2 from djsite.settings_common import *
4 with open(os.path.join(BASE_DIR, "..", "secret_key")) as f:
5 SECRET_KEY = f.readline().strip()
9 ALLOWED_HOSTS = ['quotes.fperrin.net']
12 # https://docs.djangoproject.com/en/1.8/ref/settings/#databases
16 'ENGINE': 'django.db.backends.postgresql_psycopg2',
19 'HOST': 'www.priv.fperrin.net',
23 with open(os.path.join(BASE_DIR, "..", "pg_secret")) as f:
24 DATABASES['default']['PASSWORD'] = f.readline().strip()
26 STATIC_ROOT = os.path.normpath(os.path.join(BASE_DIR, "..", "static"))
27 STATIC_URL = "https://quotes.fperrin.net/static/"
29 ### HTTPS-related settings from https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
31 CSRF_COOKIE_SECURE = True
32 CSRF_COOKIE_HTTPONLY = True
33 SESSION_COOKIE_SECURE = True
34 SESSION_COOKIE_HTTPONLY = True
36 SECURE_HSTS_SECONDS = 60
37 SECURE_SSL_REDIRECT = True
39 SECURE_CONTENT_TYPE_NOSNIFF = True
40 SECURE_BROWSER_XSS_FILTER = True
42 X_FRAME_OPTIONS = 'DENY'
44 SILENCED_SYSTEM_CHECKS = [
45 'security.W005', # SECURE_HSTS_INCLUDE_SUBDOMAINS, not applicable