summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorCorentin LABBE <clabbe@baylibre.com>2018-01-08 14:17:59 +0100
committerCorentin LABBE <clabbe@baylibre.com>2018-01-08 15:15:40 +0100
commit94a6a8e07e3d7e6c3233554dae2056687590b651 (patch)
treeef8bef989b370ac16445548618215d1abe0c152d
parent83781cf3177ae2928221c424caeb2bd880d6cc6c (diff)
Disable CSRF cookie
When working with HTTP interface, it is impossible to login. Ths patch also document that in Readme.md
-rw-r--r--README.md2
-rw-r--r--lava-master/Dockerfile3
-rw-r--r--lava-master/settings.conf16
3 files changed, 20 insertions, 1 deletions
diff --git a/README.md b/README.md
index 637662c..11c2aa9 100644
--- a/README.md
+++ b/README.md
@@ -98,4 +98,4 @@ Note that this container provides defaults which are unsecure. If you plan on de
* Changing the default admin password
* Using HTTPS
-
+ * Re-enable CSRF cookie (disabled in lava-master/Dockerfile)
diff --git a/lava-master/Dockerfile b/lava-master/Dockerfile
index 2dd44b0..4705e45 100644
--- a/lava-master/Dockerfile
+++ b/lava-master/Dockerfile
@@ -78,6 +78,9 @@ RUN /start.sh && /setup.sh && /stop.sh
#uncomment if you want to use squid
#RUN sed -i 's,^.*http_proxy:.*, http_proxy: http://squid:3128,' /etc/lava-server/env.yaml
+#comment this if you do HTTPS (For reenabling CSRF cookie)
+COPY settings.conf /etc/lava-server/
+
EXPOSE 69/udp 80 3079 5555 5556
CMD /start.sh && bash
diff --git a/lava-master/settings.conf b/lava-master/settings.conf
new file mode 100644
index 0000000..c809e2c
--- /dev/null
+++ b/lava-master/settings.conf
@@ -0,0 +1,16 @@
+{
+ "DEBUG": false,
+ "STATICFILES_DIRS": [
+ ["lava-server", "/usr/share/pyshared/lava_server/htdocs/"]
+ ],
+ "MEDIA_ROOT": "/var/lib/lava-server/default/media",
+ "ARCHIVE_ROOT": "/var/lib/lava-server/default/archive",
+ "STATIC_ROOT": "/usr/share/lava-server/static",
+ "STATIC_URL": "/static/",
+ "MOUNT_POINT": "/",
+ "HTTPS_XML_RPC": false,
+ "LOGIN_URL": "/accounts/login/",
+ "LOGIN_REDIRECT_URL": "/",
+ "CSRF_COOKIE_SECURE": false,
+ "SESSION_COOKIE_SECURE": false
+}