This gem makes the dotenv gem cooperate nicely with the sekrets gem in order to allow encrypted .env files in your Rails application.
Config files with private tokens, passwords and secrets should not be committed in source-control for security reasons, unless they're encrypted: here it comes DotenvSekrets to the rescue.
When everything is set and done you will need to know/share only the secret key, not the whole configuration which can be safely stored and versioned in your SCM tool.
You can rely on regular dotenv files to locally override the encrypted values inside .env.enc files or similar.
Add this line to your application's Gemfile:
gem 'dotenv_sekrets'And then execute:
$ bundle
Or install it yourself as:
$ gem install dotenv_sekrets
Please read dotenv and sekrets READMEs. For a quick setup you may simply want to:
- create the
.sekrets.keyfile in your rails root and put your secret key code there - create the
.env.encfile and edit the content with the shell commandsekrets edit .env.enc - update
.gitignoreto ignore the.sekrets.keyfile cat .env.encand see the content is encrypted- commit
.env.encinto your SCM - start rails and see the
ENVvariable is populated with the data you put in.env.enc
From the sekrets gem documentation the gem will look for the key in the environment under the env var SEKRETS_KEY in case there is no sekrets.key file.
So to use the gem with travis it is sufficient to add this environment variable
SEKRETS_KEY = <your-sekret-key>
Bug reports and pull requests are welcome on GitHub at https://github.com/mikamai/dotenv_sekrets.
The gem is available as open source under the terms of the MIT License.
