Code 401 Class 34 Reading Notes
Django Settings Best Practices
Managing Django Setting: Issues
Different environments: Usually you have several environments: local, dev, ci, qa, staging, production, etc. Each envirionment can have its won specific settings (for example: DEBUG = True
, which will require more verbose logging, additional apps, mocked data, etc.) You need an approach that allows you to keep all these Django setting configurations.
Django setting are a Python code.: These are often in settings.py, it gives flexibility, but also can be a curse and a blessing at the same time.
Setting Configuration: Different Approaches
settings_local.py: Basic idea of this method is to extend all environment specific settings in the settings_local.py
file, which is ignored by VCS.
Pros
- Secrets not in VCS
Cons
settings_local.py
is not in VCS, so you can lose some of your Django environment settings.- The Django settings file is a Python code, so
settings_local.py
can have some non obvious logic. - You need to have `settings_local.example(in VCS)to share the default configurations for developers.
Separate settings files for each environment
This an extension of the previous approach. Package the settings with the following structure:
settings/
├── __init__.py
├── base.py
├── ci.py
├── local.py
├── staging.py
├── production.py
└── qa.py
Pros
- All environments are in VCS.
- It’s easy to share settings between developers.
Cons
- You need to find a way to handle secret passwords and tokens.
- “Inheritance” of settings can be hard to trace and maintain.
Environment variables
Pros
- These usually are a good method to keep configuration is separated from code.
- Environment parity – you have the same code for all environments.
- No inheritance in settings, and cleaner and more consistent code.
- There is a theoretical grounding for using environment variables – 12 Factors.
Cons
- You need to handle sharing default config between developers.
Best practices
- Keep settings in environment variables.
- Write default values for productions configuration (excluding secret keys and tokens).
- Don’t hardcode sensitive settings, and don’t put them in VCS.
- Split settings into groups: Django, third-party, project.
- Follow naming conventions for custom (project) settings.
What is SSH: Understanding Encryption, Ports and Connection
SSH(Secure Shell Protocol): A remote administration protocol that allows users to access, control, and modify their remote servers over the internet.
How Does SSH Work
The SSH command consists of 3 distinct parts:
ssh {user}@{host}
The SSH key command instructs your system that you want to open an encrypted Secure Shell Connection.
{user}
; represents the acount you want to access.
{host}
: refers to computer you want to access. Can be IP or domain name.
Gaining an in-depth understanding of the underlying how SSH works can help users understand the security aspects of this technology.
Things I want to know more about
Common practices that hacker try to break these codes and how to avoid them or fortify your code better.