From fcefb0950dc34dbbb5c3226bc93586b108273b4b Mon Sep 17 00:00:00 2001 From: Daniel Cortes Date: Wed, 3 Jun 2020 06:32:42 -0400 Subject: [PATCH] Se utilizara settings as a package Esto para poder hacer un deploy limpio con CI/CD ME GUSTO COMO FUNCIONA ESO Y LO HABIA EVITADO HASTA AHORA! --- .gitignore | 3 +- .../__init__.py} | 36 ++++++++++++++++--- musiclist/settings/prod.py | 17 +++++++++ 3 files changed, 50 insertions(+), 6 deletions(-) rename musiclist/{settings.example.py => settings/__init__.py} (77%) create mode 100644 musiclist/settings/prod.py diff --git a/.gitignore b/.gitignore index 5f3cc9a..f9ceff8 100644 --- a/.gitignore +++ b/.gitignore @@ -3,5 +3,4 @@ __pycache__ /.idea /db.sqlite3 /static -musiclist/settings.py -TODO.md \ No newline at end of file +TODO.md diff --git a/musiclist/settings.example.py b/musiclist/settings/__init__.py similarity index 77% rename from musiclist/settings.example.py rename to musiclist/settings/__init__.py index 313aab6..31c0be4 100644 --- a/musiclist/settings.example.py +++ b/musiclist/settings/__init__.py @@ -1,11 +1,22 @@ +""" +Base settings for the project +""" import os -BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) -SECRET_KEY = 'c8%4_^4oc%wwqlcxlon-(_7v!xj8fbyba+pj*xy$oi*6#n!7ez' DEBUG = True -ALLOWED_HOSTS = [] -CORS_ORIGIN_ALLOW_ALL = True +BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))) +SECRET_KEY = 'nyan' + +"""Hosts allowed to run the server""" +ALLOWED_HOSTS = [] + +"""Django CORS Configuration""" +CORS_ORIGIN_ALLOW_ALL = True +CORS_ORIGIN_WHITELIST = [] + + +"""Apps to be run""" INSTALLED_APPS = [ 'django.contrib.admin', 'django.contrib.auth', @@ -23,6 +34,7 @@ INSTALLED_APPS = [ 'welcome.apps.WelcomeConfig', ] +"""Middlewares on every call""" MIDDLEWARE = [ 'corsheaders.middleware.CorsMiddleware', 'django.middleware.security.SecurityMiddleware', @@ -34,8 +46,10 @@ MIDDLEWARE = [ 'django.middleware.clickjacking.XFrameOptionsMiddleware', ] +"""Root import path to urlconf""" ROOT_URLCONF = 'musiclist.urls' +"""How django process templates""" TEMPLATES = [ { 'BACKEND': 'django.template.backends.django.DjangoTemplates', @@ -52,8 +66,10 @@ TEMPLATES = [ }, ] +"""Import path to wsgi app to be run""" WSGI_APPLICATION = 'musiclist.wsgi.application' +"""Database configuration""" DATABASES = { 'default': { 'ENGINE': 'django.db.backends.sqlite3', @@ -61,6 +77,7 @@ DATABASES = { } } +"""How to validate password security""" AUTH_PASSWORD_VALIDATORS = [ { 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', @@ -76,6 +93,7 @@ AUTH_PASSWORD_VALIDATORS = [ }, ] +"""Rest framework configuration""" REST_FRAMEWORK = { 'DEFAULT_AUTHENTICATION_CLASSES': ( 'oauth2_provider.contrib.rest_framework.OAuth2Authentication', @@ -85,14 +103,20 @@ REST_FRAMEWORK = { ) } +"""Location settings""" LANGUAGE_CODE = 'es-es' TIME_ZONE = 'America/Santiago' USE_I18N = True USE_L10N = True USE_TZ = True +"""URL where static files can be queried""" STATIC_URL = '/static/' +"""Absolute path where collectstatic will dump files""" +STATIC_ROOT = os.path.join(BASE_DIR, 'static') + +"""Logging configuration""" LOGGING = { 'version': 1, 'disable_existing_loggers': False, @@ -112,10 +136,14 @@ LOGGING = { }, } +"""Cache used for musicbrainz queries""" CUSTOM_CACHE = { 'enabled': True } +"""Where the login route is defined""" LOGIN_URL = '/auth/login/' + +"""What is the user model of the app""" AUTH_USER_MODEL = 'users.User' diff --git a/musiclist/settings/prod.py b/musiclist/settings/prod.py new file mode 100644 index 0000000..cb4f1cf --- /dev/null +++ b/musiclist/settings/prod.py @@ -0,0 +1,17 @@ +from . import * + +DEBUG = False +SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY') +ALLOWED_HOSTS = ['musiclist-api.danielcortes.xyz'] + +CORS_ORIGIN_ALLOW_ALL = False +CORS_ORIGIN_WHITELIST = ['musiclist.danielcortes.xyz'] + +"""Security""" +SECURE_HSTS_SECONDS = 31536000 +SECURE_HSTS_INCLUDE_SUBDOMAINS = True +SECURE_HSTS_PRELOAD = True +SECURE_SSL_REDIRECT = True +SESSION_COOKIE_SECURE = True +CSRF_COOKIE_SECURE = True +SECURE_REFERRER_POLICY = 'strict-origin'