FEAT: build updates to support multi-architecture image builds and hardware encoding

[mrjoshuap]

These are some ideas and notes to make it easier to track and solicit feedback. Please do not think this is a PR. This is sort of like requirements documentation. I'd like a little discussion on these before I make a file PR and work on it there. I've implemented most of this already, but it's not consumable by others... I'm grabbing some of the things that worked for me and putting them here. There's gonna be spelling errors and things that are seemingly misplaced or not make total sense because I'm pulling from several different prototypes I went through getting my successful deployment.

In short, to get a viable hardware encoding enabled multi-arch image consistently built while simultaneously supporting a number of different deployment patterns, we're gonna need an overhaul to the build system.

Make is already there, so I used it. I also used ArgoCD, and can make arguments for others as well. Personally, I find using this approach to make very convenient and handy at forcing better development habits for myself.

I'd love some thoughts and feedback.

MediaCMS Build Configurations

These are stored as build/[build-config].env and contain variables that alter the build behavior and resulting image outputs.

Supported builds configurations include:

• full - Builds a typical full MediaCMS image runtime and frontend (not started)
• frontend - Builds the NodeJS image needed for independent frontend development or generating static content
• all-in-one - Builds a "kitchen sink" deployment without the garbage disposal

MediaCMS Deployment Configurations

These are stored as deploy/[container-runtime]/[deployment-config].env and contain variables that alter the deployment patterns behavior and resulting image outputs.

Supported deployment types are:

• local_install - no containers, only useful for python and node development
• simple - The main container runs migrations, web, uwsgi, celery_beat, celery_workers (celery_short and celery_long services), exposed on port 80 supported by redis and postgres database, accessed as http://localhost
• simple-letsencrypt - simple with a ssl certificate through letsencrypt service, accessed as https://mediacms.io
• advanced - Separate containers run migrations, mediacms_web (web and uwsgi), celery_beat, celery_workers (celery_short and celery_long services), exposed on port 80 supported by redis and postgres database, accessed as http://localhost
• advanced-letsencrypt - advanced with a ssl certificate through letsencrypt service, accessed as https://mediacms.io
• advanced-reverse-proxy - advanced with reverse proxy, accessed as http://mediacms.io
• advanced-reverse-proxy-letsencrypt - advanced-reverse-proxy with a ssl certificate through letsencrypt service, accessed as https://mediacms.io
• advanced-hardware-encoder - Separate containers run migrations, web, uwsgi, celery_beat, celery_short, and celery_long services, exposed on port 80 supported by redis and postgres database, accessed as http://localhost

It is common to copy one of the examples and customize the environment variables appropriately.

MediaCMS Services

• SERVICES = db redis migration celery celery_workers celery_beat celery_long celery_short frontend uwsgi web

• db - PostgreSQL for most application components

• redis - In memory cache for task queues migration celery_beat celery_long celery_short uwsgi frontend web

• migration - is a Django container meant to handle database migration scripts to accomodate application changes and to collect static content, is typically one-shot started after the databases, but before the rest of the components. It can safely be run after all services on online, running and operational.

• celery - Task executor service comprised of three different services listening to different queues: beat, long, short

  • Can be built, deployed and managed as a single unit, celery_workers but is actually broken into celery_beat, celery_short, celery_long

• celery_beat - Watches for heartbeats and other internal application messages posting to the beat queue, ideally always the first celery worker to start and last to stop

• celery_long - Primarily pulls trancoding jobs from the long queue and performing the encoding

• celery_short - Watches for short tasks, such as sending e-mail and other light transcoding needs

• frontend - NodeJS application found in ./frontend/, it generates the front end application as static content or run as a server for development/debugging of the web interface

• uwsgi - is mainly the backend service for the web front end handling API calls and typical web application needs

• web - an nginx server that serves static content and proxies requests to the uwsgi service

NOTE: It should be common practice to run all of the celery workers in a single deployment container, however, scalable deployments would separate the workers accordingly
NOTE: Currently celery_long workers are the only workers that will utilize hardware encoding, if specified hardware and the image supports it

MediaCMS Environment Variables

MediaCMS is managed either by a local_settings.py file or set using one or more environment variables.

NOTE: mediacms/cms/settings.py is configured to prioritize local_settings.py however, ALL settings can be configured with MEDIACMS_* environment variables.

A brief list environment variables is:

MEDIACMS_ACCOUNT_AUTHENTICATION_METHOD
MEDIACMS_ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS
MEDIACMS_ACCOUNT_EMAIL_REQUIRED
...
... a WHOLE bunch of them.  all of them.  from settings.py.  all safe typed and have sane defaults.  currently overridden by local_settings.py if present.
...
MEDIACMS_ADMINS_NOTIFICATIONS_MEDIA_ADDED
MEDIACMS_ADMINS_NOTIFICATIONS_MEDIA_ENCODED
MEDIACMS_ADMINS_NOTIFICATIONS_MEDIA_REPORTED

Directory Structure

• ./Makefile: Main entry point.
• ./build/:
  • ./build/Makefile.[component]: Generic component makefiles.
  • ./build/Makefile.[component].[runtime]: Runtime-specific makefiles.
  • ./build/[build-config].env: Build environment files (e.g., all-in-one, full, frontend).
  • ./build/scripts/:
    • Shell scripts (e.g., setup_env.sh, setup_precommit.sh).
• ./deploy/:
  • ./deploy/kubectl/: Deployments and runtime files for kubernetes based runtimes
  • ./deploy/kubectl/[deployment-config].env: Deployment environment variables for full builds for kubernetes based runtimes (simple, advanced, etc)
  • ./deploy/docker/: Deployments and runtime files for docker/podman based runtimes
  • ./deploy/docker/[deployment-config].env: Deployment environment variables for simple builds for docker/podman based runtimes
    ./deploy/local_install/: Configurations related to the local_install deployment
  • ./deploy/local_install/.env: Deployment environment files for the local_install (not really supported)

Makefile Structure

• Indentation: Use tabs (not spaces) for indentation, as required by GNU Make.
• Component Makefiles: Organize targets into logically grouped files:
  • Makefile.admin: Administrative tasks (e.g., shells, container operations).
  • Makefile.build: Build-related tasks (e.g., compiling, container images).
  • Makefile.deploy: Deployment tasks (e.g., service deployment).
  • Makefile.development: Development tools and workflows.
  • Makefile.frontend: Frontend Node.js application tasks.
  • Makefile.manage: Application management (e.g., Django static content, operations and python shell).
  • Makefile.legacy: Deprecated targets for backward compatibility.
• Container Runtime Variants: Include runtime-specific makefiles (e.g., Makefile.build.kubectl, Makefile.build.docker) where applicable.

