Skip to content
Snippets Groups Projects
Unverified Commit bbd64a92 authored by Antoine R. Dumont's avatar Antoine R. Dumont
Browse files

settings: Deal with secret data in production mode

parent 385d9814
No related branches found
No related tags found
No related merge requests found
......@@ -21,7 +21,7 @@ run-dev:
$(MANAGE) runserver
run:
DJANGO_SECRET_KEY='production' gunicorn3 swh.deposit.wsgi
gunicorn3 swh.deposit.wsgi
# .PHONY: test
# test:
......
......@@ -24,9 +24,6 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False
ALLOWED_HOSTS = ['127.0.0.1', 'localhost']
......@@ -74,17 +71,6 @@ TEMPLATES = [
WSGI_APPLICATION = 'swh.deposit.wsgi.application'
# Database
# https://docs.djangoproject.com/en/1.10/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql',
'NAME': 'swh-deposit-dev',
}
}
# Password validation
# https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators
......
......@@ -10,3 +10,13 @@ DEBUG = True
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'development-key'
# Database
# https://docs.djangoproject.com/en/1.10/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql',
'NAME': 'swh-deposit-dev',
}
}
......@@ -4,8 +4,48 @@
# See top-level LICENSE file for more information
from .common import * # noqa
from os import environ
from swh.core import config
DEBUG = False
SECRET_KEY = environ['DJANGO_SECRET_KEY']
# Database
# https://docs.djangoproject.com/en/1.10/ref/settings/#databases
# https://docs.djangoproject.com/en/1.10/ref/settings/#std:setting-DATABASES
# https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/#databases
DEFAULT_PATH = 'deposit/private'
private_conf = config.load_named_config(DEFAULT_PATH)
if not private_conf:
raise ValueError('Cannot run in production, missing private data file.')
SECRET_KEY = private_conf['secret_key']
db_conf = private_conf['db']
db = {
'ENGINE': 'django.db.backends.postgresql',
'NAME': db_conf['name'],
}
db_user = db_conf.get('user')
if db_user:
db['USER'] = db_user
db_pass = db_conf.get('pass')
if db_pass:
db['PASSWORD'] = db_pass
db_host = db_conf.get('host')
if db_host:
db['HOST'] = db_host
db_port = db_conf.get('port')
if db_port:
db['PORT'] = db_port
DATABASES = {
'default': db,
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment