Thursday, December 30, 2021

Re: dotenv - django-environ - etc

Thank you for the replies.  I think I'm getting a better understanding of this.  I had been keeping the .env file in the project folder with the settings file, which seemed to offer no extra security  - hardly worth only being able to store settings as strings (using django-environ).  I'll take another look at the options and I'll move .env out of the project

On Tuesday, December 28, 2021 at 7:39:43 PM UTC-5 ber...@autofyle.com wrote:
In all cases below, the .env file will exist outside of the Django project and will be referenced from the settings file. This allows you to customize and secure each environment while automating the whole build.

Developers
Local settings will point tot he location of the .env file.
This file is excluded from git via gitignore.
Developers push to your repo's development branch which updates your development server after passing CI/CD
  1. Developer 1 - /developer1Machine/whatever/unique path/.env
  2. Developer 2 - /unique path/.env/unique path/.env
Development environment
Developer settings references its own or same .env file path location 
This directory and .env file permissions are secured such that only the process running the web server has access to it and admin. So you may be bale to log on to the server but won't be able to see this file and or directory if you are not allowed to or in the right security group based on your role.


Staging environment
Can be configured like development with staging desired tweaks.
Testing and QA happens here prior to push to production


Production environment
Can be configured like staging.
On Tuesday, December 28, 2021 at 3:41:25 PM UTC-7 Jason wrote:
an env file is basically imported into your OS environment, so you can retrieve them with the same interface.  That means you can easily include that with your build environment, or inject in some other means.  Can't do that with settings.

Also, lets you keep one settings file, and use `os.environ.get()` anywhere you need to, which provides an identical interface.

On Tuesday, December 28, 2021 at 2:58:28 PM UTC-5 bnmng wrote:
Hi everyone,

I can't wrap my mind around why having my settings in a .env file is more secure than having them in a local_settings.py file, or why one of the various methods is better than another as long as you keep your local settings out of your version control.  Any opinions?

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/7e0271ad-be6b-4036-8edf-b837b842eb43n%40googlegroups.com.

No comments:

Post a Comment