========================
Environment variables
========================
Viewing values
===============
Some of the variables are exposed in :url:`Region Dashboard ` in Django admin of the given environment or region.
This list is intentionally short to avoid the risk of exposing any sensitive data.
The whitelist of variables can be updated in :class:`~admin_dashboards.region_dashboards.EnvironmentVariableTable`.
Listing all set values is only possible with shell access to the environment (e.g. docker container) by running :command:`env` command.
.. _setting env vars:
Setting variables
==================
Environment variables can be set by any of the following methods:
* create :file:`.env` file in the project's root directory.
* If using :program:`docker-compose` you can simply add the variable to :file:`docker-compose.yaml`
.. important:: If you're changing the variable for testing, do not commit this change
* create global variable using :program:`export`, for example:
.. code-block:: bash
export LANGUAGE_CODE=es
* prepend variable name to ``runserver`` command:
.. code-block:: bash
LANGUAGE_CODE=es python manage.py runserver
* in kubernetes deployment, shared variables are stored in :file:`kubernetes/setup/config.yaml` and individual pods/deployment can have their own set of `variables `_.
.. seealso:: For web server configuration, visit :ref:`WSGI Environment variables`.
.. _global environment variables:
Global variables
======================
.. envvar:: USE_STATIC_JS_CATALOG
Whether to use pre-compiled JS translations stored in static files. This enables the optimization implemented in :task:`32241`.
The files are generated with ``generate_static_js_translations`` command.
If set to disabled, or translation file is missing,
the request will still be directored to the Django's :class:`~django.views.i18n.JavaScriptCatalog` view.
This is slower than serving it as a static file.
:defalut: ``True``
.. envvar:: BULK_DELETE_CHUNK_SIZE
Number of objects to delete at a time when deleting large number of objects from database.
This setting sets the default ``chunk_size`` value for :func:`~utils.query.bulk_delete`.
:default: ``1000``
.. envvar:: DEFAULT_ITERATOR_CHUNK_SIZE
Number of objects to iterate at a time when evaluating objects from a queryset using .iterator() method.
:default: ``500``
.. envvar:: DEFAULT_PAGE_SIZE
Default number of items per page in paginated list views
:default: `50`
.. envvar:: CONFIG_ERROR_REPORT_EMAIL
E-mail address where :exc:`~client_management.exceptions.ConfigurationError` errors will be reported to
if object was not edited by staff members.
.. envvar:: CONFIG_ERROR_REPORT_RATE_LIMIT_HOURS
Rate-limits how often (in hours) the error will be reported to avoid spam for config errors that occur frequently.
The error reports are triggered every time they occur, but if this value is set to non-zero,
further e-mails will be suppressed for the same error message.
:default: 24
.. envvar:: RERAISE_EXCEPTIONS
Whether exceptions should be re-raised instead of being caught and turned into user-friendly error messages.
Enable this option for debugging if you need to get more detailed stack trace.
:Default: ``False``
.. envvar:: SHOW_JS_ERRORS
Whether to show an alert message whenever js errors are encountered.
Use this in development / testing to bring attention to errors in console.
:Default: ``False``
.. envvar:: DISABLE_DEBUG_TOOLBAR
Whether to disable Django Debug Toolbar.
The toolbar is only shown when running in debug mode. But if it's not desired even then, this setting can disable it.
:default: ``False``
.. envvar:: DEBUG_TOOLBAR_SHOW_COLLAPSED
Whether the toolbar will be collapsed by default.
:default: ``True``
.. envvar:: DEBUG_TOOLBAR_UPDATE_ON_FETCH
This controls whether the toolbar should update to the latest AJAX request when it occurs. This is especially useful when using htmx boosting or similar JavaScript techniques.
:default: ``False``
.. envvar:: DEBUG_TOOLBAR_STORE_CLASS
The path to the class to be used for storing the toolbar’s data per request.
Available store classes:
| ``debug_toolbar.store.MemoryStore`` - Stores data in memory
| ``debug_toolbar.store.DatabaseStore`` - Stores data in the database
The ``DatabaseStore`` provides persistence and automatically cleans up old entries based on the ``RESULTS_CACHE_SIZE`` setting.
:default: debug_toolbar.store.MemoryStore
.. envvar:: VALIDATE_PERMISSIONS
Whether calls to ``has_perm`` should validate that permission string is correct.
.. note::
This option can slow down the page load times so it is always disabled in production.
:Default: ``True`` (in development)
.. envvar:: POSTGRES_HOST
Database (Postgres) server address
:Default: ``"localhost"``
.. envvar:: POSTGRES_PORT
Database (Postgres) port
:Default: ``5432``
.. envvar:: POSTGRES_DB
Database name
:Default: ``"megforms"``
.. envvar:: POSTGRES_USER
Database username
:Default: ``"megforms"``
.. envvar:: POSTGRES_PASSWORD
Database password
:Default: ``"password"``
.. envvar:: TEST_DB_NAME
Database name for testing. Analogue to :envvar:`POSTGRES_DB` but used only when running tests.
:Default: ``"test_megforms"``
.. envvar:: TEST_DB_MIGRATE
Whether tests should use migrations.
When enabled, database will be set-up using migrations (including any data migrations) which take longer but result in a more throrough test.
When disabled, the test database is setup by creating tables directly from models which is much faster.
:Default: ``False``
.. envvar:: POSTGRES_SSL_MODE
Sets Postress connection `SSL mode `_. Should be set to ``require`` or higher when in production.
:Default: ``"prefer"``
.. envvar:: POSTGRES_DISABLE_SERVER_SIDE_CURSORS
Disables server-side cursors
.. seealso:: See `DISABLE_SERVER_SIDE_CURSORS ` in django docs
:default: ``False``
.. envvar:: READ_FROM_PRIMARY
When using database replicas, defines whether primary should be used for reads alongside replicas.
:Default: ``True``
.. envvar:: REPLICA_DATABASE_HOST
Define one or many replica hostnames (analogous to :envvar:`POSTGRES_HOST`) if using Postgres replication.
Can be a single hostname, or a comma-separated list of hostnames.
It is assumed that each replica's port is the same as :envvar:`POSTGRES_PORT`.
.. envvar:: CONN_MAX_AGE
Lifetime of a database connection in second. A Django setting. Set to ``0`` to establish a new connection for each web request
or ``None`` to keep connections open indefinitely.
https://docs.djangoproject.com/en/3.2/ref/settings/#conn-max-age
:default: ``60 * 5`` (5 min)
.. envvar:: POSTGRES_CONNECT_TIMEOUT
Maximum time to wait while connecting, in seconds (write as a decimal integer, e.g., 10). Zero, negative, or not specified means wait indefinitely. The minimum allowed timeout is 2 seconds, therefore a value of 1 is interpreted as 2.
