{"id":18842687,"url":"https://github.com/dotenv-org/godotenvvault","last_synced_at":"2025-08-07T07:20:42.446Z","repository":{"id":154011490,"uuid":"629706204","full_name":"dotenv-org/godotenvvault","owner":"dotenv-org","description":"Load environment variables from encrypted .env.vault files","archived":false,"fork":false,"pushed_at":"2023-04-27T23:31:32.000Z","size":47,"stargazers_count":18,"open_issues_count":1,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-27T21:21:52.958Z","etag":null,"topics":["configuration","dotenv","encryption","environment","environment-variables"],"latest_commit_sha":null,"homepage":"https://www.dotenv.org/docs/languages/go","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dotenv-org.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-04-18T21:33:57.000Z","updated_at":"2025-03-13T20:15:08.000Z","dependencies_parsed_at":"2023-09-26T10:15:38.277Z","dependency_job_id":null,"html_url":"https://github.com/dotenv-org/godotenvvault","commit_stats":{"total_commits":27,"total_committers":2,"mean_commits":13.5,"dds":0.4444444444444444,"last_synced_commit":"5e581e122dd7973d967a70fb8a513124eedf9c39"},"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fgodotenvvault","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fgodotenvvault/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fgodotenvvault/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fgodotenvvault/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dotenv-org","download_url":"https://codeload.github.com/dotenv-org/godotenvvault/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248839439,"owners_count":21169817,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["configuration","dotenv","encryption","environment","environment-variables"],"created_at":"2024-11-08T02:55:27.999Z","updated_at":"2025-04-14T07:31:50.273Z","avatar_url":"https://github.com/dotenv-org.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GoDotEnvVault [![Go project version](https://badge.fury.io/go/github.com%2Fdotenv-org%2Fgodotenvvault.svg)](https://badge.fury.io/go/github.com%2Fdotenv-org%2Fgodotenvvault)\n\n\u003cimg src=\"https://raw.githubusercontent.com/motdotla/dotenv/master/dotenv.svg\" alt=\"dotenv\" align=\"right\" width=\"200\" /\u003e\n\nExtends the proven \u0026 trusted foundation of [godotenv](https://github.com/joho/godotenv), with `.env.vault` file support.\n\nThe extended standard lets you load encrypted secrets from your `.env.vault` file in production (and other) environments. Brought to you by the same people that pioneered [dotenv-nodejs](https://github.com/motdotla/dotenv).\n\n![CI workflow](https://github.com/dotenv-org/godotenvvault/actions/workflows/ci.yml/badge.svg)\n[![LICENSE](https://img.shields.io/github/license/dotenv-org/godotenvvault.svg)](LICENSE)\n\n* [🌱 Install](#-install)\n* [🏗️ Usage (.env)](#%EF%B8%8F-usage)\n* [🚀 Deploying (.env.vault) 🆕](#-deploying)\n* [🌴 Multiple Environments](#-manage-multiple-environments)\n* [❓ FAQ](#-faq)\n* [⏱️ Changelog](./CHANGELOG.md)\n\n## 🌱 Install\n\n```shell\ngo get github.com/dotenv-org/godotenvvault\n```\n\n## 🏗️ Usage\n\nDevelopment usage works just like [godotenv](https://github.com/joho/godotenv).\n\nAdd your application configuration to your `.env` file in the root of your project:\n\n```shell\n# .env\nS3_BUCKET=YOURS3BUCKET\nSECRET_KEY=YOURSECRETKEYGOESHERE\n```\n\nAs early as possible in your application, import and configure godotenvvault:\n\n```\npackage main\n\nimport (\n    \"log\"\n    \"os\"\n\n    \"github.com/dotenv-org/godotenvvault\"\n)\n\nfunc main() {\n  err := godotenvvault.Load()\n  if err != nil {\n    log.Fatal(\"Error loading .env file\")\n  }\n\n  s3Bucket := os.Getenv(\"S3_BUCKET\")\n  secretKey := os.Getenv(\"SECRET_KEY\")\n\n  // now do something with s3 or whatever\n}\n```\n\nThat's it! `os.Getenv` has the keys and values you defined in your .env file. Continue using it this way in development. It works just like [godotenv](https://github.com/joho/godotenv).