What is the recommended method for deploying Django settings to a production environment?

Question

I have looked everywhere and all I could find was outdated or bits and pieces from several different sources, but none of them had a complete step of how to deploy Django to a production environment.

What I would like to see is the recommended way to deploy Django utilizing git, local and production settings.py, .gitignore specifically for Django.

How would I implement the settings to accommodate both environments and what should be added to the .gitignore file so that only necessary files are sent to the git repository?

Please note that I want to know best practices and up to date methods of using local and production settings.

Such questions arise when deploying Django apps.

1. Where should the settings be stored?
2. How can I properly implement the settings to accommodate both environments?
3. What sensitive information should be separate from the main settings?

Update 25/09/2016:

Thanks andreas for clarifying this and now I completely agree that there is no standard way of deploying Django. I went on a long research and found the most common used methods to deploy Django settings. I will share my findings with everyone who's having the same doubt.

Answering

Where should the settings be stored?

The settings are better accommodated within a settings module rather than a single settings.py file.

How can I properly implement the settings to accommodate both environments?

This is where the settings module comes in very handy because you can simply have environment independent settings and they are maintainable with git or any other version control.

What sensitive information should be separate from the main settings?

Sensitive information such as database, email, secret key and anything with authentication related information and as to how you will serve this private information secretly, I do recommend to use andreas suggestion.

You could either create a separate file at /etc/app_settings and make it very restrict or simply use environment variables from within the system.

.gitignore part

For the .gitignore part I found an awesome repo where you can get all sort of examples at https://github.com/github/gitignore.

I ended up using:

# OSX Finder turds
.DS_Store

# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class

# Distribution / packaging
.Python
env/

# PyInstaller
#  Usually these files are written by a python script from a template
#  before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec

# Installer logs
pip-log.txt
pip-delete-this-directory.txt

# Django stuff:
*.log
my_app/settings/dev.py
bower_components

Because the answer ended up being so long I've created an article explaining every step of the way at Django Settings Deployment.

Answer 1

There is not one recommended way of deploying a Django app. The official documentation provides a guide for deploying with Apache and mod_wsgi. Some other options are a PaaS like Heroku/Dokku or deployment with Docker

It's common to divide your settings in different files. You could for example divide settings in four different files:

• base file (base.py) - Common settings for all environments (every file below imports from this with from .base import *
• development file (development.py) - settings specific for development, (DEBUG = True etc...)
• production file (production.py) - settings specific for the production environment. (DEBUG = False, whitenoise configuration etc)
• testing file (testing.py)

You can control what settings file is loaded with the environment variable DJANGO_SETTINGS_MODULE

It is also common recommended practice that you store secrets like the SECRET_KEY in environment variables. SECRET_KEY = os.environ.get('SECRET_KEY', None). Or check out the django-environ package.

Check out this repo for an example setup.