production.py 3.54 KB
Newer Older
Thom Wiggers's avatar
Thom Wiggers committed
1
2
3
4
"""
Django settings for thaliawebsite project.

Docker version
Thom Wiggers's avatar
Thom Wiggers committed
5
6

See https://docs.djangoproject.com/en/dev/howto/deployment/checklist/
Thom Wiggers's avatar
Thom Wiggers committed
7
8
9
10
"""

import os

Thom Wiggers's avatar
Thom Wiggers committed
11
12
13
14
15
16
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.abspath(os.path.join(
    os.path.dirname(os.path.abspath(__file__)),
    '..', '..'))


Thom Wiggers's avatar
Thom Wiggers committed
17
18
19
20
21
22
23
24
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = os.environ.get(
    'DJANGO_SECRET',
    '#o-0d1q5&^&06tn@8pr1f(n3$crafd++^%sacao7hj*ea@c)^t')

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = os.environ.get('DJANGO_DEBUG') == 'True'

25
26
if 'DJANGO_HOSTS' in os.environ:
    ALLOWED_HOSTS = os.environ.get('DJANGO_HOSTS').split(',')
Thom Wiggers's avatar
Thom Wiggers committed
27

Thom Wiggers's avatar
Thom Wiggers committed
28
# Database settings
Thom Wiggers's avatar
Thom Wiggers committed
29
30
31
32
33
34
35
36
37
38
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql',
        'NAME': os.environ.get('POSTGRES_USER'),
        'USER': 'postgres',
        'DATABASE': os.environ.get('POSTGRES_DB'),
        'HOST': os.environ.get('DJANGO_POSTGRES_HOST'),
        'PORT': 5432,
    }
}
Thom Wiggers's avatar
Thom Wiggers committed
39
40
41
42

# Persistent database connections
CONN_MAX_AGE = '60'

Thom Wiggers's avatar
Thom Wiggers committed
43
44
45
46
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/dev/howto/static-files/

# Where to store uploaded files
Thom Wiggers's avatar
Thom Wiggers committed
47
MEDIA_ROOT = '/concrexit/media'
Thom Wiggers's avatar
Thom Wiggers committed
48
49
50
51
52
MEDIA_URL = '/media/'  # Public is included by the db fields

SENDFILE_BACKEND = 'sendfile.backends.development'

STATIC_URL = '/static/'
Thom Wiggers's avatar
Thom Wiggers committed
53
STATIC_ROOT = '/concrexit/static'
Thom Wiggers's avatar
Thom Wiggers committed
54

Thom Wiggers's avatar
Thom Wiggers committed
55
56
if not DEBUG:
    COMPRESS_OFFLINE = True
57
58
59
60
61
62
63
64

PASSWORD_HASHERS = [
    'django.contrib.auth.hashers.Argon2PasswordHasher',
    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
    'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
    'django.contrib.auth.hashers.BCryptPasswordHasher',
]
Thom Wiggers's avatar
Thom Wiggers committed
65
66

WIKI_API_KEY = os.environ.get('WIKI_API_KEY', 'changeme')
Thom Wiggers's avatar
Thom Wiggers committed
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
MIGRATION_KEY = os.environ.get('MIGRATION_KEY')

if os.environ.get('DJANGO_SSLONLY'):
    SECURE_SSL_REDIRECT = True
    SESSION_COOKIE_SECURE = True
    CSRF_COOKIE_SECURE = True

# Use caching template loader
TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [os.path.join(BASE_DIR, 'templates')],
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.template.context_processors.media',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
                'partners.context_processors.showcased_partners',
            ],
            'loaders': [
                ('django.template.loaders.cached.Loader', [
                    'django.template.loaders.filesystem.Loader',
                    'django.template.loaders.app_directories.Loader',
                ]),
            ],
        },
    },
]

# ADMINS
ADMINS = [('Technicie', 'www@thalia.nu')]

# Email backend
if os.environ.get('DJANGO_EMAIL_HOST'):
    EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
    EMAIL_HOST = os.environ['DJANGO_EMAIL_HOST']
    EMAIL_PORT = os.environ['DJANGO_EMAIL_PORT']
    EMAIL_HOST_USER = os.environ.get('DJANGO_EMAIL_HOST_USER')
    EMAIL_HOST_PASSWORD = os.environ.get('DJANGO_EMAIL_HOST_PASSWORD')
    EMAIL_USE_TLS = os.environ.get('DJANGO_EMAIL_USE_TLS', False) == 'True'
    EMAIL_USE_SSL = os.environ.get('DJANGO_EMAIL_USE_SSL', False) == 'True'
    EMAIL_TIMEOUT = 10

# Secure headers
X_FRAME_OPTIONS = 'DENY'
SECURE_CONTENT_TYPE_NOSNIFF = True
SECURE_BROWSER_XSS_FILTER = True