FilesExpand file tree

 master

/

.env.example

Copy path

Blame

More file actions

Blame

More file actions

Latest commit

 

History

History

History

173 lines (152 loc) · 5.74 KB

 master

/

.env.example

Top

File metadata and controls

• Code
• Blame

173 lines (152 loc) · 5.74 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

# Django Core Settings

SECRET_KEY=your-secret-key-here-change-this-in-production

DEBUG=True

ALLOWED_HOSTS=127.0.0.1,localhost,0.0.0.0

# ===========================

# Security Settings (Production)

# ===========================

# These settings are automatically enabled when DEBUG=False

# Uncomment and customize for production deployment

# SSL/HTTPS Redirect - Redirect all HTTP traffic to HTTPS

# SECURE_SSL_REDIRECT=True

# HSTS (HTTP Strict Transport Security) - Force HTTPS for specified duration

# SECURE_HSTS_SECONDS=31536000 # 1 year (recommended for production)

# SECURE_HSTS_INCLUDE_SUBDOMAINS=True

# SECURE_HSTS_PRELOAD=True

# Note: The following are automatically set to True when DEBUG=False:

# - SESSION_COOKIE_SECURE (secure session cookies)

# - CSRF_COOKIE_SECURE (secure CSRF cookies)

# - SECURE_CONTENT_TYPE_NOSNIFF (prevent MIME sniffing)

# - SECURE_BROWSER_XSS_FILTER (XSS protection)

# - X_FRAME_OPTIONS=DENY (clickjacking protection)

# ===========================

# Database Configuration

# ===========================

# Use DATABASE_URL for database connection (optional, defaults to SQLite)

# Format: <engine>://<user>:<password>@<host>:<port>/<database>

#

# SQLite (default if DATABASE_URL not set):

# DATABASE_URL=sqlite:///db.sqlite3

#

# PostgreSQL:

# DATABASE_URL=postgresql://user:password@localhost:5432/eventhorizon

# DATABASE_URL=postgres://user:password@localhost:5432/eventhorizon

#

# MySQL/MariaDB:

# DATABASE_URL=mysql://user:password@localhost:3306/eventhorizon

#

# PostgreSQL with SSL (production):

# DATABASE_URL=postgresql://user:[email protected]:5432/dbname?sslmode=require

#

# Note: For PostgreSQL, install: uv add psycopg2-binary

# Note: For MySQL, install: uv add mysqlclient

# CORS Settings for Third-Party Developers

# Default: CORS_ALLOW_ALL_ORIGINS=True (developer-friendly platform)

# For production lockdown, set to False and specify allowed origins

CORS_ALLOW_ALL_ORIGINS=True

# CORS_ALLOWED_ORIGINS=https://app1.example.com,https://app2.example.com

# ===========================

# Email Configuration

# ===========================

# Options: console (development), smtp, sendgrid, mailgun

EMAIL_BACKEND=console

# --- SMTP Configuration (for Gmail, AWS SES, etc.) ---

# EMAIL_BACKEND=smtp

# EMAIL_HOST=smtp.gmail.com

# EMAIL_PORT=587

# EMAIL_USE_TLS=True

# EMAIL_USE_SSL=False

# [email protected]

# EMAIL_HOST_PASSWORD=your-app-password-here

# [email protected]

# [email protected]

# Gmail Setup:

# 1. Enable 2FA on your Google account

# 2. Generate App Password: https://myaccount.google.com/apppasswords

# 3. Use the 16-character app password as EMAIL_HOST_PASSWORD

# --- SendGrid Configuration ---

# EMAIL_BACKEND=sendgrid

# SENDGRID_API_KEY=SG.your-api-key-here

# [email protected]

# Note: Requires 'pip install sendgrid-django'

# --- Mailgun Configuration ---

# EMAIL_BACKEND=mailgun

# MAILGUN_API_KEY=your-mailgun-api-key

# MAILGUN_SENDER_DOMAIN=mg.yourdomain.com

# [email protected]

# Note: Requires 'pip install django-anymail'

# OAuth2/OIDC Settings

OIDC_RSA_PRIVATE_KEY=