:default: 20
.. envvar:: POSTGRES_KEEPALIVES
Controls whether client-side TCP keepalives are used. The default value is 1, meaning on.
:default:
.. envvar:: POSTGRES_KEEPALIVES_IDLE
Controls the number of seconds of inactivity after which TCP should send a keepalive message to the server.
:default: 30
.. envvar:: POSTGRES_KEEPALIVES_INTERVAL
Controls the number of seconds after which a TCP keepalive message that is not acknowledged by the server should be retransmitted.
:default: 5
.. envvar:: POSTGRES_KEEPALIVES_COUNT
Controls the number of TCP keepalives that can be lost before the client’s connection to the server is considered dead.
:default: 5
.. envvar:: TIME_ZONE
Name of the server's timezone. This is used as the default timezone for all newly created :term:`institutions` or :term:`users `.
:Default: ``"Europe/Dublin"``
.. envvar:: LANGUAGE_CODE
Server's default language This is used as the default language for all newly created :term:`institutions`
or :term:`users ` and as a fallback language for users who are not logged in.
:Default: ``"en-ie"``
.. envvar:: SITE_ID
Primary key of the main `site `_ object. Typically there's only one site and has id `1`.
:Default: ``1``
.. envvar:: SITE_DOMAIN
Domain name to populate the ``Site`` object with when resetting the database. The default value is suitable for development,
but for staging and other hosting environments it needs to be updated with actual domain name (e.g. staging-alpha.azure.megsupporttools.com)
for correct functioning of the site.
:Default: localhost:8000
.. envvar:: REGION_NAME
Label or name of the region where the site is deployed to
.. envvar:: REGION_LOGIN_FALLBACK
Whether to query downstream regions for username
if user tries to login with an account not registered locally
and not linked with any region.
This is a legacy feature and is disabled by default.
:Default: ``False``
.. envvar:: MAINTENANCE_MODE
Enable maintenance mode to make it temporarily inaccessible to users.
:Default: ``False``
.. envvar:: DRAFT_SUBMIT_POLLING_FREQUENCY_SECONDS
When submitting :term:`document draft`, determines how often front-end should
refresh to check if document has been rendered (in seconds).
:default: ``3``
.. envvar:: DRAFT_UPDATE_REVIEW
When document is in review, and changes are made to the :term:`draft`,
enabling this will trigger the review version to be updated with latest contents.
.. seealso:: :envvar:`DRAFT_REVISION_UPDATE_DELAY_SECONDS`
:default: ``True``
.. envvar:: DRAFT_REVISION_UPDATE_DELAY_SECONDS
Delay since saving :term:`draft` version of a document, until the active :term:`document version` in review is updated.
The delay serves to limit the rate at which pdf documents are created and version is updated.
If a document is saved again within this delay window, the timer is re-started until such time that the user has not made any changes within given period.
.. note:: This has an effect only when :envvar:`DRAFT_UPDATE_REVIEW` is set.
:default: ``2 * 60`` (2 minutes)
.. envvar:: REDIS_DB_MUTEX
Selects which Redis database will be used for :ref:`Mutex` functionality.
:default: ``2``
.. envvar:: DRAFT_EDIT_LOCK_TIMEOUT_MINUTES
When user locks document for editing, how long the lock should persist without being renewed
before being automatically released.
This setting configures the feature implemented in :task:`30777`.
Setting this to 0 will disable the feature (documents will not lock for editing)
:default: ``2``
.. envvar:: DRAFT_MAX_IMAGE_SIZE
Maximum image size (bytes) allows to attach to a document while editing
:default: ``1_000_000``
.. envvar:: DRAFT_DISABLE_ATTACHMENTS
Whether to disable ability to attach images to documents
:default: False
.. envvar:: ENABLE_CKEDITOR_REVIEW
Whether to show document editor in review page to leave comments
and make suggestions within the document itself while in review
A feature flag for :task:`30690`
:default: ``True``
.. envvar:: TWILIO_ENABLED
Enable Twilio Text Messages and Calls
:Default: ``True``
.. envvar:: TWILIO_ACCOUNT_SID
Account id for Twilio (text messages)
.. envvar:: TWILIO_AUTH_TOKEN
Authentication token for Twilio
.. envvar:: TWILIO_CALLER_ID
Twilio caller id
.. envvar:: CKEDITOR_PREMIUM_TOKEN
API key token for use with CKEditor 5 premium.
Presence of this token enables CKEditor 5 editor.
If the value is not set, a default open-source editor is used (e.g. Summernote)
A development token should be bundled with the project.
.. envvar:: CKEDITOR_ENABLE_REVISION_HISTORY
Whether to enable RevisionHistory plugin in CKEditor added in :task:`29912`.
:default: ``True``
.. envvar:: CKEDITOR_ENABLE_COMMENT_MENTIONS
Whether to enable "@mentions" within CKEditor comments.
:default: ``True``
.. envvar:: CKEDITOR_ORGANISATION_ID
Organisation ID for CKEditor Rest API
.. envvar:: CKEDITOR_ENVIRONMENT_ID
Environment ID for CKEditor Rest API
:default:``97ar7FUZZretJHSGO-Ha``
.. envvar:: CKEDITOR_CLOUD_URL
Cloud URL for CKEditor Rest API
:default: ``https://docx-converter.cke-cs.com/v2/convert/docx-html``
.. envvar:: CKEDITOR_API_BASE_URL
Base Url for CKEditor Rest API
:default: ``https://120971.cke-cs.com/api/v5/97ar7FUZZretJHSGO-Ha``
.. envvar:: CKEDITOR_ACCESS_KEY
Access Key for CKEditor Rest API
.. envvar:: CKEDITOR_AUTOSAVE_DELAY
How long to wait (in ms) before automatically saving changes entered into the CKEditor.
If user keeps typing or making changes within that time, the editor will wait,
and only auto-save if user hasn't entered any changes.
Set this value to ``0`` to disable autosave.
.. seealso::
* :task:`29983`
* `CKEditor AutosaveConfig documentation `_
:default: ``3_000`` (3 seconds)
.. envvar:: SERVER_EMAIL
Address to send any crash reports to
:default: ``'support@megit.com'``
.. envvar:: SUPPORT_EMAIL
Defines e-mail address for support team.
