production.py 4.69 KB
Newer Older
Thom Wiggers's avatar
Thom Wiggers committed
1
"""
2
Django production settings for thaliawebsite project.
Thom Wiggers's avatar
Thom Wiggers committed
3

4
5
6
7
Many of these settings override settings from settings.py.

This file is loaded by __init__.py if the environment variable
`DJANGO_PRODUCTION` is set.
Thom Wiggers's avatar
Thom Wiggers committed
8
9

See https://docs.djangoproject.com/en/dev/howto/deployment/checklist/
Thom Wiggers's avatar
Thom Wiggers committed
10
11
12
"""

import os
Thom Wiggers's avatar
Thom Wiggers committed
13
from copy import deepcopy
Thom Wiggers's avatar
Thom Wiggers committed
14

15
16
17
18
19
20
21
from django.utils.log import DEFAULT_LOGGING

from . import settings

INSTALLED_APPS = settings.INSTALLED_APPS
INSTALLED_APPS.append('django_slack')

Thom Wiggers's avatar
Thom Wiggers committed
22
23
24
25
26
27
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.abspath(os.path.join(
    os.path.dirname(os.path.abspath(__file__)),
    '..', '..'))


Thom Wiggers's avatar
Thom Wiggers committed
28
29
30
31
32
33
34
35
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = os.environ.get(
    'DJANGO_SECRET',
    '#o-0d1q5&^&06tn@8pr1f(n3$crafd++^%sacao7hj*ea@c)^t')

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = os.environ.get('DJANGO_DEBUG') == 'True'

36
37
if 'DJANGO_HOSTS' in os.environ:
    ALLOWED_HOSTS = os.environ.get('DJANGO_HOSTS').split(',')
Thom Wiggers's avatar
Thom Wiggers committed
38

Thom Wiggers's avatar
Thom Wiggers committed
39
# Database settings
Thom Wiggers's avatar
Thom Wiggers committed
40
41
42
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql',
43
44
        'USER': os.environ.get('POSTGRES_USER', 'postgres'),
        'NAME': os.environ.get('POSTGRES_DB'),
Thom Wiggers's avatar
Thom Wiggers committed
45
46
47
48
        'HOST': os.environ.get('DJANGO_POSTGRES_HOST'),
        'PORT': 5432,
    }
}
Thom Wiggers's avatar
Thom Wiggers committed
49
50
51
52

# Persistent database connections
CONN_MAX_AGE = '60'

Thom Wiggers's avatar
Thom Wiggers committed
53
54
55
56
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/dev/howto/static-files/

# Where to store uploaded files
Thom Wiggers's avatar
Thom Wiggers committed
57
MEDIA_ROOT = '/concrexit/media'
Thom Wiggers's avatar
Thom Wiggers committed
58
59
MEDIA_URL = '/media/'  # Public is included by the db fields

60
61
if not settings.DEBUG:
    SENDFILE_BACKEND = 'sendfile.backends.nginx'
62
63
SENDFILE_URL = '/media/'
SENDFILE_ROOT = '/concrexit/media/'
Thom Wiggers's avatar
Thom Wiggers committed
64
65

STATIC_URL = '/static/'
Thom Wiggers's avatar
Thom Wiggers committed
66
STATIC_ROOT = '/concrexit/static'
Thom Wiggers's avatar
Thom Wiggers committed
67

Thom Wiggers's avatar
Thom Wiggers committed
68
69
if not DEBUG:
    COMPRESS_OFFLINE = True
70
71
72
73
74
75
76
77

PASSWORD_HASHERS = [
    'django.contrib.auth.hashers.Argon2PasswordHasher',
    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
    'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
    'django.contrib.auth.hashers.BCryptPasswordHasher',
]
Thom Wiggers's avatar
Thom Wiggers committed
78
79

WIKI_API_KEY = os.environ.get('WIKI_API_KEY', 'changeme')
Thom Wiggers's avatar
Thom Wiggers committed
80
MIGRATION_KEY = os.environ.get('MIGRATION_KEY')
81
PUSH_NOTIFICATIONS_API_KEY = os.environ.get('PUSH_NOTIFICATIONS_API_KEY', '')
82
MAILINGLIST_API_SECRET = os.environ.get('MAILINGLIST_API_SECRET', '')
Thom Wiggers's avatar
Thom Wiggers committed
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101

if os.environ.get('DJANGO_SSLONLY'):
    SECURE_SSL_REDIRECT = True
    SESSION_COOKIE_SECURE = True
    CSRF_COOKIE_SECURE = True

# Use caching template loader
TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [os.path.join(BASE_DIR, 'templates')],
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.template.context_processors.media',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
                'partners.context_processors.showcased_partners',
102
                'announcements.context_processors.announcements',
Thom Wiggers's avatar
Thom Wiggers committed
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
            ],
            'loaders': [
                ('django.template.loaders.cached.Loader', [
                    'django.template.loaders.filesystem.Loader',
                    'django.template.loaders.app_directories.Loader',
                ]),
            ],
        },
    },
]

# ADMINS
ADMINS = [('Technicie', 'www@thalia.nu')]

# Email backend
if os.environ.get('DJANGO_EMAIL_HOST'):
    EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
    EMAIL_HOST = os.environ['DJANGO_EMAIL_HOST']
    EMAIL_PORT = os.environ['DJANGO_EMAIL_PORT']
    EMAIL_HOST_USER = os.environ.get('DJANGO_EMAIL_HOST_USER')
    EMAIL_HOST_PASSWORD = os.environ.get('DJANGO_EMAIL_HOST_PASSWORD')
    EMAIL_USE_TLS = os.environ.get('DJANGO_EMAIL_USE_TLS', False) == 'True'
    EMAIL_USE_SSL = os.environ.get('DJANGO_EMAIL_USE_SSL', False) == 'True'
    EMAIL_TIMEOUT = 10

128
129
130
131
132
# Celery settings
CELERY_BROKER_URL = 'redis://{}:6379/0'.format(
    os.environ.get('CELERY_REDIS_HOST')
)

Thom Wiggers's avatar
Thom Wiggers committed
133
134
135
136
# Secure headers
X_FRAME_OPTIONS = 'DENY'
SECURE_CONTENT_TYPE_NOSNIFF = True
SECURE_BROWSER_XSS_FILTER = True
137
138
139

# Slack configuration
SLACK_TOKEN = os.environ.get('DJANGO_SLACK_TOKEN')
140
SLACK_CHANNEL = '#django-errors'
141
142
143
144
SLACK_USERNAME = 'Concrexit'
SLACK_ICON_EMOJI = ':pingu:'
SLACK_FAIL_SILENTLY = True

Thom Wiggers's avatar
Thom Wiggers committed
145
LOGGING = deepcopy(DEFAULT_LOGGING)
146
147
148
149
150
LOGGING['handlers']['slack-error'] = {
    'level': 'ERROR',
    'class': 'django_slack.log.SlackExceptionHandler',
}
LOGGING['loggers']['django']['handlers'].append('slack-error')
Thom Wiggers's avatar
Thom Wiggers committed
151
LOGGING['loggers']['django']['handlers'].remove('mail_admins')