Created
September 5, 2021 15:06
-
-
Save rxhl/be5a9b777717b0b3b44d4214ac2b6e16 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Update the settings.py file to use our newly created env variables. | |
import io | |
import os | |
import environ | |
import google.auth | |
from google.cloud import secretmanager | |
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) | |
DEBUG = False | |
env = environ.Env( | |
SECRET_KEY=(str, os.getenv("SECRET_KEY")), | |
DATABASE_URL=(str, os.getenv("DATABASE_URL")), | |
GS_BUCKET_NAME=(str, os.getenv("GS_BUCKET_NAME")), | |
) | |
# Attempt to load the Project ID into the environment, safely failing on error. | |
try: | |
_, os.environ["GOOGLE_CLOUD_PROJECT"] = google.auth.default() | |
except google.auth.exceptions.DefaultCredentialsError: | |
pass | |
# Use local .env file in dev mode | |
if os.getenv("PYTHON_ENV") == "dev": | |
DEBUG = True | |
# Use GCP secret manager in prod mode | |
elif os.getenv("GOOGLE_CLOUD_PROJECT", None): | |
project_id = os.getenv("GOOGLE_CLOUD_PROJECT") | |
client = secretmanager.SecretManagerServiceClient() | |
settings_name = os.getenv("SETTINGS_NAME", "django_app_settings") | |
name = f"projects/{project_id}/secrets/{settings_name}/versions/latest" | |
payload = client.access_secret_version(name=name).payload.data.decode( | |
"UTF-8" | |
) | |
env.read_env(io.StringIO(payload)) | |
else: | |
raise Exception( | |
"No local .env or GOOGLE_CLOUD_PROJECT detected. No secrets found." | |
) | |
SECRET_KEY = env("SECRET_KEY") | |
ALLOWED_HOSTS = ["*"] | |
INSTALLED_APPS = [ | |
"django.contrib.admin", | |
"django.contrib.auth", | |
"django.contrib.contenttypes", | |
"django.contrib.sessions", | |
"django.contrib.messages", | |
"django.contrib.staticfiles", | |
"storages" | |
] | |
MIDDLEWARE = [ | |
"django.middleware.common.CommonMiddleware", | |
"django.middleware.security.SecurityMiddleware", | |
"django.contrib.sessions.middleware.SessionMiddleware", | |
"django.middleware.common.CommonMiddleware", | |
"django.middleware.csrf.CsrfViewMiddleware", | |
"django.contrib.auth.middleware.AuthenticationMiddleware", | |
"django.contrib.messages.middleware.MessageMiddleware", | |
"django.middleware.clickjacking.XFrameOptionsMiddleware" | |
] | |
ROOT_URLCONF = "app.urls" | |
TEMPLATES = [ | |
{ | |
"BACKEND": "django.template.backends.django.DjangoTemplates", | |
"DIRS": [], | |
"APP_DIRS": True, | |
"OPTIONS": { | |
"context_processors": [ | |
"django.template.context_processors.debug", | |
"django.template.context_processors.request", | |
"django.contrib.auth.context_processors.auth", | |
"django.contrib.messages.context_processors.messages", | |
], | |
}, | |
}, | |
] | |
WSGI_APPLICATION = "app.wsgi.application" | |
# Database | |
# Use django-environ to parse the connection string | |
DATABASES = {"default": env.db()} | |
# If the flag as been set, configure to use proxy | |
if os.getenv("USE_CLOUD_SQL_AUTH_PROXY", None): | |
DATABASES["default"]["HOST"] = "cloudsql-proxy" | |
DATABASES["default"]["PORT"] = 5432 | |
# Password validation | |
AUTH_PASSWORD_VALIDATORS = [ | |
{ | |
"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", | |
}, | |
{ | |
"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", | |
}, | |
{ | |
"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", | |
}, | |
{ | |
"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", | |
}, | |
] | |
# Internationalization | |
LANGUAGE_CODE = "en-us" | |
TIME_ZONE = "UTC" | |
USE_I18N = True | |
USE_L10N = True | |
USE_TZ = True | |
STATIC_URL = "/static/" | |
GS_BUCKET_NAME = env("GS_BUCKET_NAME") | |
STATICFILES_DIRS = [] | |
DEFAULT_FILE_STORAGE = "storages.backends.gcloud.GoogleCloudStorage" | |
STATICFILES_STORAGE = "storages.backends.gcloud.GoogleCloudStorage" | |
GS_DEFAULT_ACL = "publicRead" | |
DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment