We use a nice configuration tool which generates a Local.py in a directory that the project can import. But it's never stored in version control (obviously).
The nice thing about that is that python will import it, and keep it in memory for the lifetime of the interpreter. On Fri, Feb 12, 2010 at 2:12 PM, Rishi Ramraj <[email protected]>wrote: > The way I've gotten around this problem in the past is writing an > installation script that generates our wsgi file and installs it in > the correct location. The configuration for the install files are > stored in ~/.installConfig, so developers can easily customize and > persist their own settings. > > Have you noticed any performance problems associated with having to > read the settings from disk on every request (that touches the > database)? > > On Feb 12, 9:50 am, Gunnlaugur Thor Briem <[email protected]> > wrote: > > On Fri, Feb 12, 2010 at 12:49 PM, Rishi Ramraj > > <[email protected]>wrote: > > > > > While not directly related to wsgi, I presume you all have this > > > problem; how do you protect sensitive configuration information like > > > database connection strings when using WSGI? The best method I've > > > found to date is to put the sensitive information in my .wsgi file. > > > Then set the file level permissions so that my web server is the only > > > user that can execute it (all other users can't read write or > > > execute). Has anyone found any (better) alternatives? > > > > I put the DB connection info in another file like .dbconn and load that > from > > the wsgi file (or Django settings.py); that way only this little file > needs > > securing, and I can check all my code into version control without > including > > the connection string. > > > > - Gulli > > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<modwsgi%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/modwsgi?hl=en. > > -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en.
