From 7d9f13b7d502431d3b86f913f144794c00eed7eb Mon Sep 17 00:00:00 2001 From: phzhik Date: Sat, 27 Apr 2024 19:54:30 +0400 Subject: [PATCH] * Store keys in env variables * Cleanup --- .env | 20 +++++++++++++++++++- .gitignore | 1 + source3.jpeg => _docs/source3.jpeg | Bin poizonstore/settings.py | 26 ++++++++++++++++++++------ 4 files changed, 40 insertions(+), 7 deletions(-) rename source3.jpeg => _docs/source3.jpeg (100%) diff --git a/.env b/.env index 1a1ae72..1a58188 100644 --- a/.env +++ b/.env @@ -1 +1,19 @@ -APP_HOME=/var/www/phzhik-poizonstore/ \ No newline at end of file +APP_HOME=/var/www/poizonstore-stage + +# === Keys === +# Django +SECRET_KEY="" + +# Telegram bot +TG_BOT_TOKEN="" + +# External API settings +CDEK_CLIENT_ID="" +CDEK_CLIENT_SECRET="" +POIZON_TOKEN="" +CURRENCY_GETGEOIP_API_KEY="" + +# Let's Encrypt +LETSENCRYPT_EMAIL="phzhitnikov@gmail.com" + +ALLOWED_HOSTS=.crm-poizonstore.ru,127.0.0.1,localhost,45.84.227.72 \ No newline at end of file diff --git a/.gitignore b/.gitignore index fd23078..91addcf 100644 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,7 @@ media/**/* assets/**/* env +*.env .idea .DS_Store db.sqlite3 \ No newline at end of file diff --git a/source3.jpeg b/_docs/source3.jpeg similarity index 100% rename from source3.jpeg rename to _docs/source3.jpeg diff --git a/poizonstore/settings.py b/poizonstore/settings.py index 303ab68..8bd183c 100644 --- a/poizonstore/settings.py +++ b/poizonstore/settings.py @@ -13,33 +13,47 @@ import os from pathlib import Path import sentry_sdk +from django.core.exceptions import ImproperlyConfigured # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent +def get_secret(setting): + """Get the secret variable or return explicit exception.""" + try: + return os.environ[setting] + except KeyError: + error_msg = f'Set the {setting} environment variable' + raise ImproperlyConfigured(error_msg) + + # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! -SECRET_KEY = '***REMOVED***' +SECRET_KEY = get_secret("SECRET_KEY") + # External API settings -CDEK_CLIENT_ID = '***REMOVED***' -CDEK_CLIENT_SECRET = '***REMOVED***' +CDEK_CLIENT_ID = get_secret("CDEK_CLIENT_ID") +CDEK_CLIENT_SECRET = get_secret("CDEK_CLIENT_SECRET") -POIZON_TOKEN = '***REMOVED***' +POIZON_TOKEN = get_secret("POIZON_TOKEN") -CURRENCY_GETGEOIP_API_KEY = '***REMOVED***' +CURRENCY_GETGEOIP_API_KEY = get_secret("CURRENCY_GETGEOIP_API_KEY") EXTERNAL_API_TIMEOUT_SEC = 60 +# Telegram bot +TG_BOT_TOKEN = get_secret("TG_BOT_TOKEN") + # SECURITY WARNING: don't run with debug turned on in production! DEBUG = bool(int(os.environ.get("DJANGO_DEBUG") or 0)) DISABLE_PERMISSIONS = False DISABLE_CORS = True -ALLOWED_HOSTS = ["crm-poizonstore.ru", "127.0.0.1", "localhost", "45.84.227.72"] +ALLOWED_HOSTS = get_secret('ALLOWED_HOSTS').split(',') INTERNAL_IPS = ["127.0.0.1", 'localhost']