="{% url 'authentication:token_management' %}">
<i class="fas fa-user-lock"></i>
{% translate "Token Management" %}
</a>
</li>
<li role="separator" class="divider"></li>
<li><a href="{% url 'logout' %}">{% translate "Logout" %}</a></li>
{% else %}
<li><a href="{% url 'authentication:login' %}">{% translate "Login" %}</a></li>

2
allianceauth/templates/bundles/x-editable-js.html
View File

@ -1,3 +1,3 @@
<!-- Start X-editable JS from cdnjs -->
<<script src="https://cdnjs.cloudflare.com/ajax/libs/x-editable/1.5.1/bootstrap3-editable/js/bootstrap-editable.min.js" integrity="sha512-Mvqhe3YIUElH6VT0CFmUeRgYMrLvCGd2mvYCnJOf2nL9FvRBK74qRgTn7u0zSqA5cHiGxy83bwuhl1ASbS9M/w==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/x-editable/1.5.1/bootstrap3-editable/js/bootstrap-editable.min.js" integrity="sha512-Mvqhe3YIUElH6VT0CFmUeRgYMrLvCGd2mvYCnJOf2nL9FvRBK74qRgTn7u0zSqA5cHiGxy83bwuhl1ASbS9M/w==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<!-- End X-editable JS from cdnjs -->

3
allianceauth/templatetags/admin_status.py
View File

@ -4,8 +4,7 @@ from typing import Optional
import amqp.exceptions
import requests
from celery.app import app_or_default
from packaging.version import InvalidVersion
from packaging.version import Version as Pep440Version
from packaging.version import InvalidVersion, Version as Pep440Version
from django import template
from django.conf import settings

25
allianceauth/utils/django.py Normal file
View File

@ -0,0 +1,25 @@
import sys
from copy import copy
from pathlib import Path
class StartupCommand:
"""Information about the command this Django instance was started with."""
def __init__(self) -> None:
self._argv = copy(sys.argv)
@property
def argv(self) -> list:
"""Return raw list of command line arguments."""
return self._argv
@property
def script_name(self) -> str:
"""Return the base script name."""
path = Path(self._argv[0])
return path.name
@property
def is_management_command(self) -> bool:
return self.script_name == "manage.py"

25
allianceauth/utils/tests/test_django.py Normal file
View File

@ -0,0 +1,25 @@
from unittest.mock import patch
from django.test import TestCase
from allianceauth.utils.django import StartupCommand
MODULE_PATH = "allianceauth.utils.django"
class TestStartupCommand(TestCase):
def test_should_detect_management_command(self):
# when
with patch(MODULE_PATH + ".sys") as m:
m.argv = ["manage.py", "check"]
info = StartupCommand()
# then
self.assertTrue(info.is_management_command)
def test_should_detect_not_a_management_command(self):
# when
with patch(MODULE_PATH + ".sys") as m:
m.argv = ['/home/python/allianceauth-dev/venv/bin/gunicorn', 'myauth.wsgi']
info = StartupCommand()
# then
self.assertFalse(info.is_management_command)

2
docker/.env.example
View File

@ -1,7 +1,7 @@
PROTOCOL=https://
AUTH_SUBDOMAIN=%AUTH_SUBDOMAIN%
DOMAIN=%DOMAIN%
AA_DOCKER_TAG=registry.gitlab.com/allianceauth/allianceauth/auth:v3.1.1
AA_DOCKER_TAG=registry.gitlab.com/allianceauth/allianceauth/auth:v3.4.0
# Nginx Proxy Manager
PROXY_HTTP_PORT=80

14
docker/README.md
View File

@ -49,7 +49,11 @@ Using a custom docker image is the preferred approach, as it gives you the stabi
1. Add each additional package that you want to install to a single line in `conf/requirements.txt`. It is recommended, but not required, that you include a version number as well. This will keep your packages from magically updating. You can lookup packages on https://package.wiki, and copy everything after `pip install` from the top of the page to use the most recent version. It should look something like `allianceauth-signal-pings==0.0.7`. Every entry in this file should be on a separate line
1. In `docker-compose.yml`, comment out the `image` line under `allianceauth` (line 36... ish) and uncomment the `build` section
1. Now run `docker-compose --env-file=.env up -d`, your custom container will be built, and auth will have your new packages. Make sure to follow the package's instructions on config values that go in `local.py`
1. run `docker-compose --env-file=.env up -d`, your custom container will be built, and auth will have your new packages. Make sure to follow the package's instructions on config values that go in `local.py`
1. run `docker-compose exec allianceauth bash` to open up a terminal inside your auth container
1. run `allianceauth update myauth`
1. run `auth migrate`
1. run `auth collectstatic`
_NOTE: It is recommended that you put any secret values (API keys, database credentials, etc) in an environment variable instead of hardcoding them into `local.py`. This gives you the ability to track your config in git without committing passwords. To do this, just add it to your `.env` file, and then reference in `local.py` with `os.environ.get("SECRET_NAME")`_
@ -58,8 +62,12 @@ _NOTE: It is recommended that you put any secret values (API keys, database cred
### Base Image
Whether you're using a custom image or not, the version of auth is dictated by $AA_DOCKER_TAG in your `.env` file.
1. To update to a new version of auth, update the version number at the end (or replace the whole value with the tag in the release notes).
1. Next, run `docker-compose pull`
1. Finally, run `docker-compose --env-file=.env up -d`
1. run `docker-compose pull`
1. run `docker-compose --env-file=.env up -d`
1. run `docker-compose exec allianceauth bash` to open up a terminal inside your auth container
1. run `allianceauth update myauth`
1. run `auth migrate`
1. run `auth collectstatic`
_NOTE: If you specify a version of allianceauth in your `requirements.txt` in a custom image it will override the version from the base image. Not recommended unless you know what you're doing_

