envenc
v1.0.1
Published
Seamlessly encrypt and decrypt your .env file
Downloads
10
Maintainers
Readme
envenc
The 1Password for development environment variables.
Seamlessly encrypt and decrypt your development keys in your .env
.
Installation
npm install envenc
Usage
- Install:
npm install envenc
- Create:
.env
file and add your keys. Add this file to your.gitignore
- Add:
export SOME_SECRET=...
to your~./bash_profile
. Share this key with other developers. - Encrypt:
.env
file with envenc:./node_modules/.bin/envenc $SOME_SECRET
- Commit:
.env.enc
to source control - Include:
require('envenc')(process.env.SOME_SECRET)
at the top of your application
Important: This is not for your production enviroment. You should store those keys on your server. This is specifically for sharing development keys with other developers.
Optional: There is also support for a .env.local
file. This is meant for local modifications and will overwrite anything in the .env
. You should also put this in your .gitignore
file
Motivation
- Based on: Keeping Passwords in Source Control
- Inspired by: https://github.com/jed/config-leaf
When you should you decrypt and encrypt?
Decrypt: At the top of your application:
require('envenc')(process.env.SOME_SECRET)
Encrypt: When you commit
./node_modules/.bin/envenc $SOME_SECRET
You should do this using a pre-commit
hook. Use husky.
License
MIT