4 releases

Uses old Rust 2015

0.0.4 Oct 10, 2021
0.0.3 Oct 10, 2021
0.0.2 Oct 10, 2021
0.0.1 Oct 10, 2021

#29 in #transparent

MIT license

9KB
140 lines

cryptenv

Rust

A transparent environment variables decryptor.

  • encrypt with AES-256-CBC

Install

cargo install cryptenv

Usage

Prepare encrypted environment variable

cryptenv --data <(echo -n "THIS IS TOP SECRET")

# password? # input password
# cryptenv://ndDGOi3AUgcB4XOiiimRmfY8lEvoBtYZF8mrappszvuhyjAqtqt2IxIf2iFXx+If

use this URI string for environment variable value.

# ~/.bashrc
TOP_SECRET=cryptenv://ndDGOi3AUgcB4XOiiimRmfY8lEvoBtYZF8mrappszvuhyjAqtqt2IxIf2iFXx+If

Run command with crypted secrets

cryptenv -- env | grep TOP_SECRET

# password? # input password
# TOP_SECRET=THIS IS TOP SECRET

Annoying to type password everytime?

  1. create this function on your ~/.bashrc

    function cryptenv-save() {
        local varname=CRYPTENV_PASSWORD
        if [ ! -v $varname ];then
            read -s -p 'password? ' $varname
            echo
            export $varname
        fi
        cryptenv --password-from $varname $@
    }
    
  2. then use cryptenv-save instead of cryptenv

    cryptenv-save -- env | grep TOP_SECRET
    
    • the password is required at first time
    • after that, the password stored in the env var of the shell

Dependencies

~4–5.5MB
~109K SLoC