https://github.com/dotenv-org/dotenv-vault-core
DEPRECATED: Use motdotla/dotenv which added support for .env.vault May 30, 2023.
https://github.com/dotenv-org/dotenv-vault-core
Last synced: 8 months ago
JSON representation
DEPRECATED: Use motdotla/dotenv which added support for .env.vault May 30, 2023.
- Host: GitHub
- URL: https://github.com/dotenv-org/dotenv-vault-core
- Owner: dotenv-org
- Created: 2022-10-17T22:33:18.000Z (over 3 years ago)
- Default Branch: master
- Last Pushed: 2023-05-30T18:57:08.000Z (about 3 years ago)
- Last Synced: 2025-03-27T21:12:48.510Z (about 1 year ago)
- Language: JavaScript
- Homepage: https://github.com/motdotla/dotenv
- Size: 344 KB
- Stars: 9
- Watchers: 1
- Forks: 4
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
Awesome Lists containing this project
README
**THIS LIBRARY IS DEPRECATED. USE [dotenv >= 16.1.0](https://github.com/motdotla/dotenv) instead. It added first-class support for decrypting .env.vault files as of May 30, 2023.**
# dotenv-vault-core [](https://www.npmjs.com/package/dotenv-vault-core)
Extends the proven & trusted foundation of [dotenv](https://github.com/motdotla/dotenv), with a `.env.vault` file.
The extended standard lets you sync your `.env` files – quickly & securely. Stop sharing them over insecure channels like Slack and email, and never lose an important `.env` file again.
You need a [Dotenv Account](https://dotenv.org) to use Dotenv Vault. It is free to use with premium features.
**[Create your account](https://dotenv.org/signup)**
## Install
```bash
# install locally (recommended)
npm install dotenv-vault-core --save
```
Or installing with yarn? `yarn add dotenv-vault-core`
## Usage
### `.env`
Basic usage works just like [dotenv](https://github.com/motdotla/dotenv).
Create a .env file in the root of your project:
```dosini
S3_BUCKET=YOURS3BUCKET
SECRET_KEY=YOURSECRETKEYGOESHERE
```
As early as possible in your application, import and configure dotenv:
```javascript
require('dotenv-vault-core').config()
console.log(process.env) // remove this after you've confirmed it is working
```
That's it. `process.env` now has the keys and values you defined in your `.env` file:
```javascript
require('dotenv-vault-core').config()
...
s3.getBucketCors({Bucket: process.env.S3_BUCKET}, function(err, data) {})
```
### `.env.vault`
Extended usage uses a `.env.vault` file that allows you to sync your secrets across machines, team members, and environments.
Usage is similar to git. In the same directory as your `.env` file, run the command:
```shell
npx dotenv-vault new
```
Follow those instructions and then run:
```shell
$ npx dotenv-vault login
```
Then run push and pull:
```shell
$ npx dotenv-vault push
$ npx dotenv-vault pull
```
That's it!
You just synced your `.env` file. Commit your `.env.vault` file to code, and tell your teammates to run `npx dotenv-vault pull`.
### Custom Path (Monorepos)
If you need to specify a custom path, for example in a monorepo, you can specify a `path` param in the `config()` call.
```
require('dotenv-vault-core').config('apps/some-app/.env.vault')
```
## Multiple Environments
Run the command:
```shell
$ npx dotenv-vault open production
```
It will open up an interface to manage your production environment variables.
## Build & Deploy Anywhere
Build your encrypted `.env.vault`:
```shell
$ npx dotenv-vault build
```
Safely commit and push your changes:
```shell
$ git commit -am "Updated .env.vault"
$ git push
```
Obtain your `DOTENV_KEY`:
```shell
$ npx dotenv-vault keys
```
Set `DOTENV_KEY` on your infrastructure. For example, on Heroku:
```shell
$ heroku config:set DOTENV_KEY="dotenv://:key_1234@dotenv.org/vault/.env.vault?environment=production"
```
All set! When your app boots, it will recognize a `DOTENV_KEY` is set, decrypt the `.env.vault` file, and load the variables to `ENV`.
Made a change to your production envs? Run `npx dotenv-vault build`, commit that safely to code, and deploy. It's simple and safe like that.
## Dotenv.org
**[Create your account](https://dotenv.org/signup)**
You need a [Dotenv Account](https://dotenv.org) to use Dotenv Vault. It is free to use with premium features.
Visit [health.dotenv.org](https://health.dotenv.org) for more information.
## FAQ
#### What happens if `DOTENV_KEY` is not set?
Dotenv Vault gracefully falls back to [dotenv](https://github.com/motdotla/dotenv) when `DOTENV_KEY` is not set. This is the default for development so that you can focus on editing your `.env` file and save the `build` command until you are ready to deploy those environment variables changes.
#### Should I commit my `.env` file?
No. We **strongly** recommend against committing your `.env` file to version control. It should only include environment-specific values such as database passwords or API keys. Your production database should have a different password than your development database.
#### Should I commit my `.env.vault` file?
Yes. It is safe and necessary to do so. It contains your encrypted envs, and your vault identifier.
#### What happens if my `.env.vault` is missing?
Dotenv Vault gracefully falls back to [dotenv](https://github.com/motdotla/dotenv) when `.env.vault` is missing. You will receive a warning that it is missing.
#### Can I share the `DOTENV_KEY`?
No. It is the key that unlocks your encrypted environment variables. Be very careful who you share this key with. Do not let it leak.
## Contributing
1. Fork it
2. Create your feature branch (`git checkout -b my-new-feature`)
3. Commit your changes (`git commit -am 'Added some feature'`)
4. Push to the branch (`git push origin my-new-feature`)
5. Create new Pull Request
## Changelog
See [CHANGELOG.md](CHANGELOG.md)
## License
MIT