Se utilizara settings as a package

Esto para poder hacer un deploy limpio con CI/CD ME GUSTO COMO FUNCIONA ESO Y LO HABIA EVITADO HASTA AHORA!
2020-06-03 06:32:42 -04:00
parent b4b9dafc02
commit fcefb0950d
3 changed files with 50 additions and 6 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -3,5 +3,4 @@ __pycache__
 /.idea
 /db.sqlite3
 /static
-musiclist/settings.py
-TODO.md
+TODO.md
--- a/musiclist/settings.example.py
+++ b/musiclist/settings.example.py
@@ -1,11 +1,22 @@
+"""
+Base settings for the project
+"""
 import os

-BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
-SECRET_KEY = 'c8%4_^4oc%wwqlcxlon-(_7v!xj8fbyba+pj*xy$oi*6#n!7ez'
 DEBUG = True
-ALLOWED_HOSTS = []
-CORS_ORIGIN_ALLOW_ALL = True
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))

+SECRET_KEY = 'nyan'
+
+"""Hosts allowed to run the server"""
+ALLOWED_HOSTS = []
+
+"""Django CORS Configuration"""
+CORS_ORIGIN_ALLOW_ALL = True
+CORS_ORIGIN_WHITELIST = []
+
+
+"""Apps to be run"""
 INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
@@ -23,6 +34,7 @@ INSTALLED_APPS = [
    'welcome.apps.WelcomeConfig',
 ]

+"""Middlewares on every call"""
 MIDDLEWARE = [
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.security.SecurityMiddleware',
@@ -34,8 +46,10 @@ MIDDLEWARE = [
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]

+"""Root import path to urlconf"""
 ROOT_URLCONF = 'musiclist.urls'

+"""How django process templates"""
 TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
@@ -52,8 +66,10 @@ TEMPLATES = [
    },
 ]

+"""Import path to wsgi app to be run"""
 WSGI_APPLICATION = 'musiclist.wsgi.application'

+"""Database configuration"""
 DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.sqlite3',
@@ -61,6 +77,7 @@ DATABASES = {
    }
 }

+"""How to validate password security"""
 AUTH_PASSWORD_VALIDATORS = [
    {
        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
@@ -76,6 +93,7 @@ AUTH_PASSWORD_VALIDATORS = [
    },
 ]

+"""Rest framework configuration"""
 REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'oauth2_provider.contrib.rest_framework.OAuth2Authentication',
@@ -85,14 +103,20 @@ REST_FRAMEWORK = {
    )
 }

+"""Location settings"""
 LANGUAGE_CODE = 'es-es'
 TIME_ZONE = 'America/Santiago'
 USE_I18N = True
 USE_L10N = True
 USE_TZ = True

+"""URL where static files can be queried"""
 STATIC_URL = '/static/'

+"""Absolute path where collectstatic will dump files"""
+STATIC_ROOT = os.path.join(BASE_DIR, 'static')
+
+"""Logging configuration"""
 LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
@@ -112,10 +136,14 @@ LOGGING = {
    },
 }

+"""Cache used for musicbrainz queries"""
 CUSTOM_CACHE = {
    'enabled': True
 }

+"""Where the login route is defined"""
 LOGIN_URL = '/auth/login/'
+
+"""What is the user model of the app"""
 AUTH_USER_MODEL = 'users.User'

--- a/musiclist/settings/prod.py
+++ b/musiclist/settings/prod.py
@@ -0,0 +1,17 @@
+from . import *
+
+DEBUG = False
+SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY')
+ALLOWED_HOSTS = ['musiclist-api.danielcortes.xyz']
+
+CORS_ORIGIN_ALLOW_ALL = False
+CORS_ORIGIN_WHITELIST = ['musiclist.danielcortes.xyz']
+
+"""Security"""
+SECURE_HSTS_SECONDS = 31536000
+SECURE_HSTS_INCLUDE_SUBDOMAINS = True
+SECURE_HSTS_PRELOAD = True
+SECURE_SSL_REDIRECT = True
+SESSION_COOKIE_SECURE = True
+CSRF_COOKIE_SECURE = True
+SECURE_REFERRER_POLICY = 'strict-origin'