Configuration

DataMed is built on Django 4.2 and uses environment variables for configuration. This guide covers all configuration options from development to production deployment.

Environment Variables

DataMed uses environment-based configuration for security and flexibility. All sensitive settings are read from environment variables.

Required Variables

SECRET_KEY

string

required

Django’s secret key for cryptographic signing. Generate with python -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())"Default (dev only): django-insecure-local-dev-key

DATABASE_URL

string

required

PostgreSQL connection string for production. Format: postgresql://user:password@host:port/databaseExample: postgresql://datamed_user:secure_password@localhost:5432/datamed_db

RENDER

string

Set to any value to enable production mode. When present, DEBUG is disabled and PostgreSQL is used.Example: RENDER=true

Configuration Loading

DataMed uses python-dotenv to load environment variables from a .env file:

config/settings.py

from dotenv import load_dotenv
import os

load_dotenv()  # Load environment variables from .env file

SECRET_KEY = os.environ.get('SECRET_KEY', 'django-insecure-local-dev-key')
DEBUG = 'RENDER' not in os.environ

Database Configuration

DataMed uses different databases for development and production:

Development Database (SQLite)

config/settings.py

if DEBUG:
    DATABASES = {
        'default': {
            'ENGINE': 'django.db.backends.sqlite3',
            'NAME': Path(BASE_DIR) / 'db.sqlite3',
        }
    }

Automatic: No setup required
Location: db.sqlite3 in project root
Use case: Local development and testing

Production Database (PostgreSQL)

config/settings.py

if not DEBUG:
    DATABASES = {
        'default': dj_database_url.config(
            default=os.environ.get('DATABASE_URL'),
            conn_max_age=600,
        )
    }

Connection pooling: 600-second max connection age
Required: DATABASE_URL environment variable
Use case: Production deployments on Render, Heroku, etc.

Security Settings

Allowed Hosts

Configure which domains can serve your application:

config/settings.py

ALLOWED_HOSTS = [
    'datamed-k68i.onrender.com',
    'www.datamed-k68i.onrender.com',
    'localhost',
    '127.0.0.1',
]

Update ALLOWED_HOSTS with your actual domain before deploying to production.

CSRF Protection

Configure trusted origins for cross-site request forgery protection:

config/settings.py

CSRF_TRUSTED_ORIGINS = [
    'https://datamed-k68i.onrender.com',
    'https://www.datamed-k68i.onrender.com'
]

Password Validation

DataMed uses Django’s built-in password validators:

config/settings.py

AUTH_PASSWORD_VALIDATORS = [
    {'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator'},
    {'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator'},
    {'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator'},
    {'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator'},
]

Static Files Configuration

DataMed uses WhiteNoise to serve static files efficiently in production.

Development Static Files

config/settings.py

STATIC_URL = '/static/'

STATICFILES_DIRS = [
    BASE_DIR / "static"
]

Production Static Files

config/settings.py

if not DEBUG:
    STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles')
    STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'

Features:

Compression: Gzip and Brotli compression for smaller file sizes
Caching: Unique filenames for long-term browser caching
CDN-ready: Optimized for edge delivery

WhiteNoise middleware must be positioned correctly in MIDDLEWARE list (after SecurityMiddleware, before all others).

Application Settings

Installed Apps

config/settings.py

INSTALLED_APPS = [
    'whitenoise.runserver_nostatic',  # Static files in production
    'import_export',                   # Data export functionality
    'apps.users',                      # User management
    'apps.exams',                      # Medical exams
    'apps.dashboard',                  # Dashboard and analytics
    'apps.patients',                   # Patient management
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
]

Middleware Configuration

config/settings.py

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'whitenoise.middleware.WhiteNoiseMiddleware',  # Must be here!
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

WhiteNoise Position Matters: Place WhiteNoiseMiddleware immediately after SecurityMiddleware for proper static file handling.

Localization Settings

DataMed is configured for Colombian Spanish and Bogotá timezone:

config/settings.py

LANGUAGE_CODE = 'es-mx'
TIME_ZONE = 'America/Bogota'
USE_I18N = True
USE_TZ = True

Authentication Settings

Configure URLs for login, logout, and redirects:

config/settings.py

LOGIN_URL = 'login'
LOGIN_REDIRECT_URL = 'dashboard'
LOGOUT_REDIRECT_URL = 'login'

URL Flow:

Unauthenticated users → /users/login/
After login → /dashboard/
After logout → /users/login/

Production Checklist

Before deploying to production, verify these settings:

Generate Secret Key

Create a strong secret key and set the SECRET_KEY environment variable:

python -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())"

Configure Database

Set DATABASE_URL with your PostgreSQL connection string:

postgresql://user:password@host:5432/database

Update Allowed Hosts

Add your production domain to ALLOWED_HOSTS and CSRF_TRUSTED_ORIGINS in config/settings.py.

Enable Production Mode

Set any value for the RENDER environment variable to disable DEBUG mode:

RENDER=true

Verify Static Files

Ensure WhiteNoise is configured and run collectstatic:

python manage.py collectstatic --noinput

Configuration Templates

Development .env File

.env

SECRET_KEY=django-insecure-local-dev-key
# DEBUG is True by default when RENDER is not set

Production Environment Variables

Production Environment

SECRET_KEY=your-production-secret-key-here
DATABASE_URL=postgresql://user:password@host:5432/datamed
RENDER=true

Next Steps

User Management

Configure user accounts and permissions

Deployment Guide

Deploy DataMed to production

Database Schema

Understand DataMed’s data model

Migrations

Manage database schema changes

Setup

Data Management

Configuration

Configuration

Environment Variables

Required Variables

Configuration Loading

Database Configuration

Development Database (SQLite)

Production Database (PostgreSQL)

Security Settings

Allowed Hosts

CSRF Protection

Password Validation

Static Files Configuration

Development Static Files

Production Static Files

Application Settings

Installed Apps

Middleware Configuration

Localization Settings

Authentication Settings

Production Checklist

Configuration Templates

Development .env File

Production Environment Variables

Next Steps

User Management

Deployment Guide

Database Schema

Migrations

Build docs developers (and LLMs) love

Setup

Data Management

Documentation Index

​Configuration

​Environment Variables

​Required Variables

​Configuration Loading

​Database Configuration

​Development Database (SQLite)

​Production Database (PostgreSQL)

​Security Settings

​Allowed Hosts

​CSRF Protection

​Password Validation

​Static Files Configuration

​Development Static Files

​Production Static Files

​Application Settings

​Installed Apps

​Middleware Configuration

​Localization Settings

​Authentication Settings

​Production Checklist

​Configuration Templates

​Development .env File

​Production Environment Variables

​Next Steps

User Management

Deployment Guide

Database Schema

Migrations

Build docs developers (and LLMs) love

Configuration

Environment Variables

Required Variables

Configuration Loading

Database Configuration

Development Database (SQLite)

Production Database (PostgreSQL)

Security Settings

Allowed Hosts

CSRF Protection

Password Validation

Static Files Configuration

Development Static Files

Production Static Files

Application Settings

Installed Apps

Middleware Configuration

Localization Settings

Authentication Settings

Production Checklist

Configuration Templates

Development .env File

Production Environment Variables

Next Steps