From bd52c0b9f031e49c3a4d6d2e95d2a0af323bf8d6 Mon Sep 17 00:00:00 2001
From: "Nikita P. Shupeyko" <webyneter@gmail.com>
Date: Tue, 6 Mar 2018 16:04:55 +0300
Subject: [PATCH] Fix post-merge leftovers & set DJANGO_ADMIN_URL automatically

---
 hooks/post_gen_project.py                     | 74 ++++++++++++-------
 .../.envs/.local/.postgres                    |  2 +-
 .../.envs/.production/.django                 | 52 ++++++++-----
 {{cookiecutter.project_slug}}/.gitignore      |  2 +
 4 files changed, 84 insertions(+), 46 deletions(-)

diff --git a/hooks/post_gen_project.py b/hooks/post_gen_project.py
index 69c89056f..6f413c68d 100644
--- a/hooks/post_gen_project.py
+++ b/hooks/post_gen_project.py
@@ -144,6 +144,7 @@ def generate_random_string(length,
 def set_flag(file_path,
              flag,
              value=None,
+             formatted=None,
              *args,
              **kwargs):
     if value is None:
@@ -155,6 +156,8 @@ def set_flag(file_path,
                 "Please, make sure to manually {} later.".format(flag)
             )
             random_string = flag
+        if formatted is not None:
+            random_string = formatted.format(random_string)
         value = random_string
 
     with open(file_path, 'r+') as f:
@@ -170,21 +173,38 @@ def set_django_secret_key(file_path):
     django_secret_key = set_flag(
         file_path,
         '!!!SET DJANGO_SECRET_KEY!!!',
-        length=50,
+        length=64,
         using_digits=True,
         using_ascii_letters=True
     )
     return django_secret_key
 
 
+def set_django_admin_url(file_path):
+    django_admin_url = set_flag(
+        file_path,
+        '!!!SET DJANGO_ADMIN_URL!!!',
+        formatted='^{}/',
+        length=32,
+        using_digits=True,
+        using_ascii_letters=True
+    )
+    return django_admin_url
+
+
+def generate_postgres_user():
+    return generate_random_string(
+        length=32,
+        using_ascii_letters=True
+    )
+
+
 def set_postgres_user(file_path,
                       value=None):
     postgres_user = set_flag(
         file_path,
         '!!!SET POSTGRES_USER!!!',
-        value=value,
-        length=8,
-        using_ascii_letters=True
+        value=value or generate_postgres_user()
     )
     return postgres_user
 
@@ -193,42 +213,46 @@ def set_postgres_password(file_path):
     postgres_password = set_flag(
         file_path,
         '!!!SET POSTGRES_PASSWORD!!!',
-        length=42,
+        length=64,
         using_digits=True,
         using_ascii_letters=True
     )
     return postgres_password
 
 
-def initialize_dotenv(postgres_user):
-    # Initializing `env.example` first.
-    envexample_file_path = os.path.join(PROJECT_DIR_PATH, 'env.example')
-    set_django_secret_key(envexample_file_path)
-    set_postgres_user(envexample_file_path, value=postgres_user)
-    set_postgres_password(envexample_file_path)
-    # Renaming `env.example` to `.env`.
-    dotenv_file_path = os.path.join(PROJECT_DIR_PATH, '.env')
-    shutil.move(envexample_file_path, dotenv_file_path)
+def append_to_gitignore_file(s) -> None:
+    with open(os.path.join(PROJECT_DIR_PATH, '.gitignore'), 'a') as gitignore_file:
+        gitignore_file.write(s)
+        gitignore_file.write(os.linesep)
 
 
-def initialize_localyml(postgres_user):
-    set_postgres_user(os.path.join(PROJECT_DIR_PATH, 'local.yml'), value=postgres_user)
+def initialize_envs(postgres_user):
+    envs_dir_path = '.envs'
+
+    append_to_gitignore_file(envs_dir_path + '/**/*')
+
+    local_postgres_envs_path = os.path.join(PROJECT_DIR_PATH, envs_dir_path, '.local', '.postgres')
+    set_postgres_user(local_postgres_envs_path, value=postgres_user)
+    set_postgres_password(local_postgres_envs_path)
+
+    production_django_envs_path = os.path.join(PROJECT_DIR_PATH, envs_dir_path, '.production', '.django')
+    set_django_secret_key(production_django_envs_path)
+    set_django_admin_url(production_django_envs_path)
+
+    production_postgres_envs_path = os.path.join(PROJECT_DIR_PATH, envs_dir_path, '.production', '.postgres')
+    set_postgres_user(production_postgres_envs_path, value=postgres_user)
+    set_postgres_password(production_postgres_envs_path)
 
