README
¶
envenc
Description
Secures your .env files with a password. Works similarly to ansible-vault.
A user friendly CLI interface to create and manage .env.vault files.
In addition provides a convenient web based user interface to manage your .env.vault files.
CLI Usage
-
Leave your public variables in your
.envfile. -
Create a new
.env.vaultfile using envenc.
$> ./envenc init .env.vault
- Add your private variables to the
.env.vaultfile.
$> ./envenc key-set .env.vault
- Use the vault file in your project.
$> keys := env.KeyListFromFile(password, ".env.vault")
Web UI Usage
The web ui is a simple user interface to manage your .env.vault files.
It provides a convenient and fast way to visually manage your keys.
To run the web ui use:
$> ./envenc ui .env.vault
Screenshots
The web interface is simple and straightforward to use.
- Login Screen
- Add New Key
- List Keys
- Update Key
- Delete Key
Installation
Installation as a standalone executable (binary)
-
Download the binary for your platform from the latest release
-
You may install it globally, or use as standalone executable
-
To use it globally on Linux, add to your
$PATH
$> mkdir -p ~/.local/bin
$> cp envenc ~/.local/bin
$> chmod +x ~/.local/bin/envenc
- To use it globally on Windows, add to your
$PATH
$> mkdir -p %USERPROFILE%\.local\bin
$> cp envenc.exe %USERPROFILE%\.local\bin
Installation as a module in your project
- Install the module with
go get
$> go get github.com/gouniverse/envenc
Example Usage:
- To create a new vault file
$> ./envenc init .env.vault
- To set a new key-value pair
$> ./envenc key-set .env.vault
- To list all key-value pairs
$> ./envenc key-list .env.vault
- To remove a key-value pair
$> ./envenc key-remove .env.vault
- To obfuscate a string
$> ./envenc obfuscate
- To deobfuscate a string
$> ./envenc deobfuscate
TODO
Similar
Documentation
¶
Index ¶
- func Decrypt(input string, password string) (string, error)
- func Deobfuscate(input string) (string, error)
- func Encrypt(input string, password string) (string, error)
- func Init(vaultFilePath string, vaultPassword string) error
- func KeyExists(vaultFilePath string, vaultPassword string, key string) (bool, error)
- func KeyGet(vaultFilePath string, vaultPassword string, keyName string) (string, error)
- func KeyListFromFile(vaultFilePath string, vaultPassword string) (map[string]string, error)
- func KeyListFromString(vaultString string, vaultPassword string) (map[string]string, error)
- func KeyRemove(vaultFilePath string, vaultPassword string, keyName string) error
- func KeySet(vaultFilePath string, vaultPassword string, keyName string, keyValue string) error
- func Obfuscate(input string) (string, error)
- type Cli
- func (c *Cli) AskKeyName() (string, errorMessage string)
- func (c *Cli) AskKeyValue() (string, errorMessage string)
- func (c *Cli) AskVaultPassword() (string, errorMessage string)
- func (c *Cli) AskVaultPasswordWithConfirm() (string, errorMessage string)
- func (c *Cli) AskVaultPath() (string, errorMessage string)
- func (c *Cli) Decrypt(args []string)
- func (c *Cli) Deobfuscate(args []string)
- func (c *Cli) Encrypt(args []string)
- func (c *Cli) FindVaultPathFromArgs(args []string) (filePath string, errorMessage string)
- func (c *Cli) Help(_ []string)
- func (c *Cli) Obfuscate(args []string)
- func (c *Cli) Run(args []string)
- func (c *Cli) UI(args []string)
- func (c *Cli) VaultInit(args []string)
- func (c *Cli) VaultKeyGet(args []string)
- func (c *Cli) VaultKeyList(args []string)
- func (c *Cli) VaultKeyRemove(args []string)
- func (c *Cli) VaultKeySet(args []string)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Deobfuscate ¶ added in v0.3.0
Deobfuscate deobfuscates an ASCII string (not-compatible with Unicode)
Parameters:
- input: string to deobfuscate
Returns:
- string: deobfuscated string
- error: error if any
func KeyExists ¶
KeyExists checks if a key exists in the vault
Buisiness logic:
- Open the vault file
- Check if the key exists in the vault
Parameters:
- vaultFilePath: The path to the vault file
- vaultPassword: The password to use for the vault
- key: The name of the key to check
Returns:
- bool: True if the key exists, false otherwise
- error: An error if the key could not be retrieved
func KeyGet ¶
KeyGet gets a key from the vault
Buisiness logic:
- Open the vault file
- Get the key from the vault
- Save the vault file
Parameters:
- vaultFilePath: The path to the vault file
- vaultPassword: The password to use for the vault
- keyName: The name of the key to get
Returns:
- string: The value of the key
- error: An error if the key could not be retrieved
func KeyListFromFile ¶ added in v0.5.0
KeyListFromFile lists all keys in the vault
Buisiness logic:
- Open the vault file
- Get the keys from the vault
Parameters:
- vaultFilePath: The path to the vault file
- vaultPassword: The password to use for the vault
Returns:
- map[string]string: A map of keys and their values
- error: An error if the keys could not be retrieved
func KeyListFromString ¶ added in v0.5.0
KeyListFromString lists all keys in the vault
Buisiness logic:
- Open the vault from string
- Get the keys from the vault
Parameters:
- vaultString: The string representation of the vault
- vaultPassword: The password to use for the vault
Returns:
- map[string]string: A map of keys and their values
- error: An error if the keys could not be retrieved
func KeyRemove ¶
KeyRemove removes a key from the vault
Buisiness logic:
- Open the vault file
- Remove the key from the vault
- Save the vault file
Parameters:
- vaultFilePath: The path to the vault file
- vaultPassword: The password to use for the vault
- keyName: The name of the key to remove
Returns:
- error: An error if the key could not be removed