Makefile Environment Variables (Makefile Format)

The important ones are:

• CONTAINER_RUNTIME=kubectl
• BUILD=full
• DEPLOYMENT=simple

# Shared Configuration, represents start up order
CONTAINER_RUNTIME ?= kubectl
BUILD_DIR = build
DEPLOY_DIR = deploy/$(CONTAINER_RUNTIME)

# Can be full or simple
BUILDS = full all-in-one frontend
BUILD ?= full
BUILD_ENV ?= $(BUILD_DIR)/env/$(BUILD).env

BUILD_ENV_ALL_IN_ONE_DOCKERFILE ?= $(BUILD_DIR)/Dockerfile
BUILD_ENV_FRONTEND_DOCKERFILE ?= $(BUILD_DIR)/Dockerfile-multi-arch-frontend
BUILD_ENV_FULL_DOCKERFILE ?= $(BUILD_DIR)/Dockerfile-multi-arch
BUILD_ENV_DOCKERFILE ?= $(BUILD_ENV_FULL_DOCKERFILE)

# Can be advanced or simple
DEPLOYMENT_TYPES ?= simple simple-reverse-proxy advanced advanced-reverse-proxy advanced-hardware-encoding
DEPLOYMENT_TYPE ?= advanced
DEPLOYMENT_LOCAL_INSTALL ?= deploy/local_install/.env
DEPLOYMENT ?= $(DEPLOY_DIR)/.env.$(DEPLOYMENT_TYPE)

# Should be overriden by the deployment
SERVICES ?= db redis migration celery celery_beat celery_long celery_short uwsgi frontend web

# CLI Configuration
CLI_ENV = cli-tool/.env

# Kubectl
NAMESPACE = mediacms
KUBECTL = kubectl -n $(NAMESPACE)
K8S_DIR = $(BUILD_DIR)/$(CONTAINER_RUNTIME)

# Docker/Podman
COMPOSE_FILE = docker-compose-multi-arch.yaml

As a prototype of my thoughts, here is an initial just checked out now what example:

$ make
MediaCMS Build System
Usage: make [target]

Available Categories:
  build             - Build-related tasks
  deploy            - Deployment tasks
  manage            - Application management
  development       - Development tools and workflows
  frontend          - Frontend Node.js application tasks
  admin             - Administrative tasks
  workflows         - Show common workflow examples
  legacy            - Deprecated targets

Use 'make help-[category]' for details, e.g., 'make help-workflows'
$ make help-workflows
MediaCMS Workflows

Development Workflow:
  make feature NAME=[name]      - Create a feature branch
    Ex: make feature NAME=new-feature
  make bug NAME=[name]          - Create a bug branch
    Ex: make bug NAME=fix-login
  make changed-from BRANCH=[branch] - Show changed files from a branch
    Ex: make changed-from BRANCH=main
  make diff BRANCH=[branch]     - Show diff from a branch
    Ex: make diff BRANCH=main
  make squash BRANCH=[branch]   - Squash commits into a new branch (WARNING: modifies git history)
    Ex: make squash BRANCH=feat/new-feature
  make report-bug               - Print bug report template
  make request-feature          - Print feature request template
  make submit-pr                - Print pull request template

Build Workflow:
  make build-[config]           - Build the specified configuration
    Ex: make build-full
    Note: For kubectl, this creates a suspended build job. Use 'start-build' to resume it.
  make start-build CONFIG=[config] - Start the build job (kubectl only)
    Ex: make start-build CONFIG=full
  make logs-build CONFIG=[config]  - Monitor build logs
    Ex: make logs-build CONFIG=full
  make status-build CONFIG=[config] - Check build status
    Ex: make status-build CONFIG=full

Deployment Workflow:
  make setup-deploy TYPE=[type] - Configure deployment settings
    Ex: make setup-deploy TYPE=production
  make deploy-[config]         - Deploy a specific configuration, (`simple`, `advanced`, etc)
    Ex: make deploy-simple
  make status-deploy CONFIG=[config] - Check deployment status
    Ex: make status-deploy CONFIG=simple
  make restart-[deployment]        - Restart a deployment
    Ex: make restart-advanced
  make stop-[deployment]           - Stop a deployment
    Ex: make stop-advanced

Management Workflow:
  make setup-cli                - Configure the CLI tool
  make migration                - Run database migrations
  make createsuperuser          - Create a superuser
  make collectstatic            - Collect static files
  make loaddata FILE=[file]     - Load data from a JSON file
    Ex: make loaddata FILE=fixtures/data.json
  make logs-[service]           - View logs for a service
    Ex: make logs-web
  make shell-[service]           - Open a shell to a service
    Ex: make shell-web
  make shell-admin           - Open a python shell to a service
    Ex: make shell-admin SERVICE=web

Testing Workflow:
  make test-all                 - Run all tests
  make test-[test]              - Run a specific test
    Ex: make test-pytest
  make test-pytest              - Run tests for python runtime
  make test-kubectl             - Run tests for kubectl runtime
  make test-docker              - Run tests for docker runtime
  make test-podman              - Run tests for podman runtime

Convenience Targets:
  make build-and-deploy         - Build all configurations and deploy all services
  make clean-all                - Clean all build and deployment artifacts

Functionally I need this so I have more control over volume mounts... seems a long way around to get it.

LOL!

Looking forward to hearing some opinions.

[mrjoshuap]

Including an example build-config.env file for reference.

# ============================================================================
# mediacms/build/full.env - Comprehensive Docker Build Configuration
# Purpose: Provides all possible build arguments for MediaCMS Dockerfile
# Usage:
#   - Copy this file to create environment-specific configs (e.g., dev.env, test.env)
#   - Uncomment and modify only the arguments needed for your specific build
#   - Use with: docker build --env-file docker-build-full.env -t mediacms:<tag> .
# Notes:
#   - All arguments are commented out by default to avoid unintended settings
#   - Default values from Dockerfile are assumed unless overridden here
# ============================================================================

# ============================================================================
# Base Image Versions
# Description: Define the base image versions for Python and Node
# ============================================================================
#PYTHON_VERSION="3.11"          # Python version for the base image (default: 3.11)
#NODE_VERSION="16"              # Node.js version for the node-image (default: 16)

# ============================================================================
# Mode Flags
# Description: Control build modes (debug, development, test)
# ============================================================================
#DEBUG="true"                   # Enable debug mode for verbose logging (default: false)
#DEVELOPMENT_MODE="true"        # Enable development mode (installs dev packages, default: unset)
#TEST_MODE="true"               # Enable test mode (installs test packages, default: unset)

