# Copyright 2015 Google LLC. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. import io import os import environ from google.cloud import secretmanager # Build paths inside the project like this: os.path.join(BASE_DIR, ...) BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) # [START gaeflex_py_django_secret_config] env = environ.Env(DEBUG=(bool, False)) env_file = os.path.join(BASE_DIR, ".env") if os.path.isfile(env_file): # Use a local secret file, if provided env.read_env(env_file) # [START_EXCLUDE] elif os.getenv("TRAMPOLINE_CI", None): # Create local settings if running with CI, for unit testing placeholder = ( f"SECRET_KEY=a\n" "GS_BUCKET_NAME=None\n" f"DATABASE_URL=sqlite://{os.path.join(BASE_DIR, 'db.sqlite3')}" ) env.read_env(io.StringIO(placeholder)) # [END_EXCLUDE] elif os.environ.get("GOOGLE_CLOUD_PROJECT", None): # Pull secrets from Secret Manager project_id = os.environ.get("GOOGLE_CLOUD_PROJECT") client = secretmanager.SecretManagerServiceClient() settings_name = os.environ.get("SETTINGS_NAME", "django_settings") name = f"projects/{project_id}/secrets/{settings_name}/versions/latest" payload = client.access_secret_version(name=name).payload.data.decode("UTF-8") env.read_env(io.StringIO(payload)) else: raise Exception("No local .env or GOOGLE_CLOUD_PROJECT detected. No secrets found.") # [END gaeflex_py_django_secret_config] SECRET_KEY = env("SECRET_KEY") # SECURITY WARNING: don't run with debug turned on in production! # Change this to "False" when you are ready for production DEBUG = env("DEBUG") # SECURITY WARNING: App Engine's security features ensure that it is safe to # have ALLOWED_HOSTS = ['*'] when the app is deployed. If you deploy a Django # app not on App Engine, make sure to set an appropriate host here. ALLOWED_HOSTS = ["*"] # Application definition INSTALLED_APPS = ( "django.contrib.admin", "django.contrib.auth", "django.contrib.contenttypes", "django.contrib.sessions", "django.contrib.messages", "django.contrib.staticfiles", "polls", ) MIDDLEWARE = ( "django.middleware.security.SecurityMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", ) ROOT_URLCONF = "mysite.urls" TEMPLATES = [ { "BACKEND": "django.template.backends.django.DjangoTemplates", "DIRS": [], "APP_DIRS": True, "OPTIONS": { "context_processors": [ "django.template.context_processors.debug", "django.template.context_processors.request", "django.contrib.auth.context_processors.auth", "django.contrib.messages.context_processors.messages", ], }, }, ] WSGI_APPLICATION = "mysite.wsgi.application" # Database # [START gaeflex_py_django_database_config] # Use django-environ to parse the connection string DATABASES = {"default": env.db()} # If the flag as been set, configure to use proxy if os.getenv("USE_CLOUD_SQL_AUTH_PROXY", None): DATABASES["default"]["HOST"] = "127.0.0.1" DATABASES["default"]["PORT"] = 5432 # [END gaeflex_py_django_database_config] # Use a in-memory sqlite3 database when testing in CI systems if os.getenv("TRAMPOLINE_CI", None): DATABASES = { "default": { "ENGINE": "django.db.backends.sqlite3", "NAME": os.path.join(BASE_DIR, "db.sqlite3"), } } # Password validation AUTH_PASSWORD_VALIDATORS = [ { "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", # noqa: 501 }, { "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", # noqa: 501 }, { "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", # noqa: 501 }, { "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", # noqa: 501 }, ] # Internationalization # https://docs.djangoproject.com/en/stable/topics/i18n/ LANGUAGE_CODE = "en-us" TIME_ZONE = "UTC" USE_I18N = True USE_TZ = True # Static files (CSS, JavaScript, Images) # [START gaeflex_py_django_static_config] # Define static storage via django-storages[google] GS_BUCKET_NAME = env("GS_BUCKET_NAME") STATIC_URL = "/static/" STORAGES = { "default": { "BACKEND": "storages.backends.gcloud.GoogleCloudStorage", }, "staticfiles": { "BACKEND": "storages.backends.gcloud.GoogleCloudStorage", }, } GS_DEFAULT_ACL = "publicRead" # [END gaeflex_py_django_static_config] # Default primary key field type # https://docs.djangoproject.com/en/stable/ref/settings/#default-auto-field DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"