mirror of
https://github.com/cookiecutter/cookiecutter-django.git
synced 2024-11-24 02:24:07 +03:00
305 lines
11 KiB
Python
305 lines
11 KiB
Python
"""
|
|
Production settings for {{cookiecutter.project_name}} project.
|
|
|
|
{% if cookiecutter.use_whitenoise == 'y' -%}
|
|
- Use WhiteNoise for serving static files{% endif %}
|
|
- Use Amazon's S3 for storing {% if cookiecutter.use_whitenoise == 'n' -%}static files and {% endif %}uploaded media
|
|
- Use mailgun to send emails
|
|
- Use Redis for cache
|
|
{% if cookiecutter.use_sentry_for_error_reporting == 'y' %}
|
|
- Use sentry for error logging
|
|
{% endif %}
|
|
{% if cookiecutter.use_opbeat == 'y' %}
|
|
- Use opbeat for error reporting
|
|
{% endif %}
|
|
"""
|
|
|
|
{% if cookiecutter.use_sentry_for_error_reporting == 'y' %}
|
|
import logging
|
|
{% endif %}
|
|
|
|
from .base import * # noqa
|
|
|
|
# SECRET CONFIGURATION
|
|
# ------------------------------------------------------------------------------
|
|
# See: https://docs.djangoproject.com/en/dev/ref/settings/#secret-key
|
|
# Raises ImproperlyConfigured exception if DJANGO_SECRET_KEY not in os.environ
|
|
SECRET_KEY = env('DJANGO_SECRET_KEY')
|
|
|
|
|
|
# This ensures that Django will be able to detect a secure connection
|
|
# properly on Heroku.
|
|
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
|
|
|
{%- if cookiecutter.use_sentry_for_error_reporting == 'y' %}
|
|
# raven sentry client
|
|
# See https://docs.sentry.io/clients/python/integrations/django/
|
|
INSTALLED_APPS += ['raven.contrib.django.raven_compat', ]
|
|
{% endif %}
|
|
{%- if cookiecutter.use_whitenoise == 'y' %}
|
|
# Use Whitenoise to serve static files
|
|
# See: https://whitenoise.readthedocs.io/
|
|
WHITENOISE_MIDDLEWARE = ['whitenoise.middleware.WhiteNoiseMiddleware', ]
|
|
MIDDLEWARE = WHITENOISE_MIDDLEWARE + MIDDLEWARE
|
|
{% endif %}
|
|
{%- if cookiecutter.use_sentry_for_error_reporting == 'y' -%}
|
|
RAVEN_MIDDLEWARE = ['raven.contrib.django.raven_compat.middleware.SentryResponseErrorIdMiddleware']
|
|
MIDDLEWARE = RAVEN_MIDDLEWARE + MIDDLEWARE
|
|
{% endif %}
|
|
{%- if cookiecutter.use_opbeat == 'y' -%}
|
|
# opbeat integration
|
|
# See https://opbeat.com/languages/django/
|
|
INSTALLED_APPS += ['opbeat.contrib.django', ]
|
|
OPBEAT = {
|
|
'ORGANIZATION_ID': env('DJANGO_OPBEAT_ORGANIZATION_ID'),
|
|
'APP_ID': env('DJANGO_OPBEAT_APP_ID'),
|
|
'SECRET_TOKEN': env('DJANGO_OPBEAT_SECRET_TOKEN')
|
|
}
|
|
MIDDLEWARE = ['opbeat.contrib.django.middleware.OpbeatAPMMiddleware', ] + MIDDLEWARE
|
|
{% endif %}
|
|
|
|
# SECURITY CONFIGURATION
|
|
# ------------------------------------------------------------------------------
|
|
# See https://docs.djangoproject.com/en/dev/ref/middleware/#module-django.middleware.security
|
|
