studio/docs
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2026-03-24. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
05ffba14fdfe88b6b9747cc0fd731e0ce60c757d
docs/env.d/development/common

95 lines
3.2 KiB
Plaintext
Raw Normal View History

✨(project) first proof of concept printing pdf from markdown This is a boilerplate inspired from https://github.com/openfun/joanie
2024-01-09 15:30:36 +01:00
# Django
DJANGO_ALLOWED_HOSTS=*
DJANGO_SECRET_KEY=ThisIsAnExampleKeyForDevPurposeOnly
♻️(project) rename project from "publish" to "impress" The repository was renamed to "impress" but the code was still mentionning "publish".
2024-03-07 19:46:46 +01:00
DJANGO_SETTINGS_MODULE=impress.settings
✨(project) first proof of concept printing pdf from markdown This is a boilerplate inspired from https://github.com/openfun/joanie
2024-01-09 15:30:36 +01:00
DJANGO_SUPERUSER_PASSWORD=admin
🔧(backend) fix logging for docker and make it configurable by envar Logs were not made to the console so it was hard to debug in k8s. We propose a ready made logging configuration that sends everything to the console and allow adjusting log levels with environment variables.
2024-11-12 09:12:19 +01:00
# Logging
# Set to DEBUG level for dev only
LOGGING_LEVEL_HANDLERS_CONSOLE=INFO
LOGGING_LEVEL_LOGGERS_ROOT=INFO
LOGGING_LEVEL_LOGGERS_APP=INFO
✨(project) first proof of concept printing pdf from markdown This is a boilerplate inspired from https://github.com/openfun/joanie
2024-01-09 15:30:36 +01:00
# Python
PYTHONPATH=/app
♻️(project) rename project from "publish" to "impress" The repository was renamed to "impress" but the code was still mentionning "publish".
2024-03-07 19:46:46 +01:00
# impress settings
✨(project) first proof of concept printing pdf from markdown This is a boilerplate inspired from https://github.com/openfun/joanie
2024-01-09 15:30:36 +01:00
# Mail
✨(email) white brand email The email was branded "La Suite Numérique", we updated the template to make it generic, we will use settings env variables to customize the email for each brand.
2024-12-13 17:48:08 +01:00
DJANGO_EMAIL_BRAND_NAME="La Suite Numérique"
✨(project) first proof of concept printing pdf from markdown This is a boilerplate inspired from https://github.com/openfun/joanie
2024-01-09 15:30:36 +01:00
DJANGO_EMAIL_HOST="mailcatcher"
✨(email) white brand email The email was branded "La Suite Numérique", we updated the template to make it generic, we will use settings env variables to customize the email for each brand.
2024-12-13 17:48:08 +01:00
DJANGO_EMAIL_LOGO_IMG="http://localhost:3000/assets/logo-suite-numerique.png"
✨(project) first proof of concept printing pdf from markdown This is a boilerplate inspired from https://github.com/openfun/joanie
2024-01-09 15:30:36 +01:00
DJANGO_EMAIL_PORT=1025
🔧(project) add DJANGO_EMAIL_URL_APP environment variable Most of Docs app is configured thanks to environment variables, except the url in the email that was from the django site table. Now we can set it with DJANGO_EMAIL_URL_APP environment variable to have a better consistency. We keep the previous way to avoid breaking changes.
2026-01-23 17:56:31 +01:00
DJANGO_EMAIL_URL_APP="http://localhost:3000"
✨(project) first proof of concept printing pdf from markdown This is a boilerplate inspired from https://github.com/openfun/joanie
2024-01-09 15:30:36 +01:00
# Backend url
♻️(project) rename project from "publish" to "impress" The repository was renamed to "impress" but the code was still mentionning "publish".
2024-03-07 19:46:46 +01:00
IMPRESS_BASE_URL="http://localhost:8072"
🔧(backend) configure Authorization Code authentication Integrate 'mozilla-django-oidc' dependency, to support Authorization Code flow, which is required by Agent Connect. Thus, we provide a secure back channel OIDC flow, and return to the client only a session cookie. Done: - Replace JWT authentication by Session based authentication in DRF - Update Django settings to make OIDC configurations easily editable - Add 'mozilla-django-oidc' routes to our router - Implement a custom Django Authentication class to adapt 'mozilla-django-oidc' to our needs 'mozilla-django-oidc' routes added are: - /authenticate - /callback (the redirect_uri called back by the Idp) - /logout
2024-02-24 00:21:10 +01:00
✨(documents) add content field as an S3 object The content field is a writable property on the model which is persisted in object storage. We take advantage of the versioning, robustness and scalability of S3.
2024-04-06 09:09:46 +02:00
# Media
STORAGES_STATICFILES_BACKEND=django.contrib.staticfiles.storage.StaticFilesStorage
AWS_S3_ENDPOINT_URL=http://minio:9000
AWS_S3_ACCESS_KEY_ID=impress
AWS_S3_SECRET_ACCESS_KEY=password
🔧(backend) add MEDIA_BASE_URL setting The frontend need to know the base url for the media files, so we need to add a new setting to the backend, in order to expose this value to the frontend. If the setting is not defined, the frontend current domain will be used as the base url. In production this setting do not need to be defined since we have nginx capturing the media requests, but in development we need to define it to target the nginx server.
2024-11-15 11:31:09 +01:00
MEDIA_BASE_URL=http://localhost:8083
✨(documents) add content field as an S3 object The content field is a writable property on the model which is persisted in object storage. We take advantage of the versioning, robustness and scalability of S3.
2024-04-06 09:09:46 +02:00
🔧(backend) configure Authorization Code authentication Integrate 'mozilla-django-oidc' dependency, to support Authorization Code flow, which is required by Agent Connect. Thus, we provide a secure back channel OIDC flow, and return to the client only a session cookie. Done: - Replace JWT authentication by Session based authentication in DRF - Update Django settings to make OIDC configurations easily editable - Add 'mozilla-django-oidc' routes to our router - Implement a custom Django Authentication class to adapt 'mozilla-django-oidc' to our needs 'mozilla-django-oidc' routes added are: - /authenticate - /callback (the redirect_uri called back by the Idp) - /logout
2024-02-24 00:21:10 +01:00
# OIDC
OIDC_OP_JWKS_ENDPOINT=http://nginx:8083/realms/impress/protocol/openid-connect/certs
OIDC_OP_AUTHORIZATION_ENDPOINT=http://localhost:8083/realms/impress/protocol/openid-connect/auth
OIDC_OP_TOKEN_ENDPOINT=http://nginx:8083/realms/impress/protocol/openid-connect/token
OIDC_OP_USER_ENDPOINT=http://nginx:8083/realms/impress/protocol/openid-connect/userinfo
📝(backend) add fulltext search documentation Add documentation for env & Find+Docs configuration in dev mode Signed-off-by: Fabre Florian <ffabre@hybird.org>
2025-10-03 10:35:50 +02:00
OIDC_OP_INTROSPECTION_ENDPOINT=http://nginx:8083/realms/impress/protocol/openid-connect/token/introspect
🔧(backend) configure Authorization Code authentication Integrate 'mozilla-django-oidc' dependency, to support Authorization Code flow, which is required by Agent Connect. Thus, we provide a secure back channel OIDC flow, and return to the client only a session cookie. Done: - Replace JWT authentication by Session based authentication in DRF - Update Django settings to make OIDC configurations easily editable - Add 'mozilla-django-oidc' routes to our router - Implement a custom Django Authentication class to adapt 'mozilla-django-oidc' to our needs 'mozilla-django-oidc' routes added are: - /authenticate - /callback (the redirect_uri called back by the Idp) - /logout
2024-02-24 00:21:10 +01:00
OIDC_RP_CLIENT_ID=impress
OIDC_RP_CLIENT_SECRET=ThisIsAnExampleKeyForDevPurposeOnly
OIDC_RP_SIGN_ALGO=RS256
OIDC_RP_SCOPES="openid email"
LOGIN_REDIRECT_URL=http://localhost:3000
LOGIN_REDIRECT_URL_FAILURE=http://localhost:3000
LOGOUT_REDIRECT_URL=http://localhost:3000
✨(auth) add silent login Currently users already logged in to the SSO have to click on the login button again to be connected. This extra step should not be necessary. This commit uses the "silent=true" parameter to the login endpoint to avoid the extra step.
