mirror of https://github.com/snachodog/mybuddy.git
add SECURE_PROXY_SSL_HEADER env arg option
This commit is contained in:
parent
f48141e2bb
commit
81fad7d30e
11
README.md
11
README.md
|
@ -255,6 +255,7 @@ take precedence over the contents of an `.env` file.**
|
|||
- [`DB_PORT`](#db_port)
|
||||
- [`DB_USER`](#db_user)
|
||||
- [`SECRET_KEY`](#secret_key)
|
||||
- [`SECURE_PROXY_SSL_HEADER`](#secure_proxy_ssl_header)
|
||||
- [`TIME_ZONE`](#time_zone)
|
||||
- [`USE_24_HOUR_TIME_FORMAT`](#use_24_hour_time_format)
|
||||
|
||||
|
@ -372,6 +373,16 @@ be deployed and run.
|
|||
|
||||
See also [Django's documentation on the SECRET_KEY setting](https://docs.djangoproject.com/en/3.0/ref/settings/#secret-key).
|
||||
|
||||
### `SECURE_PROXY_SSL_HEADER`
|
||||
|
||||
*Default: None*
|
||||
|
||||
If Baby Buddy is behind a proxy, you may need to set this to True. This tells Baby Buddy to trust the X-Forwarded-Proto header that comes from your proxy, and any time its value is 'https', then the request is guaranteed to be secure (i.e., it originally came in via HTTPS).
|
||||
|
||||
:warning: Modifying this setting can compromise Baby Buddy’s security. Ensure you fully understand your setup before changing it.
|
||||
|
||||
See also [Django's documentation on the SECURE_PROXY_SSL_HEADER setting](https://docs.djangoproject.com/en/3.0/ref/settings/#secure-proxy-ssl-header).
|
||||
|
||||
### `TIME_ZONE`
|
||||
|
||||
*Default: UTC*
|
||||
|
|
|
@ -290,3 +290,9 @@ BABY_BUDDY = {
|
|||
'NAP_START_MAX': os.environ.get('NAP_START_MAX') or '18:00',
|
||||
'ALLOW_UPLOADS': os.environ.get('ALLOW_UPLOADS') or True
|
||||
}
|
||||
|
||||
# Set SECURE_PROXY_SSL_HEADER
|
||||
# See https://docs.djangoproject.com/en/3.2/ref/settings/#secure-proxy-ssl-header for why and when to set this
|
||||
|
||||
if os.environ.get('SECURE_PROXY_SSL_HEADER'):
|
||||
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
||||
|
|
Loading…
Reference in New Issue