paradizelost/paperless-ngx
1
0
Fork 0
mirror of https://github.com/paperless-ngx/paperless-ngx.git synced 2025-04-11 10:00:48 -05:00
Code Issues Packages Projects Releases Wiki Activity

Better handling of the passphrase

Browse Source
This commit is contained in:
Daniel Quinn 2016-01-10 13:40:26 +00:00
parent 65c2e42008
commit fe47f9f07e
3 changed files with 26 additions and 11 deletions

16
README.md

@ -55,14 +55,18 @@ powerful tools.
* `CONVERT_BINARY`: The path to `convert`, installed as part of ImageMagick. * `CONVERT_BINARY`: The path to `convert`, installed as part of ImageMagick.
* `SCRATCH_DIR`: A place for files to be created and destroyed. The default * `SCRATCH_DIR`: A place for files to be created and destroyed. The default
is as good a place as any. is as good a place as any.
* `CONSUMPTION_DIR`: The directory you scanner will be depositing files. * `CONSUMPTION_DIR`: The directory into which your scanner will be
Note that the consumption script will import files from here **and then depositing files. Note that the consumption script will import files from
delete them**. here **and then delete them**.
* `PASSPHRASE`: You can set this here, or allow the running of the service
to ask you for it each time you start. If you store the value here, you
should probably set the permissions on `settings.py` to `0400`.
3. Run `python manage.py migrate`. This will create your local database. 3. Run `python manage.py migrate`. This will create your local database if it
doesn't exist. You should probably change the permissions on this database
file to 0600.
4. Run `python manage.py consume` and enter your preferred passphrase when 4. Run `python manage.py consume`.
prompted.
5. Start the webserver with `python manage.py runserver` and enter the same 5. Start the webserver with `python manage.py runserver` and enter the same
passphrase when prompted. passphrase when prompted.

5
src/manage.py

@ -11,9 +11,8 @@ if __name__ == "__main__":
# The runserver and consumer need to have access to the passphrase, so it # The runserver and consumer need to have access to the passphrase, so it
# must be entered at start time to keep it safe. # must be entered at start time to keep it safe.
if "runserver" in sys.argv or "consume" in sys.argv: if "runserver" in sys.argv or "consume" in sys.argv:
settings.PASSPHRASE = "asdf" if not settings.PASSPHRASE:
if not settings.DEBUG:
settings.PASSPHRASE = input( settings.PASSPHRASE = input(
"Production environment. Input passphrase: ") "settings.PASSPHRASE is unset. Input passphrase: ")
execute_from_command_line(sys.argv) execute_from_command_line(sys.argv)

16
src/paperless/settings.py

@ -84,6 +84,13 @@ DATABASES = {
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'), 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
} }
} }
if os.environ.get("PAPERLESS_DBUSER") and os.environ.get("PAPERLESS_DBPASS"):
DATABASES["default"] = {
"ENGINE": "django.db.backends.postgresql_psycopg2",
"NAME": os.environ.get("PAPERLESS_DBNAME", "paperless"),
"USER": os.environ.get("PAPERLESS_DBUSER"),
"PASSWORD": os.environ.get("PAPERLESS_DBPASS")
}
# Password validation # Password validation
@ -132,8 +139,13 @@ MEDIA_URL = "/media/"
# Paperless-specific stuffs # Paperless-specific stuffs
# Change these paths if yours are different # Change these paths if yours are different
GNUPG_HOME = os.environ.get("HOME", "/dev/null")
CONVERT_BINARY = "/usr/bin/convert" CONVERT_BINARY = "/usr/bin/convert"
SCRATCH_DIR = "/tmp/paperless" # Will be created if it doesn't exist SCRATCH_DIR = "/tmp/paperless" # Will be created if it doesn't exist
CONSUMPTION_DIR = "/tmp/paperless/consume" CONSUMPTION_DIR = "/tmp/paperless/consume"
GNUPG_HOME = os.environ.get("HOME", "/dev/null")
PASSPHRASE = None # Set via manage.py # Set this and change the permissions on this file to 0600, or set it to
# `None` and you'll be prompted for the passphrase at runtime. The default
# looks for an environment variable.
PASSPHRASE = os.environ.get("PAPERLESS_PASSPHRASE")