website/conservancy/settings/prod.py

import json

from django.core.exceptions import ImproperlyConfigured

from .base import *

DEBUG = False
ALLOWED_HOSTS = ['www.sfconservancy.org', 'sfconservancy.org']

FORCE_CANONICAL_HOSTNAME = 'sfconservancy.org'

ADMINS = [
    ('Bradley M. Kuhn', 'sysadmin@sfconservancy.org'),
    ('Ben Sturmfels', 'sysadmin+conservancy@sturm.com.au'),
]

MANAGERS = [
    ('Bradley M. Kuhn', 'sysadmin@sfconservancy.org'),
]

DATABASES = {
    'default': {
        'NAME': '/var/lib/www/database/conservancy-website.sqlite3',
        'ENGINE': 'django.db.backends.sqlite3',
    }
}

# Apache/mod_wsgi doesn't make it straightforward to pass environment variables
# to Django (can't use the Apache config).
with open(BASE_DIR / 'secrets.json') as f:
    secrets = json.load(f)

def get_secret(secrets, setting):
    try:
        return secrets[setting]
    except KeyError:
        raise ImproperlyConfigured(f'Missing secret \'{setting}\'')

SECRET_KEY = get_secret(secrets, 'SECRET_KEY')

SESSION_COOKIE_SECURE = True