46 lines
1.3 KiB
Python
46 lines
1.3 KiB
Python
"""
|
|
Django production settings
|
|
"""
|
|
|
|
DEBUG = os.getenv('DEBUG', False)
|
|
|
|
SECRET_KEY = os.getenv('SECRET_KEY')
|
|
|
|
ALLOWED_HOSTS = [os.getenv('ALLOWED_HOSTS', '*')]
|
|
|
|
# Domain configuration:
|
|
# - if you have a specific domain to secure, change ALLOWED_HOSTS like this:
|
|
# ALLOWED_HOSTS = ['domain.tld', 'domain.tld.']
|
|
# - if you use a proxy like Nginx, you need to add this line into config:
|
|
# `proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
|
|
USE_X_FORWARDED_HOST = True
|
|
|
|
# CORS: allow all site to make cross site requests
|
|
CORS_ORIGIN_ALLOW_ALL = True
|
|
|
|
# CORS: limit to API only
|
|
CORS_URLS_REGEX = r'^/api/.*$'
|
|
|
|
# WARNING: you need to install psycopg2 with pip
|
|
DATABASES = {
|
|
'default': {
|
|
'ENGINE': 'django.db.backends.postgresql_psycopg2',
|
|
'NAME': os.getenv('POSTGRES_DB', 'postgres'),
|
|
'USER': os.getenv('POSTGRES_USER', 'postgres'),
|
|
'PASSWORD': os.getenv('POSTGRES_PASS', 'postgres'),
|
|
'HOST': os.getenv('POSTGRES_HOST', '127.0.0.1'),
|
|
'PORT': os.getenv('POSTGRES_PORT', '5432'),
|
|
}
|
|
}
|
|
|
|
# Security
|
|
SECURE_HSTS_SECONDS = 3600
|
|
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
|
|
SECURE_HSTS_PRELOAD = True
|
|
SECURE_CONTENT_TYPE_NOSNIFF = True
|
|
SECURE_BROWSER_XSS_FILTER = True
|
|
SECURE_SSL_REDIRECT = True
|
|
SESSION_COOKIE_SECURE = True
|
|
CSRF_COOKIE_SECURE = True
|
|
X_FRAME_OPTIONS = 'DENY'
|