:default: ``'support@megit.com'``
.. envvar:: DEFAULT_FROM_EMAIL
E-mail address used as "from" when sending any e-mails from the system
:default: ``"MEG "``
.. envvar:: NO_REPLY_EMAIL
No reply e-mail address used as "from" when sending e-mails from the system
:default: ``"MEG "``
.. envvar:: INBOUND_MAIL_DOMAIN
The domain name configured to receive inbound mail for this server.
The value should be a domain name without preceding "@" or "https".
For example: "eu.megit.com"
If set, this value is used to:
* validate :class:`~emails.models.ObservationEmailConfig` configuration
* default value placeholder for "Sender e-mail address" field.
* Create a test :class:`~emails.models.ObservationEmailConfig` configuration
for test sites
.. envvar:: MAIL_DOMAIN_VALIDATION
Whether to validate :class:`~emails.models.ObservationEmailConfig` sender address domain's :term:`SPF` and MX records.
When enabled, the model validation looks up DNS records to verify that the domain is pointed at Sendgrid,
and it's :term:`SPF` record is set-up to allow SendGrid to send e-mails from that domain.
.. note:: This validation does not check :term:`DKIM` record, so even if address passes validation,
it is not guaranteed that e-mails will come through unless DKIM is also configured correctly.
:default: ``True``
.. envvar:: ADMIN_EMAIL
If sending crash reports via e-mail, this address will receive them.
:default: ``None``
.. envvar:: HPSC_EMAIL
E-mail address used for :term:`HPSC` submissions
:Default: 'microb@hpsc.ie'
.. envvar:: NOTIFY_SUPPORT_ABOUT_FAILED_SUBMISSIONS
Whether invalid form submissions should trigger an e-mail to support address defined in :envvar:`SUPPORT_EMAIL`.
:default: ``True``
.. envvar:: DATA_UPLOAD_MAX_MEMORY_SIZE
Maximum size of data (bytes) allowed to be POSTed to the server.
As per :task:`21772`, this value needs to be high enough to accommodate submission of large audits.
:default: ``100 * 1024 * 1024``
.. envvar:: CACHE_TEMPLATES
Whether to enable template caching in development.
Django caches templates by default in production. This settings enables caching in development as well.
:default: ``False``
.. envvar:: FULL_ACTION_AUDIT
Whether view actions should be logged alongside create/update/delete actions.
:default: ``True``
.. envvar:: DEALER_TAG
Passes version number to the system so that it can be displayed at the bottom of the page and used for error reporting.
:default: ``'-'``
.. envvar:: GENERATE_CHANGELOG
Whether to generate changelog when changelog page is accessed (requires GitPython module)
:default: ``False``
.. envvar:: EMAIL_BACKEND
E-mail backend to use. SendGrid backend is used in production by default,
while in development e-mails are printed out to console (``'django.core.mail.backends.console.EmailBackend'``).
Use this setting to override the used backend.
Possible Backends:
1. ``'sendgrid_backend.SendgridBackend'``
2. ``'django.core.mail.backends.smtp.EmailBackend'``
3. ``'django.core.mail.backends.console.EmailBackend'``
:default: ``'sendgrid_backend.SendgridBackend'``
.. envvar:: SENDGRID_API_KEY
API key for SendGrid. Used only when :envvar:`EMAIL_BACKEND` is set to Sendgrid.
.. envvar:: EMAIL_HOST
The host to use for sending email. This settings is used in conjunction with :envvar:`EMAIL_HOST_USER` , :envvar:`EMAIL_PORT` and
other keys to send email via ``'django.core.mail.backends.smtp.EmailBackend'`` backend.
:default: ``''`` (empty string)
.. envvar:: EMAIL_PORT
Port to use for the SMTP server defined in :envvar:`EMAIL_HOST`.
:default: ``25``
.. envvar:: EMAIL_HOST_USER
Username to use for the SMTP server defined in :envvar:`EMAIL_HOST`. If empty, Django won’t attempt authentication.
:default: ``''`` (empty string)
.. envvar:: EMAIL_HOST_PASSWORD
Password to use for the SMTP server defined in :envvar:`EMAIL_HOST`. This setting is used in conjunction with :envvar:`EMAIL_HOST_USER`
when authenticating to the SMTP server. If either of these settings is empty, Django won’t attempt authentication.
:default: ``''`` (empty string)
.. envvar:: EMAIL_USE_TLS
Whether to use a TLS (secure) connection when talking to the SMTP server. This is used for explicit TLS connections,
generally on port 587. If you are experiencing hanging connections, see the implicit TLS setting :envvar:`EMAIL_USE_SSL`.
:default: ``False``
.. envvar:: EMAIL_USE_SSL
Whether to use an implicit TLS (secure) connection when talking to the SMTP server.
In most email documentation this type of TLS connection is referred to as SSL. It is generally used on port 465.
If you are experiencing problems, see the explicit TLS setting :envvar:`EMAIL_USE_TLS`.
:default: ``False``
.. envvar:: EMAIL_TIMEOUT
Specifies a timeout in seconds for blocking operations like the connection attempt.
:default: ``None``
.. envvar:: GOOGLE_ANALYTICS_ENABLED
Enable Google Analytics
:default: ``True``
.. envvar:: GOOGLE_ANALYTICS_PROPERTY_ID
Property ID used for Google analytics
.. envvar:: GOOGLE_ANALYTICS_SITE_SPEED
Whether Google Analytics should track site speed
:default: ``True``
.. envvar:: GOOGLE_ANALYTICS_SITE_SPEED_SAMPLE_RATE
Sampling rate of site speed analytics
:default: ``10``
.. envvar:: GOOGLE_ANALYTICS_ANONYMIZE_IP
Sampling rate of site speed analytics
:default: ``True``
.. envvar:: GOOGLE_ANALYTICS_TRACKING_STYLE
Sampling rate of site speed analytics
.. envvar:: API_LIMIT_PER_PAGE
Default page size for paginated API feeds.
Can be overridden in most API views by the user by passing ``limit`` parameter up to the value defined in :envvar:`API_MAX_LIMIT_PER_PAGE`.
:default: ``100``
.. envvar:: API_MAX_LIMIT_PER_PAGE
Hard limit for :envvar:`API_LIMIT_PER_PAGE`.
Setting this to ``None`` removes the limit.
:default: ``1000``
.. envvar:: TABLE_WIDGET_SIZE_LIMIT
Hard limit for number of items in table widgets when in full or collapsed view.
If number of the items in the widget exceeds it, the table is truncated up to this many rows and a warning message is appended at the bottom.
The count of items will still report the actual number of items even if it's higher than the limit.
Set this value to ``0`` to disable the limit.
