> > i dont belive in adding default names to environment variables, they're up > to the user to define >
Javier, I think you missed what Florian was talking about. He was suggesting there shouldn't be default *values* for some settings. > I personally rather have no solution in Django itself before forcing a > half-baked one down everyone. Also please note that the bar to add this to > Django is very high since it can (at least for things like django-environ) > easily live outside of Django with no realy downside. I agree with this sentiment. The proliferation of libraries can be a bit confusing, but I've not yet felt one solution was "the winner". Using environment variables isn't even suitable for all situations. They make sense for managed platforms like Heroku, or single process servers. But on shared servers, they can be a security risk because other users can potentially read them from the process: https://www.diogomonica.com/2017/03/27/why-you-shouldnt-use-env-variables-for-secret-data/ . This is why Docker has a system for providing managed secrets through a filesystem mount: https://docs.docker.com/engine/swarm/secrets/ . On Fri, 26 Jun 2020 at 09:55, Javier Buzzi <buzzi.jav...@gmail.com> wrote: > Hi Florian, thank for your input, i dont belive in adding default names to > environment variables, they're up to the user to define. Nothing will be > given by default, you need the SECRET_KEY? `from_env` has no idea what that > means, its just another name, so you tell it what it will do with this such > as `from_env.str("SECRET_KEY")` or simply `from_env("SECRET_KEY")` if its a > string. But if "SECRET_KEY" is taken by some other process and you need to > add another one to be your SECRET_KEY for django and you call it "FOO" then > `FOO` would be the name you pass to `from_env` and assign it to your > SECRET_KEY = from_env('FOO'). Trying to really nail the point home: there > are NO default environment names (other than DJANGO_SETTINGS_MODULE but > that has nothing to do with this). > > - Buzzi > > -- > You received this message because you are subscribed to the Google Groups > "Django developers (Contributions to Django itself)" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-developers+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-developers/d6cf479b-4e37-411b-b999-73a5944995a3o%40googlegroups.com > <https://groups.google.com/d/msgid/django-developers/d6cf479b-4e37-411b-b999-73a5944995a3o%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- Adam -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CAMyDDM09srqq-Tm3cKJvZ1m_Q6i3wOdoHANd8d%2BjWQd-%3DeD%3DpA%40mail.gmail.com.
