fix: remove obsolete static file handler

These are required to e.g. use PostgreSQL client certificates using
sslcert=/sslkey=.

django_etebase/signals.py

@@ -1,3 +1,4 @@
 from django.dispatch import Signal
 
-user_signed_up = Signal(providing_args=["request", "user"])
+# Provides arguments "request" and "user"
+user_signed_up = Signal()

etebase-server.ini.example

@@ -18,3 +18,6 @@ allowed_host1 = example.com
 [database]
 engine = django.db.backends.sqlite3
 name = db.sqlite3
+
+[database-options]
+; Add engine-specific options here, such as postgresql parameter key words

etebase_server/settings.py

@@ -164,6 +164,9 @@ if any(os.path.isfile(x) for x in config_locations):
     if "database" in config:
         DATABASES = {"default": {x.upper(): y for x, y in config.items("database")}}
 
+    if "database-options" in config:
+        DATABASES["default"]["OPTIONS"] = config["database-options"]
+
 ETEBASE_CREATE_USER_FUNC = "django_etebase.utils.create_user_blocked"
 
 # Efficient file streaming (for large files)

etebase_server/urls.py

@@ -1,25 +1,13 @@
 import os
 
 from django.conf import settings
-from django.conf.urls import url
 from django.contrib import admin
-from django.urls import path, re_path
+from django.urls import path
 from django.views.generic import TemplateView
 from django.views.static import serve
 from django.contrib.staticfiles import finders
 
 urlpatterns = [
-    url(r"^admin/", admin.site.urls),
+    path("admin/", admin.site.urls),
     path("", TemplateView.as_view(template_name="success.html")),
 ]
-
-if settings.DEBUG:
-
-    def serve_static(request, path):
-        filename = finders.find(path)
-        dirname = os.path.dirname(filename)
-        basename = os.path.basename(filename)
-
-        return serve(request, basename, dirname)
-
-    urlpatterns += [re_path(r"^static/(?P<path>.*)$", serve_static)]

etebase_server/utils.py

@@ -13,6 +13,8 @@
 # along with this program. If not, see <http://www.gnu.org/licenses/>.
 
 from django.core.management import utils
+import os
+import stat
 
 
 def get_secret_from_file(path):
@@ -21,6 +23,7 @@ def get_secret_from_file(path):
             return f.read().strip()
     except EnvironmentError:
         with open(path, "w") as f:
+            os.chmod(path, stat.S_IRUSR | stat.S_IWUSR)
             secret_key = utils.get_random_secret_key()
             f.write(secret_key)
             return secret_key

example-configs/nginx-uwsgi/README.md

@@ -1,22 +0,0 @@
-# Running `etebase` under `nginx` and `uwsgi`
-
-This configuration assumes that etebase server has been installed in the home folder of a non privileged user
-called `EtebaseUser` following the instructions in <https://github.com/etesync/server>. Also that static
-files have been collected at `/srv/http/etebase_server` by running the following commands:
-
-```shell
-sudo mkdir -p /srv/http/etebase_server/static
-sudo chown -R EtebaseUser /srv/http/etebase_server
-sudo su EtebaseUser
-cd /path/to/etebase
-ln -s /srv/http/etebase_server/static static
-./manage.py collectstatic
-```
-
-It is also assumed that `nginx` and `uwsgi` have been installed system wide by `root`, and that `nginx` is running as user/group `www-data`.
-
-In this setup, `uwsgi` running as a `systemd` service as `root` creates a unix socket with read-write access
-to both `EtebaseUser` and `nginx`. It then drops its `root` privilege and runs `etebase` as `EtebaseUser`.
-
-`nginx` listens on the `https` port (or a non standard port `https` port if desired), delivers static pages directly
-and for everything else, communicates with `etebase` over the unix socket.

example-configs/nginx-uwsgi/etebase.ini

@@ -1,15 +0,0 @@
-# uwsgi configuration file
-# typical location of this file would be /etc/uwsgi/sites/etebase.ini
-
-[uwsgi]
-socket = /path/to/etebase_server.sock
-chown-socket = EtebaseUser:www-data
-chmod-socket = 660
-vacuum = true
-
-
-uid = EtebaseUser
-chdir = /path/to/etebase
-home = %(chdir)/.venv
-module = etebase_server.wsgi
-master = true

example-configs/nginx-uwsgi/etesync.ini

@@ -1,15 +0,0 @@
-# uwsgi configuration file
-# typical location of this file would be /etc/uwsgi/sites/etesync.ini
-
-[uwsgi]
-socket = /path/to/etesync_server.sock
-chown-socket = EtesyncUser:www-data
-chmod-socket = 660
-vacuum = true
-
-
-uid = EtesyncUser
-chdir = /path/to/etesync
-home = %(chdir)/.venv
-module = etesync_server.wsgi
-master = true

example-configs/nginx-uwsgi/my.server.name.conf

@@ -1,36 +0,0 @@
-# nginx configuration for etebase server running on https://my.server.name 
-# typical location of this file would be /etc/nginx/sites-available/my.server.name.conf
-
-server {
-    server_name my.server.name;
-
-    root /srv/http/etebase_server;
-
-    client_max_body_size 20M;
-
-    location /static {
-        expires 1y;
-        try_files $uri $uri/ =404;
-    }
-
-    location /media {
-        expires 1y;
-        try_files $uri $uri/ =404;
-    }
-
-    location / {
-        uwsgi_pass      unix:/path/to/etebase_server.sock;
-        include         uwsgi_params;
-    }
-
-    # change 443 to say 9443 to run on a non standard port
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    # Enable these two instead of the two above if your nginx supports http2
-    # listen 443 ssl http2;
-    # listen [::]:443 ssl http2;
-
-    ssl_certificate /path/to/certificate-file
-    ssl_certificate_key /path/to/certificate-key-file
-    # other ssl directives as needed
-}

example-configs/nginx-uwsgi/uwsgi.service

@@ -1,15 +0,0 @@
-# systemd unit for running uwsgi in emperor mode
-# typical location of this file would be /etc/systemd/system/uwsgi.service
-
-[Unit]
-Description=uWSGI Emperor service
-
-[Service]
-ExecStart=/usr/local/bin/uwsgi --emperor /etc/uwsgi/sites
-Restart=always
-KillSignal=SIGQUIT
-Type=notify
-NotifyAccess=all
-
-[Install]
-WantedBy=multi-user.target