:default: ``500``
.. envvar:: INFINITE_SCROLL_PAGE_SIZE
Number of rows to load per page when using infinite scrolling in answer table widget.
:default: ``100``
.. envvar:: TRIAL_ERROR_ON_DAY
For trial :term:`institution` users, defines at which day before the end of trial, the user will receive "error" message
that trial is about to expire.
:default: ``1``
.. envvar:: TRIAL_WARNING_ON_DAY
For trial :term:`institution` users, defines at which day before the end of trial, the user will receive "warning" message
that trial is about to expire.
:default: ``7``
.. envvar:: CACHE_DURATION
Default cache timeout
:default: ``60 * 5``
.. envvar:: CHANGELOG_VERSION_CACHE
How long to cache changelist for each version on changelog page.
Changelist uses the default cache backend, and when expired, fetches task information from redmine api.
:default: ``60 * 60 * 8``
.. envvar:: MAX_CACHE_ENTRIES
Maximum items to store in default cache
:default: ``1_000_000``
.. envvar:: MAX_MEMCACHE_ENTRIES
Maximum items to store in local memory cache
:default: ``100_000``
.. envvar:: FILTER_CACHE_TIMEOUT
How long to store filter form cache in back-end.
The cache allows the user to to access dasboard with pre-set filters from url.
Expiring cache means that the filter form does not load stored filters and resets to default.
Set to ``None`` to disable expiration, or a number of seconds to expire after given time.
:default: ``60 * 60 * 24 * 7`` (7 days)
.. envvar:: REDIS_HOST
Server address for `Redis `_ .
When set, the system will use redis as default cache backend.
.. envvar:: REDIS_PORT_NUMBER
Port number for redis server defined in :envvar:`REDIS_HOST`.
:default: ``6379``
.. envvar:: REDIS_CONNECTION_POOL_MAX_CONNECTIONS
Size of redis connection pool
:default: ``50``
.. envvar:: REDIS_CONNECTION_POOL_TIMEOUT
How long to keep connections in the redis connection pool open
:default: ``20``
.. envvar:: REDIS_IGNORE_EXCEPTIONS
Whether redis errors should raise to the top or be ignored.
:default: ``True``
.. envvar:: REDIS_SOCKET_CONNECT_TIMEOUT
How long to wait for redis to accept connection and respond.
https://django-redis-cache.readthedocs.io/en/latest/advanced_configuration.html#socket-timeout-and-socket-create-timeout
:default: ``5``
.. envvar:: REDIS_PASSWORD
Password for the redis server defined in :envvar:`REDIS_HOST`.
.. envvar:: CELERY_TASK_ALWAYS_EAGER
Whether celery tasks should run synchronously.
Disable this when you have a messaging queue and celery worker setup.
:default: ``True``
.. envvar:: CELERY_RESULT_EXPIRES
.. envvar:: COMPLETED_TASK_RETENTION_DAYS
Number of days to retain completed once-off periodic tasks in the system before they are automatically removed.
Tasks that have been completed and disabled for longer than this period will be deleted during maintenance
operations, along with any orphaned clocked schedules.
Setting this value to 0 will disable the cleanup process entirely.
This setting is used by the ``cleanup_completed_periodic_tasks`` Celery task.
:default: ``90`` (90 days)
.. envvar:: CELERY_LOG_LEVEL
Sets the default log level for celery.
If changing it you will also need to change the handler log level to ensure that the messages aren't filtered by the handler.
You can change the log file level by updating :envvar:`LOGFILE_LOG_LEVEL` or the console by updating :envvar:`CONSOLE_LOG_LEVEL`
:default: ``INFO``
.. envvar:: ONBOARDING_FOLLOWUP_DELAY
Delay since onboarding e-mail until the follow-up onboarding e-mail.
Typically 14 days after registration; The e-mail is only sent if the user has not logged in to the system.
.. envvar:: ASYNC_EMAILS
whether e-mails should send via celery, or synchronously.
:default: ``True``
.. envvar:: CONVERT_AUDIO_TO_MP3
Whether to convert any audio notes to mp3 as soon as they're uploaded
.. envvar:: SAML_ENTITY_ID
Global entity ID for SAML authentication. This is typically the web domain.
.. warning::
Changing this value in production will break SAML authentication for all users.
:default: ``'https://audits.megsupporttools.com/'``
.. envvar:: ONELOGIN_STRICT
:default: ``True``
.. envvar:: ONELOGIN_DEBUG
:default: ``False``
.. envvar:: SPEECH_TO_TEXT_KEY
API key for `speech recognition Azure API `_
.. envvar:: SPEECH_TO_TEXT_REGION
Azure region for speech to text functionality
:default: ``'westeurope'``
.. envvar:: PASSWORD_HISTORY_COUNT
The number of historic passwords to check against when validating password uniqueness. 0 for unlimited. 1 for current only.
:default: ``5``
.. envvar:: PASSWORD_RESET_TIMEOUT
Life of a token used for password reset requests
:default: ``3 * 24 * 60 * 60``
.. envvar:: RECAPTCHA_SITE_KEY_PUBLIC_WEB
Public key used for :term:`reCAPTCHA`
.. envvar:: RECAPTCHA_SITE_KEY_PRIVATE_WEB
Private key used for :term:`reCAPTCHA`
.. envvar:: RECAPTCHA_COOKIE_MAX_AGE
Max age for cookie used for :term:`reCAPTCHA`
:default: ``3600``
.. envvar:: COUNTRIES_ONLY
Limit the country selection dropdown in :term:`institution` to a subset of countries.
This can be a single country code, or a comma-separated list of country codes.
All countries are defined in ``Lib/site-packages/django_countries/data.py:COUNTRIES``.
.. envvar:: COUNTRIES_EXCLUDE
Exclude countries from Country dropdown in :term:`institution`.
.. envvar:: MESSAGING_PROTECTED
Determines if user messages will be hidden from django admin.
:default: ``True``
.. envvar:: URBANAIRSHIP_APP_KEY
`Urbanairship `_ API token.
.. envvar:: URBANAIRSHIP_MASTER_SECRET
Secret key used to send push messages
.. envvar:: URBANAIRSHIP_LOCATION
:default: ``'us'``
.. envvar:: MAX_SUBMISSION_LOG_DAYS
How long to keep audit submission logs after successful submission (in days).
Old submission log entries will be removed
:default: ``30 * 6`` (~6 months)
.. envvar:: ENABLE_ANALYTICS
Whether internal analytics should be enabled.
