From 446413083a75530602ca83053fbf3be0e68bba03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Motiejus=20Jak=C5=A1tys?= Date: Sun, 14 Jan 2024 20:18:52 +0200 Subject: [PATCH] read secret key from file --- app/e11sync/settings.py | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/app/e11sync/settings.py b/app/e11sync/settings.py index 8f7ec96..350b95b 100644 --- a/app/e11sync/settings.py +++ b/app/e11sync/settings.py @@ -16,9 +16,18 @@ else: else: _DATABASE_PATH = BASE_DIR / 'db.sqlite3' +if secret_path := environ.get("E11SYNC_SECRET_KEY_PATH"): + with open(secret_path) as f: + _SECRET_KEY = f.read().strip() + secret_key_msg = "SECRET_KEY read from {}".format(secret_path) +else: + _SECRET_KEY = 'django-insecure-$e2!=equ(efm0e%f9&t+xjtz0)$*$@pw%rnjdqcl8f@5o5hw!l' + secret_key_msg = "SECRET_KEY is insecure" + # otherwise it gets printed twice if not environ.get("E11SYNC_DEBUG_PRINTED"): print("DEBUG={}".format(_DEBUG)) + print(secret_key_msg) print("COMPRESS_OFFLINE={}".format(_COMPRESS_OFFLINE)) print("STATIC_ROOT={}".format(_STATIC_ROOT)) print("GEOIP_PATH={}".format(_GEOIP_PATH)) @@ -28,7 +37,7 @@ if not environ.get("E11SYNC_DEBUG_PRINTED"): ######################################## ## No more side effects after this place -SECRET_KEY = 'django-insecure-$e2!=equ(efm0e%f9&t+xjtz0)$*$@pw%rnjdqcl8f@5o5hw!l' +SECRET_KEY = _SECRET_KEY DEBUG = _DEBUG