# ============================================================================
# Package Upgrade and Extra Packages
# Description: Control OS package upgrades and additional package installations
# ============================================================================
#UPGRADE_PACKAGES="true"        # Upgrade OS packages during build (default: unset)
#ALL_PACKAGES=""          # Space-separated list of extra packages for all stages
#ALL_PACKAGES_DEVELOPMENT_MODE=""  # Extra packages for development mode (all stages)
#ALL_PACKAGES_TEST_MODE=""      # Extra packages for test mode (all stages)

# ============================================================================
# Base-Image Specific Arguments
# Description: Customize base-image stage (used by all subsequent stages)
# ============================================================================
#BASE_PACKAGES="curl freetype gettext imagemagick gnutls gzip libunistring nginx postgresql-libs procps shadow supervisor tree unzip wget xz"  # Override default base packages
#BASE_PACKAGES_DEVELOPMENT_MODE="net-tools tcpdump apk-tools htop musl-utils lsof bind-tools vim jq file"  # Override default dev packages
#BASE_PACKAGES_TEST_MODE=""     # Override default test packages
#VIRTUAL_ENV="/home/[mediacms.io](http://mediacms.io/)"  # Virtual environment path (default: /home/[mediacms.io](http://mediacms.io/))
#RUN_AS_GROUP="www-data"        # Group to run as (default: www-data)
#RUN_AS_GROUP_GID="82"          # Group ID (default: 82)
#RUN_AS_USER="www-data"         # User to run as (default: www-data)
#RUN_AS_USER_UID="82"           # User ID (default: 82)

# ============================================================================
# Compile-Image Specific Arguments
# Description: Customize compile-image stage (Python deps and Bento4)
# ============================================================================
#COMPILE_PACKAGES="autoconf automake build-base cmake gcc g++ git libtool libunistring-dev linux-headers make meson nasm ninja pkgconf postgresql-dev texinfo"  # Override default compile packages
#COMPILE_PACKAGES_DEVELOPMENT_MODE=""  # Extra compile packages for development mode
#COMPILE_PACKAGES_TEST_MODE=""  # Extra compile packages for test mode
#BENTO4_GIT_URL="https://github.com/axiomatic-systems/Bento4.git"  # Git URL for Bento4 (default)

# ============================================================================
# Node-Image Specific Arguments
# Description: Customize node-image stage (Node.js and frontend)
# ============================================================================
#NODE_PACKAGES="autoconf automake build-base cmake gcc g++ git icu-data-full libtool libsass-dev libunistring-dev linux-headers make meson nasm ninja pkgconf postgresql-dev texinfo"  # Override default node packages
#NODE_PACKAGES_DEVELOPMENT_MODE=""  # Extra node packages for development mode
#NODE_PACKAGES_TEST_MODE=""     # Extra node packages for test mode
#BUILD_STATIC="true"            # Build static assets (slow, default: unset)

# ============================================================================
# Runtime-Image Specific Arguments
# Description: Customize runtime-image stage (final runtime setup)
# ============================================================================
#RUNTIME_PACKAGES=""            # Additional runtime packages
#RUNTIME_PACKAGES_DEVELOPMENT_MODE=""  # Extra runtime packages for development mode
#RUNTIME_PACKAGES_TEST_MODE=""  # Extra runtime packages for test mode
#FFMPEG_ARCH="linux64"          # FFmpeg architecture (default: linux64)
#FFMPEG_VERSION="7.0.2-9"       # FFmpeg version (default: 7.0.2-9)
#FFMPEG_URL="[https://github.com/jellyfin/jellyfin-ffmpeg/releases/download/v${FFMPEG_VERSION}/jellyfin-ffmpeg_${FFMPEG_VERSION}_portable_${FFMPEG_ARCH}-gpl.tar.xz](https://github.com/jellyfin/jellyfin-ffmpeg/releases/download/v$%7BFFMPEG_VERSION%7D/jellyfin-ffmpeg_$%7BFFMPEG_VERSION%7D_portable_$%7BFFMPEG_ARCH%7D-gpl.tar.xz)"  # FFmpeg download URL (default constructed)

[mrjoshuap]

And on a long enough timeline, I envision mediacms/cms/settings.py to resemble:

import datetime
import importlib
import logging  # Added for enhanced logging
import os

import pytz
from celery.schedules import crontab
from django.utils.translation import gettext_lazy as _

# Logger setup for consistent logging throughout the application
logger = logging.getLogger(__name__)

# Frontend host URL, used in emails and links
FRONTEND_HOST = os.getenv('MEDIACMS_FRONTEND_HOST', 'http://localhost')

# Portal branding and description
PORTAL_NAME = os.getenv('MEDIACMS_PORTAL_NAME', 'MediaCMS')
PORTAL_DESCRIPTION = os.getenv('MEDIACMS_PORTAL_DESCRIPTION', 'MediaCMS Site')

# Django secret key, critical for security; override in production
ORIG_SECRET_KEY = '2dii4cog7k=5n37$fz)8dst)kg(s3&10)^qa*gv(kk+nv-z&cu'
SECRET_KEY = os.getenv('MEDIACMS_SECRET_KEY', ORIG_SECRET_KEY)

# These values are usually generated
ADMIN_EMAIL_LIST = None  # Initial value
HLS_DIR = None  # Initial value
MEDIA_ROOT = None  # Initial value
REDIS_LOCATION = None  # Initial value
SERVER_EMAIL = None  # Initial value
STATIC_ROOT = None  # Initial value
SUBTITLES_UPLOAD_DIR = None  # Initial value
THUMBNAIL_UPLOAD_DIR = None  # Initial value


def parse_bool(value):
    """Convert various inputs to boolean; True for 'true', '1', 'yes', etc."""
    if value is None:
        return False
    if isinstance(value, bool):
        return value
    if isinstance(value, int):
        return bool(value)
    try:
        return str(value).strip().lower() in ('true', '1', 'yes', 't', 'y')
    except (AttributeError, ValueError):
        return False


# Debug mode; enable via MEDIACMS_DEBUG env var for detailed logs
DEBUG = parse_bool(os.getenv('MEDIACMS_DEBUG', 'False'))
if DEBUG:
    logger.info("Debug mode enabled")

DEVELOPMENT_MODE = parse_bool(os.getenv("MEDIACMS_DEVELOPMENT_MODE", "False"))
if DEVELOPMENT_MODE:
    logger.info("Development mode enabled")

