Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Nakajito/osint_hub/llms.txt

Use this file to discover all available pages before exploring further.

Overview

OSINT Hub uses environment variables for configuration management via the .env file. This approach keeps sensitive credentials and environment-specific settings out of version control.
Never commit your .env file to version control. It contains sensitive information like SECRET_KEY and database credentials.

Configuration File

Create a .env file in the project root directory: 
cp .env.example .env
Edit the file with your specific configuration values.

Core Variables

SECRET_KEY

Required: Yes
Default: None
Description: Django’s secret key for cryptographic signing. Used for session management, CSRF protection, and password reset tokens. Example: 
SECRET_KEY=django-insecure-k8h_7&x!s3@2(9p$nv0w^m6+q4r5t#1y
Generation: Generate a secure key using: 
python -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())"
Use a long, random, unique value. Never share this key publicly or reuse it across environments.
Configuration: Set in osint_hub/settings.py:10-12

DEBUG

Required: No
Default: True
Type: Boolean
Description: Enables Django debug mode. Shows detailed error pages with stack traces and SQL queries. Example: 
DEBUG=True   # Development
DEBUG=False  # Production
Values:
  • True - Enable debug mode (development only)
  • False - Disable debug mode (production)
ALWAYS set DEBUG=False in production. Debug mode exposes sensitive information including environment variables, database queries, and file paths.
Configuration: Set in osint_hub/settings.py:13

ALLOWED_HOSTS

Required: Yes (when DEBUG=False)
Default: localhost,127.0.0.1
Type: Comma-separated string
Description: List of domain names and IP addresses that can serve the application. Django will refuse requests with Host headers not in this list. Example: 
# Development
ALLOWED_HOSTS=localhost,127.0.0.1

# Production
ALLOWED_HOSTS=osinthub.com,www.osinthub.com,192.168.1.100

# PythonAnywhere
ALLOWED_HOSTS=yourusername.pythonanywhere.com
Format:
  • No spaces between hostnames
  • Separate multiple hosts with commas
  • Include both www and non-www versions if applicable
  • Can include IP addresses
Configuration: Set in osint_hub/settings.py:16-20

CSRF_TRUSTED_ORIGINS

Required: Yes (when DEBUG=False)
Default: Empty
Type: Comma-separated string of URLs
Description: List of trusted origins for unsafe requests (POST, PUT, DELETE). Required for CSRF protection when your app is behind a proxy or uses HTTPS. Example: 
# Development
CSRF_TRUSTED_ORIGINS=http://localhost:8000

# Production
CSRF_TRUSTED_ORIGINS=https://osinthub.com,https://www.osinthub.com

# PythonAnywhere
CSRF_TRUSTED_ORIGINS=https://yourusername.pythonanywhere.com
Format:
  • Must include the full URL scheme (http:// or https://)
  • No trailing slashes
  • Separate multiple origins with commas
  • Use HTTPS in production
Ensure this matches your domain exactly, including the protocol (http/https). Mismatches cause “CSRF verification failed” errors.
Configuration: Set in osint_hub/settings.py:153-157

DATABASE_URL

Required: No
Default: sqlite:///db.sqlite3
Type: Database URL string
Description: Database connection URL. Supports SQLite, PostgreSQL, MySQL, and other databases via the dj-database-url library. Examples: 
DATABASE_URL=sqlite:///db.sqlite3
Format: scheme://username:password@host:port/database Schemes:
  • sqlite - SQLite database (local file)
  • postgres or postgresql - PostgreSQL
  • mysql - MySQL or MariaDB
Note: While DATABASE_URL is defined in .env.example, the current settings.py implementation uses a hardcoded SQLite configuration. To use DATABASE_URL, modify osint_hub/settings.py:75-80 to: 
DATABASES = {
    'default': dj_database_url.config(
        default='sqlite:///db.sqlite3',
        conn_max_age=600
    )
}

Optional Variables

SEARCH_RESULTS_DIR

Required: No
Default: ~/.local/share/osint_hub/search_results
Type: Absolute file path
Description: Directory where username search results (Sherlock) are stored. Should be persistent across deployments. Example: 
# Default (automatic)
SEARCH_RESULTS_DIR=~/.local/share/osint_hub/search_results

# Custom path
SEARCH_RESULTS_DIR=/var/lib/osint_hub/results

# PythonAnywhere
SEARCH_RESULTS_DIR=/home/yourusername/osint_hub/results
Permissions: Ensure the directory is writable by the application user. Configuration: Set in osint_hub/settings.py:135-138

CELERY_BROKER_URL

Required: Only if using Celery
Default: redis://localhost:6379/0
Type: URL string
Description: Message broker URL for Celery task queue. Typically Redis or RabbitMQ. Example: 
# Local Redis
CELERY_BROKER_URL=redis://localhost:6379/0

# Remote Redis
CELERY_BROKER_URL=redis://user:password@redis-host:6379/0

# RabbitMQ
CELERY_BROKER_URL=amqp://user:password@localhost:5672//
Note: Currently hardcoded in osint_hub/settings.py:172. To make it configurable, add: 
CELERY_BROKER_URL = config('CELERY_BROKER_URL', default='redis://localhost:6379/0')

CELERY_RESULT_BACKEND

Required: Only if using Celery with result storage
Default: redis://localhost:6379/0
Type: URL string
Description: Backend for storing Celery task results. Example: 
CELERY_RESULT_BACKEND=redis://localhost:6379/0
Note: Currently hardcoded in osint_hub/settings.py:173.

