A modern web application for managing environment variables securely.
Secretly is a simple web service with an intuitive interface that helps you manage environment variables from a centralized location. It supports multiple environments and provides a REST API for runtime access to your environment variables. Use this as an internal service to securely manage and retrieve your environment configuration.
The easiest way to run Secretly is using Docker:
docker run -d \
--name secretly \
-p 8080:8080 \
-v $(pwd)/data:/app/data \
rodrwan/secretly:latestThen open your browser at http://localhost:8080
version: '3.8'
services:
secretly:
image: rodrwan/secretly:latest
ports:
- "8080:8080"
volumes:
- ./data:/app/dataSave as docker-compose.yml and run:
docker-compose up -dThe following environment variables can be configured:
PORT: Port to run the server on (default: 8080)
Example with custom configuration:
docker run -d \
--name secretly \
-p 9000:9000 \
-v $(pwd)/data:/app/data \
-e PORT=9000 \
rodrwan/secretly:latestIf you want to contribute or run from source:
- Go 1.24 or later
- Docker and Docker Compose
- Make
- Clone the repository:
git clone https://github.com/rodrwan/secretly.git
cd secretly- Run with Make:
make help # Show available commands
make dev # Run locally
make docker-dev # Run with Docker- Install dependencies:
go mod download- Generate template files:
make generate-templ- Run the application:
go run cmd/server/main.go- Modern web interface for managing environment variables
- Secure storage of sensitive data
- RESTful API for programmatic access
- Docker support for easy deployment
- Dark theme optimized for developers
For detailed deployment guides and advanced configurations, check out our documentation:
- Docker Compose Guide - Complete guide for Docker Compose deployment
- Kubernetes Guide - Complete guide for Kubernetes deployment
- Documentation Index - Overview of all available documentation
Docker Compose:
git clone https://github.com/rodrwan/secretly.git
cd secretly
docker-compose up -dKubernetes:
kubectl apply -f docs/k8s/namespace.yaml
kubectl apply -f docs/k8s/configmap.yaml
kubectl apply -f docs/k8s/pvc.yaml
kubectl apply -f docs/k8s/deployment.yaml
kubectl apply -f docs/k8s/service.yamlOr use our deployment script:
cd docs/k8s
./deploy.sh dev # for development
./deploy.sh prod # for productionGET /api/v1/env: Get all environment variablesPOST /api/v1/env: Update environment variablesGET /api/v1/env/{key}: Get a specific environment variable
Add Secretly to your Go project:
go get github.com/rodrwan/secretlypackage main
import (
"fmt"
"log"
"github.com/rodrwan/secretly/pkg/secretly"
)
func main() {
// Create a new client
client := secretly.New(
secretly.WithBaseURL("http://localhost:8080"),
secretly.WithTimeout(5 * time.Second),
)
// Get all environment variables
envs, err := client.GetAll()
if err != nil {
log.Fatalf("failed to get env: %v", err)
}
fmt.Println(envs)
env, err := client.GetEnvironmentByName("development")
if err != nil {
log.Fatalf("failed to get env: %v", err)
}
fmt.Println(env)
}The client can be configured with the following options:
client := secretly.New(
secretly.WithBaseURL("http://localhost:8080"), // Set custom base URL
secretly.WithTimeout(5 * time.Second), // Set custom timeout
)TODO: Create this in the future.
value, err := client.Get("DATABASE_URL")
if err != nil {
if secretly.IsNotFound(err) {
// Handle not found error
} else if secretly.IsUnauthorized(err) {
// Handle unauthorized error
} else {
// Handle other errors
}
}- Caching: Consider caching environment variables locally
- Fallbacks: Always provide fallback values for critical variables
- Health Checks: Implement health checks for the Secretly service
- Error Handling: Handle all possible error cases gracefully
MIT License - see LICENSE file for details