Conversation
OlivierCoen
force-pushed
the
feat/staging-env
branch
4 times, most recently
from
f38b762 to
2fea980
Compare
OlivierCoen
force-pushed
the
feat/staging-env
branch
from
2fea980 to
3fcb004
Compare
OlivierCoen
force-pushed
the
feat/staging-env
branch
from
68bf368 to
920d4e8
Compare
OlivierCoen
force-pushed
the
feat/staging-env
branch
from
50941fd to
650cc97
Compare
backend/all4trees/settings.py
Outdated
|
|
||
| # SECURITY WARNING: keep the secret key used in production secret! | ||
| SECRET_KEY = 'django-insecure-ot7b#&pes@%&0b2w(e@b278k2x2n4y$1@t4(!@(c&zthr3k)n(' | ||
| SECRET_KEY = "django-insecure-ot7b#&pes@%&0b2w(e@b278k2x2n4y$1@t4(!@(c&zthr3k)n(" |
There was a problem hiding this comment.
I don't think we really use this key at the moment, but a good practice would be to generate a new one and put it in a .env file.
There was a problem hiding this comment.
Totally agree with you :) if it's ok for you, I'll leave it for another PR, as it's more linked to credential handling and exceeds the scope of the current PR
backend/all4trees/settings.py
Outdated
| 'django.contrib.staticfiles', | ||
| 'rest_framework', | ||
| 'rest_framework_simplejwt', | ||
| "django.contrib.admin", |
There was a problem hiding this comment.
Is it possible to change your IDE settings so that ' are not replaced by " please? :)
There was a problem hiding this comment.
Sorry about that, I did not see it changed the quotes... I set it back to normal :)
backend/Dockerfile
Outdated
| RUN pip install --no-cache-dir -r requirements.txt | ||
|
|
||
| RUN python manage.py migrate && \ | ||
| python manage.py createsuperuser --noinput --username john --email john.doe@example.com |
There was a problem hiding this comment.
The superuser credentials should not be exposed like this and put in a .env file as well.
There was a problem hiding this comment.
Yes, it was only for testing. I changed that in the current version (at least for the staging environment)
There was a problem hiding this comment.
Yes, it was only for testing. I changed that in the current version (at least for the staging environment).
Concerning the stating env, he django superuser credentials are stored in Coolify (you need an account to see them / modify them) and I wrote them in the Mattermost conversation.
Concerning the dev env, they are hardcoded in docker/compose.dev.yaml because I think we don't need security here, and it's more portable for everyone. What do you think?
OlivierCoen
force-pushed
the
feat/staging-env
branch
from
a6ee157 to
b5bd94d
Compare
OlivierCoen
force-pushed
the
feat/staging-env
branch
3 times, most recently
from
4747011 to
021b1dd
Compare
OlivierCoen
force-pushed
the
feat/staging-env
branch
from
021b1dd to
08ba67c
Compare
2 participants
Cette PR comprend la mise en place d'un env de staging afin de déployer l'application sur l'espace Coolify de D4G (il faut un compte pour y accéder, demander à Ronon si besoin).
Afin de pouvoir tester localement le déploiement de l'app, un env local a aussi été mis en place.