diff --git a/shimatta_kenkyusho/shimatta_kenkyusho/settings.py b/shimatta_kenkyusho/shimatta_kenkyusho/settings.py index 9905e0e..8bafae6 100644 --- a/shimatta_kenkyusho/shimatta_kenkyusho/settings.py +++ b/shimatta_kenkyusho/shimatta_kenkyusho/settings.py @@ -8,6 +8,23 @@ https://docs.djangoproject.com/en/3.2/topics/settings/ For the full list of settings and their values, see https://docs.djangoproject.com/en/3.2/ref/settings/ + +Development mode is selected by setting env variable +- DJANGO_DEV_MODE + +The following environment variables have to be set for Production Mode but might be optional for dev mode: +- DJANGO_SECRET_KEY +- DJANGO_ALLOWED_HOST +- DJANGO_STATIC_ROOT +- DJANGO_MEDIA_URL +- DJANGO_MEDIA_ROOT +- DJANGO_POSTGRESQL_SOCKET + + + +The following can be set +- DJANGO_SECURE_HSTS_SECONDS (defaults to 120) + """ from pathlib import Path @@ -16,17 +33,34 @@ import os # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent +def get_env_value(env_variable, default=None): + try: + return os.environ[env_variable] + except KeyError: + if default is not None: + return default + error_msg = 'Set the {} environment variable'.format(env_variable) + raise Exception(error_msg) + +RUNS_IN_DEV_MODE = True if get_env_value('DJANGO_DEV_MODE', default=False) != False else False # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/3.2/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! -SECRET_KEY = 'django-insecure-vq_@ue3ul@&4bz7wkcpf3pjrwf8o$7g!z-rw$ftr-$)7l3*m=^' +SECRET_KEY='' +if RUNS_IN_DEV_MODE: + SECRET_KEY = get_env_value('DJANGO_SECRET_KEY', + default='django-insecure-vq_@ue3ul@&4bz7wkcpf3pjrwf8o$7g!z-rw$ftr-$)7l3*m=^') +else: + SECRET_KEY = get_env_value('DJANGO_SECRET_KEY') # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True +DEBUG = True if RUNS_IN_DEV_MODE else False ALLOWED_HOSTS = ['localhost'] +if not RUNS_IN_DEV_MODE: + ALLOWED_HOSTS = ['localhost', get_env_value('DJANGO_ALLOWED_HOST')] # Application definition @@ -96,10 +130,34 @@ WSGI_APPLICATION = 'shimatta_kenkyusho.wsgi.application' # Database # https://docs.djangoproject.com/en/3.2/ref/settings/#databases -DATABASES = { +DATABASES = {} + +if RUNS_IN_DEV_MODE: + DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.sqlite3', + 'NAME': BASE_DIR / 'db.sqlite3', + } + } +else: + b_pw = '' + try: + db_pw = get_env_value('DJANGO_POSTGRESQL_PW') + except: + pass + + db_user = '' + try: + db_user = get_env_value('DJANGO_POSTGRESQL_USER') + except: + pass + DATABASES = { 'default': { - 'ENGINE': 'django.db.backends.sqlite3', - 'NAME': BASE_DIR / 'db.sqlite3', + 'ENGINE': 'django.db.backends.postgresql', + 'NAME': 'shimatta_kenkyusho', + 'USER': db_user, + 'PASSWORD': db_pw, + 'HOST': get_env_value('DJANGO_POSTGRESQL_SOCKET'), } } @@ -167,12 +225,17 @@ STATICFILES_DIRS = [ os.path.join(BASE_DIR, "static"), ] +STATIC_ROOT = None +if not RUNS_IN_DEV_MODE: + STATIC_ROOT = get_env_value('DJANGO_STATIC_ROOT') + # Default primary key field type # https://docs.djangoproject.com/en/3.2/ref/settings/#default-auto-field DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' -MEDIA_URL = '/media/' -MEDIA_ROOT = os.path.join(BASE_DIR, "media") + +MEDIA_URL = get_env_value('DJANGO_MEDIA_URL', default='/media/') +MEDIA_ROOT = get_env_value('DJANGO_MEDIA_ROOT', default=os.path.join(BASE_DIR, "media")) LOGIN_URL = '/login' LOGIN_REDIRECT_URL = '/' @@ -182,4 +245,17 @@ SHIMATTA_KENKYUSHO_TITLE = 'しまった・研究所' CRISPY_ALLOWED_TEMPLATE_PACKS = "bootstrap5" -CRISPY_TEMPLATE_PACK = "bootstrap5" \ No newline at end of file +CRISPY_TEMPLATE_PACK = "bootstrap5" + +# Production only settings +SESSION_COOKIE_SECURE = True +CSRF_COOKIE_SECURE = True + +SECURE_SSL_REDIRECT = True + +SECURE_HSTS_SECONDS = get_env_value('DJANGO_SECURE_HSTS_SECONDS', default=120) + +if RUNS_IN_DEV_MODE: + SESSION_COOKIE_SECURE = False + CSRF_COOKIE_SECURE = False + SECURE_SSL_REDIRECT = False \ No newline at end of file diff --git a/shimatta_kenkyusho/shimatta_kenkyusho/settings_production.py b/shimatta_kenkyusho/shimatta_kenkyusho/settings_production.py deleted file mode 100644 index 43c9681..0000000 --- a/shimatta_kenkyusho/shimatta_kenkyusho/settings_production.py +++ /dev/null @@ -1,234 +0,0 @@ -""" -Django settings for shimatta_kenkyusho project. - -Generated by 'django-admin startproject' using Django 3.2.5. - -For more information on this file, see -https://docs.djangoproject.com/en/3.2/topics/settings/ - -For the full list of settings and their values, see -https://docs.djangoproject.com/en/3.2/ref/settings/ - -The following environment variables have to be set: -- DJANGO_SECRET_KEY -- DJANGO_ALLOWED_HOST -- DJANGO_STATIC_ROOT -- DJANGO_MEDIA_URL -- DJANGO_MEDIA_ROOT -- DJANGO_POSTGRESQL_SOCKET - -The following can be set -- DJANGO_SECURE_HSTS_SECONDS (defaults to 120) - -""" - -from pathlib import Path -import os - -# Build paths inside the project like this: BASE_DIR / 'subdir'. -BASE_DIR = Path(__file__).resolve().parent.parent - -def get_env_value(env_variable, default=None): - try: - return os.environ[env_variable] - except KeyError: - if default is not None: - return default - error_msg = 'Set the {} environment variable'.format(env_variable) - raise Exception(error_msg) - - -# Quick-start development settings - unsuitable for production -# See https://docs.djangoproject.com/en/3.2/howto/deployment/checklist/ - -# SECURITY WARNING: keep the secret key used in production secret! -SECRET_KEY = get_env_value('DJANGO_SECRET_KEY') - -# SECURITY WARNING: don't run with debug turned on in production! -DEBUG = False - -ALLOWED_HOSTS = ['localhost', get_env_value('DJANGO_ALLOWED_HOST')] - - -# Application definition - -INSTALLED_APPS = [ - 'django.contrib.admin', - 'django.contrib.auth', - 'django.contrib.contenttypes', - 'django.contrib.sessions', - 'django.contrib.messages', - 'django.contrib.staticfiles', - 'parts.apps.PartsConfig', - 'api.apps.ApiConfig', - 'rest_framework.authtoken', - 'django_filters', - 'qr_code', - 'rest_framework', - 'crispy_forms', - 'crispy_bootstrap5', - 'django.forms', -] - - -FORM_RENDERER = 'django.forms.renderers.TemplatesSetting' - -MIDDLEWARE = [ - 'django.middleware.security.SecurityMiddleware', - 'django.contrib.sessions.middleware.SessionMiddleware', - 'django.middleware.common.CommonMiddleware', - 'django.middleware.csrf.CsrfViewMiddleware', - 'django.contrib.auth.middleware.AuthenticationMiddleware', - 'django.contrib.messages.middleware.MessageMiddleware', - 'django.middleware.clickjacking.XFrameOptionsMiddleware', -] - -ROOT_URLCONF = 'shimatta_kenkyusho.urls' - -CACHES = { - 'default': { - 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache', - }, - 'qr-code': { - 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache', - 'LOCATION': 'qr-code-cache', - 'TIMEOUT': 3600 - } -} - -TEMPLATES = [ - { - 'BACKEND': 'django.template.backends.django.DjangoTemplates', - 'DIRS': [os.path.join(BASE_DIR, 