# and https://docs.djangoproject.com/en/dev/howto/deployment/checklist/#run-manage-py-check-deploy
|
|
|
|
# set this to 60 seconds and then to 518400 when you can prove it works
|
|
SECURE_HSTS_SECONDS = 60
|
|
SECURE_HSTS_INCLUDE_SUBDOMAINS = env.bool(
|
|
'DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS', default=True)
|
|
SECURE_CONTENT_TYPE_NOSNIFF = env.bool(
|
|
'DJANGO_SECURE_CONTENT_TYPE_NOSNIFF', default=True)
|
|
SECURE_BROWSER_XSS_FILTER = True
|
|
SESSION_COOKIE_SECURE = True
|
|
SESSION_COOKIE_HTTPONLY = True
|
|
SECURE_SSL_REDIRECT = env.bool('DJANGO_SECURE_SSL_REDIRECT', default=True)
|
|
CSRF_COOKIE_SECURE = True
|
|
CSRF_COOKIE_HTTPONLY = True
|
|
X_FRAME_OPTIONS = 'DENY'
|
|
|
|
# SITE CONFIGURATION
|
|
# ------------------------------------------------------------------------------
|
|
# Hosts/domain names that are valid for this site
|
|
# See https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
|
|
ALLOWED_HOSTS = env.list('DJANGO_ALLOWED_HOSTS', default=['{{cookiecutter.domain_name}}', ])
|
|
# END SITE CONFIGURATION
|
|
|
|
INSTALLED_APPS += ['gunicorn', ]
|
|
|
|
|
|
# STORAGE CONFIGURATION
|
|
# ------------------------------------------------------------------------------
|
|
# Uploaded Media Files
|
|
# ------------------------
|
|
# See: http://django-storages.readthedocs.io/en/latest/index.html
|
|
INSTALLED_APPS += ['storages', ]
|
|
|
|
AWS_ACCESS_KEY_ID = env('DJANGO_AWS_ACCESS_KEY_ID')
|
|
AWS_SECRET_ACCESS_KEY = env('DJANGO_AWS_SECRET_ACCESS_KEY')
|
|
AWS_STORAGE_BUCKET_NAME = env('DJANGO_AWS_STORAGE_BUCKET_NAME')
|
|
AWS_AUTO_CREATE_BUCKET = True
|
|
AWS_QUERYSTRING_AUTH = False
|
|
|
|
# AWS cache settings, don't change unless you know what you're doing:
|
|
AWS_EXPIRY = 60 * 60 * 24 * 7
|
|
|
|
AWS_S3_OBJECT_PARAMETERS = {
|
|
'CacheControl': 'max-age=%d, s-maxage=%d, must-revalidate' % (AWS_EXPIRY, AWS_EXPIRY),
|
|
}
|
|
|
|
# URL that handles the media served from MEDIA_ROOT, used for managing
|
|
# stored files.
|
|
{% if cookiecutter.use_whitenoise == 'y' -%}
|
|
MEDIA_URL = 'https://s3.amazonaws.com/%s/' % AWS_STORAGE_BUCKET_NAME
|
|
DEFAULT_FILE_STORAGE = 'storages.backends.s3boto3.S3Boto3Storage'
|
|
{% else %}
|
|
# See:http://stackoverflow.com/questions/10390244/
|
|
from storages.backends.s3boto3 import S3Boto3Storage
|
|
StaticRootS3BotoStorage = lambda: S3Boto3Storage(location='static') # noqa
|
|
MediaRootS3BotoStorage = lambda: S3Boto3Storage(location='media', file_overwrite=False) # noqa
|
|
DEFAULT_FILE_STORAGE = 'config.settings.production.MediaRootS3BotoStorage'
|
|
|
|
MEDIA_URL = 'https://s3.amazonaws.com/%s/media/' % AWS_STORAGE_BUCKET_NAME
|
|
{%- endif %}
|
|
|
|
# Static Assets
|
|
# ------------------------
|
|
{% if cookiecutter.use_whitenoise == 'y' -%}
|
|
STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'
|