:default: ``True``
.. envvar:: ANALYTICS_AGGREGATE
Whether Analytics entries should be aggregated/merged after time to save space
:default: ``True``
.. envvar:: AUDIT_APP_URL
Client app url. This setting decides where "Launch App" button leads to.
:default: ``'https://audit.app.megsupporttools.com/'``
.. envvar:: NUM_TEST_GROUPS
:default: ``1``
Divides unit tests into equal groups. When running tests, only one of the groups is ran, the one designated by :envvar:`TEST_GROUP`.
Use this setting to run tests in parallel, by starting each process with the same :envvar:`NUM_TEST_GROUPS`, and assign :envvar:`TEST_GROUP` from 1 up to including the selected number of groups/processes.
.. list-table:: Example setup for parallel test run
:header-rows: 1
* - Process
- :envvar:`NUM_TEST_GROUPS`
- :envvar:`TEST_GROUP`
* - Process 1
- 3
- 1
* - Process 2
- 3
- 2
* - Process 3
- 3
- 3
.. warning::
It is important that for all tests to be accounted for and run, the number of groups is the same for each process,
and each test group is assigned a process. Other than that, it does not matter if the proceses run in different
machines or at different times.
Running tests with inconsistent number of groups can lead to some tests running more than once and some not running at all.
.. envvar:: TEST_GROUP
:default: ``1``
Designates which group of tests to run. By default there is only one group, but when :envvar:`NUM_TEST_GROUPS` is set to a higher number,
this variable controls which group is executed by the current process. The value should be in range of 1 up to :envvar:`NUM_TEST_GROUPS` (inclusive).
.. envvar:: GITLAB_TEST_FORMATTING
Whether to format test results in a way that can be parsed by GitLab.
This adds special formatting to collapse sections of the output when rendered in GitLab.
:default: ``False``
.. envvar:: REDMINE_KEY
API key for redmine; used to fetch task descriptions for changelog by ``deploy_changelog`` management command.
It may also be used other places, like the changelog page :url:`/changelog/`.
.. envvar:: REDMINE_URL
Base url for redmine, must end with a ``/``.
This base url is used within the project and its documentation to generate links the job tracker,
:default: https://redmine.megit.com/
.. envvar:: DEPLOYMENT_SLACK_WEBHOOK
webhook address for Slack to trigger slack message with changelog in ``deploy_changelog`` command.
.. envvar:: DEPLOYMENT_SLACK_CHANNEL
Slack channel to send changelogs to. Used by ``deploy_changelog`` command.
.. envvar:: LOADDATA_NUM_SESSIONS
Number of :term:`sessions ` to create when generating dummy data
:default: ``10``
.. envvar:: LOADDATA_NUM_OBSERVATIONS
Number of :term:`observations ` to create when generating dummy data
:default: ``15``
.. envvar:: TEST_ADMIN_EMAIL
E-mail address for the :term:`superuser` when setting up database.
:default: ``'support@megit.com'``
.. envvar:: TEST_ADMIN_USERNAME
Username for the :term:`superuser` when setting up database.
:default: ``'admin'``
.. envvar:: TEST_PASSWORD
Password for the :term:`superuser` account when setting up database.
:default: ``'password'``
.. envvar:: IS_DOWNSTREAM
:default: ``False``
When setting up the database, sets up current environment as an upstream or downstream :term:`region`.
.. envvar:: INSIGHTS_ENABLE_LIVE_METRICS
Whether to send `Live Metrics `_ to Azure Insights
:default: ``False``
.. envvar:: INSIGHTS_CONNECTION_STRING
Connection string for `Azure Insights `_.
For example: ``InstrumentationKey={instrumentation-key};IngestionEndpoint=https://westeurope-3.in.applicationinsights.azure.com/;LiveEndpoint=https://westeurope.livediagnostics.monitor.azure.com/``
.. envvar:: TRACE_SQLITE_EXPORTER
Whether to write traces to an SQLite database file
:default: ``False``
.. envvar:: TRACE_SQLITE_FILENAME
File name or path for SQLite trace exporter database if enabled with :envvar:`TRACE_SQLITE_EXPORTER`.
Leave it blank to generate a unique filename for each process.
Populate with a filename to use the same database file - will work only when running server as a single process.
.. envvar:: TRACE_LOGGING_EXPORTER
Enable trace exporter that writes to log.
If other exporters are not enabled, writes traces to log stream.
:default: ``False``
.. envvar:: INSIGHTS_SAMPLE_RATE
:default: ``0.0``
Sampling rate for Azure insights telemetry. Must be a value in range :code:`0 <= rate <= 1`.
Setting this to a high value will incur additional traffic and data usage.
.. seealso::
The sample rate will be accounted for in in Azure Insights, by adding ``itemCount`` to each entry.
See :ref:`telemetry sampling` for more information.
.. envvar:: INSIGHTS_PSQL_INTEGRATION
Whether to enable ``postgresql`` integration with Open Telemetry to report Postgres queries.
Enabling this increases the amount of data being traced
:default: ``True``
.. envvar:: INSIGHTS_REDIS_INTEGRATION
Whether to enable ``redis`` integration with Open Telemetry to report Redis queries.
Enabling this increases the amount of data being traced
:default: ``True``
.. envvar:: INSIGHTS_CELERY_INTEGRATION
Whether to enable Celery integration with Open Telemetry to report Celery tasks.
:default: ``True``
.. envvar:: LOG_ERRORS
Whether to log crashes to a text file.
This is optional as errors are normally logged to Sentry, but may be required in
some set-ups such as :term:`on-prem` where it is not possible or desired.
By default "ERROR"-level entries are saved to the error file,
but this can be changed using :envvar:`ERRORFILE_LOG_LEVEL`.
:default: ``False``
.. envvar:: ENABLE_MEMORY_TRACE
Whether to trace per-request memory use using :class:`~middleware.MemoryUsageMiddleware`.
:default: ``False``
.. envvar:: LOG_INCOMING_REQUESTS
Whether to log username and url for all incoming requests.
By default webserver logs request after it's finished. This also logs the request before it's server.
Logging is implemented in :class:`~middleware.TraceExtrasMiddleware`.
Enable this option to troubleshoot incoming requests that cause OOM errors and outages before the request can be logged.
:default: ``False``
.. envvar:: EMAIL_ERRORS
Whether to e-mail errors to addresses listed in :const:`settings.ADMINS`.
:default: ``False``
.. envvar:: LOGFILE_NAME
name of the logfile, without extension. If not provided, current hostname is used (e.g. "localhost").
