From 701825c2a3e8126e6f5f0b91dafeb3f02ae7f571 Mon Sep 17 00:00:00 2001
From: Abhilash Raj <raj.abhilash1@gmail.com>
Date: Sat, 8 Apr 2017 19:35:02 -0700
Subject: [PATCH] Fix Database Url check, force mailman to start, remove
 security settings in django.

- -z Does not check properly if the DATABASE_URL is defined or not. It evaluates
   to True if it is not set or set to ''

- Remove SECURE_SSL_REDIRECT in the django settings because this deployment is
  meant to behind Nginx which decrypts SSL packets.

- Force mailman to start even with a lock. This _may_ not be the best idea but
  for now if everything is followed according to this guide.
---
 core/assets/run.sh          | 4 ++--
 web/mailman-web/settings.py | 7 -------
 2 files changed, 2 insertions(+), 9 deletions(-)

diff --git a/core/assets/run.sh b/core/assets/run.sh
index 4e1fa3a..5e51673 100755
--- a/core/assets/run.sh
+++ b/core/assets/run.sh
@@ -33,7 +33,7 @@ function wait_for_postgres () {
 #
 # TODO: Check the database type and detect if it is up based on that. For now,
 # assume that postgres is being used if DATABASE_URL is defined.
-if [[ -z "$DATABASES_URL" ]]; then
+if [[ ! -v "$DATABASES_URL" ]]; then
 	echo "DATABASE_URL is not defined. Using sqlite database..."
 	export DATABASE_URL=sqlite:///mailman.db
 	export DATABASE_TYPE='sqlite'
@@ -128,7 +128,7 @@ function term_handler () {
 trap 'kill ${!}; term_handler' SIGTERM
 
 # Start the mailman server. Mailman will start the master runner and then exit.
-mailman -C /config/mailman.cfg start &
+mailman -C /config/mailman.cfg start --force &
 
 # wait forever.
 while true
diff --git a/web/mailman-web/settings.py b/web/mailman-web/settings.py
index e2f730c..90f493a 100644
--- a/web/mailman-web/settings.py
+++ b/web/mailman-web/settings.py
@@ -162,13 +162,6 @@ USE_X_FORWARDED_HOST = True
 # SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_SCHEME', 'https')
 
 # Other security settings
-SECURE_SSL_REDIRECT = True
-# If you set SECURE_SSL_REDIRECT to True, make sure the SECURE_REDIRECT_EXEMPT
-# contains at least this line:
-SECURE_REDIRECT_EXEMPT = [
-    # Request from Mailman.
-    "archives/api/mailman/.*",
-     ]
 # SESSION_COOKIE_SECURE = True
 # SECURE_CONTENT_TYPE_NOSNIFF = True
 # SECURE_BROWSER_XSS_FILTER = True