envconsul
encpass.sh
Our great sponsors
envconsul | encpass.sh | |
---|---|---|
4 | 3 | |
1,993 | 587 | |
0.4% | 0.2% | |
5.9 | 0.0 | |
3 months ago | over 1 year ago | |
Go | Shell | |
Mozilla Public License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
envconsul
- Ask HN: Developers/DevOps, how do you manage environment variables?
-
Can one use Vault to inject environment variables needed to setup on stack up rather than saving them in environment files with docker-compose?
Might not perfectly fit but I think that was one of the ideas behind - https://github.com/hashicorp/envconsul (which can use Vault as a source), and probably to a degree consul-template (though a quick skim of the documentation and I'm not sure if can use Vault as a source.)
-
How to Handle Secrets on the Command Line
You have envchain to store secrets as ENV variables in your keyring and execute commands:
https://github.com/sorah/envchain
Not really something you would use for production web apps, I think envconsul covers that usecase:
https://github.com/hashicorp/envconsul
-
To those who have set up some kind of automatic deployment of their services on pushes to a git repo, how do you manage environment variables/.env files?
Have you looked into Hashicorp's consul + envconsul? You can also encrypt data using their vault.
encpass.sh
-
Could someone review this PKGBUILD that I'm going to submit to the AUR?
https://github.com/plyint/encpass.sh/archive/v${pkgver}/${pkgname}-${pkgver}.tar.gz
-
How to Handle Secrets on the Command Line
The difficulties mentioned in the article with passing secrets on the command line is one of the reasons why we wrote encpass.sh (https://github.com/plyint/encpass.sh). We had a similar need for a lightweight solution for managing secrets for simple shell scripts on our local workstations and in restricted environments. Bonus, it can be easily customized with extension scripts to adapt functions for your own specific needs. See our keybase extension for an example -> https://github.com/plyint/encpass.sh/blob/master/extensions/...
-
Pass: The standard Unix password manager
We made an extension for encpass.sh that stores secrets in Keybase (https://github.com/plyint/encpass.sh/blob/master/extensions/...) if that sort of thing is of interest to you. Outside of personal secrets, it can be used as a sort of low cost stand in for shared secrets that you might use something like Vault for in a team environment.
What are some alternatives?
sops - Simple and flexible tool for managing secrets
OpenKeychain - OpenKeychain is an OpenPGP implementation for Android.
zsh-secrets - Storing GPG encrypted environment variables
wpa2-wordlists - A collection of wordlists dictionaries for password cracking
s6-overlay - s6 overlay for containers (includes execline, s6-linux-utils & a custom init)
dotfiles - Home directory with an absurd amount of tweaks
selfhosted - docker compose + traefik + tailscale
transcrypt - transparently encrypt files within a git repository
envchain - Environment variables meet macOS Keychain and gnome-keyring <3
pass-tomb - A pass extension that helps you keep the whole tree of passwords encrypted inside a Tomb.
platform-compat - Roslyn analyzer that finds usages of APIs that will throw PlatformNotSupportedException on certain platforms.
Android-Password-Store - Android application compatible with ZX2C4's Pass command line application