# Time zone; auto-detects system timezone or falls back to UTC/Europe/London
try:
    TIME_ZONE = os.getenv('MEDIACMS_TIME_ZONE')
    if not TIME_ZONE:
        local_tz = datetime.datetime.now().astimezone().tzinfo
        for tz_name in pytz.all_timezones:
            if pytz.timezone(tz_name).localize(datetime.datetime.now()).tzinfo == local_tz:
                TIME_ZONE = tz_name
                break
        else:
            TIME_ZONE = "UTC"
except Exception as e:
    TIME_ZONE = "Europe/London"
    logger.warning(f"Failed to detect timezone, defaulting to {TIME_ZONE}: {e}")

# Permissions for adding media/comments; options: 'all', 'email_verified', 'advancedUser'
CAN_ADD_MEDIA = os.getenv('MEDIACMS_CAN_ADD_MEDIA', "email_verified")
CAN_COMMENT = os.getenv('MEDIACMS_CAN_COMMENT', "email_verified")

# Portal visibility; options: 'public', 'private', 'unlisted'
PORTAL_WORKFLOW = os.getenv('MEDIACMS_PORTAL_WORKFLOW', "public")

# Default UI theme; options: 'light', 'dark'
DEFAULT_THEME = os.getenv('MEDIACMS_DEFAULT_THEME', "dark")

# Enable/disable user registration button
REGISTER_ALLOWED = parse_bool(os.getenv('MEDIACMS_REGISTER_ALLOWED'))

# CDN usage for static assets (fonts, CSS, JS); excludes user media
LOAD_FROM_CDN = parse_bool(os.getenv('MEDIACMS_LOAD_FROM_CDN', 'False'))
LOGIN_ALLOWED = parse_bool(os.getenv('MEDIACMS_LOGIN_ALLOWED', 'True'))  # Show login button
UPLOAD_MEDIA_ALLOWED = parse_bool(os.getenv('MEDIACMS_UPLOAD_MEDIA_ALLOWED', 'True'))  # Show upload button
CAN_LIKE_MEDIA = parse_bool(os.getenv('MEDIACMS_CAN_LIKE_MEDIA', 'True'))  # Show like button
CAN_DISLIKE_MEDIA = parse_bool(os.getenv('MEDIACMS_CAN_DISLIKE_MEDIA', 'True'))  # Show dislike button
CAN_REPORT_MEDIA = parse_bool(os.getenv('MEDIACMS_CAN_REPORT_MEDIA', 'True'))  # Show report button
CAN_SHARE_MEDIA = parse_bool(os.getenv('MEDIACMS_CAN_SHARE_MEDIA', 'True'))  # Show share button

# Threshold for auto-hiding reported media
REPORTED_TIMES_THRESHOLD = int(os.getenv('MEDIACMS_REPORTED_TIMES_THRESHOLD', '10'))

# Allowed actions for anonymous users; space-separated list
ALLOWED_ANONYMOUS_ACTIONS = os.getenv('MEDIACMS_ALLOWED_ANONYMOUS_ACTIONS', "report like dislike watch").split(' ')

# Experimental user ratings feature (currently non-functional)
ALLOW_RATINGS = parse_bool(os.getenv('MEDIACMS_ALLOW_RATINGS', 'False'))
ALLOW_RATINGS_CONFIRMED_EMAIL_ONLY = parse_bool(os.getenv('MEDIACMS_ALLOW_RATINGS_CONFIRMED_EMAIL_ONLY', 'True'))

# Allowed hosts; include server IP and domain
ALLOWED_HOSTS = os.getenv('MEDIACMS_ALLOWED_HOSTS', "* mediacms.io 127.0.0.1 localhost").split(' ')

# UI feature: enlarge featured video on homepage
VIDEO_PLAYER_FEATURED_VIDEO_ON_INDEX_PAGE = parse_bool(
    os.getenv('MEDIACMS_VIDEO_PLAYER_FEATURED_VIDEO_ON_INDEX_PAGE', 'False')
)

# Custom message before media upload
PRE_UPLOAD_MEDIA_MESSAGE = os.getenv('MEDIACMS_PRE_UPLOAD_MEDIA_MESSAGE', '')

# Email configuration
ENABLE_EMAIL_SENDS = parse_bool(os.getenv('MEDIACMS_EMAIL_USE_TLS'))
DEFAULT_FROM_EMAIL = os.getenv('MEDIACMS_DEFAULT_FROM_EMAIL', "mediacms@localhost")
EMAIL_HOST_PASSWORD = os.getenv('MEDIACMS_EMAIL_HOST_PASSWORD', "mediacms")
EMAIL_HOST_USER = os.getenv('MEDIACMS_EMAIL_HOST_USER', "mediacms")
EMAIL_USE_TLS = parse_bool(os.getenv('MEDIACMS_EMAIL_USE_TLS'))
EMAIL_USE_SSL = parse_bool(os.getenv('MEDIACMS_EMAIL_USE_SSL'))
EMAIL_HOST = os.getenv('MEDIACMS_EMAIL_HOST', "mail.mediacms.default")
EMAIL_PORT = int(os.getenv('MEDIACMS_EMAIL_PORT', '25'))

# Media review requirement; False requires admin approval
MEDIA_IS_REVIEWED = parse_bool(os.getenv('MEDIACMS_MEDIA_IS_REVIEWED', 'True'))

# Expose original media URL via API; secure with nginx auth if needed
SHOW_ORIGINAL_MEDIA = parse_bool(os.getenv('MEDIACMS_SHOW_ORIGINAL_MEDIA', 'True'))

# Playlist and upload limits
MAX_MEDIA_PER_PLAYLIST = int(os.getenv('MEDIACMS_MAX_MEDIA_PER_PLAYLIST', '70'))
UPLOAD_MAX_SIZE = int(os.getenv('MEDIACMS_UPLOAD_MAX_SIZE', str(800 * 1024 * 1000 * 5)))  # Bytes

# Comment settings
MAX_CHARS_FOR_COMMENT = int(os.getenv('MEDIACMS_MAX_CHARS_FOR_COMMENT', '10000'))
TIMESTAMP_IN_TIMEBAR = parse_bool(
    os.getenv('MEDIACMS_TIMESTAMP_IN_TIMEBAR', 'False')
)  # Show timestamps in video timebar
ALLOW_MENTION_IN_COMMENTS = parse_bool(os.getenv('MEDIACMS_ALLOW_MENTION_IN_COMMENTS', 'False'))  # Enable @mentions

# Related media strategy; options: 'content', 'author'
RELATED_MEDIA_STRATEGY = os.getenv('MEDIACMS_RELATED_MEDIA_STRATEGY', "content")

# Generate sitemap.xml for SEO
GENERATE_SITEMAP = parse_bool(os.getenv('MEDIACMS_GENERATE_SITEMAP', 'False'))

# Internationalization settings
USE_I18N = parse_bool(os.getenv('MEDIACMS_USE_I18N', 'True'))
USE_L10N = parse_bool(os.getenv('MEDIACMS_USE_L10N', 'True'))
USE_TZ = parse_bool(os.getenv('MEDIACMS_USE_TZ', 'True'))
SITE_ID = int(os.getenv('MEDIACMS_SITE_ID', '1'))

