Completed config.md

Changes to be committed:
	modified:   .secrets.example
	modified:   README.md
	modified:   admin_only/local_deployment.secrets
	modified:   config/settings.py
	new file:   docs/config.md
	renamed:    docs/dockerDeployment.md -> docs/deployment/dockerDeployment.md
	renamed:    docs/localDeployment.md -> docs/deployment/localDeployment.md
	renamed:    docs/productionDeployment.md -> docs/deployment/productionDeployment.md
	new file:   docs/testing.md

Author: HadleyKing

.secrets.example

@@ -3,13 +3,11 @@ SECRET_KEY=
 ANON_KEY=
 
 [SERVER]
-PRODUCTION=
 DEBUG=True
 ALLOWED_HOSTS=
 SERVER_VERSION=
 HOSTNAME=
 HUMAN_READABLE_HOSTNAME=
 PUBLIC_HOSTNAME=
-SERVER_URL=
 DATABASE=
 EMAIL_BACKEND=

README.md

@@ -1,17 +1,20 @@
 # BCO DB
-The BioCompute Database is designed to be deployable in a variety of environments. 
-
-## BCODB Quickstart
+The BioCompute Database is designed to be deployable in a variety of environments. If configured properly it should work with the [BioCompute Portal](https://biocomputeobject.org/) reguardelss of the deployment. 
 
 The BCO API repository contains a top-level folder “admin_only” which contains service definitions for gunicorn and django, an example database, and a prepopultated `.secrets` file (called `local_deployment.secrets`). 
 
-The service definitions are for deployment on a server exposed ot the internet. A local deployment will not need to use those files. Below are links to deployment instructions in different environments. 
-
-- [Local deployment for devleopment](docs/localDeployment.md)
-- [Production deployment](docs/productionDeployment.md)
-- [Docker deployment](docs/dockerDeployment.md) [WIP]
-- [FAQ and trouble shooting](docs/faq.md)
+The service definitions are for deployment on a server exposed to the internet. A local deployment will not need to use those files. Below are links to instructions for deployment in different environments. 
 
+## BCODB Deployment
 
+- [Local deployment](docs/deployment/localDeployment.md) 
+    - For develpment or internal use only
+- [Production deployment](docs/deployment/productionDeployment.md)
+    - For deployment that is exposed to the internet
+- [Docker deployment](docs/deployment/dockerDeployment.md)
+    - WIP: comming soon
 
-## Issues and BCODB Development
+## BCODB Development and troubleshooting
+- [FAQ and trouble shooting](docs/faq.md)
+- [`.secretes` configuration](docs/config.md)
+- [Testing](docs/testing.md)

admin_only/local_deployment.secrets

@@ -3,13 +3,11 @@ SECRET_KEY=^2uql114+yy0d$xv6+lm8*#1=uxs_oa0zw0bvu^fpi4tc9x0i
 ANON_KEY=627626823549f787c3ec763ff687169206626149
 
 [SERVER]
-PRODUCTION=False
 DEBUG=True
 ALLOWED_HOSTS=*
 SERVER_VERSION=24.06.13
 HOSTNAME=127.0.0.1:8000
 HUMAN_READABLE_HOSTNAME=DEV BCODB
 PUBLIC_HOSTNAME=http://127.0.0.1:8000
-SERVER_URL=http://localhost:3000
 DATABASE=db.sqlite3
 EMAIL_BACKEND=django.core.mail.backends.console.EmailBackend

config/settings.py

@@ -12,7 +12,6 @@
 # Load the server config file.
 secrets = configparser.ConfigParser()
 secrets.read(BASE_DIR + "/.secrets")
-PRODUCTION = secrets["SERVER"]["PRODUCTION"]
 DEBUG = secrets["SERVER"]["DEBUG"]
 VERSION = secrets["SERVER"]["SERVER_VERSION"]
 # Set the anonymous user's key.

