ENVCRYPT

envcrypt is an encrypt/decrypt CLI tool that was built for the purpose of storing encrypted (AES-256) .env files in version control. By default, envcrpyt will take a .env file and create an encrypted .envcrypt file. The unencrypted .env file should not be committed to version control. The .envcrypt file can be. When checking out a repository with an

Usage

1. Add @jaketig/envcrypt as a dev dependency

npm install @jaketig/envcrypt --save-dev

2. Use the CLI

envcrypt <command> [options] 

Commands

Command	Alias	Description
encrypt	e, enc	Encrypt the contents of the input file and save them to the output file
decrypt	d, dec	Encrypt the contents of the input file and save them to the output file

Options

Option	Alias	Description
--key		Encryption key used to encrypt/decrypt contents. Optional, will prompt if not passed
--input	--in	Source File (should be added to .gitignore) encrypt: the file to be encrypted (default: ./env); decrypt: the file to be decrypted. (default: ./envcrypt)
--output	--out	Destination File (will overwrite if exists) encrypt: filepath for the encrypted result (default: ./envcrypt); decrypt: filepath for the encrypted result (default: ./env)

Examples

Bare Minimum Encryption

envcrypt e

• will prompt for secret key
• will encrypt .env to .envcrypt

Bare Minimum Decryption

envcrypt d

• will prompt for secret key
• will decrypt .envcrypt to .env

Pass Key

envcrypt d --key=supersecret

• will decrypt .envcrypt to .env

Specify Input/Outpu

envcrypt d --in="./file_to_decrypt" --out="./dest_file" --key=supersecret