9
docker/conf/local.py
View File

@ -28,7 +28,9 @@ DATABASES["default"] = {
ESI_SSO_CLIENT_ID = os.environ.get("ESI_SSO_CLIENT_ID")
ESI_SSO_CLIENT_SECRET = os.environ.get("ESI_SSO_CLIENT_SECRET")
ESI_SSO_CALLBACK_URL = f"{SITE_URL}/sso/callback"
ESI_USER_CONTACT_EMAIL = os.environ.get("ESI_USER_CONTACT_EMAIL") # A server maintainer that CCP can contact in case of issues.
ESI_USER_CONTACT_EMAIL = os.environ.get(
"ESI_USER_CONTACT_EMAIL"
) # A server maintainer that CCP can contact in case of issues.
# By default emails are validated before new users can log in.
# It's recommended to use a free service like SparkPost or Elastic Email to send email.
@ -48,7 +50,6 @@ ROOT_URLCONF = "myauth.urls"
WSGI_APPLICATION = "myauth.wsgi.application"
STATIC_ROOT = "/var/www/myauth/static/"
BROKER_URL = f"redis://{os.environ.get('AA_REDIS', 'redis:6379')}/0"
CELERY_RESULT_BACKEND = f"redis://{os.environ.get('AA_REDIS', 'redis:6379')}/0"
CACHES = {
"default": {
"BACKEND": "django_redis.cache.RedisCache",
@ -66,11 +67,15 @@ INSTALLED_APPS += [
# 'allianceauth.permissions_tool',
# 'allianceauth.srp',
# 'allianceauth.timerboard',
# https://allianceauth.readthedocs.io/en/latest/features/services/index.html
# 'allianceauth.services.modules.discord',
# 'allianceauth.services.modules.discourse',
# 'allianceauth.services.modules.ips4',
# 'allianceauth.services.modules.openfire',
# 'allianceauth.services.modules.mumble',
# An example of running mumble with authenticator in docker can be found here
# https://github.com/Solar-Helix-Independent-Transport/allianceauth-docker-mumble
# 'allianceauth.services.modules.phpbb3',
# 'allianceauth.services.modules.smf',
# 'allianceauth.services.modules.teamspeak3',

2
docker/custom.dockerfile
View File

@ -4,5 +4,3 @@ FROM $AA_DOCKER_TAG
RUN cd /home/allianceauth
COPY /conf/requirements.txt requirements.txt
RUN pip install -r requirements.txt
RUN python $AUTH_HOME/myauth/manage.py collectstatic --noinput
RUN allianceauth update myauth

1
docs/conf.py
View File

@ -46,6 +46,7 @@ extensions = [
'recommonmark',
'sphinxcontrib_django2',
'sphinx.ext.viewcode',
'sphinx_copybutton'
]
# Add any paths that contain templates here, relative to this directory.

