Skip to content

Commit

Permalink
feat: install django-allow-cidr in order to allow hosts based on subnet
Browse files Browse the repository at this point in the history
  • Loading branch information
fcecagno committed Jul 3, 2024
1 parent 6fdd46d commit 3862fc1
Show file tree
Hide file tree
Showing 4 changed files with 13 additions and 1 deletion.
2 changes: 1 addition & 1 deletion dojo/settings/.settings.dist.py.sha256sum
Original file line number Diff line number Diff line change
@@ -1 +1 @@
7b3bb14160f3ffce537d75895ee18cb0a561232fa964bae88b4861f7d289b176
6fae39546f8acdd7a9d987df65fc6d2d5424b863031fc8a02ca02a92cf9709a6
8 changes: 8 additions & 0 deletions dojo/settings/settings.dist.py
Original file line number Diff line number Diff line change
Expand Up @@ -301,6 +301,8 @@
DD_QUALYS_LEGACY_SEVERITY_PARSING=(bool, True),
# Use System notification settings to override user's notification settings
DD_NOTIFICATIONS_SYSTEM_LEVEL_TRUMP=(list, ["user_mentioned", "review_requested"]),
# Set addr cidr for allowed hosts, example: 10.144.0.0/16
DD_ALLOWED_CIDR_NETS=(list, []),
)


Expand Down Expand Up @@ -888,6 +890,12 @@ def generate_url(scheme, double_slashes, user, password, host, port, path, param

vars().update(EMAIL_CONFIG)

# Possible to set ALLOWED_CIDR_NETS
# https://pypi.org/project/django-allow-cidr/
if env('DD_ALLOWED_CIDR_NETS') != ['[]']:
MIDDLEWARE.append('allow_cidr.middleware.AllowCIDRMiddleware')
ALLOWED_CIDR_NETS = env('DD_ALLOWED_CIDR_NETS')

# ------------------------------------------------------------------------------
# SAML
# ------------------------------------------------------------------------------
Expand Down
3 changes: 3 additions & 0 deletions dojo/settings/template-env
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,9 @@ DD_DATABASE_URL=#DD_DATABASE_URL#
# Hosts/domain names that are valid for this site;
DD_ALLOWED_HOSTS=#DD_ALLOWED_HOSTS#

# cidr addresses that are valid for this site;
DD_ALLOWED_CIDR_NETS=#DD_ALLOWED_CIDR_NETS#

# WhiteNoise allows your web app to serve its own static files,
# making it a self-contained unit that can be deployed anywhere without relying on nginx,
# if using nginx then disable Whitenoise
Expand Down
1 change: 1 addition & 0 deletions requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ celery==5.4.0
coverage==7.5.4
defusedxml==0.7.1
django_celery_results==2.5.1
django-allow-cidr==0.7.1
django-auditlog==2.3.0
django-dbbackup==4.1.0
django-environ==0.11.2
Expand Down

0 comments on commit 3862fc1

Please sign in to comment.