Environment Variables
OpenSESA runtime behavior is controlled through environment variables, typically loaded via .env and compose service wiring.
Core Runtime Variables
| Variable | Purpose | Typical Source |
DJANGO_SECRET_KEY | maps to Django SECRET_KEY | .env |
DEBUG | debug mode | .env |
DJANGO_ALLOWED_HOSTS | host allow list | .env |
CSRF_TRUSTED_ORIGINS | CSRF trusted origins | .env |
USE_X_FORWARDED_PROTO | proxy HTTPS header behavior | .env |
Database Variables
| Variable | Purpose |
DB_HOST | database host |
DB_PORT | database port |
DB_NAME | database name |
DB_USER | database user |
DB_PASS | database password |
Async Variables
| Variable | Purpose |
CELERY_BROKER_URL | task broker endpoint |
CELERY_RESULT_BACKEND | task result endpoint |
Security Variables
| Variable | Purpose |
SECURE_SSL_REDIRECT | enforce HTTPS redirect |
SESSION_COOKIE_SECURE | secure session cookie |
CSRF_COOKIE_SECURE | secure CSRF cookie |
SECURE_HSTS_SECONDS | HSTS duration |
SECURE_HSTS_INCLUDE_SUBDOMAINS | HSTS subdomain mode |
SECURE_HSTS_PRELOAD | preload setting |
CONTENT_SECURITY_POLICY | CSP header content |
PERMISSIONS_POLICY | browser permissions policy |
Email Variables
| Variable | Purpose |
EMAIL_HOST | SMTP host |
EMAIL_PORT | SMTP port |
EMAIL_USE_TLS | TLS mode |
EMAIL_USE_SSL | SSL mode |
EMAIL_HOST_USER | SMTP user |
EMAIL_HOST_PASSWORD | SMTP password |
DEFAULT_FROM_EMAIL | sender identity |
Configuration Hygiene
- keep secrets out of version control
- isolate env sets by environment (local/test/prod)
- validate host, CSRF, and security values before each release