Final filename will be prefixed with date (:file:`{DATE}-{LOGFILE_NAME}.log`)
:default: hostname
.. envvar:: LOGFILE_LOG_LEVEL
log level used to filter log entries before writing to logfile.
:default: 'DEBUG'
.. envvar:: ERRORFILE_LOG_LEVEL
log level used to filter errors for error log file. This will work only if :envvar:`LOG_ERRORS` is enabled.
You may want to set it to "WARNING" to catch celery task errors.
:default: 'ERROR'
.. envvar:: ESCALATE_ERRORS
Whether to escalate ERROR and CRITICAL log entries to an exception.
This will rause :class:`~utils.error_log_handler.LoggedErrorException` any time an error entry is logged.
:default: ``False``
.. envvar:: CONSOLE_LOG_LEVEL
log level used to filter log entries before outputting to console.
:default: 'INFO'
.. envvar:: CONSOLE_LOG_FORMAT
Format of log messages printed to console.
Can be any of the values defined in ``settings.LOGGING.formatters``, e.g ``simple`` or ``verbose``.
:default: 'simple'
.. envvar:: ROOT_LOG_LEVEL
Default level of log entries to filter by for any loggers not defined in 'loggers' setting
:default: 'INFO'
.. envvar:: LOGFILE_MAX_BYTES
Number of bytes to write to a logfile before it's rotated.
Leave default value to disable log rotation, enter value in bytes to rotate logs after file reaches the given size.
:default: ``0``
.. envvar:: LOGFILE_BACKUP_COUNT
number of logfile rotations before old data is erased
:default: ``9``
.. envvar:: BI_AGGREGATE
:default: ``False``
Whether :term:`business intelligence` data should be aggregated or not. When enabled data is synced with the :term:`business intelligence` :term:`mongodb` database.
See :ref:`Business Intelligence` for more information.
.. envvar:: BI_DATABASE_URI
:default: ``mongodb://admin:password@mongo:27017/``
A connection URI for the BI database. This is used by pymongo to create a connection.
.. envvar:: THUMBNAILS_JIT
Whether to create image thumbnails just-in-time. This enables the legacy behaviour that creates missing thumbnails while loading the page.
This can slow down the page on pages with lots of images, as each image is verified and if it does not exist, it is generated while delaying the page load.
When disabled, the thumbnails are generated as soon as file is uploaded, but if generation fails for some reason,
the thumbnail will have to be generated manually using :command:`./manage.py generateimages`
Enabling this option, uses :class:`~files.imagekit.CacheFileBackend` and :class:`~files.imagekit.ImagekitCacheStrategy` for managing thumbnail files.
Disabling is uses :class:`~imagekit.cachefiles.backends.Celery` backend and :class:`~imagekit.cachefiles.strategies.Optimistic` strategy.
:default: ``True``
.. envvar:: IMAGEKIT_CACHE_TIMEOUT
Cache duration for thumbnail status cache.
By default, uses the same value as :envvar:`CACHE_DURATION`.
.. seealso:: ImageKit documentation: https://django-imagekit.readthedocs.io/en/latest/configuration.html
:default: ``CACHE_DURATION``
.. envvar:: IMAGEKIT_CACHE_PREFIX
Cache prefix for thumbnail status cache
.. seealso:: ImageKit documentation: https://django-imagekit.readthedocs.io/en/latest/configuration.html
:default: ``'imagekit:'``
.. envvar:: IMAGEKIT_SPEC_CACHEFILE_NAMER
Function responsible for naming cache files.
The default value :func:`files.imagekit.source_name_as_obfuscated_path` is a legacy namer
that has a known bug where file name is different for every python interpreter.
.. seealso:: ImageKit documentation: https://django-imagekit.readthedocs.io/en/latest/configuration.html
Possible values include::
imagekit.cachefiles.namers.hash
imagekit.cachefiles.namers.source_name_dot_hash
imagekit.cachefiles.namers.source_name_as_path
files.imagekit.source_name_as_obfuscated_path
:default: ``'imagekit.cachefiles.namers.hash'``
.. envvar:: IMAGEKIT_CACHEFILE_DIR
Directory to keep thumbnail cache
.. seealso:: ImageKit documentation: https://django-imagekit.readthedocs.io/en/latest/configuration.html
:default: ``'CACHE/images'``
.. envvar:: IMAGEKIT_GENERATE_THUMBNAILS_DAILY
Whether missing thumbnails should be generated nightly.
Use this when :envvar:`THUMBNAILS_JIT` is disabled to ensure there are no missing thumbnails.
:default: ``False``
.. envvar:: USE_LAZY_WIDGETS
Whether dashboard widgets should be loaded lazily;
i.e. dashboard/report page will load with widget placeholders, and each widget will load asynchronously by making a separate HTTP request.
This is enabled by default, but can be disabled for testing and troubleshooting.
:default: ``True``
.. envvar:: STORE_SMS
Whether SMS messages should be stored in the database or not.
:default: ``False``
See :ref:`Onprem SMS` for more information.
.. envvar:: SYNC_PERMS_ON_LOGIN
Whether to synchronize user's permissions on login.
This updates :class:`~accounts.models.AuditorPermissionCache` and :class:`~megdocs.models.FolderPermissionCache` models that store compiled permissions, in case they have not been updated automatically.
:default: ``True``
.. envvar:: SYNC_PERMS_ON_CHANGE
Whether to automatically sync permission cache whenever user permissions/access changes
:default: ``True``
.. envvar:: PERM_UPDATE_BATCH_SIZE
Number of forms to update permissions for user within a single celery task.
If user has access to more than this many forms, the permissions fill be processed
in separate parallel jobs.
:default: 50
.. envvar:: SYNC_PERMS_DELAY_SECS
Number of seconds to delay user permission cache update after triggered by model change.
If there are subsequent changes during this delay, the job is delayed again, until after the last change.
This helps reduce duplicate celery jobs when making changes that affect permissions.
.. note:: This works only when updating user's global perms. Updating form permission is still triggered immediately.
:default: 0
.. envvar:: LIVE_VIEWER_CACHE_TIMEOUT_SECONDS
Used in logic that determines the number of viewers currently viewing a page.
Determines the timeout in seconds of the cache key for a page view.
Once the cache key expires, it's implied that the user is no longer viewing a page.
.. note:: This value should be higher than :envvar:`LIVE_VIEWER_REFRESH_INTERVAL_SECONDS`.
:default: ``0``
.. envvar:: LIVE_VIEWER_REFRESH_INTERVAL_SECONDS
Used in logic that determines the number of viewers currently viewing a page.
Determines the interval in seconds the frontend should wait before querying the backend to get the current number of live viewers.
