studio/people
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🔒️(helmfile) generate Django secret key

Browse Source 
Generate a proper Django secret key ready for production,
using the provided get_random_secret_key() function.

Store its value in a k8s secret. I generated two values one for
dev and one for staging.

Previous values were triggering security logs.
This commit is contained in:
Lebaud Antoine
2024-03-26 23:39:32 +01:00
committed by aleb_the_flash
parent 0fe0175622
commit cbfc67f010
4 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/helm/env.d/dev/secrets.enc.yaml
View File

@@ -1,3 +1,4 @@
djangoSecretKey: ENC[AES256_GCM,data:XKgM2zd1+/bxvdUzBp3zK0XUPDPjDwsfDa6WPVUULqxZ0RcuPsKRMjBgFvE9hLd4AvY=,iv:0Uk4QXWiAW6HW/7kmx2hbwU3sEdjIsTxm3T5U0wlbws=,tag:9I+fEYxkLClZ39x1eNP7sQ==,type:str]
oidc:
clientId: ENC[AES256_GCM,data:KlkyIG8tNj6Nj3G4nIN+QGt9FPtMIkoitC8jxx5n4hHq71mF,iv:AKrdqPnBFLNxtRB1cphRKtH9ccwx7V4ApspjIQxtWmY=,tag:8Upvn77PKsJ0ktQh/orXqQ==,type:str]
clientSecret: ENC[AES256_GCM,data:O6RwyuiaXGO3afc4sRQz5nHW62Dkx2/I4jVqGgkms/fsDHpCMs0I3iTfGPUgI4uER60Yml16yc6n/7LWbqoy+A==,iv:1wJhrsNOZcgduy4N5WNuUPNX2R5fwyMJTpjV8IPm7Hc=,tag:Q42WTMFIPSdEtllHyLZwbQ==,type:str]
@@ -61,8 +62,8 @@ sops:
eEh1MmhQRFNyNE1NSDdwWk5BRCtDMFUKZByCL2Wj0X+lwUo06PHwOiaJhzqOMVVt
Rj/pvynxLV4d0RBzwpgdL9uV8VzTED4GW9wotODbhEUtdlpSS1YOGg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-03-18T22:26:38Z"
mac: ENC[AES256_GCM,data:6xfKunxhxiA2c0jQQwo0oMSD3ecBPmDEGB5Dv9NEGrVLRGbUXd96RPfodYJkFtKJpWHDBrKO4eSkaylAGtzxq29TIwSveTm4xdlz4JBe/a1OxjKwY8XzuDY/gjTNhYODp/Zot6Vg/ESkkjGSyWwPjjdfIJmtd5Bk4eb00UyMoxE=,iv:wQ2lF+RIagQjAAwDCFQF90He3m0xNWnC4CRNf0ndhRY=,tag:aWJj05jPkwbwwF/zaj/wyA==,type:str]
lastmodified: "2024-03-26T22:31:10Z"
mac: ENC[AES256_GCM,data:OujhtajsuAQrC5KNFPxqjMlHAS9tpjvvsu8LRZf8XKrMui3ZBAHO2TdF7z/sAEB9OPlPJZGZU4jMDNXZkIi1zv3mUDNJXPs0oitgIEXSYCDHcZQea093hSMd4tX1yLQM3M5GH1aFZDXfIpKT7UvLjiVv+8aXp7BLQNNilbFKV1g=,iv:1OD4SuMUSD3fcuO4QiZpjij49JHwKqDJvXOT0wyJ0zs=,tag:VW4KiInBhIpbaaAS18eNUQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

2
src/helm/env.d/dev/values.desk.yaml.gotmpl
View File

@@ -8,7 +8,7 @@ backend:
DJANGO_CSRF_TRUSTED_ORIGINS: https://desk.127.0.0.1.nip.io,http://desk.127.0.0.1.nip.io
DJANGO_CONFIGURATION: Production
DJANGO_ALLOWED_HOSTS: "*"
DJANGO_SECRET_KEY: "ThisIsAnExampleKeyForDevPurposeOnly"
DJANGO_SECRET_KEY: {{ .Values.djangoSecretKey }}
DJANGO_SETTINGS_MODULE: people.settings
DJANGO_SUPERUSER_PASSWORD: admin
DJANGO_EMAIL_HOST: "mailcatcher"