|
{% else %}
|
|
STATIC_URL = 'https://s3.amazonaws.com/%s/static/' % AWS_STORAGE_BUCKET_NAME
|
|
STATICFILES_STORAGE = 'config.settings.production.StaticRootS3BotoStorage'
|
|
# See: https://github.com/antonagestam/collectfast
|
|
# For Django 1.7+, 'collectfast' should come before
|
|
# 'django.contrib.staticfiles'
|
|
AWS_PRELOAD_METADATA = True
|
|
INSTALLED_APPS = ['collectfast', ] + INSTALLED_APPS
|
|
{%- endif %}
|
|
{% if cookiecutter.use_compressor == 'y'-%}
|
|
# COMPRESSOR
|
|
# ------------------------------------------------------------------------------
|
|
COMPRESS_STORAGE = 'storages.backends.s3boto3.S3Boto3Storage'
|
|
COMPRESS_URL = STATIC_URL
|
|
COMPRESS_ENABLED = env.bool('COMPRESS_ENABLED', default=True)
|
|
{%- endif %}
|
|
# EMAIL
|
|
# ------------------------------------------------------------------------------
|
|
DEFAULT_FROM_EMAIL = env('DJANGO_DEFAULT_FROM_EMAIL',
|
|
default='{{cookiecutter.project_name}} <noreply@{{cookiecutter.domain_name}}>')
|
|
EMAIL_SUBJECT_PREFIX = env('DJANGO_EMAIL_SUBJECT_PREFIX', default='[{{cookiecutter.project_name}}]')
|
|
SERVER_EMAIL = env('DJANGO_SERVER_EMAIL', default=DEFAULT_FROM_EMAIL)
|
|
|
|
# Anymail with Mailgun
|
|
INSTALLED_APPS += ['anymail', ]
|
|
ANYMAIL = {
|
|
'MAILGUN_API_KEY': env('DJANGO_MAILGUN_API_KEY'),
|
|
'MAILGUN_SENDER_DOMAIN': env('MAILGUN_SENDER_DOMAIN')
|
|
}
|
|
EMAIL_BACKEND = 'anymail.backends.mailgun.EmailBackend'
|
|
|
|
# TEMPLATE CONFIGURATION
|
|
# ------------------------------------------------------------------------------
|
|
# See:
|
|
# https://docs.djangoproject.com/en/dev/ref/templates/api/#django.template.loaders.cached.Loader
|
|
TEMPLATES[0]['OPTIONS']['loaders'] = [
|
|
('django.template.loaders.cached.Loader', [
|
|
'django.template.loaders.filesystem.Loader', 'django.template.loaders.app_directories.Loader', ]),
|
|
]
|
|
{% set _DEFAULT_CONN_MAX_AGE=60 %}
|
|
# DATABASE CONFIGURATION
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Use the Heroku-style specification
|
|
# Raises ImproperlyConfigured exception if DATABASE_URL not in os.environ
|
|
DATABASES['default'] = env.db('DATABASE_URL')
|
|
DATABASES['default']['CONN_MAX_AGE'] = env.int('CONN_MAX_AGE', default={{ _DEFAULT_CONN_MAX_AGE }})
|
|
DATABASES['default']['ATOMIC_REQUESTS'] = True
|
|
|
|
# CACHING
|
|
# ------------------------------------------------------------------------------
|
|
REDIS_LOCATION = '{0}/{1}'.format(env('REDIS_URL', default='redis://127.0.0.1:6379'), 0)
|
|
|
|
# Heroku URL does not pass the DB number, so we parse it in
|
|
CACHES = {
|
|
'default': {
|
|
'BACKEND': 'django_redis.cache.RedisCache',
|
|
'LOCATION': REDIS_LOCATION,
|
|
'OPTIONS': {
|
|
'CLIENT_CLASS': 'django_redis.client.DefaultClient',
|
|
'IGNORE_EXCEPTIONS': True, # mimics memcache behavior.