'templates'),], - 'APP_DIRS': True, - 'OPTIONS': { - 'context_processors': [ - 'django.template.context_processors.debug', - 'django.template.context_processors.request', - 'django.contrib.auth.context_processors.auth', - 'django.contrib.messages.context_processors.messages', - ], - }, - }, -] - -WSGI_APPLICATION = 'shimatta_kenkyusho.wsgi.application' - - -# Database -# https://docs.djangoproject.com/en/3.2/ref/settings/#databases - -db_pw = '' -try: - db_pw = get_env_value('DJANGO_POSTGRESQL_PW') -except: - pass - -db_user = '' -try: - db_user = get_env_value('DJANGO_POSTGRESQL_USER') -except: - pass - - -DATABASES = { - 'default': { - 'ENGINE': 'django.db.backends.postgresql', - 'NAME': 'shimatta_kenkyusho', - 'USER': db_user, - 'PASSWORD': db_pw, - 'HOST': get_env_value('DJANGO_POSTGRESQL_SOCKET'), - } -} - - -# Password validation -# https://docs.djangoproject.com/en/3.2/ref/settings/#auth-password-validators - -AUTH_PASSWORD_VALIDATORS = [ - { - 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', - }, - { - 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', - }, - { - 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', - }, - { - 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', - }, -] - -REST_FRAMEWORK = { - 'DEFAULT_AUTHENTICATION_CLASSES': [ - 'rest_framework.authentication.BasicAuthentication', - 'rest_framework.authentication.SessionAuthentication', - 'api.ExpiringAuthToken.ExpiringTokenAuthentication', - ], - 'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination', - 'PAGE_SIZE': 10, - 'DEFAULT_THROTTLE_CLASSES': [ - 'rest_framework.throttling.AnonRateThrottle', - 'rest_framework.throttling.UserRateThrottle' - ], - 'DEFAULT_THROTTLE_RATES': { - 'anon': '100/hour', - 'user': '2000/hour' - } - -} - -REST_FRAMEWORK_TOKEN_EXPIRE_HOURS = 4 - - -# Internationalization -# https://docs.djangoproject.com/en/3.2/topics/i18n/ - -LANGUAGE_CODE = 'en-us' - -TIME_ZONE = 'UTC' - -USE_I18N = True - -USE_L10N = True - -USE_TZ = True - - -# Static files (CSS, JavaScript, Images) -# https://docs.djangoproject.com/en/3.2/howto/static-files/ - -STATIC_URL = '/static/' - -STATICFILES_DIRS = [ - os.path.join(BASE_DIR, "static"), -] - -STATIC_ROOT = get_env_value('DJANGO_STATIC_ROOT') - -# Default primary key field type -# https://docs.djangoproject.com/en/3.2/ref/settings/#default-auto-field - -DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' -MEDIA_URL = get_env_value('DJANGO_MEDIA_URL') -MEDIA_ROOT = get_env_value('DJANGO_MEDIA_ROOT') - -LOGIN_URL = '/login' -LOGIN_REDIRECT_URL = '/' - - -SHIMATTA_KENKYUSHO_TITLE = 'しまった・研究所' - -CRISPY_ALLOWED_TEMPLATE_PACKS = "bootstrap5" - -CRISPY_TEMPLATE_PACK = "bootstrap5" - - -# Production only settings -SESSION_COOKIE_SECURE = True -CSRF_COOKIE_SECURE = True - -SECURE_SSL_REDIRECT = True - -SECURE_HSTS_SECONDS = get_env_value('DJANGO_SECURE_HSTS_SECONDS', default=120) \ No newline at end of file diff --git a/shimatta_kenkyusho/shimatta_kenkyusho/wsgi.py b/shimatta_kenkyusho/shimatta_kenkyusho/wsgi.py index c3190a3..33354ff 100644 --- a/shimatta_kenkyusho/shimatta_kenkyusho/wsgi.py +++ b/shimatta_kenkyusho/shimatta_kenkyusho/wsgi.py @@ -11,6 +11,6 @@ import os from django.core.wsgi import get_wsgi_application -os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'shimatta_kenkyusho.settings_production') +os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'shimatta_kenkyusho.settings') application = get_wsgi_application()