Overview Relaciona uses environment variables for configuration, loaded via python-dotenv from a .env file in development or set directly in production environments.
from dotenv import load_dotenv load_dotenv() # Load variables from .env file
Required Variables These variables are essential for production deployment:
SECRET_KEY Required: Yes (for production)Description: Django’s secret key used for cryptographic signing, session management, and CSRF protection.Example: SECRET_KEY = django-insecure-3 #k)x@2vn8+ $m2 ^9w ! h7@4p_q & z5*j6n8b1c9d0e2f3g4h5i
Default: 'django-insecure-default-key' (development only)Never use the default key in production! Generate a unique key using: python -c 'from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())'
Cloudinary Credentials Required: Yes (for media file uploads)Description: Credentials for Cloudinary cloud storage service where all user-uploaded files are stored.CLOUDINARY_CLOUD_NAME = your-cloud-name CLOUDINARY_API_KEY = 123456789012345 CLOUDINARY_API_SECRET = your-api-secret-key
Get Credentials
Navigate to Dashboard → Account Details to find your credentials
Configure Variables
Set all three Cloudinary environment variables
Usage in settings.py: CLOUDINARY_STORAGE = { 'CLOUD_NAME' : os.getenv( 'CLOUDINARY_CLOUD_NAME' ), 'API_KEY' : os.getenv( 'CLOUDINARY_API_KEY' ), 'API_SECRET' : os.getenv( 'CLOUDINARY_API_SECRET' ), }
Database Variables Required: Yes (for PostgreSQL connection)Description: PostgreSQL database connection parameters.DB_NAME = postgres DB_USER = your_db_user DB_PASSWORD = your_secure_password DB_HOST = your-database-host.rds.amazonaws.com DB_PORT = 5432
DB_NAME Default: postgresThe name of your PostgreSQL database.
DB_USER Default: AdsuarThe PostgreSQL username for authentication.
DB_PASSWORD Default: Adsuar16012026Change the default password immediately! Use a strong, unique password in production.
The PostgreSQL user password.
DB_HOST Default: relaciona-alumnos.cfgeq2augno3.eu-west-3.rds.amazonaws.comThe hostname or IP address of your PostgreSQL server. For local development, use localhost.
DB_PORT Default: 5432The PostgreSQL server port. The standard port is 5432.
Usage in settings.py: DATABASES = { 'default' : { 'ENGINE' : 'django.db.backends.postgresql' , 'NAME' : os.getenv( 'DB_NAME' , 'postgres' ), 'USER' : os.getenv( 'DB_USER' , 'Adsuar' ), 'PASSWORD' : os.getenv( 'DB_PASSWORD' , 'Adsuar16012026' ), 'HOST' : os.getenv( 'DB_HOST' , 'relaciona-alumnos.cfgeq2augno3.eu-west-3.rds.amazonaws.com' ), 'PORT' : os.getenv( 'DB_PORT' , '5432' ), } }
Optional Variables These variables have sensible defaults but can be customized:
DEBUG Default: FalseDescription: Controls Django’s debug mode.DEBUG = True # Development DEBUG = False # Production (default)
Never set DEBUG=True in production! This exposes sensitive system information and degrades performance.
Behavior:
True: Shows detailed error pages, automatic code reloadingFalse: Generic error pages, production optimizations
Usage in settings.py: DEBUG = os.getenv( 'DEBUG' , 'False' ) == 'True'
Some deployment platforms may require additional variables:
Render DJANGO_SETTINGS_MODULE = relaciona.settings PYTHON_VERSION = 3.11
These are configured in render.yaml and usually don’t need manual setup.
Complete .env Template Create a .env file in your project root with this template:
# Django Core SECRET_KEY = your-secret-key-here DEBUG = False # Database (PostgreSQL) DB_NAME = postgres DB_USER = your_db_user DB_PASSWORD = your_secure_password DB_HOST = localhost DB_PORT = 5432 # Cloudinary (Media Storage) CLOUDINARY_CLOUD_NAME = your-cloud-name CLOUDINARY_API_KEY = 123456789012345 CLOUDINARY_API_SECRET = your-api-secret
Never commit .env files to version control! Add .env to your .gitignore file: .env .env.local .env.*.local
Security Best Practices
Use Strong Secrets
Generate cryptographically secure random values for SECRET_KEY and passwords.
Separate Environments
Use different credentials for development, staging, and production.
Rotate Regularly
Periodically rotate sensitive credentials, especially after team changes.
Limit Access
Only grant access to environment variables to personnel who need them.
Use Secret Management
In production, consider using AWS Secrets Manager, HashiCorp Vault, or similar tools.
AWS Elastic Beanstalk Configure in the EB Console:
Navigate to Configuration → Software
Add environment properties in the Environment properties section
Click Apply
Or via EB CLI:
eb setenv SECRET_KEY="your-secret" DB_NAME="postgres" CLOUDINARY_CLOUD_NAME="your-cloud"
Vercel Add environment variables in the Vercel dashboard:
Go to Project Settings → Environment Variables
Add each variable with appropriate scope (Production, Preview, Development)
Redeploy for changes to take effect
Render Configure in Render dashboard:
Navigate to your service → Environment
Add environment variables
Click Save Changes (auto-redeploys)
Docker Pass via command line:
docker run -e SECRET_KEY="your-secret" -e DB_NAME="postgres" your-image
Or use an environment file:
docker run --env-file .env your-image
Local Development Create a .env file in the project root. The python-dotenv package automatically loads it:
# .env DEBUG = True SECRET_KEY = dev-secret-key DB_HOST = localhost # ... other variables
Verification Verify your environment variables are loaded correctly:
import os from django.core.management.utils import get_random_secret_key print ( f "DEBUG: { os.getenv( 'DEBUG' ) } " ) print ( f "DB_HOST: { os.getenv( 'DB_HOST' ) } " ) print ( f "SECRET_KEY configured: { bool (os.getenv( 'SECRET_KEY' )) } " )
Or use Django shell:
python manage.py shell >>> from django.conf import settings >>> settings.DEBUG >>> settings.DATABASES[ 'default' ][ 'HOST' ]
Next Steps
Configuration Learn about Django settings and configuration
Database Setup Set up PostgreSQL database
Cloud Deployment Deploy to production platforms