funkwhale/api/config/settings/production.py

# -*- coding: utf-8 -*-
"""
Production Configurations

- Use djangosecure
- Use Amazon's S3 for storing static files and uploaded media
- Use mailgun to send emails
- Use Redis on Heroku


"""
from __future__ import absolute_import, unicode_literals

from .common import *  # noqa

# SECRET CONFIGURATION
# ------------------------------------------------------------------------------
# See: https://docs.djangoproject.com/en/dev/ref/settings/#secret-key
# Raises ImproperlyConfigured exception if DJANGO_SECRET_KEY not in os.environ
SECRET_KEY = env("DJANGO_SECRET_KEY")

# django-secure
# ------------------------------------------------------------------------------
# INSTALLED_APPS += ("djangosecure", )
#
# SECURITY_MIDDLEWARE = (
#     'djangosecure.middleware.SecurityMiddleware',
# )
#
#
# # Make sure djangosecure.middleware.SecurityMiddleware is listed first
# MIDDLEWARE = SECURITY_MIDDLEWARE + MIDDLEWARE
#
# # set this to 60 seconds and then to 518400 when you can prove it works
# SECURE_HSTS_SECONDS = 60
# SECURE_HSTS_INCLUDE_SUBDOMAINS = env.bool(
#     "DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS", default=True)
# SECURE_FRAME_DENY = env.bool("DJANGO_SECURE_FRAME_DENY", default=True)
# SECURE_CONTENT_TYPE_NOSNIFF = env.bool(
#     "DJANGO_SECURE_CONTENT_TYPE_NOSNIFF", default=True)
# SECURE_BROWSER_XSS_FILTER = True
# SESSION_COOKIE_SECURE = False
# SESSION_COOKIE_HTTPONLY = True
# SECURE_SSL_REDIRECT = env.bool("DJANGO_SECURE_SSL_REDIRECT", default=True)

# SITE CONFIGURATION
# ------------------------------------------------------------------------------
# Hosts/domain names that are valid for this site
# See https://docs.djangoproject.com/en/1.6/ref/settings/#allowed-hosts
CSRF_TRUSTED_ORIGINS = ALLOWED_HOSTS

# END SITE CONFIGURATION

# Static Assets
# ------------------------
STATICFILES_STORAGE = "django.contrib.staticfiles.storage.StaticFilesStorage"

# TEMPLATE CONFIGURATION
# ------------------------------------------------------------------------------
# See:
# https://docs.djangoproject.com/en/dev/ref/templates/api/#django.template.loaders.cached.Loader
TEMPLATES[0]["OPTIONS"]["loaders"] = [
    (
        "django.template.loaders.cached.Loader",
        [
            "django.template.loaders.filesystem.Loader",
            "django.template.loaders.app_directories.Loader",
        ],
    )
]

# CACHING
# ------------------------------------------------------------------------------
# Heroku URL does not pass the DB number, so we parse it in


# LOGGING CONFIGURATION
# ------------------------------------------------------------------------------
# See: https://docs.djangoproject.com/en/dev/ref/settings/#logging
# A sample logging configuration. The only tangible logging
# performed by this configuration is to send an email to
# the site admins on every HTTP 500 error when DEBUG=False.
# See http://docs.djangoproject.com/en/dev/topics/logging for
# more details on how to customize your logging configuration.
LOGGING = {
    "version": 1,
    "disable_existing_loggers": False,
    "filters": {"require_debug_false": {"()": "django.utils.log.RequireDebugFalse"}},
    "formatters": {
        "verbose": {
            "format": "%(levelname)s %(asctime)s %(module)s "
            "%(process)d %(thread)d %(message)s"
        }
    },
    "handlers": {
        "mail_admins": {
            "level": "ERROR",
            "filters": ["require_debug_false"],
            "class": "django.utils.log.AdminEmailHandler",
        },
        "console": {
            "level": "DEBUG",
            "class": "logging.StreamHandler",
            "formatter": "verbose",
        },
    },
    "loggers": {
        "django.request": {
            "handlers": ["mail_admins"],
            "level": "ERROR",
            "propagate": True,
        },
        "django.security.DisallowedHost": {
            "level": "ERROR",
            "handlers": ["console", "mail_admins"],
            "propagate": True,
        },
    },
}


# Your production stuff: Below this line define 3rd party library settings
Initial commit that merge both the front end and the API in the same repository 2017-06-23 21:00:42 +00:00			`# -- coding: utf-8 --`
Blacked the code 2018-06-09 13:36:16 +00:00			`"""`
Initial commit that merge both the front end and the API in the same repository 2017-06-23 21:00:42 +00:00			`Production Configurations`

			`- Use djangosecure`
			`- Use Amazon's S3 for storing static files and uploaded media`
			`- Use mailgun to send emails`
			`- Use Redis on Heroku`


Blacked the code 2018-06-09 13:36:16 +00:00			`"""`
Initial commit that merge both the front end and the API in the same repository 2017-06-23 21:00:42 +00:00			`from __future__ import absolute_import, unicode_literals`

			`from .common import * # noqa`

			`# SECRET CONFIGURATION`
			`# ------------------------------------------------------------------------------`
			`# See: https://docs.djangoproject.com/en/dev/ref/settings/#secret-key`
			`# Raises ImproperlyConfigured exception if DJANGO_SECRET_KEY not in os.environ`
			`SECRET_KEY = env("DJANGO_SECRET_KEY")`

			`# django-secure`
			`# ------------------------------------------------------------------------------`
			`# INSTALLED_APPS += ("djangosecure", )`
			`#`
			`# SECURITY_MIDDLEWARE = (`
			`# 'djangosecure.middleware.SecurityMiddleware',`
			`# )`
			`#`
			`#`
			`# # Make sure djangosecure.middleware.SecurityMiddleware is listed first`
New-style middlewares 2017-12-15 22:48:45 +00:00			`# MIDDLEWARE = SECURITY_MIDDLEWARE + MIDDLEWARE`
Initial commit that merge both the front end and the API in the same repository 2017-06-23 21:00:42 +00:00			`#`
			`# # set this to 60 seconds and then to 518400 when you can prove it works`
			`# SECURE_HSTS_SECONDS = 60`
			`# SECURE_HSTS_INCLUDE_SUBDOMAINS = env.bool(`
			`# "DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS", default=True)`
			`# SECURE_FRAME_DENY = env.bool("DJANGO_SECURE_FRAME_DENY", default=True)`
			`# SECURE_CONTENT_TYPE_NOSNIFF = env.bool(`
			`# "DJANGO_SECURE_CONTENT_TYPE_NOSNIFF", default=True)`
			`# SECURE_BROWSER_XSS_FILTER = True`
			`# SESSION_COOKIE_SECURE = False`
			`# SESSION_COOKIE_HTTPONLY = True`
			`# SECURE_SSL_REDIRECT = env.bool("DJANGO_SECURE_SSL_REDIRECT", default=True)`

			`# SITE CONFIGURATION`
			`# ------------------------------------------------------------------------------`
			`# Hosts/domain names that are valid for this site`
			`# See https://docs.djangoproject.com/en/1.6/ref/settings/#allowed-hosts`
Fixed #49: set CSRF_TRUSTED_ORIGINS from ALLOWED_HOSTS 2017-12-15 22:10:42 +00:00			`CSRF_TRUSTED_ORIGINS = ALLOWED_HOSTS`

Initial commit that merge both the front end and the API in the same repository 2017-06-23 21:00:42 +00:00			`# END SITE CONFIGURATION`

			`# Static Assets`
			`# ------------------------`
Blacked the code 2018-06-09 13:36:16 +00:00			`STATICFILES_STORAGE = "django.contrib.staticfiles.storage.StaticFilesStorage"`
Initial commit that merge both the front end and the API in the same repository 2017-06-23 21:00:42 +00:00
			`# TEMPLATE CONFIGURATION`
			`# ------------------------------------------------------------------------------`
			`# See:`
			`# https://docs.djangoproject.com/en/dev/ref/templates/api/#django.template.loaders.cached.Loader`
Blacked the code 2018-06-09 13:36:16 +00:00			`TEMPLATES[0]["OPTIONS"]["loaders"] = [`
			`(`
			`"django.template.loaders.cached.Loader",`
			`[`
			`"django.template.loaders.filesystem.Loader",`
			`"django.template.loaders.app_directories.Loader",`
			`],`
			`)`
Initial commit that merge both the front end and the API in the same repository 2017-06-23 21:00:42 +00:00			`]`

			`# CACHING`
			`# ------------------------------------------------------------------------------`
			`# Heroku URL does not pass the DB number, so we parse it in`
upgrade to latest dynamic_preferences and use redis as cache even locally 2017-07-09 11:27:15 +00:00
Initial commit that merge both the front end and the API in the same repository 2017-06-23 21:00:42 +00:00
			`# LOGGING CONFIGURATION`
			`# ------------------------------------------------------------------------------`
			`# See: https://docs.djangoproject.com/en/dev/ref/settings/#logging`
			`# A sample logging configuration. The only tangible logging`
			`# performed by this configuration is to send an email to`
			`# the site admins on every HTTP 500 error when DEBUG=False.`
			`# See http://docs.djangoproject.com/en/dev/topics/logging for`
			`# more details on how to customize your logging configuration.`
			`LOGGING = {`
Blacked the code 2018-06-09 13:36:16 +00:00			`"version": 1,`
			`"disable_existing_loggers": False,`
			`"filters": {"require_debug_false": {"()": "django.utils.log.RequireDebugFalse"}},`
			`"formatters": {`
			`"verbose": {`
			`"format": "%(levelname)s %(asctime)s %(module)s "`
			`"%(process)d %(thread)d %(message)s"`
Initial commit that merge both the front end and the API in the same repository 2017-06-23 21:00:42 +00:00			`}`
			`},`
Blacked the code 2018-06-09 13:36:16 +00:00			`"handlers": {`
			`"mail_admins": {`
			`"level": "ERROR",`
			`"filters": ["require_debug_false"],`
			`"class": "django.utils.log.AdminEmailHandler",`
			`},`
			`"console": {`
			`"level": "DEBUG",`
			`"class": "logging.StreamHandler",`
			`"formatter": "verbose",`
Initial commit that merge both the front end and the API in the same repository 2017-06-23 21:00:42 +00:00			`},`
			`},`
Blacked the code 2018-06-09 13:36:16 +00:00			`"loggers": {`
			`"django.request": {`
			`"handlers": ["mail_admins"],`
			`"level": "ERROR",`
			`"propagate": True,`
Initial commit that merge both the front end and the API in the same repository 2017-06-23 21:00:42 +00:00			`},`
Blacked the code 2018-06-09 13:36:16 +00:00			`"django.security.DisallowedHost": {`
			`"level": "ERROR",`
			`"handlers": ["console", "mail_admins"],`
			`"propagate": True,`
Initial commit that merge both the front end and the API in the same repository 2017-06-23 21:00:42 +00:00			`},`
			`},`
			`}`


			`# Your production stuff: Below this line define 3rd party library settings`