If this value is ``0`` the feature is disabled - live viewers will not be displayed or reported at all.
.. note:: This value should be lower than :envvar:`LIVE_VIEWER_CACHE_TIMEOUT_SECONDS`.
:default: Half of :envvar:`LIVE_VIEWER_CACHE_TIMEOUT_SECONDS` value
.. envvar:: SENTRY_DSN
DSN for error reporting
.. envvar:: SENTRY_SAMPLE_RATE
Send a representative sample of your errors to Sentry
:default: 1.0
.. envvar:: SENTRY_TRACES_SAMPLE_RATE
Sampling rate for performance reporting in Sentry
:default: 0.0
.. envvar:: SKIP_DB_CREATION
Whether the :file:`setupdatabase.sh` script should attempt to create the user (:envvar:`POSTGRES_USER`),
and then drop/re-create the database (:envvar:`POSTGRES_DB`).
Creating database by script is useful when running the project locally against system-installed Postgres,
but when running the project in docker containers, this is already handled by the postgres docker image,
or managed postgres service.
This setting is set to ``1`` by default in the docker image. Otherwise, the variable is not set, and the script will
attempt to create user and database.
.. envvar:: EXPORT_EXPIRY_HOURS
Amount of time after which the exported file is deleted from server.
Time is expressed in hours and starts when user initiates export.
:default: ``24``
.. envvar:: EXPORT_RATE_LIMIT
How many pending exports the user can have at any given time.
This prevents single user requesting too many export jobs and filling up the job queue
:default: ``10``
.. envvar:: MEGDOCS_API_FILE_UPLOAD_MAX_SIZE
Max file size in bytes for file uploads to the Megdocs API.
:default: 1,048,576 (1mb)
.. envvar:: MEGDOCS_WORD_IMPORT_ENABLE
Whether to enable importing MS Word documents as a :term:`MEG Docs` :term:`draft`.
.. seealso:: :ref:`drafting documents`
:default: ``True``
.. envvar:: SHOW_FORGOT_PASSWORD_LINK
Whether to show the forgot password link in the login page or not.
:default: True
.. envvar:: NOTIFICATIONS_LIST_ENABLED
Whether to show the notifications list in navbar or not.
:default: True
.. envvar:: PDF_PREVIEW_EXPIRY_MINS
How long to store PDF previews for :term:`document draft`.
After this time, the preview file is deleted.
:default: 30
.. envvar:: MAX_DIFF_CONTENT_SIZE
Maximum number of characters (excluding formatting and html tags) document or draft content can have to compare differences.
If either version (draft or published version) exceeds this limit, the diff option will not be able to show the differences.
The limit is imposed while diff is rendered on front-end can be increased after its optimized in :task:`28334`.
:default: ``1_000_000``
.. envvar:: LLM_DOCUMENT_CHAT_CONTENT_CHAR_LIMIT
Maximum number of characters a document can have to use document AI chat.
If a document is over this limit then a user will see a warning message instead of the chat box.
:default: ``100_000``
.. envvar:: API_KEY_STATUS_PROBE
API key to access the :url:`server stats ` endpoint. It can be appended to the url using ``api_key`` parameter:
:samp:`/api/server-status?api_key={API_KEY_STATUS_PROBE}`
:default: *A default key is set, but is not exposed in documentation*
.. envvar:: DEPLOYMENT_NOTE
A note that can be set during deployment to the site.
It can be set by adding :envvar:`NOTE` (simplified name) variable to the deployment job.
Note is used for :ref:`staging_sites`.
.. envvar:: EXTENSIONS_MAX_UNIQUE_QUERY_ATTEMPTS
The max number of unique query attempts that can be made before raising an exception.
:default: 100
.. envvar:: SLOW_QUERY_THRESHOLD_MS
Time duration after which an SQL query is considered "slow" (in milliseconds) in the database dashboard: :url:`/meg-admin/dashboard/database/`.
.. seealso:: :ref:`troubleshooting-slow-queries`
:default: 1000
Compliance calculation settings
==================================
These variables control the :term:`compliance` calculation celery jobs:
.. envvar:: COMPLIANCE_BATCH_SIZE
Number of :term:`observations ` to calculate compliance for in a single batch in a celery job.
Decrease this value to limit how many observations a celery job can process a time.
This will result in more jobs being created, but each job will complete faster and take up less memory.
Increasing value will reduce number of jobs, but the jobs will run for longer and may consume more memory.
:default: 200
.. envvar:: SCHEMA_CHANGE_DELAY_MINS
Delay between form schema change and compliance re-calculation.
Larger delay addresses the issue of observation compliances being re-calculated multiple times when multiple changes are being made to schema.
Adding a delay allows the user to continue editing the form, and compliance will be re-calculated only after the last change if the delay period has passed.
Each change to form schema resets the time.
Set this value to 0 to remove the delay and trigger compliance calculation as soon as each form change is saved.
:default: 30
.. envvar:: NIGHTLY_COMPLIANCE_CHECK
Whether nightly jobs should trigger compliance calculation for observations without compliance data
:default: ``True``
.. envvar:: SHOW_METADATA_FOOTER
Whether to show :ref:`deployment details` in the page footer beside version number.
The details will include branch name, username, and date/time when the deployment was made.
This can be enabled for staging sites, but should be disabled for production environments.
:default: ``False``
.. _Deployment variables:
Deployment variables
======================
The following variables are set by CI when deploying
.. envvar:: CI_COMMIT_REF_NAME
Branch or tag name currently deployed
.. envvar:: GITLAB_USER_LOGIN
User who triggered the deployment in CI
.. envvar:: DEPLOY_DATETIME
Date and time of when last deployment took place
.. envvar:: DATABASE_SETUP_AT
Date and time when database was last reset (staging site)
.. _WSGI Environment variables:
WSGI server configuration
=============================
The following environment variables are read by :file:`sh/wsgi.sh`) to configure the webserver:
.. envvar:: WSGI_PROCESSES
The number of worker processes (workers of the gunicorn
application) to be started up and which will handle
requests concurrently. Defaults to a single process.
:default: ``1``
.. envvar:: WSGI_THREADS
The number of threads in the request thread pool of
each process for handling requests.
:default: ``10``
.. envvar:: WSGI_REQUEST_TIMEOUT
Maximum number of seconds allowed to pass before the
worker process is forcibly shutdown and restarted when
a request does not complete in the expected time. In a
multi threaded worker, the request time is calculated
as an average across all request threads.