179
docs/development/dev_setup/aa-dev-setup-wsl-vsc-v2.md
View File

@ -16,8 +16,8 @@ In addition all tools described in this guide are open source or free software.
The development environment consists of the following components:
- Visual Studio Code with Remote WSL and Python extension
- WSL with Ubuntu 18.04. LTS
- Python 3.7 environment on WSL
- WSL with Ubuntu (18.04. LTS or higher)
- Python environment on WSL (3.8 or higher)
- MySQL server on WSL
- Redis on WSL
- Alliance Auth on WSL
@ -34,13 +34,13 @@ We will use the build-in Django development webserver, so we don't need to setup
The only requirement is a PC with Windows 10 and Internet connection in order to download the additional software components.
## Windows installation
## Installing Windows apps
### Windows Subsystem for Linux
- Install from here: [Microsoft docs](https://docs.microsoft.com/en-us/windows/wsl/install-win10)
- Choose Ubuntu 18.04. LTS
- Choose Ubuntu 18.04. LTS or higher
### Visual Studio Code
@ -54,7 +54,7 @@ The only requirement is a PC with Windows 10 and Internet connection in order to
- Once connected to WSL install the Python extension on the WSL side
## WSL Installation
## Setting up WSL / Linux
Open a WSL bash and update all software packets:
@ -71,7 +71,7 @@ sudo apt-get install gettext
### Install Python
For AA we want to develop with Python 3.7, because that provides the maximum compatibility with today's AA installations.
Next we need to install Python and related development tools.
```eval_rst
.. hint::
@ -80,7 +80,7 @@ For AA we want to develop with Python 3.7, because that provides the maximum com
```eval_rst
.. note::
Should your Ubuntu come with a newer version of Python we recommend to still setup your dev environment with the oldest Python 3 version supported by AA, e.g Python 3.7
Should your Ubuntu come with a newer version of Python we recommend to still setup your dev environment with the oldest Python 3 version currently supported by AA (e.g Python 3.8 at this time of writing) to ensure your apps are compatible with all current AA installations
You an check out this `page <https://askubuntu.com/questions/682869/how-do-i-install-a-different-python-version-using-apt-get/1195153>`_ on how to install additional Python versions on Ubuntu.
```
@ -90,7 +90,19 @@ Use the following command to install Python 3 with all required libraries with t
sudo apt-get install python3 python3-dev python3-venv python3-setuptools python3-pip python-pip
```
### Installing the DBMS
### Install redis and other tools
```bash
sudo apt-get install unzip git redis-server curl libssl-dev libbz2-dev libffi-dev
```
Start redis
```bash
sudo redis-server --daemonize yes
```
## Installing the DBMS
Install MySQL and required libraries with the following command:
@ -122,35 +134,22 @@ sudo mysql -u root
```
```sql
CREATE USER 'aa_dev'@'localhost' IDENTIFIED BY 'PASSWORD';
CREATE DATABASE aa_dev CHARACTER SET utf8mb4;
GRANT ALL PRIVILEGES ON aa_dev . * TO 'aa_dev'@'localhost';
CREATE DATABASE test_aa_dev CHARACTER SET utf8mb4;
GRANT ALL PRIVILEGES ON test_aa_dev . * TO 'aa_dev'@'localhost';
CREATE USER 'admin'@'localhost' IDENTIFIED BY 'YOUR-PASSWORD';
GRANT ALL PRIVILEGES ON * . * TO 'admin'@'localhost';
FLUSH PRIVILEGES;
exit;
```
Add timezone info to mysql
Add timezone info to mysql:
```bash
sudo mysql_tzinfo_to_sql /usr/share/zoneinfo | sudo mysql -u root mysql
```
### Install redis and other tools
```bash
sudo apt-get install unzip git redis-server curl libssl-dev libbz2-dev libffi-dev
```
Start redis
```bash
sudo redis-server --daemonize yes
```
```eval_rst
.. note::
WSL does not have an init.d service, so it will not automatically start your services such as MySQL and Redis when you boot your Windows machine. For convenience we recommend putting the commands for starting these services in a bash script. Here is an example:
If your WSL does not have an init.d service, it will not automatically start your services such as MySQL and Redis when you boot your Windows machine and you have to manually start them. For convenience we recommend putting these commands in a bash script. Here is an example:
::
@ -159,7 +158,6 @@ sudo redis-server --daemonize yes
sudo service mysql start
sudo redis-server --daemonize yes
In addition it is possible to configure Windows to automatically start WSL services, but that procedure goes beyond the scopes of this guide.
```
### Setup dev folder on WSL
@ -179,9 +177,14 @@ A good location for setting up this folder structure is your home folder or a su
Following this approach you can also setup additional AA projects, e.g. aa-dev-2, aa-dev-3 if needed.
Create the root folder aa-dev.
Create the root folder `aa-dev`.
### setup virtual Python environment for aa-dev
```eval_rst
.. hint::
The folders `venv` and `myauth` will be created automatically in later steps. Please do not create them manually as this would lead to errors.
```
### Setup virtual Python environment for aa-dev
Create the virtual environment. Run this in your aa-dev folder:
@ -195,16 +198,15 @@ And activate your venv:
source venv/bin/activate
```
### install Python packages
### Install and update basic Python packages
```bash
pip install --upgrade pip
pip install wheel
pip install -U pip setuptools wheel
```
## Alliance Auth installation
## Installing Alliance Auth
## Install and create AA instance
### Install and create AA instance
```bash
pip install allianceauth
@ -226,44 +228,55 @@ First you want to make sure exclude the venv folder from VSC as follows:
Open settings and go to Files:Exclude
Add pattern: `**/venv`
### Update settings
### Create EVE Online SSO App
Open the settings file with VSC. Its under `myauth/myauth/settings/local.py`
For the Eve Online related setup you need to create a SSO app on the developer site:
Make sure to have the settings of your Eve Online app ready.
- Create your Eve Online SSO App on the [Eve Online developer site](https://developers.eveonline.com/)
- Add all ESI scopes
- Set callback URL to: `http://127.0.0.1:8000/sso/callback`
Turn on DEBUG mode to ensure your static files get served by Django:
### Update Django settings
Open your local Django settings with VSC. The file is under `myauth/myauth/settings/local.py`
```eval_rst
.. hint::
There are two Django settings files: ``base.py`` and ``local.py``. The base settings file is controlled by the AA project and may change at any time. It is therefore recommended to only change the local settings file.
```
```python
DEBUG = True
```
Define URL and name of your site:
```python
SITE_URL = "http://127.0.0.1:8000"
...
SITE_NAME = "AA Dev"
