[guivis/KeepPolling#17]

- prepare application for deployment
- separate prod/dev settings

.gitignore

@@ -1,3 +1,4 @@
 .idea/
 db.sqlite3
 staticfiles/
+/secret_key.txt

keeppolling/development.py

@@ -0,0 +1,2 @@
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = 'django-insecure-0f-zq@@@09f))7t)2ifd^7@qx1@5d-&h#sb*d)ptqoi+r2v-x5'

keeppolling/production.py

@@ -0,0 +1,25 @@
+# SECURITY WARNING: keep the secret key used in production secret!
+try:
+    with open('secret_key.txt') as f:
+        SECRET_KEY = f.read().strip()
+    # SECRET_KEY = os.environ["SECRET_KEY"]
+except FileNotFoundError:
+    raise RuntimeError("No 'secret_key.txt' found! Fix the configuration...")
+
+
+# https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/#allowed-hosts
+ALLOWED_HOSTS = [
+    f"keeppolling.guyware.nz",
+]
+
+CSRF_TRUSTED_ORIGINS = [
+    f"https://keeppolling.guyware.nz",
+]
+
+# Enable HTTPS only and turn on these settings
+SECURE_SSL_REDIRECT = True
+CSRF_COOKIE_SECURE = True
+SESSION_COOKIE_SECURE = True
+SECURE_HSTS_SECONDS = 31536000
+SECURE_HSTS_INCLUDE_SUBDOMAINS = True
+SECURE_HSTS_PRELOAD = True

keeppolling/settings.py

@@ -19,13 +19,14 @@ BASE_DIR = Path(__file__).resolve().parent.parent
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/5.0/howto/deployment/checklist/
 
-# SECURITY WARNING: keep the secret key used in production secret!
+# Set DEBUG based on the environment
-SECRET_KEY = 'django-insecure-0f-zq@@@09f))7t)2ifd^7@qx1@5d-&h#sb*d)ptqoi+r2v-x5'
-
 # SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
+DEBUG = os.environ.get("DJANGO_DEBUG", "False") == "True"
 
-ALLOWED_HOSTS = []
+if DEBUG:
+    from .development import *
+else:
+    from .production import *
 
 
 # Application definition