If you’re in the business of making “web apps” and haven’t read The Twelve-Factor App I thoroughly recommend rectifying that.

Of particular note is the section on “Config” - in short, apps should read configuration data (things likely to change across deploys, like resource URLs and authentication tokens) from environment variables, rather than having them hardcoded inside the app in some way.

An all-too-common occurrence in #django is for someone to be asked to show their settings.py to aid with debugging, and for them to oblige and fail to elide data like their SECRET_KEY and database credentials. This is exactly the kind of thing that twelve-factor-style config prevents.

django12factor is designed to make the process easy. It should be of particular use to anyone deploying to Heroku. Grab it from PyPI or get the source from GitHub. If you find it useful, I’d love to hear about it.