In all cases below, the .env file will exist outside of the Django project and will be referenced from the settings file. This allows you to customize and secure each environment while automating the whole build.
*Developers* Local settings will point tot he location of the .env file. This file is excluded from git via gitignore. Developers push to your repo's development branch which updates your development server after passing CI/CD 1. Developer 1 - /developer1Machine/whatever/unique path/.env 2. Developer 2 - /unique path/.env/unique path/.env *Development environment* Developer settings references its own or same .env file path location This directory and .env file permissions are secured such that only the process running the web server has access to it and admin. So you may be bale to log on to the server but won't be able to see this file and or directory if you are not allowed to or in the right security group based on your role. *Staging environment* Can be configured like development with staging desired tweaks. Testing and QA happens here prior to push to production *Production environment* Can be configured like staging. On Tuesday, December 28, 2021 at 3:41:25 PM UTC-7 Jason wrote: > an env file is basically imported into your OS environment, so you can > retrieve them with the same interface. That means you can easily include > that with your build environment, or inject in some other means. Can't do > that with settings. > > Also, lets you keep one settings file, and use `os.environ.get()` anywhere > you need to, which provides an identical interface. > > On Tuesday, December 28, 2021 at 2:58:28 PM UTC-5 bnmng wrote: > >> Hi everyone, >> >> I can't wrap my mind around why having my settings in a .env file is more >> secure than having them in a local_settings.py file, or why one of the >> various methods is better than another as long as you keep your local >> settings out of your version control. Any opinions? >> > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/6cd199e7-bd41-41e8-b4e2-30a27d0b93b5n%40googlegroups.com.
