🤯 2020 Edit: This is a pretty old post. I've since learned that using environment variables is a much better way to handle sensitive data without having to worry about it ending up in Git. Here's a good post on the subject.
The approach I've outlined here is actually a better way to handle multiple settings files (dev, staging & production).
If you are checking your settings.py into your git
repository you must make sure you aren't including any potentially
sensitive information such as database passwords, secret keys and so on.
A quick and easy way to avoid this is to create a separate private.py file:
settings.py
DATABASES = {
'ENGINE' : 'django.db.backends.postgresql_psycopg2',
'NAME' : 'dbname',
'USER' : 'dbusername',
'PASSWORD' : 'dbpassword'
}
SECRET_KEY = '...'
and import it in your settings.py:
from private import *
# ...
while blocking it via your .gitignore