servala/servala-portal
3
0
Fork 0
Code Issues 23 Pull requests 1 Projects 1 Releases Packages 2 Activity Actions

Use environment variables in Django settings

Browse source
This commit is contained in:
Tobias Kunze 2025-03-05 17:28:57 +01:00
parent 34cee1aa2e
commit 2e49849960
3 changed files with 115 additions and 67 deletions
Download patch file Download diff file Expand all files Collapse all files

35
.env.example Normal file
View file

@ -0,0 +1,35 @@
# One of "development", "staging", "production". Defaults to "development".
# In any environment that is not "production", a big visible warning naming
# the current environment is shown at the top of every page.
# When the environment is "development", DEBUG is set to True.
SERVALA_ENVIRONMENT='development'
# Set PREVIOUS_SECRET_KEY when rotating to a new secret key in order to not expire all sessions
# SERVALA_PREVIOUS_SECRET_KEY=''
SERVALA_SECRET_KEY='django-insecure-8sl^1&1f-$3%w7cf)q(rcvi4jo(#s3ug-@be0ooc2ioep*&%7@'
# Set the allowed hosts as comma-separated list.
# Use a leading dot to match a domain and all subdomains.
# Leave or unset in the development environment in order to accept localhost names.
SERVALA_ALLOWED_HOSTS='.example.com'
# Database settings:
# In development mode, leave the DB name empty in order to use a SQLite database called db.sqlite3
# Otherwise, defaults point to a local PostgreSQL database with name and user "servala".
# You MUST set the password.
SERVALA_DB_USER=''
SERVALA_DB_PASSWORD=''
SERVALA_DB_HOST=''
SERVALA_DB_PORT=''
# Location for file uploads. Leading "/" for absolute path, otherwise relative to base dir
# Defaults to 'media'
SERVALA_MEDIA_ROOT=''
SERVALA_EMAIL_HOST='localhost'
SERVALA_EMAIL_PORT='25'
SERVALA_EMAIL_USER=''
SERVALA_EMAIL_PASSWORD=''
# At most one of the following settings may be set to True
SERVALA_EMAIL_TLS='False'
SERVALA_EMAIL_SSL='False'

