# Environment Variables ## Quick Reference Table | # | Env | Type | Default | | -- | ------------------------------------------------------- | --------- | -------------------------------------------------------------------- | | 1 | `DEBUG` | bool | `True` | | 2 | `CONTACT_US_EMAIL_TO` | json | `{"defaults": ["contactus@akinon.com"]}` | | 3 | `ACCOUNT_EMAIL_SUBJECT_PREFIX` | str | `None` | | 4 | `ES_HOST_SCHEME` | str | `"https"` | | 5 | `ES_HOST` | str | `"localhost"` | | 6 | `ES_MAJOR_VERSION` | int | `5` | | 7 | `ES_USER` | str | `"akinon"` | | 8 | `DYNAMIC_SETTINGS_CACHE_ACTIVE` | bool | `True` | | 9 | `OPENID_SSO_PROVIDER_ID` | str | `"openid-sso"` | | 10 | `OPENID_SSO_PROVIDER_SERVER_URL` | str | `"https://sso.akinon.com"` | | 11 | `SESSION_CACHE_AGE` | int | `10800` (3 hours) | | 12 | `SESSION_COOKIE_AGE` | int | `1209600` (2 weeks) | | 13 | `ANALYTICS_CONTAINER_ID` | str | `"AKINON"` | | 14 | `PROMOTIONS_ROUNDING_MODE` | str | `"ROUND_HALF_DOWN"` | | 15 | `ORDERS_USE_ISOLATED_PRE_ORDER_ON_RETURN` | bool | `False` | | 16 | `SITE_ID` | int | `1` | | 17 | `X_FRAME_OPTIONS` | str | `"SAMEORIGIN"` | | 18 | `SECURE_HSTS_INCLUDE_SUBDOMAINS` | bool | `True` | | 19 | `SECURE_HSTS_SECONDS` | int | `31536000` | | 20 | `I18N_ACTIVE` | bool | `False` | | 21 | `PRETTY_URL_FORCE_UNICODE_SLUG` | bool | `False` | | 22 | `THUMBNAIL_ACTIVE` | bool | `True` | | 23 | `MULTIPLE_LANGUAGE_URL_ACTIVE` | bool | `False` | | 24 | `LANGUAGE_CODE` | str | `"tr-tr"` | | 25 | `LANGUAGES` | str | `None` | | 26 | `DISABLE_LOCMEM_CACHE` | bool | `False` | | 27 | `LOCAL_CACHE_ENABLED` | bool | `False` | | 28 | `LOCAL_CACHE_HOST` | str | `"localhost"` | | 29 | `LOCAL_CACHE_PORT` | int | `6379` | | 30 | `LOGIN_REDIRECT_URL_SLUG` | str | `None` | | 31 | `EMAIL_BACKEND` | str | `"omnishop.cms.email.backends.smtp.EmailBackend"` | | 32 | `EMAIL_HOST` | str | required | | 33 | `EMAIL_HOST_USER` | str | required | | 34 | `NO_REPLY_EMAIL` | str | `"noreply@akinon.com"` | | 35 | `DEFAULT_FROM_EMAIL` | str | `NO_REPLY_EMAIL` | | 36 | `TEMPLATE_LOADER` | str | `"omnicore.dbtemplates.jinja_loaders.DatabaseAndFileSystemLoader"` | | 37 | `SITEMAP_AUTO_PREFIX` | bool | `False` | | 38 | `SITEMAP_MANUAL_PREFIX` | str | `""` | | 39 | `STATICSITEMAPS_URL` | str | (dynamic default) | | 40 | `STATICSITEMAPS_ROOT_DIR` | str | `"sitemaps/"` | | 41 | `DEFAULT_CURRENCY_TYPE` | str | `"try"` | | 42 | `SESSION_COOKIE_NAME` | str | `"osessionid"` | | 43 | `CSRF_COOKIE_SECURE` | bool | `not DEBUG` | | 44 | `SESSION_COOKIE_SECURE` | bool | `not DEBUG` | | 45 | `CSRF_COOKIE_SAMESITE` | str | `"Lax"` | | 46 | `SESSION_COOKIE_SAMESITE` | str | `"Lax"` | | 47 | `SMS_OTP_RESENT_TIME_GAP` | int | `60` | | 48 | `ORDER_SMS_PHONE_NUMBER_GETTER` | str | `None` | | 49 | `NEW_COOKIE_SAMESITE_MIDDLEWARE_ACTIVE` | bool | `False` | | 50 | `IS_CLOUD_FRONT_MIDDLEWARE_ACTIVE` | bool | `False` | | 51 | `IS_ERP_CODE_MIDDLEWARE_ACTIVE` | bool | `False` | | 52 | `PRETTY_URL_MULTI_LANGUAGE` | bool | `False` | | 53 | `PRETTY_URL_SITE_LANGUAGE_CODE` | str | `LANGUAGE_CODE` | | 54 | `PRETTY_URL_ONLY_ASCII` | bool | `False` | | 55 | `CSRF_TRUSTED_ORIGINS` | list | `[".com", ".net", ".org", ".tr", ".akinon.net", ".akinoncloud.com"]` | | 56 | `ORDER_NUMBER_GENERATOR` | str | `None` | | 57 | `MINIMUM_ORDER_AMOUNT` | str | `"0.01"` | | 58 | `ACCOUNT_ADAPTER` | str | `"omnishop.users.allauth_adapter.CustomDefaultAccountAdapter"` | | 59 | `ACCOUNT_CONFIRM_EMAIL_ON_GET` | bool | `False` | | 60 | `ACCOUNT_EMAIL_VERIFICATION` | str | `"optional"` | | 61 | `ACCOUNT_EMAIL_REQUIRED` | bool | `False` | | 62 | `ACCOUNT_DEFAULT_HTTP_PROTOCOL` | str | `"http"` | | 63 | `INDEX_PRODUCTS_QUANTITY` | int | `50` | | 64 | `COMMERCE_EVENTS` | dict | `{user_logged_in: True, ...}` | | 65 | `INDEX_PRODUCTS_PREFETCH_ENABLED` | bool | `False` | | 66 | `ES_MIN_SCORE_COEFFICIENT` | float | `0` | | 67 | `USER_PROFILE_VIEW` | str | `None` | | 68 | `PASSWORD_HASHERS` | list | (Django default list) | | 69 | `PASSWORD_RESET_TIMEOUT` | int | `259200` (3 days) | | 70 | `REST_REGISTER_VIEW` | str | `None` | | 71 | `REST_AUTH_REGISTER_SERIALIZERS` | json/dict | (default serializer) | | 72 | `AUTHENTICATION_BACKENDS` | tuple | `("allauth.account.auth_backends.AuthenticationBackend",)` | | 73 | `SECURE_BROWSER_XSS_FILTER` | bool | `False` | | 74 | `SECURE_CONTENT_TYPE_NOSNIFF` | bool | `False` | | 75 | `ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL` | str | `None` | | 76 | `INCLUDE_STOCK_OUT_PRODUCTS_ON_SITEMAP` | bool | `True` | | 77 | `ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL` | str | `""` | | 78 | `PREPEND_WWW` | bool | `False` | | 79 | `PROMOTIONS_SINGLE_COUPON` | bool | `False` | | 80 | `KVKK_UNSUBSCRIPTION_SECRET_MAP` | json | `{}` | | 81 | `B2B_EXTENSION_CONF` | json | `{}` | | 82 | `BASKET_UNIT_VALUE_ATTRIBUTE` | str | `"basket_unit_value"` | | 83 | `UNIT_STEP_VALUE_ATTRIBUTE` | str | `"unit_step_value"` | | 84 | `UNIT_REFERENCE_VALUE_ATTRIBUTE` | str | `"unit_reference_value"` | | 85 | `UNIT_PRODUCT_FLAG_ATTRIBUTE` | str | `"is_unit_product"` | | 86 | `UNIT_MINIMUM_VALUE_ATTRIBUTE` | str | `"unit_minimum_value"` | | 87 | `ENABLE_X_COOKIE_HEADER` | bool | `False` | | 88 | `DATA_UPLOAD_MAX_MEMORY_SIZE` | int | `2621440` (2.5 MB) | | 89 | `SEARCH_DYNAMIC_FILTER_ACTIVE` | bool | `False` | | 90 | `SEARCH_FUZZY_SEARCH_ACTIVE` | bool | `False` | | 91 | `CELERY_SCHEDULED_TASKS` | json | `{}` | | 92 | `CORS_ALLOWED_ORIGINS` | list | `["https://docs.akinon.com", "https://apidocs.akinon.com"]` | | | | | | {% hint style="info" %} The table above shows the first 20 variables for brevity. Full details for all variables are provided below. {% endhint %} *** ### Detailed Specifications ### 1. `DEBUG` * **Type:** `bool` * **Default:** `True` * **ACC\_MODE:** Yes (re-read from `.env` file inside ACC\_MODE block, default becomes `False`) * **Description:** Controls Django debug mode. When `True`, detailed error pages are displayed, static files are served by the Django dev server, and various debug features are enabled. Must always be `False` in production environments. When ACC\_MODE is active, the default switches to `False`. ### 2. `CONTACT_US_EMAIL_TO` * **Type:** `json` (dict) * **Default:** `{"defaults": ["contactus@akinon.com"]}` * **ACC\_MODE:** No (global scope, but can be overridden at runtime via dj\_dynamic\_settings) * **Description:** Defines the recipient email addresses for emails sent through the contact us form. Uses a JSON dictionary format to route emails based on operation type. The `"defaults"` key provides fallback recipients when no matching operation type is found. Example: `{"franchise": "franchise@example.com", "contact_us": "info@example.com", "defaults": ["fallback@example.com"]}`. Can be modified at runtime through dynamic settings. ### 3. `ACCOUNT_EMAIL_SUBJECT_PREFIX` * **Type:** `str` * **Default:** `None` * **ACC\_MODE:** No (global scope) * **Description:** Prefix string added to the subject line of emails sent by django-allauth (email verification, password reset, etc.). When `None`, no prefix is added to the subject line. Example: setting `"[MyShop] "` results in email subjects like `"[MyShop] Please Confirm Your E-mail Address"`. ### 4. `ES_HOST_SCHEME` * **Type:** `str` * **Default:** `"https"` * **ACC\_MODE:** Yes (re-read) * **Description:** Determines the protocol scheme for the Elasticsearch connection URL (`"http"` or `"https"`). Used when constructing the `ES_HOSTS` connection string. Typically set to `"http"` in CI/test environments. ### 5. `ES_HOST` * **Type:** `str` * **Default:** `"localhost"` (global scope), required (ACC\_MODE) * **ACC\_MODE:** Yes (re-read, no default) * **Description:** Hostname (and optionally port) of the Elasticsearch server. Used to construct the `ES_HOSTS` connection string. Example: `"es.example.com"` or `"localhost:9200"`. ### 6. `ES_MAJOR_VERSION` * **Type:** `int` * **Default:** `5` * **ACC\_MODE:** Yes (re-read) * **Description:** The Elasticsearch major version number in use. Supported values: `5` and `8`. This value determines the behavior of the search module across many areas including query syntax, mapping structure, index creation, facet search behavior, and API compatibility. For example, ES 8 uses `ngram` instead of `nGram` as the filter type and the `_type` field has been removed. When ES 8 is selected, `ES_USER` and `ES_PASSWORD` variables also become active. ### 7. `ES_USER` * **Type:** `str` * **Default:** `"akinon"` * **ACC\_MODE:** Yes (only when `ES_MAJOR_VERSION == 8`) * **Description:** Username for Elasticsearch basic authentication. Only active when `ES_MAJOR_VERSION` is `8`. Included in the `ES_HOSTS` connection URL in `scheme://user:password@host` format. ### 8. `DYNAMIC_SETTINGS_CACHE_ACTIVE` * **Type:** `bool` * **Default:** `True` * **ACC\_MODE:** No (global scope) * **Description:** Enables or disables the caching mechanism of the `dj_dynamic_settings` library. When `True`, dynamic setting values are cached to reduce database reads. When `False`, every dynamic setting access reads directly from the database. Recommended to be `True` in production for performance. ### 9. `OPENID_SSO_PROVIDER_ID` * **Type:** `str` * **Default:** `"openid-sso"` * **ACC\_MODE:** No (global scope) * **Description:** Unique identifier for the OpenID Connect SSO provider in django-allauth's `SOCIALACCOUNT_PROVIDERS` configuration. Used to reference this provider in the provider registry. ### 10. `OPENID_SSO_PROVIDER_SERVER_URL` * **Type:** `str` * **Default:** `"https://sso.akinon.com"` * **ACC\_MODE:** No (global scope) * **Description:** The discovery URL for the OpenID Connect SSO provider. django-allauth uses this URL to automatically fetch the provider's OpenID Connect configuration (`.well-known/openid-configuration`). Must be set to the correct provider address for SSO integration. ### 11. `SESSION_CACHE_AGE` * **Type:** `int` * **Default:** `10800` (3 hours, in seconds) * **ACC\_MODE:** No (global scope) * **Description:** Controls how long session data is kept in the Redis cache. The application uses a custom `SessionStore` (cached\_db backend) where the actual cache expiry is calculated as `min(SESSION_COOKIE_AGE, SESSION_CACHE_AGE)`. This means the cache TTL is always the shorter of the two values. Lowering this value causes more frequent database reads to reload session data into cache, while raising it keeps sessions cached longer and reduces DB load. ### 12. `SESSION_COOKIE_AGE` * **Type:** `int` * **Default:** `1209600` (2 weeks, in seconds) * **ACC\_MODE:** No (global scope) * **Description:** Standard Django setting that controls the age of session cookies in seconds. Determines how long a user's browser will keep the session cookie before it expires. Also used together with `SESSION_CACHE_AGE` to determine the cache expiry duration (`min` of both values). ### 13. `ANALYTICS_CONTAINER_ID` * **Type:** `str` * **Default:** `"AKINON"` * **ACC\_MODE:** No (global scope) * **Description:** Sets the container ID for analytics tracking. The value is placed into the `ANALYTICS_CONTAINER` dictionary (`{"containerId": }`) and injected into Jinja2 templates as a global constant, making it accessible in frontend templates for analytics/tracking integration. ### 14. `PROMOTIONS_ROUNDING_MODE` * **Type:** `str` * **Default:** `"ROUND_HALF_DOWN"` * **ACC\_MODE:** No (global scope) * **Description:** Determines the rounding mode used for discount calculations in the promotions module. Applied when quantizing discount amounts to 2 decimal places (e.g., `amount.quantize(D('.01'), PROMOTIONS_ROUNDING_MODE)`). Used in both `benefits.py` (promotion benefit calculations) and `baskets/models.py` (basket item unit price after discount). Valid values are Python `decimal` rounding modes: `ROUND_HALF_DOWN`, `ROUND_HALF_UP`, `ROUND_CEILING`, `ROUND_FLOOR`, `ROUND_DOWN`, `ROUND_UP`, etc. ### 15. `ORDERS_USE_ISOLATED_PRE_ORDER_ON_RETURN` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** No (global scope) * **Description:** When enabled, the checkout flow includes the encoded order number in return URLs (success/fail URLs for 3D Secure, redirect payments, and wallet payments). This allows the system to identify the specific pre-order when the payment gateway redirects the user back, rather than relying solely on session state. Affects `CheckoutView`, `CreditCardThreeDSecurePage`, `RedirectPayPage`, `SavedCardThreeDSecurePage`, wallet views, and basket service pre-order creation. ### 16. `SITE_ID` * **Type:** `int` * **Default:** `1` * **ACC\_MODE:** Yes (re-read) * **Description:** Standard Django setting that identifies the current site in multi-site setups. Used with the `django.contrib.sites` framework. Also assigned to `DEFAULT_SITE_ID` and injected into Jinja2 templates as a global constant. ### 17. `X_FRAME_OPTIONS` * **Type:** `str` * **Default:** `"SAMEORIGIN"` * **ACC\_MODE:** Yes * **Description:** Django security setting that controls the `X-Frame-Options` HTTP response header. `"SAMEORIGIN"` allows the page to be displayed in a frame only on the same origin. `"DENY"` prevents framing entirely. This protects against clickjacking attacks. ### 18. `SECURE_HSTS_INCLUDE_SUBDOMAINS` * **Type:** `bool` * **Default:** `True` * **ACC\_MODE:** Yes * **Description:** Django security setting. When `True`, the HTTP Strict Transport Security (HSTS) header includes the `includeSubDomains` directive, forcing HTTPS on all subdomains of the site. Only effective when `SECURE_HSTS_SECONDS` is set to a non-zero value. ### 19. `SECURE_HSTS_SECONDS` * **Type:** `int` * **Default:** `31536000` (1 year, in seconds) * **ACC\_MODE:** Yes * **Description:** Django security setting that sets the number of seconds the browser should remember to only access the site via HTTPS (HTTP Strict Transport Security). The default of `31536000` equals one year. Setting to `0` disables the HSTS header entirely. Works in conjunction with `SECURE_HSTS_INCLUDE_SUBDOMAINS`. ### 20. `I18N_ACTIVE` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes * **Description:** Enables internationalization URL support. When `True`, URL patterns in `urls.py` are wrapped with Django's `i18n_patterns()`, which adds language-code prefixes to URLs (e.g., `/tr-tr/products/`, `/en-us/products/`). PrettyUrl patterns are excluded from the wrapping to preserve their own routing logic. ### 21. `PRETTY_URL_FORCE_UNICODE_SLUG` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes * **Description:** Controls slug generation behavior in the pretty URL system. When `False`, slugs for the default language and configured ASCII languages are generated using standard ASCII slugification (e.g., `"Çanta"` becomes `"canta"`). When `True`, unicode characters are preserved in slugs (e.g., `"Çanta"` stays `"çanta"`). Works in conjunction with `PRETTY_URL_ONLY_ASCII`. ### 22. `THUMBNAIL_ACTIVE` * **Type:** `bool` * **Default:** `True` * **ACC\_MODE:** Yes (re-read) * **Description:** Enables or disables thumbnail generation for product images. When `True`, images are processed and resized according to `THUMBNAIL_OPTIONS` configuration. When `False`, original images are served without processing. The value is also injected into Jinja2 templates as a global constant for frontend conditional rendering. ### 23. `MULTIPLE_LANGUAGE_URL_ACTIVE` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes * **Description:** When `True`, replaces Django's standard `LocaleMiddleware` with `PrettyUrlLocaleMiddleware` in the middleware stack. This enables multi-language URL support with pretty URL integration, allowing language-specific URL routing through the pretty URL system rather than Django's default locale handling. ### 24. `LANGUAGE_CODE` * **Type:** `str` * **Default:** `"tr-tr"` * **ACC\_MODE:** Yes (re-read) * **Description:** Standard Django setting that defines the default language code for the site. Used for locale detection, translation, and as the default value for `PRETTY_URL_SITE_LANGUAGE_CODE`. Format follows BCP 47 convention (e.g., `"tr-tr"`, `"en-us"`, `"de-de"`). ### 25. `LANGUAGES` * **Type:** `str` * **Default:** `None` * **ACC\_MODE:** Yes * **Description:** Comma-separated list of language definitions in `code=name` format. When set, overrides the default `LANGUAGES` list. Example: `"tr-tr=Turkish,en-us=English"` produces `[("tr-tr", "Turkish"), ("en-us", "English")]`. When `None`, the default defined in settings (`[("tr-tr", "Turkish")]`) is used. ### 26. `DISABLE_LOCMEM_CACHE` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** When `True`, replaces the `"locmem"` cache backend with Django's `DummyCache`, effectively disabling local memory caching. Useful for debugging cache-related issues or in environments where local memory caching is not desired. ### 27. `LOCAL_CACHE_ENABLED` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** When `True`, adds a `"local"` Redis cache backend to the `CACHES` configuration. This separate cache instance (configured via `LOCAL_CACHE_HOST` and `LOCAL_CACHE_PORT`) is used for local/node-level caching, typically pointing to a Redis instance on the same machine for low-latency cache access. Used by prettyurls, catalogs, baskets, products, and search modules. ### 28. `LOCAL_CACHE_HOST` * **Type:** `str` * **Default:** `"localhost"` * **ACC\_MODE:** Yes (ACC\_MODE only, requires `LOCAL_CACHE_ENABLED=True`) * **Description:** Hostname or IP address of the Redis instance used for the `"local"` cache backend. Only effective when `LOCAL_CACHE_ENABLED` is `True`. Combined with `LOCAL_CACHE_PORT` to form the connection URL: `redis://:`. ### 29. `LOCAL_CACHE_PORT` * **Type:** `int` * **Default:** `6379` * **ACC\_MODE:** Yes (ACC\_MODE only, requires `LOCAL_CACHE_ENABLED=True`) * **Description:** Port number of the Redis instance used for the `"local"` cache backend. Only effective when `LOCAL_CACHE_ENABLED` is `True`. Standard Redis port is `6379`. ### 30. `LOGIN_REDIRECT_URL_SLUG` * **Type:** `str` * **Default:** `None` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Determines the redirect destination after a successful login. Accepts slug values mapped to Django URL names: `"home"` maps to the `"home"` URL, `"basket"` maps to `"omnishop_baskets:basket"`. When `None` or any unrecognized value, defaults to the basket page (`"omnishop_baskets:basket"`). ### 31. `EMAIL_BACKEND` * **Type:** `str` * **Default:** `"omnishop.cms.email.backends.smtp.EmailBackend"` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** The Django email backend class used for sending emails. The default value is a custom SMTP backend. In local development, the global default uses Django's console backend (`django.core.mail.backends.console.EmailBackend`) which prints emails to stdout instead of sending them. ### 32. `EMAIL_HOST` * **Type:** `str` * **Default:** required (no default) * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Hostname of the SMTP server used for sending emails. Example: `"smtp.gmail.com"` or `"email-smtp.eu-west-1.amazonaws.com"`. ### 33. `EMAIL_HOST_USER` * **Type:** `str` * **Default:** required (no default) * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Username for SMTP authentication. The format depends on the email provider (e.g., full email address for Gmail, SMTP credentials for AWS SES). ### 34. `NO_REPLY_EMAIL` * **Type:** `str` * **Default:** `"noreply@akinon.com"` * **ACC\_MODE:** Yes (re-read) * **Description:** The no-reply email address used as the sender for automated system emails. Also serves as the default value for `DEFAULT_FROM_EMAIL` if that variable is not explicitly set. ### 35. `DEFAULT_FROM_EMAIL` * **Type:** `str` * **Default:** `NO_REPLY_EMAIL` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Standard Django setting that defines the default "From" address for emails sent by the application. Defaults to the value of `NO_REPLY_EMAIL` if not explicitly set. ### 36. `TEMPLATE_LOADER` * **Type:** `str` * **Default:** `"omnicore.dbtemplates.jinja_loaders.DatabaseAndFileSystemLoader"` (ACC\_MODE), `"jinja2.FileSystemLoader"` (local) * **ACC\_MODE:** Yes * **Description:** Specifies the Jinja2 template loader class used by the Django-Jinja template backend. In local development, `jinja2.FileSystemLoader` loads templates only from the filesystem. In production (ACC\_MODE), `DatabaseAndFileSystemLoader` loads templates from the database first (allowing runtime template customization via the admin), falling back to the filesystem. ### 37. `SITEMAP_AUTO_PREFIX` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** When `True`, automatically prefixes sitemap storage paths with the `ACC_PROJECT_APP_UUID` value. This enables multi-tenant sitemap storage in a shared S3 bucket by placing each project's sitemaps in a unique subdirectory (`sitemaps//`). When enabled, `SitemapS3Storage` is used instead of the default storage. Takes precedence over `SITEMAP_MANUAL_PREFIX`. ### 38. `SITEMAP_MANUAL_PREFIX` * **Type:** `str` * **Default:** `""` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Manually sets a prefix for sitemap storage paths. When set to a non-empty string (and `SITEMAP_AUTO_PREFIX` is `False`), sitemaps are stored under `sitemaps//` in S3. When empty and `SITEMAP_AUTO_PREFIX` is also `False`, the backward-compatible default path (`sitemaps/sitemaps/`) is used. ### 39. `STATICSITEMAPS_URL` * **Type:** `str` * **Default:** (dynamic, depends on `SITEMAP_AUTO_PREFIX`, `SITEMAP_MANUAL_PREFIX`, and `S3_BUCKET_NAME`) * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** The base URL where generated sitemap XML files are publicly accessible. Used by the `static_sitemaps` library to construct absolute URLs in the sitemap index. The default is dynamically computed based on the S3 bucket name and sitemap prefix configuration. Example: `"https://s3.eu-central-1.amazonaws.com/mybucket/sitemaps/uuid/"`. In local development, defaults to `"/"`. ### 40. `STATICSITEMAPS_ROOT_DIR` * **Type:** `str` * **Default:** `"sitemaps/"` (backward-compatible mode), `""` (when `SITEMAP_AUTO_PREFIX` or `SITEMAP_MANUAL_PREFIX` is active) * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** The root directory path within the storage backend where sitemap files are saved. When `SitemapS3Storage` is used (prefix mode), this must be empty because the storage class handles the path internally. In backward-compatible mode, defaults to `"sitemaps/"`. In local development, defaults to `"sitemaps/"`. ### 41. `DEFAULT_CURRENCY_TYPE` * **Type:** `str` * **Default:** `"try"` * **ACC\_MODE:** Yes (re-read) * **Description:** The default currency code used throughout the application. Applied as the default currency for catalog pricing, order creation, shipping price, promotion basket offers, and loyalty card operations. The value is used in uppercase form (e.g., `"TRY"`) when communicating with external services. Can be overridden at runtime through dynamic settings. Examples: `"try"`, `"usd"`, `"eur"`, `"pln"`. ### 42. `SESSION_COOKIE_NAME` * **Type:** `str` * **Default:** `"osessionid"` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Standard Django setting that defines the name of the cookie used for sessions. The default `"osessionid"` avoids conflicts with other Django applications that use the standard `"sessionid"` name. Referenced by the `CookieSameSiteMiddleware` for SameSite attribute handling. ### 43. `CSRF_COOKIE_SECURE` * **Type:** `bool` * **Default:** `not DEBUG` (i.e., `True` in production, `False` in debug mode) * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Django