# ===========================

# Storage Configuration

# ===========================

# Options: local (default), s3, minio

STORAGE_BACKEND=local

# --- S3-Compatible Storage (AWS S3, MinIO, DigitalOcean Spaces, Cloudflare R2) ---

# AWS_ACCESS_KEY_ID=your-access-key-here

# AWS_SECRET_ACCESS_KEY=your-secret-key-here

# AWS_STORAGE_BUCKET_NAME=eventhorizon-media

# AWS_S3_REGION_NAME=us-east-1

# AWS_S3_USE_SSL=True

# For MinIO (local development):

# STORAGE_BACKEND=minio

# AWS_ACCESS_KEY_ID=minioadmin

# AWS_SECRET_ACCESS_KEY=minioadmin

# AWS_STORAGE_BUCKET_NAME=eventhorizon

# AWS_S3_ENDPOINT_URL=http://localhost:9000

# AWS_S3_USE_SSL=False

# AWS_S3_REGION_NAME=us-east-1

# For AWS S3 (production):

# STORAGE_BACKEND=s3

# AWS_ACCESS_KEY_ID=your-aws-access-key

# AWS_SECRET_ACCESS_KEY=your-aws-secret-key

# AWS_STORAGE_BUCKET_NAME=your-bucket-name

# AWS_S3_REGION_NAME=us-east-1

# AWS_S3_USE_SSL=True

# For DigitalOcean Spaces:

# STORAGE_BACKEND=s3

# AWS_ACCESS_KEY_ID=your-spaces-key

# AWS_SECRET_ACCESS_KEY=your-spaces-secret

# AWS_STORAGE_BUCKET_NAME=your-space-name

# AWS_S3_ENDPOINT_URL=https://nyc3.digitaloceanspaces.com

# AWS_S3_REGION_NAME=us-east-1

# AWS_S3_USE_SSL=True

# For Cloudflare R2:

# STORAGE_BACKEND=s3

# AWS_ACCESS_KEY_ID=your-r2-access-key

# AWS_SECRET_ACCESS_KEY=your-r2-secret-key

# AWS_STORAGE_BUCKET_NAME=your-bucket-name

# AWS_S3_ENDPOINT_URL=https://your-account-id.r2.cloudflarestorage.com

# AWS_S3_REGION_NAME=auto

# AWS_S3_USE_SSL=True

# Optional: CDN Configuration

# AWS_S3_CUSTOM_DOMAIN=cdn.yourdomain.com

# ===========================

# Caching Configuration

# ===========================

# Optional Redis URL for caching (defaults to in-memory cache if not set)

# REDIS_URL=redis://localhost:6379/1

# For Redis with password: redis://:password@localhost:6379/1

# For Redis Sentinel: redis://mymaster/0?sentinel=failover

DJANGO_SITE_HEADER=Event Horizon

DJANGO_SITE_TITLE=Event Horizon

DJANGO_INDEX_TITLE=Event Horizon

# ===========================

# Production Deployment Notes

# ===========================

# Security:

# - Generate a strong SECRET_KEY: python -c 'from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())'

# - Set DEBUG=False in production

# - Configure ALLOWED_HOSTS with your domain(s)

#

# CORS Strategy:

# - For open platform: Keep CORS_ALLOW_ALL_ORIGINS=True (APIs are OAuth2-protected)

# - For restricted platform: Set CORS_ALLOW_ALL_ORIGINS=False and list CORS_ALLOWED_ORIGINS

#

# Email:

# - Choose EMAIL_BACKEND based on your provider

# - Update DEFAULT_FROM_EMAIL to match your domain

# - Test with: python manage.py sendtestemail [email protected]

#

# OIDC:

# - Generate RSA key pair if using OpenID Connect