5
README.md
View file

@ -4,7 +4,10 @@ The Servala Self-Service Portal
## Development setup ## Development setup
Use ``uv`` to install the project and run its commands while youre developing: First, copy the ``.env.example`` file to ``.env`` and adjust the settings to your needs.
Make sure to source the file before running any commands.
Then use ``uv`` to install the project and run its commands while youre developing:
```bash ```bash
uv sync --dev uv sync --dev

142
src/servala/settings.py
View file

@ -1,34 +1,72 @@
""" """
Django settings for servala project. Django settings for servala project.
Generated by 'django-admin startproject' using Django 4.2. Servala is run using environment variables. Documentation:
For more information on this file, see - README.md for project information
https://docs.djangoproject.com/en/4.2/topics/settings/ - .env.example for environment variables in use
- Django settings guide: https://docs.djangoproject.com/en/4.2/topics/settings/
For the full list of settings and their values, see - Django settings reference: https://docs.djangoproject.com/en/4.2/ref/settings/
https://docs.djangoproject.com/en/4.2/ref/settings/
""" """
import os
from pathlib import Path from pathlib import Path
# Build paths inside the project like this: BASE_DIR / 'subdir'. SERVALA_ENVIRONMENT = os.environ.get("SERVALA_ENVIRONMENT", "development")
DEBUG = SERVALA_ENVIRONMENT == "development"
SECRET_KEY = os.environ.get("SERVALA_SECRET_KEY")
if previous_secret_key := os.environ.get("SERVALA_PREVIOUS_SECRET_KEY"):
SECRET_KEY_FALLBACKS = [previous_secret_key]
BASE_DIR = Path(__file__).resolve().parent.parent BASE_DIR = Path(__file__).resolve().parent.parent
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = "django-insecure-8sl^1&1f-$3%w7cf)q(rcvi4jo(#s3ug-@be0ooc2ioep*&%7@"
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = [] ALLOWED_HOSTS = []
if allowed_hosts := os.environ.get("SERVALA_ALLOWED_HOSTS"):
ALLOWED_HOSTS = allowed_hosts.split(",")
db_name = os.environ.get("SERVALA_DB_NAME", "")
if SERVALA_ENVIRONMENT == "development" and not db_name:
DATABASES = {
"default": {
"ENGINE": "django.db.backends.sqlite3",
"NAME": BASE_DIR / "db.sqlite3",
"OPTIONS": {"timeout": 10},
}
}
else:
DATABASES = {
"default": {
"ENGINE": "django.db.backends.postgresql",
"NAME": db_name or "servala",
"USER": os.environ.get("SERVALA_DB_USER", "servala"),
"PASSWORD": os.environ.get("SERVALA_DB_PASSWORD"),
"HOST": os.environ.get("SERVALA_DB_HOST", "localhost"),
"PORT": os.environ.get("SERVALA_DB_PORT", "5432"),
"CONN_MAX_AGE": 120,
"CONN_HEALTH_CHECKS": True,
}
}
# Application definition MEDIA_ROOT = os.environ.get("SERVALA_MEDIA_ROOT", "media")
if MEDIA_ROOT.startswith("/"):
MEDIA_ROOT = Path(MEDIA_ROOT)
else:
MEDIA_ROOT = BASE_DIR / MEDIA_ROOT
EMAIL_HOST = os.environ.get("SERVALA_EMAIL_HOST", "localhost")
EMAIL_PORT = int(os.environ.get("SERVALA_EMAIL_PORT", "25"))
EMAIL_HOST_USER = os.environ.get("SERVALA_EMAIL_USER", "")
EMAIL_HOST_PASSWORD = os.environ.get("SERVALA_EMAIL_PASSWORD", "")
EMAIL_USE_TLS = os.environ.get("SERVALA_EMAIL_TLS", "False") == "True"
EMAIL_USE_SSL = os.environ.get("SERVALA_EMAIL_SSL", "False") == "True"
#######################################
# Non-configurable settings below #
#######################################
WSGI_APPLICATION = "servala.wsgi.application"
INSTALLED_APPS = [ INSTALLED_APPS = [
"django.contrib.admin", "django.contrib.admin",
@ -50,6 +88,8 @@ MIDDLEWARE = [
] ]
ROOT_URLCONF = "servala.urls" ROOT_URLCONF = "servala.urls"
STATIC_URL = "static/" # CSS, JavaScript, etc.
MEDIA_URL = "media/" # User uploads, e.g. images
TEMPLATES = [ TEMPLATES = [
{ {
@ -67,57 +107,27 @@ TEMPLATES = [
}, },
] ]
WSGI_APPLICATION = "servala.wsgi.application"
# Database
# https://docs.djangoproject.com/en/4.2/ref/settings/#databases
DATABASES = {
"default": {
"ENGINE": "django.db.backends.sqlite3",
"NAME": BASE_DIR / "db.sqlite3",
}
}
# Password validation
# https://docs.djangoproject.com/en/4.2/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [ AUTH_PASSWORD_VALIDATORS = [
{ {
"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator"
},
{
"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
},
{
"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
},
{
"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
}, },
{"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator"},
{"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"},
{"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator"},
] ]
PASSWORD_HASHERS = [
"django.contrib.auth.hashers.Argon2PasswordHasher",
# Internationalization "django.contrib.auth.hashers.PBKDF2PasswordHasher",
# https://docs.djangoproject.com/en/4.2/topics/i18n/ "django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher",
"django.contrib.auth.hashers.BCryptSHA256PasswordHasher",
LANGUAGE_CODE = "en-us" "django.contrib.auth.hashers.ScryptPasswordHasher",
]
TIME_ZONE = "UTC" CSRF_COOKIE_NAME = "servala_csrf"
LANGUAGE_COOKIE_NAME = "servala_lang"
USE_I18N = True SESSION_COOKIE_NAME = "servala_sess"
SESSION_COOKIE_SECURE = not DEBUG
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/4.2/howto/static-files/
STATIC_URL = "static/"
# Default primary key field type
# https://docs.djangoproject.com/en/4.2/ref/settings/#default-auto-field
DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
# TODO
TIME_ZONE = "UTC"