```
Update name, user and password of your DATABASE configuration.
```python
DATABASES['default'] = {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'aa_dev',
'USER': 'aa_dev',
'PASSWORD': 'PASSWORD',
'USER': 'admin',
'PASSWORD': 'YOUR-PASSWORD',
'HOST': '127.0.0.1',
'PORT': '3306',
'OPTIONS': {'charset': 'utf8mb4'},
"TEST": {"CHARSET": "utf8mb4"},
}
```
For the Eve Online related setup you need to create a SSO app on the developer site:
- Create your Eve Online SSO App on the [Eve Online developer site](https://developers.eveonline.com/)
- Add all ESI scopes
- Set callback URL to: `http://localhost:8000/sso/callback`
Then update local.py with your settings:
Add the credentials for your Eve Online SSO app as defined above:
```python
ESI_SSO_CLIENT_ID = 'YOUR-ID'
ESI_SSO_CLIENT_SECRET = 'YOUR_SECRET'
ESI_SSO_CALLBACK_URL = 'http://localhost:8000/sso/callback'
```
Disable email registration:
@ -340,17 +353,19 @@ In VSC click on Debug / Add Configuration and choose "Django". Should Django not
The result should look something like this:
```python
```json
{
"name": "Python: Django",
"type": "python",
"request": "launch",
"program": "${workspaceFolder}/myauth/manage.py",
"cwd": "${workspaceFolder}/myauth",
"args": [
"runserver",
"--noreload"
],
"django": true
"django": true,
"justMyCode": true,
}
```
@ -360,7 +375,7 @@ For celery we need another debug config, so that we can run it in parallel to ou
Here is an example debug config for Celery:
```javascript
```json
{
"name": "Python: Celery",
"type": "python",
@ -386,16 +401,16 @@ Here is an example debug config for Celery:
Finally it makes sense to have a dedicated debug config for running unit tests. Here is an example config for running all tests of the app `example`.
```javascript
```json
{
"name": "Python: myauth unit tests",
"type": "python",
"request": "launch",
"program": "${workspaceFolder}/myauth/manage.py",
"cwd": "${workspaceFolder}/myauth",
"args": [
"test",
"--keepdb",
"--debug-mode",
"--failfast",
"example",
],
@ -410,7 +425,7 @@ You can also specify to run just a part of your test suite down to a test method
Finally you may also want to have a debug config to debug a non-Django Python script:
```javascript
```json
{
"name": "Python: Current File",
"type": "python",
@ -424,37 +439,31 @@ Finally you may also want to have a debug config to debug a non-Django Python sc
The following additional tools are very helpful when developing for AA with VS Code:
### Pylance
### VS Code extensions
Pylance is an extension that works alongside Python in Visual Studio Code to provide performant language support: [Pylance](https://marketplace.visualstudio.com/items?itemName=ms-python.vscode-pylance)
### Code Spell Checker
Typos in your user facing comments can be quite embarrassing. This spell checker helps you avoid them: [Code Spell Checker](https://marketplace.visualstudio.com/items?itemName=streetsidesoftware.code-spell-checker)
### markdownlint
Extension for Visual Studio Code - Markdown linting and style checking for Visual Studio Code: [markdownlint](https://marketplace.visualstudio.com/items?itemName=DavidAnson.vscode-markdownlint)
### GitLens
Extension for Visual Studio Code - Supercharge the Git capabilities built into Visual Studio Code: [GitLens](https://marketplace.visualstudio.com/items?itemName=eamodio.gitlens)
### RST preview
A VS Code extension to preview restructured text and provide syntax highlighting: [RST Preview](https://marketplace.visualstudio.com/items?itemName=tht13.rst-vscode)
### Django Template
#### Django Template
This extension adds language colorization support and user snippets for the Django template language to VS Code: [Django Template](https://marketplace.visualstudio.com/items?itemName=bibhasdn.django-html)
### DBeaver
#### Code Spell Checker
DBeaver is a free universal database tool and works with many different kinds of databases include MySQL. It can be installed on Windows 10 and will be able to help manage your MySQL databases running on WSL.
Typos in your user facing comments can be quite embarrassing. This spell checker helps you avoid them: [Code Spell Checker](https://marketplace.visualstudio.com/items?itemName=streetsidesoftware.code-spell-checker)
Install from here. [DBeaver](https://dbeaver.io/)
#### Git History
### django-extensions
Very helpful to visualize the change history and compare different branches. [Git History](https://marketplace.visualstudio.com/items?itemName=donjayamanne.githistory)
#### markdownlint
Extension for Visual Studio Code - Markdown linting and style checking for Visual Studio Code: [markdownlint](https://marketplace.visualstudio.com/items?itemName=DavidAnson.vscode-markdownlint)
#### Live Server
Live Server allows you to start a mini webserver for any file quickly. This can e.g. be useful for looking at changes to to Sphinx docs.: [Live Server](https://marketplace.visualstudio.com/items?itemName=ritwickdey.LiveServer)
### Django apps
#### Django Extensions
[django-extensions](https://django-extensions.readthedocs.io/en/latest/) is a swiss army knife for django developers with adds a lot of very useful features to your Django site. Here are a few highlights:
@ -462,6 +471,20 @@ Install from here. [DBeaver](https://dbeaver.io/)
- graph_models - Creates a dependency graph of Django models. Visualizing a model dependency structure can be very useful for trying to understand how an existing Django app works, or e.g. how all the AA models work together.
- runserver_plus - The standard runserver stuff but with the Werkzeug debugger baked in. This is a must have for any serious debugging.
#### Django Debug Toolbar
The [Django Debug Toolbar](https://github.com/jazzband/django-debug-toolbar) is a configurable set of panels that display various debug information about the current request/response and when clicked, display more details about the panel's content.
E.g. this tool is invaluable to debug and fix performance issues with Django queries.
### Windows applications
#### DBeaver
DBeaver is a free universal database tool and works with many different kinds of databases include MySQL. It can be installed on Windows 10 and will be able to help manage your MySQL databases running on WSL.
Install from here. [DBeaver](https://dbeaver.io/)
## Adding apps for development
The idea behind the particular folder structure of aa-dev is to have each and every app in its own folder and git repo. To integrate them with the AA instance they need to be installed once using the -e option that enabled editing of the package. And then added to the INSTALLED_APPS settings.

