Production Environment Variables

This section covers the environment and its required setup for running the care project in production. This involves setting up the secret keys, encryption keys, PostGIS database URLs etc. The project also employs other services such as Redis for caching and Sentry for logging.

The following list contains variables you will need during the production environment.

Variable Key

Required

Description

POSTGIS_URL

Yes

This variable is the URL to your Postgres database with the PostGIS extension. To obtain this, simply replace postgres:// with postgis:// in your DATABASE_URL

DJANGO_ADMIN_URL

Yes

This variable shall be used to access your Django admin dashboard. For security purposes, it is a good idea to keep it as a short random string.

DJANGO_SECRET_KEY

Yes

A secret key used by Django for generating session cookies and other purposes. An online search will provide several methods for generating it.

FERNET_SECRET_KEY

Yes

A secret key used for encrypting patient records in the database. This can be generated in the same way as the Django secret key. A change in the fernet key will cause all data to be corrupted, please make sure this variable is always handled with care. The development version has a hardcoded fernet key to avoid issues.

DJANGO_SETTINGS_MODULE

Yes

This variable specifies which settings to use in the production environment. Set the value to config.settings.production to point it to the production settings file in the project. development builds can use config.settings.staging defaults to local settings

USE_S3

No

Set this variable to True if you want to use Amazon S3 buckets for storing your static files in production. Defaults to 'False'. The backend copies the static files on start, the Gunicorn server serving the backend does not perform well with static files so it is advised to configure S3 as a static file server.

AWS_STORAGE_BUCKET_NAME

No

This variable is used to store the bucket name to store your static files during the collectstatic step. Note that this is used only if USE_S3 is set to True.

AWS_ACCESS_KEY_ID

No

The AWS Access Key of your account used to access your S3 bucket. Note that this is used only when USE_S3 is set to True.

AWS_SECRET_ACCESS_KEY

No

The AWS Secret Key of your account used to access your S3 bucket. Note that this is used only when USE_S3 is set to True.

REDIS_URL

Yes

The URL to your Redis instance for use in caching. Redis is also used as the background job management

CELERY_BROKER_URL

Yes

The URL to your Redis instance for use in celery worker management.

SENTRY_DSN

Yes

GOOGLE_RECAPTCHA_SITE_KEY

No

The configured site key for your recaptcha. Recaptcha is used to prevent brute-force attacks while logging into care.

GOOGLE_RECAPTCHA_SECRET_KEY

No

The secret key for your recaptcha.

DJANGO_ALLOWED_HOSTS

Yes

This is used to store a JSON type array of hosts you want to allow access to your backend API. Requests with other Host fields will not be able to complete successfully. Set it to ['*'] to allow all hosts. Defaults to ['*'].

CSRF_TRUSTED_ORIGINS

Yes

Contains a JSON array of hosts that are allowed to make cross site requests to the backend API. Defaults to [].

DJANGO_SECURE_SSL_REDIRECT

No

Use this option to set whether or not you want to redirect from HTTP to HTTPS automatically. Defaults to True.

RATE_LIMIT

No

A string value of the form requests/time to be set for rate limiting. For eg., if you want to allow not more than 5 requests from a user in 10 mins, provide 5/10m as the value. Defaults to 5/10m. Ratelimiting is only enforced for the login and signup endpoint to prevent brute-forcing, after the limit every request required a captcha to be present.

MAINTENANCE_MODE

No

Set this variable to 1 to put the site/API into maintenance. Defaults to 0.

POSTGRES_DB

Yes

Your PostGIS DB name. This is used to check if the postgres db is connected before performing db migrations

POSTGRES_HOST

Yes

Your Postgres host address.

POSTGRES_USER

Yes

Your Postgres username.

POSTGRES_PASSWORD

Yes

Your POSTGRES_USER password.

POSTGRES_PORT

Yes

Your Postgres instance port number.

SNS_ACCESS_KEY

Yes

AWS SNS access key for sending SMS messages

SNS_SECRET_KEY

Yes

AWS SNS Secret key for sending SMS messages

VAPID_PUBLIC_KEY

Yes

Vapid Public key for sending Web push notifications, Defaults to publicly visible certificates

VAPID_PRIVATE_KEY

Yes

Vapid Private key for sending Web push notifications, Defaults to publicly visible certificates

FILE_UPLOAD_BUCKET

Yes

AWS S3 bucket name with no public access to store confidential patient files

FILE_UPLOAD_KEY

Yes

AWS Access key to access the File Upload Bucket

FILE_UPLOAD_SECRET

Yes

AWS Secret key to access the File Upload Bucket

EMAIL_HOST

Yes

SMTP Email Host

EMAIL_USER

Yes

SMTP Email User

EMAIL_PASSWORD

Yes

SMTP Email Password

Last updated