encrypt-env

encrypt-env

Share encrypted environment files through Git

• Basic usage as CLI tool
• In code usage

Basic usage as CLI tool

encrypt-env looks for a file named .encrypt-env.json which is a map of your different environments and their encryption.

{
	"PRODUCTION": {
		"aesKey": "~/.ssh/foo.prod.aes",
		"envFile": ".prod.env"
	},
	"DEVELOPMENT": {
		"aesKey": "~/.ssh/foo.dev.aes",
		"envFile": ".dev.env"
	},
	"STAGING": {
		"aesKey": "~/.ssh/foo.dev.aes",
		"envFile": ".staging.env"
	}
}

You can generate AES keys from the CLI

encrypt-env generate

You can now use the encrypt-env CLI to encrypt and decrypt you environment files:

# decrypt .dev.env.enc and write result to .dev.env
encrypt-env --decrypt --env DEVELOPMENT --write

# decrypt .dev.env.enc and print to console (don't write)
encrypt-env --decrypt --env DEVELOPMENT

# encrypt .dev.env and write result to .dev.env.enc
encrypt-env --env DEVELOPMENT --write

# encrypt .dev.env and print to console (don't write)
encrypt-env --env DEVELOPMENT

Add these commands to your package.json or CLI build tool to automatically decrypt your environment at teste / deploy time

In code usage

You can also use encrypt-env directly in code without having your AES keys on the filesystem.

var encryptEnv = require('encrypt-env')('DEVELOPMENT', {
  "DEVELOPMENT": '6MTPfGGW3GbiW1JG5F1lP9T723MMleRJU'
});

// where encryptedEnv is an encrypted string
var decryptedEnv = encryptEnv.decryptEnv(false, encryptedEnv);