 
-def initialize_local_settings():
+def initialize_settings_files():
     set_django_secret_key(os.path.join(PROJECT_DIR_PATH, 'config', 'settings', 'local.py'))
-
-
-def initialize_test_settings():
     set_django_secret_key(os.path.join(PROJECT_DIR_PATH, 'config', 'settings', 'test.py'))
 
 
 def main():
-    postgres_user = generate_random_string(length=16, using_ascii_letters=True)
-    initialize_dotenv(postgres_user)
-    initialize_localyml(postgres_user)
-    initialize_local_settings()
-    initialize_test_settings()
+    postgres_user = generate_postgres_user()
+    initialize_envs(postgres_user)
+    initialize_settings_files()
 
     if '{{ cookiecutter.open_source_license }}' == 'Not open source':
         remove_open_source_project_only_files()
diff --git a/{{cookiecutter.project_slug}}/.envs/.local/.postgres b/{{cookiecutter.project_slug}}/.envs/.local/.postgres
index f795886d9..b5295478d 100644
--- a/{{cookiecutter.project_slug}}/.envs/.local/.postgres
+++ b/{{cookiecutter.project_slug}}/.envs/.local/.postgres
@@ -1,2 +1,2 @@
-POSTGRES_USER={{cookiecutter.project_slug}}
+POSTGRES_USER=!!!SET POSTGRES_USER!!!
 POSTGRES_PASSWORD=!!!SET POSTGRES_PASSWORD!!!
diff --git a/{{cookiecutter.project_slug}}/.envs/.production/.django b/{{cookiecutter.project_slug}}/.envs/.production/.django
index 82f8b5c03..c6def565a 100644
--- a/{{cookiecutter.project_slug}}/.envs/.production/.django
+++ b/{{cookiecutter.project_slug}}/.envs/.production/.django
@@ -1,31 +1,43 @@
-CONN_MAX_AGE=
+# General
+# ------------------------------------------------------------------------------
 # DJANGO_READ_DOT_ENV_FILE=True
 DJANGO_SETTINGS_MODULE=config.settings.production
 DJANGO_SECRET_KEY=!!!SET DJANGO_SECRET_KEY!!!
+DJANGO_ADMIN_URL=!!!SET DJANGO_ADMIN_URL!!!
 DJANGO_ALLOWED_HOSTS=.{{ cookiecutter.domain_name }}
 
-DJANGO_ADMIN_URL=
-DJANGO_ACCOUNT_ALLOW_REGISTRATION=True
-{% if cookiecutter.use_compressor == 'y' -%}
-COMPRESS_ENABLED=
-{% endif %}
+# Security
+# ------------------------------------------------------------------------------
+# TIP: better off using DNS, however, redirect is OK too
+DJANGO_SECURE_SSL_REDIRECT=False
 
-{% if cookiecutter.use_sentry_for_error_reporting == 'y' -%}
+# Email
+# ------------------------------------------------------------------------------
+MAILGUN_API_KEY=
+DJANGO_SERVER_EMAIL=
+MAILGUN_DOMAIN=
+
+# AWS
+# ------------------------------------------------------------------------------
+DJANGO_AWS_ACCESS_KEY_ID=
+DJANGO_AWS_SECRET_ACCESS_KEY=
+DJANGO_AWS_STORAGE_BUCKET_NAME=
+
+# django-allauth
+# ------------------------------------------------------------------------------
+DJANGO_ACCOUNT_ALLOW_REGISTRATION=True
+{% if cookiecutter.use_compressor == 'y' %}
+# django-compressor
+# ------------------------------------------------------------------------------
+COMPRESS_ENABLED=
+{% endif %}{% if cookiecutter.use_sentry_for_error_reporting == 'y' %}
+# Sentry
+# ------------------------------------------------------------------------------
 DJANGO_SENTRY_DSN=
-{% endif %}
-{% if cookiecutter.use_opbeat == 'y' -%}
+{% endif %}{% if cookiecutter.use_opbeat == 'y' %}
+# opbeat
+# ------------------------------------------------------------------------------
 DJANGO_OPBEAT_ORGANIZATION_ID=
 DJANGO_OPBEAT_APP_ID=
 DJANGO_OPBEAT_SECRET_TOKEN=
 {% endif %}
-
-DJANGO_MAILGUN_API_KEY=
-DJANGO_SERVER_EMAIL=
-MAILGUN_SENDER_DOMAIN=
-
-# Major security concern! You'd be better off using DNS.
-DJANGO_SECURE_SSL_REDIRECT=False
-
-DJANGO_AWS_ACCESS_KEY_ID=
-DJANGO_AWS_SECRET_ACCESS_KEY=
-DJANGO_AWS_STORAGE_BUCKET_NAME=
diff --git a/{{cookiecutter.project_slug}}/.gitignore b/{{cookiecutter.project_slug}}/.gitignore
index 207d2044d..36e9f5a75 100644
--- a/{{cookiecutter.project_slug}}/.gitignore
+++ b/{{cookiecutter.project_slug}}/.gitignore
@@ -348,3 +348,5 @@ mailhog
 # See issue https://github.com/pydanny/cookiecutter-django/issues/1321
 !/compose/local/
 {% endif %}
+
+.env