diff --git a/horilla/settings.py b/horilla/settings.py index 67c31b43e..443e37365 100755 --- a/horilla/settings.py +++ b/horilla/settings.py @@ -14,23 +14,34 @@ import os from os.path import join from pathlib import Path +import environ from django.contrib.messages import constants as messages # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent - # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/4.1/howto/deployment/checklist/ +env = environ.Env( + DEBUG=(bool, True), + SECRET_KEY=( + str, + "django-insecure-j8op9)1q8$1&0^s&p*_0%d#pr@w9qj@1o=3#@d=a(^@9@zd@%j", + ), + ALLOWED_HOSTS=(list, ["*"]), + CSRF_TRUSTED_ORIGINS=(list, ["http://localhost:8000"]), +) + +env.read_env(os.path.join(BASE_DIR, ".env"), overwrite=True) + # SECURITY WARNING: keep the secret key used in production secret! -SECRET_KEY = "django-insecure-j8op9)1q8$1&0^s&p*_0%d#pr@w9qj@1o=3#@d=a(^@9@zd@%j" +SECRET_KEY = env("SECRET_KEY") # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True - -ALLOWED_HOSTS = ["*"] +DEBUG = env("DEBUG") +ALLOWED_HOSTS = env("ALLOWED_HOSTS") # Application definition @@ -103,13 +114,27 @@ WSGI_APPLICATION = "horilla.wsgi.application" # Database # https://docs.djangoproject.com/en/4.1/ref/settings/#databases -DATABASES = { - "default": { - "ENGINE": "django.db.backends.sqlite3", - "NAME": BASE_DIR / "TestDB_Horilla.sqlite3", +if env("DATABASE_URL", default=None): + DATABASES = { + "default": env.db(), + } +else: + DATABASES = { + "default": { + "ENGINE": env("DB_ENGINE", default="django.db.backends.sqlite3"), + "NAME": env( + "DB_NAME", + default=os.path.join( + BASE_DIR, + "TestDB_Horilla.sqlite3", + ), + ), + "USER": env("DB_USER", default=""), + "PASSWORD": env("DB_PASSWORD", default=""), + "HOST": env("DB_HOST", default=""), + "PORT": env("DB_PORT", default=""), + } } -} - # Password validation # https://docs.djangoproject.com/en/4.1/ref/settings/#auth-password-validators @@ -130,29 +155,17 @@ AUTH_PASSWORD_VALIDATORS = [ ] -# Internationalization -# https://docs.djangoproject.com/en/4.1/topics/i18n/ - -LANGUAGE_CODE = "en-us" - -TIME_ZONE = "Asia/Kolkata" - -USE_I18N = True - -USE_TZ = True - - # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/4.1/howto/static-files/ STATIC_URL = "static/" -STATIC_ROOT = "/static/" +STATIC_ROOT = BASE_DIR / "staticfiles" STATICFILES_DIRS = [ BASE_DIR / "static", ] -STATICFILES_STORAGE = "whitenoise.storage.CompressedManifestStaticFilesStorage" +STATICFILES_STORAGE = "whitenoise.storage.CompressedStaticFilesStorage" MEDIA_URL = "/media/" MEDIA_ROOT = os.path.join(BASE_DIR, "media/") @@ -171,10 +184,7 @@ MESSAGE_TAGS = { } -CSRF_TRUSTED_ORIGINS = [ - "http://localhost:8000", -] - +CSRF_TRUSTED_ORIGINS = env("CSRF_TRUSTED_ORIGINS") LOGIN_URL = "/login" @@ -192,8 +202,6 @@ DJANGO_NOTIFICATIONS_CONFIG = { X_FRAME_OPTIONS = "SAMEORIGIN" -LANGUAGE_CODE = "en-us" - LANGUAGES = ( ("en", "English (US)"), ("de", "Deutsche"), @@ -206,6 +214,12 @@ LOCALE_PATHS = [ join(BASE_DIR, "horilla", "locale"), ] + +# Internationalization +# https://docs.djangoproject.com/en/4.1/topics/i18n/ + +LANGUAGE_CODE = "en-us" + TIME_ZONE = "Asia/Kolkata" USE_I18N = True @@ -213,3 +227,15 @@ USE_I18N = True USE_L10N = True USE_TZ = True + +# Production settings +if not DEBUG: + SECURE_BROWSER_XSS_FILTER = True + SECURE_SSL_REDIRECT = True + SECURE_HSTS_SECONDS = 31536000 + SECURE_HSTS_INCLUDE_SUBDOMAINS = True + SECURE_HSTS_PRELOAD = True + SECURE_CONTENT_TYPE_NOSNIFF = True + SESSION_COOKIE_SECURE = True + CSRF_COOKIE_SECURE = True + SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")