6
docs/features/services/discord.md
View File

@ -65,9 +65,9 @@ On the application summary page, press Create a Bot User.
Update your auth project's settings file with these pieces of information from the summary page:
- From the App Details panel, `DISCORD_APP_ID` is the Client/Application ID
- From the App Details panel, `DISCORD_APP_SECRET` is the Secret
- From the App Bot Users panel, `DISCORD_BOT_TOKEN` is the Token
- From the General Information panel, `DISCORD_APP_ID` is the Client/Application ID
- From the OAuth2 > General panel, `DISCORD_APP_SECRET` is the Client Secret
- From the Bot panel, `DISCORD_BOT_TOKEN` is the Token
### Preparing Auth

157
docs/installation/allianceauth.md
View File

@ -26,9 +26,10 @@ To install on your favorite flavour of Linux, identify and install equivalent pa
### OS Maintenance
It is reccommended to ensure your OS is fully up to date before proceeding. We may also add Package Repositories here, used later in the documentation.
It is recommended to ensure your OS is fully up to date before proceeding. We may also add Package Repositories here, used later in the documentation.
Ubuntu 1804, 2004, 2204:
```bash
sudo apt-get update
```
@ -41,7 +42,7 @@ sudo apt-get upgrade
sudo do-dist-upgrade
```
CentOS 7
CentOS 7:
```bash
yum install epel-release
@ -51,7 +52,7 @@ yum install epel-release
sudo yum upgrade
```
CentOS Stream 8
CentOS Stream 8:
```bash
sudo dnf config-manager --set-enabled powertools
@ -65,7 +66,7 @@ sudo dnf install epel-release epel-next-release
sudo yum upgrade
```
CentOS Stream 9
CentOS Stream 9:
```bash
sudo dnf config-manager --set-enabled crb
@ -78,15 +79,12 @@ dnf install epel-release epel-next-release
```bash
sudo yum upgrade
```
### Python
Alliance Auth requires Python 3.8 or higher. Ensure it is installed on your server before proceeding.
Install Python 3.10 and related tools on your system.
Ubuntu 1804, 2004:
```eval_rst
.. note::
Ubuntu 2204 ships with Python 3.10 already
```
```bash
sudo add-apt-repository ppa:deadsnakes/ppa
@ -100,13 +98,25 @@ sudo apt-get update
sudo apt-get install python3.10 python3.10-dev python3.10-venv
```
Ubuntu 2204:
```eval_rst
.. note::
Ubuntu 2204 ships with Python 3.10 already, but some important tools are missing in the default installation.
```
```bash
sudo apt-get install python3.10-dev python3.10-venv
```
CentOS 7:
We need to build Python from source
Centos Stream 8/9:
```eval_rst
.. note::
A Python 3.9 Package is available for Stream 8 and 9. You _may_ use this instead of building your own package. But our documentation will assume Python3.10 and you may need to substitute as neccessary
A Python 3.9 Package is available for Stream 8 and 9. You _may_ use this instead of building your own package. But our documentation will assume Python3.10 and you may need to substitute as necessary
sudo dnf install python39 python39-devel
```
@ -137,29 +147,34 @@ cd Python-3.10.5/
```bash
sudo make altinstall
```
### Database
It's recommended to use a database service instead of SQLite. Many options are available, but this guide will use MariaDB.
```eval_rst
.. note::
Many Ubuntu distributions come with an older version of Maria DB, which is not compatible with **Alliance Auth**. You need Maria DB 10.3 or higher!
Ubuntu distributions prior to 20.04 come with an older version of Maria DB, which is not compatible with **Alliance Auth**. You need Maria DB 10.3 or higher!
For 20.04 we still recommend to install Maria DB from the link below in order to get the newest stable version.
For 22.04 we recommend installing from the default Ubuntu distro, since it comes with the newest stable version.
```
Ubuntu 1804, 2004, 2204:
Ubuntu 1804, 2004:
```eval_rst
.. warning::
Please follow these steps to update MariaDB
https://mariadb.org/download/?t=repo-config&d=20.04+%22focal%22&v=10.6&r_m=osuosl
```
Ubuntu 1804, 2004, 2204
```bash
apt-get install mariadb-server mariadb-client libmysqlclient-dev
sudo apt-get install mariadb-server mariadb-client libmysqlclient-dev
```
CentOS 7
CentOS 7:
```eval_rst
.. warning::
Please follow these steps to update MariaDB
@ -170,11 +185,11 @@ CentOS 7
sudo yum install MariaDB-server MariaDB-client MariaDB-devel MariaDB-shared
```
CentOS Stream 8/9
CentOS Stream 8/9:
```eval_rst
.. note::
We reccomend using the built in AppStream, as they are maintained by CentOS. Currently an AppStream is not available for 10.6
We recommend using the built in AppStream, as they are maintained by CentOS. Currently an AppStream is not available for 10.6
```
```bash
@ -188,6 +203,7 @@ sudo dnf install mariadb mariadb-server mariadb-devel
```bash
