feat: add deployment host and domain configuration guide

2026-03-29 00:15:19 +01:00
parent d3c9281346
commit 0736bebd63
10 changed files with 151 additions and 6 deletions
--- a/backend/config/settings.py
+++ b/backend/config/settings.py
@@ -1,13 +1,32 @@
 import os
 import sys
 from pathlib import Path
+from urllib.parse import urlsplit

 BASE_DIR = Path(__file__).resolve().parent.parent

+def _split_csv_env(name: str, default: str = ''):
+    return [item.strip() for item in os.getenv(name, default).split(',') if item.strip()]
+
+def _append_unique(items, value):
+    if value and value not in items:
+        items.append(value)
+
+def _hostname_from_url(url: str) -> str:
+    try:
+        return (urlsplit(url).hostname or '').strip()
+    except ValueError:
+        return ''
+
 SECRET_KEY = os.getenv('DJANGO_SECRET_KEY', 'unsafe-dev-key')
 DEBUG = os.getenv('DJANGO_DEBUG', '0') == '1'
-ALLOWED_HOSTS = [h.strip() for h in os.getenv('DJANGO_ALLOWED_HOSTS', 'localhost,127.0.0.1').split(',') if h.strip()]
-CSRF_TRUSTED_ORIGINS = [o.strip() for o in os.getenv('DJANGO_CSRF_TRUSTED_ORIGINS', '').split(',') if o.strip()]
+APP_DOMAIN = os.getenv('APP_DOMAIN', '').strip()
+APP_BASE_URL = os.getenv('APP_BASE_URL', '').strip().rstrip('/')
+ALLOWED_HOSTS = _split_csv_env('DJANGO_ALLOWED_HOSTS', 'localhost,127.0.0.1')
+CSRF_TRUSTED_ORIGINS = _split_csv_env('DJANGO_CSRF_TRUSTED_ORIGINS', '')
+_append_unique(ALLOWED_HOSTS, APP_DOMAIN)
+_append_unique(ALLOWED_HOSTS, _hostname_from_url(APP_BASE_URL))
+_append_unique(CSRF_TRUSTED_ORIGINS, APP_BASE_URL)

 # Security hardening
 SESSION_COOKIE_HTTPONLY = True