- prepare application for deployment - separate prod/dev settingsmain
parent
438d5527ae
commit
9ac3a875b8
@ -1,3 +1,4 @@
|
||||
.idea/
|
||||
db.sqlite3
|
||||
staticfiles/
|
||||
staticfiles/
|
||||
/secret_key.txt
|
||||
|
@ -0,0 +1,2 @@
|
||||
# SECURITY WARNING: keep the secret key used in production secret!
|
||||
SECRET_KEY = 'django-insecure-0f-zq@@@09f))7t)2ifd^7@qx1@5d-&h#sb*d)ptqoi+r2v-x5'
|
@ -0,0 +1,25 @@
|
||||
# SECURITY WARNING: keep the secret key used in production secret!
|
||||
try:
|
||||
with open('secret_key.txt') as f:
|
||||
SECRET_KEY = f.read().strip()
|
||||
# SECRET_KEY = os.environ["SECRET_KEY"]
|
||||
except FileNotFoundError:
|
||||
raise RuntimeError("No 'secret_key.txt' found! Fix the configuration...")
|
||||
|
||||
|
||||
# https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/#allowed-hosts
|
||||
ALLOWED_HOSTS = [
|
||||
f"keeppolling.guyware.nz",
|
||||
]
|
||||
|
||||
CSRF_TRUSTED_ORIGINS = [
|
||||
f"https://keeppolling.guyware.nz",
|
||||
]
|
||||
|
||||
# Enable HTTPS only and turn on these settings
|
||||
SECURE_SSL_REDIRECT = True
|
||||
CSRF_COOKIE_SECURE = True
|
||||
SESSION_COOKIE_SECURE = True
|
||||
SECURE_HSTS_SECONDS = 31536000
|
||||
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
|
||||
SECURE_HSTS_PRELOAD = True
|
Loading…
Reference in new issue