92 lines
4.6 KiB
Markdown
92 lines
4.6 KiB
Markdown
# Environment Variables
|
|
|
|
## Purpose
|
|
List environment variables that influence runtime behavior, taken directly from `settings.py` and related auth/Celery configuration.
|
|
|
|
## Code Locations (exact paths)
|
|
- Primary definitions and defaults: `backend/igny8_core/settings.py`
|
|
- JWT helpers: `backend/igny8_core/auth/utils.py`
|
|
|
|
## High-Level Responsibilities
|
|
- Configure secrets, debug flags, DB connections, CORS, auth, Celery, and billing providers without code changes.
|
|
|
|
## Detailed Behavior
|
|
- Core flags:
|
|
- `SECRET_KEY` (required for production)
|
|
- `DEBUG` (enables debug when set to true)
|
|
- `IGNY8_DEBUG_THROTTLE` (bypass rate limiting when true; defaults to `DEBUG`)
|
|
- `IGNY8_USE_UNIFIED_EXCEPTION_HANDLER` (controls custom DRF exception handler; enabled by default)
|
|
- `USE_SITE_BUILDER_REFACTOR` (feature flag for site builder)
|
|
- `USE_SECURE_COOKIES` (sets session/CSRF secure cookies)
|
|
- `USE_SECURE_PROXY_HEADER` (enables `SECURE_PROXY_SSL_HEADER`)
|
|
- `USE_X_FORWARDED_HOST` is disabled by default; no env provided.
|
|
- Database selection (PostgreSQL default with SQLite fallbacks):
|
|
- `DATABASE_URL` (parsed for engine/user/pass/host/port/name; supports postgres or sqlite)
|
|
- `DB_ENGINE` (forces sqlite when set to sqlite/sqlite3)
|
|
- `DJANGO_FORCE_POSTGRES` (force Postgres even in debug)
|
|
- `DB_NAME`, `DB_USER`, `DB_PASSWORD`, `DB_HOST`, `DB_PORT` (used when `DATABASE_URL` not provided)
|
|
- `USE_SQLITE` and `SQLITE_NAME` (explicit sqlite override)
|
|
- CORS/hosts:
|
|
- CORS origins are hardcoded; no env toggle beyond `DEBUG`. Trusted CSRF origins are static in settings.
|
|
- Auth/JWT:
|
|
- `JWT_SECRET_KEY` (defaults to `SECRET_KEY`)
|
|
- `JWT_ALGORITHM` (defaults to HS256)
|
|
- `JWT_ACCESS_TOKEN_EXPIRY` (timedelta in settings; default 15 minutes)
|
|
- `JWT_REFRESH_TOKEN_EXPIRY` (default 30 days)
|
|
- Celery/Redis:
|
|
- `CELERY_BROKER_URL` (defaults to `redis://{REDIS_HOST}:{REDIS_PORT}/0`)
|
|
- `CELERY_RESULT_BACKEND` (defaults to same as broker)
|
|
- `REDIS_HOST`, `REDIS_PORT` (defaults redis:6379)
|
|
- `REDIS_SENTINEL_ENABLED` (when true, adds sentinel backend options)
|
|
- `REDIS_SSL_ENABLED` (enables Redis backend SSL)
|
|
- Feature/config paths:
|
|
- `PUBLISH_SYNC_LOG_DIR` is derived; no env override.
|
|
- Payments:
|
|
- `STRIPE_PUBLIC_KEY`, `STRIPE_SECRET_KEY`, `STRIPE_WEBHOOK_SECRET`
|
|
- `PAYPAL_CLIENT_ID`, `PAYPAL_CLIENT_SECRET`, `PAYPAL_API_BASE` (defaults to sandbox base)
|
|
- Rate limiting and throttles:
|
|
- Scopes are defined in settings; toggling is via `IGNY8_DEBUG_THROTTLE`.
|
|
- Security/Cookies:
|
|
- `USE_SECURE_COOKIES`, `USE_SECURE_PROXY_HEADER` control secure cookie and proxy behavior.
|
|
|
|
## Data Structures / Models Involved (no code)
|
|
- None; variables configure runtime services used by auth, database, Celery, and billing.
|
|
|
|
## Execution Flow
|
|
- Django reads env vars at import of `settings.py`; defaults apply when unset.
|
|
- Token helpers read JWT secrets/algorithms/expiries for generation and validation.
|
|
- Celery settings are consumed by workers/beat at startup.
|
|
|
|
## Cross-Module Interactions
|
|
- Auth stack uses JWT settings and secrets.
|
|
- Account middleware uses plan validation; DB settings drive tenancy storage.
|
|
- Celery settings affect AI/automation/publishing/billing tasks.
|
|
- Stripe/PayPal keys are consumed by billing modules.
|
|
|
|
## State Transitions (if applicable)
|
|
- Changes to env vars take effect on process restart; token expiry/secret changes invalidate existing tokens accordingly.
|
|
|
|
## Error Handling
|
|
- Missing/invalid DB env falls back to defaults (SQLite in debug unless forced).
|
|
- Missing JWT secret falls back to `SECRET_KEY`; an absent secret raises errors during decode if unset.
|
|
|
|
## Tenancy Rules
|
|
- Env vars do not alter tenancy logic; they configure infrastructure supporting it.
|
|
|
|
## Billing Rules (if applicable)
|
|
- Stripe/PayPal keys must be present for payment webhooks/operations; plan enforcement itself is not env-driven.
|
|
|
|
## Background Tasks / Schedulers (if applicable)
|
|
- Celery broker/backend URLs and Redis options come from env; task timeouts and serializer are fixed in settings.
|
|
|
|
## Key Design Considerations
|
|
- Favor explicit env configuration for production (secrets, DB, Redis, Stripe/PayPal).
|
|
- Keep debug-only flags (`DEBUG`, `IGNY8_DEBUG_THROTTLE`) off in production.
|
|
- Use `DATABASE_URL` for portability; fallback logic supports sqlite for local dev.
|
|
|
|
## How Developers Should Work With This Module
|
|
- Set required secrets (`SECRET_KEY`, `JWT_SECRET_KEY`, Stripe/PayPal keys) before deploying.
|
|
- Choose DB via `DATABASE_URL` or explicit `DB_*` vars; avoid sqlite in production unless intentional.
|
|
- Configure Redis URLs for Celery in non-dev environments.
|
|
- Restart services after changing env vars to apply new configuration.
|