I've finally got around to learning the new class based views approach in Django 1.3 with the goal of writing a mixin that can be used with django-tables to avoid some of the boilerplate code that's currently required. I ended up with a handy SingleTableMixin class which I'll be merging into the development branch when I get a chance.
However I find learning-by-doing is optimal so I started by refactored some legacy CRUD CMS-like views to use the class based views approach. I became a little side-tracked while looking over the old code and found myself cleaning them up. During this process I noticed that it might be a good idea to create URLs via reverse(view_func) rather than reverse(urlname). However it did not work.
After some painful debugging it seems that view functions that are hooked into the URLconf via a namespaced URL can not be reversed via their function reference.
Sunday, May 29, 2011
Wednesday, May 25, 2011
Creating a separate linux user for each Web site
For added security it's a good idea to run each Web site as a separate user. For this, I use the following command:
You can then instruct mod_wsgi to use this user:
Obviously in both snippets, you replace <username> with an actual username.
sudo adduser --system --no-create-home <username>
You can then instruct mod_wsgi to use this user:
WSGIDaemonProcess bradleyayers.com user=<username>
Obviously in both snippets, you replace <username> with an actual username.
Forcing SSH to authenticate via public key for all but one user
When setting up a Ubuntu Web server I generally want to disable password authentication for SSH (and instead use public key), which has been all well and good until now. While experimenting with automatic deployment solutions for Django, I wanted to be able to use password authentication for a the deployment account, whilst enforcing public key authentication for everyone else.
The solution is very simple. In my /etc/ssh/sshd_config I have the typical:
And to enable password authentication for a single user I added the following to the end of the file:
It's documented in detail in the Match section of the man page.
The solution is very simple. In my /etc/ssh/sshd_config I have the typical:
RSAAuthentication no PubkeyAuthentication yes
And to enable password authentication for a single user I added the following to the end of the file:
# Allow the 'deployment' user to login # using their password Match User deployment PasswordAuthentication no
It's documented in detail in the Match section of the man page.
Subscribe to:
Posts (Atom)