security setting. When `True`, the CSRF cookie is marked as secure, meaning it will only be sent over HTTPS connections. Automatically set to `True` when `DEBUG` is `False`. ### 44. `SESSION_COOKIE_SECURE` * **Type:** `bool` * **Default:** `not DEBUG` (i.e., `True` in production, `False` in debug mode) * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Django security setting. When `True`, the session cookie is marked as secure, meaning it will only be sent over HTTPS connections. Automatically set to `True` when `DEBUG` is `False`. ### 45. `CSRF_COOKIE_SAMESITE` * **Type:** `str` * **Default:** `"Lax"` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Django security setting that controls the `SameSite` attribute of the CSRF cookie. `"Lax"` allows the cookie to be sent with top-level navigations from external sites but blocks it on cross-origin subrequests. Other valid values: `"Strict"` (never sent cross-site), `"None"` (always sent, requires `Secure` flag). ### 46. `SESSION_COOKIE_SAMESITE` * **Type:** `str` * **Default:** `"Lax"` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Django security setting that controls the `SameSite` attribute of the session cookie. Works identically to `CSRF_COOKIE_SAMESITE` but applies to the session cookie. `"Lax"` is the recommended default for most setups. ### 47. `SMS_OTP_RESENT_TIME_GAP` * **Type:** `int` * **Default:** `60` (seconds) * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Minimum time gap in seconds that must pass before a user can request a new SMS OTP code. Used in the user service to rate-limit OTP resend requests, preventing abuse. Setting to `0` disables the rate limiting. Example: with the default of `60`, a user must wait at least 60 seconds before requesting a new code. ### 48. `ORDER_SMS_PHONE_NUMBER_GETTER` * **Type:** `str` * **Default:** `None` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Python dotted path to a custom function that retrieves the phone number for order-related SMS notifications. Uses the `@swappable` decorator pattern, allowing the default implementation to be replaced. The default implementation (`omnishop.orders.utils.get_order_sms_phone_number`) returns `order.user.phone` or falls back to `order.shipping_address.phone_number`. When set, the specified function receives the order object and must return a phone number string. ### 49. `NEW_COOKIE_SAMESITE_MIDDLEWARE_ACTIVE` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** When `True`, replaces the `SessionCookieSamesiteMiddleware` with the newer `CookieSameSiteMiddleware` in the middleware stack. The newer middleware applies `SameSite` and `Secure` attributes to all cookies (not just the session cookie), providing broader cookie security. Currently marked as experimental but intended to eventually replace `SessionCookieSamesiteMiddleware` as the default. ### 50. `IS_CLOUD_FRONT_MIDDLEWARE_ACTIVE` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** When `True`, appends `CloudFrontMiddleware` to the middleware stack. This middleware extends Django's `LocaleMiddleware` and reads the `HTTP_CLOUDFRONT_VIEWER_COUNTRY` header (set by AWS CloudFront) to automatically determine the user's locale based on their geographic location. It maps country codes to supported language codes and sets the `Accept-Language` header accordingly. Omnitron requests (those with `HTTP_X_OMNITRON_SESSION`) are excluded from this behavior. ### 51. `IS_ERP_CODE_MIDDLEWARE_ACTIVE` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** When `True`, inserts `ErpCodeMiddleware` into the middleware stack (before `SegmentationMiddleware`). This middleware reads the `erp_code` cookie from the request and stores it in the user's session. This allows the ERP code to persist across requests and be used for segmentation and other business logic downstream. ### 52. `PRETTY_URL_MULTI_LANGUAGE` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Enables multi-language support in the pretty URL system. When `True`, pretty URLs are generated and resolved per language, the `language` field becomes required in pretty URL API serializers, URL generators create slugs for each configured language, and CMS/flatpage serializers enforce language-specific URL entries. Affects prettyurls middleware, i18n module, generators, CMS middleware, CMS serializers, datawarehouse views, and the redirect fallback middleware. This is one of the most impactful multi-language settings in the system. ### 53. `PRETTY_URL_SITE_LANGUAGE_CODE` * **Type:** `str` * **Default:** `LANGUAGE_CODE` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Defines the "site language code" used by the pretty URL system to determine the primary/default language for URL resolution. Used by the pretty URL middleware, i18n module, generators, and the redirect fallback middleware to identify which language's URL should be treated as the canonical or default version. Defaults to the value of `LANGUAGE_CODE`. ### 54. `PRETTY_URL_ONLY_ASCII` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** When `True`, forces all pretty URL slugs to use ASCII-only characters regardless of language, applying `slugify()` to convert unicode characters. When `False`, non-default-language slugs may retain unicode characters (subject to `PRETTY_URL_FORCE_UNICODE_SLUG`). Used in the slug generation logic of `prettyurls/generators.py`. ### 55. `CSRF_TRUSTED_ORIGINS` * **Type:** `list` * **Default:** `[".com", ".net", ".org", ".tr", ".akinon.net", ".akinoncloud.com"]` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Standard Django setting that defines a list of trusted origins for CSRF validation. Requests from these origins are allowed to make unsafe requests (POST, PUT, DELETE). Uses comma-separated values in the environment variable. Example: `"CSRF_TRUSTED_ORIGINS=.myshop.com,.myshop.net"`. ### 