# Rate limit for anonymous actions (seconds)
TIME_TO_ACTION_ANONYMOUS = int(os.getenv('MEDIACMS_TIME_TO_ACTION_ANONYMOUS', str(10 * 60)))

# django-allauth configuration
ACCOUNT_SESSION_REMEMBER = parse_bool(os.getenv('MEDIACMS_ACCOUNT_SESSION_REMEMBER', 'True'))
ACCOUNT_AUTHENTICATION_METHOD = os.getenv('MEDIACMS_ACCOUNT_AUTHENTICATION_METHOD', "username_email")
ACCOUNT_EMAIL_REQUIRED = parse_bool(os.getenv('MEDIACMS_ACCOUNT_EMAIL_REQUIRED', 'True'))
ACCOUNT_EMAIL_VERIFICATION = os.getenv('MEDIACMS_ACCOUNT_EMAIL_VERIFICATION', "optional")
ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION = parse_bool(os.getenv('MEDIACMS_ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION', 'True'))
ACCOUNT_USERNAME_MIN_LENGTH = os.getenv('MEDIACMS_ACCOUNT_USERNAME_MIN_LENGTH', "4")
ACCOUNT_ADAPTER = "users.adapter.MyAccountAdapter"
ACCOUNT_SIGNUP_FORM_CLASS = "users.forms.SignupForm"
ACCOUNT_USERNAME_VALIDATORS = "users.validators.custom_username_validators"
ACCOUNT_SIGNUP_PASSWORD_ENTER_TWICE = parse_bool(os.getenv('MEDIACMS_ACCOUNT_SIGNUP_PASSWORD_ENTER_TWICE', 'False'))
ACCOUNT_USERNAME_REQUIRED = parse_bool(os.getenv('MEDIACMS_ACCOUNT_SIGNUP_PASSWORD_ENTER_TWICE', 'True'))
ACCOUNT_LOGIN_ON_PASSWORD_RESET = parse_bool(os.getenv('MEDIACMS_ACCOUNT_SIGNUP_PASSWORD_ENTER_TWICE', 'True'))
ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS = int(os.getenv('MEDIACMS_ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS', '1'))
ACCOUNT_LOGIN_ATTEMPTS_LIMIT = int(os.getenv('MEDIACMS_ACCOUNT_LOGIN_ATTEMPTS_LIMIT', '20'))
ACCOUNT_LOGIN_ATTEMPTS_TIMEOUT = int(os.getenv('MEDIACMS_ACCOUNT_LOGIN_ATTEMPTS_TIMEOUT', '5'))

# Self-registration toggle
USERS_CAN_SELF_REGISTER = parse_bool(os.getenv('MEDIACMS_USERS_CAN_SELF_REGISTER', 'True'))

# Domain restrictions for registration
RESTRICTED_DOMAINS_FOR_USER_REGISTRATION = os.getenv(
    'MEDIACMS_RESTRICTED_DOMAINS_FOR_USER_REGISTRATION', "xxx.com emaildomainwhatever.com"
).split(' ')
ALLOWED_DOMAINS_FOR_USER_REGISTRATION = os.getenv('MEDIACMS_ALLOWED_DOMAINS_FOR_USER_REGISTRATION', "").split(' ')

# REST framework pagination
REST_FRAMEWORK_PAGE_SIZE = int(os.getenv('MEDIACMS_REST_FRAMEWORK_PAGE_SIZE', '50'))

# File system paths
TEMP_DIRECTORY = os.getenv('MEDIACMS_TEMP_DIRECTORY', "/tmp")
BASE_DIR = os.getenv('MEDIACMS_BASE_DIR', os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
STATIC_URL = os.getenv('MEDIACMS_STATIC_URL', "/static/")
MEDIA_URL = os.getenv('MEDIACMS_MEDIA_URL', "/media/")
MEDIA_UPLOAD_DIR = os.getenv('MEDIACMS_MEDIA_UPLOAD_DIR', "original/")
MEDIA_ENCODING_DIR = os.getenv('MEDIACMS_MEDIA_ENCODING_DIR', "encoded/")

# Media processing commands
MP4HLS_COMMAND = os.getenv('MEDIACMS_MP4HLS_COMMAND', '/usr/local/bin/mp4hls')
FFMPEG_COMMAND = os.getenv('MEDIACMS_FFMPEG_COMMAND', '/usr/local/bin/ffmpeg')
FFPROBE_COMMAND = os.getenv('MEDIACMS_FFPROBE_COMMAND', '/usr/local/bin/ffprobe')
HARDWARE_ENCODER = os.getenv('MEDIACMS_HARDWARE_ENCODER', "none")

# Privacy and encoding settings
MASK_IPS_FOR_ACTIONS = parse_bool(os.getenv('MEDIACMS_MASK_IPS_FOR_ACTIONS', 'True'))
RUNNING_STATE_STALE = int(
    os.getenv('MEDIACMS_RUNNING_STATE_STALE', str(60 * 60 * 2))
)  # Stale process timeout (seconds)
FRIENDLY_TOKEN_LEN = int(os.getenv('MEDIACMS_FRIENDLY_TOKEN_LEN', '9'))
CHUNKIZE_VIDEO_DURATION = int(os.getenv('MEDIACMS_CHUNKIZE_VIDEO_DURATION', str(60 * 5)))  # Video chunking threshold
VIDEO_CHUNKS_DURATION = int(os.getenv('MEDIACMS_VIDEO_CHUNKS_DURATION', str(60 * 4)))  # Chunk duration
MINIMUM_RESOLUTIONS_TO_ENCODE = os.getenv('MEDIACMS_MINIMUM_RESOLUTIONS_TO_ENCODE', '240 360').split(' ')

# Notification settings
USERS_NOTIFICATIONS = {
    "MEDIA_ADDED": parse_bool(os.getenv('MEDIACMS_USERS_NOTIFICATIONS_MEDIA_ADDED', 'True')),
    "MEDIA_ENCODED": parse_bool(os.getenv('MEDIACMS_USERS_NOTIFICATIONS_MEDIA_ENCODED', 'False')),
    "MEDIA_REPORTED": parse_bool(os.getenv('MEDIACMS_USERS_NOTIFICATIONS_MEDIA_REPORTED', 'True')),
}
ADMINS_NOTIFICATIONS = {
    "NEW_USER": parse_bool(os.getenv('MEDIACMS_ADMINS_NOTIFICATIONS_NEW_USER', 'True')),
    "MEDIA_ADDED": parse_bool(os.getenv('MEDIACMS_ADMINS_NOTIFICATIONS_MEDIA_ADDED', 'True')),
    "MEDIA_ENCODED": parse_bool(os.getenv('MEDIACMS_ADMINS_NOTIFICATIONS_MEDIA_ENCODED', 'False')),
    "MEDIA_REPORTED": parse_bool(os.getenv('MEDIACMS_ADMINS_NOTIFICATIONS_MEDIA_REPORTED', 'True')),
}