2026-01-23 10:44:03 +01:00
OIDC_REDIRECT_ALLOWED_HOSTS="localhost:8083,localhost:3000"
🔧(backend) configure Authorization Code authentication Integrate 'mozilla-django-oidc' dependency, to support Authorization Code flow, which is required by Agent Connect. Thus, we provide a secure back channel OIDC flow, and return to the client only a session cookie. Done: - Replace JWT authentication by Session based authentication in DRF - Update Django settings to make OIDC configurations easily editable - Add 'mozilla-django-oidc' routes to our router - Implement a custom Django Authentication class to adapt 'mozilla-django-oidc' to our needs 'mozilla-django-oidc' routes added are: - /authenticate - /callback (the redirect_uri called back by the Idp) - /logout
2024-02-24 00:21:10 +01:00
OIDC_AUTH_REQUEST_EXTRA_PARAMS={"acr_values": "eidas1"}
✨(backend) create ai endpoint We created 2 new action endpoints on the document to perform AI operations: - POST /api/v1.0/documents/{uuid}/ai-transform - POST /api/v1.0/documents/{uuid}/ai-translate
2024-09-20 22:42:46 +02:00
🩹(backend) fix oidc token storage configuration Disable OIDC_STORE_ACCESS_TOKEN & OIDC_STORE_REFRESH_TOKEN as default to prevent authentication issues when the Find service is not used. Signed-off-by: Fabre Florian <ffabre@hybird.org>
2025-11-20 10:00:31 +01:00
# Store OIDC tokens in the session. Needed by search/ endpoint.
# OIDC_STORE_ACCESS_TOKEN = True
# OIDC_STORE_REFRESH_TOKEN = True # Store the encrypted refresh token in the session.
🔧(backend) tool for valid fernet key used in OIDC token storage Add bin/fernetkey that generates a key for the OIDC_STORE_REFRESH_TOKEN_KEY setting. Signed-off-by: Fabre Florian <ffabre@hybird.org>
2025-10-01 07:18:26 +02:00
# Must be a valid Fernet key (32 url-safe base64-encoded bytes)
# To create one, use the bin/fernetkey command.
# OIDC_STORE_REFRESH_TOKEN_KEY="your-32-byte-encryption-key=="
✨(backend) add document search view New API view that calls the indexed documents search view (resource server) of app "Find". Signed-off-by: Fabre Florian <ffabre@hybird.org>
2025-08-13 06:50:58 +02:00
✨(backend) manage reconciliation requests for user accounts (#1878) For now, the reconciliation requests are imported through CSV in the Django admin, which sends confirmation email to both addresses. When both are checked, the actual reconciliation is processed, and all user-related content is updated. ## Purpose Fix #1616 // Replaces #1708 For now, the reconciliation requests are imported through CSV in the Django admin, which sends confirmation email to both addresses. When both are checked, the actual reconciliation is processed, and all user-related content is updated. ## Proposal - [x] New `UserReconciliationCsvImport` model to manage the import of reconciliation requests through a task (`user_reconciliation_csv_import_job`) - [x] New `UserReconciliation` model to store the user reconciliation requests themselves (a row = a `active_user`/`inactive_user` pair) - [x] On save, a confirmation email is sent to the users - [x] A `process_reconciliation` admin action process the action on the requested entries, if both emails have been checked. - [x] Bulk update the `DocumentAccess` items, while managing the case where both users have access to the document (keeping the higher role) - [x] Bulk update the `LinkTrace` items, while managing the case where both users have link traces to the document - [x] Bulk update the `DocumentFavorite` items, while managing the case where both users have put the document in their favorites - [x] Bulk update the comment system items (`Thread`, `Comment` and `Reaction` items) - [x] Bulk update the `is_active` status on both users - [x] New `USER_RECONCILIATION_FORM_URL` env variable for the "make a new request" URL in an email. - [x] Write unit tests - [x] Remove the unused `email_user()` method on `User`, replaced with `send_email()` similar to the one on the `Document` model ## Demo page reconciliation success <img width="1149" height="746" alt="image" src="https://github.com/user-attachments/assets/09ba2b38-7af3-41fa-a64f-ce3c4fd8548d" /> --------- Co-authored-by: Anthony LC <anthony.le-courric@mail.numerique.gouv.fr>
2026-02-11 19:09:20 +01:00
# User reconciliation
USER_RECONCILIATION_FORM_URL=http://localhost:3000
