Configuration¶

This guide covers all configuration options for the Freeze Design webshop.

Environment Variables¶

Backend (.env)¶

# Django Settings
DEBUG=True
SECRET_KEY=your-secret-key-here
ALLOWED_HOSTS=localhost,127.0.0.1

# Database
DB_NAME=webshop_dev
DB_USER=webshop
DB_PASSWORD=your_password
DB_HOST=localhost
DB_PORT=5432

# Redis
REDIS_URL=redis://localhost:6379/1

# Celery
CELERY_BROKER_URL=amqp://admin:admin123@localhost:5672//
CELERY_RESULT_BACKEND=redis://localhost:6379/0

# CORS
CORS_ALLOWED_ORIGINS=http://localhost:3000
CSRF_TRUSTED_ORIGINS=http://localhost:3000

# Sentry (optional)
SENTRY_DSN=
SENTRY_ENVIRONMENT=development

# Storage (production)
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_STORAGE_BUCKET_NAME=

Frontend (.env.local)¶

# API
NEXT_PUBLIC_API_URL=http://localhost:8000/api

# Sentry
NEXT_PUBLIC_SENTRY_DSN=

# PostHog Analytics
NEXT_PUBLIC_POSTHOG_KEY=
NEXT_PUBLIC_POSTHOG_HOST=https://eu.i.posthog.com

Django Settings¶

Key settings in backend/config/settings.py:

REST Framework¶

REST_FRAMEWORK = {
    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
    'PAGE_SIZE': 20,
    'DEFAULT_THROTTLE_RATES': {
        'anon': '100/hour',
        'user': '1000/hour',
    },
}

Security Settings (Production)¶

SECURE_SSL_REDIRECT = True
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SECURE_HSTS_SECONDS = 31536000

Feature Flags¶

Control features via environment variables:

Variable	Default	Description
`DEBUG`	`True`	Enable debug mode
`E2E_TESTING`	`False`	Disable rate limiting for E2E tests
`CSP_REPORT_ONLY`	`True`	CSP in report-only mode

Logging¶

Configure logging levels in settings.py:

LOGGING = {
    'loggers': {
        'django': {'level': 'INFO'},
        'apps': {'level': 'INFO'},
    },
}

Log files are stored in backend/logs/: - django.log - General application logs - security.log - Security-related events