-
Notifications
You must be signed in to change notification settings - Fork 19
/
Copy pathproduction.py
124 lines (111 loc) · 4.86 KB
/
production.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
'''
Production Configurations
'''
from .base import * # noqa
# SECRET CONFIGURATION
# ------------------------------------------------------------------------------
# See: https://docs.djangoproject.com/en/dev/ref/settings/#secret-key
# Raises ImproperlyConfigured exception if DJANGO_SECRET_KEY not in os.environ
SECRET_KEY = env("DJANGO_SECRET_KEY")
# This ensures that Django will be able to detect a secure connection
# properly on Heroku.
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
# Production middleware
# ------------------------------------------------------------------------------
PRODUCTION_MIDDLEWARE = (
'django.middleware.security.SecurityMiddleware',
'whitenoise.middleware.WhiteNoiseMiddleware',
)
# set this to 60 seconds and then to 518400 when you can prove it works
SECURE_HSTS_SECONDS = 60
SECURE_HSTS_INCLUDE_SUBDOMAINS = env.bool(
"DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS", default=True)
SECURE_FRAME_DENY = env.bool("DJANGO_SECURE_FRAME_DENY", default=True)
SECURE_CONTENT_TYPE_NOSNIFF = env.bool(
"DJANGO_SECURE_CONTENT_TYPE_NOSNIFF", default=True)
SECURE_BROWSER_XSS_FILTER = True
SESSION_COOKIE_SECURE = False
SESSION_COOKIE_HTTPONLY = True
SECURE_SSL_REDIRECT = env.bool("DJANGO_SECURE_SSL_REDIRECT", default=True)
# Make sure djangosecure.middleware.SecurityMiddleware is listed first
MIDDLEWARE = PRODUCTION_MIDDLEWARE + MIDDLEWARE
# Static Assets
# ------------------------
STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'
# EMAIL
# ------------------------------------------------------------------------------
DEFAULT_FROM_EMAIL = env('DJANGO_DEFAULT_FROM_EMAIL',
default='The Federation <[email protected]>')
# Set this to "django.core.mail.backends.smtp.EmailBackend" for SMTP email sending
EMAIL_BACKEND = env("DJANGO_EMAIL_BACKEND", default="django.core.mail.backends.console.EmailBackend")
# Define these as necessary if using the SMTP backend
# See https://docs.djangoproject.com/en/1.10/topics/email/#smtp-backend
EMAIL_HOST = env("DJANGO_EMAIL_HOST", default="localhost")
EMAIL_PORT = env("DJANGO_EMAIL_PORT", default=587)
EMAIL_HOST_USER = env("DJANGO_EMAIL_HOST_USER", default="")
EMAIL_HOST_PASSWORD = env("DJANGO_EMAIL_HOST_PASSWORD", default="")
EMAIL_USE_TLS = env.bool("DJANGO_EMAIL_USE_TLS", default=True)
EMAIL_USE_SSL = env.bool("DJANGO_EMAIL_USE_SSL", default=False)
EMAIL_TIMEOUT = env("DJANGO_EMAIL_TIMEOUT", default=None)
EMAIL_SSL_KEYFILE = env("DJANGO_EMAIL_SSL_KEYFILE", default=None)
EMAIL_SSL_CERTFILE = env("DJANGO_EMAIL_SSL_CERTFILE", default=None)
EMAIL_SUBJECT_PREFIX = env("DJANGO_EMAIL_SUBJECT_PREFIX", default='')
SERVER_EMAIL = env('DJANGO_SERVER_EMAIL', default=DEFAULT_FROM_EMAIL)
# TEMPLATE CONFIGURATION
# ------------------------------------------------------------------------------
# See:
# https://docs.djangoproject.com/en/dev/ref/templates/api/#django.template.loaders.cached.Loader
TEMPLATES[0]['OPTIONS']['loaders'] = [
('django.template.loaders.cached.Loader', [
'django.template.loaders.filesystem.Loader', 'django.template.loaders.app_directories.Loader', ]),
]
# CACHING
# ------------------------------------------------------------------------------
# Guard against old setting
CACHES = {
"default": {
"BACKEND": "django_redis.cache.RedisCache",
"LOCATION": "redis://%s:%s/%s" % (REDIS_HOST, REDIS_PORT, REDIS_DB),
"OPTIONS": {
"CLIENT_CLASS": "django_redis.client.DefaultClient",
"IGNORE_EXCEPTIONS": True, # mimics memcache behavior.
# http://niwinz.github.io/django-redis/latest/#_memcached_exceptions_behavior
"PASSWORD": REDIS_PASSWORD,
}
}
}
# RQ
# --
RQ_QUEUES["default"]["USE_REDIS_CACHE"] = "default"
# SENTRY
# ------
# If you wish to configure Sentry for error reporting, first create your
# Sentry account and then place the DSN in `.env` as `SENTRY_DSN=dsnhere`.
if env('SENTRY_DSN', default=None):
INSTALLED_APPS += ('raven.contrib.django.raven_compat',)
SENTRY_DSN = env('SENTRY_DSN')
RAVEN_CONFIG = {
'dsn': SENTRY_DSN,
'site': THEFEDERATION_DOMAIN,
}
LOGGING['handlers']['sentry'] = {
'level': env('SENTRY_LEVEL', default='ERROR'),
'class': 'raven.contrib.django.raven_compat.handlers.SentryHandler',
}
LOGGING['loggers']['thefederation']['handlers'].append('sentry')
LOGGING['loggers']['federation']['handlers'].append('sentry')
LOGGING['loggers']['rq_scheduler.scheduler']['handlers'].append('sentry')
LOGGING['root'] = {
'level': 'WARNING',
'handlers': ['sentry', 'file'],
}
LOGGING['loggers']['raven'] = {
'level': 'DEBUG',
'handlers': ['file'],
'propagate': False,
}
LOGGING['loggers']['sentry.errors'] = {
'level': 'DEBUG',
'handlers': ['file'],
'propagate': False,
}