# File upload settings
UPLOAD_DIR = os.getenv('MEDIACMS_UPLOAD_DIR', "uploads/")
CHUNKS_DIR = os.getenv('MEDIACMS_CHUNKS_DIR', "chunks/")
UPLOAD_MAX_FILES_NUMBER = int(os.getenv('MEDIACMS_UPLOAD_MAX_FILES_NUMBER', '100'))
CONCURRENT_UPLOADS = parse_bool(os.getenv('MEDIACMS_CONCURRENT_UPLOADS', 'True'))
CHUNKS_DONE_PARAM_NAME = os.getenv('MEDIACMS_CHUNKS_DONE_PARAM_NAME', "done")
FILE_STORAGE = "django.core.files.storage.DefaultStorage"

# SSL and security
ENABLE_SSL = parse_bool(os.getenv('MEDIACMS_ENABLE_SSL', 'False'))
X_FRAME_OPTIONS = os.getenv('MEDIACMS_X_FRAME_OPTIONS', "ALLOWALL")
ENABLE_EMAIL_SENDS = parse_bool(os.getenv('MEDIACMS_ENABLE_EMAIL_SENDS', 'True'))
EMAIL_BACKEND = "djcelery_email.backends.CeleryEmailBackend"
CELERY_EMAIL_TASK_QUEUE_NAME = os.getenv('MEDIACMS_CELERY_EMAIL_TASK_QUEUE_NAME', 'short_tasks')

# Post-upload message for unlisted media without commentary
POST_UPLOAD_AUTHOR_MESSAGE_UNLISTED_NO_COMMENTARY = os.getenv(
    'MEDIACMS_POST_UPLOAD_AUTHOR_MESSAGE_UNLISTED_NO_COMMENTARY', ""
)
CANNOT_ADD_MEDIA_MESSAGE = os.getenv('MEDIACMS_CANNOT_ADD_MEDIA_MESSAGE', '')

# Experimental remote worker token (unused)
ADMIN_TOKEN = os.getenv('MEDIACMS_ADMIN_TOKEN', "c2b8e1838b6128asd333ddc5e24")

# CKEditor configuration for rich text editing
CKEDITOR_CONFIGS = {
    "default": {
        "toolbar": "Custom",
        "width": "100%",
        "toolbar_Custom": [
            ["Styles"],
            ["Format"],
            ["Bold", "Italic", "Underline"],
            ["HorizontalRule"],
            [
                "NumberedList",
                "BulletedList",
                "-",
                "Outdent",
                "Indent",
                "-",
                "JustifyLeft",
                "JustifyCenter",
                "JustifyRight",
                "JustifyBlock",
            ],
            ["Link", "Unlink"],
            ["Image"],
            ["RemoveFormat", "Source"],
        ],
    }
}

# Django auth settings
AUTH_USER_MODEL = "users.User"
LOGIN_REDIRECT_URL = os.getenv('MEDIACMS_LOGIN_REDIRECT_URL', "/")
AUTHENTICATION_BACKENDS = (
    "django.contrib.auth.backends.ModelBackend",
    "allauth.account.auth_backends.AuthenticationBackend",
)

# Installed Django apps
INSTALLED_APPS = [
    "django.contrib.admin",
    "django.contrib.auth",
    "allauth",
    "allauth.account",
    "allauth.socialaccount",
    "django.contrib.contenttypes",
    "django.contrib.sessions",
    "django.contrib.messages",
    "django.contrib.staticfiles",
    "django.contrib.sites",
    "rest_framework",
    "rest_framework.authtoken",
    "imagekit",
    "files.apps.FilesConfig",
    "users.apps.UsersConfig",
    "actions.apps.ActionsConfig",
    "debug_toolbar",
    "mptt",
    "crispy_forms",
    "uploader.apps.UploaderConfig",
    "djcelery_email",
    "ckeditor",
    "drf_yasg",
]

# Middleware stack
MIDDLEWARE = [
    "django.middleware.security.SecurityMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.locale.LocaleMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",
    "debug_toolbar.middleware.DebugToolbarMiddleware",
]

ROOT_URLCONF = "cms.urls"

# Template configuration
TEMPLATES = [
    {
        "BACKEND": "django.template.backends.django.DjangoTemplates",
        "DIRS": ["templates"],
        "APP_DIRS": True,
        "OPTIONS": {
            "context_processors": [
                "django.template.context_processors.debug",
                "django.template.context_processors.request",
                "django.contrib.auth.context_processors.auth",
                "django.template.context_processors.media",
                "django.contrib.messages.context_processors.messages",
                "files.context_processors.stuff",
            ],
        },
    },
]

WSGI_APPLICATION = "cms.wsgi.application"

# Password settings
AUTH_PASSWORD_MIN_LENGTH = int(os.getenv('MEDIACMS_AUTH_PASSWORD_MIN_LENGTH', '5'))
FILE_UPLOAD_HANDLERS = ["django.core.files.uploadhandler.TemporaryFileUploadHandler"]

# Logging directory setup
LOGS_DIR = os.getenv('MEDIACMS_LOGS_DIR', os.path.join(BASE_DIR, "logs"))
debug_log_file = os.path.join(LOGS_DIR, "debug.log")
if not os.path.exists(LOGS_DIR):
    try:
        os.mkdir(LOGS_DIR)
        logger.info(f"Created logs directory at {LOGS_DIR}")
    except PermissionError as e:
        logger.error(f"Failed to create logs directory {LOGS_DIR}: {e}")
if not os.path.isfile(debug_log_file):
    try:
        open(debug_log_file, 'a').close()
        logger.info(f"Created debug log file at {debug_log_file}")
    except Exception as e:
        logger.error(f"Failed to create debug log file {debug_log_file}: {e}")

LOGLEVEL = os.getenv('MEDIACMS_LOGLEVEL', 'INFO')

# Database configuration
POSTGRES_NAME = (os.getenv('POSTGRES_NAME', 'mediacms'),)
POSTGRES_HOST = (os.getenv('POSTGRES_HOST', 'localhost'),)
POSTGRES_PORT = (os.getenv('POSTGRES_PORT', '5432'),)
POSTGRES_USER = (os.getenv('POSTGRES_USER', 'mediacms'),)
POSTGRES_PASSWORD = (os.getenv('POSTGRES_PASSWORD', 'mediacms'),)

