External storages¶
An external storage is needed in some programs for scenarios like:
Having a single storage for settings and distribute across multiple instances
The need to change setings on the fly without redeploying or restarting the app (see Feature Flags)
Storing sensitive values in a safe sealed Vault
Using REDIS¶
Run a Redis server installed or via docker:
$ docker run -d -p 6379:6379 redis
Install support for redis in dynaconf
$ pip install dynaconf[redis]
In your file or in exported environment variables define:
REDIS_ENABLED_FOR_DYNACONF=true
REDIS_HOST_FOR_DYNACONF=localhost
REDIS_PORT_FOR_DYNACONF=6379
You can now write variables direct in to a redis hash named
You can also use the redis writer
$ dynaconf write redis -v name=Bruno -v database=localhost -v port=1234
The above data will be recorded in redis as a hash:
DYNACONF_DYNACONF {
NAME='Bruno'
DATABASE='localhost'
PORT='@int 1234'
}
if you want to skip type casting, write as string intead of PORT=1234 use PORT=”’1234’”.
Data is read from redis and another loaders only once when is first accessed or when or are invoked.
You can access the fresh value using settings.get_fresh(key)
There is also the fresh context manager
from dynaconf import settings
print(settings.FOO) # this data was loaded once on import
with settings.fresh():
print(settings.FOO) # this data is being freshly reloaded from source
And you can also force some variables to be fresh setting in your setting file
FRESH_VARS_FOR_DYNACONF = ['MYSQL_HOST']
or using env vars
export FRESH_VARS_FOR_DYNACONF='["MYSQL_HOST", "OTHERVAR"]'
Then
from dynaconf import settings
print(settings.FOO) # This data was loaded once on import
print(settings.MYSQL_HOST) # This data is being read from redis imediatelly!
Using Hashicorp Vault to store secrets¶
The https://www.vaultproject.io/ is a key:value store for secrets and Dynaconf can load variables from a Vault secret.
Run a vault server
Run a Vault server installed or via docker:
$ docker run -d -e 'VAULT_DEV_ROOT_TOKEN_ID=myroot' -p 8200:8200 vault
Install support for vault in dynaconf
$ pip install dynaconf[vault]
In your file or in exported environment variables define:
VAULT_ENABLED_FOR_DYNACONF=true
VAULT_URL_FOR_DYNACONF="http://localhost:8200"
VAULT_TOKEN_FOR_DYNACONF="myroot"
Now you can have keys like and defined in the vault and dynaconf will read it.
To write a new secret you can use http://localhost:8200 web admin and write keys under the secret database.
You can also use the Dynaconf writer via console
$ dynaconf write vault -s password=123456
Custom Storages¶
Do you want to store settings in other databases like NoSQL, Relational Databases or other services?
Please see how to extend dynaconf to add your custom loaders.