✨(backend) create ai endpoint We created 2 new action endpoints on the document to perform AI operations: - POST /api/v1.0/documents/{uuid}/ai-transform - POST /api/v1.0/documents/{uuid}/ai-translate
2024-09-20 22:42:46 +02:00
# AI
🐛(frontend) conditionally render AI button in toolbar Added a feature flag check to ensure the AIGroupButton is only rendered when AI_FEATURE_ENABLED is explicitly set to "true". This prevents the AI button from appearing when the feature is not configured or disabled. Fixes #782 Signed-off-by: Matthias <matthias@universum.com>
2025-03-27 23:21:26 +01:00
AI_FEATURE_ENABLED=true
🚩(project) add more backend AI feature flags The Blocknote AI feature is a bit flaky, we want to be able to disable it if to much issues arise, without having to do a new release. We add a bunch of feature flags to be able to disable the AI features if needed: - add AI_FEATURE_BLOCKNOTE_ENABLED, to display or not the feature powered by blocknote - add AI_FEATURE_LEGACY_ENABLED, to display or not the legacy AI features
2026-02-26 11:47:25 +01:00
AI_FEATURE_BLOCKNOTE_ENABLED=true
AI_FEATURE_LEGACY_ENABLED=true
✨(backend) create ai endpoint We created 2 new action endpoints on the document to perform AI operations: - POST /api/v1.0/documents/{uuid}/ai-transform - POST /api/v1.0/documents/{uuid}/ai-translate
2024-09-20 22:42:46 +02:00
AI_BASE_URL=https://openaiendpoint.com
AI_API_KEY=password
AI_MODEL=llama
🔧(backend) add COLLABORATION_SERVER_URL setting The frontend need to know the collab server url, so we need to add a new setting to the backend, in order to expose this value to the frontend. If the setting is not defined, the frontend current domain will be used as the base url. In production this setting do not need to be defined since we have nginx capturing the ws requests, but in development we need to define it to target the collaboration server.
2024-11-15 11:36:40 +01:00
# Collaboration
🐛(env) update yprovider env for local development In local development the notification to the yprovider server was not working anymore because of a recent change in the container name. We adapt the env variables to match the new container name.
2025-06-20 15:35:19 +02:00
COLLABORATION_API_URL=http://y-provider-development:4444/collaboration/api/
🏗️(y-provider) manage auth in y-provider app The way to connect to the hocuspocus server needs to be proxified in nginx to query a dedicated route in the django application and then follow the request to the express server with the additionnal headers. The auth can be done in the express server by querying the backend on the document retrieve endpoint. If the response status code is 200, the user has access to the document, otherwise it is not the case. Then we can check the abilities to determine what the user can do or not.
2025-03-19 15:41:05 +01:00
COLLABORATION_BACKEND_BASE_URL=http://app-dev:8000
✨(y-provider) endpoint POST /collaboration/api/reset-connections We want to be able to reset the connections of a document. To do this, we need to be able to send a request to the collaboration server. To do so, we added the endpoint POST "/collaboration/api/reset-connections" to the collaboration server thanks to "express".
2024-11-28 17:00:06 +01:00
COLLABORATION_SERVER_ORIGIN=http://localhost:3000
✨(backend) add subrequest auth view for collaboration server We need to improve security on the access to The collaboration server We can use the same pattern as for media files leveraging the nginx subrequest feature.
2024-11-18 08:05:54 +01:00
COLLABORATION_SERVER_SECRET=my-secret
🚩(back) use existing no websocket feature flag An already existing feature flag COLLABORATION_WS_NOT_CONNECTED_READY_ONLY was used bu the frontend application to disable or not the edition for a user not connected to the websocket. We want to reuse it in the backend application to disable or not the no websocket feature.
2025-07-04 10:56:24 +02:00
COLLABORATION_WS_NOT_CONNECTED_READY_ONLY=true
🏗️(y-provider) manage auth in y-provider app The way to connect to the hocuspocus server needs to be proxified in nginx to query a dedicated route in the django application and then follow the request to the express server with the additionnal headers. The auth can be done in the express server by querying the backend on the document retrieve endpoint. If the response status code is 200, the user has access to the document, otherwise it is not the case. Then we can check the abilities to determine what the user can do or not.
