Last active
January 28, 2023 09:56
-
-
Save PraneethKarnena/deab5333b133a17d73252cd2253608d3 to your computer and use it in GitHub Desktop.
A Django 3.2 production-grade settings
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Django settings for example project. | |
| Generated by 'django-admin startproject' using Django 3.2.5. | |
| For more information on this file, see | |
| https://docs.djangoproject.com/en/3.2/topics/settings/ | |
| For the full list of settings and their values, see | |
| https://docs.djangoproject.com/en/3.2/ref/settings/ | |
| """ | |
| from pathlib import Path | |
| from decouple import Csv, config | |
| # Build paths inside the project like this: BASE_DIR / 'subdir'. | |
| BASE_DIR = Path(__file__).resolve().parent.parent | |
| # Quick-start development settings - unsuitable for production | |
| # See https://docs.djangoproject.com/en/3.2/howto/deployment/checklist/ | |
| # SECURITY WARNING: keep the secret key used in production secret! | |
| SECRET_KEY = config("SECRET_KEY", cast=str) | |
| # SECURITY WARNING: don't run with debug turned on in production! | |
| DEBUG = config("DEBUG", default=False, cast=bool) | |
| ALLOWED_HOSTS = config("ALLOWED_HOSTS", default="localhost, 127.0.0.1", cast=Csv(str)) | |
| # Application definition | |
| INSTALLED_APPS = [ | |
| "django.contrib.admin", | |
| "django.contrib.auth", | |
| "django.contrib.contenttypes", | |
| "django.contrib.sessions", | |
| "django.contrib.messages", | |
| "django.contrib.staticfiles", | |
| ] | |
| MIDDLEWARE = [ | |
| "django.middleware.security.SecurityMiddleware", | |
| "django.contrib.sessions.middleware.SessionMiddleware", | |
| "django.middleware.common.CommonMiddleware", | |
| "django.middleware.csrf.CsrfViewMiddleware", | |
| "django.contrib.auth.middleware.AuthenticationMiddleware", | |
| "django.contrib.messages.middleware.MessageMiddleware", | |
| "django.middleware.clickjacking.XFrameOptionsMiddleware", | |
| ] | |
| ROOT_URLCONF = "example.urls" | |
| TEMPLATES = [ | |
| { | |
| "BACKEND": "django.template.backends.django.DjangoTemplates", | |
| "DIRS": [], | |
| "APP_DIRS": True, | |
| "OPTIONS": { | |
| "context_processors": [ | |
| "django.template.context_processors.debug", | |
| "django.template.context_processors.request", | |
| "django.contrib.auth.context_processors.auth", | |
| "django.contrib.messages.context_processors.messages", | |
| ], | |
| }, | |
| }, | |
| ] | |
| WSGI_APPLICATION = "example.wsgi.application" | |
| # Database | |
| # https://docs.djangoproject.com/en/3.2/ref/settings/#databases | |
| DATABASES = { | |
| "default": { | |
| "ENGINE": config("DB_ENGINE", cast=str), | |
| "HOST": config("DB_HOST", cast=str), | |
| "PORT": config("DB_PORT", cast=str), | |
| "NAME": config("DB_NAME", cast=str), | |
| "USER": config("DB_USER", cast=str), | |
| "PASSWORD": config("DB_PASSWORD", cast=str), | |
| } | |
| } | |
| # Password validation | |
| # https://docs.djangoproject.com/en/3.2/ref/settings/#auth-password-validators | |
| AUTH_PASSWORD_VALIDATORS = [ | |
| { | |
| "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", | |
| }, | |
| { | |
| "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", | |
| }, | |
| { | |
| "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", | |
| }, | |
| { | |
| "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", | |
| }, | |
| ] | |
| # Internationalization | |
| # https://docs.djangoproject.com/en/3.2/topics/i18n/ | |
| LANGUAGE_CODE = "en-us" | |
| TIME_ZONE = "UTC" | |
| USE_I18N = True | |
| USE_L10N = True | |
| USE_TZ = True | |
| # Static files (CSS, JavaScript, Images) | |
| # https://docs.djangoproject.com/en/3.2/howto/static-files/ | |
| STATIC_URL = "/static/" | |
| # Production settings | |
| if not DEBUG: | |
| # HTTP settings | |
| SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https") | |
| X_FRAME_OPTIONS = "DENY" | |
| SECURE_REFERRER_POLICY = "same-origin" | |
| SECURE_CONTENT_TYPE_NOSNIFF = True | |
| SECURE_BROWSER_XSS_FILTER = True | |
| SECURE_SSL_REDIRECT = True | |
| SESSION_COOKIE_SECURE = True | |
| CSRF_COOKIE_SECURE = True | |
| CSRF_COOKIE_HTTPONLY = True | |
| # Particularly useful for file uploads | |
| # Too big values can lure DDoS attacks | |
| # Defaults to 10MB | |
| # Value in bytes. Convert to bytes here: https://www.gbmb.org/mb-to-bytes | |
| DATA_UPLOAD_MAX_MEMORY_SIZE = config("DATA_UPLOAD_MAX_MEMORY_SIZE", default=10485760, cast=int) | |
| FILE_UPLOAD_MAX_MEMORY_SIZE = config("FILE_UPLOAD_MAX_MEMORY_SIZE", default=10485760, cast=int) | |
| FILE_UPLOAD_DIRECTORY_PERMISSIONS = 0o755 | |
| FILE_UPLOAD_PERMISSIONS = 0o644 | |
| # Admin details | |
| # Admins names and emails should be symmetrically related | |
| # Check env.example for better understanding | |
| ADMINS_NAMES = config("ADMINS_NAMES", cast=Csv(str)) | |
| ADMINS_EMAILS = config("ADMINS_EMAILS", cast=Csv(str)) | |
| ADMINS = list(zip(ADMINS_NAMES, ADMINS_EMAILS)) | |
| MANAGERS = ADMINS | |
| EMAIL_USE_TLS = True | |
| SERVER_EMAIL = config("SERVER_EMAIL", cast=str) # Used by server for admins emails | |
| DEFAULT_FROM_EMAIL = config("DEFAULT_FROM_EMAIL", cast=str) # Used when emails are sent through send_mail() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment