nexus-3/backend/config/settings/production.py
2026-01-26 10:30:49 -05:00

99 lines
2.8 KiB
Python

"""
Production settings for the application.
"""
from .base import *
import sentry_sdk
from sentry_sdk.integrations.django import DjangoIntegration
import os
from dotenv import load_dotenv
# Load environment variables from .env file
load_dotenv()
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY')
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False
ALLOWED_HOSTS = [
os.environ.get('DJANGO_ALLOWED_HOST', 'example.com'),
'www.example.com', # Update with your domain
]
# Database
# https://docs.djangoproject.com/en/4.2/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql',
'NAME': os.environ.get('DB_NAME', 'app_db'),
'USER': os.environ.get('DB_USER', 'app_user'),
'PASSWORD': os.environ.get('DB_PASSWORD', ''),
'HOST': os.environ.get('DB_HOST', 'localhost'),
'PORT': os.environ.get('DB_PORT', '5432'),
'CONN_MAX_AGE': 600, # 10 minutes
}
}
# Security settings
SECURE_HSTS_SECONDS = 31536000 # 1 year
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True
SECURE_SSL_REDIRECT = True
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
# CORS settings
CORS_ALLOWED_ORIGINS = [
'https://example.com',
'https://www.example.com', # Update with your frontend domain
]
# Email settings
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = os.environ.get('EMAIL_HOST')
EMAIL_PORT = int(os.environ.get('EMAIL_PORT', 587))
EMAIL_HOST_USER = os.environ.get('EMAIL_HOST_USER')
EMAIL_HOST_PASSWORD = os.environ.get('EMAIL_HOST_PASSWORD')
EMAIL_USE_TLS = True
DEFAULT_FROM_EMAIL = 'noreply@example.com' # Update with your email
# Static files
STATICFILES_STORAGE = 'django.contrib.staticfiles.storage.ManifestStaticFilesStorage'
# Configure Sentry for error tracking (optional)
try:
dsn = os.environ.get('SENTRY_DSN')
if dsn: # Only initialize if DSN is provided
sentry_sdk.init(
dsn=dsn,
integrations=[DjangoIntegration()],
traces_sample_rate=0.1,
send_default_pii=False
)
except ImportError:
pass
# Cache settings
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.redis.RedisCache',
'LOCATION': os.environ.get('REDIS_URL', 'redis://localhost:6379/1'),
}
}
# Logging
log_path = '/var/log/django/django.log'
log_dir = os.path.dirname(log_path)
if os.path.exists(log_dir) and os.access(log_dir, os.W_OK):
LOGGING['handlers']['file']['filename'] = log_path
# Turn off DRF Browsable API in production
REST_FRAMEWORK = {
'DEFAULT_RENDERER_CLASSES': (
'rest_framework.renderers.JSONRenderer',
)
}