56. `ORDER_NUMBER_GENERATOR` * **Type:** `str` * **Default:** `None` * **ACC\_MODE:** Yes (re-read) * **Description:** Python dotted path to a custom order number generator function. Uses the `@swappable` decorator pattern, allowing the default implementation to be replaced. When `None`, the built-in order number generation logic is used. The settings comment indicates this will eventually always be `"omnishop.orders.generator.generate_order_number_v2"`. The generator function's behavior can be further configured via the `ORDER_NUMBER_GENERATOR_CONF` dynamic setting. ### 57. `MINIMUM_ORDER_AMOUNT` * **Type:** `str` * **Default:** `"0.01"` * **ACC\_MODE:** Yes (re-read) * **Description:** The minimum total amount required for an order to be placed. Used in the order service to validate that the order total meets the threshold, and in order input serializers for validation. Can be overridden at runtime through dynamic settings. The value is compared as a `Decimal`. Example: `"100.00"` requires orders to be at least 100 units of the default currency. ### 58. `ACCOUNT_ADAPTER` * **Type:** `str` * **Default:** `"omnishop.users.allauth_adapter.CustomDefaultAccountAdapter"` * **ACC\_MODE:** Yes (re-read) * **Description:** django-allauth setting that specifies the adapter class for account management operations (login, signup, email confirmation, password reset, etc.). The default `CustomDefaultAccountAdapter` extends allauth's default with custom behavior. Can be swapped to `"omnishop.users.allauth_adapter.SSOAccountAdapter"` for SSO-specific account handling. ### 59. `ACCOUNT_CONFIRM_EMAIL_ON_GET` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** django-allauth setting. When `True`, email confirmation is performed automatically when the user clicks the confirmation link (GET request). When `False`, the user is shown a confirmation page with a form that must be submitted (POST request) to complete the verification. ### 60. `ACCOUNT_EMAIL_VERIFICATION` * **Type:** `str` * **Default:** `"optional"` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** django-allauth setting that controls the email verification policy. Valid values: `"mandatory"` (users must verify their email before they can log in), `"optional"` (verification email is sent but not required for login), `"none"` (no verification email is sent). ### 61. `ACCOUNT_EMAIL_REQUIRED` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** django-allauth setting. When `True`, an email address is required during registration. When `False`, users can register without providing an email address. Note that `SOCIALACCOUNT_EMAIL_REQUIRED` is separately hardcoded to `True` for social account registrations. ### 62. `ACCOUNT_DEFAULT_HTTP_PROTOCOL` * **Type:** `str` * **Default:** `"http"` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** django-allauth setting that specifies the default protocol used when generating absolute URLs (e.g., email confirmation links, password reset links). Should be set to `"https"` in production environments where HTTPS is enforced. ### 63. `INDEX_PRODUCTS_QUANTITY` * **Type:** `int` * **Default:** `50` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** The number of products to process in each batch during the Elasticsearch indexing task (`index_products_task`). Controls the chunk size for bulk indexing operations. A higher value means fewer batches but more memory usage per batch. ### 64. `COMMERCE_EVENTS` * **Type:** `dict` * **Default:** `{"user_logged_in": True, "user_registered": True, "user_updated": True, "basket_offer_created": True, "basket_offer_updated": True, "conversation_replied": True}` * **ACC\_MODE:** Yes (re-read) * **Description:** Dictionary that controls which commerce events are active in the system. Each key is an event name and the value is a boolean (or dict with serializer config) indicating whether that event should be dispatched. Used by the events service to determine if a particular event should be processed and by the user events module to check if user-related events should be fired. Event keys include `user_logged_in`, `user_registered`, `user_updated`, `basket_offer_created`, `basket_offer_updated`, `conversation_replied`, and more. ### 65. `INDEX_PRODUCTS_PREFETCH_ENABLED` * **Type:** `bool` * **Default:** `False` (ACC\_MODE), `True` (local) * **ACC\_MODE:** Yes (re-read) * **Description:** Enables or disables prefetching of related objects during Elasticsearch product indexing. When `True`, related data is prefetched in bulk to reduce database queries during indexing. When `False`, related objects are fetched individually. The local default is `True` for development convenience, while ACC\_MODE defaults to `False` for production control. ### 66. `ES_MIN_SCORE_COEFFICIENT` * **Type:** `float` * **Default:** `0` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** The minimum score coefficient applied to Elasticsearch search results. When set to a value greater than `0`, search results with a relevance score below the calculated threshold are filtered out. Used in both product search and search suggestions. A value of `0` disables minimum score filtering (all results are returned). Higher values (e.g., `0.85`) result in stricter relevance filtering. ### 67. `USER_PROFILE_VIEW` * **Type:** `str` * **Default:** `None` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Python dotted path to a custom user profile view class that replaces the default `UserProfileViewSet`. When set, the specified class is dynamically imported and used instead of the built-in view. When `None`, the default `UserProfileViewSet` is used. Example: `"omnishop.users.views.UserProfileSMSOtpView"`. ### 