1

This is the full error

django.core.exceptions.ImproperlyConfigured: The SECRET_KEY setting must not be empty

I develop in GNU/Linux(Arch) and deploy to Windows 10. Django's internal server runserver works in both environments, but Apache throws the above error in both environments.

I have separate settings files in settings folder(package) with base.py, local.py and production.py. SECRET_KEY is set in base.py and both local.py and production.py import * from base.py. Earlier I tried an environment variable set in .bashrc like this

export MYPROJECT_SECRET_KEY="very_long_fake_key"

but simplified back to string version, but the problem persists.

I deployed to pythonanywhere PAAS service and it worked there.

Apache httpd.conf settings(as sujested by Django docs):

#mod_wsgi
LoadModule wsgi_module modules/mod_wsgi.so

WSGIScriptAlias / /home/shgr/projects/autozap/autozap/wsgi.py
WSGIPythonHome /home/shgr/.virtualenvs/autozap
WSGIPythonPath /home/shgr/projects/autozap/

<Directory /home/shgr/projects/autozap/autozap>
<Files wsgi.py>
Require all granted
</Files>
</Directory>

Alias /robots.txt /home/shgr/projects/autozap/static/robots.txt
#Alias /favicon.ico /home/shgr/projects/autozap/favicon.ico

Alias /media/ /home/shgr/projects/autozap/media/
Alias /static/ /home/shgr/projects/autozap/static/

<Directory /home/shgr/projects/autozap/static>
Require all granted
</Directory>

<Directory /home/shgr/projects/autozap/media>
Require all granted
</Directory>

#import_files
Alias /import_files /home/shgr/projects/autozap/webdata/import_files
<Directory /home/shgr/projects/autozap/webdata/import_files>
Require all granted
</Directory>

base.py

import os

# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(__file__)))
REACT_APP_DIR = os.path.join(BASE_DIR, 'frontend')

# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.11/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
#SECRET_KEY = os.environ.get("AUTOZAP_SECRET_KEY")
SECRET_KEY = "$hg@z4nus7^6!s7d-ku4ahjew_@!+&u1+*s7sq1--fake-fake"

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False

# Application definition

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'rest_framework',
    'website',
]
# 'django.middleware.csrf.CsrfViewMiddleware'
MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

ROOT_URLCONF = 'autozap.urls'

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages'
            ],
        },
    },
]

WSGI_APPLICATION = 'autozap.wsgi.application'


# Password validation
# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators

AUTH_PASSWORD_VALIDATORS = [
    {
        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
    },
]

# Internationalization
# https://docs.djangoproject.com/en/1.11/topics/i18n/

LANGUAGE_CODE = 'ru-ru'

TIME_ZONE = 'Asia/Krasnoyarsk'

USE_I18N = True

USE_L10N = True

USE_TZ = True

# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.11/howto/static-files/

STATIC_URL = '/static/'

STATIC_ROOT = 'static'

REST_FRAMEWORK = {
   'UPLOADED_FILES_USE_URL': False
}

production.py

from autozap.settings.base import *

import os

# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.11/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False

ALLOWED_HOSTS = [
    'fake.com',
    'localhost',
]

#send_mail
EMAIL_HOST = 'smtp.yandex.ru'
EMAIL_PORT = 465
EMAIL_HOST_USER = "fake@yandex.ru"
EMAIL_USE_SSL = True
EMAIL_HOST_PASSWORD = "fakefake"


# Database
# https://docs.djangoproject.com/en/1.11/ref/settings/#databases


DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': 'autozap',
        'USER': 'root',
        'PASSWORD': 'fake-fake',
        'HOST': 'localhost',
        'PORT': '3307',
        'sql_mode': 'STRICT_TRANS_TABLES',
    }
}

local.py

from autozap.settings.base import *

import os

DEBUG=True

ALLOWED_HOSTS = [
    'localhost'
]

INSTALLED_APPS += [
    'django.contrib.staticfiles'
]


DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': 'autozap',
        'USER': 'fake',
        'PASSWORD': 'fakfake',
        'HOST': 'localhost',
        'PORT': '',
        'sql_mode': 'STRICT_TRANS_TABLES',
    }
}

#send_mail
EMAIL_HOST = 'smtp.yandex.ru'
EMAIL_PORT = 465
EMAIL_HOST_USER = "fake@yandex.ru"
EMAIL_USE_SSL = True
EMAIL_HOST_PASSWORD = "fakfake"

STATICFILES_DIRS = [
    os.path.join(REACT_APP_DIR, 'build', 'static')
]

autozap/autozap/wsgi.py

import os

from django.core.wsgi import get_wsgi_application

os.environ.setdefault("DJANGO_SETTINGS_MODULE", "autozap.settings")

application = get_wsgi_application()

manage.py

#!/usr/bin/env python
import os
import sys

if __name__ == "__main__":
    os.environ.setdefault("DJANGO_SETTINGS_MODULE", "autozap.settings")
    try:
        from django.core.management import execute_from_command_line
    except ImportError:
        # The above import may fail for some other reason. Ensure that the
        # issue is really that Django is missing to avoid masking other
        # exceptions on Python 2.
        try:
            import django
        except ImportError:
            raise ImportError(
                "Couldn't import Django. Are you sure it's installed and "
                "available on your PYTHONPATH environment variable? Did you "
                "forget to activate a virtual environment?"
            )
        raise
    execute_from_command_line(sys.argv)
lava-lava
  • 989
  • 9
  • 20
  • Apache worked for some time before, but then stoped. I think I have done something don't know what. The last time it worked was before I stated playing with access control list https://wiki.archlinux.org/index.php/Access_Control_Lists#Granting_execution_permissions_for_private_files_to_a_Web_Server. – lava-lava Nov 24 '17 at 08:04

1 Answers1

1

Ok, I figured out what I was doing wrong. First of all I was exporting environment variables in ~/.bashrc 

export DJANGO_SETTINGS_MODULE=autozap.settings.local
export AUTOZAP_SECRET_KEY="$hg@z4nus7^6!s7d-ku4ahjew_@!+&u1--fakefake"

and it was wrong(it explains why it only worked with runserver) https://stackoverflow.com/a/35241699/7945930

I tried changing wsgi.py environment settings to:

os.environ.setdefault("DJANGO_SETTINGS_MODULE", "autozap.settings.local")

or

os.environ["DJANGO_SETTINGS_MODULE"] = "autozap.settings.local"

but it only worked with string version of secret key and more importantly didn't worked in runserver(apache only). The latter is the prefered way, django docs say.

But I ended up storing my secret variables in __init__.py. Thanks to this answer https://stackoverflow.com/a/15315143/7945930

Now my /autozap/autozap/settings/__init__.py script looks something like this:

from autozap.settings.local import *  # or production

##### DJANGO SECRETS
SECRET_KEY = "$hg@z4nus7^6!s7d-ku4ahjew_@!+&ufakefakefake"
DATABASES['default']['PASSWORD'] = 'soo_fake'
EMAIL_HOST_USER = "notrealatall@yandex.ru"
EMAIL_HOST_PASSWORD = "very-true-password"

wsgi.py

import os

from django.core.wsgi import get_wsgi_application

os.environ["DJANGO_SETTINGS_MODULE"] = "autozap.settings"

application = get_wsgi_application()

Now the website works in local(linux) and production(windows) environments.

P.S. Still don't get it how apache was initially working with environment variables and without the above configuration.

lava-lava
  • 989
  • 9
  • 20