From 3ee704bfb101cbb40b962da5e55b1cb13d0054b1 Mon Sep 17 00:00:00 2001 From: x11x <28614156+x11x@users.noreply.github.com> Date: Sun, 18 Feb 2018 14:20:29 +1000 Subject: [PATCH] README: elaborate on settings, provide docs links, explain 'secret.txt' Also describe how to update to latest patch-level versions. --- README.md | 36 ++++++++++++++++++++++++++++++++++-- 1 file changed, 34 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 51a3c07..571fc4d 100644 --- a/README.md +++ b/README.md @@ -17,8 +17,20 @@ source .venv/bin/activate pip install -r requirements.txt ``` -Set the django ```SECRET_KEY``` and ```ALLOWED_HOSTS``` in [the settings file](etesync_server/settings.py). -For more information on these please refer to the [django deployment checklist](https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/). +Edit the [settings file](etesync_server/settings.py). Please refer to the +[Django deployment +checklist](https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/) +for full instructions on how to configure a Django app for production. Some +particular settings that should be edited are: + * [`ALLOWED_HOSTS`](https://docs.djangoproject.com/en/1.11/ref/settings/#std:setting-ALLOWED_HOSTS) + -- this is the list of host/domain names or addresses on which the app +will be served + * [`DEBUG`](https://docs.djangoproject.com/en/1.11/ref/settings/#debug) + -- handy for debugging, set to `False` for production + * [`SECRET_KEY`](https://docs.djangoproject.com/en/1.11/ref/settings/#std:setting-SECRET_KEY) + -- an ephemeral secret used for various cryptographic signing and token +generation purposes. See below for how default configuration of +`SECRET_KEY` works for this project. Now you can initialise our django app @@ -50,6 +62,26 @@ That's it! Now all that's left is to open the EteSync app, add an account, and set your custom server address under the "advance" section. +# `SECRET_KEY` and `secret.txt` + +The default configuration creates a file “`secret.txt`” in the project’s +base directory, which is used as the value of the Django `SECRET_KEY` +setting. You can revoke this key by deleting the `secret.txt` file and the +next time the app is run, a new one will be generated. Make sure you keep +the `secret.txt` file secret (don’t accidentally commit it to version +control, exclude it from your backups, etc.). If you want to change to a +more secure system for storing secrets, edit `etesync_server/settings.py` +and implement your own method for setting `SECRET_KEY` (remove the line +where it uses the `get_secret_from_file` function). Read the Django docs +for more information about the `SECRET_KEY` and its uses. + +# Updating + +Inside the virtualenv, run `pip install -U -r requirements.txt` to update +dependencies to latest compatible versions of Django and +djangorestframework (it will only update to latest patch level which should +be API-compatible). + # Supporting EteSync Please consider registering an account even if you self-host in order to support the development of EteSync, or help by spreading the word.