sudo systemctl enable mariadb
```
```bash
sudo systemctl start mariadb
```
@ -202,11 +218,13 @@ sudo systemctl start mariadb
A few extra utilities are also required for installation of packages.
Ubuntu 1804, 2004, 2204:
```bash
sudo apt-get install unzip git redis-server curl libssl-dev libbz2-dev libffi-dev build-essential
```
CentOS 7:
```bash
sudo yum install gcc gcc-c++ unzip git redis curl bzip2-devel openssl-devel libffi-devel wget
```
@ -220,6 +238,7 @@ sudo systemctl start redis.service
```
CentOS Stream 8, Stream 9:
```bash
sudo dnf install gcc gcc-c++ unzip git redis curl bzip2-devel openssl-devel libffi-devel wget
```
@ -231,6 +250,7 @@ sudo systemctl enable redis.service
```bash
sudo systemctl start redis.service
```
## Database Setup
Alliance Auth needs a MySQL user account and database. Open an SQL shell with
@ -277,11 +297,13 @@ mysql_secure_installation
For security and permissions, its highly recommended you create a separate user to install auth under. Do not log in as this account.
Ubuntu 1804, 2004, 2204:
```bash
adduser --disabled-login allianceserver
sudo adduser --disabled-login allianceserver
```
CentOS 7, Stream 8, Stream 9:
```bash
sudo useradd -s /bin/bash allianceserver
```
@ -289,6 +311,7 @@ sudo useradd -s /bin/bash allianceserver
```bash
sudo passwd -l allianceserver
```
### Prepare Directories
```bash
@ -308,6 +331,23 @@ sudo chown -R allianceserver:allianceserver /var/www/myauth/static/
### Virtual Environment
Switch to the allianceserver user.
```bash
sudo su allianceserver
```
And switch to it's home directory:
```bash
cd
```
```eval_rst
.. note::
In general using the allianceserver user will greatly simplify permission management, when installing and performing maintenance on Alliance Auth.
```
Create a Python virtual environment and put it somewhere convenient (e.g. `/home/allianceserver/venv/auth/`)
```eval_rst
@ -346,16 +386,17 @@ As **callback URL** you want to define the URL of your Alliance Auth site plus t
### Alliance Auth Project
Update Pip before installing python packages:
```bash
pip install -U pip setuptools
```eval_rst
.. warning::
Before installing any Python packages please double-check that you have activated in the virtual environment. This is usually indicated by your command line in the terminal starting with: `(auth)`.
```
Ensure wheel is available before continuing:
#### Install Python packages
Update & install basic tools before installing further Python packages:
```bash
pip install wheel
pip install -U pip setuptools wheel
```
You can install **Alliance Auth** with the following command. This will install AA and all its Python dependencies.
@ -370,7 +411,9 @@ You should also install Gunicorn now unless you want to use another WSGI server
pip install gunicorn
```
Now you need to create the application that will run the **Alliance Auth** install. Ensure you are in the allianceserver home directory by issuing:
#### Create Alliance Auth project
Now you need to create the Django project that will run **Alliance Auth**. Ensure you are in the allianceserver home directory by issuing:
```bash
cd /home/allianceserver
@ -382,16 +425,25 @@ The following command bootstraps a Django project which will run your **Alliance
allianceauth start myauth
```
The settings file needs configuring, edit the template at `myauth/myauth/settings/local.py`.
#### Update settings
Your settings file needs configuring:
```bash
nano myauth/myauth/settings/local.py
```
**Be sure to configure:**
* Your site URL as `SITE_URL`
* The Database account setup earlier in **Database Setup**
* `ESI_SSO_CLIENT_ID`, `ESI_SSO_CLIENT_SECRET` from the EVE Online Developers Portal earlier in **Eve Online Settings**
* `ESI_USER_CONTACT_EMAIL` to an email address to ensure that CCP has reliable contact information for you
* Valid Email server settings.
Django needs to install models to the database before it can start.
- Your site URL as `SITE_URL`
- The database user account setup from earlier in [Database Setup](#database-setup)
- `ESI_SSO_CLIENT_ID`, `ESI_SSO_CLIENT_SECRET` from the EVE Online Developers Portal from earlier in [Eve Online SSO](#eve-online-sso)
- `ESI_USER_CONTACT_EMAIL` to an email address to ensure that CCP has reliable contact information for you
- Valid email server settings
#### Install database & static files
Django needs to setup the database before it can start.
```bash
python /home/allianceserver/myauth/manage.py migrate
@ -400,7 +452,7 @@ python /home/allianceserver/myauth/manage.py migrate
Now we need to round up all the static files required to render templates. Make a directory to serve them from and populate it.