# Redis configuration
REDIS_HOST = (os.getenv('MEDIACMS_REDIS_HOST', 'localhost'))
REDIS_PORT = (os.getenv('MEDIACMS_REDIS_PORT', '6379'))

SESSION_ENGINE = "django.contrib.sessions.backends.cache"
SESSION_CACHE_ALIAS = "default"

# Celery configuration
CELERY_ACCEPT_CONTENT = ["application/json"]
CELERY_TASK_SERIALIZER = "json"
CELERY_RESULT_SERIALIZER = "json"
CELERY_SOFT_TIME_LIMIT = int(os.getenv('MEDIACMS_CELERY_SOFT_TIME_LIMIT', str(2 * 60 * 60)))
CELERY_WORKER_PREFETCH_MULTIPLIER = int(os.getenv('MEDIACMS_CELERY_WORKER_PREFETCH_MULTIPLIER', '1'))
CELERYD_PREFETCH_MULTIPLIER = int(os.getenv('MEDIACMS_CELERYD_PREFETCH_MULTIPLIER', '1'))

# Celery beat schedule for periodic tasks
CELERY_BEAT_SCHEDULE = {
    "clear_sessions": {"task": "clear_sessions", "schedule": crontab(hour=1, minute=1, day_of_week=6)},
    "get_list_of_popular_media": {"task": "get_list_of_popular_media", "schedule": crontab(minute=1, hour="*/10")},
    "update_listings_thumbnails": {"task": "update_listings_thumbnails", "schedule": crontab(minute=2, hour="*/30")},
}

LOCAL_INSTALL = parse_bool(os.getenv('MEDIACMS_LOCAL_INSTALL', 'False'))
GLOBAL_LOGIN_REQUIRED = parse_bool(os.getenv('MEDIACMS_GLOBAL_LOGIN_REQUIRED', 'False'))

# Testing mode for Celery
if os.environ.get("TEST_MODE"):
    CELERY_TASK_ALWAYS_EAGER = True
else:
    CELERY_TASK_ALWAYS_EAGER = parse_bool(os.getenv('MEDIACMS_CELERY_TASK_ALWAYS_EAGER', 'False'))

DO_NOT_TRANSCODE_VIDEO = parse_bool(os.getenv('MEDIACMS_DO_NOT_TRANSCODE_VIDEO', 'False'))
LANGUAGE_CODE = os.getenv('MEDIACMS_LANGUAGE_CODE', 'en')
SPRITE_NUM_SECS = int(os.getenv('MEDIACMS_SPRITE_NUM_SECS', '10'))  # Sprite image interval
SLIDESHOW_ITEMS = int(os.getenv('MEDIACMS_SLIDESHOW_ITEMS', '30'))  # Slideshow item count

# Supported languages
LANGUAGES = [
    ('ar', _('Arabic')),
    ('bn', _('Bengali')),
    ('nl', _('Dutch')),
    ('en', _('English')),
    ('fr', _('French')),
    ('de', _('German')),
    ('hi', _('Hindi')),
    ('id', _('Indonesian')),
    ('ja', _('Japanese')),
    ('ko', _('Korean')),
    ('pt', _('Portuguese')),
    ('ru', _('Russian')),
    ('zh-hans', _('Simplified Chinese')),
    ('es', _('Spanish')),
    ('tr', _('Turkish')),
    ('el', _('Greek')),
    ('ur', _('Urdu')),
]


DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'

# Local settings overrides
try:
    local_settings = importlib.import_module('local_settings', package='cms')
    # Manually apply attributes from local_settings to globals()
    globals().update({k: v for k, v in local_settings.__dict__.items() if not k.startswith('__')})
    logger.info("Loaded local_settings.py for overrides")
except ImportError:
    logger.warning("Local settings not imported")

# Dev settings overrides
if DEVELOPMENT_MODE:
    try:
        dev_settings = importlib.import_module('dev_settings', package='cms')
        # Manually apply attributes from dev_settings to globals()
        globals().update({k: v for k, v in dev_settings.__dict__.items() if not k.startswith('__')})
        logger.info("Loaded dev_settings.py for overrides")
    except ImportError:
        logger.info("Dev settings not imported")

if "http" not in FRONTEND_HOST:
    FRONTEND_HOST = f"http://{FRONTEND_HOST}"
    logger.debug(f"Prepended http:// to FRONTEND_HOST: {FRONTEND_HOST}")

ALLOWED_HOSTS.append(FRONTEND_HOST.replace("http://", "").replace("https://", ""))

# Set SERVER_EMAIL to environment variable or fallback to DEFAULT_FROM_EMAIL if unset/empty
SERVER_EMAIL = SERVER_EMAIL or os.getenv('MEDIACMS_SERVER_EMAIL', DEFAULT_FROM_EMAIL)

STATIC_ROOT = STATIC_ROOT or os.getenv('MEDIACMS_STATIC_ROOT', BASE_DIR + "/static/")
MEDIA_ROOT = MEDIA_ROOT or os.getenv('MEDIACMS_MEDIA_ROOT', BASE_DIR + "/media_files/")
THUMBNAIL_UPLOAD_DIR = THUMBNAIL_UPLOAD_DIR or os.getenv(
    'MEDIACMS_THUMBNAIL_UPLOAD_DIR', f"{MEDIA_UPLOAD_DIR}/thumbnails/"
)
SUBTITLES_UPLOAD_DIR = SUBTITLES_UPLOAD_DIR or os.getenv(
    'MEDIACMS_SUBTITLES_UPLOAD_DIR', f"{MEDIA_UPLOAD_DIR}/subtitles/"
)
HLS_DIR = HLS_DIR or os.getenv('MEDIACMS_HLS_DIR', os.path.join(MEDIA_ROOT, "hls/"))

# Set ADMIN_EMAIL_LIST from environment variable or SERVER_EMAIL, ensuring it's a non-empty list
admin_email_str = os.getenv('MEDIACMS_ADMIN_EMAIL_LIST', SERVER_EMAIL).strip()
ADMIN_EMAIL_LIST = ADMIN_EMAIL_LIST or admin_email_str.split(' ') if admin_email_str else [SERVER_EMAIL]