\n\nIf you don't want `godotenvvault` to modify your program's environment\ndirectly, you can just load and decrypt the `.env.vault` file and get\nthe result as a map by doing:\n\n```go\nvar myEnv map[string]string\nmyEnv, err := godotenvvault.Read()\n\ns3Bucket := myEnv[\"S3_BUCKET\"]\n```\n\n## 🚀 Deploying\n\nEncrypt your environment settings by doing:\n\n```shell\nnpx dotenv-vault local build\n```\n\nThis will create an encrypted `.env.vault` file along with a\n`.env.keys` file containing the encryption keys. Set the\n`DOTENV_KEY` environment variable by copying and pasting\nthe key value from the `.env.keys` file onto your server\nor cloud provider. For example in heroku:\n\n```shell\nheroku config:set DOTENV_KEY=\u003ckey string from .env.keys\u003e\n```\n\nCommit your .env.vault file safely to code and deploy. Your .env.vault fill be decrypted on boot, its environment variables injected, and your app work as expected.\n\nNote that when the `DOTENV_KEY` environment variable is set,\nenvironment settings will *always* be loaded from the `.env.vault`\nfile in the project root. For development use, you can leave the\n`DOTENV_KEY` environment variable unset and fall back on the\n`godotenv` behaviour of loading from `.env` or a specified set of\nfiles (see [here in the `gotodenv`\nREADME](https://github.com/joho/godotenv#usage) for the details).\n\n## 🌴 Manage Multiple Environments\n\nYou have two options for managing multiple environments - locally managed or vault managed - both use [dotenv-vault](https://github.com/dotenv-org/dotenv-vault).\n\nLocally managed never makes a remote API call. It is completely managed on your machine. Vault managed adds conveniences like backing up your .env file, secure sharing across your team, access permissions, and version history. Choose what works best for you.\n\n#### 💻 Locally Managed\n\nCreate a `.env.production` file in the root of your project and put your production values there.\n\n```shell\n# .env.production\nS3_BUCKET=\"PRODUCTION_S3BUCKET\"\nSECRET_KEY=\"PRODUCTION_SECRETKEYGOESHERE\"\n```\n\nRebuild your `.env.vault` file.\n\n```shell\nnpx dotenv-vault local build\n```\n\nView your `.env.keys` file. There is a production `DOTENV_KEY` that pairs with the `DOTENV_VAULT_PRODUCTION` cipher in your `.env.vault` file.\n\nSet the production `DOTENV_KEY` on your server, recommit your `.env.vault` file to code, and deploy. That's it!\n\nYour .env.vault fill be decrypted on boot, its production environment variables injected, and your app work as expected.\n\n#### 🔐 Vault Managed\n\nSync your .env file. Run the push command and follow the instructions. [learn more](/docs/sync/quickstart)\n\n```\n$ npx dotenv-vault push\n```\n\nManage multiple environments with the included UI. [learn more](/docs/tutorials/environments)\n\n```\n$ npx dotenv-vault open\n```\n\nBuild your `.env.vault` file with multiple environments.\n\n```\n$ npx dotenv-vault build\n```\n\nAccess your `DOTENV_KEY`.\n\n```\n$ npx dotenv-vault keys\n```\n\nSet the production `DOTENV_KEY` on your server, recommit your `.env.vault` file to code, and deploy. That's it!\n\n## ❓ FAQ\n\n#### What happens if `DOTENV_KEY` is not set?\n\nDotenv Vault gracefully falls back to\n[godotenv](https://github.com/joho/godotenv) when `DOTENV_KEY` is not\nset. This is the default for development so that you can focus on\nediting your `.env` file and save the `build` command until you are\nready to deploy those environment variables changes.\n\n#### Should I commit my `.env` file?\n\nNo. We **strongly** recommend against committing your `.env` file to\nversion control. It should only include environment-specific values\nsuch as database passwords or API keys. Your production database\nshould have a different password than your development database.\n\n#### Should I commit my `.env.vault` file?\n\nYes. It is safe and recommended to do so. It contains your encrypted\nenvs, and your vault identifier.\n\n#### Can I share the `DOTENV_KEY`?\n\nNo. It is the key that unlocks your encrypted environment variables.\nBe very careful who you share this key with. Do not let it leak.\n\n## Contributing\n\n1. Fork it\n2. Create your feature branch (`git checkout -b my-new-feature`)\n3. Commit your changes (`git commit -am 'Added some feature'`)\n4. Push to the branch (`git push origin my-new-feature`)\n5. Create new Pull Request\n\n## Changelog\n\nSee [CHANGELOG.md](CHANGELOG.md)\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdotenv-org%2Fgodotenvvault","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdotenv-org%2Fgodotenvvault","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdotenv-org%2Fgodotenvvault/lists"}