2025-03-19 15:41:05 +01:00
COLLABORATION_WS_URL=ws://localhost:4444/collaboration/ws/
🧑‍💻(docker) add y-provider config to development environment Without this, YdocConverter throws an error when developping.
2025-06-03 09:24:16 +02:00
🔧(conf) add server to server api tokens to common We have the e2e test "it creates a doc server way" that is quite complicated to run locally, because it requires the `DJANGO_SERVER_TO_SERVER_API_TOKENS` environment variable to be set in "env.d/development/common". We moved `DJANGO_SERVER_TO_SERVER_API_TOKENS` from "env.d/development/common.e2e.dist" to "env.d/development/common.dist", by doing so, this variable will be set by default in the "env.d/development/common" file, the test will now run without any additional configuration.
2025-06-26 17:09:08 +02:00
DJANGO_SERVER_TO_SERVER_API_TOKENS=server-api-token
🐛(env) update yprovider env for local development In local development the notification to the yprovider server was not working anymore because of a recent change in the container name. We adapt the env variables to match the new container name.
2025-06-20 15:35:19 +02:00
Y_PROVIDER_API_BASE_URL=http://y-provider-development:4444/api/
🧑‍💻(docker) add y-provider config to development environment Without this, YdocConverter throws an error when developping.
2025-06-03 09:24:16 +02:00
Y_PROVIDER_API_KEY=yprovider-api-key
🧑‍💻(config) THEME_CUSTOMIZATION_CACHE_TIMEOUT to 15 seconds In development mode, we will reduce the cache timeout for theme customization to 15 seconds. This change allows developers to see updates to theme settings more quickly without needing to clear the cache manually.
2025-10-09 15:09:17 +02:00
✨(backend) Import of documents We can now import documents in formats .docx and .md. To do so we added a new container "docspec", which uses the docspec service to convert these formats to Blocknote format. More here: #1567 #1569.
2025-11-15 16:29:43 +01:00
DOCSPEC_API_URL=http://docspec:4000/conversion
🧑‍💻(config) THEME_CUSTOMIZATION_CACHE_TIMEOUT to 15 seconds In development mode, we will reduce the cache timeout for theme customization to 15 seconds. This change allows developers to see updates to theme settings more quickly without needing to clear the cache manually.
2025-10-09 15:09:17 +02:00
# Theme customization
🔧(backend) setup Docs app dockers to work with Find Add nginx with 'nginx' alias to the 'lasuite-net' network (keycloak calls) Add celery-dev to the 'lasuite-net' network (Find API calls in jobs) Set app-dev alias as 'impress' in the 'lasuite-net' network Add indexer configuration in common settings Signed-off-by: Fabre Florian <ffabre@hybird.org>
2025-10-06 16:03:14 +02:00
THEME_CUSTOMIZATION_CACHE_TIMEOUT=15
🔧(compose) disable indexer in default configuration Set SEARCH_INDEXER_CLASS=None as default configuration for dev. Rename docker network 'lasuite-net' as 'lasuite' to match with Drive configuration. Signed-off-by: Fabre Florian <ffabre@hybird.org>
2025-11-03 10:40:40 +01:00
# Indexer (disabled)
# SEARCH_INDEXER_CLASS="core.services.search_indexers.SearchIndexer"
SEARCH_INDEXER_SECRET=find-api-key-for-docs-with-exactly-50-chars-length # Key generated by create_demo in Find app.
🔧(backend) setup Docs app dockers to work with Find Add nginx with 'nginx' alias to the 'lasuite-net' network (keycloak calls) Add celery-dev to the 'lasuite-net' network (Find API calls in jobs) Set app-dev alias as 'impress' in the 'lasuite-net' network Add indexer configuration in common settings Signed-off-by: Fabre Florian <ffabre@hybird.org>
2025-10-06 16:03:14 +02:00
SEARCH_INDEXER_URL="http://find:8000/api/v1.0/documents/index/"
SEARCH_INDEXER_QUERY_URL="http://find:8000/api/v1.0/documents/search/"
Reference in New Issue Copy Permalink