```bash
python /home/allianceserver/myauth/manage.py collectstatic
python /home/allianceserver/myauth/manage.py collectstatic --noinput
```
Check to ensure your settings are valid.
@ -409,7 +461,6 @@ Check to ensure your settings are valid.
python /home/allianceserver/myauth/manage.py check
```
```eval_rst
.. hint::
If you are using root, ensure the allianceserver user has read/write permissions to this directory before proceeding::
@ -417,17 +468,7 @@ python /home/allianceserver/myauth/manage.py check
chown -R allianceserver:allianceserver /home/allianceserver/myauth
```
## Services
Alliance Auth needs some additional services to run, which we will set up and configure next.
### Gunicorn
To run the **Alliance Auth** website a [WSGI Server](https://www.fullstackpython.com/wsgi-servers.html) is required. For this [Gunicorn](http://gunicorn.org/) is highly recommended for its ease of configuring. It can be manually run from within your `myauth` base directory with `gunicorn --bind 0.0.0.0 myauth.wsgi` or automatically run using Supervisor.
The default configuration is good enough for most installations. Additional information is available in the [gunicorn](gunicorn.md) doc.
## Superuser
#### Setup superuser
Before using your auth site, it is essential to create a superuser account. This account will have all permissions in Alliance Auth. It's OK to use this as your personal auth account.
@ -439,6 +480,16 @@ Once your install is complete, the superuser account is accessed by logging in v
If you intend to use this account as your personal auth account you need to add a main character. Navigate to the normal user dashboard (at `https://example.com`) after logging in via the admin site and select `Change Main`. Once a main character has been added, it is possible to use SSO to login to this account.
## Services
Alliance Auth needs some additional services to run, which we will set up and configure next.
### Gunicorn
To run the **Alliance Auth** website a [WSGI Server](https://www.fullstackpython.com/wsgi-servers.html) is required. For this [Gunicorn](http://gunicorn.org/) is highly recommended for its ease of configuring. It can be manually run from within your `myauth` base directory with `gunicorn --bind 0.0.0.0 myauth.wsgi` or automatically run using Supervisor.
The default configuration is good enough for most installations. Additional information is available in the [gunicorn](gunicorn.md) doc.
### Supervisor
[Supervisor](http://supervisord.org/) is a process watchdog service: it makes sure other processes are started automatically and kept running. It can be used to automatically start the WSGI server and Celery workers for background tasks.
@ -461,9 +512,11 @@ CentOS 7:
```bash
sudo dnf install supervisor
```
```bash
sudo systemctl enable supervisord.service
```
```bash
sudo systemctl start supervisord.service
```
@ -473,9 +526,11 @@ CentOS Stream 8, Stream 9:
```bash
sudo dnf install supervisor
```
```bash
sudo systemctl enable supervisord.service
```
```bash
sudo systemctl start supervisord.service
```
@ -491,18 +546,18 @@ ln -s /home/allianceserver/myauth/supervisor.conf /etc/supervisor/conf.d/myauth.
CentOS:
```bash
ln -s /home/allianceserver/myauth/supervisor.conf /etc/supervisord.d/myauth.ini
sudo ln -s /home/allianceserver/myauth/supervisor.conf /etc/supervisord.d/myauth.ini
```
Activate it with `supervisorctl reload`.
Activate it with `sudo supervisorctl reload`.
You can check the status of the processes with `supervisorctl status`. Logs from these processes are available in `/home/allianceserver/myauth/log` named by process.
You can check the status of the processes with `sudo supervisorctl status`. Logs from these processes are available in `/home/allianceserver/myauth/log` named by process.
```eval_rst
.. note::
Any time the code or your settings change you'll need to restart Gunicorn and Celery. ::
supervisorctl restart myauth:
sudo supervisorctl restart myauth:
```
## Web server
@ -530,7 +585,7 @@ source /home/allianceserver/venv/auth/bin/activate
and update with:
```bash
pip install --upgrade allianceauth
pip install -U allianceauth
```
Some releases come with changes to the base settings. Update your project's settings with:
@ -548,7 +603,7 @@ python /home/allianceserver/myauth/manage.py migrate
Finally, some releases come with new or changed static files. Run the following command to update your static files folder:
```bash
python /home/allianceserver/myauth/manage.py collectstatic
python /home/allianceserver/myauth/manage.py collectstatic --noinput
```
Always restart AA, Celery and Gunicorn after updating:

15
docs/installation/switch_to_non_root.md
View File

@ -13,9 +13,15 @@ The migration itself is rather straightforward. The main idea is to change owner
First, log in as your sudo user and run the following commands in order:
```shell
# Set the right owner
sudo chown -R allianceserver: /home/allianceserver
sudo chown -R allianceserver: /var/www/myauth
sudo chmod -r 655 /var/www/myauth
# Remove static files, they will be re-added later
sudo rm -rf /var/www/mayauth/static/*
# Fix directory permissions
sudo chmod -R 755 /var/www/myauth
```
That's it. Your AA installation is now configured to be maintained with the `allianceserver` user.
@ -45,6 +51,13 @@ Finally, switch to the main AA folder, from where you can run most commands dire
cd myauth
```
Now it's time to re-add the static files with the right permissions. To do so simply
run:
```shell
python manage.py collectstatic
```
When you want to restart myauth, you need to switch back to your sudo user, because `allianceserver` does not have sudo privileges:
```shell

1
docs/maintenance/tuning/index.md
View File

@ -13,4 +13,5 @@ The official installation guide will install a stable version of Alliance Auth t
gunicorn
celery
redis
```

22
docs/maintenance/tuning/redis.md Normal file
View File

@ -0,0 +1,22 @@
# Redis
## Compression
Cache compression can help tame the memory usage of specialised installation configurations and Community Apps that heavily utilize Redis.
Various compression algorithms are supported, with various strengths. Our testing has shown that lzma works best with our use cases. You can read more at [Django-Redis Compression Support](https://github.com/jazzband/django-redis#compression-support)
Add the following lines to `local.py`
```python
import lzma
CACHES = {
"default": {
# ...
"OPTIONS": {
"COMPRESSOR": "django_redis.compressors.lzma.LzmaCompressor",
}
}
}
```

3
docs/requirements.txt
View File

@ -5,11 +5,12 @@ recommonmark==0.7.1
Jinja2<3.1
docutils==0.16
sphinxcontrib-django2
sphinx-copybutton
# Autodoc dependencies
celery>=5.2.0,<6.0.0
celery_once>=3.0.1
django>=4.0.5,<5.0.0
django>=4.0.6,<4.1.0
django-bootstrap-form
django-celery-beat>=2.3.0
django-esi>=4.0.1

16
setup.cfg
View File

@ -17,9 +17,11 @@ classifiers =
Operating System :: POSIX :: Linux
Programming Language :: Python
Programming Language :: Python :: 3
Programming Language :: Python :: 3 :: Only
Programming Language :: Python :: 3.8
Programming Language :: Python :: 3.9
Programming Language :: Python :: 3.10
Programming Language :: Python :: 3.11
Topic :: Internet :: WWW/HTTP
Topic :: Internet :: WWW/HTTP :: Dynamic Content
home_page = https://gitlab.com/allianceauth/allianceauth
@ -35,28 +37,28 @@ packages = find_namespace:
install_requires =
bcrypt
beautifulsoup4
celery>=5.2.0,<6.0.0
celery>=5.2.0,<6
celery-once>=3.0.1
django>=4.0.6,<4.1.0
django>=4.0.9,<4.1.0
django-bootstrap-form
django-celery-beat>=2.3.0
django-esi>=4.0.1
django-redis>=5.2.0,<6.0.0
django-redis>=5.2.0
django-registration>=3.3
django-sortedm2m
dnspython
mysqlclient>=2.1.0
openfire-restapi
packaging>=21.0,<22
packaging>=21.0
passlib
pydiscourse
python-slugify>=1.2
redis>=4.0.0,<5.0.0
requests>=2.9.1,<3.0.0
redis>=4.0.0
requests>=2.9.1
requests-oauthlib
semantic-version
slixmpp
python_requires = ~=3.8
python_requires = >=3.8
include_package_data = True
zip_safe = False

7
tox.ini
View File

@ -2,18 +2,18 @@
isolated_build = True
skipsdist = true
usedevelop = true
envlist = py{38,39,310,311}-{all,core}, docs
envlist = py{38,39,310,311,py}-{all,core}, docs
[testenv]
setenv =
all: DJANGO_SETTINGS_MODULE = tests.settings_all
core: DJANGO_SETTINGS_MODULE = tests.settings_core
basepython =
py37: python3.7
py38: python3.8
py39: python3.9
py310: python3.10
py311: python3.11
pypy: pypy3
deps=
coverage
install_command = pip install -e ".[test]" -U {opts} {packages}
@ -26,7 +26,8 @@ commands =
[testenv:docs]
description = invoke sphinx-build to build the HTML docs
basepython = python3.9
skip_install = True
deps = -r{toxinidir}/docs/requirements.txt
install_command =
install_command = python -I -m pip install {opts} {packages}
commands =
sphinx-build -T -E -b html -d "{toxworkdir}/docs_doctree" -D language=en docs "{toxworkdir}/docs_out" {posargs}