# Enhanced logging configuration
LOGGING = {
    "version": 1,
    "disable_existing_loggers": False,
    "formatters": {
        "verbose": {
            "format": "{levelname} {asctime} {module} {message}",
            "style": "{",
        },
    },
    "handlers": {
        "file": {
            "level": "DEBUG",  # Always DEBUG for file when enabled
            "class": "logging.FileHandler",
            "filename": debug_log_file,
            "formatter": "verbose",
        },
        "console": {
            "level": "DEBUG" if DEBUG else LOGLEVEL,  # DEBUG when True, LOGLEVEL (e.g., INFO) when False
            "class": "logging.StreamHandler",
            "formatter": "verbose",
        },
    },
    "root": {
        "handlers": ["file", "console"] if DEBUG else ["console"],
        "level": LOGLEVEL,  # Root logger respects LOGLEVEL (typically INFO)
    },
    "loggers": {
        "celery.task": {
            "handlers": ["file", "console"] if DEBUG else ["console"],
            "level": "DEBUG" if DEBUG else LOGLEVEL,  # INFO when DEBUG=False
            "propagate": False,
        },
        "celery": {
            "handlers": ["file", "console"] if DEBUG else ["console"],
            "level": "DEBUG" if DEBUG else LOGLEVEL,  # INFO when DEBUG=False
            "propagate": False,
        },
        "cms": {
            "handlers": ["file", "console"] if DEBUG else ["console"],
            "level": "DEBUG" if DEBUG else LOGLEVEL,  # INFO when DEBUG=False
            "propagate": False,
        },
        "django.db.backends": {
            "handlers": ["file", "console"] if DEBUG else ["console"],
            "level": "INFO" if DEBUG else "WARNING",  # INFO to file when DEBUG=True, WARN to console otherwise
            "propagate": False,
        },
        "django.request": {
            "handlers": ["file", "console"] if DEBUG else ["console"],
            "level": "DEBUG" if DEBUG else LOGLEVEL,  # INFO when DEBUG=False
            "propagate": False,
        },
        "django": {
            "handlers": ["file", "console"] if DEBUG else ["console"],
            "level": "DEBUG" if DEBUG else LOGLEVEL,  # INFO when DEBUG=False
            "propagate": False,
        },
    },
}

DATABASES = {
    "default": {
        "ENGINE": "django.db.backends.postgresql",
        "NAME": POSTGRES_NAME,
        "HOST": POSTGRES_HOST,
        "PORT": int(POSTGRES_PORT),
        "USER": POSTGRES_USER,
        "PASSWORD": POSTGRES_PASSWORD,
    }
}

# REST framework settings
REST_FRAMEWORK = {
    "DEFAULT_AUTHENTICATION_CLASSES": (
        "rest_framework.authentication.SessionAuthentication",
        "rest_framework.authentication.BasicAuthentication",
        "rest_framework.authentication.TokenAuthentication",
    ),
    "DEFAULT_PAGINATION_CLASS": "rest_framework.pagination.PageNumberPagination",
    "PAGE_SIZE": REST_FRAMEWORK_PAGE_SIZE,
    "DEFAULT_PARSER_CLASSES": ["rest_framework.parsers.JSONParser"],
}

# Ensure REDIS_LOCATION is valid and set; fallback to environment or default
if not REDIS_LOCATION or len(REDIS_LOCATION.strip()) == 0:
    try:
        default_redis_url = f"redis://{REDIS_HOST}:{REDIS_PORT}/1"
        REDIS_LOCATION = os.getenv('MEDIACMS_REDIS_LOCATION', default_redis_url)
        logger.debug(f"REDIS_LOCATION was invalid or unset; set to: {REDIS_LOCATION}")
    except NameError as e:
        logger.error(f"Failed to construct Redis URL due to undefined variable: {e}")
        REDIS_LOCATION = "redis://localhost:6379/1"  # Hard fallback
else:
    logger.debug(f"REDIS_LOCATION already set to: {REDIS_LOCATION}")

# Cache configuration
CACHES = {
    "default": {
        "BACKEND": "django_redis.cache.RedisCache",
        "LOCATION": REDIS_LOCATION,
        "OPTIONS": {"CLIENT_CLASS": "django_redis.client.DefaultClient"},
    }
}

# Celery broker and backend
BROKER_URL = REDIS_LOCATION
CELERY_RESULT_BACKEND = BROKER_URL
CELERY_TIMEZONE = TIME_ZONE
CELERY_EMAIL_TASK_CONFIG = {"queue": CELERY_EMAIL_TASK_QUEUE_NAME}

# SSL handling
if ENABLE_SSL:
    SSL_FRONTEND_HOST = FRONTEND_HOST.replace("http:", "https:")
else:
    SSL_FRONTEND_HOST = FRONTEND_HOST

# Global login requirement
if GLOBAL_LOGIN_REQUIRED:
    MIDDLEWARE.insert(6, "login_required.middleware.LoginRequiredMiddleware")
    LOGIN_REQUIRED_IGNORE_PATHS = [
        r'/accounts/login/$',
        r'/accounts/logout/$',
        r'/accounts/signup/$',
        r'/accounts/password/.*/$',
        r'/accounts/confirm-email/.*/$',
        r'/api/v[0-9]+/',
    ]

# Password validation
AUTH_PASSWORD_VALIDATORS = [
    {"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator"},
    {
        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
        "OPTIONS": {"min_length": AUTH_PASSWORD_MIN_LENGTH},
    },
    {"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"},
]

# Security warning for default secret key
if SECRET_KEY == ORIG_SECRET_KEY:
    logger.warning("SECRET_KEY unchanged from default; set a unique value in local_settings.py for security")

This settings.py solves a number of problems I encountered with improperly overloaded local_settings.py while implementing my deployment. In short, order matters. There has been many times that I was not happy about being troubleshooting settings that were loaded before or after the local_settings.py or dev_settings.py imports.

But that's a different ball of wax. I'm including this for reference, because it is how I achieved using environment variables in addition to local_settings.py.

It means I can keep a pretty simple local_settings.py and have one less volume mount to worry about.

DEBUG=False
LOGLEVEL = 'WARN'

FRONTEND_HOST = 'http://localhost'
PORTAL_NAME = 'PORTAL_NAME'
SECRET_KEY = 'ma!sasasdjfalkdsjfa;dslkfjads;klfjads;lkfjas;dlkfjads;lkfjaw%w!2+yk2'
REDIS_HOST = 'redis'

POSTGRES_NAME = 'mediacms'
POSTGRES_HOST = 'db'
POSTGRES_PORT = '5432'
POSTGRES_USER = 'mediacms'
POSTGRES_PASSWORD = 'mediacms'

This is more for reference to one of the significant changes I see on the horizon.

[mrjoshuap]

Started a build.md file to document this.

build.md at https://github.com/mrjoshuap/mediacms/blob/feat/build-replacement/docs/build.md

Still rethinking some of the structure and commands, but it's a start before I get into actual implementation.