setting up .env for dev/prod

1 files changed, 14 insertions, 5 deletions

diff --git a/fsweb/settings.py b/fsweb/settings.py
index 956d541..5f02be0 100644
--- a/fsweb/settings.py
+++ b/fsweb/settings.py
@@ -10,7 +10,9 @@ For the full list of settings and their values, see
 https://docs.djangoproject.com/en/5.1/ref/settings/
 """
 
+import os
 from pathlib import Path
+from dotenv import load_dotenv
 
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
@@ -19,13 +21,20 @@ BASE_DIR = Path(__file__).resolve().parent.parent
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/5.1/howto/deployment/checklist/
 
-# SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'django-insecure-!@6fpyap5a=3d@lcv=7hm04534j839ie!*(bz=etm4v_fh&y*b'
+env = os.getenv('DJANGO_ENV')
+if env == 'production':
+    load_dotenv('/var/www/fsweb/config/.env')
+else:
+    load_dotenv('.env')
 
-# SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
+DEBUG = os.getenv('DEBUG') == 'True'
+SECRET_KEY = os.getenv('SECRET_KEY')
+ALLOWED_HOSTS = os.getenv('ALLOWED_HOSTS', '').split(',')
 
-ALLOWED_HOSTS = []
+if not SECRET_KEY:
+    raise ValueError("SECRET_KEY is not set in the .env file")
+if env == 'production' and not ALLOWED_HOSTS:
+    raise ValueError("ALLOWED_HOSTS must be set in production")
 
 
 # Application definition