|
|
# http://niwinz.github.io/django-redis/latest/#_memcached_exceptions_behavior
|
|
}
|
|
}
|
|
}
|
|
|
|
{% if cookiecutter.use_sentry_for_error_reporting == 'y' %}
|
|
# Sentry Configuration
|
|
SENTRY_DSN = env('DJANGO_SENTRY_DSN')
|
|
SENTRY_CLIENT = env('DJANGO_SENTRY_CLIENT', default='raven.contrib.django.raven_compat.DjangoClient')
|
|
LOGGING = {
|
|
'version': 1,
|
|
'disable_existing_loggers': True,
|
|
'root': {
|
|
'level': 'WARNING',
|
|
'handlers': ['sentry', ],
|
|
},
|
|
'formatters': {
|
|
'verbose': {
|
|
'format': '%(levelname)s %(asctime)s %(module)s '
|
|
'%(process)d %(thread)d %(message)s'
|
|
},
|
|
},
|
|
'handlers': {
|
|
'sentry': {
|
|
'level': 'ERROR',
|
|
'class': 'raven.contrib.django.raven_compat.handlers.SentryHandler',
|
|
},
|
|
'console': {
|
|
'level': 'DEBUG',
|
|
'class': 'logging.StreamHandler',
|
|
'formatter': 'verbose'
|
|
}
|
|
},
|
|
'loggers': {
|
|
'django.db.backends': {
|
|
'level': 'ERROR',
|
|
'handlers': ['console', ],
|
|
'propagate': False,
|
|
},
|
|
'raven': {
|
|
'level': 'DEBUG',
|
|
'handlers': ['console', ],
|
|
'propagate': False,
|
|
},
|
|
'sentry.errors': {
|
|
'level': 'DEBUG',
|
|
'handlers': ['console', ],
|
|
'propagate': False,
|
|
},
|
|
'django.security.DisallowedHost': {
|
|
'level': 'ERROR',
|
|
'handlers': ['console', 'sentry', ],
|
|
'propagate': False,
|
|
},
|
|
},
|
|
}
|
|
SENTRY_CELERY_LOGLEVEL = env.int('DJANGO_SENTRY_LOG_LEVEL', logging.INFO)
|
|
RAVEN_CONFIG = {
|
|
'CELERY_LOGLEVEL': env.int('DJANGO_SENTRY_LOG_LEVEL', logging.INFO),
|
|
'DSN': SENTRY_DSN
|
|
}
|
|
{% elif cookiecutter.use_sentry_for_error_reporting == 'n' %}
|
|
# LOGGING CONFIGURATION
|
|
# ------------------------------------------------------------------------------
|
|
# See: https://docs.djangoproject.com/en/dev/ref/settings/#logging
|
|
# A sample logging configuration. The only tangible logging
|
|
# performed by this configuration is to send an email to
|
|
# the site admins on every HTTP 500 error when DEBUG=False.
|
|
# See https://docs.djangoproject.com/en/dev/topics/logging for
|
|
# more details on how to customize your logging configuration.
|
|
LOGGING = {
|
|
'version': 1,
|
|
'disable_existing_loggers': False,
|
|
'filters': {
|
|
'require_debug_false': {
|
|
'()': 'django.utils.log.RequireDebugFalse'
|
|
}
|
|
},
|
|
'formatters': {
|
|
'verbose': {
|
|
'format': '%(levelname)s %(asctime)s %(module)s '
|
|
'%(process)d %(thread)d %(message)s'
|
|
},
|
|
},
|
|
'handlers': {
|
|
'mail_admins': {
|
|
'level': 'ERROR',
|
|
'filters': ['require_debug_false', ],
|
|
'class': 'django.utils.log.AdminEmailHandler'
|
|
},
|
|
'console': {
|
|
'level': 'DEBUG',
|
|
'class': 'logging.StreamHandler',
|
|
'formatter': 'verbose',
|
|
},
|
|
},
|
|
'loggers': {
|
|
'django.request': {
|
|
'handlers': ['mail_admins', ],
|
|
'level': 'ERROR',
|
|
'propagate': True
|
|
},
|
|
'django.security.DisallowedHost': {
|
|
'level': 'ERROR',
|
|
'handlers': ['console', 'mail_admins', ],
|
|
'propagate': True
|
|
}
|
|
}
|
|
}
|
|
{% endif %}
|
|
# Custom Admin URL, use {% raw %}{% url 'admin:index' %}{% endraw %}
|
|
ADMIN_URL = env('DJANGO_ADMIN_URL')
|
|
|
|
# Your production stuff: Below this line define 3rd party library settings
|
|
# ------------------------------------------------------------------------------
|