func KeySet ¶
KeySet sets a key in the vault
Buisiness logic:
- Open the vault file
- Set the key in the vault (if it doesn't exist, create it, otherwise update it)
- Save the vault file
Parameters:
- vaultFilePath: The path to the vault file
- vaultPassword: The password to use for the vault
- keyName: The name of the key to set
- keyValue: The value of the key to set
Returns:
- error: An error if the key could not be set
Types ¶
type Cli ¶
type Cli struct {
// contains filtered or unexported fields
}
func (*Cli) AskKeyName ¶ added in v0.8.0
AskKeyName asks the user to enter the name of the key
Buisiness logic:
- Ask the user to enter the name of the key
- If the user enters an empty name, return an error
- If the name contains spaces, return an error
- Otherwise return the name
func (*Cli) AskKeyValue ¶ added in v0.8.0
AskKeyValue asks the user to enter the value of the key
Buisiness logic:
- Ask the user to enter the value of the key (allowing multiline)
- If the user enters an empty value, do not return an error, it is ok
- Otherwise return the value
func (*Cli) AskVaultPassword ¶ added in v0.8.0
AskVaultPassword asks the user to enter a password
Buisiness logic:
- Ask the user to enter a password
- If the user enters an empty password, return an error
- Otherwise return the password
func (*Cli) AskVaultPasswordWithConfirm ¶ added in v0.8.0
AskVaultPasswordWithConfirm asks the user to enter a password and confirm it
Buisiness logic:
- Ask the user to enter a password
- If the user enters an empty password, return an error
- Confirm the password to avoid any spelling mistakes
- If the password and confirmation do not match, return an error
- Otherwise return the password
func (*Cli) AskVaultPath ¶ added in v0.8.0
AskVaultPath asks the user to enter the path to the vault file
Buisiness logic:
- Ask the user to enter the path to the vault file
- If the user enters an empty path, return an error
- To confirm its a .vault file, we check the extension
- If the extension is not .vault, return an error
- Otherwise return the file path
func (*Cli) Deobfuscate ¶ added in v0.8.0
func (*Cli) FindVaultPathFromArgs ¶ added in v0.8.0
FindVaultPathFromArgs finds the file path from the arguments, if provided
Buisiness logic:
- If the arguments are empty, return an empty file path
- We expect the first argument to be the file path
- To confirm its a .vault file, we check the extension
- If the extension is not .vault, return an error
- Otherwise return the file path
Parameters:
- args: The command line arguments (excluding the executable, and the command names)
Returns:
- filePath: The file path
- errorMessage: The error message
func (*Cli) Run ¶ added in v0.8.0
Run executes the command
It expects a command with the second argument being the command ¶
Buisiness logic:
- Parse command line arguments
- First argument is the name of the executable, ignore it
- Second argument is the command
- If there is no command, help is shown as default
- If the command is unknown, help is shown as default
- Otherwise execute the command
Parameters
- args: The command line arguments
Returns
- None
func (*Cli) UI ¶ added in v0.8.0
UI is the web user interface
Example: $> envenc ui $> envenc ui 123.vault $> envenc ui 123.vault --address 127.0.0.1:38080
func (*Cli) VaultInit ¶ added in v0.8.0
VaultInit initializes a new vault file
Buisiness logic:
- If the vault file is provided as an argument, use it
- If the vault file is not provided, ask for it
- Check that the vault file does not exist already
- Ask for the password to use for the vault
- Confirm the password to avoid any spelling mistakes
- Create the vault file
Examples: $> envenc init $> envenc init 123.vault
func (*Cli) VaultKeyGet ¶ added in v0.8.0
VaultKeyGet gets a key from the vault
Buisiness logic:
- If the vault file is provided as an argument, use it
- If the vault file is not provided, ask for it
- Check that the vault file exists
- Ask for the password to use for the vault
- Open the vault file, to confirm the password is correct
- Ask for the key's name to get
- Get the key from the vault
Examples: $> envenc key-get $> envenc key-get 123.vault
func (*Cli) VaultKeyList ¶ added in v0.8.0
VaultKeyList lists the keys in the vault
Buisiness logic:
- If the vault file is provided as an argument, use it
- If the vault file is not provided, ask for it
- Check that the vault file exists
- Ask for the password to use for the vault
- Open the vault file, to confirm the password is correct
- List the keys in the vault
Example: $> envenc vault-key-list $> envenc vault-key-list 123.vault
func (*Cli) VaultKeyRemove ¶ added in v0.8.0
VaultKeyRemove removes a key from the vault
Buisiness logic:
- If the vault file is provided as an argument, use it
- If the vault file is not provided, ask for it
- Check that the vault file exists
- Ask for the password to use for the vault
- Open the vault file, to confirm the password is correct
- Ask for the key's name to remove
- Remove the key from the vault
Examples: $> envenc key-remove $> envenc key-remove 123.vault
func (*Cli) VaultKeySet ¶ added in v0.8.0
VaultKeySet sets a key in the vault
Buisiness logic:
- If the vault file is provided as an argument, use it
- If the vault file is not provided, ask for it
- Check that the vault file exists
- Ask for the password to use for the vault
- Open the vault file, to confirm the password is correct
- Ask for the key's name to set
- Ask for the key's value to set (must support multiline)
- Set the key in the vault
- Close the vault file
- Ask the user if he wants to add another key
- If the user wants to add another key, repeat the process
Examples: $> envenc key-set $> envenc key-set 123.vault
Source Files
Directories