Skip to main content

Overview

Relaciona is built with Django 4.2 and uses a configuration system based on environment variables for flexibility across different deployment environments. All configuration is centralized in relaciona/settings.py.

Core Settings

SECRET_KEY Generation

The SECRET_KEY is critical for Django’s cryptographic signing. It’s used for session management, password hashing, and CSRF protection. 
SECRET_KEY = os.getenv('SECRET_KEY', 'django-insecure-default-key')
Never use the default key in production! Always set a unique, randomly generated SECRET_KEY via environment variable.

DEBUG Mode

DEBUG mode controls whether detailed error pages are shown and affects performance optimizations.
settings.py
DEBUG = os.getenv('DEBUG', 'False') == 'True'
1

Development

Set DEBUG=True to enable detailed error pages and automatic reloading.
2

Production

Set DEBUG=False to disable debug features and improve security. This is the default.
Running with DEBUG=True in production is a security risk. It exposes sensitive configuration and system information.

Host Configuration

ALLOWED_HOSTS

Defines which host/domain names this Django site can serve. This is a security measure to prevent HTTP Host header attacks.
settings.py
ALLOWED_HOSTS = ['*', '.elasticbeanstalk.com', '51.45.13.200', 'localhost', '127.0.0.1']

CSRF_TRUSTED_ORIGINS

Specifies trusted origins for unsafe requests (POST, PUT, DELETE) when using HTTPS.
settings.py
CSRF_TRUSTED_ORIGINS = [
    'https://*.vercel.app',
    'https://conocer-alumnos.vercel.app',
    'https://*.elasticbeanstalk.com',
    'http://51.45.13.200',
    'http://51.45.13.200:8000',
]
Add your production domains to this list to allow form submissions from those origins.

Static Files with WhiteNoise

Relaciona uses WhiteNoise to serve static files efficiently in production without requiring a separate web server.

Configuration

settings.py
MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'whitenoise.middleware.WhiteNoiseMiddleware',  # Must be after SecurityMiddleware
    # ... other middleware
]

STATIC_URL = '/static/'
STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles')
STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'

Collecting Static Files

Before deployment, collect all static files into STATIC_ROOT: 
python manage.py collectstatic --no-input
WhiteNoise automatically compresses and serves these files with optimal caching headers.

Media Files with Cloudinary

User-uploaded files (profile pictures, quiz images, etc.) are stored on Cloudinary instead of the local filesystem.

Configuration

settings.py
INSTALLED_APPS = [
    # ...
    'cloudinary',
    'cloudinary_storage',
]

CLOUDINARY_STORAGE = {
    'CLOUD_NAME': os.getenv('CLOUDINARY_CLOUD_NAME'),
    'API_KEY': os.getenv('CLOUDINARY_API_KEY'),
    'API_SECRET': os.getenv('CLOUDINARY_API_SECRET'),
}

DEFAULT_FILE_STORAGE = 'cloudinary_storage.storage.MediaCloudinaryStorage'
1

Create Cloudinary Account

Sign up at cloudinary.com for a free account.
2

Get Credentials

Find your Cloud Name, API Key, and API Secret in the Cloudinary dashboard.
3

Set Environment Variables

Configure the three required environment variables (see Environment Variables).

Security Settings

Relaciona includes SSL/TLS proxy support for deployment behind reverse proxies:
settings.py
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
SECURE_SSL_REDIRECT = False
SESSION_COOKIE_SECURE = False
CSRF_COOKIE_SECURE = False
For production deployments with proper SSL certificates, consider enabling:
SECURE_SSL_REDIRECT = True  # Redirect all HTTP to HTTPS
SESSION_COOKIE_SECURE = True  # Send session cookie only over HTTPS
CSRF_COOKIE_SECURE = True  # Send CSRF cookie only over HTTPS
SECURE_HSTS_SECONDS = 31536000  # Enable HTTP Strict Transport Security
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True

Localization

Relaciona is configured for Spanish (Spain):
settings.py
LANGUAGE_CODE = 'es-es'
TIME_ZONE = 'Europe/Madrid'
USE_I18N = True
USE_TZ = True

Database Configuration

See Database Setup for detailed PostgreSQL configuration.

Next Steps

Environment Variables

Complete list of all environment variables

Database Setup

PostgreSQL installation and configuration

Cloud Deployment

Deploy to AWS, Vercel, or Render

Build docs developers (and LLMs) love

Get started for freeTalk to us