diff --git a/production_entrypoint.sh b/production_entrypoint.sh index bce7881..4676b15 100755 --- a/production_entrypoint.sh +++ b/production_entrypoint.sh @@ -1,5 +1,13 @@ #!/bin/sh +# Get ENVs from secrets +export SECRET_KEY=$(cat $SECRET_KEY_FILE) +export TG_BOT_TOKEN=$(cat $TG_BOT_TOKEN_FILE) +export EMAIL_PASSWD=$(cat $EMAIL_PASSWD_FILE) +export DB_NAME=$(cat $DB_NAME_FILE) +export DB_USER=$(cat $DB_USER_FILE) +export DB_PASSWD=$(cat $DB_PASSWD_FILE) + # Collect static files echo "Collect static files" python manage.py collectstatic --noinput diff --git a/sikweb/settings-sample-prod.py b/sikweb/settings-sample-prod.py index 8d8afe5..6920a2d 100644 --- a/sikweb/settings-sample-prod.py +++ b/sikweb/settings-sample-prod.py @@ -19,9 +19,7 @@ DEBUG = False ALLOWED_HOSTS = ["sika.sik.party"] # SECURITY WARNING: keep the secret key used in production secret! -f = open(os.getenv("DJANGO_SECRET_KEY_FILE"), "r") -SECRET_KEY = f.readline() -f.close() +SECRET_KEY = os.getenv('SECRET_KEY', '') # ReCaptcha # http://www.yaconiello.com/blog/integrating-google-recaptcha-to-django/ @@ -30,9 +28,7 @@ GOOGLE_RECAPTCHA_SECRET_KEY = "YOUR-PRIVATE-KEY" # Email settings (more settings in base.py) EMAIL_HOST_USER = 'sikviestinta@gmail.com' -f = open(os.getenv("DJANGO_EMAIL_PASSWD_FILE"), "r") -EMAIL_HOST_PASSWORD = f.readline() -f.close() +EMAIL_HOST_PASSWORD = os.getenv('EMAIL_PASSWD', '') DEFAULT_EMAIL_FROM = 'SIK Viestintä ' ENABLE_AUTOMATIC_EMAILS = True @@ -42,22 +38,12 @@ TELEGRAM_BOT_TOKEN = os.getenv('TG_BOT_TOKEN') # Database settings # Only uncomment if default settings in base.py are not ok -f = open(os.getenv("DJANGO_DB_NAME_FILE"), "r") -DB_NAME = f.readline() -f.close() -f = open(os.getenv("DJANGO_DB_USER_FILE"), "r") -DB_USER = f.readline() -f.close() -f = open(os.getenv("DJANGO_DB_PASSWORD_FILE"), "r") -DB_PASSWORD = f.readline() -f.close() - DATABASES = { 'default': { 'ENGINE': 'django.db.backends.postgresql_psycopg2', - 'NAME': DB_NAME, - 'USER': DB_USER, - 'PASSWORD': DB_PASSWORD, + 'NAME': os.getenv('DB_NAME', ''), + 'USER': os.getenv('DB_USER', ''), + 'PASSWORD': os.getenv('DB_PASSWD', ''), 'HOST': os.getenv('DB_HOST', '127.0.0.1'), 'PORT': os.getenv('DB_PORT', 5432), } diff --git a/stack-compose.yml b/stack-compose.yml index abbe45f..e84a605 100644 --- a/stack-compose.yml +++ b/stack-compose.yml @@ -25,7 +25,7 @@ services: - EMAIL_PASSWD_FILE=/run/secrets/DJANGO_EMAIL_PASSWD - DB_NAME_FILE=/run/secrets/DJANGO_DB_NAME - DB_USER_FILE=/run/secrets/DJANGO_DB_USER - - DB_PASSWORD_FILE=/run/secrets/DJANGO_DB_PASSWD + - DB_PASSWD_FILE=/run/secrets/DJANGO_DB_PASSWD - DB_HOST=db - DB_PORT=5432