68. `PASSWORD_HASHERS` * **Type:** `list` * **Default:** `["django.contrib.auth.hashers.PBKDF2PasswordHasher", "django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher", "django.contrib.auth.hashers.Argon2PasswordHasher", "django.contrib.auth.hashers.BCryptSHA256PasswordHasher", "django.contrib.auth.hashers.BCryptPasswordHasher", "omnishop.users.helpers.SHA1MD5PasswordHasher"]` * **ACC\_MODE:** Yes (re-read) * **Description:** Standard Django setting that defines the list of password hashing algorithms in priority order. The first entry is used for new passwords, while the remaining entries support legacy password verification. Includes the custom `SHA1MD5PasswordHasher` for backward compatibility with older password formats. Can be overridden to change the priority or add/remove hashers. ### 69. `PASSWORD_RESET_TIMEOUT` * **Type:** `int` * **Default:** `259200` (3 days, in seconds) * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Standard Django setting that defines how long a password reset link remains valid, in seconds. After this period, the link expires and the user must request a new one. The default of `259200` seconds equals 3 days. ### 70. `REST_REGISTER_VIEW` * **Type:** `str` * **Default:** `None` * **ACC\_MODE:** Yes (re-read) * **Description:** Python dotted path to a custom registration view class that replaces the default `RegisterRedirectView`. When set, the specified class is dynamically imported and used as the registration endpoint. When `None`, the default registration view is used. Example: `"omnishop.users.views.RegisterSMSOtpView"` for SMS OTP-based registration. ### 71. `REST_AUTH_REGISTER_SERIALIZERS` * **Type:** `json/dict` * **Default:** `{"REGISTER_SERIALIZER": "omnishop.users.resources.serializers.RegisterSerializer"}` * **ACC\_MODE:** Yes (re-read) * **Description:** django-rest-auth setting that defines the serializer classes used for user registration. The `REGISTER_SERIALIZER` key specifies which serializer handles the registration payload. Can be overridden as either a JSON string or a Python dict to use a custom registration serializer with different field requirements. ### 72. `AUTHENTICATION_BACKENDS` * **Type:** `tuple` * **Default:** `("allauth.account.auth_backends.AuthenticationBackend",)` * **ACC\_MODE:** Yes (re-read) * **Description:** Standard Django setting that lists the authentication backend classes used to verify user credentials. The default uses allauth's authentication backend, which supports username/email login as configured by `ACCOUNT_AUTHENTICATION_METHOD`. Can be extended with additional backends for custom authentication flows. ### 73. `SECURE_BROWSER_XSS_FILTER` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Django security setting. When `True`, adds the `X-XSS-Protection: 1; mode=block` HTTP header to all responses, instructing the browser to block pages that appear to contain XSS attacks. Note: this header is largely deprecated in modern browsers in favor of Content Security Policy (CSP). ### 74. `SECURE_CONTENT_TYPE_NOSNIFF` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Django security setting. When `True`, adds the `X-Content-Type-Options: nosniff` HTTP header to all responses, preventing browsers from MIME-type sniffing. This forces the browser to respect the declared `Content-Type`, reducing the risk of drive-by download attacks. ### 75. `ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL` * **Type:** `str` * **Default:** `None` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** django-allauth setting that defines the URL to redirect to after an anonymous (not logged-in) user confirms their email address. When `None`, allauth uses its default redirect behavior. Can be set to an absolute URL or a relative path. Example: `"https://www.myshop.com/email-confirmed"`. ### 76. `INCLUDE_STOCK_OUT_PRODUCTS_ON_SITEMAP` * **Type:** `bool` * **Default:** `True` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Controls whether out-of-stock products are included in the generated sitemap XML. When `True`, all products (regardless of stock status) appear in the sitemap. When `False`, out-of-stock products are excluded. Can also be configured through the CMS dynamic settings. ### 77. `ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL` * **Type:** `str` * **Default:** `""` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** django-allauth setting that defines the URL to redirect to after an authenticated (logged-in) user confirms their email address. When empty string, allauth uses its default redirect behavior. Can be set to an absolute URL or a relative path. ### 78. `PREPEND_WWW` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Standard Django setting. When `True`, Django's `CommonMiddleware` automatically prepends `www.` to URLs that don't have it and redirects. For example, `myshop.com` would redirect to `www.myshop.com`. When `False`, no `www.` prepending or redirecting occurs. ### 79. `PROMOTIONS_SINGLE_COUPON` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Controls whether only a single coupon can be applied per basket. When `True`, the promotions applicator uses the `get_promotions_single_coupons` method, which restricts the basket to one coupon at a time instead of allowing multiple coupons to stack. When `False`, auto-use coupons can be combined. Affects both collection-based and non-collection-based basket offer queries in the applicator. ### 80. `KVKK_UNSUBSCRIPTION_SECRET_MAP` * **Type:** `json` (dict) * **Default:** `{}` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** JSON dictionary mapping service names to their secret keys for KVKK (Turkish Personal Data Protection Law) unsubscription verification. Used by the user service to validate unsubscription requests from external services. Each entry maps a service name to its expected secret key. When empty or when the service name is not found, the unsubscription request is rejected. Example: `{"service1": "secret1", "service2": "secret2"}`. ### 81. `B2B_EXTENSION_CONF` * **Type:** `json` (dict) * **Default:** `{}` * **ACC\_MODE:** Yes (re-read) * **Description:** Configuration dictionary for the B2B (Business-to-Business) extension module. When set (non-empty), B2B URL patterns are activated in `urls.py`. Contains keys such as `"api_url"` (upstream B2B API URL) and `"password"` (B2B authentication password). Used by the B2B API proxy views, payment rules for B2B password validation, and the B2B promotions client for API communication. Example: `{"api_url": "https://b2b-api.example.com/api/v1/", "password": "b2b_pass"}`. ### 82. `BASKET_UNIT_VALUE_ATTRIBUTE` * **Type:** `str` * **Default:** `"basket_unit_value"` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** The product/basket-item attribute key used to store the unit value when adding weight-based products to the basket (e.g., `1300` for 1300 grams). Part of the "selling products in grams" (kapida) feature. This value is stored as a basket item attribute and used for unit price calculations and display. ### 83. `UNIT_STEP_VALUE_ATTRIBUTE` * **Type:** `str` * **Default:** `"unit_step_value"` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** The product attribute key that defines the step increment value for weight-based products (e.g., `300` for 300-gram increments). Part of the "selling products in grams" feature. Used by the product model to determine the allowed quantity increments. ### 84. `UNIT_REFERENCE_VALUE_ATTRIBUTE` * **Type:** `str` * **Default:** `"unit_reference_value"` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** The product attribute key that defines the reference unit value for weight-based products (e.g., `1000` for 1000 grams = 1 kg). Part of the "selling products in grams" feature. Used by the product model for unit price calculations. ### 85. `UNIT_PRODUCT_FLAG_ATTRIBUTE` * **Type:** `str` * **Default:** `"is_unit_product"` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** The product attribute key that flags whether a product is sold by weight/unit (e.g., grams). Part of the "selling products in grams" feature. When the product has this attribute set to a truthy value, the unit-based pricing and quantity logic is activated. ### 86. `UNIT_MINIMUM_VALUE_ATTRIBUTE` * **Type:** `str` * **Default:** `"unit_minimum_value"` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** The product attribute key that defines the minimum order quantity for weight-based products (e.g., `500` for a minimum of 500 grams). Part of the "selling products in grams" feature. Used by the product model to enforce minimum purchase requirements. ### 87. `ENABLE_X_COOKIE_HEADER` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** When `True`, inserts `XCookieToCookieMiddleware` at the very beginning of the middleware stack (position 0) and adds `"X-Cookie"` to `CORS_ALLOW_HEADERS`. This middleware reads the `X-Cookie` HTTP header and copies it to the standard `HTTP_COOKIE` header, allowing clients (e.g., mobile apps) to send cookie data via a custom header instead of the standard Cookie header. Useful for environments where the standard Cookie header cannot be set directly. ### 88. `DATA_UPLOAD_MAX_MEMORY_SIZE` * **Type:** `int` * **Default:** `2621440` (2.5 MB) * **ACC\_MODE:** Yes (ACC\_MODE only) * **Description:** Standard Django setting that limits the maximum size of the request body (excluding file uploads) in bytes. Requests with a body larger than this value will raise `RequestDataTooBig`. The default of `2621440` bytes equals 2.5 MB. Increase if the application needs to accept larger JSON payloads or form data. ### 89. `SEARCH_DYNAMIC_FILTER_ACTIVE` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** No (global scope) * **Description:** Enables dynamic filtering for Elasticsearch search results. When `True`, the system reads `HTTP_X_SEARCH_DYNAMIC_EXCLUDE` and `HTTP_X_SEARCH_DYNAMIC_FILTER` request headers (base64-encoded JSON), parses them, and applies them as additional filter/exclude criteria to search queries. This allows clients to dynamically modify search behavior per request without changing the search configuration. Filter values are cached in memory for performance. ### 90. `SEARCH_FUZZY_SEARCH_ACTIVE` * **Type:** `bool` * **Default:** `False` * **ACC\_MODE:** No (global scope) * **Description:** Enables fuzzy matching in Elasticsearch facet search. When `True`, search queries use fuzzy matching to find results that are similar but not exact matches to the search term, tolerating typos and spelling variations. Used in the facet search module (`facet_search.py`). ### 91. `CELERY_SCHEDULED_TASKS` * **Type:** `json` (dict) * **Default:** `{}` * **ACC\_MODE:** No (global scope) * **Description:** JSON dictionary defining Celery Beat scheduled tasks dynamically via environment variables. Each key is a task name, and the value is a dictionary containing `"task"` (dotted path to the task function), `"schedule"` (crontab parameters as a dict), `"args"` (positional arguments list), and `"kwargs"` (keyword arguments dict). Tasks are registered into `CELERYBEAT_SCHEDULE` at startup. Example: `{"my_task": {"task": "myapp.tasks.cleanup", "schedule": {"hour": 2, "minute": 0}, "args": [], "kwargs": {}}}`. ### 92. `CORS_ALLOWED_ORIGINS` * **Type:** `list` * **Default:** `["https://docs.akinon.com", "https://apidocs.akinon.com"]` * **ACC\_MODE:** No (global scope) * **Description:** List of origins that are authorized to make cross-origin requests. Used by the `django-cors-headers` middleware to set the `Access-Control-Allow-Origin` response header. Only requests from these origins will be allowed for CORS. Comma-separated in the environment variable. Example: `"CORS_ALLOWED_ORIGINS=https://www.myshop.com,https://admin.myshop.com"`. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.akinon.com/technical-guides/commerce/environment-variables.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.