I wrote an ansible-role for openwisp2 to ease its deployment, it's a series of django apps. To ease the deployment as much as possible, I wrote a simple (probably trivial) SECRET_KEY generator script:
#!/usr/bin/env python
"""
Pseudo-random django secret key generator
"""
from __future__ import print_function
import random
chars = 'abcdefghijklmnopqrstuvwxyz' \
'ABCDEFGHIJKLMNOPQRSTUVXYZ' \
'0123456789' \
'#()^[]-_*%&=+/'
SECRET_KEY = ''.join([random.SystemRandom().choice(chars) for i in range(50)])
print(SECRET_KEY)
which is called by ansible to generate the secret key the first time the ansible playbook is run.
Now, that works fine BUT I think it defeats the built-in security measures Django has in generating a strong key which is also very hard to guess.
At the time I looked at other ways of doing it but didn't find much, now I wonder: is there a function for generating settings.SECRET_KEY in django?
That would avoid this kind of home baked solutions that even though they work they are not effective when it comes to security.
Indeed, you can use the same function that generates a new key when you call startproject
, which is django.core.management.utils.get_random_secret_key()
.
Note however it's not very different from your version.