Exenv.Encryption (Exenv v0.4.1) View Source
Provides support for secrets encryption.
Exenv supports file encryption out of the box. As a result, most adapters will
also support encryption. This allows you to keep an encrypted secrets file
checked into your repository. As long as you provide access to a master
key via the env var "MASTER_KEY" or file, you will be able to transparently
load env vars from your encrypted secrets file.
To start using encryption, you must first generate a master key:
mix exenv.master_key /config/master.keyThe above will generate a master key at /config/master.key
You can then encrypt your secrets file:
mix exenv.encrypt /config/master.key /config/.envThe above will encrypt the /config/.env file using the key at /config/master.key
You can also decrypt your secrets at any time if you wish to add to them:
mix exenv.decrypt /config/master.key /config/.env.encThe above will decrypt the /config/.env.enc file using the key at /config/master.key
and create a new file at /config/.env contining the decrypted secrets.
Encryption options are passed along with adapter options. Please consult the options available to individual adapters for further details.
{Exenv.Adapters.Dotenv, [file: "path/to/.env", encryption: true]}Link to this section Summary
Functions
Creates a master key at path.
Decrypts the secrets at path using key.
Encrypts the secrets located at path using key.
Attempts to get the master key.
Link to this section Functions
Specs
Creates a master key at path.
Returns the path to the new master key file.
Specs
Decrypts the secrets at path using key.
Returns the decrypted secrets.
Specs
Encrypts the secrets located at path using key.
Returns the path to the new encrypted file.
Specs
Attempts to get the master key.
If provided path it will read the key from path. If not provided a path,
it will get the contents of the env var "MASTER_KEY".