Django configuration lives in settings.py, but real applications need different settings per environment (development, staging, production) and must keep secrets out of code. Managing this correctly is both an operational necessity and a security requirement.
The problem with a single settings.py
DEBUG =
SECRET_KEY =
DATABASES = {: {: }}