docs/config.md

@@ -0,0 +1,67 @@
+# BCO DB Configuration
+
+Below is an example configuration file. This file contains sensitive information and deployment specific settings. Example values and specific instructions are given in each of the respective [deployment](docs/deployment) instructions.
+
+See the [Django docs](https://docs.djangoproject.com/en/5.0/ref/settings/) for more specific details.
+``` shell
+[DJANGO_KEYS]
+SECRET_KEY=^2uql114+yy0d$xv6+lm8*#1=uxs_oa0zw0bvu^fpi4tc9x0i
+ANON_KEY=627626823549f787c3ec763ff687169206626149
+
+[SERVER]
+DEBUG=True
+ALLOWED_HOSTS=*
+SERVER_VERSION=24.06.13
+HOSTNAME=127.0.0.1:8000
+HUMAN_READABLE_HOSTNAME=DEV BCODB
+PUBLIC_HOSTNAME=http://127.0.0.1:8000
+DATABASE=db.sqlite3
+EMAIL_BACKEND=django.core.mail.backends.console.EmailBackend
+```
+
+
+##  DJANGO_KEYS: Keys and Tokens for Django
+### SECRET_KEY
+According to the Django docs the [SECRETE_KEY](https://docs.djangoproject.com/en/dev/ref/settings/#secret-key) is used for the following:
+- All sessions if you are using any other session backend than django.contrib.sessions.backends.cache, or are using the default get_session_auth_hash().
+- All messages if you are using CookieStorage or FallbackStorage.
+- All PasswordResetView tokens.
+- Any usage of cryptographic signing, unless a different key is provided.
+
+If you rotate your secret key, all of the above will be invalidated. Secret keys are not used for passwords of users and key rotation will not affect them.
+
+### ANON_KEY
+The BCO DB uses Django REST framework's [TokenAuthentication](https://www.django-rest-framework.org/api-guide/authentication/#tokenauthentication) as one of the athentication schems. To allow access to *public* objects and information there is a default [AnonymousUser](https://docs.djangoproject.com/en/5.0/ref/contrib/auth/#anonymoususer-object) set. This is the token to be set for the `AnonymousUser`.
+
+## SERVER: Deployument specific settings
+
+### DEBUG
+Django's [DEBUG](https://docs.djangoproject.com/en/5.0/ref/settings/#debug) flag.
+
+It's a boolean that turns on/off debug mode, with the default as `False`. It is reccomended to never deploy a site into production with DEBUG turned on.
+
+### ALLOWED_HOSTS
+
+Django's [ALLOWED_HOSTS](https://docs.djangoproject.com/en/5.0/ref/settings/#allowed-hosts) list. Default is an empty list. 
+
+"A list of strings representing the host/domain names that this Django site can serve. This is a security measure to prevent HTTP Host header attacks, which are possible even under many seemingly-safe web server configurations."
+
+### SERVER_VERSION
+The SERVER_VERSION is displayed on the Swagger Docs page. 
+
+### HOSTNAME
+The HOSTNAME to be returnd in the `user_info` object. This is used by the BCO Portal for interacting with a specific instance of the BCO DB. 
+
+### HUMAN_READABLE_HOSTNAME
+The HUMAN_READABLE_HOSTNAME to be returnd in the `user_info` object. This is used by the BCO Portal for interacting with a specific instance of the BCO DB, and in the Swager Docs. 
+
+### PUBLIC_HOSTNAME
+The PUBLIC_HOSTNAME to be returnd in the `user_info` object. This is used by the BCO Portal for interacting with a specific instance of the BCO DB, and in the Swager Docs. It is also utilized by the `activation_link`, `retrieve_bco`, `validate_bco_object_id` functions, as well as in the API tests.
+
+### DATABASE
+This value is used as the `"NAME"`in Django's [DATABASES](https://docs.djangoproject.com/en/5.0/ref/settings/#databases) object. The BCO DB is set up to use the default SQLITE. If you would like to have a database that is outside of the project folder and/or has a non-default name than you can provide an absolute path for the name value here.
+
+### EMAIL_BACKEND
+Specifies which of Django's [EMAIL_BACKEND](https://docs.djangoproject.com/en/5.0/topics/email/#topic-email-backends) classes to use. 
+
+This app has been tested using the `django.core.mail.backends.smtp.EmailBackend` with `sendmail` and a GMail account in production, and with `django.core.mail.backends.console.EmailBackend` in local deployments. 

docs/dockerDeployment.md docs/deployment/dockerDeployment.mddocs/dockerDeployment.md renamed to docs/deployment/dockerDeployment.md

@@ -34,8 +34,7 @@ vim bco_api/bco_api/server.conf
 
 Production and publishing flags NOTE: Valid values are True or False (note the capitalization).
 
-[PRODUCTION]
-production=False
+
 DB Version
 
 [VERSION]