Document Merge Service is a 12factor app which means that configuration is stored in environment variables. Different environment variable types are explained at django-environ.
SECRET_KEY
: A secret key used for cryptography. This needs to be a random string of a certain length. See more.ALLOWED_HOSTS
: A list of hosts/domains your service will be served from. See more.
Per default Sqlite3 is used as database for simple deployment and stored at /var/lib/document-merge-service/data/sqlite3.db
. Create a volume to make it persistent.
To scale the service a different database storage is needed. Any database supported by Django can be used.
DATABASE_ENGINE
: Database backend to use.DATABASE_HOST
: Host to use when connecting to databaseDATABASE_PORT
: Port to use when connecting to databaseDATABASE_NAME
: Name of database to useDATABASE_USER
: Username to use when connecting to the databaseDATABASE_PASSWORD
: Password to use when connecting to database
UNOCONV_ALLOWED_TYPES
: List of types allowed to convert to. Seeunoconv --show
(default: ['pdf'])UNOCONV_PYTHON
: String, defaults to "/usr/bin/python3.5"UNOCONV_PATH
: String, defaults to "/usr/bin/unoconv"
DOCXTEMPLATE_JINJA_EXTENSIONS
: list of jinja2 extensions to load
In python-docx-template following additional custom filters are implemented:
- multiline(value) - wraps the value in a Listing for multiline support
- datetimeformat(value, format, locale)
- dateformat(value, format, locale)
- timeformat(value, format, locale)
- getwithdefault(value, default) - converts None to empty string (or provided default value) or leaves strings as is
- emptystring(value) - converts None to empty string or leaves strings as is (deprecated in favor of getwithdefault)
- image(width, height) - Creates an inline image from provided file with the same name.
width
andheight
are optional and represent millimetres.
For formatting use babel and its uniode compatible format.
By default, no authentication is needed. To protect the API, integrate it with your IAM supporting Open ID Connect. If not available, you might consider using Keycloak.
REQUIRE_AUTHENTICATION
: Force authentication to be required (default: False)OIDC_USERINFO_ENDPOINT
: Url of userinfo endpoint as describedOIDC_VERIFY_SSL
: Verify ssl certificate of oidc userinfo endpoint (default: True)OIDC_GROUPS_CLAIM
: Name of claim to be used to define group membership (default: document_merge_service_groups)OIDC_BEARER_TOKEN_REVALIDATION_TIME
: Time in seconds before bearer token validity is verified again. For best security token is validated on each request per default. It might be helpful though in case of slow Open ID Connect provider to cache it. It uses cache mechanism for memorizing userinfo result. Number has to be lower than access token expiration time. (default: 0)
Document Merge Service uses dgap to handle permissions and visibilities. It can be configured using the following environment variables:
DMS_VISIBILITY_CLASSES
: List of classes that handle dgap visibilitiesDMS_PERMISSION_CLASSES
: List of classes that handle dgap permissionsEXTENSIONS_ARGUMENTS
: Custom arguments from the app to be used in the visibility and permission classes. This is expected to be adict
, e.g.EXTENSIONS_ARGUMENTS=foo=bar
could then be used in the extension classes assettings.EXTENSIONS_ARGUMENTS["foo"]
CACHE_BACKEND
: cache backend to use (default: django.core.cache.backends.locmem.LocMemCache)CACHE_LOCATION
: location of cache to use
CORS_ORIGIN_ALLOW_ALL
: allow allCORS_ORIGIN_REGEX_WHITELIST
: List of whitelist regexes defaults to "^(https?://)?127.0.0.1:\d{4}$"
Users of nginx/apache must ensure to have matching CORS configurations.
PAGINATION_ENABLED
: whether the pagination is enabled (default:True
)PAGINATION_DEFAULT_PAGE_SIZE
: the default page size if no query param (page_size
) is given (default:100
)PAGINATION_MAX_PAGE_SIZE
: the max value of the page size query param (page_size
) (default:1000
)
SERVER_EMAIL
: the email address that error messages come fromDEFAULT_FROM_EMAIL
: default email address to use for various automated correspondence. This doesn’t include error messages sent toADMINS
.EMAIL_HOST
: the host to use for sending email (default:localhost
)EMAIL_PORT
: port to use for the SMTP server (default:25
)EMAIL_HOST_USER
: username for the SMTP server(default: "")EMAIL_HOST_PASSWORD
: password for the SMTP server user (default: "")EMAIL_USE_TLS
: whether to use an implicit TLS (secure) connection when talking to the SMTP server (default:False
)
If either EMAIL_HOST_USER
or EMAIL_HOST_PASSWORD
is empty, Django won't attempt authentication.
ENABLE_ADMIN_EMAIL_LOGGING
: enable Django to send email to admins on errors (default:False
)ADMINS
: list of people who will get code error notifications. Items in the list should follow this example:Test Example <[email protected]>,Test2 <[email protected]>
SENTRY_DSN
: identifier (data source name) for where to send events to. If no value is provided, sentry won't be activated (default: "")SENTRY_ENVIRONMENT
: which app environment sent an event to sentry (default:development
)SENTRY_TRACES_SAMPLE_RATE
: percentage chance a given transaction will be sent to Sentry (default:1.0
)SENTRY_SEND_DEFAULT_PII
: enable send PII data that associates users to errors (default:True
)
FILE_STORAGE
: Django file storage backend (default:django.core.files.storage.FileSystemStorage
)MEDIA_ROOT
: Absolute filesystem path to the directory that will hold user-uploaded files. (default: "")MEDIA_URL
: URL that handles the media served from MEDIA_ROOT, used for managing stored files. When using buckets this needs to be changed. (default:api/v1/template/
)
django-storages S3 settings
Refer to for example Digital Ocean configuration if using a S3 compatible storage which isn't AWS.
Required to use S3 storage:
AWS_S3_ACCESS_KEY_ID
: AWS access key idAWS_S3_SECRET_ACCESS_KEY
: AWS secret access keyAWS_STORAGE_BUCKET_NAME
: Storage bucket name
Optional:
AWS_S3_ENDPOINT_URL
: Custom S3 URL to use when connecting to S3, including scheme. (default: "")AWS_S3_REGION_NAME
: Region of the storage (default: "")AWS_LOCATION
: A path prefix that will be prepended to all uploads (default: "")AWS_S3_FILE_OVERWRITE
: IfTrue
Files with the same name will overwrite each other. Otherwise extra characters are appended. (default:False
)AWS_S3_SIGNATURE_VERSION
: S3 signature version to use (default:s2
)AWS_S3_USE_SSL
: Whether or not to use SSL when connecting to S3 (default:True
)AWS_S3_VERIFY
: Whether or not to verify the connection to S3. Can be set to False to not verify SSL/TLS certificates. (default:None
)