New project
Create a project on dotenvx-pro.
Watch the Video Tutorial 📺
On GitHub
Create (or use) a repository with .env
file.
$ mkdir projectx
$ echo "HELLO=World" > .env
Encrypt it.
$ dotenvx encrypt
✔ encrypted (.env)
Add .env.keys
to .gitignore
.
$ git init .
$ echo ".env.keys" >> .gitignore
$ git add .
$ git commit -am "initial commit"
$ git remote add origin [email protected]:motdotla/projectx.git
$ git push -u origin main
Now on GitHub, your project should have one (or more) encrypted .env
file(s).
On Pro
Push .env.keys
–creating your project on dotenvx.
$ dotenvx-pro push
✔ pushed (.env)
You might have to run $ dotenvx-pro sync
first–so that the cli has knowledge of your organization.
View the project.
$ dotenvx-pro open
press Enter to open [https://pro.dotenvx.com/gh/motdotla/projectx]... (Y/n)
✔ opened [motdotla/projectx]
It opens your web browser.
Click .env.keys–to view the contents of your .env.keys
file.
Important to note, the DOTENV_PRIVATE_KEY
is now encrypted. This is an additional security feature native to dotenvx-pro. It is encrypted with your organization's public key.
Private Key
Next, check your source code–the .env.keys
file has been deleted locally.
$ ls -1A
.env
.git/
.gitignore
This is by design! Your project's keys are now fully managed by dotenvx-pro. 🏆
To view the private key, use the pro keypair
command.
$ dotenvx-pro keypair --pp
{
"DOTENV_PUBLIC_KEY": "03cde813f7888ad1bf9e23f3f36e1f6ce23a63e8d0a024d6ecdfdba2fd4918659e",
"DOTENV_PRIVATE_KEY": "e38b906d2992e1c80054c934501221ff679473577214c5b78c73b89b178147c1"
}
Run/Get
Inject (and get) your values with dotenvx like you always have. dotenvx-pro
piggy backs on the dotenvx run/get
commands.
$ dotenvx-pro get -pp
{
"DOTENV_PUBLIC_KEY": "03cde813f7888ad1bf9e23f3f36e1f6ce23a63e8d0a024d6ecdfdba2fd4918659e",
"HELLO": "World"
}
Conclusion
Using dotenvx-pro
you've:
- Removed the risk of keeping
.env.keys
locally - Added encryption to your private keys
- Converted your private keys to fully managed
All in just a couple commands. I'd say that's Professional. 🏆
Next let's add a teammate–so they can seamlessly make use of the private key.
Bonus
Where are these stored? They are encrypted and stored locally, using zero-knowledge architecture. You can check the encrypted contents tree with pro settings storetree
.
$ dotenvx-pro settings storetree
├─ .env
└─ pro.dotenvx.com
├─ user-1-organization-1.json
├─ user-1-private-key.json
└─ user-1.json