""" Production-specific settings. """ import os from .base import * # ============================================================================ # DEBUG CONFIGURATION # ============================================================================ DEBUG = False # ============================================================================ # ALLOWED HOSTS # ============================================================================ # In production, specify allowed hosts explicitly from environment variable ALLOWED_HOSTS = os.getenv("ALLOWED_HOSTS", "localhost,127.0.0.1").split(",") # CSRF trusted origins (required for forms to work behind proxy) CSRF_TRUSTED_ORIGINS = os.getenv( "CSRF_TRUSTED_ORIGINS", "http://localhost,http://127.0.0.1,http://localhost:8080,http://127.0.0.1:8080" ).split(",") # ============================================================================ # SECURITY SETTINGS # ============================================================================ # SSL/HTTPS settings (disable for local testing without SSL) SECURE_SSL_REDIRECT = os.getenv("SECURE_SSL_REDIRECT", "False") == "True" SESSION_COOKIE_SECURE = os.getenv("SESSION_COOKIE_SECURE", "False") == "True" CSRF_COOKIE_SECURE = os.getenv("CSRF_COOKIE_SECURE", "False") == "True" # Security headers SECURE_BROWSER_XSS_FILTER = True SECURE_CONTENT_TYPE_NOSNIFF = True # HSTS settings (disable for local testing) SECURE_HSTS_SECONDS = int(os.getenv("SECURE_HSTS_SECONDS", "0")) SECURE_HSTS_INCLUDE_SUBDOMAINS = os.getenv("SECURE_HSTS_INCLUDE_SUBDOMAINS", "False") == "True" SECURE_HSTS_PRELOAD = os.getenv("SECURE_HSTS_PRELOAD", "False") == "True" # Additional security settings SECURE_REDIRECT_EXEMPT = [] X_FRAME_OPTIONS = "DENY" # ============================================================================ # TEMPLATE CACHING # ============================================================================ TEMPLATES = [ { "BACKEND": "django.template.backends.django.DjangoTemplates", "DIRS": [ BASE_DIR / "templates", ], "APP_DIRS": False, # Must be False when using custom loaders "OPTIONS": { "context_processors": [ "django.template.context_processors.debug", "django.template.context_processors.request", "django.contrib.auth.context_processors.auth", "django.contrib.messages.context_processors.messages", ], "loaders": [ ( "django.template.loaders.cached.Loader", [ "django.template.loaders.filesystem.Loader", "django.template.loaders.app_directories.Loader", ], ), ], }, }, ] # ============================================================================ # STATIC FILES CONFIGURATION # ============================================================================ STATIC_ROOT = BASE_DIR.parent / "staticfiles" STATICFILES_STORAGE = "django.contrib.staticfiles.storage.ManifestStaticFilesStorage" # ============================================================================ # LOGGING CONFIGURATION # ============================================================================ LOGGING = { "version": 1, "disable_existing_loggers": False, "formatters": { "verbose": { "format": "{levelname} {asctime} {module} {process:d} {thread:d} {message}", "style": "{", }, "simple": { "format": "{levelname} {message}", "style": "{", }, }, "filters": { "require_debug_false": { "()": "django.utils.log.RequireDebugFalse", }, }, "handlers": { "console": { "level": "INFO", "class": "logging.StreamHandler", "formatter": "simple", }, "file": { "level": "ERROR", "class": "logging.FileHandler", "filename": BASE_DIR.parent / "logs" / "django_errors.log", "formatter": "verbose", }, "mail_admins": { "level": "ERROR", "class": "django.utils.log.AdminEmailHandler", "filters": ["require_debug_false"], "formatter": "verbose", }, }, "loggers": { "django": { "handlers": ["console", "file"], "level": "INFO", "propagate": True, }, "django.request": { "handlers": ["mail_admins", "file"], "level": "ERROR", "propagate": False, }, }, }