问题描述
对于我的一生,我一直在到处寻找它,但没有找到答案。希望我不要发布重复的文件。
到处都建议您将密钥保存在与常规settings.py分开的单独文件中。另外,您永远不要提交包含诸如SECRET_KEY,AWS_SECRET_KEY等密钥的 secret.py文件。
我的问题是:在生产服务器中,您需要引用秘密密钥,这意味着您的 secret.py设置文件应位于服务器周围。对?如果是这样,您如何保护生产中的秘密密钥?
有很多可供选择的生产方式。我这样做的方法是将敏感数据变量设置为生产环境中的环境变量。然后,通过 os.environ
在 settings.py
中检索变量,如下所示:
import os
SECRET_KEY = os.environ ['SECRET_KEY']
另一个可能的选择是通过部署脚本将文件复制到 secret.py
文件中。 / p>
我确定对于不同的Web服务器,还有其他特定的选择。
For the life of me, I have been looking for this everywhere and have not found the answer. I hope I am not posting a duplicate.
It is advised everywhere that you should keep your secret keys in a separate file from your general settings.py. Also, that you should never commit your "secret.py" file that contains keys such as SECRET_KEY, AWS_SECRET_KEY and so on.
My question is: In your production server, you need to reference your secret keys, that means that your "secret.py" settings file, should live somewhere around the server right? If so, how do you protect your secret keys in production?
See the Django deployment docs for a discussion on this.
There's quite a few options for production. The way I do it is by setting my sensitive data variables as environmental variables on the production environments. Then I retrieve the variables in the settings.py
via os.environ
like so:
import os
SECRET_KEY = os.environ['SECRET_KEY']
Another possible option is to copy in the secret.py
file via your deploy script.
I'm sure there are also other specific options for different web servers.
这篇关于哪里存储密钥DJANGO的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!