All you should do is have production settings as default - all settings (like DEBUG) should be set the way you use them in production. Then you have a local setting on your development machine - that should enable DEBUG and also NEVER be stored in the repository.
Development settings should not be stored as defaults in settings.py. Med vänliga hälsningar, Andréas 2018-03-30 18:09 GMT+02:00 Phang Mulianto <[email protected]>: > I agree to set debug to false in your production configuration file. Never > debug on production setup. > > If need enable debug on, use in staging environment or with different > django configuration files. > > > > On Fri, 30 Mar 2018 23:52 PASCUAL Eric, <[email protected]> wrote: > >> You're perfectly right about the "500 Error + DEBUG" case. >> >> >> One solution is to set DEBUG to off by default, and turn it on by code in >> the setting module if detecting that the app is executing in a dev or Q&A >> environment. Depending on your context, this can be done with rules based >> on the host name or some other properties of the target systems. >> >> >> Best >> >> >> Eric >> >> ------------------------------ >> *From:* [email protected] <[email protected]> on >> behalf of Bill Torcaso <[email protected]> >> *Sent:* Friday, March 30, 2018 4:50:02 PM >> *To:* Django users >> *Subject:* Re: Decoupling Postgres database credentials in django for >> deployment. >> >> >> I have a concern about using environment variables to hold secret >> information, and an opinion about it. >> >> IF >> >> DEBUG is enabled, and there is a 500 server internal error, and the >> default 500 template is used to render the response, >> >> >> THEN >> >> *all of your secret information is shown in the browser output* >> >> >> Of course, DEBUG should never be enabled in production. But a single >> human error might make it happen. >> >> I would prefer to trust Github security and long passwords than to think >> I am infallible about setting DEBUG. >> >> Note that this is certainly what happens when I run on a Vagrant VM, and >> I think it would be the same in a Docker-like container. >> >> >> >> >> On Thursday, March 29, 2018 at 4:24:40 PM UTC-4, prince gosavi wrote: >> >> Hi, >> I have made a django project and want to deploy it on cloud. >> Before that i want to decouple all the private information. >> I want to decouple the database info too, like the username password etc. >> Any help is appreciated. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> Visit this group at https://groups.google.com/group/django-users. >> To view this discussion on the web visit https://groups.google.com/d/ >> msgid/django-users/f5a1498a-3383-4219-b10e-e3e64f164658% >> 40googlegroups.com >> <https://groups.google.com/d/msgid/django-users/f5a1498a-3383-4219-b10e-e3e64f164658%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> Visit this group at https://groups.google.com/group/django-users. >> To view this discussion on the web visit https://groups.google.com/d/ >> msgid/django-users/DB7P193MB03311541D366207EF7606 >> 9C28CA10%40DB7P193MB0331.EURP193.PROD.OUTLOOK.COM >> <https://groups.google.com/d/msgid/django-users/DB7P193MB03311541D366207EF76069C28CA10%40DB7P193MB0331.EURP193.PROD.OUTLOOK.COM?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/django-users. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/django-users/CA%2BSr5mTee6UdLUqXUnr8Pz1HNp5YTL > %2BMME3-gjp_Mc-Q2CNJNQ%40mail.gmail.com > <https://groups.google.com/d/msgid/django-users/CA%2BSr5mTee6UdLUqXUnr8Pz1HNp5YTL%2BMME3-gjp_Mc-Q2CNJNQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAK4qSCfcU1YiYTH3Ehrav_Qg_%2BCFBCmYAoDko6jTf-dpD%2BQZ5A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
