4 releases

Uses old Rust 2015

0.0.4	Oct 10, 2021
0.0.3	Oct 10, 2021
0.0.2	Oct 10, 2021
0.0.1	Oct 10, 2021

#29 in #transparent

MIT license

9KB
140 lines

`cryptenv`

A transparent environment variables decryptor.

encrypt with AES-256-CBC

Install

cargo install cryptenv

Usage

Prepare encrypted environment variable

cryptenv --data <(echo -n "THIS IS TOP SECRET")

# password? # input password
# cryptenv://ndDGOi3AUgcB4XOiiimRmfY8lEvoBtYZF8mrappszvuhyjAqtqt2IxIf2iFXx+If

use this URI string for environment variable value.

# ~/.bashrc
TOP_SECRET=cryptenv://ndDGOi3AUgcB4XOiiimRmfY8lEvoBtYZF8mrappszvuhyjAqtqt2IxIf2iFXx+If

Run command with crypted secrets

cryptenv -- env | grep TOP_SECRET

# password? # input password
# TOP_SECRET=THIS IS TOP SECRET

Annoying to type password everytime?

create this function on your ~/.bashrc

function cryptenv-save() {
    local varname=CRYPTENV_PASSWORD
    if [ ! -v $varname ];then
        read -s -p 'password? ' $varname
        echo
        export $varname
    fi
    cryptenv --password-from $varname $@
}

then use cryptenv-save instead of cryptenv
```
cryptenv-save -- env | grep TOP_SECRET
```
- the password is required at first time
- after that, the password stored in the env var of the shell

Dependencies

~4–5.5MB
~109K SLoC