Where to store secret keys DJANGO

Question

For the life of me, I have been looking for this everywhere and have not found the answer. I hope I am not posting a duplicate.

It is advised everywhere that you should keep your secret keys in a separate file from your general settings.py. Also, that you should never commit your "secret.py" file that contains keys such as SECRET_KEY, AWS_SECRET_KEY and so on.

My question is: In your production server, you need to reference your secret keys, that means that your "secret.py" settings file, should live somewhere around the server right? If so, how do you protect your secret keys in production?

question from:https://stackoverflow.com/questions/65557394/remote-rejected-master-master-pre-receive-hook-declined-error-failed-t

Answer 1

See the Django deployment docs for a discussion on this.

There's quite a few options for production. The way I do it is by setting my sensitive data variables as environmental variables on the production environments. Then I retrieve the variables in the settings.py via os.environ like so:

import os
SECRET_KEY = os.environ['SECRET_KEY']

Another possible option is to copy in the secret.py file via your deploy script.

I'm sure there are also other specific options for different web servers.