:default: ``600`` (10 mins)
.. envvar:: WSGI_MAX_REQUESTS
Number of served requests before restarting WSGI server
:default: ``500``
.. envvar:: WSGI_PRELOAD
Whether to preload application logic when the server starts.
Set the variable to any value to preload - this delays startup.
The app cannot receive connections until it's loaded.
Preloading app has the benefit of using shared memory between any worker processes (pre-fork).
When left unset, the app can start receiving connections, and will be loaded lazily.
.. _Mirth Connect Environment variables:
Mirth Connect
==============
The following environment variables are used to configure mirth connect deployments:
.. envvar:: MIRTH_DATABASE_NAME
Mirth connect database name
:Default: ``"mirth"``
.. envvar:: MIRTH_DATABASE_USERNAME
Mirth connect database username
:Default: ``"mirth"``
.. envvar:: MIRTH_DATABASE_PASSWORD
Mirth connect database password
:Default: ``"password"``
.. _AI Environment Variables:
Azure OpenAI & Google Gemini AI Configuration
=============================================
The following environment variables configure the large language models used for AI features. Only one model provider should be configured at a time—either Azure OpenAI or Google Gemini. If both sets of variables are configured simultaneously, behavior may be unpredictable. Ensure only the relevant environment variables are set for the model provider in use.
.. warning::
**Do not mix configurations**: Set either the Azure OpenAI variables **or** the Google Gemini variables, but not both. Unset or leave the unused model's variables empty.
Azure OpenAI and Google Gemini Shared Environment Variables
-----------------------------------------------------------
Some environment variables are shared between both Azure OpenAI and Google Gemini models, depending on the provider in use.
.. envvar:: LLM_DEPLOYMENT_NAME
Specifies the name of the deployed model. If using Azure OpenAI, set this to the deployment name of the Azure model (e.g., ``my-chatbot-deployment``). If using Google Gemini, set this to the deployment name of the Gemini model (e.g., ``gemini-1.5-pro``).
:Default: ``None``
Azure OpenAI-Specific Environment Variables
-------------------------------------------
These variables are required only when using an Azure OpenAI model. If using Azure OpenAI, ensure all Google Gemini-specific variables remain unset or are set to ``None``.
.. envvar:: LLM_API_VERSION
Specifies the API version for Azure OpenAI. Azure releases a new version monthly, so this value may need periodic updating.
:Default: ``None``
.. envvar:: LLM_AZURE_API_KEY
The API key used to authenticate the server with Azure OpenAI.
:Default: ``None``
.. envvar:: LLM_AZURE_ENDPOINT
The endpoint URL where the Azure OpenAI model is deployed.
:Default: ``None``
Google Gemini-Specific Environment Variables
--------------------------------------------
Use these variables only if the Google Gemini model is deployed. If using Google Gemini, ensure all Azure OpenAI-specific variables remain unset or are set to ``None``.
.. envvar:: LLM_GOOGLE_API_KEY
The API key used to authenticate the server with Google Cloud for the Gemini model.
:Default: ``None``
Security Variables
--------------------------------------------
These variables are used to configure the site's security
.. envvar:: GLOBAL_INSTITUTION_SLUG
The slug of the institution that's allowed to have global accounts.
The slug of the institution who's slug matches this will not be editable via django admin.
The environment variable needs to be changed before the slug can be updated.
:Default: ``meg-staff``
.. envvar:: GLOBAL_EMAIL_SUFFIX
The email suffix required for a user account to be made global.
:Default: ``@megit.com``
.. envvar:: SUPER_GLOBAL_2FA_REQUIRED
Whether :term:`superusers` are required to enroll in two factor authentication.
:default: ``True``
.. envvar:: CSP_REPORT_ONLY
Whether to report CSP violations to console or raise an error
:Default: ``True``
.. envvar:: CSP_REPORT_URI
Used to report errors to sentry regarding CSP violations
:Default: ``None``
.. envvar:: SUPPRESS_BROWSER_CHECK
Whether to disable browser check functionality.
Setting this to ``True`` will skip the check and not notify user that they use unsupported browser/version.
The functionality is implemented in :func:`~middleware.meg_context_processor`
:default: ``False``
.. envvar:: SECRET_KEY
Sets `SECRET_KEY `_ django setting.
This is used to provide cryptographic signing, and should be set to a unique, unpredictable value.
.. note::
secret key should be set to a random secret value when running in production
.. envvar:: TWO_FACTOR_SMS_GATEWAY
SMS gateway for two factor authentication.
:Default: ``'two_factor.gateways.fake.Fake'`` (development)
.. envvar:: TWO_FACTOR_CALL_GATEWAY
Phone call gateway for two factor authentication.
:Default: ``'two_factor.gateways.fake.Fake'`` (development)
.. envvar:: LOGIN_VALIDATE_ACCOUNT_EXISTS
Whether username should be validated on login screen.
Set to False to behave as if the account exists and redirect to password page (secure).
Set to True to show that the account does not exist as soon as username is entered (user-friendly)
:Default: ``False``
.. envvar:: ENABLE_TWO_FACTOR
Whether two-factor requirement for patient data audits should be enforced
Currently disabled as per :task:`22890`.
:default: ``False``
.. envvar:: LFPSE_SSL_VERIFY
Whether to verify SSL certificates for :term:`LFPSE` HTTPS requests.
:default: ``True``
.. envvar:: ENABLE_LOG_EDITING
Whether logs can be edited in django admin. Should be disabled in production servers.
:default: ``False``
.. envvar:: ENABLE_PERMISSION_EDITING
Whether django permission objects can be edited in django admin.
This should be disabled as permission objects are handled by Django.
:default: ``False``
.. envvar:: SECURE_SSL_REDIRECT
Whether to force redirection to a secure https address.
.. envvar:: CSRF_COOKIE_HTTPONLY
:default: ``False``
Whether to use ``HttpOnly`` flag on the CSRF cookie. If this is set to ``True``, client-side JavaScript will not be able to access the CSRF cookie.
.. envvar:: CORS_ALLOW_ALL_ORIGINS
:default: ``False``
Allow all origins for cross-site requests, overriding the ``CORS_ALLOWED_ORIGIN_REGEXES`` and ``CORS_ALLOWED_ORIGINS`` setting.
.. envvar:: CORS_ALLOWED_ORIGINS
A comma-separated list of urls for CORS to allow cross-site requests from.
For example: ``http://localhost:4200,http://localhost:8000``
CI/CD
=======
.. envvar:: TIMED_TEST_THRESHOLD_SECS
Threshold for test run time to report it as a "slow test".
Set to 0 to disable reporting slow tests
:default: ``0.0``