Hiding secure django settings info on webfaction

Question

I am trying to hide secure info like database password of a django application on webfaction.
But I could not find how and where to set these infos using environmental v

Answer 1

I developed a package that you can install with pip:

pip install djangosecure

And in your settings.py you could use something like:

import djangosecure

...

DATABASES = {
    'default': djangosecure.get_database('production'),
}

...

The first time you run a manage command you will be prompted for the database information.

It can be used to secure more settings, see the readme at: https://github.com/rafahsolis/djangosecure

Update: Updated: djangosecure>=0.0.4 no longer has get_database() function, it now works based on classes so the new ussage would be:

from djangosecure import DjangoDatabaseSettings
databases = DjangoDatabaseSettings(os.path.join(PROJECT_ROOT, 'databases.cnf'), 
crypto_key_file='path/to/your/cryptokey)

DATABASES = {
    'default': 'default': databases.settings('production'),
}

Answer 2

Add them to your bash_profile.

Once you SSH in run:

nano ~/.bash_profile

Then add your desired variables and save it. Example:

export DATABASE_URL=postgres://username:password@host:port/databasename

This will create an environment variable named DATABASE_URL with the contents of your string. To test, run echo $DATABASE_URL in your terminal.