Get allowed hosts from env

pflaenzli/pflaenzli_django/settings.py

@@ -32,8 +32,8 @@ SECRET_KEY = "django-insecure-q=ps#iypevr!3zfpwtfp3lw#4r3%oyj*(2=*iq^8f4_zbodi^(
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
 
-ALLOWED_HOSTS = ["localhost"]
-CSRF_TRUSTED_ORIGINS = ["http://localhost:8080", "https://staging.pflaenz.li"]
+ALLOWED_HOSTS = os.getenv('DJANGO_ALLOWED_HOSTS')
+CSRF_TRUSTED_ORIGINS = os.getenv('DJANGO_CSRF_TRUSTED_ORIGINS')
 
 # Application definition