Wednesday, March 2, 2022

Re: The SECRET_KEY setting must not be empty - os.environ.get('SECRET_KEY')

Am 03.03.22 um 04:43 schrieb Adeyemi Deji:
> What do u mean by on installation @On installation, the file is then copied to localconfig.py, where it is *ignored* by svn, git, etc. The file is then customized for production, development, …
>
> Do u mean during deployment?

During development, you create two files:

localconfig.example
This file contains only example data, comments/instructions and *irrelevant* data, such as *fake* secret keys, fake database passwords, etc. This file is committed to the repository. Its *only* purpose is to serve as an example and be copied to filename localconfig.py later.

localconfig.py
Created from a copy of localconfig.example, during development you must make sure that this file is never committed to your repository. This is achieved by telling the repository to ignore it, e.g. Git by editing the .gitignore file appropriately, Subversion with the svn:ignore property. Still during development, you customize the file as needed for development, i.e. insert the required database details, DEBUG = True, etc.

For deployment, when you first clone the repository on the production server, it will come with the localconfig.example file, but not with the localconfig.py file, as intended. As part of the installation, you copy localconfig.example to localconfig.py and customize it for production (production database, etc.). Done.

Variants of this approach are possible, e.g. keeping the localconfig.py file entirely outside of the project directory, where it is in even less danger to be accidentally committed. Or to store the values not in a py, but in a json, ini, txt, ... file that is loaded and parsed in settings.py.

Best regards,
Carsten


> On Wed, Mar 2, 2022 at 7:49 AM Carsten Fuchs <carsten.fuchs@cafu.de <mailto:carsten.fuchs@cafu.de>> wrote:
>
> Am 02.03.22 um 04:23 schrieb Mike Dewhirst:
> > ... where you write get_secret_key() to pull it from the environment or a file somewhere which is not in your repository.
>
> A variant of this that I like is to have a file like localconfig.example in the repository next to settings.py that contains e.g.
> DATABASES = ...  # dummy or default config
> SECRET_KEY = 'example'
>
> On installation, the file is then copied to localconfig.py, where it is *ignored* by svn, git, etc. The file is then customized for production, development, …
>
> In settings.py, there is
>
> from project_dir import localconfig
> # ...
> DEBUG = localconfig.DEBUG
> SECRET_KEY = localconfig.SECRET_KEY
> DATABASES = localconfig.DATABASES
> # ...
>
> This works very well and is simple, safe and convenient.
>
> Best regards,
> Carsten
>

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/08a9d115-235f-3538-70fa-e6e9ecdb404f%40cafu.de.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)