From: David Kerkeslager Date: Thu, 13 Aug 2020 02:02:49 +0000 (-0400) Subject: Change method of storing secrets X-Git-Url: https://code.kerkeslager.com/?a=commitdiff_plain;h=7d3c9dcd1f304493510d82f0a9683e44f9227008;p=styx.blog Change method of storing secrets --- diff --git a/styx/settings.py b/styx/settings.py index 37af17a..e647c67 100644 --- a/styx/settings.py +++ b/styx/settings.py @@ -11,6 +11,7 @@ https://docs.djangoproject.com/en/3.1/ref/settings/ """ from pathlib import Path +import json import os # Build paths inside the project like this: BASE_DIR / 'subdir'. @@ -20,15 +21,20 @@ BASE_DIR = Path(__file__).resolve(strict=True).parent.parent # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/3.1/howto/deployment/checklist/ -# SECURITY WARNING: keep the secret key used in production secret! +try: + with open('~/.styxrc', 'r') as styxrc: + LOCAL_SETTINGS = json.loads(styxrc.read()) + +except FileNotFoundError: + LOCAL_SETTINGS = {} # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = (os.environ.get('STYX_DEBUG', 'true') == 'true') +DEBUG = LOCAL_SETTINGS.get('DEBUG', True) if DEBUG: SECRET_KEY = 'mq@_9a6&y4nvgqa7obf-r%a4^dt)z=r8jr&91&=oc^6-=i0*$z' else: - SECRET_KEY = os.environ['STYX_SECRET_KEY'] + SECRET_KEY = LOCAL_SETTINGS['SECRET_KEY'] ALLOWED_HOSTS = [ 'localhost', @@ -95,7 +101,7 @@ else: 'ENGINE': 'django.db.backends.postgresql_psycopg2', 'NAME': 'styx', 'USER': 'styxuser', - 'PASSWORD': os.environ['STYX_DB_PASSWORD'], + 'PASSWORD': LOCAL_SETTINGS['DB_PASSWORD'], } }