EXIFTOOL_PATH

Required: Only if ExifTool is in a non-standard location
Default: /usr/bin/exiftool or /usr/local/bin/exiftool
Type: Absolute file path
Description: Path to the ExifTool binary for metadata extraction. Example: 
# Ubuntu/Debian
EXIFTOOL_PATH=/usr/bin/exiftool

# macOS (Homebrew)
EXIFTOOL_PATH=/usr/local/bin/exiftool

# Custom installation
EXIFTOOL_PATH=/opt/exiftool/bin/exiftool
Installation: 
# Ubuntu/Debian
sudo apt install libimage-exiftool-perl

# macOS
brew install exiftool
Note: Currently hardcoded with fallback logic in osint_hub/settings.py:164-168.

Environment-Specific Examples

Development (.env)

SECRET_KEY=django-insecure-dev-key-not-for-production
DEBUG=True
ALLOWED_HOSTS=localhost,127.0.0.1
CSRF_TRUSTED_ORIGINS=http://localhost:8000
DATABASE_URL=sqlite:///db.sqlite3

Production (.env)

SECRET_KEY=production-secret-key-very-long-and-random-string-here
DEBUG=False
ALLOWED_HOSTS=osinthub.com,www.osinthub.com
CSRF_TRUSTED_ORIGINS=https://osinthub.com,https://www.osinthub.com
DATABASE_URL=postgres://osint_user:secure_password@localhost:5432/osint_hub
SEARCH_RESULTS_DIR=/var/lib/osint_hub/results

PythonAnywhere (.env)

SECRET_KEY=pythonanywhere-secret-key-generated-randomly
DEBUG=False
ALLOWED_HOSTS=yourusername.pythonanywhere.com
CSRF_TRUSTED_ORIGINS=https://yourusername.pythonanywhere.com
DATABASE_URL=sqlite:///db.sqlite3
SEARCH_RESULTS_DIR=/home/yourusername/osint_hub/results

Docker (.env)

SECRET_KEY=docker-secret-key-for-container
DEBUG=False
ALLOWED_HOSTS=localhost,127.0.0.1,osinthub.local
CSRF_TRUSTED_ORIGINS=http://localhost:8000
DATABASE_URL=postgres://osint_user:password@db:5432/osint_hub
CELERY_BROKER_URL=redis://redis:6379/0
CELERY_RESULT_BACKEND=redis://redis:6379/0

Security Best Practices

1

Never commit .env files

Ensure .env is in your .gitignore:
echo ".env" >> .gitignore
2

Use strong SECRET_KEY

Generate a unique, random key for each environment:
python -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())"
3

Restrict file permissions

Limit who can read your .env file:
chmod 600 .env
4

Use different keys per environment

Never reuse SECRET_KEY across development, staging, and production.
5

Validate before deployment

Check your configuration:
python manage.py check --deploy

Troubleshooting

”SECRET_KEY” setting must not be empty

Cause: .env file missing or SECRET_KEY not set. Solution: 
cp .env.example .env
# Edit .env and set SECRET_KEY

DisallowedHost at /

Cause: Current hostname not in ALLOWED_HOSTS. Solution: Add your hostname to ALLOWED_HOSTS in .env: 
ALLOWED_HOSTS=localhost,127.0.0.1,yourdomain.com

CSRF verification failed

Cause: Origin not in CSRF_TRUSTED_ORIGINS or wrong protocol. Solution: Ensure CSRF_TRUSTED_ORIGINS matches your full URL: 
CSRF_TRUSTED_ORIGINS=https://yourdomain.com
Note the https:// protocol and no trailing slash.

Database connection errors

Cause: Invalid DATABASE_URL or database not running. Solution:
  1. Verify database is running: 
    sudo systemctl status postgresql
  2. Test connection manually: 
    psql -U username -h localhost -d database_name
  3. Verify DATABASE_URL format: 
    DATABASE_URL=postgres://user:password@host:port/dbname

Environment variables not loading

Cause: .env file in wrong location or permissions issue. Solution:
  1. Ensure .env is in project root (same directory as manage.py)
  2. Check file permissions: 
    ls -la .env
  3. Verify python-decouple is installed: 
    pip install python-decouple

Loading Variables in Different Contexts

Django Management Commands

Variables are automatically loaded via python-decouple when running: 
python manage.py runserver
python manage.py migrate

Gunicorn (Production)

Use EnvironmentFile in systemd service: 
[Service]
EnvironmentFile=/path/to/osint_hub/.env

PythonAnywhere

Variables are loaded from .env via the configured WSGI file.

Docker

Pass via docker-compose.yml: 
services:
  web:
    env_file:
      - .env
Or use docker run: 
docker run --env-file .env myimage

Shell Scripts

Source the file: 
export $(cat .env | xargs)
python manage.py migrate

Validation Checklist

Before deploying, verify:
  • SECRET_KEY is set and unique
  • DEBUG=False in production
  • ALLOWED_HOSTS includes your domain
  • CSRF_TRUSTED_ORIGINS includes your full HTTPS URL
  • DATABASE_URL points to production database (if used)
  • .env file has restricted permissions (600)
  • .env is in .gitignore
  • All required services (Redis, PostgreSQL) are running
  • Run python manage.py check --deploy to catch issues

Next Steps

Build docs developers (and LLMs) love

Get started for freeTalk to us