We share the same configuration structure for almost every possible environment.
djangosettings into multiple files and directories
.envfiles to store secret configuration
If you have some specific components like
they could be configured in separate files.
Just create a new file in
Then add it into
django on different environments just
DJANGO_ENV environment variable.
It must have the same name as one of the files
Then, values from this file will override other settings.
If you need some specific local configuration tweaks,
you can create file
It will be loaded into your settings automatically if exists.
cp server/settings/environments/local.py.template server/settings/environments/local.py
local.py.template version for the reference.
We share the same mechanism for secret settings for all our tools.
.env files for
Initially, you will need to copy file
cp config/.env.template config/.env
When adding any new secret
django settings you will need to:
Add new key and value to
Add new key without value to
config/.env.template, add a comment on how to get this value for other users
Add new variable inside
python-decoupleto load this
envvariable like so:
MY_SECRET = config('MY_SECRET')
Secret settings in production¶
We do not store our secret settings inside our source code.
All sensible settings are stored in
which is not tracked by the version control.
So, how do we store secrets? We store them as secret environment variables
in GitLab CI.
Then we use dump-env
to dump variables from both environment and
.env file template.
Then, this file is copied inside
docker image and when
this image is built - everything is ready for production.
Here’s an example:
We add a
SECRET_DJANGO_SECRET_KEYvariable to Gitlab CI secret variables
DJANGO_SECRET_KEYand writes it to
Then it is loaded by
djangoinside the settings:
SECRET_KEY = config('DJANGO_SECRET_KEY')
However, there are different options to store secret settings:
Depending on a project we use different tools.
dump-env being the default and the simplest one.
We use different
django extensions that make your life easier.
Here’s a full list of the extensions for both development and production:
django-split-settings - organize
djangosettings into multiple files and directories. Easily override and modify settings. Use wildcards in settings file paths and mark settings files as optional
django-axes - keep track of failed login attempts in
django-csp - Content Security Policy for
django-referrer-policy - middleware implementing the Referrer-Policy
django-health-check - checks for various conditions and provides reports when anomalous behavior is detected
django-add-default-value - this django Migration Operation can be used to transfer a Fields default value to the database scheme
django-deprecate-fields - this package allows deprecating model fields and allows removing them in a backwards compatible manner
django-migration-linter - detect backward incompatible migrations for your django project
zero-downtime-migrations - apply
djangomigrations on PostgreSql without long locks on tables
Development only extensions:
django-debug-toolbar - a configurable set of panels that display various debug information about the current request/response
django-querycount - middleware that prints the number of DB queries to the runserver console
nplusone - auto-detecting the n+1 queries problem in