From a security perspective, there are a couple of things that I would recommend with the app in production (and whilst this is less important given the database is purely used to read from it is worth doing):
Currently the django SECRET_KEY is present in plain text in the repository
The django user details are available as plain text in the docker-compose.yml
You can use the python-decouple package to do something similar in the django settings file where a .env file is specified in the backend directory and the settings specified there are imported using decouple like this:
The .env file is not version controlled but shared privately for deployment.
You can use the same .env file for docker-compose.yml and python decouple (it would have to live in backend), you would just need to specify the location of the .env file to docker-compose like this $ docker-compose up -d --env-file backend/.env
From a security perspective, there are a couple of things that I would recommend with the app in production (and whilst this is less important given the database is purely used to read from it is worth doing):
docker-compose.ymlTo avoid this the following steps can be taken:
docker-compose.ymlallows for environment variables to be specified in a.envfile in the base project folderYou can use the
python-decouplepackage to do something similar in the django settings file where a.envfile is specified in thebackenddirectory and the settings specified there are imported using decouple like this:.envfile is not version controlled but shared privately for deployment..envfile fordocker-compose.ymland python decouple (it would have to live inbackend), you would just need to specify the location of the.envfile todocker-composelike this$ docker-compose up -d --env-file backend/.env